1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole } from '../../../../shared/index'
12 getBlacklistedVideosList,
14 getMyUserVideoQuotaUsed,
18 getUsersListPaginationAndSort,
36 } from '../../../../shared/utils'
37 import { follow } from '../../../../shared/utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/utils/users/login'
39 import { getMyVideos } from '../../../../shared/utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
59 server = await runServer(1)
61 await setAccessTokensToServers([ server ])
64 describe('OAuth client', function () {
65 it('Should create a new client')
67 it('Should return the first client')
69 it('Should remove the last client')
71 it('Should not login with an invalid client id', async function () {
72 const client = { id: 'client', secret: server.client.secret }
73 const res = await login(server.url, client, server.user, 400)
75 expect(res.body.error).to.contain('client is invalid')
78 it('Should not login with an invalid client secret', async function () {
79 const client = { id: server.client.id, secret: 'coucou' }
80 const res = await login(server.url, client, server.user, 400)
82 expect(res.body.error).to.contain('client is invalid')
86 describe('Login', function () {
88 it('Should not login with an invalid username', async function () {
89 const user = { username: 'captain crochet', password: server.user.password }
90 const res = await login(server.url, server.client, user, 400)
92 expect(res.body.error).to.contain('credentials are invalid')
95 it('Should not login with an invalid password', async function () {
96 const user = { username: server.user.username, password: 'mew_three' }
97 const res = await login(server.url, server.client, user, 400)
99 expect(res.body.error).to.contain('credentials are invalid')
102 it('Should not be able to upload a video', async function () {
103 accessToken = 'my_super_token'
105 const videoAttributes = {}
106 await uploadVideo(server.url, accessToken, videoAttributes, 401)
109 it('Should not be able to follow', async function () {
110 accessToken = 'my_super_token'
111 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
114 it('Should not be able to unfollow')
116 it('Should be able to login', async function () {
117 const res = await login(server.url, server.client, server.user, 200)
119 accessToken = res.body.access_token
123 describe('Upload', function () {
125 it('Should upload the video with the correct token', async function () {
126 const videoAttributes = {}
127 await uploadVideo(server.url, accessToken, videoAttributes)
128 const res = await getVideosList(server.url)
129 const video = res.body.data[ 0 ]
131 expect(video.account.name).to.equal('root')
135 it('Should upload the video again with the correct token', async function () {
136 const videoAttributes = {}
137 await uploadVideo(server.url, accessToken, videoAttributes)
141 describe('Ratings', function () {
143 it('Should retrieve a video rating', async function () {
144 await rateVideo(server.url, accessToken, videoId, 'like')
145 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
146 const rating = res.body
148 expect(rating.videoId).to.equal(videoId)
149 expect(rating.rating).to.equal('like')
152 it('Should retrieve ratings list', async function () {
153 await rateVideo(server.url, accessToken, videoId, 'like')
155 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
156 const ratings = res.body
158 expect(ratings.total).to.equal(1)
159 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
160 expect(ratings.data[ 0 ].rating).to.equal('like')
163 it('Should retrieve ratings list by rating type', async function () {
165 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
166 const ratings = res.body
167 expect(ratings.data.length).to.equal(1)
171 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
172 const ratings = res.body
173 expect(ratings.data.length).to.equal(0)
178 describe('Remove video', function () {
179 it('Should not be able to remove the video with an incorrect token', async function () {
180 await removeVideo(server.url, 'bad_token', videoId, 401)
183 it('Should not be able to remove the video with the token of another account')
185 it('Should be able to remove the video with the correct token', async function () {
186 await removeVideo(server.url, accessToken, videoId)
190 describe('Logout', function () {
191 it('Should logout (revoke token)')
193 it('Should not be able to get the user information')
