]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Shorter server command names
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import 'mocha'
4 import { omit } from 'lodash'
5 import { HttpStatusCode } from '@shared/core-utils'
6 import {
7 buildAbsoluteFixturePath,
8 checkBadCountPagination,
9 checkBadSortPagination,
10 checkBadStartPagination,
11 cleanupTests,
12 flushAndRunServer,
13 killallServers,
14 makeGetRequest,
15 makePostBodyRequest,
16 makePutBodyRequest,
17 makeUploadRequest,
18 MockSmtpServer,
19 reRunServer,
20 ServerInfo,
21 setAccessTokensToServers,
22 UsersCommand
23 } from '@shared/extra-utils'
24 import { UserAdminFlag, UserRole, VideoCreateResult } from '@shared/models'
25
26 describe('Test users API validators', function () {
27 const path = '/api/v1/users/'
28 let userId: number
29 let rootId: number
30 let moderatorId: number
31 let video: VideoCreateResult
32 let server: ServerInfo
33 let serverWithRegistrationDisabled: ServerInfo
34 let userToken = ''
35 let moderatorToken = ''
36 let emailPort: number
37 let overrideConfig: Object
38
39 // ---------------------------------------------------------------
40
41 before(async function () {
42 this.timeout(30000)
43
44 const emails: object[] = []
45 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
46
47 overrideConfig = { signup: { limit: 8 } }
48
49 {
50 const res = await Promise.all([
51 flushAndRunServer(1, overrideConfig),
52 flushAndRunServer(2)
53 ])
54
55 server = res[0]
56 serverWithRegistrationDisabled = res[1]
57
58 await setAccessTokensToServers([ server ])
59 }
60
61 {
62 const user = { username: 'user1' }
63 await server.users.create({ ...user })
64 userToken = await server.login.getAccessToken(user)
65 }
66
67 {
68 const moderator = { username: 'moderator1' }
69 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
70 moderatorToken = await server.login.getAccessToken(moderator)
71 }
72
73 {
74 const moderator = { username: 'moderator2' }
75 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
76 }
77
78 {
79 video = await server.videos.upload()
80 }
81
82 {
83 const { data } = await server.users.list()
84 userId = data.find(u => u.username === 'user1').id
85 rootId = data.find(u => u.username === 'root').id
86 moderatorId = data.find(u => u.username === 'moderator2').id
87 }
88 })
89
90 describe('When listing users', function () {
91 it('Should fail with a bad start pagination', async function () {
92 await checkBadStartPagination(server.url, path, server.accessToken)
93 })
94
95 it('Should fail with a bad count pagination', async function () {
96 await checkBadCountPagination(server.url, path, server.accessToken)
97 })
98
99 it('Should fail with an incorrect sort', async function () {
100 await checkBadSortPagination(server.url, path, server.accessToken)
101 })
102
103 it('Should fail with a non authenticated user', async function () {
104 await makeGetRequest({
105 url: server.url,
106 path,
107 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
108 })
109 })
110
111 it('Should fail with a non admin user', async function () {
112 await makeGetRequest({
113 url: server.url,
114 path,
115 token: userToken,
116 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
117 })
118 })
119 })
120
121 describe('When adding a new user', function () {
122 const baseCorrectParams = {
123 username: 'user2',
124 email: 'test@example.com',
125 password: 'my super password',
126 videoQuota: -1,
127 videoQuotaDaily: -1,
128 role: UserRole.USER,
129 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
130 }
131
132 it('Should fail with a too small username', async function () {
133 const fields = { ...baseCorrectParams, username: '' }
134
135 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 })
137
138 it('Should fail with a too long username', async function () {
139 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
140
141 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
142 })
143
144 it('Should fail with a not lowercase username', async function () {
145 const fields = { ...baseCorrectParams, username: 'Toto' }
146
147 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
148 })
149
150 it('Should fail with an incorrect username', async function () {
151 const fields = { ...baseCorrectParams, username: 'my username' }
152
153 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
154 })
155
156 it('Should fail with a missing email', async function () {
157 const fields = omit(baseCorrectParams, 'email')
158
159 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
160 })
161
162 it('Should fail with an invalid email', async function () {
163 const fields = { ...baseCorrectParams, email: 'test_example.com' }
164
165 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
166 })
167
168 it('Should fail with a too small password', async function () {
169 const fields = { ...baseCorrectParams, password: 'bla' }
170
171 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
172 })
173
174 it('Should fail with a too long password', async function () {
175 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
176
177 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
178 })
179
180 it('Should fail with empty password and no smtp configured', async function () {
181 const fields = { ...baseCorrectParams, password: '' }
182
