]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add ability to set video thumbnail/preview
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* tslint:disable:no-unused-expression */
2
3 import { omit } from 'lodash'
4 import 'mocha'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
7
8 import {
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
12 } from '../../utils'
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
14
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
17 let userId: number
18 let rootId: number
19 let videoId: number
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
23 const user = {
24 username: 'user1',
25 password: 'my super password'
26 }
27
28 // ---------------------------------------------------------------
29
30 before(async function () {
31 this.timeout(30000)
32
33 await flushTests()
34
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
37
38 await setAccessTokensToServers([ server ])
39
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
43
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
46 })
47
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
51 })
52
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
55 })
56
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
59 })
60
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
63 url: server.url,
64 path,
65 statusCodeExpected: 401
66 })
67 })
68
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
71 url: server.url,
72 path,
73 token: userAccessToken,
74 statusCodeExpected: 403
75 })
76 })
77 })
78
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
81 username: 'user2',
82 email: 'test@example.com',
83 password: 'my super password',
84 videoQuota: -1,
85 role: UserRole.USER
86 }
87
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
90
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
92 })
93
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
96
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
98 })
99
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
102
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
104 })
105
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
108
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
110 })
111
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
114
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
116 })
117
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
120
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
122 })
123
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
126
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
128 })
129
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
132
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
134 })
135
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
138 url: server.url,
139 path,
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
143 })
144 })
145
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
148
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
150 })
151
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
154
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
156 })
157
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
160
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
162 })
163
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
166
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
168 })
169
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
172
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
174 })
175
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
178
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 })
181
182 it('Should succeed with the correct params', async function () {
183 await makePostBodyRequest({
184 url: server.url,
185 path,
186 token: server.accessToken,
187 fields: baseCorrectParams,
188 statusCodeExpected: 200
189 })
190 })
191
192 it('Should fail with a non admin user', async function () {
193 const user = {
194 username: 'user1',
195 password: 'my super password'
196 }
197 userAccessToken = await userLogin(server, user)
198
199 const fields = {
200 username: 'user3',
201 email: 'test@example.com',
202 password: 'my super password',
203 videoQuota: 42000000
204 }
205 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
206 })
207 })
208
209 describe('When updating my account', function () {
210 it('Should fail with an invalid email attribute', async function () {
211 const fields = {
212 email: 'blabla'
213 }
214
215 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
216 })
217
218 it('Should fail with a too small password', async function () {
219 const fields = {
220 password: 'bla'
221 }
222
223 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
224 })
225
226 it('Should fail with a too long password', async function () {
227 const fields = {
228 password: 'super'.repeat(61)
229 }
230
231 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
232 })
233
234 it('Should fail with an invalid display NSFW attribute', async function () {
235 const fields = {
236 displayNSFW: -1
237 }
238
239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
240 })
241
242 it('Should fail with an invalid autoPlayVideo attribute', async function () {
243 const fields = {
244 autoPlayVideo: -1
245 }
246
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
248 })
249
250 it('Should fail with an non authenticated user', async function () {
251 const fields = {
252 password: 'my super password'
253 }
254
255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
256 })
257
258 it('Should succeed with the correct params', async function () {
259 const fields = {
260 password: 'my super password',
261 displayNSFW: true,
262 autoPlayVideo: false,
263 email: 'super_email@example.com'
264 }
265
266 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
267 })
268 })
269
270 describe('When updating my avatar', function () {
271 it('Should fail without an incorrect input file', async function () {
272 const fields = {}
273 const attaches = {
274 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
275 }
276 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
277 })
278
279 it('Should fail with a big file', async function () {
280 const fields = {}
281 const attaches = {
282 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
283 }
284 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
285 })
286
287 it('Should succeed with the correct params', async function () {
288 const fields = {}
289 const attaches = {
290 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
291 }
292 await makeUploadRequest({
293 url: server.url,
294 path: path + '/me/avatar/pick',
295 token: server.accessToken,
296 fields,
297 attaches,
298 statusCodeExpected: 200
299 })
300 })
301 })
302
303 describe('When updating a user', function () {
304
305 before(async function () {
306 const res = await getUsersList(server.url, server.accessToken)
307
308 userId = res.body.data[1].id
309 rootId = res.body.data[2].id
310 })
311
312 it('Should fail with an invalid email attribute', async function () {
313 const fields = {
314 email: 'blabla'
315 }
316
317 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
318 })
319
320 it('Should fail with an invalid videoQuota attribute', async function () {
321 const fields = {
322 videoQuota: -90
323 }
324
325 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
326 })
327
328 it('Should fail with an invalid user role attribute', async function () {
329 const fields = {
