1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { omit } from 'lodash'
5 import { User, UserRole, VideoCreateResult } from '../../../../shared'
6 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
9 buildAbsoluteFixturePath,
25 renewUserScopedTokens,
28 setAccessTokensToServers,
32 } from '../../../../shared/extra-utils'
33 import { MockSmtpServer } from '../../../../shared/extra-utils/mock-servers/mock-email'
35 checkBadCountPagination,
36 checkBadSortPagination,
37 checkBadStartPagination
38 } from '../../../../shared/extra-utils/requests/check-api-params'
39 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
41 describe('Test users API validators', function () {
42 const path = '/api/v1/users/'
45 let moderatorId: number
46 let video: VideoCreateResult
47 let server: ServerInfo
48 let serverWithRegistrationDisabled: ServerInfo
49 let userAccessToken = ''
50 let moderatorAccessToken = ''
52 let overrideConfig: Object
54 // ---------------------------------------------------------------
56 before(async function () {
59 const emails: object[] = []
60 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
62 overrideConfig = { signup: { limit: 8 } }
65 const res = await Promise.all([
66 flushAndRunServer(1, overrideConfig),
71 serverWithRegistrationDisabled = res[1]
73 await setAccessTokensToServers([ server ])
79 password: 'my super password'
82 const videoQuota = 42000000
85 accessToken: server.accessToken,
86 username: user.username,
87 password: user.password,
88 videoQuota: videoQuota
90 userAccessToken = await userLogin(server, user)
95 username: 'moderator1',
96 password: 'super password'
101 accessToken: server.accessToken,
102 username: moderator.username,
103 password: moderator.password,
104 role: UserRole.MODERATOR
107 moderatorAccessToken = await userLogin(server, moderator)
112 username: 'moderator2',
113 password: 'super password'
118 accessToken: server.accessToken,
119 username: moderator.username,
120 password: moderator.password,
121 role: UserRole.MODERATOR
126 const res = await uploadVideo(server.url, server.accessToken, {})
127 video = res.body.video
131 const res = await getUsersList(server.url, server.accessToken)
132 const users: User[] = res.body.data
134 userId = users.find(u => u.username === 'user1').id
135 rootId = users.find(u => u.username === 'root').id
136 moderatorId = users.find(u => u.username === 'moderator2').id
140 describe('When listing users', function () {
141 it('Should fail with a bad start pagination', async function () {
142 await checkBadStartPagination(server.url, path, server.accessToken)
145 it('Should fail with a bad count pagination', async function () {
146 await checkBadCountPagination(server.url, path, server.accessToken)
149 it('Should fail with an incorrect sort', async function () {
150 await checkBadSortPagination(server.url, path, server.accessToken)
153 it('Should fail with a non authenticated user', async function () {
154 await makeGetRequest({
157 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
161 it('Should fail with a non admin user', async function () {
162 await makeGetRequest({
165 token: userAccessToken,
166 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
171 describe('When adding a new user', function () {
172 const baseCorrectParams = {
174 email: 'test@example.com',
175 password: 'my super password',
179 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
182 it('Should fail with a too small username', async function () {
183 const fields = { ...baseCorrectParams, username: '' }
185 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
188 it('Should fail with a too long username', async function () {
189 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
191 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
194 it('Should fail with a not lowercase username', async function () {
195 const fields = { ...baseCorrectParams, username: 'Toto' }
197 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
200 it('Should fail with an incorrect username', async function () {
201 const fields = { ...baseCorrectParams, username: 'my username' }
203 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
206 it('Should fail with a missing email', async function () {
207 const fields = omit(baseCorrectParams, 'email')
209 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
212 it('Should fail with an invalid email', async function () {
213 const fields = { ...baseCorrectParams, email: 'test_example.com' }
215 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
218 it('Should fail with a too small password', async function () {
219 const fields = { ...baseCorrectParams, password: 'bla' }
221 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
224 it('Should fail with a too long password', async function () {
225 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
227 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
230 it('Should fail with empty password and no smtp configured', async function () {
231 const fields = { ...baseCorrectParams, password: '' }
233 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
236 it('Should succeed with no password on a server with smtp enabled', async function () {
239 await killallServers([ server ])
245 hostname: 'localhost',
249 await reRunServer(server, config)
252 ...baseCorrectParams,
255 username: 'create_password',
256 email: 'create_password@example.com'
259 await makePostBodyRequest({