183 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
184 })
185
186 it('Should succeed with no password on a server with smtp enabled', async function () {
187 this.timeout(20000)
188
189 await killallServers([ server ])
190
191 const config = {
192 ...overrideConfig,
193
194 smtp: {
195 hostname: 'localhost',
196 port: emailPort
197 }
198 }
199 await reRunServer(server, config)
200
201 const fields = {
202 ...baseCorrectParams,
203
204 password: '',
205 username: 'create_password',
206 email: 'create_password@example.com'
207 }
208
209 await makePostBodyRequest({
210 url: server.url,
211 path: path,
212 token: server.accessToken,
213 fields,
214 statusCodeExpected: HttpStatusCode.OK_200
215 })
216 })
217
218 it('Should fail with invalid admin flags', async function () {
219 const fields = { ...baseCorrectParams, adminFlags: 'toto' }
220
221 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
222 })
223
224 it('Should fail with an non authenticated user', async function () {
225 await makePostBodyRequest({
226 url: server.url,
227 path,
228 token: 'super token',
229 fields: baseCorrectParams,
230 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
231 })
232 })
233
234 it('Should fail if we add a user with the same username', async function () {
235 const fields = { ...baseCorrectParams, username: 'user1' }
236
237 await makePostBodyRequest({
238 url: server.url,
239 path,
240 token: server.accessToken,
241 fields,
242 statusCodeExpected: HttpStatusCode.CONFLICT_409
243 })
244 })
245
246 it('Should fail if we add a user with the same email', async function () {
247 const fields = { ...baseCorrectParams, email: 'user1@example.com' }
248
249 await makePostBodyRequest({
250 url: server.url,
251 path,
252 token: server.accessToken,
253 fields,
254 statusCodeExpected: HttpStatusCode.CONFLICT_409
255 })
256 })
257
258 it('Should fail without a videoQuota', async function () {
259 const fields = omit(baseCorrectParams, 'videoQuota')
260
261 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
262 })
263
264 it('Should fail without a videoQuotaDaily', async function () {
265 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
266
267 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
268 })
269
270 it('Should fail with an invalid videoQuota', async function () {
271 const fields = { ...baseCorrectParams, videoQuota: -5 }
272
273 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
274 })
275
276 it('Should fail with an invalid videoQuotaDaily', async function () {
277 const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
278
279 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
280 })
281
282 it('Should fail without a user role', async function () {
283 const fields = omit(baseCorrectParams, 'role')
284
285 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
286 })
287
288 it('Should fail with an invalid user role', async function () {
289 const fields = { ...baseCorrectParams, role: 88989 }
290
291 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
292 })
293
294 it('Should fail with a "peertube" username', async function () {
295 const fields = { ...baseCorrectParams, username: 'peertube' }
296
297 await makePostBodyRequest({
298 url: server.url,
299 path,
300 token: server.accessToken,
301 fields,
302 statusCodeExpected: HttpStatusCode.CONFLICT_409
303 })
304 })
305
306 it('Should fail to create a moderator or an admin with a moderator', async function () {
307 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
308 const fields = { ...baseCorrectParams, role }
309
310 await makePostBodyRequest({
311 url: server.url,
312 path,
313 token: moderatorToken,
314 fields,
315 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
316 })
317 }
318 })
319
320 it('Should succeed to create a user with a moderator', async function () {
321 const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
322
323 await makePostBodyRequest({
324 url: server.url,
325 path,
326 token: moderatorToken,
327 fields,
328 statusCodeExpected: HttpStatusCode.OK_200
329 })
330 })
331
332 it('Should succeed with the correct params', async function () {
333 await makePostBodyRequest({
334 url: server.url,
335 path,
336 token: server.accessToken,
337 fields: baseCorrectParams,
338 statusCodeExpected: HttpStatusCode.OK_200
339 })
340 })
341
342 it('Should fail with a non admin user', async function () {
343 const user = { username: 'user1' }
344 userToken = await server.login.getAccessToken(user)
345
346 const fields = {
347 username: 'user3',
348 email: 'test@example.com',
349 password: 'my super password',
350 videoQuota: 42000000
351 }
352 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
353 })
354 })
355
356 describe('When updating my account', function () {
357
358 it('Should fail with an invalid email attribute', async function () {
359 const fields = {
360 email: 'blabla'
361 }
362
363 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
364 })
365
366 it('Should fail with a too small password', async function () {
367 const fields = {
368 currentPassword: 'password',
369 password: 'bla'
370 }
371
372 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
373 })
374
375 it('Should fail with a too long password', async function () {
376 const fields = {
377 currentPassword: 'password',
378 password: 'super'.repeat(61)
379 }
380
