]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'feature/admin-comments' into develop
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import 'mocha'
4 import { expect } from 'chai'
5 import { omit } from 'lodash'
6 import { join } from 'path'
7 import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared'
8 import {
9 addVideoChannel,
10 blockUser,
11 cleanupTests,
12 createUser,
13 deleteMe,
14 flushAndRunServer,
15 getMyUserInformation,
16 getMyUserVideoRating,
17 getUsersList,
18 immutableAssign,
19 killallServers,
20 makeGetRequest,
21 makePostBodyRequest,
22 makePutBodyRequest,
23 makeUploadRequest,
24 registerUser,
25 removeUser,
26 reRunServer,
27 ServerInfo,
28 setAccessTokensToServers,
29 unblockUser,
30 updateUser,
31 uploadVideo,
32 userLogin
33 } from '../../../../shared/extra-utils'
34 import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
35 import {
36 checkBadCountPagination,
37 checkBadSortPagination,
38 checkBadStartPagination
39 } from '../../../../shared/extra-utils/requests/check-api-params'
40 import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
41 import { getMagnetURI, getMyVideoImports, getGoodVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports'
42 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
43 import { VideoPrivacy } from '../../../../shared/models/videos'
44
45 describe('Test users API validators', function () {
46 const path = '/api/v1/users/'
47 let userId: number
48 let rootId: number
49 let moderatorId: number
50 let videoId: number
51 let server: ServerInfo
52 let serverWithRegistrationDisabled: ServerInfo
53 let userAccessToken = ''
54 let moderatorAccessToken = ''
55 let emailPort: number
56 let overrideConfig: Object
57
58 // ---------------------------------------------------------------
59
60 before(async function () {
61 this.timeout(30000)
62
63 const emails: object[] = []
64 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
65
66 overrideConfig = { signup: { limit: 8 } }
67
68 {
69 const res = await Promise.all([
70 flushAndRunServer(1, overrideConfig),
71 flushAndRunServer(2)
72 ])
73
74 server = res[0]
75 serverWithRegistrationDisabled = res[1]
76
77 await setAccessTokensToServers([ server ])
78 }
79
80 {
81 const user = {
82 username: 'user1',
83 password: 'my super password'
84 }
85
86 const videoQuota = 42000000
87 await createUser({
88 url: server.url,
89 accessToken: server.accessToken,
90 username: user.username,
91 password: user.password,
92 videoQuota: videoQuota
93 })
94 userAccessToken = await userLogin(server, user)
95 }
96
97 {
98 const moderator = {
99 username: 'moderator1',
100 password: 'super password'
101 }
102
103 await createUser({
104 url: server.url,
105 accessToken: server.accessToken,
106 username: moderator.username,
107 password: moderator.password,
108 role: UserRole.MODERATOR
109 })
110
111 moderatorAccessToken = await userLogin(server, moderator)
112 }
113
114 {
115 const moderator = {
116 username: 'moderator2',
117 password: 'super password'
118 }
119
120 await createUser({
121 url: server.url,
122 accessToken: server.accessToken,
123 username: moderator.username,
124 password: moderator.password,
125 role: UserRole.MODERATOR
126 })
127 }
128
129 {
130 const res = await uploadVideo(server.url, server.accessToken, {})
131 videoId = res.body.video.id
132 }
133
134 {
135 const res = await getUsersList(server.url, server.accessToken)
136 const users: User[] = res.body.data
137
138 userId = users.find(u => u.username === 'user1').id
139 rootId = users.find(u => u.username === 'root').id
140 moderatorId = users.find(u => u.username === 'moderator2').id
141 }
142 })
143
144 describe('When listing users', function () {
145 it('Should fail with a bad start pagination', async function () {
146 await checkBadStartPagination(server.url, path, server.accessToken)
147 })
148
149 it('Should fail with a bad count pagination', async function () {
150 await checkBadCountPagination(server.url, path, server.accessToken)
151 })
152
153 it('Should fail with an incorrect sort', async function () {
154 await checkBadSortPagination(server.url, path, server.accessToken)
155 })
156
157 it('Should fail with a non authenticated user', async function () {
158 await makeGetRequest({
159 url: server.url,
160 path,
161 statusCodeExpected: 401
162 })
163 })
164
165 it('Should fail with a non admin user', async function () {
166 await makeGetRequest({
167 url: server.url,
168 path,
169 token: userAccessToken,
170 statusCodeExpected: 403
171 })
172 })
173 })
174
175 describe('When adding a new user', function () {
176 const baseCorrectParams = {
177 username: 'user2',
178 email: 'test@example.com',
179 password: 'my super password',
180 videoQuota: -1,
181 videoQuotaDaily: -1,
182 role: UserRole.USER,