262 token: server.accessToken,
264 statusCodeExpected: HttpStatusCode.OK_200
268 it('Should fail with invalid admin flags', async function () {
269 const fields = { ...baseCorrectParams, adminFlags: 'toto' }
271 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
274 it('Should fail with an non authenticated user', async function () {
275 await makePostBodyRequest({
278 token: 'super token',
279 fields: baseCorrectParams,
280 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
284 it('Should fail if we add a user with the same username', async function () {
285 const fields = { ...baseCorrectParams, username: 'user1' }
287 await makePostBodyRequest({
290 token: server.accessToken,
292 statusCodeExpected: HttpStatusCode.CONFLICT_409
296 it('Should fail if we add a user with the same email', async function () {
297 const fields = { ...baseCorrectParams, email: 'user1@example.com' }
299 await makePostBodyRequest({
302 token: server.accessToken,
304 statusCodeExpected: HttpStatusCode.CONFLICT_409
308 it('Should fail without a videoQuota', async function () {
309 const fields = omit(baseCorrectParams, 'videoQuota')
311 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
314 it('Should fail without a videoQuotaDaily', async function () {
315 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
317 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
320 it('Should fail with an invalid videoQuota', async function () {
321 const fields = { ...baseCorrectParams, videoQuota: -5 }
323 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
326 it('Should fail with an invalid videoQuotaDaily', async function () {
327 const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
329 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
332 it('Should fail without a user role', async function () {
333 const fields = omit(baseCorrectParams, 'role')
335 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
338 it('Should fail with an invalid user role', async function () {
339 const fields = { ...baseCorrectParams, role: 88989 }
341 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
344 it('Should fail with a "peertube" username', async function () {
345 const fields = { ...baseCorrectParams, username: 'peertube' }
347 await makePostBodyRequest({
350 token: server.accessToken,
352 statusCodeExpected: HttpStatusCode.CONFLICT_409
356 it('Should fail to create a moderator or an admin with a moderator', async function () {
357 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
358 const fields = { ...baseCorrectParams, role }
360 await makePostBodyRequest({
363 token: moderatorAccessToken,
365 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
370 it('Should succeed to create a user with a moderator', async function () {
371 const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
373 await makePostBodyRequest({
376 token: moderatorAccessToken,
378 statusCodeExpected: HttpStatusCode.OK_200
382 it('Should succeed with the correct params', async function () {
383 await makePostBodyRequest({
386 token: server.accessToken,
387 fields: baseCorrectParams,
388 statusCodeExpected: HttpStatusCode.OK_200
392 it('Should fail with a non admin user', async function () {
395 password: 'my super password'
397 userAccessToken = await userLogin(server, user)
401 email: 'test@example.com',
402 password: 'my super password',
405 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
409 describe('When updating my account', function () {
410 it('Should fail with an invalid email attribute', async function () {
415 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
418 it('Should fail with a too small password', async function () {
420 currentPassword: 'my super password',
424 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
427 it('Should fail with a too long password', async function () {
429 currentPassword: 'my super password',
430 password: 'super'.repeat(61)
433 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
436 it('Should fail without the current password', async function () {
438 currentPassword: 'my super password',
439 password: 'super'.repeat(61)
442 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
445 it('Should fail with an invalid current password', async function () {
447 currentPassword: 'my super password fail',
448 password: 'super'.repeat(61)
451 await makePutBodyRequest({
454 token: userAccessToken,
456 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
460 it('Should fail with an invalid NSFW policy attribute', async function () {
465 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
468 it('Should fail with an invalid autoPlayVideo attribute', async function () {
473 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
476 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
478 autoPlayNextVideo: -1
481 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
484 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
486 videosHistoryEnabled: -1
489 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
492 it('Should fail with an non authenticated user', async function () {
494 currentPassword: 'my super password',
495 password: 'my super password'
498 await makePutBodyRequest({
501 token: 'super token',
503 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
507 it('Should fail with a too long description', async function () {
509 description: 'super'.repeat(201)