381 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
382 })
383
384 it('Should fail without the current password', async function () {
385 const fields = {
386 currentPassword: 'password',
387 password: 'super'.repeat(61)
388 }
389
390 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
391 })
392
393 it('Should fail with an invalid current password', async function () {
394 const fields = {
395 currentPassword: 'my super password fail',
396 password: 'super'.repeat(61)
397 }
398
399 await makePutBodyRequest({
400 url: server.url,
401 path: path + 'me',
402 token: userToken,
403 fields,
404 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
405 })
406 })
407
408 it('Should fail with an invalid NSFW policy attribute', async function () {
409 const fields = {
410 nsfwPolicy: 'hello'
411 }
412
413 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
414 })
415
416 it('Should fail with an invalid autoPlayVideo attribute', async function () {
417 const fields = {
418 autoPlayVideo: -1
419 }
420
421 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
422 })
423
424 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
425 const fields = {
426 autoPlayNextVideo: -1
427 }
428
429 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
430 })
431
432 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
433 const fields = {
434 videosHistoryEnabled: -1
435 }
436
437 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
438 })
439
440 it('Should fail with an non authenticated user', async function () {
441 const fields = {
442 currentPassword: 'password',
443 password: 'my super password'
444 }
445
446 await makePutBodyRequest({
447 url: server.url,
448 path: path + 'me',
449 token: 'super token',
450 fields,
451 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
452 })
453 })
454
455 it('Should fail with a too long description', async function () {
456 const fields = {
457 description: 'super'.repeat(201)
458 }
459
460 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
461 })
462
463 it('Should fail with an invalid videoLanguages attribute', async function () {
464 {
465 const fields = {
466 videoLanguages: 'toto'
467 }
468
469 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
470 }
471
472 {
473 const languages = []
474 for (let i = 0; i < 1000; i++) {
475 languages.push('fr')
476 }
477
478 const fields = {
479 videoLanguages: languages
480 }
481
482 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
483 }
484 })
485
486 it('Should fail with an invalid theme', async function () {
487 const fields = { theme: 'invalid' }
488 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
489 })
490
491 it('Should fail with an unknown theme', async function () {
492 const fields = { theme: 'peertube-theme-unknown' }
493 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
494 })
495
496 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
497 const fields = {
498 noInstanceConfigWarningModal: -1
499 }
500
501 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
502 })
503
504 it('Should fail with an invalid noWelcomeModal attribute', async function () {
505 const fields = {
506 noWelcomeModal: -1
507 }
508
509 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
510 })
511
512 it('Should succeed to change password with the correct params', async function () {
513 const fields = {
514 currentPassword: 'password',
515 password: 'my super password',
516 nsfwPolicy: 'blur',
517 autoPlayVideo: false,
518 email: 'super_email@example.com',
519 theme: 'default',
520 noInstanceConfigWarningModal: true,
521 noWelcomeModal: true
522 }
523
524 await makePutBodyRequest({
525 url: server.url,
526 path: path + 'me',
527 token: userToken,
528 fields,
529 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
530 })
531 })
532
533 it('Should succeed without password change with the correct params', async function () {
534 const fields = {
535 nsfwPolicy: 'blur',
536 autoPlayVideo: false
537 }
538
539 await makePutBodyRequest({
540 url: server.url,
541 path: path + 'me',
542 token: userToken,
543 fields,
544 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
545 })
546 })
547 })
548
549 describe('When updating my avatar', function () {
550 it('Should fail without an incorrect input file', async function () {
551 const fields = {}
552 const attaches = {
553 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
554 }
555 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
556 })
557
558 it('Should fail with a big file', async function () {
559 const fields = {}
560 const attaches = {
561 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
562 }
563 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
564 })
565
566 it('Should fail with an unauthenticated user', async function () {
567 const fields = {}
568 const attaches = {
569 avatarfile: buildAbsoluteFixturePath('avatar.png')
570 }
571 await makeUploadRequest({
572 url: server.url,
573 path: path + '/me/avatar/pick',
574 fields,
575 attaches,
576 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
577 })
578 })
579
580 it('Should succeed with the correct params', async function () {
581 const fields = {}
582 const attaches = {
583 avatarfile: buildAbsoluteFixturePath('avatar.png')
584 }
585 await makeUploadRequest({
586 url: server.url,
587 path: path + '/me/avatar/pick',