183 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
184 }
185
186 it('Should fail with a too small username', async function () {
187 const fields = immutableAssign(baseCorrectParams, { username: '' })
188
189 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
190 })
191
192 it('Should fail with a too long username', async function () {
193 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
194
195 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
196 })
197
198 it('Should fail with a not lowercase username', async function () {
199 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
200
201 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
202 })
203
204 it('Should fail with an incorrect username', async function () {
205 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
206
207 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
208 })
209
210 it('Should fail with a missing email', async function () {
211 const fields = omit(baseCorrectParams, 'email')
212
213 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
214 })
215
216 it('Should fail with an invalid email', async function () {
217 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
218
219 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
220 })
221
222 it('Should fail with a too small password', async function () {
223 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
224
225 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
226 })
227
228 it('Should fail with a too long password', async function () {
229 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
230
231 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
232 })
233
234 it('Should fail with empty password and no smtp configured', async function () {
235 const fields = immutableAssign(baseCorrectParams, { password: '' })
236
237 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
238 })
239
240 it('Should succeed with no password on a server with smtp enabled', async function () {
241 this.timeout(10000)
242
243 killallServers([ server ])
244
245 const config = immutableAssign(overrideConfig, {
246 smtp: {
247 hostname: 'localhost',
248 port: emailPort
249 }
250 })
251 await reRunServer(server, config)
252
253 const fields = immutableAssign(baseCorrectParams, {
254 password: '',
255 username: 'create_password',
256 email: 'create_password@example.com'
257 })
258
259 await makePostBodyRequest({
260 url: server.url,
261 path: path,
262 token: server.accessToken,
263 fields,
264 statusCodeExpected: 200
265 })
266 })
267
268 it('Should fail with invalid admin flags', async function () {
269 const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
270
271 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
272 })
273
274 it('Should fail with an non authenticated user', async function () {
275 await makePostBodyRequest({
276 url: server.url,
277 path,
278 token: 'super token',
279 fields: baseCorrectParams,
280 statusCodeExpected: 401
281 })
282 })
283
284 it('Should fail if we add a user with the same username', async function () {
285 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
286
287 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
288 })
289
290 it('Should fail if we add a user with the same email', async function () {
291 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
292
293 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
294 })
295
296 it('Should fail without a videoQuota', async function () {
297 const fields = omit(baseCorrectParams, 'videoQuota')
298
299 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
300 })
301
302 it('Should fail without a videoQuotaDaily', async function () {
303 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
304
305 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
306 })
307
308 it('Should fail with an invalid videoQuota', async function () {
309 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
310
311 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
312 })
313
314 it('Should fail with an invalid videoQuotaDaily', async function () {
315 const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
316
317 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
318 })
319
320 it('Should fail without a user role', async function () {
321 const fields = omit(baseCorrectParams, 'role')
322
323 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
324 })
325
326 it('Should fail with an invalid user role', async function () {
327 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
328
329 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
330 })
331
332 it('Should fail with a "peertube" username', async function () {
333 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
334
335 await makePostBodyRequest({
336 url: server.url,