512 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
515 it('Should fail with an invalid videoLanguages attribute', async function () {
518 videoLanguages: 'toto'
521 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
526 for (let i = 0; i < 1000; i++) {
531 videoLanguages: languages
534 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
538 it('Should fail with an invalid theme', async function () {
539 const fields = { theme: 'invalid' }
540 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
543 it('Should fail with an unknown theme', async function () {
544 const fields = { theme: 'peertube-theme-unknown' }
545 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
548 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
550 noInstanceConfigWarningModal: -1
553 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
556 it('Should fail with an invalid noWelcomeModal attribute', async function () {
561 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
564 it('Should succeed to change password with the correct params', async function () {
566 currentPassword: 'my super password',
567 password: 'my super password',
569 autoPlayVideo: false,
570 email: 'super_email@example.com',
572 noInstanceConfigWarningModal: true,
576 await makePutBodyRequest({
579 token: userAccessToken,
581 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
585 it('Should succeed without password change with the correct params', async function () {
591 await makePutBodyRequest({
594 token: userAccessToken,
596 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
601 describe('When updating my avatar', function () {
602 it('Should fail without an incorrect input file', async function () {
605 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
607 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
610 it('Should fail with a big file', async function () {
613 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
615 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
618 it('Should fail with an unauthenticated user', async function () {
621 avatarfile: buildAbsoluteFixturePath('avatar.png')
623 await makeUploadRequest({
625 path: path + '/me/avatar/pick',
628 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
632 it('Should succeed with the correct params', async function () {
635 avatarfile: buildAbsoluteFixturePath('avatar.png')
637 await makeUploadRequest({
639 path: path + '/me/avatar/pick',
640 token: server.accessToken,
643 statusCodeExpected: HttpStatusCode.OK_200
648 describe('When managing my scoped tokens', function () {
650 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
651 await getUserScopedTokens(server.url, null, HttpStatusCode.UNAUTHORIZED_401)
654 it('Should fail to get my scoped tokens with a bad token', async function () {
655 await getUserScopedTokens(server.url, 'bad', HttpStatusCode.UNAUTHORIZED_401)
659 it('Should succeed to get my scoped tokens', async function () {
660 await getUserScopedTokens(server.url, server.accessToken)
663 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
664 await renewUserScopedTokens(server.url, null, HttpStatusCode.UNAUTHORIZED_401)
667 it('Should fail to renew my scoped tokens with a bad token', async function () {
668 await renewUserScopedTokens(server.url, 'bad', HttpStatusCode.UNAUTHORIZED_401)
671 it('Should succeed to renew my scoped tokens', async function () {
672 await renewUserScopedTokens(server.url, server.accessToken)
676 describe('When getting a user', function () {
678 it('Should fail with an non authenticated user', async function () {
679 await makeGetRequest({
682 token: 'super token',
683 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
687 it('Should fail with a non admin user', async function () {
688 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
691 it('Should succeed with the correct params', async function () {
692 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: HttpStatusCode.OK_200 })
696 describe('When updating a user', function () {
698 it('Should fail with an invalid email attribute', async function () {
703 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
706 it('Should fail with an invalid emailVerified attribute', async function () {
711 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
714 it('Should fail with an invalid videoQuota attribute', async function () {
719 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
722 it('Should fail with an invalid user role attribute', async function () {
727 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
730 it('Should fail with a too small password', async function () {
732 currentPassword: 'my super password',
736 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
739 it('Should fail with a too long password', async function () {
741 currentPassword: 'my super password',
742 password: 'super'.repeat(61)
745 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
748 it('Should fail with an non authenticated user', async function () {
753 await makePutBodyRequest({
756 token: 'super token',
758 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
762 it('Should fail when updating root role', async function () {
764 role: UserRole.MODERATOR
767 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
770 it('Should fail with invalid admin flags', async function () {
771 const fields = { adminFlags: 'toto' }
773 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
