server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import {
   6   cleanupTests,
   7   createSingleServer,
   8   killallServers,
   9   makePutBodyRequest,
  10   PeerTubeServer,
  11   setAccessTokensToServers,
  12   testImage,
  13   waitJobs
  14 } from '@shared/extra-utils'
  15 import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  16
  17 const expect = chai.expect
  18
  19 describe('Test users', function () {
  20   let server: PeerTubeServer
  21   let token: string
  22   let userToken: string
  23   let videoId: number
  24   let userId: number
  25   const user = {
  26     username: 'user_1',
  27     password: 'super password'
  28   }
  29
  30   before(async function () {
  31     this.timeout(30000)
  32
  33     server = await createSingleServer(1, {
  34       rates_limit: {
  35         login: {
  36           max: 30
  37         }
  38       }
  39     })
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  44   })
  45
  46   describe('OAuth client', function () {
  47     it('Should create a new client')
  48
  49     it('Should return the first client')
  50
  51     it('Should remove the last client')
  52
  53     it('Should not login with an invalid client id', async function () {
  54       const client = { id: 'client', secret: server.store.client.secret }
  55       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  56
  57       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  58       expect(body.error).to.contain('client is invalid')
  59       expect(body.type.startsWith('https://')).to.be.true
  60       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  61     })
  62
  63     it('Should not login with an invalid client secret', async function () {
  64       const client = { id: server.store.client.id, secret: 'coucou' }
  65       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  66
  67       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  68       expect(body.error).to.contain('client is invalid')
  69       expect(body.type.startsWith('https://')).to.be.true
  70       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  71     })
  72   })
  73
  74   describe('Login', function () {
  75
  76     it('Should not login with an invalid username', async function () {
  77       const user = { username: 'captain crochet', password: server.store.user.password }
  78       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  79
  80       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  81       expect(body.error).to.contain('credentials are invalid')
  82       expect(body.type.startsWith('https://')).to.be.true
  83       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  84     })
  85
  86     it('Should not login with an invalid password', async function () {
  87       const user = { username: server.store.user.username, password: 'mew_three' }
  88       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  89
  90       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  91       expect(body.error).to.contain('credentials are invalid')
  92       expect(body.type.startsWith('https://')).to.be.true
  93       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  94     })
  95
  96     it('Should not be able to upload a video', async function () {
  97       token = 'my_super_token'
  98
  99       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 100     })
 101
 102     it('Should not be able to follow', async function () {
 103       token = 'my_super_token'
 104
 105       await server.follows.follow({
 106         hosts: [ 'http://example.com' ],
 107         token,
 108         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 109       })
 110     })
 111
 112     it('Should not be able to unfollow')
 113
 114     it('Should be able to login', async function () {
 115       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 116
 117       token = body.access_token
 118     })
 119
 120     it('Should be able to login with an insensitive username', async function () {
 121       const user = { username: 'RoOt', password: server.store.user.password }
 122       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 123
 124       const user2 = { username: 'rOoT', password: server.store.user.password }
 125       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 126
 127       const user3 = { username: 'ROOt', password: server.store.user.password }
 128       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 129     })
 130   })
 131
 132   describe('Upload', function () {
 133
 134     it('Should upload the video with the correct token', async function () {
 135       await server.videos.upload({ token })
 136       const { data } = await server.videos.list()
 137       const video = data[0]
 138
 139       expect(video.account.name).to.equal('root')
 140       videoId = video.id
 141     })
 142
 143     it('Should upload the video again with the correct token', async function () {
 144       await server.videos.upload({ token })
 145     })
 146   })
 147
 148   describe('Ratings', function () {
 149
 150     it('Should retrieve a video rating', async function () {
 151       await server.videos.rate({ id: videoId, rating: 'like' })
 152       const rating = await server.users.getMyRating({ token, videoId })