337 path,
338 token: server.accessToken,
339 fields,
340 statusCodeExpected: 409
341 })
342 })
343
344 it('Should fail to create a moderator or an admin with a moderator', async function () {
345 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
346 const fields = immutableAssign(baseCorrectParams, { role })
347
348 await makePostBodyRequest({
349 url: server.url,
350 path,
351 token: moderatorAccessToken,
352 fields,
353 statusCodeExpected: 403
354 })
355 }
356 })
357
358 it('Should succeed to create a user with a moderator', async function () {
359 const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER })
360
361 await makePostBodyRequest({
362 url: server.url,
363 path,
364 token: moderatorAccessToken,
365 fields,
366 statusCodeExpected: 200
367 })
368 })
369
370 it('Should succeed with the correct params', async function () {
371 await makePostBodyRequest({
372 url: server.url,
373 path,
374 token: server.accessToken,
375 fields: baseCorrectParams,
376 statusCodeExpected: 200
377 })
378 })
379
380 it('Should fail with a non admin user', async function () {
381 const user = {
382 username: 'user1',
383 password: 'my super password'
384 }
385 userAccessToken = await userLogin(server, user)
386
387 const fields = {
388 username: 'user3',
389 email: 'test@example.com',
390 password: 'my super password',
391 videoQuota: 42000000
392 }
393 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
394 })
395 })
396
397 describe('When updating my account', function () {
398 it('Should fail with an invalid email attribute', async function () {
399 const fields = {
400 email: 'blabla'
401 }
402
403 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
404 })
405
406 it('Should fail with a too small password', async function () {
407 const fields = {
408 currentPassword: 'my super password',
409 password: 'bla'
410 }
411
412 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
413 })
414
415 it('Should fail with a too long password', async function () {
416 const fields = {
417 currentPassword: 'my super password',
418 password: 'super'.repeat(61)
419 }
420
421 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
422 })
423
424 it('Should fail without the current password', async function () {
425 const fields = {
426 currentPassword: 'my super password',
427 password: 'super'.repeat(61)
428 }
429
430 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
431 })
432
433 it('Should fail with an invalid current password', async function () {
434 const fields = {
435 currentPassword: 'my super password fail',
436 password: 'super'.repeat(61)
437 }
438
439 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
440 })
441
442 it('Should fail with an invalid NSFW policy attribute', async function () {
443 const fields = {
444 nsfwPolicy: 'hello'
445 }
446
447 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
448 })
449
450 it('Should fail with an invalid autoPlayVideo attribute', async function () {
451 const fields = {
452 autoPlayVideo: -1
453 }
454
455 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
456 })
457
458 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
459 const fields = {
460 autoPlayNextVideo: -1
461 }
462
463 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
464 })
465
466 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
467 const fields = {
468 videosHistoryEnabled: -1
469 }
470
471 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
472 })
473
474 it('Should fail with an non authenticated user', async function () {
475 const fields = {
476 currentPassword: 'my super password',
477 password: 'my super password'
478 }
479
480 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
481 })
482
483 it('Should fail with a too long description', async function () {
484 const fields = {
485 description: 'super'.repeat(201)
486 }
487
488 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
489 })
490
491 it('Should fail with an invalid videoLanguages attribute', async function () {
492 {
493 const fields = {
494 videoLanguages: 'toto'
495 }
496
497 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
498 }
499
500 {
501 const languages = []
502 for (let i = 0; i < 1000; i++) {
503 languages.push('fr')
504 }
505
506 const fields = {
507 videoLanguages: languages
508 }
509
510 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
511 }
512 })
513
514 it('Should fail with an invalid theme', async function () {
515 const fields = { theme: 'invalid' }
516 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
517 })
518
519 it('Should fail with an unknown theme', async function () {
520 const fields = { theme: 'peertube-theme-unknown' }
521 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
522 })
523
524 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
