1 /* tslint:disable:no-unused-expression */
3 import * as request from 'supertest'
17 setAccessTokensToServers,
22 import { UserRole } from '../../../../shared'
24 describe('Test users API validators', function () {
25 const path = '/api/v1/users/'
29 let server: ServerInfo
30 let serverWithRegistrationDisabled: ServerInfo
31 let userAccessToken = ''
33 // ---------------------------------------------------------------
35 before(async function () {
40 server = await runServer(1)
41 serverWithRegistrationDisabled = await runServer(2)
43 await setAccessTokensToServers([ server ])
45 const username = 'user1'
46 const password = 'my super password'
47 const videoQuota = 42000000
48 await createUser(server.url, server.accessToken, username, password, videoQuota)
50 const videoAttributes = {}
51 await uploadVideo(server.url, server.accessToken, videoAttributes)
53 const res = await getVideosList(server.url)
54 const videos = res.body.data
55 videoId = videos[0].id
59 password: 'my super password'
61 userAccessToken = await userLogin(server, user)
64 describe('When listing users', function () {
65 it('Should fail with a bad start pagination', async function () {
66 await request(server.url)
68 .query({ start: 'hello' })
69 .set('Accept', 'application/json')
70 .set('Authorization', 'Bearer ' + server.accessToken)
74 it('Should fail with a bad count pagination', async function () {
75 await request(server.url)
77 .query({ count: 'hello' })
78 .set('Accept', 'application/json')
79 .set('Authorization', 'Bearer ' + server.accessToken)
83 it('Should fail with an incorrect sort', async function () {
84 await request(server.url)
86 .query({ sort: 'hello' })
87 .set('Accept', 'application/json')
88 .set('Authorization', 'Bearer ' + server.accessToken)
92 it('Should fail with a non authenticated user', async function () {
93 await request(server.url)
95 .set('Accept', 'application/json')
99 it('Should fail with a non admin user', async function () {
100 await request(server.url)
102 .set('Accept', 'application/json')
103 .set('Authorization', 'Bearer ' + userAccessToken)
108 describe('When adding a new user', function () {
109 it('Should fail with a too small username', async function () {
112 email: 'test@example.com',
113 password: 'my_super_password',
118 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
121 it('Should fail with a too long username', async function () {
123 username: 'my_super_username_which_is_very_long',
124 email: 'test@example.com',
125 password: 'my_super_password',
126 videoQuota: 42000000,
130 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
133 it('Should fail with a not lowercase username', async function () {
136 email: 'test@example.com',
137 password: 'my_super_password',
138 videoQuota: 42000000,
142 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
145 it('Should fail with an incorrect username', async function () {
147 username: 'my username',
148 email: 'test@example.com',
149 password: 'my_super_password',
150 videoQuota: 42000000,
154 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
157 it('Should fail with a missing email', async function () {
160 password: 'my_super_password',
161 videoQuota: 42000000,
165 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
168 it('Should fail with an invalid email', async function () {
170 username: 'my_super_username_which_is_very_long',
171 email: 'test_example.com',
172 password: 'my_super_password',
173 videoQuota: 42000000,
177 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 it('Should fail with a too small password', async function () {
182 username: 'my_username',
183 email: 'test@example.com',
185 videoQuota: 42000000,
189 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
192 it('Should fail with a too long password', async function () {
194 username: 'my_username',
195 email: 'test@example.com',
196 password: 'my super long password which is very very very very very very very very very very very very very very' +
197 'very very very very very very very very very very very very very very very veryv very very very very' +
198 'very very very very very very very very very very very very very very very very very very very very long',
199 videoQuota: 42000000,
203 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
206 it('Should fail with an non authenticated user', async function () {
208 username: 'my_username',
209 email: 'test@example.com',
210 password: 'my super password',
211 videoQuota: 42000000,
215 await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
218 it('Should fail if we add a user with the same username', async function () {
221 email: 'test@example.com',
222 password: 'my super password',
223 videoQuota: 42000000,
227 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
230 it('Should fail if we add a user with the same email', async function () {
232 username: 'my_username',
233 email: 'user1@example.com',
234 password: 'my super password',
235 videoQuota: 42000000,
239 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
242 it('Should fail without a videoQuota', async function () {
244 username: 'my_username',
245 email: 'user1@example.com',
246 password: 'my super password',