 153
 154       expect(rating.videoId).to.equal(videoId)
 155       expect(rating.rating).to.equal('like')
 156     })
 157
 158     it('Should retrieve ratings list', async function () {
 159       await server.videos.rate({ id: videoId, rating: 'like' })
 160
 161       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 162
 163       expect(body.total).to.equal(1)
 164       expect(body.data[0].video.id).to.equal(videoId)
 165       expect(body.data[0].rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list by rating type', async function () {
 169       {
 170         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 171         expect(body.data.length).to.equal(1)
 172       }
 173
 174       {
 175         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 176         expect(body.data.length).to.equal(0)
 177       }
 178     })
 179   })
 180
 181   describe('Remove video', function () {
 182     it('Should not be able to remove the video with an incorrect token', async function () {
 183       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184     })
 185
 186     it('Should not be able to remove the video with the token of another account')
 187
 188     it('Should be able to remove the video with the correct token', async function () {
 189       await server.videos.remove({ token, id: videoId })
 190     })
 191   })
 192
 193   describe('Logout', function () {
 194     it('Should logout (revoke token)', async function () {
 195       await server.login.logout({ token: server.accessToken })
 196     })
 197
 198     it('Should not be able to get the user information', async function () {
 199       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 200     })
 201
 202     it('Should not be able to upload a video', async function () {
 203       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should not be able to rate a video', async function () {
 207       const path = '/api/v1/videos/'
 208       const data = {
 209         rating: 'likes'
 210       }
 211
 212       const options = {
 213         url: server.url,
 214         path: path + videoId,
 215         token: 'wrong token',
 216         fields: data,
 217         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 218       }
 219       await makePutBodyRequest(options)
 220     })
 221
 222     it('Should be able to login again', async function () {
 223       const body = await server.login.login()
 224       server.accessToken = body.access_token
 225       server.refreshToken = body.refresh_token
 226     })
 227
 228     it('Should be able to get my user information again', async function () {
 229       await server.users.getMyInfo()
 230     })
 231
 232     it('Should have an expired access token', async function () {
 233       this.timeout(15000)
 234
 235       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 236       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 237
 238       await killallServers([ server ])
 239       await server.run()
 240
 241       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 242     })
 243
 244     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 245       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 246     })
 247
 248     it('Should refresh the token', async function () {
 249       this.timeout(15000)
 250
 251       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 252       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 253
 254       await killallServers([ server ])
 255       await server.run()
 256
 257       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await server.users.getMyInfo()
 264     })
 265   })
 266
 267   describe('Creating a user', function () {
 268
 269     it('Should be able to create a new user', async function () {
 270       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 271     })
 272
 273     it('Should be able to login with this user', async function () {
 274       userToken = await server.login.getAccessToken(user)
 275     })
 276
 277     it('Should be able to get user information', async function () {
 278       const userMe = await server.users.getMyInfo({ token: userToken })
 279
 280       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 281
 282       for (const user of [ userMe, userGet ]) {
 283         expect(user.username).to.equal('user_1')
 284         expect(user.email).to.equal('user_1@example.com')
 285         expect(user.nsfwPolicy).to.equal('display')
 286         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 287         expect(user.roleLabel).to.equal('User')
 288         expect(user.id).to.be.a('number')
 289         expect(user.account.displayName).to.equal('user_1')
 290         expect(user.account.description).to.be.null
 291       }
 292
 293       expect(userMe.adminFlags).to.be.undefined
 294       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 295
 296       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 297       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 298
 299       // Check stats are included with withStats
 300       expect(userGet.videosCount).to.be.a('number')
 301       expect(userGet.videosCount).to.equal(0)
 302       expect(userGet.videoCommentsCount).to.be.a('number')
