]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
add check-params test for user list
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import { omit } from 'lodash'
4 import 'mocha'
5 import { join } from 'path'
6 import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared'
7
8 import {
9 addVideoChannel,
10 blockUser,
11 cleanupTests,
12 createUser,
13 deleteMe,
14 flushAndRunServer,
15 getMyUserInformation,
16 getMyUserVideoRating,
17 getUsersList,
18 immutableAssign,
19 killallServers,
20 makeGetRequest,
21 makePostBodyRequest,
22 makePutBodyRequest,
23 makeUploadRequest,
24 registerUser,
25 removeUser,
26 reRunServer,
27 ServerInfo,
28 setAccessTokensToServers,
29 unblockUser,
30 updateUser,
31 uploadVideo,
32 userLogin
33 } from '../../../../shared/extra-utils'
34 import {
35 checkBadCountPagination,
36 checkBadSortPagination,
37 checkBadStartPagination
38 } from '../../../../shared/extra-utils/requests/check-api-params'
39 import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports'
40 import { VideoPrivacy } from '../../../../shared/models/videos'
41 import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
42 import { expect } from 'chai'
43 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
44 import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
45
46 describe('Test users API validators', function () {
47 const path = '/api/v1/users/'
48 let userId: number
49 let rootId: number
50 let moderatorId: number
51 let videoId: number
52 let server: ServerInfo
53 let serverWithRegistrationDisabled: ServerInfo
54 let userAccessToken = ''
55 let moderatorAccessToken = ''
56 let emailPort: number
57 let overrideConfig: Object
58
59 // ---------------------------------------------------------------
60
61 before(async function () {
62 this.timeout(30000)
63
64 const emails: object[] = []
65 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
66
67 overrideConfig = { signup: { limit: 8 } }
68
69 {
70 const res = await Promise.all([
71 flushAndRunServer(1, overrideConfig),
72 flushAndRunServer(2)
73 ])
74
75 server = res[0]
76 serverWithRegistrationDisabled = res[1]
77
78 await setAccessTokensToServers([ server ])
79 }
80
81 {
82 const user = {
83 username: 'user1',
84 password: 'my super password'
85 }
86
87 const videoQuota = 42000000
88 await createUser({
89 url: server.url,
90 accessToken: server.accessToken,
91 username: user.username,
92 password: user.password,
93 videoQuota: videoQuota
94 })
95 userAccessToken = await userLogin(server, user)
96 }
97
98 {
99 const moderator = {
100 username: 'moderator1',
101 password: 'super password'
102 }
103
104 await createUser({
105 url: server.url,
106 accessToken: server.accessToken,
107 username: moderator.username,
108 password: moderator.password,
109 role: UserRole.MODERATOR
110 })
111
112 moderatorAccessToken = await userLogin(server, moderator)
113 }
114
115 {
116 const moderator = {
117 username: 'moderator2',
118 password: 'super password'
119 }
120
121 await createUser({
122 url: server.url,
123 accessToken: server.accessToken,
124 username: moderator.username,
125 password: moderator.password,
126 role: UserRole.MODERATOR
127 })
128 }
129
130 {
131 const res = await uploadVideo(server.url, server.accessToken, {})
132 videoId = res.body.video.id
133 }
134
135 {
136 const res = await getUsersList(server.url, server.accessToken)
137 const users: User[] = res.body.data
138
139 userId = users.find(u => u.username === 'user1').id
140 rootId = users.find(u => u.username === 'root').id
141 moderatorId = users.find(u => u.username === 'moderator2').id
142 }
143 })
144
145 describe('When listing users', function () {
146 it('Should fail with a bad start pagination', async function () {
147 await checkBadStartPagination(server.url, path, server.accessToken)
148 })
149
150 it('Should fail with a bad count pagination', async function () {
151 await checkBadCountPagination(server.url, path, server.accessToken)
152 })
153
154 it('Should fail with an incorrect sort', async function () {
155 await checkBadSortPagination(server.url, path, server.accessToken)
156 })
157
158 it('Should fail with a bad blocked/banned user filter', async function () {
159 await makeGetRequest({
160 url: server.url,
161 path,
162 query: {
163 blocked: 42
164 },
165 token: server.accessToken,
166 statusCodeExpected: 400
167 })
168 })
169
170 it('Should fail with a non authenticated user', async function () {
171 await makeGetRequest({
172 url: server.url,
173 path,
174 statusCodeExpected: 401
175 })
176 })
177
178 it('Should fail with a non admin user', async function () {
179 await makeGetRequest({
180 url: server.url,
181 path,
182 token: userAccessToken,
183 statusCodeExpected: 403
184 })
185 })
186 })
187
188 describe('When adding a new user', function () {
