server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   cleanupTests,
   8   flushAndRunServer,
   9   getMyVideos,
  10   getVideosList,
  11   killallServers,
  12   makePutBodyRequest,
  13   rateVideo,
  14   removeVideo,
  15   reRunServer,
  16   ServerInfo,
  17   setAccessTokensToServers,
  18   testImage,
  19   uploadVideo,
  20   waitJobs
  21 } from '@shared/extra-utils'
  22 import { AbuseState, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  23
  24 const expect = chai.expect
  25
  26 describe('Test users', function () {
  27   let server: ServerInfo
  28   let accessToken: string
  29   let accessTokenUser: string
  30   let videoId: number
  31   let userId: number
  32   const user = {
  33     username: 'user_1',
  34     password: 'super password'
  35   }
  36
  37   before(async function () {
  38     this.timeout(30000)
  39
  40     server = await flushAndRunServer(1, {
  41       rates_limit: {
  42         login: {
  43           max: 30
  44         }
  45       }
  46     })
  47
  48     await setAccessTokensToServers([ server ])
  49
  50     await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
  51   })
  52
  53   describe('OAuth client', function () {
  54     it('Should create a new client')
  55
  56     it('Should return the first client')
  57
  58     it('Should remove the last client')
  59
  60     it('Should not login with an invalid client id', async function () {
  61       const client = { id: 'client', secret: server.client.secret }
  62       const body = await server.loginCommand.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  63
  64       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  65       expect(body.error).to.contain('client is invalid')
  66       expect(body.type.startsWith('https://')).to.be.true
  67       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  68     })
  69
  70     it('Should not login with an invalid client secret', async function () {
  71       const client = { id: server.client.id, secret: 'coucou' }
  72       const body = await server.loginCommand.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  73
  74       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  75       expect(body.error).to.contain('client is invalid')
  76       expect(body.type.startsWith('https://')).to.be.true
  77       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  78     })
  79   })
  80
  81   describe('Login', function () {
  82
  83     it('Should not login with an invalid username', async function () {
  84       const user = { username: 'captain crochet', password: server.user.password }
  85       const body = await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  86
  87       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  88       expect(body.error).to.contain('credentials are invalid')
  89       expect(body.type.startsWith('https://')).to.be.true
  90       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  91     })
  92
  93     it('Should not login with an invalid password', async function () {
  94       const user = { username: server.user.username, password: 'mew_three' }
  95       const body = await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  96
  97       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  98       expect(body.error).to.contain('credentials are invalid')
  99       expect(body.type.startsWith('https://')).to.be.true
 100       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 101     })
 102
 103     it('Should not be able to upload a video', async function () {
 104       accessToken = 'my_super_token'
 105
 106       const videoAttributes = {}
 107       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 108     })
 109
 110     it('Should not be able to follow', async function () {
 111       accessToken = 'my_super_token'
 112
 113       await server.followsCommand.follow({
 114         targets: [ 'http://example.com' ],
 115         token: accessToken,
 116         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 117       })
 118     })
 119
 120     it('Should not be able to unfollow')
 121
 122     it('Should be able to login', async function () {
 123       const body = await server.loginCommand.login({ expectedStatus: HttpStatusCode.OK_200 })
 124
 125       accessToken = body.access_token
 126     })
 127
 128     it('Should be able to login with an insensitive username', async function () {
 129       const user = { username: 'RoOt', password: server.user.password }
 130       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 131
 132       const user2 = { username: 'rOoT', password: server.user.password }
 133       await server.loginCommand.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 134
 135       const user3 = { username: 'ROOt', password: server.user.password }