 303       expect(userGet.videoCommentsCount).to.equal(0)
 304       expect(userGet.abusesCount).to.be.a('number')
 305       expect(userGet.abusesCount).to.equal(0)
 306       expect(userGet.abusesAcceptedCount).to.be.a('number')
 307       expect(userGet.abusesAcceptedCount).to.equal(0)
 308     })
 309   })
 310
 311   describe('My videos & quotas', function () {
 312
 313     it('Should be able to upload a video with this user', async function () {
 314       this.timeout(10000)
 315
 316       const attributes = {
 317         name: 'super user video',
 318         fixture: 'video_short.webm'
 319       }
 320       await server.videos.upload({ token: userToken, attributes })
 321     })
 322
 323     it('Should have video quota updated', async function () {
 324       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 325       expect(quota.videoQuotaUsed).to.equal(218910)
 326
 327       const { data } = await server.users.list()
 328       const tmpUser = data.find(u => u.username === user.username)
 329       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 330     })
 331
 332     it('Should be able to list my videos', async function () {
 333       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 334       expect(total).to.equal(1)
 335       expect(data).to.have.lengthOf(1)
 336
 337       const video: Video = data[0]
 338       expect(video.name).to.equal('super user video')
 339       expect(video.thumbnailPath).to.not.be.null
 340       expect(video.previewPath).to.not.be.null
 341     })
 342
 343     it('Should be able to search in my videos', async function () {
 344       {
 345         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 346         expect(total).to.equal(1)
 347         expect(data).to.have.lengthOf(1)
 348       }
 349
 350       {
 351         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 352         expect(total).to.equal(0)
 353         expect(data).to.have.lengthOf(0)
 354       }
 355     })
 356
 357     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 358       this.timeout(60000)
 359
 360       {
 361         const config = await server.config.getCustomConfig()
 362         config.transcoding.webtorrent.enabled = false
 363         config.transcoding.hls.enabled = true
 364         config.transcoding.enabled = true
 365         await server.config.updateCustomSubConfig({ newConfig: config })
 366       }
 367
 368       {
 369         const attributes = {
 370           name: 'super user video 2',
 371           fixture: 'video_short.webm'
 372         }
 373         await server.videos.upload({ token: userToken, attributes })
 374
 375         await waitJobs([ server ])
 376       }
 377
 378       {
 379         const data = await server.users.getMyQuotaUsed({ token: userToken })
 380         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 381       }
 382     })
 383   })
 384
 385   describe('Users listing', function () {
 386
 387     it('Should list all the users', async function () {
 388       const { data, total } = await server.users.list()
 389
 390       expect(total).to.equal(2)
 391       expect(data).to.be.an('array')
 392       expect(data.length).to.equal(2)
 393
 394       const user = data[0]
 395       expect(user.username).to.equal('user_1')
 396       expect(user.email).to.equal('user_1@example.com')
 397       expect(user.nsfwPolicy).to.equal('display')
 398
 399       const rootUser = data[1]
 400       expect(rootUser.username).to.equal('root')
 401       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 402       expect(user.nsfwPolicy).to.equal('display')
 403
 404       expect(rootUser.lastLoginDate).to.exist
 405       expect(user.lastLoginDate).to.exist
 406
 407       userId = user.id
 408     })
 409
 410     it('Should list only the first user by username asc', async function () {
 411       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 412
 413       expect(total).to.equal(2)
 414       expect(data.length).to.equal(1)
 415
 416       const user = data[0]
 417       expect(user.username).to.equal('root')
 418       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 419       expect(user.roleLabel).to.equal('Administrator')
 420       expect(user.nsfwPolicy).to.equal('display')
 421     })
 422
 423     it('Should list only the first user by username desc', async function () {
 424       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 425
 426       expect(total).to.equal(2)
 427       expect(data.length).to.equal(1)
 428
 429       const user = data[0]
 430       expect(user.username).to.equal('user_1')
 431       expect(user.email).to.equal('user_1@example.com')
 432       expect(user.nsfwPolicy).to.equal('display')
 433     })
 434
 435     it('Should list only the second user by createdAt desc', async function () {
 436       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 437       expect(total).to.equal(2)
 438
 439       expect(data.length).to.equal(1)
 440
 441       const user = data[0]
 442       expect(user.username).to.equal('user_1')
 443       expect(user.email).to.equal('user_1@example.com')
 444       expect(user.nsfwPolicy).to.equal('display')
 445     })
 446
 447     it('Should list all the users by createdAt asc', async function () {