189 const baseCorrectParams = {
190 username: 'user2',
191 email: 'test@example.com',
192 password: 'my super password',
193 videoQuota: -1,
194 videoQuotaDaily: -1,
195 role: UserRole.USER,
196 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
197 }
198
199 it('Should fail with a too small username', async function () {
200 const fields = immutableAssign(baseCorrectParams, { username: '' })
201
202 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
203 })
204
205 it('Should fail with a too long username', async function () {
206 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
207
208 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
209 })
210
211 it('Should fail with a not lowercase username', async function () {
212 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
213
214 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
215 })
216
217 it('Should fail with an incorrect username', async function () {
218 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
219
220 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
221 })
222
223 it('Should fail with a missing email', async function () {
224 const fields = omit(baseCorrectParams, 'email')
225
226 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
227 })
228
229 it('Should fail with an invalid email', async function () {
230 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
231
232 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
233 })
234
235 it('Should fail with a too small password', async function () {
236 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
237
238 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
239 })
240
241 it('Should fail with a too long password', async function () {
242 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
243
244 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
245 })
246
247 it('Should fail with empty password and no smtp configured', async function () {
248 const fields = immutableAssign(baseCorrectParams, { password: '' })
249
250 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
251 })
252
253 it('Should succeed with no password on a server with smtp enabled', async function () {
254 this.timeout(10000)
255
256 killallServers([ server ])
257
258 const config = immutableAssign(overrideConfig, {
259 smtp: {
260 hostname: 'localhost',
261 port: emailPort
262 }
263 })
264 await reRunServer(server, config)
265
266 const fields = immutableAssign(baseCorrectParams, {
267 password: '',
268 username: 'create_password',
269 email: 'create_password@example.com'
270 })
271
272 await makePostBodyRequest({
273 url: server.url,
274 path: path,
275 token: server.accessToken,
276 fields,
277 statusCodeExpected: 200
278 })
279 })
280
281 it('Should fail with invalid admin flags', async function () {
282 const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
283
284 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
285 })
286
287 it('Should fail with an non authenticated user', async function () {
288 await makePostBodyRequest({
289 url: server.url,
290 path,
291 token: 'super token',
292 fields: baseCorrectParams,
293 statusCodeExpected: 401
294 })
295 })
296
297 it('Should fail if we add a user with the same username', async function () {
298 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
299
300 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
301 })
302
303 it('Should fail if we add a user with the same email', async function () {
304 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
305
306 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
307 })
308
309 it('Should fail without a videoQuota', async function () {
310 const fields = omit(baseCorrectParams, 'videoQuota')
311
312 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
313 })
314
315 it('Should fail without a videoQuotaDaily', async function () {
316 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
317
318 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
319 })
320
321 it('Should fail with an invalid videoQuota', async function () {
322 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
323
324 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
325 })
326
327 it('Should fail with an invalid videoQuotaDaily', async function () {
328 const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
329
330 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
331 })
332
333 it('Should fail without a user role', async function () {
334 const fields = omit(baseCorrectParams, 'role')
335
336 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
337 })
338
339 it('Should fail with an invalid user role', async function () {
340 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
341
342 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
343 })
344