525 const fields = {
526 noInstanceConfigWarningModal: -1
527 }
528
529 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
530 })
531
532 it('Should fail with an invalid noWelcomeModal attribute', async function () {
533 const fields = {
534 noWelcomeModal: -1
535 }
536
537 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
538 })
539
540 it('Should succeed to change password with the correct params', async function () {
541 const fields = {
542 currentPassword: 'my super password',
543 password: 'my super password',
544 nsfwPolicy: 'blur',
545 autoPlayVideo: false,
546 email: 'super_email@example.com',
547 theme: 'default',
548 noInstanceConfigWarningModal: true,
549 noWelcomeModal: true
550 }
551
552 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
553 })
554
555 it('Should succeed without password change with the correct params', async function () {
556 const fields = {
557 nsfwPolicy: 'blur',
558 autoPlayVideo: false
559 }
560
561 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
562 })
563 })
564
565 describe('When updating my avatar', function () {
566 it('Should fail without an incorrect input file', async function () {
567 const fields = {}
568 const attaches = {
569 avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
570 }
571 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
572 })
573
574 it('Should fail with a big file', async function () {
575 const fields = {}
576 const attaches = {
577 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
578 }
579 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
580 })
581
582 it('Should fail with an unauthenticated user', async function () {
583 const fields = {}
584 const attaches = {
585 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
586 }
587 await makeUploadRequest({
588 url: server.url,
589 path: path + '/me/avatar/pick',
590 fields,
591 attaches,
592 statusCodeExpected: 401
593 })
594 })
595
596 it('Should succeed with the correct params', async function () {
597 const fields = {}
598 const attaches = {
599 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
600 }
601 await makeUploadRequest({
602 url: server.url,
603 path: path + '/me/avatar/pick',
604 token: server.accessToken,
605 fields,
606 attaches,
607 statusCodeExpected: 200
608 })
609 })
610 })
611
612 describe('When getting a user', function () {
613
614 it('Should fail with an non authenticated user', async function () {
615 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
616 })
617
618 it('Should fail with a non admin user', async function () {
619 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
620 })
621
622 it('Should succeed with the correct params', async function () {
623 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
624 })
625 })
626
627 describe('When updating a user', function () {
628
629 it('Should fail with an invalid email attribute', async function () {
630 const fields = {
631 email: 'blabla'
632 }
633
634 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
635 })
636
637 it('Should fail with an invalid emailVerified attribute', async function () {
638 const fields = {
639 emailVerified: 'yes'
640 }
641
642 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
643 })
644
645 it('Should fail with an invalid videoQuota attribute', async function () {
646 const fields = {
647 videoQuota: -90
648 }
649
650 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
651 })
652
653 it('Should fail with an invalid user role attribute', async function () {
654 const fields = {
655 role: 54878
656 }
657
658 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
659 })
660
661 it('Should fail with a too small password', async function () {
662 const fields = {
663 currentPassword: 'my super password',
664 password: 'bla'
665 }
666
667 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
668 })
669
670 it('Should fail with a too long password', async function () {
671 const fields = {
672 currentPassword: 'my super password',
673 password: 'super'.repeat(61)
674 }
675
676 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
677 })
678
679 it('Should fail with an non authenticated user', async function () {
680 const fields = {
681 videoQuota: 42
682 }
683
684 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
685 })
686
687 it('Should fail when updating root role', async function () {
688 const fields = {
689 role: UserRole.MODERATOR
690 }
691
692 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
693 })
694
695 it('Should fail with invalid admin flags', async function () {
696 const fields = { adminFlags: 'toto' }
697
698 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
699 })
700
701 it('Should fail to update an admin with a moderator', async function () {
702 const fields = {
