1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { omit } from 'lodash'
5 import { User, UserRole, VideoCreateResult } from '../../../../shared'
6 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
9 buildAbsoluteFixturePath,
26 renewUserScopedTokens,
29 setAccessTokensToServers,
33 } from '../../../../shared/extra-utils'
34 import { MockSmtpServer } from '../../../../shared/extra-utils/mock-servers/mock-email'
36 checkBadCountPagination,
37 checkBadSortPagination,
38 checkBadStartPagination
39 } from '../../../../shared/extra-utils/requests/check-api-params'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 describe('Test users API validators', function () {
43 const path = '/api/v1/users/'
46 let moderatorId: number
47 let video: VideoCreateResult
48 let server: ServerInfo
49 let serverWithRegistrationDisabled: ServerInfo
50 let userAccessToken = ''
51 let moderatorAccessToken = ''
53 let overrideConfig: Object
55 // ---------------------------------------------------------------
57 before(async function () {
60 const emails: object[] = []
61 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
63 overrideConfig = { signup: { limit: 8 } }
66 const res = await Promise.all([
67 flushAndRunServer(1, overrideConfig),
72 serverWithRegistrationDisabled = res[1]
74 await setAccessTokensToServers([ server ])
80 password: 'my super password'
83 const videoQuota = 42000000
86 accessToken: server.accessToken,
87 username: user.username,
88 password: user.password,
89 videoQuota: videoQuota
91 userAccessToken = await userLogin(server, user)
96 username: 'moderator1',
97 password: 'super password'
102 accessToken: server.accessToken,
103 username: moderator.username,
104 password: moderator.password,
105 role: UserRole.MODERATOR
108 moderatorAccessToken = await userLogin(server, moderator)
113 username: 'moderator2',
114 password: 'super password'
119 accessToken: server.accessToken,
120 username: moderator.username,
121 password: moderator.password,
122 role: UserRole.MODERATOR
127 const res = await uploadVideo(server.url, server.accessToken, {})
128 video = res.body.video
132 const res = await getUsersList(server.url, server.accessToken)
133 const users: User[] = res.body.data
135 userId = users.find(u => u.username === 'user1').id
136 rootId = users.find(u => u.username === 'root').id
137 moderatorId = users.find(u => u.username === 'moderator2').id
141 describe('When listing users', function () {
142 it('Should fail with a bad start pagination', async function () {
143 await checkBadStartPagination(server.url, path, server.accessToken)
146 it('Should fail with a bad count pagination', async function () {
147 await checkBadCountPagination(server.url, path, server.accessToken)
150 it('Should fail with an incorrect sort', async function () {
151 await checkBadSortPagination(server.url, path, server.accessToken)
154 it('Should fail with a non authenticated user', async function () {
155 await makeGetRequest({
158 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
162 it('Should fail with a non admin user', async function () {
163 await makeGetRequest({
166 token: userAccessToken,
167 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
172 describe('When adding a new user', function () {
173 const baseCorrectParams = {
175 email: 'test@example.com',
176 password: 'my super password',
180 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
183 it('Should fail with a too small username', async function () {
184 const fields = immutableAssign(baseCorrectParams, { username: '' })
186 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
189 it('Should fail with a too long username', async function () {
190 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
192 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
195 it('Should fail with a not lowercase username', async function () {
196 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
198 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
201 it('Should fail with an incorrect username', async function () {
202 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
204 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
207 it('Should fail with a missing email', async function () {
208 const fields = omit(baseCorrectParams, 'email')
210 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
213 it('Should fail with an invalid email', async function () {
214 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
216 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
219 it('Should fail with a too small password', async function () {
220 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
222 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
225 it('Should fail with a too long password', async function () {
226 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
228 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
231 it('Should fail with empty password and no smtp configured', async function () {
232 const fields = immutableAssign(baseCorrectParams, { password: '' })
234 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
237 it('Should succeed with no password on a server with smtp enabled', async function () {
240 killallServers([ server ])
242 const config = immutableAssign(overrideConfig, {
244 hostname: 'localhost',
248 await reRunServer(server, config)
250 const fields = immutableAssign(baseCorrectParams, {
252 username: 'create_password',
253 email: 'create_password@example.com'
