server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   cleanupTests,
   8   flushAndRunServer,
   9   killallServers,
  10   makePutBodyRequest,
  11   reRunServer,
  12   ServerInfo,
  13   setAccessTokensToServers,
  14   testImage,
  15   waitJobs
  16 } from '@shared/extra-utils'
  17 import { AbuseState, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  18
  19 const expect = chai.expect
  20
  21 describe('Test users', function () {
  22   let server: ServerInfo
  23   let token: string
  24   let userToken: string
  25   let videoId: number
  26   let userId: number
  27   const user = {
  28     username: 'user_1',
  29     password: 'super password'
  30   }
  31
  32   before(async function () {
  33     this.timeout(30000)
  34
  35     server = await flushAndRunServer(1, {
  36       rates_limit: {
  37         login: {
  38           max: 30
  39         }
  40       }
  41     })
  42
  43     await setAccessTokensToServers([ server ])
  44
  45     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  46   })
  47
  48   describe('OAuth client', function () {
  49     it('Should create a new client')
  50
  51     it('Should return the first client')
  52
  53     it('Should remove the last client')
  54
  55     it('Should not login with an invalid client id', async function () {
  56       const client = { id: 'client', secret: server.store.client.secret }
  57       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  58
  59       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  60       expect(body.error).to.contain('client is invalid')
  61       expect(body.type.startsWith('https://')).to.be.true
  62       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  63     })
  64
  65     it('Should not login with an invalid client secret', async function () {
  66       const client = { id: server.store.client.id, secret: 'coucou' }
  67       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  68
  69       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  70       expect(body.error).to.contain('client is invalid')
  71       expect(body.type.startsWith('https://')).to.be.true
  72       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  73     })
  74   })
  75
  76   describe('Login', function () {
  77
  78     it('Should not login with an invalid username', async function () {
  79       const user = { username: 'captain crochet', password: server.store.user.password }
  80       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  81
  82       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  83       expect(body.error).to.contain('credentials are invalid')
  84       expect(body.type.startsWith('https://')).to.be.true
  85       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  86     })
  87
  88     it('Should not login with an invalid password', async function () {
  89       const user = { username: server.store.user.username, password: 'mew_three' }
  90       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  91
  92       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  93       expect(body.error).to.contain('credentials are invalid')
  94       expect(body.type.startsWith('https://')).to.be.true
  95       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  96     })
  97
  98     it('Should not be able to upload a video', async function () {
  99       token = 'my_super_token'
 100
 101       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 102     })
 103
 104     it('Should not be able to follow', async function () {
 105       token = 'my_super_token'
 106
 107       await server.follows.follow({
 108         targets: [ 'http://example.com' ],
 109         token,
 110         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 111       })
 112     })
 113
 114     it('Should not be able to unfollow')
 115
 116     it('Should be able to login', async function () {
 117       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 118
 119       token = body.access_token
 120     })
 121
 122     it('Should be able to login with an insensitive username', async function () {
 123       const user = { username: 'RoOt', password: server.store.user.password }
 124       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 125
 126       const user2 = { username: 'rOoT', password: server.store.user.password }
 127       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 128
 129       const user3 = { username: 'ROOt', password: server.store.user.password }
 130       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 131     })
 132   })
 133
 134   describe('Upload', function () {
 135
 136     it('Should upload the video with the correct token', async function () {
 137       await server.videos.upload({ token })
 138       const { data } = await server.videos.list()
 139       const video = data[0]
 140
 141       expect(video.account.name).to.equal('root')
 142       videoId = video.id
 143     })
 144
 145     it('Should upload the video again with the correct token', async function () {
 146       await server.videos.upload({ token })
 147     })
 148   })
 149
 150   describe('Ratings', function () {
 151
 152     it('Should retrieve a video rating', async function () {
 153       await server.videos.rate({ id: videoId, rating: 'like' })