588 token: server.accessToken,
589 fields,
590 attaches,
591 statusCodeExpected: HttpStatusCode.OK_200
592 })
593 })
594 })
595
596 describe('When managing my scoped tokens', function () {
597
598 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
599 await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
600 })
601
602 it('Should fail to get my scoped tokens with a bad token', async function () {
603 await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
604
605 })
606
607 it('Should succeed to get my scoped tokens', async function () {
608 await server.users.getMyScopedTokens()
609 })
610
611 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
612 await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
613 })
614
615 it('Should fail to renew my scoped tokens with a bad token', async function () {
616 await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
617 })
618
619 it('Should succeed to renew my scoped tokens', async function () {
620 await server.users.renewMyScopedTokens()
621 })
622 })
623
624 describe('When getting a user', function () {
625
626 it('Should fail with an non authenticated user', async function () {
627 await makeGetRequest({
628 url: server.url,
629 path: path + userId,
630 token: 'super token',
631 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
632 })
633 })
634
635 it('Should fail with a non admin user', async function () {
636 await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
637 })
638
639 it('Should succeed with the correct params', async function () {
640 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: HttpStatusCode.OK_200 })
641 })
642 })
643
644 describe('When updating a user', function () {
645
646 it('Should fail with an invalid email attribute', async function () {
647 const fields = {
648 email: 'blabla'
649 }
650
651 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
652 })
653
654 it('Should fail with an invalid emailVerified attribute', async function () {
655 const fields = {
656 emailVerified: 'yes'
657 }
658
659 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
660 })
661
662 it('Should fail with an invalid videoQuota attribute', async function () {
663 const fields = {
664 videoQuota: -90
665 }
666
667 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
668 })
669
670 it('Should fail with an invalid user role attribute', async function () {
671 const fields = {
672 role: 54878
673 }
674
675 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
676 })
677
678 it('Should fail with a too small password', async function () {
679 const fields = {
680 currentPassword: 'password',
681 password: 'bla'
682 }
683
684 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
685 })
686
687 it('Should fail with a too long password', async function () {
688 const fields = {
689 currentPassword: 'password',
690 password: 'super'.repeat(61)
691 }
692
693 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
694 })
695
696 it('Should fail with an non authenticated user', async function () {
697 const fields = {
698 videoQuota: 42
699 }
700
701 await makePutBodyRequest({
702 url: server.url,
703 path: path + userId,
704 token: 'super token',
705 fields,
706 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
707 })
708 })
709
710 it('Should fail when updating root role', async function () {
711 const fields = {
712 role: UserRole.MODERATOR
713 }
714
715 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
716 })
717
718 it('Should fail with invalid admin flags', async function () {
719 const fields = { adminFlags: 'toto' }
720
721 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
722 })
723
724 it('Should fail to update an admin with a moderator', async function () {
725 const fields = {
726 videoQuota: 42
727 }
728
729 await makePutBodyRequest({
730 url: server.url,
731 path: path + moderatorId,
732 token: moderatorToken,
733 fields,
734 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
735 })
736 })
737
738 it('Should succeed to update a user with a moderator', async function () {
739 const fields = {
740 videoQuota: 42
741 }
742
743 await makePutBodyRequest({
744 url: server.url,
745 path: path + userId,
746 token: moderatorToken,
747 fields,
748 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
749 })
750 })
751
752 it('Should succeed with the correct params', async function () {
753 const fields = {
754 email: 'email@example.com',
755 emailVerified: true,
756 videoQuota: 42,
757 role: UserRole.USER
758 }
759
760 await makePutBodyRequest({
761 url: server.url,
762 path: path + userId,
763 token: server.accessToken,
764 fields,
765 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
766 })
767 })
768 })
769
770 describe('When getting my information', function () {
771 it('Should fail with a non authenticated user', async function () {
772 await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
773 })
774
775 it('Should success with the correct parameters', async function () {
776 await server.users.getMyInfo({ token: userToken })
777 })
778 })
779
780 describe('When getting my video rating', function () {
781 let command: UsersCommand
782
783 before(function () {
784 command = server.users
785 })
786
787 it('Should fail with a non authenticated user', async function () {
788 await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