 136       await server.loginCommand.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 137     })
 138   })
 139
 140   describe('Upload', function () {
 141
 142     it('Should upload the video with the correct token', async function () {
 143       const videoAttributes = {}
 144       await uploadVideo(server.url, accessToken, videoAttributes)
 145       const res = await getVideosList(server.url)
 146       const video = res.body.data[0]
 147
 148       expect(video.account.name).to.equal('root')
 149       videoId = video.id
 150     })
 151
 152     it('Should upload the video again with the correct token', async function () {
 153       const videoAttributes = {}
 154       await uploadVideo(server.url, accessToken, videoAttributes)
 155     })
 156   })
 157
 158   describe('Ratings', function () {
 159
 160     it('Should retrieve a video rating', async function () {
 161       await rateVideo(server.url, accessToken, videoId, 'like')
 162       const rating = await server.usersCommand.getMyRating({ token: accessToken, videoId })
 163
 164       expect(rating.videoId).to.equal(videoId)
 165       expect(rating.rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list', async function () {
 169       await rateVideo(server.url, accessToken, videoId, 'like')
 170
 171       const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
 172
 173       expect(body.total).to.equal(1)
 174       expect(body.data[0].video.id).to.equal(videoId)
 175       expect(body.data[0].rating).to.equal('like')
 176     })
 177
 178     it('Should retrieve ratings list by rating type', async function () {
 179       {
 180         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
 181         expect(body.data.length).to.equal(1)
 182       }
 183
 184       {
 185         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
 186         expect(body.data.length).to.equal(0)
 187       }
 188     })
 189   })
 190
 191   describe('Remove video', function () {
 192     it('Should not be able to remove the video with an incorrect token', async function () {
 193       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 194     })
 195
 196     it('Should not be able to remove the video with the token of another account')
 197
 198     it('Should be able to remove the video with the correct token', async function () {
 199       await removeVideo(server.url, accessToken, videoId)
 200     })
 201   })
 202
 203   describe('Logout', function () {
 204     it('Should logout (revoke token)', async function () {
 205       await server.loginCommand.logout({ token: server.accessToken })
 206     })
 207
 208     it('Should not be able to get the user information', async function () {
 209       await server.usersCommand.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 210     })
 211
 212     it('Should not be able to upload a video', async function () {
 213       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 214     })
 215
 216     it('Should not be able to rate a video', async function () {
 217       const path = '/api/v1/videos/'
 218       const data = {
 219         rating: 'likes'
 220       }
 221
 222       const options = {
 223         url: server.url,
 224         path: path + videoId,
 225         token: 'wrong token',
 226         fields: data,
 227         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 228       }
 229       await makePutBodyRequest(options)
 230     })
 231
 232     it('Should be able to login again', async function () {
 233       const body = await server.loginCommand.login()
 234       server.accessToken = body.access_token
 235       server.refreshToken = body.refresh_token
 236     })
 237
 238     it('Should be able to get my user information again', async function () {
 239       await server.usersCommand.getMyInfo()
 240     })
 241
 242     it('Should have an expired access token', async function () {
 243       this.timeout(15000)
 244
 245       await server.sqlCommand.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 246       await server.sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 247
 248       await killallServers([ server ])
 249       await reRunServer(server)
 250
 251       await server.usersCommand.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 252     })
 253
 254     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 255       await server.loginCommand.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 256     })
 257
 258     it('Should refresh the token', async function () {
 259       this.timeout(15000)
 260
 261       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 262       await server.sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 263
 264       await killallServers([ server ])
 265       await reRunServer(server)
 266
 267       const res = await server.loginCommand.refreshToken({ refreshToken: server.refreshToken })
