1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole, Video } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
21 getVideosList, installPlugin,
25 registerUserWithChannel,
36 } from '../../../../shared/extra-utils'
37 import { follow } from '../../../../shared/extra-utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
39 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
57 server = await flushAndRunServer(1)
59 await setAccessTokensToServers([ server ])
61 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
64 describe('OAuth client', function () {
65 it('Should create a new client')
67 it('Should return the first client')
69 it('Should remove the last client')
71 it('Should not login with an invalid client id', async function () {
72 const client = { id: 'client', secret: server.client.secret }
73 const res = await login(server.url, client, server.user, 400)
75 expect(res.body.error).to.contain('client is invalid')
78 it('Should not login with an invalid client secret', async function () {
79 const client = { id: server.client.id, secret: 'coucou' }
80 const res = await login(server.url, client, server.user, 400)
82 expect(res.body.error).to.contain('client is invalid')
86 describe('Login', function () {
88 it('Should not login with an invalid username', async function () {
89 const user = { username: 'captain crochet', password: server.user.password }
90 const res = await login(server.url, server.client, user, 400)
92 expect(res.body.error).to.contain('credentials are invalid')
95 it('Should not login with an invalid password', async function () {
96 const user = { username: server.user.username, password: 'mew_three' }
97 const res = await login(server.url, server.client, user, 400)
99 expect(res.body.error).to.contain('credentials are invalid')
102 it('Should not be able to upload a video', async function () {
103 accessToken = 'my_super_token'
105 const videoAttributes = {}
106 await uploadVideo(server.url, accessToken, videoAttributes, 401)
109 it('Should not be able to follow', async function () {
110 accessToken = 'my_super_token'
111 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
114 it('Should not be able to unfollow')
116 it('Should be able to login', async function () {
117 const res = await login(server.url, server.client, server.user, 200)
119 accessToken = res.body.access_token
122 it('Should be able to login with an insensitive username', async function () {
123 const user = { username: 'RoOt', password: server.user.password }
124 const res = await login(server.url, server.client, user, 200)
126 const user2 = { username: 'rOoT', password: server.user.password }
127 const res2 = await login(server.url, server.client, user2, 200)
129 const user3 = { username: 'ROOt', password: server.user.password }
130 const res3 = await login(server.url, server.client, user3, 200)
134 describe('Upload', function () {
136 it('Should upload the video with the correct token', async function () {
137 const videoAttributes = {}
138 await uploadVideo(server.url, accessToken, videoAttributes)
139 const res = await getVideosList(server.url)
140 const video = res.body.data[ 0 ]
142 expect(video.account.name).to.equal('root')
146 it('Should upload the video again with the correct token', async function () {
147 const videoAttributes = {}
148 await uploadVideo(server.url, accessToken, videoAttributes)
152 describe('Ratings', function () {
154 it('Should retrieve a video rating', async function () {
155 await rateVideo(server.url, accessToken, videoId, 'like')
156 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
157 const rating = res.body
159 expect(rating.videoId).to.equal(videoId)
160 expect(rating.rating).to.equal('like')
163 it('Should retrieve ratings list', async function () {
164 await rateVideo(server.url, accessToken, videoId, 'like')
166 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
167 const ratings = res.body
169 expect(ratings.total).to.equal(1)
170 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
171 expect(ratings.data[ 0 ].rating).to.equal('like')
174 it('Should retrieve ratings list by rating type', async function () {
176 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
177 const ratings = res.body
178 expect(ratings.data.length).to.equal(1)
182 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
183 const ratings = res.body
184 expect(ratings.data.length).to.equal(0)
189 describe('Remove video', function () {
190 it('Should not be able to remove the video with an incorrect token', async function () {
191 await removeVideo(server.url, 'bad_token', videoId, 401)
194 it('Should not be able to remove the video with the token of another account')
196 it('Should be able to remove the video with the correct token', async function () {
197 await removeVideo(server.url, accessToken, videoId)
201 describe('Logout', function () {
202 it('Should logout (revoke token)')
204 it('Should not be able to get the user information')
206 it('Should not be able to upload a video')
208 it('Should not be able to remove a video')
210 it('Should not be able to rate a video', async function () {
211 const path = '/api/v1/videos/'
218 path: path + videoId,
219 token: 'wrong token',
221 statusCodeExpected: 401
223 await makePutBodyRequest(options)
226 it('Should be able to login again')
228 it('Should have an expired access token')
230 it('Should refresh the token')
232 it('Should be able to upload a video again')
235 describe('Creating a user', function () {
237 it('Should be able to create a new user', async function () {