789 })
790
791 it('Should fail with an incorrect video uuid', async function () {
792 await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
793 })
794
795 it('Should fail with an unknown video', async function () {
796 await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 })
797 })
798
799 it('Should succeed with the correct parameters', async function () {
800 await command.getMyRating({ videoId: video.id })
801 await command.getMyRating({ videoId: video.uuid })
802 await command.getMyRating({ videoId: video.shortUUID })
803 })
804 })
805
806 describe('When retrieving my global ratings', function () {
807 const path = '/api/v1/accounts/user1/ratings'
808
809 it('Should fail with a bad start pagination', async function () {
810 await checkBadStartPagination(server.url, path, userToken)
811 })
812
813 it('Should fail with a bad count pagination', async function () {
814 await checkBadCountPagination(server.url, path, userToken)
815 })
816
817 it('Should fail with an incorrect sort', async function () {
818 await checkBadSortPagination(server.url, path, userToken)
819 })
820
821 it('Should fail with a unauthenticated user', async function () {
822 await makeGetRequest({ url: server.url, path, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
823 })
824
825 it('Should fail with a another user', async function () {
826 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
827 })
828
829 it('Should fail with a bad type', async function () {
830 await makeGetRequest({
831 url: server.url,
832 path,
833 token: userToken,
834 query: { rating: 'toto ' },
835 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
836 })
837 })
838
839 it('Should succeed with the correct params', async function () {
840 await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.OK_200 })
841 })
842 })
843
844 describe('When blocking/unblocking/removing user', function () {
845
846 it('Should fail with an incorrect id', async function () {
847 const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
848
849 await server.users.remove(options)
850 await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
851 await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
852 })
853
854 it('Should fail with the root user', async function () {
855 const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
856
857 await server.users.remove(options)
858 await server.users.banUser(options)
859 await server.users.unbanUser(options)
860 })
861
862 it('Should return 404 with a non existing id', async function () {
863 const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
864
865 await server.users.remove(options)
866 await server.users.banUser(options)
867 await server.users.unbanUser(options)
868 })
869
870 it('Should fail with a non admin user', async function () {
871 const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
872
873 await server.users.remove(options)
874 await server.users.banUser(options)
875 await server.users.unbanUser(options)
876 })
877
878 it('Should fail on a moderator with a moderator', async function () {
879 const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
880
881 await server.users.remove(options)
882 await server.users.banUser(options)
883 await server.users.unbanUser(options)
884 })
885
886 it('Should succeed on a user with a moderator', async function () {
887 const options = { userId, token: moderatorToken }
888
889 await server.users.banUser(options)
890 await server.users.unbanUser(options)
891 })
892 })
893
894 describe('When deleting our account', function () {
895 it('Should fail with with the root account', async function () {
896 await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
897 })
898 })
899
900 describe('When registering a new user', function () {
901 const registrationPath = path + '/register'
902 const baseCorrectParams = {
903 username: 'user3',
904 displayName: 'super user',
905 email: 'test3@example.com',
906 password: 'my super password'
907 }
908
909 it('Should fail with a too small username', async function () {
910 const fields = { ...baseCorrectParams, username: '' }
911
912 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
913 })
914
915 it('Should fail with a too long username', async function () {
916 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
917
918 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
919 })
920
921 it('Should fail with an incorrect username', async function () {
922 const fields = { ...baseCorrectParams, username: 'my username' }
923
924 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
925 })
926
927 it('Should fail with a missing email', async function () {
928 const fields = omit(baseCorrectParams, 'email')
929
930 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
931 })
932
933 it('Should fail with an invalid email', async function () {
934 const fields = { ...baseCorrectParams, email: 'test_example.com' }
935
936 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
937 })
938
939 it('Should fail with a too small password', async function () {
940 const fields = { ...baseCorrectParams, password: 'bla' }
941
942 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
943 })
944
945 it('Should fail with a too long password', async function () {
946 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
947