776 it('Should fail to update an admin with a moderator', async function () {
781 await makePutBodyRequest({
783 path: path + moderatorId,
784 token: moderatorAccessToken,
786 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
790 it('Should succeed to update a user with a moderator', async function () {
795 await makePutBodyRequest({
798 token: moderatorAccessToken,
800 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
804 it('Should succeed with the correct params', async function () {
806 email: 'email@example.com',
812 await makePutBodyRequest({
815 token: server.accessToken,
817 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
822 describe('When getting my information', function () {
823 it('Should fail with a non authenticated user', async function () {
824 await getMyUserInformation(server.url, 'fake_token', HttpStatusCode.UNAUTHORIZED_401)
827 it('Should success with the correct parameters', async function () {
828 await getMyUserInformation(server.url, userAccessToken)
832 describe('When getting my video rating', function () {
833 it('Should fail with a non authenticated user', async function () {
834 await getMyUserVideoRating(server.url, 'fake_token', video.id, HttpStatusCode.UNAUTHORIZED_401)
837 it('Should fail with an incorrect video uuid', async function () {
838 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', HttpStatusCode.BAD_REQUEST_400)
841 it('Should fail with an unknown video', async function () {
842 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', HttpStatusCode.NOT_FOUND_404)
845 it('Should succeed with the correct parameters', async function () {
846 await getMyUserVideoRating(server.url, server.accessToken, video.id)
847 await getMyUserVideoRating(server.url, server.accessToken, video.uuid)
848 await getMyUserVideoRating(server.url, server.accessToken, video.shortUUID)
852 describe('When retrieving my global ratings', function () {
853 const path = '/api/v1/accounts/user1/ratings'
855 it('Should fail with a bad start pagination', async function () {
856 await checkBadStartPagination(server.url, path, userAccessToken)
859 it('Should fail with a bad count pagination', async function () {
860 await checkBadCountPagination(server.url, path, userAccessToken)
863 it('Should fail with an incorrect sort', async function () {
864 await checkBadSortPagination(server.url, path, userAccessToken)
867 it('Should fail with a unauthenticated user', async function () {
868 await makeGetRequest({ url: server.url, path, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
871 it('Should fail with a another user', async function () {
872 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
875 it('Should fail with a bad type', async function () {
876 await makeGetRequest({
879 token: userAccessToken,
880 query: { rating: 'toto ' },
881 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
885 it('Should succeed with the correct params', async function () {
886 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.OK_200 })
890 describe('When blocking/unblocking/removing user', function () {
891 it('Should fail with an incorrect id', async function () {
892 await removeUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
893 await blockUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
894 await unblockUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
897 it('Should fail with the root user', async function () {
898 await removeUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
899 await blockUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
900 await unblockUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
903 it('Should return 404 with a non existing id', async function () {
904 await removeUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
905 await blockUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
906 await unblockUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
909 it('Should fail with a non admin user', async function () {
910 await removeUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
911 await blockUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
912 await unblockUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
915 it('Should fail on a moderator with a moderator', async function () {
916 await removeUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
917 await blockUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
918 await unblockUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
921 it('Should succeed on a user with a moderator', async function () {
922 await blockUser(server.url, userId, moderatorAccessToken)
923 await unblockUser(server.url, userId, moderatorAccessToken)
927 describe('When deleting our account', function () {
928 it('Should fail with with the root account', async function () {
929 await deleteMe(server.url, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
933 describe('When registering a new user', function () {
934 const registrationPath = path + '/register'
935 const baseCorrectParams = {
937 displayName: 'super user',
938 email: 'test3@example.com',
939 password: 'my super password'
942 it('Should fail with a too small username', async function () {
943 const fields = { ...baseCorrectParams, username: '' }
945 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
948 it('Should fail with a too long username', async function () {
949 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