703 videoQuota: 42
704 }
705
706 await makePutBodyRequest({
707 url: server.url,
708 path: path + moderatorId,
709 token: moderatorAccessToken,
710 fields,
711 statusCodeExpected: 403
712 })
713 })
714
715 it('Should succeed to update a user with a moderator', async function () {
716 const fields = {
717 videoQuota: 42
718 }
719
720 await makePutBodyRequest({
721 url: server.url,
722 path: path + userId,
723 token: moderatorAccessToken,
724 fields,
725 statusCodeExpected: 204
726 })
727 })
728
729 it('Should succeed with the correct params', async function () {
730 const fields = {
731 email: 'email@example.com',
732 emailVerified: true,
733 videoQuota: 42,
734 role: UserRole.USER
735 }
736
737 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
738 })
739 })
740
741 describe('When getting my information', function () {
742 it('Should fail with a non authenticated user', async function () {
743 await getMyUserInformation(server.url, 'fake_token', 401)
744 })
745
746 it('Should success with the correct parameters', async function () {
747 await getMyUserInformation(server.url, userAccessToken)
748 })
749 })
750
751 describe('When getting my video rating', function () {
752 it('Should fail with a non authenticated user', async function () {
753 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
754 })
755
756 it('Should fail with an incorrect video uuid', async function () {
757 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
758 })
759
760 it('Should fail with an unknown video', async function () {
761 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
762 })
763
764 it('Should succeed with the correct parameters', async function () {
765 await getMyUserVideoRating(server.url, server.accessToken, videoId)
766 })
767 })
768
769 describe('When retrieving my global ratings', function () {
770 const path = '/api/v1/accounts/user1/ratings'
771
772 it('Should fail with a bad start pagination', async function () {
773 await checkBadStartPagination(server.url, path, userAccessToken)
774 })
775
776 it('Should fail with a bad count pagination', async function () {
777 await checkBadCountPagination(server.url, path, userAccessToken)
778 })
779
780 it('Should fail with an incorrect sort', async function () {
781 await checkBadSortPagination(server.url, path, userAccessToken)
782 })
783
784 it('Should fail with a unauthenticated user', async function () {
785 await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 })
786 })
787
788 it('Should fail with a another user', async function () {
789 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 })
790 })
791
792 it('Should fail with a bad type', async function () {
793 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 })
794 })
795
796 it('Should succeed with the correct params', async function () {
797 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 })
798 })
799 })
800
801 describe('When blocking/unblocking/removing user', function () {
802 it('Should fail with an incorrect id', async function () {
803 await removeUser(server.url, 'blabla', server.accessToken, 400)
804 await blockUser(server.url, 'blabla', server.accessToken, 400)
805 await unblockUser(server.url, 'blabla', server.accessToken, 400)
806 })
807
808 it('Should fail with the root user', async function () {
809 await removeUser(server.url, rootId, server.accessToken, 400)
810 await blockUser(server.url, rootId, server.accessToken, 400)
811 await unblockUser(server.url, rootId, server.accessToken, 400)
812 })
813
814 it('Should return 404 with a non existing id', async function () {
815 await removeUser(server.url, 4545454, server.accessToken, 404)
816 await blockUser(server.url, 4545454, server.accessToken, 404)
817 await unblockUser(server.url, 4545454, server.accessToken, 404)
818 })
819
820 it('Should fail with a non admin user', async function () {
821 await removeUser(server.url, userId, userAccessToken, 403)
822 await blockUser(server.url, userId, userAccessToken, 403)
823 await unblockUser(server.url, userId, userAccessToken, 403)
824 })
825
826 it('Should fail on a moderator with a moderator', async function () {
827 await removeUser(server.url, moderatorId, moderatorAccessToken, 403)
828 await blockUser(server.url, moderatorId, moderatorAccessToken, 403)
829 await unblockUser(server.url, moderatorId, moderatorAccessToken, 403)
830 })
831
832 it('Should succeed on a user with a moderator', async function () {
833 await blockUser(server.url, userId, moderatorAccessToken)
834 await unblockUser(server.url, userId, moderatorAccessToken)
835 })
836 })
837
838 describe('When deleting our account', function () {
839 it('Should fail with with the root account', async function () {
840 await deleteMe(server.url, server.accessToken, 400)
841 })
842 })