 448       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 449
 450       expect(total).to.equal(2)
 451       expect(data.length).to.equal(2)
 452
 453       expect(data[0].username).to.equal('root')
 454       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 455       expect(data[0].nsfwPolicy).to.equal('display')
 456
 457       expect(data[1].username).to.equal('user_1')
 458       expect(data[1].email).to.equal('user_1@example.com')
 459       expect(data[1].nsfwPolicy).to.equal('display')
 460     })
 461
 462     it('Should search user by username', async function () {
 463       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 464       expect(total).to.equal(1)
 465       expect(data.length).to.equal(1)
 466       expect(data[0].username).to.equal('root')
 467     })
 468
 469     it('Should search user by email', async function () {
 470       {
 471         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 472         expect(total).to.equal(1)
 473         expect(data.length).to.equal(1)
 474         expect(data[0].username).to.equal('user_1')
 475         expect(data[0].email).to.equal('user_1@example.com')
 476       }
 477
 478       {
 479         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 480         expect(total).to.equal(2)
 481         expect(data.length).to.equal(2)
 482         expect(data[0].username).to.equal('root')
 483         expect(data[1].username).to.equal('user_1')
 484       }
 485     })
 486   })
 487
 488   describe('Update my account', function () {
 489
 490     it('Should update my password', async function () {
 491       await server.users.updateMe({
 492         token: userToken,
 493         currentPassword: 'super password',
 494         password: 'new password'
 495       })
 496       user.password = 'new password'
 497
 498       await server.login.login({ user })
 499     })
 500
 501     it('Should be able to change the NSFW display attribute', async function () {
 502       await server.users.updateMe({
 503         token: userToken,
 504         nsfwPolicy: 'do_not_list'
 505       })
 506
 507       const user = await server.users.getMyInfo({ token: userToken })
 508       expect(user.username).to.equal('user_1')
 509       expect(user.email).to.equal('user_1@example.com')
 510       expect(user.nsfwPolicy).to.equal('do_not_list')
 511       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 512       expect(user.id).to.be.a('number')
 513       expect(user.account.displayName).to.equal('user_1')
 514       expect(user.account.description).to.be.null
 515     })
 516
 517     it('Should be able to change the autoPlayVideo attribute', async function () {
 518       await server.users.updateMe({
 519         token: userToken,
 520         autoPlayVideo: false
 521       })
 522
 523       const user = await server.users.getMyInfo({ token: userToken })
 524       expect(user.autoPlayVideo).to.be.false
 525     })
 526
 527     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 528       await server.users.updateMe({
 529         token: userToken,
 530         autoPlayNextVideo: true
 531       })
 532
 533       const user = await server.users.getMyInfo({ token: userToken })
 534       expect(user.autoPlayNextVideo).to.be.true
 535     })
 536
 537     it('Should be able to change the email attribute', async function () {
 538       await server.users.updateMe({
 539         token: userToken,
 540         currentPassword: 'new password',
 541         email: 'updated@example.com'
 542       })
 543
 544       const user = await server.users.getMyInfo({ token: userToken })
 545       expect(user.username).to.equal('user_1')
 546       expect(user.email).to.equal('updated@example.com')
 547       expect(user.nsfwPolicy).to.equal('do_not_list')
 548       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 549       expect(user.id).to.be.a('number')
 550       expect(user.account.displayName).to.equal('user_1')
 551       expect(user.account.description).to.be.null
 552     })
 553
 554     it('Should be able to update my avatar with a gif', async function () {
 555       const fixture = 'avatar.gif'
 556
 557       await server.users.updateMyAvatar({ token: userToken, fixture })
 558
 559       const user = await server.users.getMyInfo({ token: userToken })
 560       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 561     })
 562
 563     it('Should be able to update my avatar with a gif, and then a png', async function () {
 564       for (const extension of [ '.png', '.gif' ]) {
 565         const fixture = 'avatar' + extension
 566
 567         await server.users.updateMyAvatar({ token: userToken, fixture })
 568
 569         const user = await server.users.getMyInfo({ token: userToken })
 570         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 571       }
 572     })
 573
 574     it('Should be able to update my display name', async function () {
 575       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 576
 577       const user = await server.users.getMyInfo({ token: userToken })
 578       expect(user.username).to.equal('user_1')
 579       expect(user.email).to.equal('updated@example.com')
 580       expect(user.nsfwPolicy).to.equal('do_not_list')