195 it('Should not be able to upload a video')
197 it('Should not be able to remove a video')
199 it('Should not be able to rate a video', async function () {
200 const path = '/api/v1/videos/'
207 path: path + videoId,
208 token: 'wrong token',
210 statusCodeExpected: 401
212 await makePutBodyRequest(options)
215 it('Should be able to login again')
217 it('Should have an expired access token')
219 it('Should refresh the token')
221 it('Should be able to upload a video again')
224 describe('Creating a user', function () {
226 it('Should be able to create a new user', async function () {
229 accessToken: accessToken,
230 username: user.username,
231 password: user.password,
232 videoQuota: 2 * 1024 * 1024,
233 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
237 it('Should be able to login with this user', async function () {
238 accessTokenUser = await userLogin(server, user)
241 it('Should be able to get user information', async function () {
242 const res1 = await getMyUserInformation(server.url, accessTokenUser)
243 const userMe: User = res1.body
245 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
246 const userGet: User = res2.body
248 for (const user of [ userMe, userGet ]) {
249 expect(user.username).to.equal('user_1')
250 expect(user.email).to.equal('user_1@example.com')
251 expect(user.nsfwPolicy).to.equal('display')
252 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
253 expect(user.roleLabel).to.equal('User')
254 expect(user.id).to.be.a('number')
255 expect(user.account.displayName).to.equal('user_1')
256 expect(user.account.description).to.be.null
259 expect(userMe.adminFlags).to.be.undefined
260 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
264 describe('My videos & quotas', function () {
266 it('Should be able to upload a video with this user', async function () {
269 const videoAttributes = {
270 name: 'super user video',
271 fixture: 'video_short.webm'
273 await uploadVideo(server.url, accessTokenUser, videoAttributes)
276 it('Should have video quota updated', async function () {
277 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
278 const data = res.body
280 expect(data.videoQuotaUsed).to.equal(218910)
282 const resUsers = await getUsersList(server.url, server.accessToken)
284 const users: User[] = resUsers.body.data
285 const tmpUser = users.find(u => u.username === user.username)
286 expect(tmpUser.videoQuotaUsed).to.equal(218910)
289 it('Should be able to list my videos', async function () {
290 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
291 expect(res.body.total).to.equal(1)
293 const videos = res.body.data
294 expect(videos).to.have.lengthOf(1)
296 expect(videos[ 0 ].name).to.equal('super user video')
300 describe('Users listing', function () {
302 it('Should list all the users', async function () {
303 const res = await getUsersList(server.url, server.accessToken)
304 const result = res.body
305 const total = result.total
306 const users = result.data
308 expect(total).to.equal(2)
309 expect(users).to.be.an('array')
310 expect(users.length).to.equal(2)
312 const user = users[ 0 ]
313 expect(user.username).to.equal('user_1')
314 expect(user.email).to.equal('user_1@example.com')
315 expect(user.nsfwPolicy).to.equal('display')
317 const rootUser = users[ 1 ]
318 expect(rootUser.username).to.equal('root')
319 expect(rootUser.email).to.equal('admin1@example.com')
320 expect(user.nsfwPolicy).to.equal('display')
325 it('Should list only the first user by username asc', async function () {
326 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
328 const result = res.body
329 const total = result.total
330 const users = result.data
332 expect(total).to.equal(2)
333 expect(users.length).to.equal(1)
335 const user = users[ 0 ]
336 expect(user.username).to.equal('root')
337 expect(user.email).to.equal('admin1@example.com')
338 expect(user.roleLabel).to.equal('Administrator')
339 expect(user.nsfwPolicy).to.equal('display')
342 it('Should list only the first user by username desc', async function () {
343 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
344 const result = res.body
345 const total = result.total
346 const users = result.data
348 expect(total).to.equal(2)
349 expect(users.length).to.equal(1)
351 const user = users[ 0 ]
352 expect(user.username).to.equal('user_1')
353 expect(user.email).to.equal('user_1@example.com')
354 expect(user.nsfwPolicy).to.equal('display')