330 role: 54878
331 }
332
333 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
334 })
335
336 it('Should fail with an non authenticated user', async function () {
337 const fields = {
338 videoQuota: 42
339 }
340
341 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
342 })
343
344 it('Should fail when updating root role', async function () {
345 const fields = {
346 role: UserRole.MODERATOR
347 }
348
349 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
350 })
351
352 it('Should succeed with the correct params', async function () {
353 const fields = {
354 email: 'email@example.com',
355 videoQuota: 42,
356 role: UserRole.MODERATOR
357 }
358
359 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
360 userAccessToken = await userLogin(server, user)
361 })
362 })
363
364 describe('When getting my information', function () {
365 it('Should fail with a non authenticated user', async function () {
366 await getMyUserInformation(server.url, 'fake_token', 401)
367 })
368
369 it('Should success with the correct parameters', async function () {
370 await getMyUserInformation(server.url, userAccessToken)
371 })
372 })
373
374 describe('When getting my video rating', function () {
375 it('Should fail with a non authenticated user', async function () {
376 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
377 })
378
379 it('Should fail with an incorrect video uuid', async function () {
380 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
381 })
382
383 it('Should fail with an unknown video', async function () {
384 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
385 })
386
387 it('Should succeed with the correct parameters', async function () {
388 await getMyUserVideoRating(server.url, server.accessToken, videoId)
389 })
390 })
391
392 describe('When removing an user', function () {
393 it('Should fail with an incorrect id', async function () {
394 await removeUser(server.url, 'blabla', server.accessToken, 400)
395 })
396
397 it('Should fail with the root user', async function () {
398 await removeUser(server.url, rootId, server.accessToken, 400)
399 })
400
401 it('Should return 404 with a non existing id', async function () {
402 await removeUser(server.url, 4545454, server.accessToken, 404)
403 })
404 })
405
406 describe('When register a new user', function () {
407 const registrationPath = path + '/register'
408 const baseCorrectParams = {
409 username: 'user3',
410 email: 'test3@example.com',
411 password: 'my super password'
412 }
413
414 it('Should fail with a too small username', async function () {
415 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
416
417 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
418 })
419
420 it('Should fail with a too long username', async function () {
421 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
422
423 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
424 })
425
426 it('Should fail with an incorrect username', async function () {
427 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
428
429 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
430 })
431
432 it('Should fail with a missing email', async function () {
433 const fields = omit(baseCorrectParams, 'email')
434
435 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
436 })
437
438 it('Should fail with an invalid email', async function () {
439 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
440
441 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
442 })
443
444 it('Should fail with a too small password', async function () {
445 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
446
447 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
448 })
449
450 it('Should fail with a too long password', async function () {
451 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
452
453 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
454 })
455
456 it('Should fail if we register a user with the same username', async function () {
457 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
458
459 await makePostBodyRequest({
460 url: server.url,
461 path: registrationPath,
462 token: server.accessToken,
463 fields,
464 statusCodeExpected: 409
465 })
466 })
467
468 it('Should fail if we register a user with the same email', async function () {
469 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
470
471 await makePostBodyRequest({
472 url: server.url,
473 path: registrationPath,
474 token: server.accessToken,
475 fields,
476 statusCodeExpected: 409
477 })
478 })
479
480 it('Should succeed with the correct params', async function () {
481 await makePostBodyRequest({
482 url: server.url,
483 path: registrationPath,
484 token: server.accessToken,
485 fields: baseCorrectParams,
486 statusCodeExpected: 204
487 })
488 })
489
490 it('Should fail on a server with registration disabled', async function () {
491 const fields = {
492 username: 'user4',
493 email: 'test4@example.com',
494 password: 'my super password 4'
495 }
496
497 await makePostBodyRequest({
498 url: serverWithRegistrationDisabled.url,
499 path: registrationPath,
500 token: serverWithRegistrationDisabled.accessToken,
501 fields,
502 statusCodeExpected: 403
503 })
504 })
505 })
506
507 describe('When registering multiple users on a server with users limit', function () {
508 it('Should fail when after 3 registrations', async function () {
509 await registerUser(server.url, 'user42', 'super password', 403)
510 })
511 })
512
513 describe('When having a video quota', function () {
514 it('Should fail with a user having too many video', async function () {
515 await updateUser({
516 url: server.url,
517 userId: rootId,
518 accessToken: server.accessToken,
519 videoQuota: 42
520 })
521
522 await uploadVideo(server.url, server.accessToken, {}, 403)
523 })
524
525 it('Should fail with a registered user having too many video', async function () {
526 this.timeout(15000)
527
528 const user = {
529 username: 'user3',
530 password: 'my super password'
531 }
532 userAccessToken = await userLogin(server, user)
533
534 const videoAttributes = { fixture: 'video_short2.webm' }
535 await uploadVideo(server.url, userAccessToken, videoAttributes)
536 await uploadVideo(server.url, userAccessToken, videoAttributes)
537 await uploadVideo(server.url, userAccessToken, videoAttributes)
538 await uploadVideo(server.url, userAccessToken, videoAttributes)
539 await uploadVideo(server.url, userAccessToken, videoAttributes)
540 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
541 })
542 })
543
544 describe('When asking a password reset', function () {
545 const path = '/api/v1/users/ask-reset-password'
546
547 it('Should fail with a missing email', async function () {
548 const fields = {}
549
550 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
551 })
552
553 it('Should fail with an invalid email', async function () {
554 const fields = { email: 'hello' }
555
556 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
557 })
558
559 it('Should success with the correct params', async function () {
560 const fields = { email: 'admin@example.com' }
561
562 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
563 })
564 })
565
566 after(async function () {
567 killallServers([ server, serverWithRegistrationDisabled ])
568
569 // Keep the logs if the test failed
570 if (this['ok']) {
571 await flushTests()
572 }
573 })
574 })
ActivityPub-federated video streaming platform using P2P directly in your web browser