250 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
253 it('Should fail with an invalid videoQuota', async function () {
255 username: 'my_username',
256 email: 'user1@example.com',
257 password: 'my super password',
262 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
265 it('Should fail without a user role', async function () {
267 username: 'my_username',
268 email: 'user1@example.com',
269 password: 'my super password',
273 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
276 it('Should fail with an invalid user role', async function () {
278 username: 'my_username',
279 email: 'user1@example.com',
280 password: 'my super password',
285 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
288 it('Should succeed with the correct params', async function () {
291 email: 'test@example.com',
292 password: 'my super password',
297 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
300 it('Should fail with a non admin user', async function () {
303 email: 'test@example.com',
304 password: 'my super password'
307 userAccessToken = await serverLogin(server)
310 email: 'test@example.com',
311 password: 'my super password',
314 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
318 describe('When updating my account', function () {
319 it('Should fail with an invalid email attribute', async function () {
324 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
327 it('Should fail with a too small password', async function () {
332 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
335 it('Should fail with a too long password', async function () {
337 password: 'my super long password which is very very very very very very very very very very very very very very' +
338 'very very very very very very very very very very very very very very very veryv very very very very' +
339 'very very very very very very very very very very very very very very very very very very very very long'
342 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
345 it('Should fail with an invalid display NSFW attribute', async function () {
350 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
353 it('Should fail with an invalid autoPlayVideo attribute', async function () {
358 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
361 it('Should fail with an non authenticated user', async function () {
363 password: 'my super password'
366 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
369 it('Should succeed with the correct params', async function () {
371 password: 'my super password',
373 autoPlayVideo: false,
374 email: 'super_email@example.com'
377 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
381 describe('When updating a user', function () {
383 before(async function () {
384 const res = await getUsersList(server.url, server.accessToken)
386 userId = res.body.data[1].id
387 rootId = res.body.data[2].id
390 it('Should fail with an invalid email attribute', async function () {
395 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
398 it('Should fail with an invalid videoQuota attribute', async function () {
403 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
406 it('Should fail with an invalid user role attribute', async function () {
411 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
414 it('Should fail with an non authenticated user', async function () {
419 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
422 it('Should succeed with the correct params', async function () {
424 email: 'email@example.com',
426 role: UserRole.MODERATOR
429 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
433 describe('When getting my information', function () {
434 it('Should fail with a non authenticated user', async function () {
435 await request(server.url)
437 .set('Authorization', 'Bearer fake_token')
438 .set('Accept', 'application/json')
442 it('Should success with the correct parameters', async function () {
443 await request(server.url)
445 .set('Authorization', 'Bearer ' + userAccessToken)
446 .set('Accept', 'application/json')
451 describe('When getting my video rating', function () {
452 it('Should fail with a non authenticated user', async function () {
453 await request(server.url)
454 .get(path + 'me/videos/' + videoId + '/rating')
455 .set('Authorization', 'Bearer fake_token')
456 .set('Accept', 'application/json')
460 it('Should fail with an incorrect video uuid', async function () {
461 await request(server.url)
462 .get(path + 'me/videos/blabla/rating')
463 .set('Authorization', 'Bearer ' + userAccessToken)
464 .set('Accept', 'application/json')
468 it('Should fail with an unknown video', async function () {
469 await request(server.url)
470 .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
471 .set('Authorization', 'Bearer ' + userAccessToken)
472 .set('Accept', 'application/json')
476 it('Should success with the correct parameters', async function () {
477 await request(server.url)
478 .get(path + 'me/videos/' + videoId + '/rating')
479 .set('Authorization', 'Bearer ' + userAccessToken)
480 .set('Accept', 'application/json')
485 describe('When removing an user', function () {
486 it('Should fail with an incorrect id', async function () {