 268       server.accessToken = res.body.access_token
 269       server.refreshToken = res.body.refresh_token
 270     })
 271
 272     it('Should be able to get my user information again', async function () {
 273       await server.usersCommand.getMyInfo()
 274     })
 275   })
 276
 277   describe('Creating a user', function () {
 278
 279     it('Should be able to create a new user', async function () {
 280       await server.usersCommand.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 281     })
 282
 283     it('Should be able to login with this user', async function () {
 284       accessTokenUser = await server.loginCommand.getAccessToken(user)
 285     })
 286
 287     it('Should be able to get user information', async function () {
 288       const userMe = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 289
 290       const userGet = await server.usersCommand.get({ userId: userMe.id, withStats: true })
 291
 292       for (const user of [ userMe, userGet ]) {
 293         expect(user.username).to.equal('user_1')
 294         expect(user.email).to.equal('user_1@example.com')
 295         expect(user.nsfwPolicy).to.equal('display')
 296         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 297         expect(user.roleLabel).to.equal('User')
 298         expect(user.id).to.be.a('number')
 299         expect(user.account.displayName).to.equal('user_1')
 300         expect(user.account.description).to.be.null
 301       }
 302
 303       expect(userMe.adminFlags).to.be.undefined
 304       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 305
 306       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 307       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 308
 309       // Check stats are included with withStats
 310       expect(userGet.videosCount).to.be.a('number')
 311       expect(userGet.videosCount).to.equal(0)
 312       expect(userGet.videoCommentsCount).to.be.a('number')
 313       expect(userGet.videoCommentsCount).to.equal(0)
 314       expect(userGet.abusesCount).to.be.a('number')
 315       expect(userGet.abusesCount).to.equal(0)
 316       expect(userGet.abusesAcceptedCount).to.be.a('number')
 317       expect(userGet.abusesAcceptedCount).to.equal(0)
 318     })
 319   })
 320
 321   describe('My videos & quotas', function () {
 322
 323     it('Should be able to upload a video with this user', async function () {
 324       this.timeout(10000)
 325
 326       const videoAttributes = {
 327         name: 'super user video',
 328         fixture: 'video_short.webm'
 329       }
 330       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 331     })
 332
 333     it('Should have video quota updated', async function () {
 334       const quota = await server.usersCommand.getMyQuotaUsed({ token: accessTokenUser })
 335       expect(quota.videoQuotaUsed).to.equal(218910)
 336
 337       const { data } = await server.usersCommand.list()
 338       const tmpUser = data.find(u => u.username === user.username)
 339       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 340     })
 341
 342     it('Should be able to list my videos', async function () {
 343       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 344       expect(res.body.total).to.equal(1)
 345
 346       const videos = res.body.data
 347       expect(videos).to.have.lengthOf(1)
 348
 349       const video: Video = videos[0]
 350       expect(video.name).to.equal('super user video')
 351       expect(video.thumbnailPath).to.not.be.null
 352       expect(video.previewPath).to.not.be.null
 353     })
 354
 355     it('Should be able to search in my videos', async function () {
 356       {
 357         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 358         expect(res.body.total).to.equal(1)
 359
 360         const videos = res.body.data
 361         expect(videos).to.have.lengthOf(1)
 362       }
 363
 364       {
 365         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 366         expect(res.body.total).to.equal(0)
 367
 368         const videos = res.body.data
 369         expect(videos).to.have.lengthOf(0)
 370       }
 371     })
 372
 373     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 374       this.timeout(60000)
 375
 376       {
 377         const config = await server.configCommand.getCustomConfig()
 378         config.transcoding.webtorrent.enabled = false
 379         config.transcoding.hls.enabled = true
 380         config.transcoding.enabled = true
 381         await server.configCommand.updateCustomSubConfig({ newConfig: config })
 382       }
 383
 384       {
 385         const videoAttributes = {
 386           name: 'super user video 2',
 387           fixture: 'video_short.webm'
 388         }
 389         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 390
 391         await waitJobs([ server ])
 392       }
 393
 394       {