256 await makePostBodyRequest({
259 token: server.accessToken,
261 statusCodeExpected: HttpStatusCode.OK_200
265 it('Should fail with invalid admin flags', async function () {
266 const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
268 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
271 it('Should fail with an non authenticated user', async function () {
272 await makePostBodyRequest({
275 token: 'super token',
276 fields: baseCorrectParams,
277 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
281 it('Should fail if we add a user with the same username', async function () {
282 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
284 await makePostBodyRequest({
287 token: server.accessToken,
289 statusCodeExpected: HttpStatusCode.CONFLICT_409
293 it('Should fail if we add a user with the same email', async function () {
294 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
296 await makePostBodyRequest({
299 token: server.accessToken,
301 statusCodeExpected: HttpStatusCode.CONFLICT_409
305 it('Should fail without a videoQuota', async function () {
306 const fields = omit(baseCorrectParams, 'videoQuota')
308 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
311 it('Should fail without a videoQuotaDaily', async function () {
312 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
314 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
317 it('Should fail with an invalid videoQuota', async function () {
318 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
320 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
323 it('Should fail with an invalid videoQuotaDaily', async function () {
324 const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
326 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
329 it('Should fail without a user role', async function () {
330 const fields = omit(baseCorrectParams, 'role')
332 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
335 it('Should fail with an invalid user role', async function () {
336 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
338 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
341 it('Should fail with a "peertube" username', async function () {
342 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
344 await makePostBodyRequest({
347 token: server.accessToken,
349 statusCodeExpected: HttpStatusCode.CONFLICT_409
353 it('Should fail to create a moderator or an admin with a moderator', async function () {
354 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
355 const fields = immutableAssign(baseCorrectParams, { role })
357 await makePostBodyRequest({
360 token: moderatorAccessToken,
362 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
367 it('Should succeed to create a user with a moderator', async function () {
368 const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER })
370 await makePostBodyRequest({
373 token: moderatorAccessToken,
375 statusCodeExpected: HttpStatusCode.OK_200
379 it('Should succeed with the correct params', async function () {
380 await makePostBodyRequest({
383 token: server.accessToken,
384 fields: baseCorrectParams,
385 statusCodeExpected: HttpStatusCode.OK_200
389 it('Should fail with a non admin user', async function () {
392 password: 'my super password'
394 userAccessToken = await userLogin(server, user)
398 email: 'test@example.com',
399 password: 'my super password',
402 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
406 describe('When updating my account', function () {
407 it('Should fail with an invalid email attribute', async function () {
412 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
415 it('Should fail with a too small password', async function () {
417 currentPassword: 'my super password',
421 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
424 it('Should fail with a too long password', async function () {
426 currentPassword: 'my super password',
427 password: 'super'.repeat(61)
430 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
433 it('Should fail without the current password', async function () {
435 currentPassword: 'my super password',
436 password: 'super'.repeat(61)
439 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
442 it('Should fail with an invalid current password', async function () {
444 currentPassword: 'my super password fail',
445 password: 'super'.repeat(61)
448 await makePutBodyRequest({
451 token: userAccessToken,
453 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
457 it('Should fail with an invalid NSFW policy attribute', async function () {
462 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
465 it('Should fail with an invalid autoPlayVideo attribute', async function () {
470 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
473 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
475 autoPlayNextVideo: -1
478 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
481 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
483 videosHistoryEnabled: -1
486 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
489 it('Should fail with an non authenticated user', async function () {
491 currentPassword: 'my super password',
492 password: 'my super password'
495 await makePutBodyRequest({
498 token: 'super token',
500 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
504 it('Should fail with a too long description', async function () {
506 description: 'super'.repeat(201)
509 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
