1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { UserRole } from '../../../../shared'
8 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
9 makePostBodyRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers, updateUser,
10 uploadVideo, userLogin
12 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
14 describe('Test users API validators', function () {
15 const path = '/api/v1/users/'
19 let server: ServerInfo
20 let serverWithRegistrationDisabled: ServerInfo
21 let userAccessToken = ''
23 // ---------------------------------------------------------------
25 before(async function () {
30 server = await runServer(1)
31 serverWithRegistrationDisabled = await runServer(2)
33 await setAccessTokensToServers([ server ])
37 password: 'my super password'
39 const videoQuota = 42000000
40 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
41 userAccessToken = await userLogin(server, user)
43 const res = await uploadVideo(server.url, server.accessToken, {})
44 videoId = res.body.video.id
47 describe('When listing users', function () {
48 it('Should fail with a bad start pagination', async function () {
49 await checkBadStartPagination(server.url, path, server.accessToken)
52 it('Should fail with a bad count pagination', async function () {
53 await checkBadCountPagination(server.url, path, server.accessToken)
56 it('Should fail with an incorrect sort', async function () {
57 await checkBadSortPagination(server.url, path, server.accessToken)
60 it('Should fail with a non authenticated user', async function () {
61 await makeGetRequest({
64 statusCodeExpected: 401
68 it('Should fail with a non admin user', async function () {
69 await makeGetRequest({
72 token: userAccessToken,
73 statusCodeExpected: 403
78 describe('When adding a new user', function () {
79 const baseCorrectParams = {
81 email: 'test@example.com',
82 password: 'my super password',
87 it('Should fail with a too small username', async function () {
88 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
90 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
93 it('Should fail with a too long username', async function () {
94 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
96 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
99 it('Should fail with a not lowercase username', async function () {
100 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
102 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
105 it('Should fail with an incorrect username', async function () {
106 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
108 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
111 it('Should fail with a missing email', async function () {
112 const fields = omit(baseCorrectParams, 'email')
114 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
117 it('Should fail with an invalid email', async function () {
118 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
120 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
123 it('Should fail with a too small password', async function () {
124 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
126 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
129 it('Should fail with a too long password', async function () {
130 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
132 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
135 it('Should fail with an non authenticated user', async function () {
136 await makePostBodyRequest({
139 token: 'super token',
140 fields: baseCorrectParams,
141 statusCodeExpected: 401
145 it('Should fail if we add a user with the same username', async function () {
146 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
148 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
151 it('Should fail if we add a user with the same email', async function () {
152 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
154 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
157 it('Should fail without a videoQuota', async function () {
158 const fields = omit(baseCorrectParams, 'videoQuota')
160 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
163 it('Should fail with an invalid videoQuota', async function () {
164 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
166 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
169 it('Should fail without a user role', async function () {
170 const fields = omit(baseCorrectParams, 'role')
172 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
175 it('Should fail with an invalid user role', async function () {
176 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
178 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
181 it('Should succeed with the correct params', async function () {
182 await makePostBodyRequest({
185 token: server.accessToken,
186 fields: baseCorrectParams,
187 statusCodeExpected: 204
191 it('Should fail with a non admin user', async function () {
194 password: 'my super password'
196 userAccessToken = await userLogin(server, user)
200 email: 'test@example.com',
201 password: 'my super password',
204 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
208 describe('When updating my account', function () {
209 it('Should fail with an invalid email attribute', async function () {
214 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
217 it('Should fail with a too small password', async function () {
222 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
225 it('Should fail with a too long password', async function () {
227 password: 'super'.repeat(61)
230 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
233 it('Should fail with an invalid display NSFW attribute', async function () {
238 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
241 it('Should fail with an invalid autoPlayVideo attribute', async function () {
246 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
249 it('Should fail with an non authenticated user', async function () {
251 password: 'my super password'
254 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
257 it('Should succeed with the correct params', async function () {
259 password: 'my super password',
261 autoPlayVideo: false,