948 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
949 })
950
951 it('Should fail if we register a user with the same username', async function () {
952 const fields = { ...baseCorrectParams, username: 'root' }
953
954 await makePostBodyRequest({
955 url: server.url,
956 path: registrationPath,
957 token: server.accessToken,
958 fields,
959 statusCodeExpected: HttpStatusCode.CONFLICT_409
960 })
961 })
962
963 it('Should fail with a "peertube" username', async function () {
964 const fields = { ...baseCorrectParams, username: 'peertube' }
965
966 await makePostBodyRequest({
967 url: server.url,
968 path: registrationPath,
969 token: server.accessToken,
970 fields,
971 statusCodeExpected: HttpStatusCode.CONFLICT_409
972 })
973 })
974
975 it('Should fail if we register a user with the same email', async function () {
976 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
977
978 await makePostBodyRequest({
979 url: server.url,
980 path: registrationPath,
981 token: server.accessToken,
982 fields,
983 statusCodeExpected: HttpStatusCode.CONFLICT_409
984 })
985 })
986
987 it('Should fail with a bad display name', async function () {
988 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
989
990 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
991 })
992
993 it('Should fail with a bad channel name', async function () {
994 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
995
996 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
997 })
998
999 it('Should fail with a bad channel display name', async function () {
1000 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
1001
1002 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1003 })
1004
1005 it('Should fail with a channel name that is the same as username', async function () {
1006 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
1007 const fields = { ...baseCorrectParams, ...source }
1008
1009 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1010 })
1011
1012 it('Should fail with an existing channel', async function () {
1013 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
1014 await server.channels.create({ attributes })
1015
1016 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
1017
1018 await makePostBodyRequest({
1019 url: server.url,
1020 path: registrationPath,
1021 token: server.accessToken,
1022 fields,
1023 statusCodeExpected: HttpStatusCode.CONFLICT_409
1024 })
1025 })
1026
1027 it('Should succeed with the correct params', async function () {
1028 const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } }
1029
1030 await makePostBodyRequest({
1031 url: server.url,
1032 path: registrationPath,
1033 token: server.accessToken,
1034 fields: fields,
1035 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1036 })
1037 })
1038
1039 it('Should fail on a server with registration disabled', async function () {
1040 const fields = {
1041 username: 'user4',
1042 email: 'test4@example.com',
1043 password: 'my super password 4'
1044 }
1045
1046 await makePostBodyRequest({
1047 url: serverWithRegistrationDisabled.url,
1048 path: registrationPath,
1049 token: serverWithRegistrationDisabled.accessToken,
1050 fields,
1051 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
1052 })
1053 })
1054 })
1055
1056 describe('When registering multiple users on a server with users limit', function () {
1057 it('Should fail when after 3 registrations', async function () {
1058 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
1059 })
1060 })
1061
1062 describe('When asking a password reset', function () {
1063 const path = '/api/v1/users/ask-reset-password'
1064
1065 it('Should fail with a missing email', async function () {
1066 const fields = {}
1067
1068 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1069 })
1070
1071 it('Should fail with an invalid email', async function () {
1072 const fields = { email: 'hello' }
1073
1074 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1075 })
1076
1077 it('Should success with the correct params', async function () {
1078 const fields = { email: 'admin@example.com' }
1079
1080 await makePostBodyRequest({
1081 url: server.url,
1082 path,
1083 token: server.accessToken,
1084 fields,
1085 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1086 })
1087 })
1088 })
1089
1090 describe('When asking for an account verification email', function () {
1091 const path = '/api/v1/users/ask-send-verify-email'
1092
1093 it('Should fail with a missing email', async function () {
1094 const fields = {}
1095
1096 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1097 })
1098
1099 it('Should fail with an invalid email', async function () {
1100 const fields = { email: 'hello' }
1101
1102 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1103 })
1104
1105 it('Should succeed with the correct params', async function () {
1106 const fields = { email: 'admin@example.com' }
1107
1108 await makePostBodyRequest({
1109 url: server.url,
1110 path,
1111 token: server.accessToken,
1112 fields,
1113 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1114 })
1115 })
1116 })
1117
1118 after(async function () {
1119 MockSmtpServer.Instance.kill()
1120
1121 await cleanupTests([ server, serverWithRegistrationDisabled ])
1122 })
1123 })
ActivityPub-federated video streaming platform using P2P directly in your web browser