512 it('Should fail with an invalid videoLanguages attribute', async function () {
515 videoLanguages: 'toto'
518 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
523 for (let i = 0; i < 1000; i++) {
528 videoLanguages: languages
531 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
535 it('Should fail with an invalid theme', async function () {
536 const fields = { theme: 'invalid' }
537 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
540 it('Should fail with an unknown theme', async function () {
541 const fields = { theme: 'peertube-theme-unknown' }
542 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
545 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
547 noInstanceConfigWarningModal: -1
550 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
553 it('Should fail with an invalid noWelcomeModal attribute', async function () {
558 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
561 it('Should succeed to change password with the correct params', async function () {
563 currentPassword: 'my super password',
564 password: 'my super password',
566 autoPlayVideo: false,
567 email: 'super_email@example.com',
569 noInstanceConfigWarningModal: true,
573 await makePutBodyRequest({
576 token: userAccessToken,
578 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
582 it('Should succeed without password change with the correct params', async function () {
588 await makePutBodyRequest({
591 token: userAccessToken,
593 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
598 describe('When updating my avatar', function () {
599 it('Should fail without an incorrect input file', async function () {
602 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
604 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
607 it('Should fail with a big file', async function () {
610 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
612 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
615 it('Should fail with an unauthenticated user', async function () {
618 avatarfile: buildAbsoluteFixturePath('avatar.png')
620 await makeUploadRequest({
622 path: path + '/me/avatar/pick',
625 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
629 it('Should succeed with the correct params', async function () {
632 avatarfile: buildAbsoluteFixturePath('avatar.png')
634 await makeUploadRequest({
636 path: path + '/me/avatar/pick',
637 token: server.accessToken,
640 statusCodeExpected: HttpStatusCode.OK_200
645 describe('When managing my scoped tokens', function () {
647 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
648 await getUserScopedTokens(server.url, null, HttpStatusCode.UNAUTHORIZED_401)
651 it('Should fail to get my scoped tokens with a bad token', async function () {
652 await getUserScopedTokens(server.url, 'bad', HttpStatusCode.UNAUTHORIZED_401)
656 it('Should succeed to get my scoped tokens', async function () {
657 await getUserScopedTokens(server.url, server.accessToken)
660 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
661 await renewUserScopedTokens(server.url, null, HttpStatusCode.UNAUTHORIZED_401)
664 it('Should fail to renew my scoped tokens with a bad token', async function () {
665 await renewUserScopedTokens(server.url, 'bad', HttpStatusCode.UNAUTHORIZED_401)
668 it('Should succeed to renew my scoped tokens', async function () {
669 await renewUserScopedTokens(server.url, server.accessToken)
673 describe('When getting a user', function () {
675 it('Should fail with an non authenticated user', async function () {
676 await makeGetRequest({
679 token: 'super token',
680 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
684 it('Should fail with a non admin user', async function () {
685 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
688 it('Should succeed with the correct params', async function () {
689 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: HttpStatusCode.OK_200 })
693 describe('When updating a user', function () {
695 it('Should fail with an invalid email attribute', async function () {
700 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
703 it('Should fail with an invalid emailVerified attribute', async function () {
708 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
711 it('Should fail with an invalid videoQuota attribute', async function () {
716 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
719 it('Should fail with an invalid user role attribute', async function () {
724 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
727 it('Should fail with a too small password', async function () {
729 currentPassword: 'my super password',
733 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
736 it('Should fail with a too long password', async function () {
738 currentPassword: 'my super password',
739 password: 'super'.repeat(61)
742 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
745 it('Should fail with an non authenticated user', async function () {
750 await makePutBodyRequest({
753 token: 'super token',
755 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
759 it('Should fail when updating root role', async function () {
761 role: UserRole.MODERATOR
764 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
767 it('Should fail with invalid admin flags', async function () {
768 const fields = { adminFlags: 'toto' }
770 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
773 it('Should fail to update an admin with a moderator', async function () {