345 it('Should fail with a "peertube" username', async function () {
346 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
347
348 await makePostBodyRequest({
349 url: server.url,
350 path,
351 token: server.accessToken,
352 fields,
353 statusCodeExpected: 409
354 })
355 })
356
357 it('Should fail to create a moderator or an admin with a moderator', async function () {
358 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
359 const fields = immutableAssign(baseCorrectParams, { role })
360
361 await makePostBodyRequest({
362 url: server.url,
363 path,
364 token: moderatorAccessToken,
365 fields,
366 statusCodeExpected: 403
367 })
368 }
369 })
370
371 it('Should succeed to create a user with a moderator', async function () {
372 const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER })
373
374 await makePostBodyRequest({
375 url: server.url,
376 path,
377 token: moderatorAccessToken,
378 fields,
379 statusCodeExpected: 200
380 })
381 })
382
383 it('Should succeed with the correct params', async function () {
384 await makePostBodyRequest({
385 url: server.url,
386 path,
387 token: server.accessToken,
388 fields: baseCorrectParams,
389 statusCodeExpected: 200
390 })
391 })
392
393 it('Should fail with a non admin user', async function () {
394 const user = {
395 username: 'user1',
396 password: 'my super password'
397 }
398 userAccessToken = await userLogin(server, user)
399
400 const fields = {
401 username: 'user3',
402 email: 'test@example.com',
403 password: 'my super password',
404 videoQuota: 42000000
405 }
406 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
407 })
408 })
409
410 describe('When updating my account', function () {
411 it('Should fail with an invalid email attribute', async function () {
412 const fields = {
413 email: 'blabla'
414 }
415
416 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
417 })
418
419 it('Should fail with a too small password', async function () {
420 const fields = {
421 currentPassword: 'my super password',
422 password: 'bla'
423 }
424
425 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
426 })
427
428 it('Should fail with a too long password', async function () {
429 const fields = {
430 currentPassword: 'my super password',
431 password: 'super'.repeat(61)
432 }
433
434 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
435 })
436
437 it('Should fail without the current password', async function () {
438 const fields = {
439 currentPassword: 'my super password',
440 password: 'super'.repeat(61)
441 }
442
443 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
444 })
445
446 it('Should fail with an invalid current password', async function () {
447 const fields = {
448 currentPassword: 'my super password fail',
449 password: 'super'.repeat(61)
450 }
451
452 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
453 })
454
455 it('Should fail with an invalid NSFW policy attribute', async function () {
456 const fields = {
457 nsfwPolicy: 'hello'
458 }
459
460 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
461 })
462
463 it('Should fail with an invalid autoPlayVideo attribute', async function () {
464 const fields = {
465 autoPlayVideo: -1
466 }
467
468 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
469 })
470
471 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
472 const fields = {
473 autoPlayNextVideo: -1
474 }
475
476 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
477 })
478
479 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
480 const fields = {
481 videosHistoryEnabled: -1
482 }
483
484 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
485 })
486
487 it('Should fail with an non authenticated user', async function () {
488 const fields = {
489 currentPassword: 'my super password',
490 password: 'my super password'
491 }
492
493 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
494 })
495
496 it('Should fail with a too long description', async function () {
497 const fields = {
498 description: 'super'.repeat(201)
499 }
500
501 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
502 })
503
504 it('Should fail with an invalid videoLanguages attribute', async function () {
505 {
506 const fields = {
507 videoLanguages: 'toto'
508 }
509
510 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
511 }
512
513 {
514 const languages = []
515 for (let i = 0; i < 1000; i++) {
516 languages.push('fr')
517 }
518
519 const fields = {
520 videoLanguages: languages
521 }
522
523 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
524 }
525 })
526
527 it('Should fail with an invalid theme', async function () {
528 const fields = { theme: 'invalid' }
529 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
530 })
531
532 it('Should fail with an unknown theme', async function () {
533 const fields = { theme: 'peertube-theme-unknown' }