 395         const data = await server.usersCommand.getMyQuotaUsed({ token: accessTokenUser })
 396         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 397       }
 398     })
 399   })
 400
 401   describe('Users listing', function () {
 402
 403     it('Should list all the users', async function () {
 404       const { data, total } = await server.usersCommand.list()
 405
 406       expect(total).to.equal(2)
 407       expect(data).to.be.an('array')
 408       expect(data.length).to.equal(2)
 409
 410       const user = data[0]
 411       expect(user.username).to.equal('user_1')
 412       expect(user.email).to.equal('user_1@example.com')
 413       expect(user.nsfwPolicy).to.equal('display')
 414
 415       const rootUser = data[1]
 416       expect(rootUser.username).to.equal('root')
 417       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 418       expect(user.nsfwPolicy).to.equal('display')
 419
 420       expect(rootUser.lastLoginDate).to.exist
 421       expect(user.lastLoginDate).to.exist
 422
 423       userId = user.id
 424     })
 425
 426     it('Should list only the first user by username asc', async function () {
 427       const { total, data } = await server.usersCommand.list({ start: 0, count: 1, sort: 'username' })
 428
 429       expect(total).to.equal(2)
 430       expect(data.length).to.equal(1)
 431
 432       const user = data[0]
 433       expect(user.username).to.equal('root')
 434       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 435       expect(user.roleLabel).to.equal('Administrator')
 436       expect(user.nsfwPolicy).to.equal('display')
 437     })
 438
 439     it('Should list only the first user by username desc', async function () {
 440       const { total, data } = await server.usersCommand.list({ start: 0, count: 1, sort: '-username' })
 441
 442       expect(total).to.equal(2)
 443       expect(data.length).to.equal(1)
 444
 445       const user = data[0]
 446       expect(user.username).to.equal('user_1')
 447       expect(user.email).to.equal('user_1@example.com')
 448       expect(user.nsfwPolicy).to.equal('display')
 449     })
 450
 451     it('Should list only the second user by createdAt desc', async function () {
 452       const { data, total } = await server.usersCommand.list({ start: 0, count: 1, sort: '-createdAt' })
 453       expect(total).to.equal(2)
 454
 455       expect(data.length).to.equal(1)
 456
 457       const user = data[0]
 458       expect(user.username).to.equal('user_1')
 459       expect(user.email).to.equal('user_1@example.com')
 460       expect(user.nsfwPolicy).to.equal('display')
 461     })
 462
 463     it('Should list all the users by createdAt asc', async function () {
 464       const { data, total } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt' })
 465
 466       expect(total).to.equal(2)
 467       expect(data.length).to.equal(2)
 468
 469       expect(data[0].username).to.equal('root')
 470       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 471       expect(data[0].nsfwPolicy).to.equal('display')
 472
 473       expect(data[1].username).to.equal('user_1')
 474       expect(data[1].email).to.equal('user_1@example.com')
 475       expect(data[1].nsfwPolicy).to.equal('display')
 476     })
 477
 478     it('Should search user by username', async function () {
 479       const { data, total } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 480       expect(total).to.equal(1)
 481       expect(data.length).to.equal(1)
 482       expect(data[0].username).to.equal('root')
 483     })
 484
 485     it('Should search user by email', async function () {
 486       {
 487         const { total, data } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 488         expect(total).to.equal(1)
 489         expect(data.length).to.equal(1)
 490         expect(data[0].username).to.equal('user_1')
 491         expect(data[0].email).to.equal('user_1@example.com')
 492       }
 493
 494       {
 495         const { total, data } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 496         expect(total).to.equal(2)
 497         expect(data.length).to.equal(2)
 498         expect(data[0].username).to.equal('root')
 499         expect(data[1].username).to.equal('user_1')
 500       }
 501     })
 502   })
 503
 504   describe('Update my account', function () {
 505
 506     it('Should update my password', async function () {
 507       await server.usersCommand.updateMe({
 508         token: accessTokenUser,
 509         currentPassword: 'super password',
 510         password: 'new password'
 511       })
 512       user.password = 'new password'
 513
 514       await server.loginCommand.login({ user })
 515     })
 516
 517     it('Should be able to change the NSFW display attribute', async function () {
 518       await server.usersCommand.updateMe({
 519         token: accessTokenUser,