951 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
954 it('Should fail with an incorrect username', async function () {
955 const fields = { ...baseCorrectParams, username: 'my username' }
957 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
960 it('Should fail with a missing email', async function () {
961 const fields = omit(baseCorrectParams, 'email')
963 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
966 it('Should fail with an invalid email', async function () {
967 const fields = { ...baseCorrectParams, email: 'test_example.com' }
969 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
972 it('Should fail with a too small password', async function () {
973 const fields = { ...baseCorrectParams, password: 'bla' }
975 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
978 it('Should fail with a too long password', async function () {
979 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
981 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
984 it('Should fail if we register a user with the same username', async function () {
985 const fields = { ...baseCorrectParams, username: 'root' }
987 await makePostBodyRequest({
989 path: registrationPath,
990 token: server.accessToken,
992 statusCodeExpected: HttpStatusCode.CONFLICT_409
996 it('Should fail with a "peertube" username', async function () {
997 const fields = { ...baseCorrectParams, username: 'peertube' }
999 await makePostBodyRequest({
1001 path: registrationPath,
1002 token: server.accessToken,
1004 statusCodeExpected: HttpStatusCode.CONFLICT_409
1008 it('Should fail if we register a user with the same email', async function () {
1009 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
1011 await makePostBodyRequest({
1013 path: registrationPath,
1014 token: server.accessToken,
1016 statusCodeExpected: HttpStatusCode.CONFLICT_409
1020 it('Should fail with a bad display name', async function () {
1021 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
1023 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1026 it('Should fail with a bad channel name', async function () {
1027 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
1029 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1032 it('Should fail with a bad channel display name', async function () {
1033 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
1035 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1038 it('Should fail with a channel name that is the same as username', async function () {
1039 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
1040 const fields = { ...baseCorrectParams, ...source }
1042 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1045 it('Should fail with an existing channel', async function () {
1046 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
1047 await server.channelsCommand.create({ attributes })
1049 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
1051 await makePostBodyRequest({
1053 path: registrationPath,
1054 token: server.accessToken,
1056 statusCodeExpected: HttpStatusCode.CONFLICT_409
1060 it('Should succeed with the correct params', async function () {
1061 const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } }
1063 await makePostBodyRequest({
1065 path: registrationPath,
1066 token: server.accessToken,
1068 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1072 it('Should fail on a server with registration disabled', async function () {
1075 email: 'test4@example.com',
1076 password: 'my super password 4'
1079 await makePostBodyRequest({
1080 url: serverWithRegistrationDisabled.url,
1081 path: registrationPath,
1082 token: serverWithRegistrationDisabled.accessToken,
1084 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
1089 describe('When registering multiple users on a server with users limit', function () {
1090 it('Should fail when after 3 registrations', async function () {
1091 await registerUser(server.url, 'user42', 'super password', HttpStatusCode.FORBIDDEN_403)
1095 describe('When asking a password reset', function () {
1096 const path = '/api/v1/users/ask-reset-password'
1098 it('Should fail with a missing email', async function () {
1101 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1104 it('Should fail with an invalid email', async function () {
1105 const fields = { email: 'hello' }
1107 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1110 it('Should success with the correct params', async function () {
1111 const fields = { email: 'admin@example.com' }
1113 await makePostBodyRequest({
1116 token: server.accessToken,
1118 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1123 describe('When asking for an account verification email', function () {
1124 const path = '/api/v1/users/ask-send-verify-email'
1126 it('Should fail with a missing email', async function () {
1129 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1132 it('Should fail with an invalid email', async function () {
1133 const fields = { email: 'hello' }
1135 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1138 it('Should succeed with the correct params', async function () {
1139 const fields = { email: 'admin@example.com' }
1141 await makePostBodyRequest({
1144 token: server.accessToken,
1146 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1151 after(async function () {
1152 MockSmtpServer.Instance.kill()
1154 await cleanupTests([ server, serverWithRegistrationDisabled ])