 154       const rating = await server.users.getMyRating({ token, videoId })
 155
 156       expect(rating.videoId).to.equal(videoId)
 157       expect(rating.rating).to.equal('like')
 158     })
 159
 160     it('Should retrieve ratings list', async function () {
 161       await server.videos.rate({ id: videoId, rating: 'like' })
 162
 163       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 164
 165       expect(body.total).to.equal(1)
 166       expect(body.data[0].video.id).to.equal(videoId)
 167       expect(body.data[0].rating).to.equal('like')
 168     })
 169
 170     it('Should retrieve ratings list by rating type', async function () {
 171       {
 172         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 173         expect(body.data.length).to.equal(1)
 174       }
 175
 176       {
 177         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 178         expect(body.data.length).to.equal(0)
 179       }
 180     })
 181   })
 182
 183   describe('Remove video', function () {
 184     it('Should not be able to remove the video with an incorrect token', async function () {
 185       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 186     })
 187
 188     it('Should not be able to remove the video with the token of another account')
 189
 190     it('Should be able to remove the video with the correct token', async function () {
 191       await server.videos.remove({ token, id: videoId })
 192     })
 193   })
 194
 195   describe('Logout', function () {
 196     it('Should logout (revoke token)', async function () {
 197       await server.login.logout({ token: server.accessToken })
 198     })
 199
 200     it('Should not be able to get the user information', async function () {
 201       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 202     })
 203
 204     it('Should not be able to upload a video', async function () {
 205       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 206     })
 207
 208     it('Should not be able to rate a video', async function () {
 209       const path = '/api/v1/videos/'
 210       const data = {
 211         rating: 'likes'
 212       }
 213
 214       const options = {
 215         url: server.url,
 216         path: path + videoId,
 217         token: 'wrong token',
 218         fields: data,
 219         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 220       }
 221       await makePutBodyRequest(options)
 222     })
 223
 224     it('Should be able to login again', async function () {
 225       const body = await server.login.login()
 226       server.accessToken = body.access_token
 227       server.refreshToken = body.refresh_token
 228     })
 229
 230     it('Should be able to get my user information again', async function () {
 231       await server.users.getMyInfo()
 232     })
 233
 234     it('Should have an expired access token', async function () {
 235       this.timeout(15000)
 236
 237       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 238       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 239
 240       await killallServers([ server ])
 241       await reRunServer(server)
 242
 243       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 244     })
 245
 246     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 247       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 248     })
 249
 250     it('Should refresh the token', async function () {
 251       this.timeout(15000)
 252
 253       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 254       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 255
 256       await killallServers([ server ])
 257       await reRunServer(server)
 258
 259       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 260       server.accessToken = res.body.access_token
 261       server.refreshToken = res.body.refresh_token
 262     })
 263
 264     it('Should be able to get my user information again', async function () {
 265       await server.users.getMyInfo()
 266     })
 267   })
 268
 269   describe('Creating a user', function () {
 270
 271     it('Should be able to create a new user', async function () {
 272       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 273     })
 274
 275     it('Should be able to login with this user', async function () {
 276       userToken = await server.login.getAccessToken(user)
 277     })
 278
 279     it('Should be able to get user information', async function () {
 280       const userMe = await server.users.getMyInfo({ token: userToken })
 281
 282       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 283
 284       for (const user of [ userMe, userGet ]) {
 285         expect(user.username).to.equal('user_1')
 286         expect(user.email).to.equal('user_1@example.com')
 287         expect(user.nsfwPolicy).to.equal('display')
 288         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 289         expect(user.roleLabel).to.equal('User')
 290         expect(user.id).to.be.a('number')
 291         expect(user.account.displayName).to.equal('user_1')
 292         expect(user.account.description).to.be.null
 293       }
 294
 295       expect(userMe.adminFlags).to.be.undefined
 296       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 297
 298       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 299       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 300