 581       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 582       expect(user.id).to.be.a('number')
 583       expect(user.account.displayName).to.equal('new display name')
 584       expect(user.account.description).to.be.null
 585     })
 586
 587     it('Should be able to update my description', async function () {
 588       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 589
 590       const user = await server.users.getMyInfo({ token: userToken })
 591       expect(user.username).to.equal('user_1')
 592       expect(user.email).to.equal('updated@example.com')
 593       expect(user.nsfwPolicy).to.equal('do_not_list')
 594       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 595       expect(user.id).to.be.a('number')
 596       expect(user.account.displayName).to.equal('new display name')
 597       expect(user.account.description).to.equal('my super description updated')
 598       expect(user.noWelcomeModal).to.be.false
 599       expect(user.noInstanceConfigWarningModal).to.be.false
 600     })
 601
 602     it('Should be able to update my theme', async function () {
 603       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 604         await server.users.updateMe({ token: userToken, theme })
 605
 606         const user = await server.users.getMyInfo({ token: userToken })
 607         expect(user.theme).to.equal(theme)
 608       }
 609     })
 610
 611     it('Should be able to update my modal preferences', async function () {
 612       await server.users.updateMe({
 613         token: userToken,
 614         noInstanceConfigWarningModal: true,
 615         noWelcomeModal: true
 616       })
 617
 618       const user = await server.users.getMyInfo({ token: userToken })
 619       expect(user.noWelcomeModal).to.be.true
 620       expect(user.noInstanceConfigWarningModal).to.be.true
 621     })
 622   })
 623
 624   describe('Updating another user', function () {
 625     it('Should be able to update another user', async function () {
 626       await server.users.update({
 627         userId,
 628         token,
 629         email: 'updated2@example.com',
 630         emailVerified: true,
 631         videoQuota: 42,
 632         role: UserRole.MODERATOR,
 633         adminFlags: UserAdminFlag.NONE,
 634         pluginAuth: 'toto'
 635       })
 636
 637       const user = await server.users.get({ token, userId })
 638
 639       expect(user.username).to.equal('user_1')
 640       expect(user.email).to.equal('updated2@example.com')
 641       expect(user.emailVerified).to.be.true
 642       expect(user.nsfwPolicy).to.equal('do_not_list')
 643       expect(user.videoQuota).to.equal(42)
 644       expect(user.roleLabel).to.equal('Moderator')
 645       expect(user.id).to.be.a('number')
 646       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 647       expect(user.pluginAuth).to.equal('toto')
 648     })
 649
 650     it('Should reset the auth plugin', async function () {
 651       await server.users.update({ userId, token, pluginAuth: null })
 652
 653       const user = await server.users.get({ token, userId })
 654       expect(user.pluginAuth).to.be.null
 655     })
 656
 657     it('Should have removed the user token', async function () {
 658       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 659
 660       userToken = await server.login.getAccessToken(user)
 661     })
 662
 663     it('Should be able to update another user password', async function () {
 664       await server.users.update({ userId, token, password: 'password updated' })
 665
 666       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 667
 668       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 669
 670       user.password = 'password updated'
 671       userToken = await server.login.getAccessToken(user)
 672     })
 673   })
 674
 675   describe('Video blacklists', function () {
 676     it('Should be able to list video blacklist by a moderator', async function () {
 677       await server.blacklist.list({ token: userToken })
 678     })
 679   })
 680
 681   describe('Remove a user', function () {
 682     it('Should be able to remove this user', async function () {
 683       await server.users.remove({ userId, token })
 684     })
 685
 686     it('Should not be able to login with this user', async function () {
 687       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 688     })
 689
 690     it('Should not have videos of this user', async function () {
 691       const { data, total } = await server.videos.list()
 692       expect(total).to.equal(1)
 693
 694       const video = data[0]
 695       expect(video.account.name).to.equal('root')
 696     })
 697   })
 698
 699   describe('Registering a new user', function () {
 700     let user15AccessToken
 701
 702     it('Should register a new user', async function () {
 703       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 704       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 705
 706       await server.users.register({ ...user, channel })
 707     })
 708
 709     it('Should be able to login with this registered user', async function () {
 710       const user15 = {
 711         username: 'user_15',
 712         password: 'my super password'
 713       }
 714
 715       user15AccessToken = await server.login.getAccessToken(user15)