534 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
535 })
536
537 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
538 const fields = {
539 noInstanceConfigWarningModal: -1
540 }
541
542 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
543 })
544
545 it('Should fail with an invalid noWelcomeModal attribute', async function () {
546 const fields = {
547 noWelcomeModal: -1
548 }
549
550 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
551 })
552
553 it('Should succeed to change password with the correct params', async function () {
554 const fields = {
555 currentPassword: 'my super password',
556 password: 'my super password',
557 nsfwPolicy: 'blur',
558 autoPlayVideo: false,
559 email: 'super_email@example.com',
560 theme: 'default',
561 noInstanceConfigWarningModal: true,
562 noWelcomeModal: true
563 }
564
565 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
566 })
567
568 it('Should succeed without password change with the correct params', async function () {
569 const fields = {
570 nsfwPolicy: 'blur',
571 autoPlayVideo: false
572 }
573
574 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
575 })
576 })
577
578 describe('When updating my avatar', function () {
579 it('Should fail without an incorrect input file', async function () {
580 const fields = {}
581 const attaches = {
582 avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
583 }
584 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
585 })
586
587 it('Should fail with a big file', async function () {
588 const fields = {}
589 const attaches = {
590 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
591 }
592 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
593 })
594
595 it('Should fail with an unauthenticated user', async function () {
596 const fields = {}
597 const attaches = {
598 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
599 }
600 await makeUploadRequest({
601 url: server.url,
602 path: path + '/me/avatar/pick',
603 fields,
604 attaches,
605 statusCodeExpected: 401
606 })
607 })
608
609 it('Should succeed with the correct params', async function () {
610 const fields = {}
611 const attaches = {
612 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
613 }
614 await makeUploadRequest({
615 url: server.url,
616 path: path + '/me/avatar/pick',
617 token: server.accessToken,
618 fields,
619 attaches,
620 statusCodeExpected: 200
621 })
622 })
623 })
624
625 describe('When getting a user', function () {
626
627 it('Should fail with an non authenticated user', async function () {
628 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
629 })
630
631 it('Should fail with a non admin user', async function () {
632 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
633 })
634
635 it('Should succeed with the correct params', async function () {
636 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
637 })
638 })
639
640 describe('When updating a user', function () {
641
642 it('Should fail with an invalid email attribute', async function () {
643 const fields = {
644 email: 'blabla'
645 }
646
647 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
648 })
649
650 it('Should fail with an invalid emailVerified attribute', async function () {
651 const fields = {
652 emailVerified: 'yes'
653 }
654
655 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
656 })
657
658 it('Should fail with an invalid videoQuota attribute', async function () {
659 const fields = {
660 videoQuota: -90
661 }
662
663 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
664 })
665
666 it('Should fail with an invalid user role attribute', async function () {
667 const fields = {
668 role: 54878
669 }
670
671 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
672 })
673
674 it('Should fail with a too small password', async function () {
675 const fields = {
676 currentPassword: 'my super password',
677 password: 'bla'
678 }
679
680 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
681 })
682
683 it('Should fail with a too long password', async function () {
684 const fields = {
685 currentPassword: 'my super password',
686 password: 'super'.repeat(61)
687 }
688
689 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
690 })
691
692 it('Should fail with an non authenticated user', async function () {
693 const fields = {
694 videoQuota: 42
695 }
696
697 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
698 })
699
700 it('Should fail when updating root role', async function () {
701 const fields = {
702 role: UserRole.MODERATOR
703 }
704
705 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
706 })
707
708 it('Should fail with invalid admin flags', async function () {
709 const fields = { adminFlags: 'toto' }
710
711 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
712 })
713