262 email: 'super_email@example.com'
265 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
269 describe('When updating a user', function () {
271 before(async function () {
272 const res = await getUsersList(server.url, server.accessToken)
274 userId = res.body.data[1].id
275 rootId = res.body.data[2].id
278 it('Should fail with an invalid email attribute', async function () {
283 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
286 it('Should fail with an invalid videoQuota attribute', async function () {
291 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
294 it('Should fail with an invalid user role attribute', async function () {
299 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
302 it('Should fail with an non authenticated user', async function () {
307 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
310 it('Should succeed with the correct params', async function () {
312 email: 'email@example.com',
314 role: UserRole.MODERATOR
317 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
321 describe('When getting my information', function () {
322 it('Should fail with a non authenticated user', async function () {
323 await getMyUserInformation(server.url, 'fake_token', 401)
326 it('Should success with the correct parameters', async function () {
327 await getMyUserInformation(server.url, userAccessToken)
331 describe('When getting my video rating', function () {
332 it('Should fail with a non authenticated user', async function () {
333 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
336 it('Should fail with an incorrect video uuid', async function () {
337 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
340 it('Should fail with an unknown video', async function () {
341 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
344 it('Should succeed with the correct parameters', async function () {
345 await getMyUserVideoRating(server.url, server.accessToken, videoId)
349 describe('When removing an user', function () {
350 it('Should fail with an incorrect id', async function () {
351 await removeUser(server.url, 'blabla', server.accessToken, 400)
354 it('Should fail with the root user', async function () {
355 await removeUser(server.url, rootId, server.accessToken, 400)
358 it('Should return 404 with a non existing id', async function () {
359 await removeUser(server.url, 4545454, server.accessToken, 404)
363 describe('When register a new user', function () {
364 const registrationPath = path + '/register'
365 const baseCorrectParams = {
367 email: 'test3@example.com',
368 password: 'my super password'
371 it('Should fail with a too small username', async function () {
372 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
374 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
377 it('Should fail with a too long username', async function () {
378 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
380 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
383 it('Should fail with an incorrect username', async function () {
384 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
386 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
389 it('Should fail with a missing email', async function () {
390 const fields = omit(baseCorrectParams, 'email')
392 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
395 it('Should fail with an invalid email', async function () {
396 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
398 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
401 it('Should fail with a too small password', async function () {
402 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
404 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
407 it('Should fail with a too long password', async function () {
408 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
410 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
413 it('Should fail if we register a user with the same username', async function () {
414 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
416 await makePostBodyRequest({
418 path: registrationPath,
419 token: server.accessToken,
421 statusCodeExpected: 409
425 it('Should fail if we register a user with the same email', async function () {
426 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
428 await makePostBodyRequest({
430 path: registrationPath,
431 token: server.accessToken,
433 statusCodeExpected: 409
437 it('Should succeed with the correct params', async function () {
438 await makePostBodyRequest({
440 path: registrationPath,
441 token: server.accessToken,
442 fields: baseCorrectParams,
443 statusCodeExpected: 204
447 it('Should fail on a server with registration disabled', async function () {
450 email: 'test4@example.com',
451 password: 'my super password 4'
454 await makePostBodyRequest({
455 url: serverWithRegistrationDisabled.url,
456 path: registrationPath,
457 token: serverWithRegistrationDisabled.accessToken,
459 statusCodeExpected: 403
464 describe('When registering multiple users on a server with users limit', function () {
465 it('Should fail when after 3 registrations', async function () {
466 await registerUser(server.url, 'user42', 'super password', 403)
470 describe('When having a video quota', function () {
471 it('Should fail with a user having too many video', async function () {
475 accessToken: server.accessToken,
479 await uploadVideo(server.url, server.accessToken, {}, 403)
482 it('Should fail with a registered user having too many video', async function () {
487 password: 'my super password'
489 userAccessToken = await userLogin(server, user)
491 const videoAttributes = { fixture: 'video_short2.webm' }
492 await uploadVideo(server.url, userAccessToken, videoAttributes)
493 await uploadVideo(server.url, userAccessToken, videoAttributes)
494 await uploadVideo(server.url, userAccessToken, videoAttributes)
495 await uploadVideo(server.url, userAccessToken, videoAttributes)
496 await uploadVideo(server.url, userAccessToken, videoAttributes)
497 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
501 after(async function () {
502 killallServers([ server, serverWithRegistrationDisabled ])
504 // Keep the logs if the test failed