843
844 describe('When registering a new user', function () {
845 const registrationPath = path + '/register'
846 const baseCorrectParams = {
847 username: 'user3',
848 displayName: 'super user',
849 email: 'test3@example.com',
850 password: 'my super password'
851 }
852
853 it('Should fail with a too small username', async function () {
854 const fields = immutableAssign(baseCorrectParams, { username: '' })
855
856 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
857 })
858
859 it('Should fail with a too long username', async function () {
860 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
861
862 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
863 })
864
865 it('Should fail with an incorrect username', async function () {
866 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
867
868 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
869 })
870
871 it('Should fail with a missing email', async function () {
872 const fields = omit(baseCorrectParams, 'email')
873
874 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
875 })
876
877 it('Should fail with an invalid email', async function () {
878 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
879
880 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
881 })
882
883 it('Should fail with a too small password', async function () {
884 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
885
886 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
887 })
888
889 it('Should fail with a too long password', async function () {
890 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
891
892 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
893 })
894
895 it('Should fail if we register a user with the same username', async function () {
896 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
897
898 await makePostBodyRequest({
899 url: server.url,
900 path: registrationPath,
901 token: server.accessToken,
902 fields,
903 statusCodeExpected: 409
904 })
905 })
906
907 it('Should fail with a "peertube" username', async function () {
908 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
909
910 await makePostBodyRequest({
911 url: server.url,
912 path: registrationPath,
913 token: server.accessToken,
914 fields,
915 statusCodeExpected: 409
916 })
917 })
918
919 it('Should fail if we register a user with the same email', async function () {
920 const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
921
922 await makePostBodyRequest({
923 url: server.url,
924 path: registrationPath,
925 token: server.accessToken,
926 fields,
927 statusCodeExpected: 409
928 })
929 })
930
931 it('Should fail with a bad display name', async function () {
932 const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
933
934 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
935 })
936
937 it('Should fail with a bad channel name', async function () {
938 const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
939
940 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
941 })
942
943 it('Should fail with a bad channel display name', async function () {
944 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
945
946 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
947 })
948
949 it('Should fail with a channel name that is the same as username', async function () {
950 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
951 const fields = immutableAssign(baseCorrectParams, source)
952
953 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
954 })
955
956 it('Should fail with an existing channel', async function () {
957 const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
958 await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg)
959
960 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
961
962 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
963 })
964
965 it('Should succeed with the correct params', async function () {
966 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
967
968 await makePostBodyRequest({
969 url: server.url,
970 path: registrationPath,
971 token: server.accessToken,
972 fields: fields,
973 statusCodeExpected: 204
974 })
975 })
976
977 it('Should fail on a server with registration disabled', async function () {
978 const fields = {
979 username: 'user4',
980 email: 'test4@example.com',
981 password: 'my super password 4'
982 }
983
984 await makePostBodyRequest({
985 url: serverWithRegistrationDisabled.url,
986 path: registrationPath,
987 token: serverWithRegistrationDisabled.accessToken,
988 fields,
989 statusCodeExpected: 403
990 })
991 })
992 })
993
994 describe('When registering multiple users on a server with users limit', function () {
995 it('Should fail when after 3 registrations', async function () {
996 await registerUser(server.url, 'user42', 'super password', 403)