 301       // Check stats are included with withStats
 302       expect(userGet.videosCount).to.be.a('number')
 303       expect(userGet.videosCount).to.equal(0)
 304       expect(userGet.videoCommentsCount).to.be.a('number')
 305       expect(userGet.videoCommentsCount).to.equal(0)
 306       expect(userGet.abusesCount).to.be.a('number')
 307       expect(userGet.abusesCount).to.equal(0)
 308       expect(userGet.abusesAcceptedCount).to.be.a('number')
 309       expect(userGet.abusesAcceptedCount).to.equal(0)
 310     })
 311   })
 312
 313   describe('My videos & quotas', function () {
 314
 315     it('Should be able to upload a video with this user', async function () {
 316       this.timeout(10000)
 317
 318       const attributes = {
 319         name: 'super user video',
 320         fixture: 'video_short.webm'
 321       }
 322       await server.videos.upload({ token: userToken, attributes })
 323     })
 324
 325     it('Should have video quota updated', async function () {
 326       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 327       expect(quota.videoQuotaUsed).to.equal(218910)
 328
 329       const { data } = await server.users.list()
 330       const tmpUser = data.find(u => u.username === user.username)
 331       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 332     })
 333
 334     it('Should be able to list my videos', async function () {
 335       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 336       expect(total).to.equal(1)
 337       expect(data).to.have.lengthOf(1)
 338
 339       const video: Video = data[0]
 340       expect(video.name).to.equal('super user video')
 341       expect(video.thumbnailPath).to.not.be.null
 342       expect(video.previewPath).to.not.be.null
 343     })
 344
 345     it('Should be able to search in my videos', async function () {
 346       {
 347         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 348         expect(total).to.equal(1)
 349         expect(data).to.have.lengthOf(1)
 350       }
 351
 352       {
 353         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 354         expect(total).to.equal(0)
 355         expect(data).to.have.lengthOf(0)
 356       }
 357     })
 358
 359     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 360       this.timeout(60000)
 361
 362       {
 363         const config = await server.config.getCustomConfig()
 364         config.transcoding.webtorrent.enabled = false
 365         config.transcoding.hls.enabled = true
 366         config.transcoding.enabled = true
 367         await server.config.updateCustomSubConfig({ newConfig: config })
 368       }
 369
 370       {
 371         const attributes = {
 372           name: 'super user video 2',
 373           fixture: 'video_short.webm'
 374         }
 375         await server.videos.upload({ token: userToken, attributes })
 376
 377         await waitJobs([ server ])
 378       }
 379
 380       {
 381         const data = await server.users.getMyQuotaUsed({ token: userToken })
 382         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 383       }
 384     })
 385   })
 386
 387   describe('Users listing', function () {
 388
 389     it('Should list all the users', async function () {
 390       const { data, total } = await server.users.list()
 391
 392       expect(total).to.equal(2)
 393       expect(data).to.be.an('array')
 394       expect(data.length).to.equal(2)
 395
 396       const user = data[0]
 397       expect(user.username).to.equal('user_1')
 398       expect(user.email).to.equal('user_1@example.com')
 399       expect(user.nsfwPolicy).to.equal('display')
 400
 401       const rootUser = data[1]
 402       expect(rootUser.username).to.equal('root')
 403       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 404       expect(user.nsfwPolicy).to.equal('display')
 405
 406       expect(rootUser.lastLoginDate).to.exist
 407       expect(user.lastLoginDate).to.exist
 408
 409       userId = user.id
 410     })
 411
 412     it('Should list only the first user by username asc', async function () {
 413       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 414
 415       expect(total).to.equal(2)
 416       expect(data.length).to.equal(1)
 417
 418       const user = data[0]
 419       expect(user.username).to.equal('root')
 420       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 421       expect(user.roleLabel).to.equal('Administrator')
 422       expect(user.nsfwPolicy).to.equal('display')
 423     })
 424
 425     it('Should list only the first user by username desc', async function () {
 426       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 427
 428       expect(total).to.equal(2)
 429       expect(data.length).to.equal(1)
 430
 431       const user = data[0]
 432       expect(user.username).to.equal('user_1')
 433       expect(user.email).to.equal('user_1@example.com')
 434       expect(user.nsfwPolicy).to.equal('display')
 435     })
 436
 437     it('Should list only the second user by createdAt desc', async function () {
 438       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 439       expect(total).to.equal(2)
 440
 441       expect(data.length).to.equal(1)
 442
 443       const user = data[0]
 444       expect(user.username).to.equal('user_1')