714 it('Should fail to update an admin with a moderator', async function () {
715 const fields = {
716 videoQuota: 42
717 }
718
719 await makePutBodyRequest({
720 url: server.url,
721 path: path + moderatorId,
722 token: moderatorAccessToken,
723 fields,
724 statusCodeExpected: 403
725 })
726 })
727
728 it('Should succeed to update a user with a moderator', async function () {
729 const fields = {
730 videoQuota: 42
731 }
732
733 await makePutBodyRequest({
734 url: server.url,
735 path: path + userId,
736 token: moderatorAccessToken,
737 fields,
738 statusCodeExpected: 204
739 })
740 })
741
742 it('Should succeed with the correct params', async function () {
743 const fields = {
744 email: 'email@example.com',
745 emailVerified: true,
746 videoQuota: 42,
747 role: UserRole.USER
748 }
749
750 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
751 })
752 })
753
754 describe('When getting my information', function () {
755 it('Should fail with a non authenticated user', async function () {
756 await getMyUserInformation(server.url, 'fake_token', 401)
757 })
758
759 it('Should success with the correct parameters', async function () {
760 await getMyUserInformation(server.url, userAccessToken)
761 })
762 })
763
764 describe('When getting my video rating', function () {
765 it('Should fail with a non authenticated user', async function () {
766 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
767 })
768
769 it('Should fail with an incorrect video uuid', async function () {
770 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
771 })
772
773 it('Should fail with an unknown video', async function () {
774 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
775 })
776
777 it('Should succeed with the correct parameters', async function () {
778 await getMyUserVideoRating(server.url, server.accessToken, videoId)
779 })
780 })
781
782 describe('When retrieving my global ratings', function () {
783 const path = '/api/v1/accounts/user1/ratings'
784
785 it('Should fail with a bad start pagination', async function () {
786 await checkBadStartPagination(server.url, path, userAccessToken)
787 })
788
789 it('Should fail with a bad count pagination', async function () {
790 await checkBadCountPagination(server.url, path, userAccessToken)
791 })
792
793 it('Should fail with an incorrect sort', async function () {
794 await checkBadSortPagination(server.url, path, userAccessToken)
795 })
796
797 it('Should fail with a unauthenticated user', async function () {
798 await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 })
799 })
800
801 it('Should fail with a another user', async function () {
802 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 })
803 })
804
805 it('Should fail with a bad type', async function () {
806 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 })
807 })
808
809 it('Should succeed with the correct params', async function () {
810 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 })
811 })
812 })
813
814 describe('When blocking/unblocking/removing user', function () {
815 it('Should fail with an incorrect id', async function () {
816 await removeUser(server.url, 'blabla', server.accessToken, 400)
817 await blockUser(server.url, 'blabla', server.accessToken, 400)
818 await unblockUser(server.url, 'blabla', server.accessToken, 400)
819 })
820
821 it('Should fail with the root user', async function () {
822 await removeUser(server.url, rootId, server.accessToken, 400)
823 await blockUser(server.url, rootId, server.accessToken, 400)
824 await unblockUser(server.url, rootId, server.accessToken, 400)
825 })
826
827 it('Should return 404 with a non existing id', async function () {
828 await removeUser(server.url, 4545454, server.accessToken, 404)
829 await blockUser(server.url, 4545454, server.accessToken, 404)
830 await unblockUser(server.url, 4545454, server.accessToken, 404)
831 })
832
833 it('Should fail with a non admin user', async function () {
834 await removeUser(server.url, userId, userAccessToken, 403)
835 await blockUser(server.url, userId, userAccessToken, 403)
836 await unblockUser(server.url, userId, userAccessToken, 403)
837 })
838
839 it('Should fail on a moderator with a moderator', async function () {
840 await removeUser(server.url, moderatorId, moderatorAccessToken, 403)
841 await blockUser(server.url, moderatorId, moderatorAccessToken, 403)
842 await unblockUser(server.url, moderatorId, moderatorAccessToken, 403)
843 })
844
845 it('Should succeed on a user with a moderator', async function () {
846 await blockUser(server.url, userId, moderatorAccessToken)
847 await unblockUser(server.url, userId, moderatorAccessToken)
848 })
849 })
850
851 describe('When deleting our account', function () {
852 it('Should fail with with the root account', async function () {