240 accessToken: accessToken,
241 username: user.username,
242 password: user.password,
243 videoQuota: 2 * 1024 * 1024,
244 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
248 it('Should be able to login with this user', async function () {
249 accessTokenUser = await userLogin(server, user)
252 it('Should be able to get user information', async function () {
253 const res1 = await getMyUserInformation(server.url, accessTokenUser)
254 const userMe: User = res1.body
256 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
257 const userGet: User = res2.body
259 for (const user of [ userMe, userGet ]) {
260 expect(user.username).to.equal('user_1')
261 expect(user.email).to.equal('user_1@example.com')
262 expect(user.nsfwPolicy).to.equal('display')
263 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
264 expect(user.roleLabel).to.equal('User')
265 expect(user.id).to.be.a('number')
266 expect(user.account.displayName).to.equal('user_1')
267 expect(user.account.description).to.be.null
270 expect(userMe.adminFlags).to.be.undefined
271 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
275 describe('My videos & quotas', function () {
277 it('Should be able to upload a video with this user', async function () {
280 const videoAttributes = {
281 name: 'super user video',
282 fixture: 'video_short.webm'
284 await uploadVideo(server.url, accessTokenUser, videoAttributes)
287 it('Should have video quota updated', async function () {
288 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
289 const data = res.body
291 expect(data.videoQuotaUsed).to.equal(218910)
293 const resUsers = await getUsersList(server.url, server.accessToken)
295 const users: User[] = resUsers.body.data
296 const tmpUser = users.find(u => u.username === user.username)
297 expect(tmpUser.videoQuotaUsed).to.equal(218910)
300 it('Should be able to list my videos', async function () {
301 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
302 expect(res.body.total).to.equal(1)
304 const videos = res.body.data
305 expect(videos).to.have.lengthOf(1)
307 const video: Video = videos[ 0 ]
308 expect(video.name).to.equal('super user video')
309 expect(video.thumbnailPath).to.not.be.null
310 expect(video.previewPath).to.not.be.null
314 describe('Users listing', function () {
316 it('Should list all the users', async function () {
317 const res = await getUsersList(server.url, server.accessToken)
318 const result = res.body
319 const total = result.total
320 const users = result.data
322 expect(total).to.equal(2)
323 expect(users).to.be.an('array')
324 expect(users.length).to.equal(2)
326 const user = users[ 0 ]
327 expect(user.username).to.equal('user_1')
328 expect(user.email).to.equal('user_1@example.com')
329 expect(user.nsfwPolicy).to.equal('display')
331 const rootUser = users[ 1 ]
332 expect(rootUser.username).to.equal('root')
333 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
334 expect(user.nsfwPolicy).to.equal('display')
339 it('Should list only the first user by username asc', async function () {
340 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
342 const result = res.body
343 const total = result.total
344 const users = result.data
346 expect(total).to.equal(2)
347 expect(users.length).to.equal(1)
349 const user = users[ 0 ]
350 expect(user.username).to.equal('root')
351 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
352 expect(user.roleLabel).to.equal('Administrator')
353 expect(user.nsfwPolicy).to.equal('display')
356 it('Should list only the first user by username desc', async function () {
357 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
358 const result = res.body
359 const total = result.total
360 const users = result.data
362 expect(total).to.equal(2)
363 expect(users.length).to.equal(1)
365 const user = users[ 0 ]
366 expect(user.username).to.equal('user_1')
367 expect(user.email).to.equal('user_1@example.com')
368 expect(user.nsfwPolicy).to.equal('display')
371 it('Should list only the second user by createdAt desc', async function () {
372 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
373 const result = res.body
374 const total = result.total
375 const users = result.data
377 expect(total).to.equal(2)
378 expect(users.length).to.equal(1)
380 const user = users[ 0 ]
381 expect(user.username).to.equal('user_1')
382 expect(user.email).to.equal('user_1@example.com')
383 expect(user.nsfwPolicy).to.equal('display')
386 it('Should list all the users by createdAt asc', async function () {
387 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
388 const result = res.body
389 const total = result.total
390 const users = result.data
392 expect(total).to.equal(2)
393 expect(users.length).to.equal(2)
395 expect(users[ 0 ].username).to.equal('root')
396 expect(users[ 0 ].email).to.equal('admin' + server.internalServerNumber + '@example.com')
397 expect(users[ 0 ].nsfwPolicy).to.equal('display')
399 expect(users[ 1 ].username).to.equal('user_1')
400 expect(users[ 1 ].email).to.equal('user_1@example.com')
401 expect(users[ 1 ].nsfwPolicy).to.equal('display')
404 it('Should search user by username', async function () {
405 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
406 const users = res.body.data as User[]
408 expect(res.body.total).to.equal(1)
409 expect(users.length).to.equal(1)
411 expect(users[ 0 ].username).to.equal('root')
414 it('Should search user by email', async function () {
416 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
417 const users = res.body.data as User[]
419 expect(res.body.total).to.equal(1)
420 expect(users.length).to.equal(1)