 445       expect(user.email).to.equal('user_1@example.com')
 446       expect(user.nsfwPolicy).to.equal('display')
 447     })
 448
 449     it('Should list all the users by createdAt asc', async function () {
 450       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 451
 452       expect(total).to.equal(2)
 453       expect(data.length).to.equal(2)
 454
 455       expect(data[0].username).to.equal('root')
 456       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 457       expect(data[0].nsfwPolicy).to.equal('display')
 458
 459       expect(data[1].username).to.equal('user_1')
 460       expect(data[1].email).to.equal('user_1@example.com')
 461       expect(data[1].nsfwPolicy).to.equal('display')
 462     })
 463
 464     it('Should search user by username', async function () {
 465       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 466       expect(total).to.equal(1)
 467       expect(data.length).to.equal(1)
 468       expect(data[0].username).to.equal('root')
 469     })
 470
 471     it('Should search user by email', async function () {
 472       {
 473         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 474         expect(total).to.equal(1)
 475         expect(data.length).to.equal(1)
 476         expect(data[0].username).to.equal('user_1')
 477         expect(data[0].email).to.equal('user_1@example.com')
 478       }
 479
 480       {
 481         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 482         expect(total).to.equal(2)
 483         expect(data.length).to.equal(2)
 484         expect(data[0].username).to.equal('root')
 485         expect(data[1].username).to.equal('user_1')
 486       }
 487     })
 488   })
 489
 490   describe('Update my account', function () {
 491
 492     it('Should update my password', async function () {
 493       await server.users.updateMe({
 494         token: userToken,
 495         currentPassword: 'super password',
 496         password: 'new password'
 497       })
 498       user.password = 'new password'
 499
 500       await server.login.login({ user })
 501     })
 502
 503     it('Should be able to change the NSFW display attribute', async function () {
 504       await server.users.updateMe({
 505         token: userToken,
 506         nsfwPolicy: 'do_not_list'
 507       })
 508
 509       const user = await server.users.getMyInfo({ token: userToken })
 510       expect(user.username).to.equal('user_1')
 511       expect(user.email).to.equal('user_1@example.com')
 512       expect(user.nsfwPolicy).to.equal('do_not_list')
 513       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 514       expect(user.id).to.be.a('number')
 515       expect(user.account.displayName).to.equal('user_1')
 516       expect(user.account.description).to.be.null
 517     })
 518
 519     it('Should be able to change the autoPlayVideo attribute', async function () {
 520       await server.users.updateMe({
 521         token: userToken,
 522         autoPlayVideo: false
 523       })
 524
 525       const user = await server.users.getMyInfo({ token: userToken })
 526       expect(user.autoPlayVideo).to.be.false
 527     })
 528
 529     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 530       await server.users.updateMe({
 531         token: userToken,
 532         autoPlayNextVideo: true
 533       })
 534
 535       const user = await server.users.getMyInfo({ token: userToken })
 536       expect(user.autoPlayNextVideo).to.be.true
 537     })
 538
 539     it('Should be able to change the email attribute', async function () {
 540       await server.users.updateMe({
 541         token: userToken,
 542         currentPassword: 'new password',
 543         email: 'updated@example.com'
 544       })
 545
 546       const user = await server.users.getMyInfo({ token: userToken })
 547       expect(user.username).to.equal('user_1')
 548       expect(user.email).to.equal('updated@example.com')
 549       expect(user.nsfwPolicy).to.equal('do_not_list')
 550       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 551       expect(user.id).to.be.a('number')
 552       expect(user.account.displayName).to.equal('user_1')
 553       expect(user.account.description).to.be.null
 554     })
 555
 556     it('Should be able to update my avatar with a gif', async function () {
 557       const fixture = 'avatar.gif'
 558
 559       await server.users.updateMyAvatar({ token: userToken, fixture })
 560
 561       const user = await server.users.getMyInfo({ token: userToken })
 562       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 563     })
 564
 565     it('Should be able to update my avatar with a gif, and then a png', async function () {
 566       for (const extension of [ '.png', '.gif' ]) {
 567         const fixture = 'avatar' + extension
 568
 569         await server.users.updateMyAvatar({ token: userToken, fixture })
 570
 571         const user = await server.users.getMyInfo({ token: userToken })
 572         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 573       }
 574     })
 575
 576     it('Should be able to update my display name', async function () {
 577       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 578
 579       const user = await server.users.getMyInfo({ token: userToken })
 580       expect(user.username).to.equal('user_1')
 581       expect(user.email).to.equal('updated@example.com')