853 await deleteMe(server.url, server.accessToken, 400)
854 })
855 })
856
857 describe('When registering a new user', function () {
858 const registrationPath = path + '/register'
859 const baseCorrectParams = {
860 username: 'user3',
861 displayName: 'super user',
862 email: 'test3@example.com',
863 password: 'my super password'
864 }
865
866 it('Should fail with a too small username', async function () {
867 const fields = immutableAssign(baseCorrectParams, { username: '' })
868
869 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
870 })
871
872 it('Should fail with a too long username', async function () {
873 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
874
875 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
876 })
877
878 it('Should fail with an incorrect username', async function () {
879 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
880
881 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
882 })
883
884 it('Should fail with a missing email', async function () {
885 const fields = omit(baseCorrectParams, 'email')
886
887 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
888 })
889
890 it('Should fail with an invalid email', async function () {
891 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
892
893 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
894 })
895
896 it('Should fail with a too small password', async function () {
897 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
898
899 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
900 })
901
902 it('Should fail with a too long password', async function () {
903 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
904
905 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
906 })
907
908 it('Should fail if we register a user with the same username', async function () {
909 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
910
911 await makePostBodyRequest({
912 url: server.url,
913 path: registrationPath,
914 token: server.accessToken,
915 fields,
916 statusCodeExpected: 409
917 })
918 })
919
920 it('Should fail with a "peertube" username', async function () {
921 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
922
923 await makePostBodyRequest({
924 url: server.url,
925 path: registrationPath,
926 token: server.accessToken,
927 fields,
928 statusCodeExpected: 409
929 })
930 })
931
932 it('Should fail if we register a user with the same email', async function () {
933 const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
934
935 await makePostBodyRequest({
936 url: server.url,
937 path: registrationPath,
938 token: server.accessToken,
939 fields,
940 statusCodeExpected: 409
941 })
942 })
943
944 it('Should fail with a bad display name', async function () {
945 const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
946
947 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
948 })
949
950 it('Should fail with a bad channel name', async function () {
951 const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
952
953 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
954 })
955
956 it('Should fail with a bad channel display name', async function () {
957 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
958
959 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
960 })
961
962 it('Should fail with a channel name that is the same as username', async function () {
963 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
964 const fields = immutableAssign(baseCorrectParams, source)
965
966 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
967 })
968
969 it('Should fail with an existing channel', async function () {
970 const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
971 await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg)
972
973 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
974
975 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
976 })
977
978 it('Should succeed with the correct params', async function () {
979 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
980
981 await makePostBodyRequest({
982 url: server.url,
983 path: registrationPath,
984 token: server.accessToken,
985 fields: fields,
986 statusCodeExpected: 204
987 })
988 })
989
990 it('Should fail on a server with registration disabled', async function () {
991 const fields = {
992 username: 'user4',
993 email: 'test4@example.com',
994 password: 'my super password 4'
995 }
996
997 await makePostBodyRequest({
998 url: serverWithRegistrationDisabled.url,
999 path: registrationPath,
1000 token: serverWithRegistrationDisabled.accessToken,
1001 fields,
1002 statusCodeExpected: 403
1003 })
1004 })
1005 })
1006
1007 describe('When registering multiple users on a server with users limit', function () {
1008 it('Should fail when after 3 registrations', async function () {