778 await makePutBodyRequest({
780 path: path + moderatorId,
781 token: moderatorAccessToken,
783 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
787 it('Should succeed to update a user with a moderator', async function () {
792 await makePutBodyRequest({
795 token: moderatorAccessToken,
797 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
801 it('Should succeed with the correct params', async function () {
803 email: 'email@example.com',
809 await makePutBodyRequest({
812 token: server.accessToken,
814 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
819 describe('When getting my information', function () {
820 it('Should fail with a non authenticated user', async function () {
821 await getMyUserInformation(server.url, 'fake_token', HttpStatusCode.UNAUTHORIZED_401)
824 it('Should success with the correct parameters', async function () {
825 await getMyUserInformation(server.url, userAccessToken)
829 describe('When getting my video rating', function () {
830 it('Should fail with a non authenticated user', async function () {
831 await getMyUserVideoRating(server.url, 'fake_token', video.id, HttpStatusCode.UNAUTHORIZED_401)
834 it('Should fail with an incorrect video uuid', async function () {
835 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', HttpStatusCode.BAD_REQUEST_400)
838 it('Should fail with an unknown video', async function () {
839 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', HttpStatusCode.NOT_FOUND_404)
842 it('Should succeed with the correct parameters', async function () {
843 await getMyUserVideoRating(server.url, server.accessToken, video.id)
844 await getMyUserVideoRating(server.url, server.accessToken, video.uuid)
845 await getMyUserVideoRating(server.url, server.accessToken, video.shortUUID)
849 describe('When retrieving my global ratings', function () {
850 const path = '/api/v1/accounts/user1/ratings'
852 it('Should fail with a bad start pagination', async function () {
853 await checkBadStartPagination(server.url, path, userAccessToken)
856 it('Should fail with a bad count pagination', async function () {
857 await checkBadCountPagination(server.url, path, userAccessToken)
860 it('Should fail with an incorrect sort', async function () {
861 await checkBadSortPagination(server.url, path, userAccessToken)
864 it('Should fail with a unauthenticated user', async function () {
865 await makeGetRequest({ url: server.url, path, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
868 it('Should fail with a another user', async function () {
869 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
872 it('Should fail with a bad type', async function () {
873 await makeGetRequest({
876 token: userAccessToken,
877 query: { rating: 'toto ' },
878 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
882 it('Should succeed with the correct params', async function () {
883 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.OK_200 })
887 describe('When blocking/unblocking/removing user', function () {
888 it('Should fail with an incorrect id', async function () {
889 await removeUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
890 await blockUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
891 await unblockUser(server.url, 'blabla', server.accessToken, HttpStatusCode.BAD_REQUEST_400)
894 it('Should fail with the root user', async function () {
895 await removeUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
896 await blockUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
897 await unblockUser(server.url, rootId, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
900 it('Should return 404 with a non existing id', async function () {
901 await removeUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
902 await blockUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
903 await unblockUser(server.url, 4545454, server.accessToken, HttpStatusCode.NOT_FOUND_404)
906 it('Should fail with a non admin user', async function () {
907 await removeUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
908 await blockUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
909 await unblockUser(server.url, userId, userAccessToken, HttpStatusCode.FORBIDDEN_403)
912 it('Should fail on a moderator with a moderator', async function () {
913 await removeUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
914 await blockUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
915 await unblockUser(server.url, moderatorId, moderatorAccessToken, HttpStatusCode.FORBIDDEN_403)
918 it('Should succeed on a user with a moderator', async function () {
919 await blockUser(server.url, userId, moderatorAccessToken)
920 await unblockUser(server.url, userId, moderatorAccessToken)
924 describe('When deleting our account', function () {
925 it('Should fail with with the root account', async function () {
926 await deleteMe(server.url, server.accessToken, HttpStatusCode.BAD_REQUEST_400)
930 describe('When registering a new user', function () {
931 const registrationPath = path + '/register'
932 const baseCorrectParams = {
934 displayName: 'super user',
935 email: 'test3@example.com',
936 password: 'my super password'
939 it('Should fail with a too small username', async function () {
940 const fields = immutableAssign(baseCorrectParams, { username: '' })
942 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
945 it('Should fail with a too long username', async function () {