997 })
998 })
999
1000 describe('When having a video quota', function () {
1001 it('Should fail with a user having too many videos', async function () {
1002 await updateUser({
1003 url: server.url,
1004 userId: rootId,
1005 accessToken: server.accessToken,
1006 videoQuota: 42
1007 })
1008
1009 await uploadVideo(server.url, server.accessToken, {}, 403)
1010 })
1011
1012 it('Should fail with a registered user having too many videos', async function () {
1013 this.timeout(30000)
1014
1015 const user = {
1016 username: 'user3',
1017 password: 'my super password'
1018 }
1019 userAccessToken = await userLogin(server, user)
1020
1021 const videoAttributes = { fixture: 'video_short2.webm' }
1022 await uploadVideo(server.url, userAccessToken, videoAttributes)
1023 await uploadVideo(server.url, userAccessToken, videoAttributes)
1024 await uploadVideo(server.url, userAccessToken, videoAttributes)
1025 await uploadVideo(server.url, userAccessToken, videoAttributes)
1026 await uploadVideo(server.url, userAccessToken, videoAttributes)
1027 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
1028 })
1029
1030 it('Should fail to import with HTTP/Torrent/magnet', async function () {
1031 this.timeout(120000)
1032
1033 const baseAttributes = {
1034 channelId: 1,
1035 privacy: VideoPrivacy.PUBLIC
1036 }
1037 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getGoodVideoUrl() }))
1038 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
1039 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' as any }))
1040
1041 await waitJobs([ server ])
1042
1043 const res = await getMyVideoImports(server.url, server.accessToken)
1044
1045 expect(res.body.total).to.equal(3)
1046 const videoImports: VideoImport[] = res.body.data
1047 expect(videoImports).to.have.lengthOf(3)
1048
1049 for (const videoImport of videoImports) {
1050 expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
1051 expect(videoImport.error).not.to.be.undefined
1052 expect(videoImport.error).to.contain('user video quota is exceeded')
1053 }
1054 })
1055 })
1056
1057 describe('When having a daily video quota', function () {
1058 it('Should fail with a user having too many videos', async function () {
1059 await updateUser({
1060 url: server.url,
1061 userId: rootId,
1062 accessToken: server.accessToken,
1063 videoQuotaDaily: 42
1064 })
1065
1066 await uploadVideo(server.url, server.accessToken, {}, 403)
1067 })
1068 })
1069
1070 describe('When having an absolute and daily video quota', function () {
1071 it('Should fail if exceeding total quota', async function () {
1072 await updateUser({
1073 url: server.url,
1074 userId: rootId,
1075 accessToken: server.accessToken,
1076 videoQuota: 42,
1077 videoQuotaDaily: 1024 * 1024 * 1024
1078 })
1079
1080 await uploadVideo(server.url, server.accessToken, {}, 403)
1081 })
1082
1083 it('Should fail if exceeding daily quota', async function () {
1084 await updateUser({
1085 url: server.url,
1086 userId: rootId,
1087 accessToken: server.accessToken,
1088 videoQuota: 1024 * 1024 * 1024,
1089 videoQuotaDaily: 42
1090 })
1091
1092 await uploadVideo(server.url, server.accessToken, {}, 403)
1093 })
1094 })
1095
1096 describe('When asking a password reset', function () {
1097 const path = '/api/v1/users/ask-reset-password'
1098
1099 it('Should fail with a missing email', async function () {
1100 const fields = {}
1101
1102 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1103 })
1104
1105 it('Should fail with an invalid email', async function () {
1106 const fields = { email: 'hello' }
1107
1108 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1109 })
1110
1111 it('Should success with the correct params', async function () {
1112 const fields = { email: 'admin@example.com' }
1113
1114 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1115 })
1116 })
1117
1118 describe('When asking for an account verification email', function () {
1119 const path = '/api/v1/users/ask-send-verify-email'
1120
1121 it('Should fail with a missing email', async function () {
1122 const fields = {}
1123
1124 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1125 })
1126
1127 it('Should fail with an invalid email', async function () {
1128 const fields = { email: 'hello' }
1129
1130 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1131 })
1132
1133 it('Should succeed with the correct params', async function () {
1134 const fields = { email: 'admin@example.com' }
1135
1136 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1137 })
1138 })
1139
1140 after(async function () {
1141 MockSmtpServer.Instance.kill()
1142
1143 await cleanupTests([ server, serverWithRegistrationDisabled ])
1144 })
1145 })
ActivityPub-federated video streaming platform using P2P directly in your web browser