 582       expect(user.nsfwPolicy).to.equal('do_not_list')
 583       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 584       expect(user.id).to.be.a('number')
 585       expect(user.account.displayName).to.equal('new display name')
 586       expect(user.account.description).to.be.null
 587     })
 588
 589     it('Should be able to update my description', async function () {
 590       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 591
 592       const user = await server.users.getMyInfo({ token: userToken })
 593       expect(user.username).to.equal('user_1')
 594       expect(user.email).to.equal('updated@example.com')
 595       expect(user.nsfwPolicy).to.equal('do_not_list')
 596       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 597       expect(user.id).to.be.a('number')
 598       expect(user.account.displayName).to.equal('new display name')
 599       expect(user.account.description).to.equal('my super description updated')
 600       expect(user.noWelcomeModal).to.be.false
 601       expect(user.noInstanceConfigWarningModal).to.be.false
 602     })
 603
 604     it('Should be able to update my theme', async function () {
 605       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 606         await server.users.updateMe({ token: userToken, theme })
 607
 608         const user = await server.users.getMyInfo({ token: userToken })
 609         expect(user.theme).to.equal(theme)
 610       }
 611     })
 612
 613     it('Should be able to update my modal preferences', async function () {
 614       await server.users.updateMe({
 615         token: userToken,
 616         noInstanceConfigWarningModal: true,
 617         noWelcomeModal: true
 618       })
 619
 620       const user = await server.users.getMyInfo({ token: userToken })
 621       expect(user.noWelcomeModal).to.be.true
 622       expect(user.noInstanceConfigWarningModal).to.be.true
 623     })
 624   })
 625
 626   describe('Updating another user', function () {
 627     it('Should be able to update another user', async function () {
 628       await server.users.update({
 629         userId,
 630         token,
 631         email: 'updated2@example.com',
 632         emailVerified: true,
 633         videoQuota: 42,
 634         role: UserRole.MODERATOR,
 635         adminFlags: UserAdminFlag.NONE,
 636         pluginAuth: 'toto'
 637       })
 638
 639       const user = await server.users.get({ token, userId })
 640
 641       expect(user.username).to.equal('user_1')
 642       expect(user.email).to.equal('updated2@example.com')
 643       expect(user.emailVerified).to.be.true
 644       expect(user.nsfwPolicy).to.equal('do_not_list')
 645       expect(user.videoQuota).to.equal(42)
 646       expect(user.roleLabel).to.equal('Moderator')
 647       expect(user.id).to.be.a('number')
 648       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 649       expect(user.pluginAuth).to.equal('toto')
 650     })
 651
 652     it('Should reset the auth plugin', async function () {
 653       await server.users.update({ userId, token, pluginAuth: null })
 654
 655       const user = await server.users.get({ token, userId })
 656       expect(user.pluginAuth).to.be.null
 657     })
 658
 659     it('Should have removed the user token', async function () {
 660       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 661
 662       userToken = await server.login.getAccessToken(user)
 663     })
 664
 665     it('Should be able to update another user password', async function () {
 666       await server.users.update({ userId, token, password: 'password updated' })
 667
 668       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 669
 670       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 671
 672       user.password = 'password updated'
 673       userToken = await server.login.getAccessToken(user)
 674     })
 675   })
 676
 677   describe('Video blacklists', function () {
 678     it('Should be able to list video blacklist by a moderator', async function () {
 679       await server.blacklist.list({ token: userToken })
 680     })
 681   })
 682
 683   describe('Remove a user', function () {
 684     it('Should be able to remove this user', async function () {
 685       await server.users.remove({ userId, token })
 686     })
 687
 688     it('Should not be able to login with this user', async function () {
 689       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 690     })
 691
 692     it('Should not have videos of this user', async function () {
 693       const { data, total } = await server.videos.list()
 694       expect(total).to.equal(1)
 695
 696       const video = data[0]
 697       expect(video.account.name).to.equal('root')
 698     })
 699   })
 700
 701   describe('Registering a new user', function () {
 702     let user15AccessToken
 703
 704     it('Should register a new user', async function () {
 705       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 706       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 707
 708       await server.users.register({ ...user, channel })
 709     })
 710
 711     it('Should be able to login with this registered user', async function () {
 712       const user15 = {
 713         username: 'user_15',
 714         password: 'my super password'
 715       }