357 it('Should list only the second user by createdAt desc', async function () {
358 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
359 const result = res.body
360 const total = result.total
361 const users = result.data
363 expect(total).to.equal(2)
364 expect(users.length).to.equal(1)
366 const user = users[ 0 ]
367 expect(user.username).to.equal('user_1')
368 expect(user.email).to.equal('user_1@example.com')
369 expect(user.nsfwPolicy).to.equal('display')
372 it('Should list all the users by createdAt asc', async function () {
373 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
374 const result = res.body
375 const total = result.total
376 const users = result.data
378 expect(total).to.equal(2)
379 expect(users.length).to.equal(2)
381 expect(users[ 0 ].username).to.equal('root')
382 expect(users[ 0 ].email).to.equal('admin1@example.com')
383 expect(users[ 0 ].nsfwPolicy).to.equal('display')
385 expect(users[ 1 ].username).to.equal('user_1')
386 expect(users[ 1 ].email).to.equal('user_1@example.com')
387 expect(users[ 1 ].nsfwPolicy).to.equal('display')
390 it('Should search user by username', async function () {
391 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
392 const users = res.body.data as User[]
394 expect(res.body.total).to.equal(1)
395 expect(users.length).to.equal(1)
397 expect(users[ 0 ].username).to.equal('root')
400 it('Should search user by email', async function () {
402 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
403 const users = res.body.data as User[]
405 expect(res.body.total).to.equal(1)
406 expect(users.length).to.equal(1)
408 expect(users[ 0 ].username).to.equal('user_1')
409 expect(users[ 0 ].email).to.equal('user_1@example.com')
413 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
414 const users = res.body.data as User[]
416 expect(res.body.total).to.equal(2)
417 expect(users.length).to.equal(2)
419 expect(users[ 0 ].username).to.equal('root')
420 expect(users[ 1 ].username).to.equal('user_1')
425 describe('Update my account', function () {
426 it('Should update my password', async function () {
429 accessToken: accessTokenUser,
430 currentPassword: 'super password',
431 newPassword: 'new password'
433 user.password = 'new password'
435 await userLogin(server, user, 200)
438 it('Should be able to change the NSFW display attribute', async function () {
441 accessToken: accessTokenUser,
442 nsfwPolicy: 'do_not_list'
445 const res = await getMyUserInformation(server.url, accessTokenUser)
446 const user = res.body
448 expect(user.username).to.equal('user_1')
449 expect(user.email).to.equal('user_1@example.com')
450 expect(user.nsfwPolicy).to.equal('do_not_list')
451 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
452 expect(user.id).to.be.a('number')
453 expect(user.account.displayName).to.equal('user_1')
454 expect(user.account.description).to.be.null
457 it('Should be able to change the autoPlayVideo attribute', async function () {
460 accessToken: accessTokenUser,
464 const res = await getMyUserInformation(server.url, accessTokenUser)
465 const user = res.body
467 expect(user.autoPlayVideo).to.be.false
470 it('Should be able to change the email display attribute', async function () {
473 accessToken: accessTokenUser,
474 email: 'updated@example.com'
477 const res = await getMyUserInformation(server.url, accessTokenUser)
478 const user = res.body
480 expect(user.username).to.equal('user_1')
481 expect(user.email).to.equal('updated@example.com')
482 expect(user.nsfwPolicy).to.equal('do_not_list')
483 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
484 expect(user.id).to.be.a('number')
485 expect(user.account.displayName).to.equal('user_1')
486 expect(user.account.description).to.be.null
489 it('Should be able to update my avatar', async function () {
490 const fixture = 'avatar.png'
492 await updateMyAvatar({
494 accessToken: accessTokenUser,
498 const res = await getMyUserInformation(server.url, accessTokenUser)
499 const user = res.body
501 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
504 it('Should be able to update my display name', async function () {
507 accessToken: accessTokenUser,
508 displayName: 'new display name'
511 const res = await getMyUserInformation(server.url, accessTokenUser)
512 const user = res.body
514 expect(user.username).to.equal('user_1')
515 expect(user.email).to.equal('updated@example.com')
516 expect(user.nsfwPolicy).to.equal('do_not_list')
517 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