1009 await registerUser(server.url, 'user42', 'super password', 403)
1010 })
1011 })
1012
1013 describe('When having a video quota', function () {
1014 it('Should fail with a user having too many videos', async function () {
1015 await updateUser({
1016 url: server.url,
1017 userId: rootId,
1018 accessToken: server.accessToken,
1019 videoQuota: 42
1020 })
1021
1022 await uploadVideo(server.url, server.accessToken, {}, 403)
1023 })
1024
1025 it('Should fail with a registered user having too many videos', async function () {
1026 this.timeout(30000)
1027
1028 const user = {
1029 username: 'user3',
1030 password: 'my super password'
1031 }
1032 userAccessToken = await userLogin(server, user)
1033
1034 const videoAttributes = { fixture: 'video_short2.webm' }
1035 await uploadVideo(server.url, userAccessToken, videoAttributes)
1036 await uploadVideo(server.url, userAccessToken, videoAttributes)
1037 await uploadVideo(server.url, userAccessToken, videoAttributes)
1038 await uploadVideo(server.url, userAccessToken, videoAttributes)
1039 await uploadVideo(server.url, userAccessToken, videoAttributes)
1040 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
1041 })
1042
1043 it('Should fail to import with HTTP/Torrent/magnet', async function () {
1044 this.timeout(120000)
1045
1046 const baseAttributes = {
1047 channelId: 1,
1048 privacy: VideoPrivacy.PUBLIC
1049 }
1050 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() }))
1051 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
1052 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' as any }))
1053
1054 await waitJobs([ server ])
1055
1056 const res = await getMyVideoImports(server.url, server.accessToken)
1057
1058 expect(res.body.total).to.equal(3)
1059 const videoImports: VideoImport[] = res.body.data
1060 expect(videoImports).to.have.lengthOf(3)
1061
1062 for (const videoImport of videoImports) {
1063 expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
1064 expect(videoImport.error).not.to.be.undefined
1065 expect(videoImport.error).to.contain('user video quota is exceeded')
1066 }
1067 })
1068 })
1069
1070 describe('When having a daily video quota', function () {
1071 it('Should fail with a user having too many videos', async function () {
1072 await updateUser({
1073 url: server.url,
1074 userId: rootId,
1075 accessToken: server.accessToken,
1076 videoQuotaDaily: 42
1077 })
1078
1079 await uploadVideo(server.url, server.accessToken, {}, 403)
1080 })
1081 })
1082
1083 describe('When having an absolute and daily video quota', function () {
1084 it('Should fail if exceeding total quota', async function () {
1085 await updateUser({
1086 url: server.url,
1087 userId: rootId,
1088 accessToken: server.accessToken,
1089 videoQuota: 42,
1090 videoQuotaDaily: 1024 * 1024 * 1024
1091 })
1092
1093 await uploadVideo(server.url, server.accessToken, {}, 403)
1094 })
1095
1096 it('Should fail if exceeding daily quota', async function () {
1097 await updateUser({
1098 url: server.url,
1099 userId: rootId,
1100 accessToken: server.accessToken,
1101 videoQuota: 1024 * 1024 * 1024,
1102 videoQuotaDaily: 42
1103 })
1104
1105 await uploadVideo(server.url, server.accessToken, {}, 403)
1106 })
1107 })
1108
1109 describe('When asking a password reset', function () {
1110 const path = '/api/v1/users/ask-reset-password'
1111
1112 it('Should fail with a missing email', async function () {
1113 const fields = {}
1114
1115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1116 })
1117
1118 it('Should fail with an invalid email', async function () {
1119 const fields = { email: 'hello' }
1120
1121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1122 })
1123
1124 it('Should success with the correct params', async function () {
1125 const fields = { email: 'admin@example.com' }
1126
1127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1128 })
1129 })
1130
1131 describe('When asking for an account verification email', function () {
1132 const path = '/api/v1/users/ask-send-verify-email'
1133
1134 it('Should fail with a missing email', async function () {
1135 const fields = {}
1136
1137 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1138 })
1139
1140 it('Should fail with an invalid email', async function () {
1141 const fields = { email: 'hello' }
1142
1143 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1144 })
1145
1146 it('Should succeed with the correct params', async function () {
1147 const fields = { email: 'admin@example.com' }
1148
1149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1150 })
1151 })
1152
1153 after(async function () {
1154 MockSmtpServer.Instance.kill()
1155
1156 await cleanupTests([ server, serverWithRegistrationDisabled ])
1157 })
1158 })
ActivityPub-federated video streaming platform using P2P directly in your web browser