 716     })
 717
 718     it('Should have the correct display name', async function () {
 719       const user = await server.users.getMyInfo({ token: user15AccessToken })
 720       expect(user.account.displayName).to.equal('super user 15')
 721     })
 722
 723     it('Should have the correct video quota', async function () {
 724       const user = await server.users.getMyInfo({ token: user15AccessToken })
 725       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 726     })
 727
 728     it('Should have created the channel', async function () {
 729       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 730
 731       expect(displayName).to.equal('my channel rocks')
 732     })
 733
 734     it('Should remove me', async function () {
 735       {
 736         const { data } = await server.users.list()
 737         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 738       }
 739
 740       await server.users.deleteMe({ token: user15AccessToken })
 741
 742       {
 743         const { data } = await server.users.list()
 744         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 745       }
 746     })
 747   })
 748
 749   describe('User blocking', function () {
 750     let user16Id
 751     let user16AccessToken
 752     const user16 = {
 753       username: 'user_16',
 754       password: 'my super password'
 755     }
 756
 757     it('Should block a user', async function () {
 758       const user = await server.users.create({ ...user16 })
 759       user16Id = user.id
 760
 761       user16AccessToken = await server.login.getAccessToken(user16)
 762
 763       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 764       await server.users.banUser({ userId: user16Id })
 765
 766       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 767       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 768     })
 769
 770     it('Should search user by banned status', async function () {
 771       {
 772         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 773         expect(total).to.equal(1)
 774         expect(data.length).to.equal(1)
 775
 776         expect(data[0].username).to.equal(user16.username)
 777       }
 778
 779       {
 780         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 781         expect(total).to.equal(1)
 782         expect(data.length).to.equal(1)
 783
 784         expect(data[0].username).to.not.equal(user16.username)
 785       }
 786     })
 787
 788     it('Should unblock a user', async function () {
 789       await server.users.unbanUser({ userId: user16Id })
 790       user16AccessToken = await server.login.getAccessToken(user16)
 791       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 792     })
 793   })
 794
 795   describe('User stats', function () {
 796     let user17Id
 797     let user17AccessToken
 798
 799     it('Should report correct initial statistics about a user', async function () {
 800       const user17 = {
 801         username: 'user_17',
 802         password: 'my super password'
 803       }
 804       const created = await server.users.create({ ...user17 })
 805
 806       user17Id = created.id
 807       user17AccessToken = await server.login.getAccessToken(user17)
 808
 809       const user = await server.users.get({ userId: user17Id, withStats: true })
 810       expect(user.videosCount).to.equal(0)
 811       expect(user.videoCommentsCount).to.equal(0)
 812       expect(user.abusesCount).to.equal(0)
 813       expect(user.abusesCreatedCount).to.equal(0)
 814       expect(user.abusesAcceptedCount).to.equal(0)
 815     })
 816
 817     it('Should report correct videos count', async function () {
 818       const attributes = { name: 'video to test user stats' }
 819       await server.videos.upload({ token: user17AccessToken, attributes })
 820
 821       const { data } = await server.videos.list()
 822       videoId = data.find(video => video.name === attributes.name).id
 823
 824       const user = await server.users.get({ userId: user17Id, withStats: true })
 825       expect(user.videosCount).to.equal(1)
 826     })
 827
 828     it('Should report correct video comments for user', async function () {
 829       const text = 'super comment'
 830       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 831
 832       const user = await server.users.get({ userId: user17Id, withStats: true })
 833       expect(user.videoCommentsCount).to.equal(1)
 834     })
 835
 836     it('Should report correct abuses counts', async function () {
 837       const reason = 'my super bad reason'
 838       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 839
 840       const body1 = await server.abuses.getAdminList()
 841       const abuseId = body1.data[0].id
 842
 843       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 844       expect(user2.abusesCount).to.equal(1) // number of incriminations
 845       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 846
 847       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 848
 849       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 850       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 851     })
 852   })
 853
 854   after(async function () {
 855     await cleanupTests([ server ])
 856   })
 857 })