 520         nsfwPolicy: 'do_not_list'
 521       })
 522
 523       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 524       expect(user.username).to.equal('user_1')
 525       expect(user.email).to.equal('user_1@example.com')
 526       expect(user.nsfwPolicy).to.equal('do_not_list')
 527       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 528       expect(user.id).to.be.a('number')
 529       expect(user.account.displayName).to.equal('user_1')
 530       expect(user.account.description).to.be.null
 531     })
 532
 533     it('Should be able to change the autoPlayVideo attribute', async function () {
 534       await server.usersCommand.updateMe({
 535         token: accessTokenUser,
 536         autoPlayVideo: false
 537       })
 538
 539       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 540       expect(user.autoPlayVideo).to.be.false
 541     })
 542
 543     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 544       await server.usersCommand.updateMe({
 545         token: accessTokenUser,
 546         autoPlayNextVideo: true
 547       })
 548
 549       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 550       expect(user.autoPlayNextVideo).to.be.true
 551     })
 552
 553     it('Should be able to change the email attribute', async function () {
 554       await server.usersCommand.updateMe({
 555         token: accessTokenUser,
 556         currentPassword: 'new password',
 557         email: 'updated@example.com'
 558       })
 559
 560       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 561       expect(user.username).to.equal('user_1')
 562       expect(user.email).to.equal('updated@example.com')
 563       expect(user.nsfwPolicy).to.equal('do_not_list')
 564       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 565       expect(user.id).to.be.a('number')
 566       expect(user.account.displayName).to.equal('user_1')
 567       expect(user.account.description).to.be.null
 568     })
 569
 570     it('Should be able to update my avatar with a gif', async function () {
 571       const fixture = 'avatar.gif'
 572
 573       await server.usersCommand.updateMyAvatar({ token: accessTokenUser, fixture })
 574
 575       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 576       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 577     })
 578
 579     it('Should be able to update my avatar with a gif, and then a png', async function () {
 580       for (const extension of [ '.png', '.gif' ]) {
 581         const fixture = 'avatar' + extension
 582
 583         await server.usersCommand.updateMyAvatar({ token: accessTokenUser, fixture })
 584
 585         const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 586         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 587       }
 588     })
 589
 590     it('Should be able to update my display name', async function () {
 591       await server.usersCommand.updateMe({ token: accessTokenUser, displayName: 'new display name' })
 592
 593       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 594       expect(user.username).to.equal('user_1')
 595       expect(user.email).to.equal('updated@example.com')
 596       expect(user.nsfwPolicy).to.equal('do_not_list')
 597       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 598       expect(user.id).to.be.a('number')
 599       expect(user.account.displayName).to.equal('new display name')
 600       expect(user.account.description).to.be.null
 601     })
 602
 603     it('Should be able to update my description', async function () {
 604       await server.usersCommand.updateMe({ token: accessTokenUser, description: 'my super description updated' })
 605
 606       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 607       expect(user.username).to.equal('user_1')
 608       expect(user.email).to.equal('updated@example.com')
 609       expect(user.nsfwPolicy).to.equal('do_not_list')
 610       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 611       expect(user.id).to.be.a('number')
 612       expect(user.account.displayName).to.equal('new display name')
 613       expect(user.account.description).to.equal('my super description updated')
 614       expect(user.noWelcomeModal).to.be.false
 615       expect(user.noInstanceConfigWarningModal).to.be.false
 616     })
 617
 618     it('Should be able to update my theme', async function () {
 619       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 620         await server.usersCommand.updateMe({ token: accessTokenUser, theme })
 621
 622         const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 623         expect(user.theme).to.equal(theme)
 624       }
 625     })
 626
 627     it('Should be able to update my modal preferences', async function () {
 628       await server.usersCommand.updateMe({
 629         token: accessTokenUser,
 630         noInstanceConfigWarningModal: true,