487 await request(server.url)
488 .delete(path + 'bla-bla')
489 .set('Authorization', 'Bearer ' + server.accessToken)
493 it('Should fail with the root user', async function () {
494 await request(server.url)
495 .delete(path + rootId)
496 .set('Authorization', 'Bearer ' + server.accessToken)
500 it('Should return 404 with a non existing id', async function () {
501 await request(server.url)
503 .set('Authorization', 'Bearer ' + server.accessToken)
508 describe('When removing an user', function () {
509 it('Should fail with an incorrect id', async function () {
510 await request(server.url)
511 .delete(path + 'bla-bla')
512 .set('Authorization', 'Bearer ' + server.accessToken)
516 it('Should fail with the root user', async function () {
517 await request(server.url)
518 .delete(path + rootId)
519 .set('Authorization', 'Bearer ' + server.accessToken)
523 it('Should return 404 with a non existing id', async function () {
524 await request(server.url)
526 .set('Authorization', 'Bearer ' + server.accessToken)
531 describe('When register a new user', function () {
532 const registrationPath = path + '/register'
534 it('Should fail with a too small username', async function () {
537 email: 'test@example.com',
538 password: 'my_super_password'
541 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
544 it('Should fail with a too long username', async function () {
546 username: 'my_super_username_which_is_very_long',
547 email: 'test@example.com',
548 password: 'my_super_password'
551 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
554 it('Should fail with an incorrect username', async function () {
556 username: 'my username',
557 email: 'test@example.com',
558 password: 'my_super_password'
561 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
564 it('Should fail with a missing email', async function () {
567 password: 'my_super_password'
570 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
573 it('Should fail with an invalid email', async function () {
575 username: 'my_super_username_which_is_very_long',
576 email: 'test_example.com',
577 password: 'my_super_password'
580 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
583 it('Should fail with a too small password', async function () {
585 username: 'my_username',
586 email: 'test@example.com',
590 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
593 it('Should fail with a too long password', async function () {
595 username: 'my_username',
596 email: 'test@example.com',
597 password: 'my super long password which is very very very very very very very very very very very very very very' +
598 'very very very very very very very very very very very very very very very veryv very very very very' +
599 'very very very very very very very very very very very very very very very very very very very very long'
602 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
605 it('Should fail if we register a user with the same username', async function () {
608 email: 'test@example.com',
609 password: 'my super password'
612 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
615 it('Should fail if we register a user with the same email', async function () {
617 username: 'my_username',
618 email: 'admin1@example.com',
619 password: 'my super password'
622 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
625 it('Should succeed with the correct params', async function () {
628 email: 'test3@example.com',
629 password: 'my super password'
632 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 })
635 it('Should fail on a server with registration disabled', async function () {
638 email: 'test4@example.com',
639 password: 'my super password 4'
642 await makePostBodyRequest({
643 url: serverWithRegistrationDisabled.url,
644 path: registrationPath,
645 token: serverWithRegistrationDisabled.accessToken,
647 statusCodeExpected: 403
652 describe('When registering multiple users on a server with users limit', function () {
653 it('Should fail when after 3 registrations', async function () {
654 await registerUser(server.url, 'user42', 'super password', 403)
658 describe('When having a video quota', function () {
659 it('Should fail with a user having too many video', async function () {
664 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })
666 const videoAttributes = {}
667 await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
670 it('Should fail with a registered user having too many video', async function () {
675 email: 'test3@example.com',
676 password: 'my super password'
678 userAccessToken = await serverLogin(server)
680 const videoAttributes = { fixture: 'video_short2.webm' }
681 await uploadVideo(server.url, userAccessToken, videoAttributes)
682 await uploadVideo(server.url, userAccessToken, videoAttributes)
683 await uploadVideo(server.url, userAccessToken, videoAttributes)
684 await uploadVideo(server.url, userAccessToken, videoAttributes)
685 await uploadVideo(server.url, userAccessToken, videoAttributes)
686 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
690 after(async function () {
691 killallServers([ server, serverWithRegistrationDisabled ])
693 // Keep the logs if the test failed