1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
25 password: 'my super password'
28 // ---------------------------------------------------------------
30 before(async function () {
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
38 await setAccessTokensToServers([ server ])
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
65 statusCodeExpected: 401
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
73 token: userAccessToken,
74 statusCodeExpected: 403
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
82 email: 'test@example.com',
83 password: 'my super password',
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 it('Should succeed with the correct params', async function () {
183 await makePostBodyRequest({
186 token: server.accessToken,
187 fields: baseCorrectParams,
188 statusCodeExpected: 200
192 it('Should fail with a non admin user', async function () {
195 password: 'my super password'
197 userAccessToken = await userLogin(server, user)
201 email: 'test@example.com',
202 password: 'my super password',
205 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
209 describe('When updating my account', function () {
210 it('Should fail with an invalid email attribute', async function () {
215 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
218 it('Should fail with a too small password', async function () {
223 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
226 it('Should fail with a too long password', async function () {
228 password: 'super'.repeat(61)
231 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
234 it('Should fail with an invalid display NSFW attribute', async function () {
239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
242 it('Should fail with an invalid autoPlayVideo attribute', async function () {
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
250 it('Should fail with an non authenticated user', async function () {
252 password: 'my super password'
255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
258 it('Should fail with a too long description', async function () {
260 description: 'super'.repeat(60)
263 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
266 it('Should succeed with the correct params', async function () {
268 password: 'my super password',
270 autoPlayVideo: false,
271 email: 'super_email@example.com'
274 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
278 describe('When updating my avatar', function () {
279 it('Should fail without an incorrect input file', async function () {
282 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
284 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
287 it('Should fail with a big file', async function () {
290 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
292 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
295 it('Should succeed with the correct params', async function () {
298 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
300 await makeUploadRequest({
302 path: path + '/me/avatar/pick',
303 token: server.accessToken,
306 statusCodeExpected: 200
311 describe('When updating a user', function () {
313 before(async function () {
314 const res = await getUsersList(server.url, server.accessToken)
316 userId = res.body.data[1].id
317 rootId = res.body.data[2].id
320 it('Should fail with an invalid email attribute', async function () {
325 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
328 it('Should fail with an invalid videoQuota attribute', async function () {
333 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
336 it('Should fail with an invalid user role attribute', async function () {
341 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
344 it('Should fail with an non authenticated user', async function () {
349 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
352 it('Should fail when updating root role', async function () {
354 role: UserRole.MODERATOR
357 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
360 it('Should succeed with the correct params', async function () {
362 email: 'email@example.com',
364 role: UserRole.MODERATOR
367 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
368 userAccessToken = await userLogin(server, user)
372 describe('When getting my information', function () {
373 it('Should fail with a non authenticated user', async function () {
374 await getMyUserInformation(server.url, 'fake_token', 401)
377 it('Should success with the correct parameters', async function () {
378 await getMyUserInformation(server.url, userAccessToken)
382 describe('When getting my video rating', function () {
383 it('Should fail with a non authenticated user', async function () {
384 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
387 it('Should fail with an incorrect video uuid', async function () {
388 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
391 it('Should fail with an unknown video', async function () {
392 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
395 it('Should succeed with the correct parameters', async function () {
396 await getMyUserVideoRating(server.url, server.accessToken, videoId)
400 describe('When removing an user', function () {
401 it('Should fail with an incorrect id', async function () {
402 await removeUser(server.url, 'blabla', server.accessToken, 400)
405 it('Should fail with the root user', async function () {
406 await removeUser(server.url, rootId, server.accessToken, 400)
409 it('Should return 404 with a non existing id', async function () {
410 await removeUser(server.url, 4545454, server.accessToken, 404)
414 describe('When register a new user', function () {
415 const registrationPath = path + '/register'
416 const baseCorrectParams = {
418 email: 'test3@example.com',
419 password: 'my super password'
422 it('Should fail with a too small username', async function () {
423 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
425 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
428 it('Should fail with a too long username', async function () {
429 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
431 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
434 it('Should fail with an incorrect username', async function () {
435 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
437 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
440 it('Should fail with a missing email', async function () {
441 const fields = omit(baseCorrectParams, 'email')
443 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
446 it('Should fail with an invalid email', async function () {
447 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
449 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
452 it('Should fail with a too small password', async function () {
453 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
455 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
458 it('Should fail with a too long password', async function () {
459 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
461 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
464 it('Should fail if we register a user with the same username', async function () {
465 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
467 await makePostBodyRequest({
469 path: registrationPath,
470 token: server.accessToken,
472 statusCodeExpected: 409
476 it('Should fail if we register a user with the same email', async function () {
477 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
479 await makePostBodyRequest({
481 path: registrationPath,
482 token: server.accessToken,
484 statusCodeExpected: 409
488 it('Should succeed with the correct params', async function () {
489 await makePostBodyRequest({
491 path: registrationPath,
492 token: server.accessToken,
493 fields: baseCorrectParams,
494 statusCodeExpected: 204
498 it('Should fail on a server with registration disabled', async function () {
501 email: 'test4@example.com',
502 password: 'my super password 4'
505 await makePostBodyRequest({
506 url: serverWithRegistrationDisabled.url,
507 path: registrationPath,
508 token: serverWithRegistrationDisabled.accessToken,
510 statusCodeExpected: 403
515 describe('When registering multiple users on a server with users limit', function () {
516 it('Should fail when after 3 registrations', async function () {
517 await registerUser(server.url, 'user42', 'super password', 403)
521 describe('When having a video quota', function () {
522 it('Should fail with a user having too many video', async function () {
526 accessToken: server.accessToken,
530 await uploadVideo(server.url, server.accessToken, {}, 403)
533 it('Should fail with a registered user having too many video', async function () {
538 password: 'my super password'
540 userAccessToken = await userLogin(server, user)
542 const videoAttributes = { fixture: 'video_short2.webm' }
543 await uploadVideo(server.url, userAccessToken, videoAttributes)
544 await uploadVideo(server.url, userAccessToken, videoAttributes)
545 await uploadVideo(server.url, userAccessToken, videoAttributes)
546 await uploadVideo(server.url, userAccessToken, videoAttributes)
547 await uploadVideo(server.url, userAccessToken, videoAttributes)
548 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
552 describe('When asking a password reset', function () {
553 const path = '/api/v1/users/ask-reset-password'
555 it('Should fail with a missing email', async function () {
558 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
561 it('Should fail with an invalid email', async function () {
562 const fields = { email: 'hello' }
564 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
567 it('Should success with the correct params', async function () {
568 const fields = { email: 'admin@example.com' }
570 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
574 after(async function () {
575 killallServers([ server, serverWithRegistrationDisabled ])
577 // Keep the logs if the test failed