 631         noWelcomeModal: true
 632       })
 633
 634       const user = await server.usersCommand.getMyInfo({ token: accessTokenUser })
 635       expect(user.noWelcomeModal).to.be.true
 636       expect(user.noInstanceConfigWarningModal).to.be.true
 637     })
 638   })
 639
 640   describe('Updating another user', function () {
 641     it('Should be able to update another user', async function () {
 642       await server.usersCommand.update({
 643         userId,
 644         token: accessToken,
 645         email: 'updated2@example.com',
 646         emailVerified: true,
 647         videoQuota: 42,
 648         role: UserRole.MODERATOR,
 649         adminFlags: UserAdminFlag.NONE,
 650         pluginAuth: 'toto'
 651       })
 652
 653       const user = await server.usersCommand.get({ token: accessToken, userId })
 654
 655       expect(user.username).to.equal('user_1')
 656       expect(user.email).to.equal('updated2@example.com')
 657       expect(user.emailVerified).to.be.true
 658       expect(user.nsfwPolicy).to.equal('do_not_list')
 659       expect(user.videoQuota).to.equal(42)
 660       expect(user.roleLabel).to.equal('Moderator')
 661       expect(user.id).to.be.a('number')
 662       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 663       expect(user.pluginAuth).to.equal('toto')
 664     })
 665
 666     it('Should reset the auth plugin', async function () {
 667       await server.usersCommand.update({ userId, token: accessToken, pluginAuth: null })
 668
 669       const user = await server.usersCommand.get({ token: accessToken, userId })
 670       expect(user.pluginAuth).to.be.null
 671     })
 672
 673     it('Should have removed the user token', async function () {
 674       await server.usersCommand.getMyQuotaUsed({ token: accessTokenUser, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 675
 676       accessTokenUser = await server.loginCommand.getAccessToken(user)
 677     })
 678
 679     it('Should be able to update another user password', async function () {
 680       await server.usersCommand.update({ userId, token: accessToken, password: 'password updated' })
 681
 682       await server.usersCommand.getMyQuotaUsed({ token: accessTokenUser, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 683
 684       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 685
 686       user.password = 'password updated'
 687       accessTokenUser = await server.loginCommand.getAccessToken(user)
 688     })
 689   })
 690
 691   describe('Video blacklists', function () {
 692     it('Should be able to list video blacklist by a moderator', async function () {
 693       await server.blacklistCommand.list({ token: accessTokenUser })
 694     })
 695   })
 696
 697   describe('Remove a user', function () {
 698     it('Should be able to remove this user', async function () {
 699       await server.usersCommand.remove({ userId, token: accessToken })
 700     })
 701
 702     it('Should not be able to login with this user', async function () {
 703       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 704     })
 705
 706     it('Should not have videos of this user', async function () {
 707       const res = await getVideosList(server.url)
 708
 709       expect(res.body.total).to.equal(1)
 710
 711       const video = res.body.data[0]
 712       expect(video.account.name).to.equal('root')
 713     })
 714   })
 715
 716   describe('Registering a new user', function () {
 717     let user15AccessToken
 718
 719     it('Should register a new user', async function () {
 720       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 721       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 722
 723       await server.usersCommand.register({ ...user, channel })
 724     })
 725
 726     it('Should be able to login with this registered user', async function () {
 727       const user15 = {
 728         username: 'user_15',
 729         password: 'my super password'
 730       }
 731
 732       user15AccessToken = await server.loginCommand.getAccessToken(user15)
 733     })
 734
 735     it('Should have the correct display name', async function () {
 736       const user = await server.usersCommand.getMyInfo({ token: user15AccessToken })
 737       expect(user.account.displayName).to.equal('super user 15')
 738     })
 739
 740     it('Should have the correct video quota', async function () {
 741       const user = await server.usersCommand.getMyInfo({ token: user15AccessToken })
 742       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 743     })
 744
 745     it('Should have created the channel', async function () {
 746       const { displayName } = await server.channelsCommand.get({ channelName: 'my_user_15_channel' })
 747
 748       expect(displayName).to.equal('my channel rocks')
 749     })
 750
 751     it('Should remove me', async function () {