518 expect(user.id).to.be.a('number')
519 expect(user.account.displayName).to.equal('new display name')
520 expect(user.account.description).to.be.null
523 it('Should be able to update my description', async function () {
526 accessToken: accessTokenUser,
527 description: 'my super description updated'
530 const res = await getMyUserInformation(server.url, accessTokenUser)
531 const user = res.body
533 expect(user.username).to.equal('user_1')
534 expect(user.email).to.equal('updated@example.com')
535 expect(user.nsfwPolicy).to.equal('do_not_list')
536 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
537 expect(user.id).to.be.a('number')
538 expect(user.account.displayName).to.equal('new display name')
539 expect(user.account.description).to.equal('my super description updated')
543 describe('Updating another user', function () {
545 it('Should be able to update another user', async function () {
550 email: 'updated2@example.com',
553 role: UserRole.MODERATOR,
554 adminFlags: UserAdminFlag.NONE
557 const res = await getUserInformation(server.url, accessToken, userId)
558 const user = res.body
560 expect(user.username).to.equal('user_1')
561 expect(user.email).to.equal('updated2@example.com')
562 expect(user.emailVerified).to.be.true
563 expect(user.nsfwPolicy).to.equal('do_not_list')
564 expect(user.videoQuota).to.equal(42)
565 expect(user.roleLabel).to.equal('Moderator')
566 expect(user.id).to.be.a('number')
567 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
570 it('Should have removed the user token', async function () {
571 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
573 accessTokenUser = await userLogin(server, user)
576 it('Should be able to update another user password', async function () {
581 password: 'password updated'
584 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
586 await userLogin(server, user, 400)
588 user.password = 'password updated'
589 accessTokenUser = await userLogin(server, user)
593 describe('Video blacklists', function () {
594 it('Should be able to list video blacklist by a moderator', async function () {
595 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
599 describe('Remove a user', function () {
600 it('Should be able to remove this user', async function () {
601 await removeUser(server.url, userId, accessToken)
604 it('Should not be able to login with this user', async function () {
605 await userLogin(server, user, 400)
608 it('Should not have videos of this user', async function () {
609 const res = await getVideosList(server.url)
611 expect(res.body.total).to.equal(1)
613 const video = res.body.data[ 0 ]
614 expect(video.account.name).to.equal('root')
618 describe('Registering a new user', function () {
619 it('Should register a new user', async function () {
620 await registerUser(server.url, 'user_15', 'my super password')
623 it('Should be able to login with this registered user', async function () {
626 password: 'my super password'
629 accessToken = await userLogin(server, user15)
632 it('Should have the correct video quota', async function () {
633 const res = await getMyUserInformation(server.url, accessToken)
634 const user = res.body
636 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
639 it('Should remove me', async function () {
641 const res = await getUsersList(server.url, server.accessToken)
642 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
645 await deleteMe(server.url, accessToken)
648 const res = await getUsersList(server.url, server.accessToken)
649 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
654 describe('User blocking', function () {
655 it('Should block and unblock a user', async function () {
658 password: 'my super password'
660 const resUser = await createUser({
662 accessToken: server.accessToken,
663 username: user16.username,
664 password: user16.password
666 const user16Id = resUser.body.user.id
668 accessToken = await userLogin(server, user16)
670 await getMyUserInformation(server.url, accessToken, 200)
671 await blockUser(server.url, user16Id, server.accessToken)
673 await getMyUserInformation(server.url, accessToken, 401)
674 await userLogin(server, user16, 400)
676 await unblockUser(server.url, user16Id, server.accessToken)
677 accessToken = await userLogin(server, user16)
678 await getMyUserInformation(server.url, accessToken, 200)
682 after(async function () {
683 killallServers([ server ])
685 // Keep the logs if the test failed