946 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
948 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
951 it('Should fail with an incorrect username', async function () {
952 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
954 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
957 it('Should fail with a missing email', async function () {
958 const fields = omit(baseCorrectParams, 'email')
960 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
963 it('Should fail with an invalid email', async function () {
964 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
966 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
969 it('Should fail with a too small password', async function () {
970 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
972 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
975 it('Should fail with a too long password', async function () {
976 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
978 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
981 it('Should fail if we register a user with the same username', async function () {
982 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
984 await makePostBodyRequest({
986 path: registrationPath,
987 token: server.accessToken,
989 statusCodeExpected: HttpStatusCode.CONFLICT_409
993 it('Should fail with a "peertube" username', async function () {
994 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
996 await makePostBodyRequest({
998 path: registrationPath,
999 token: server.accessToken,
1001 statusCodeExpected: HttpStatusCode.CONFLICT_409
1005 it('Should fail if we register a user with the same email', async function () {
1006 const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
1008 await makePostBodyRequest({
1010 path: registrationPath,
1011 token: server.accessToken,
1013 statusCodeExpected: HttpStatusCode.CONFLICT_409
1017 it('Should fail with a bad display name', async function () {
1018 const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
1020 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1023 it('Should fail with a bad channel name', async function () {
1024 const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
1026 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1029 it('Should fail with a bad channel display name', async function () {
1030 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
1032 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1035 it('Should fail with a channel name that is the same as username', async function () {
1036 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
1037 const fields = immutableAssign(baseCorrectParams, source)
1039 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1042 it('Should fail with an existing channel', async function () {
1043 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
1044 await server.channelsCommand.create({ attributes })
1046 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
1048 await makePostBodyRequest({
1050 path: registrationPath,
1051 token: server.accessToken,
1053 statusCodeExpected: HttpStatusCode.CONFLICT_409
1057 it('Should succeed with the correct params', async function () {
1058 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
1060 await makePostBodyRequest({
1062 path: registrationPath,
1063 token: server.accessToken,
1065 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1069 it('Should fail on a server with registration disabled', async function () {
1072 email: 'test4@example.com',
1073 password: 'my super password 4'
1076 await makePostBodyRequest({
1077 url: serverWithRegistrationDisabled.url,
1078 path: registrationPath,
1079 token: serverWithRegistrationDisabled.accessToken,
1081 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
1086 describe('When registering multiple users on a server with users limit', function () {
1087 it('Should fail when after 3 registrations', async function () {
1088 await registerUser(server.url, 'user42', 'super password', HttpStatusCode.FORBIDDEN_403)
1092 describe('When asking a password reset', function () {
1093 const path = '/api/v1/users/ask-reset-password'
1095 it('Should fail with a missing email', async function () {
1098 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1101 it('Should fail with an invalid email', async function () {
1102 const fields = { email: 'hello' }
1104 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1107 it('Should success with the correct params', async function () {
1108 const fields = { email: 'admin@example.com' }
1110 await makePostBodyRequest({
1113 token: server.accessToken,
1115 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1120 describe('When asking for an account verification email', function () {
1121 const path = '/api/v1/users/ask-send-verify-email'
1123 it('Should fail with a missing email', async function () {
1126 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1129 it('Should fail with an invalid email', async function () {
1130 const fields = { email: 'hello' }
1132 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1135 it('Should succeed with the correct params', async function () {
1136 const fields = { email: 'admin@example.com' }
1138 await makePostBodyRequest({
1141 token: server.accessToken,
1143 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1148 after(async function () {
1149 MockSmtpServer.Instance.kill()
1151 await cleanupTests([ server, serverWithRegistrationDisabled ])