 716
 717       user15AccessToken = await server.login.getAccessToken(user15)
 718     })
 719
 720     it('Should have the correct display name', async function () {
 721       const user = await server.users.getMyInfo({ token: user15AccessToken })
 722       expect(user.account.displayName).to.equal('super user 15')
 723     })
 724
 725     it('Should have the correct video quota', async function () {
 726       const user = await server.users.getMyInfo({ token: user15AccessToken })
 727       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 728     })
 729
 730     it('Should have created the channel', async function () {
 731       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 732
 733       expect(displayName).to.equal('my channel rocks')
 734     })
 735
 736     it('Should remove me', async function () {
 737       {
 738         const { data } = await server.users.list()
 739         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 740       }
 741
 742       await server.users.deleteMe({ token: user15AccessToken })
 743
 744       {
 745         const { data } = await server.users.list()
 746         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 747       }
 748     })
 749   })
 750
 751   describe('User blocking', function () {
 752     let user16Id
 753     let user16AccessToken
 754     const user16 = {
 755       username: 'user_16',
 756       password: 'my super password'
 757     }
 758
 759     it('Should block a user', async function () {
 760       const user = await server.users.create({ ...user16 })
 761       user16Id = user.id
 762
 763       user16AccessToken = await server.login.getAccessToken(user16)
 764
 765       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 766       await server.users.banUser({ userId: user16Id })
 767
 768       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 769       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 770     })
 771
 772     it('Should search user by banned status', async function () {
 773       {
 774         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 775         expect(total).to.equal(1)
 776         expect(data.length).to.equal(1)
 777
 778         expect(data[0].username).to.equal(user16.username)
 779       }
 780
 781       {
 782         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 783         expect(total).to.equal(1)
 784         expect(data.length).to.equal(1)
 785
 786         expect(data[0].username).to.not.equal(user16.username)
 787       }
 788     })
 789
 790     it('Should unblock a user', async function () {
 791       await server.users.unbanUser({ userId: user16Id })
 792       user16AccessToken = await server.login.getAccessToken(user16)
 793       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 794     })
 795   })
 796
 797   describe('User stats', function () {
 798     let user17Id
 799     let user17AccessToken
 800
 801     it('Should report correct initial statistics about a user', async function () {
 802       const user17 = {
 803         username: 'user_17',
 804         password: 'my super password'
 805       }
 806       const created = await server.users.create({ ...user17 })
 807
 808       user17Id = created.id
 809       user17AccessToken = await server.login.getAccessToken(user17)
 810
 811       const user = await server.users.get({ userId: user17Id, withStats: true })
 812       expect(user.videosCount).to.equal(0)
 813       expect(user.videoCommentsCount).to.equal(0)
 814       expect(user.abusesCount).to.equal(0)
 815       expect(user.abusesCreatedCount).to.equal(0)
 816       expect(user.abusesAcceptedCount).to.equal(0)
 817     })
 818
 819     it('Should report correct videos count', async function () {
 820       const attributes = { name: 'video to test user stats' }
 821       await server.videos.upload({ token: user17AccessToken, attributes })
 822
 823       const { data } = await server.videos.list()
 824       videoId = data.find(video => video.name === attributes.name).id
 825
 826       const user = await server.users.get({ userId: user17Id, withStats: true })
 827       expect(user.videosCount).to.equal(1)
 828     })
 829
 830     it('Should report correct video comments for user', async function () {
 831       const text = 'super comment'
 832       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 833
 834       const user = await server.users.get({ userId: user17Id, withStats: true })
 835       expect(user.videoCommentsCount).to.equal(1)
 836     })
 837
 838     it('Should report correct abuses counts', async function () {
 839       const reason = 'my super bad reason'
 840       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 841
 842       const body1 = await server.abuses.getAdminList()
 843       const abuseId = body1.data[0].id
 844
 845       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 846       expect(user2.abusesCount).to.equal(1) // number of incriminations
 847       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 848
 849       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 850
 851       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 852       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 853     })
 854   })
 855
 856   after(async function () {
 857     await cleanupTests([ server ])
 858   })
 859 })