 752       {
 753         const { data } = await server.usersCommand.list()
 754         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 755       }
 756
 757       await server.usersCommand.deleteMe({ token: user15AccessToken })
 758
 759       {
 760         const { data } = await server.usersCommand.list()
 761         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 762       }
 763     })
 764   })
 765
 766   describe('User blocking', function () {
 767     let user16Id
 768     let user16AccessToken
 769     const user16 = {
 770       username: 'user_16',
 771       password: 'my super password'
 772     }
 773
 774     it('Should block a user', async function () {
 775       const user = await server.usersCommand.create({ ...user16 })
 776       user16Id = user.id
 777
 778       user16AccessToken = await server.loginCommand.getAccessToken(user16)
 779
 780       await server.usersCommand.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 781       await server.usersCommand.banUser({ userId: user16Id })
 782
 783       await server.usersCommand.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 784       await server.loginCommand.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 785     })
 786
 787     it('Should search user by banned status', async function () {
 788       {
 789         const { data, total } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 790         expect(total).to.equal(1)
 791         expect(data.length).to.equal(1)
 792
 793         expect(data[0].username).to.equal(user16.username)
 794       }
 795
 796       {
 797         const { data, total } = await server.usersCommand.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 798         expect(total).to.equal(1)
 799         expect(data.length).to.equal(1)
 800
 801         expect(data[0].username).to.not.equal(user16.username)
 802       }
 803     })
 804
 805     it('Should unblock a user', async function () {
 806       await server.usersCommand.unbanUser({ userId: user16Id })
 807       user16AccessToken = await server.loginCommand.getAccessToken(user16)
 808       await server.usersCommand.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 809     })
 810   })
 811
 812   describe('User stats', function () {
 813     let user17Id
 814     let user17AccessToken
 815
 816     it('Should report correct initial statistics about a user', async function () {
 817       const user17 = {
 818         username: 'user_17',
 819         password: 'my super password'
 820       }
 821       const created = await server.usersCommand.create({ ...user17 })
 822
 823       user17Id = created.id
 824       user17AccessToken = await server.loginCommand.getAccessToken(user17)
 825
 826       const user = await server.usersCommand.get({ userId: user17Id, withStats: true })
 827       expect(user.videosCount).to.equal(0)
 828       expect(user.videoCommentsCount).to.equal(0)
 829       expect(user.abusesCount).to.equal(0)
 830       expect(user.abusesCreatedCount).to.equal(0)
 831       expect(user.abusesAcceptedCount).to.equal(0)
 832     })
 833
 834     it('Should report correct videos count', async function () {
 835       const videoAttributes = {
 836         name: 'video to test user stats'
 837       }
 838       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 839       const res1 = await getVideosList(server.url)
 840       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 841
 842       const user = await server.usersCommand.get({ userId: user17Id, withStats: true })
 843       expect(user.videosCount).to.equal(1)
 844     })
 845
 846     it('Should report correct video comments for user', async function () {
 847       const text = 'super comment'
 848       await server.commentsCommand.createThread({ token: user17AccessToken, videoId, text })
 849
 850       const user = await server.usersCommand.get({ userId: user17Id, withStats: true })
 851       expect(user.videoCommentsCount).to.equal(1)
 852     })
 853
 854     it('Should report correct abuses counts', async function () {
 855       const reason = 'my super bad reason'
 856       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
 857
 858       const body1 = await server.abusesCommand.getAdminList()
 859       const abuseId = body1.data[0].id
 860
 861       const user2 = await server.usersCommand.get({ userId: user17Id, withStats: true })
 862       expect(user2.abusesCount).to.equal(1) // number of incriminations
 863       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 864
 865       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 866
 867       const user3 = await server.usersCommand.get({ userId: user17Id, withStats: true })
 868       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 869     })
 870   })
 871
 872   after(async function () {
 873     await cleanupTests([ server ])
 874   })
 875 })