422 expect(users[ 0 ].username).to.equal('user_1')
423 expect(users[ 0 ].email).to.equal('user_1@example.com')
427 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
428 const users = res.body.data as User[]
430 expect(res.body.total).to.equal(2)
431 expect(users.length).to.equal(2)
433 expect(users[ 0 ].username).to.equal('root')
434 expect(users[ 1 ].username).to.equal('user_1')
439 describe('Update my account', function () {
440 it('Should update my password', async function () {
443 accessToken: accessTokenUser,
444 currentPassword: 'super password',
445 newPassword: 'new password'
447 user.password = 'new password'
449 await userLogin(server, user, 200)
452 it('Should be able to change the NSFW display attribute', async function () {
455 accessToken: accessTokenUser,
456 nsfwPolicy: 'do_not_list'
459 const res = await getMyUserInformation(server.url, accessTokenUser)
460 const user = res.body
462 expect(user.username).to.equal('user_1')
463 expect(user.email).to.equal('user_1@example.com')
464 expect(user.nsfwPolicy).to.equal('do_not_list')
465 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
466 expect(user.id).to.be.a('number')
467 expect(user.account.displayName).to.equal('user_1')
468 expect(user.account.description).to.be.null
471 it('Should be able to change the autoPlayVideo attribute', async function () {
474 accessToken: accessTokenUser,
478 const res = await getMyUserInformation(server.url, accessTokenUser)
479 const user = res.body
481 expect(user.autoPlayVideo).to.be.false
484 it('Should be able to change the email attribute', async function () {
487 accessToken: accessTokenUser,
488 currentPassword: 'new password',
489 email: 'updated@example.com'
492 const res = await getMyUserInformation(server.url, accessTokenUser)
493 const user = res.body
495 expect(user.username).to.equal('user_1')
496 expect(user.email).to.equal('updated@example.com')
497 expect(user.nsfwPolicy).to.equal('do_not_list')
498 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
499 expect(user.id).to.be.a('number')
500 expect(user.account.displayName).to.equal('user_1')
501 expect(user.account.description).to.be.null
504 it('Should be able to update my avatar', async function () {
505 const fixture = 'avatar.png'
507 await updateMyAvatar({
509 accessToken: accessTokenUser,
513 const res = await getMyUserInformation(server.url, accessTokenUser)
514 const user = res.body
516 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
519 it('Should be able to update my display name', async function () {
522 accessToken: accessTokenUser,
523 displayName: 'new display name'
526 const res = await getMyUserInformation(server.url, accessTokenUser)
527 const user = res.body
529 expect(user.username).to.equal('user_1')
530 expect(user.email).to.equal('updated@example.com')
531 expect(user.nsfwPolicy).to.equal('do_not_list')
532 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
533 expect(user.id).to.be.a('number')
534 expect(user.account.displayName).to.equal('new display name')
535 expect(user.account.description).to.be.null
538 it('Should be able to update my description', async function () {
541 accessToken: accessTokenUser,
542 description: 'my super description updated'
545 const res = await getMyUserInformation(server.url, accessTokenUser)
546 const user = res.body
548 expect(user.username).to.equal('user_1')
549 expect(user.email).to.equal('updated@example.com')
550 expect(user.nsfwPolicy).to.equal('do_not_list')
551 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
552 expect(user.id).to.be.a('number')
553 expect(user.account.displayName).to.equal('new display name')
554 expect(user.account.description).to.equal('my super description updated')
557 it('Should be able to update my theme', async function () {
558 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
561 accessToken: accessTokenUser,
565 const res = await getMyUserInformation(server.url, accessTokenUser)
566 const body: User = res.body
568 expect(body.theme).to.equal(theme)
573 describe('Updating another user', function () {
575 it('Should be able to update another user', async function () {
580 email: 'updated2@example.com',
583 role: UserRole.MODERATOR,
584 adminFlags: UserAdminFlag.NONE
587 const res = await getUserInformation(server.url, accessToken, userId)
588 const user = res.body
590 expect(user.username).to.equal('user_1')
591 expect(user.email).to.equal('updated2@example.com')
592 expect(user.emailVerified).to.be.true
593 expect(user.nsfwPolicy).to.equal('do_not_list')
594 expect(user.videoQuota).to.equal(42)
595 expect(user.roleLabel).to.equal('Moderator')
596 expect(user.id).to.be.a('number')
597 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
600 it('Should have removed the user token', async function () {
601 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
603 accessTokenUser = await userLogin(server, user)
606 it('Should be able to update another user password', async function () {
611 password: 'password updated'
614 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
616 await userLogin(server, user, 400)
618 user.password = 'password updated'
619 accessTokenUser = await userLogin(server, user)
623 describe('Video blacklists', function () {
624 it('Should be able to list video blacklist by a moderator', async function () {
625 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
629 describe('Remove a user', function () {
630 it('Should be able to remove this user', async function () {
631 await removeUser(server.url, userId, accessToken)
634 it('Should not be able to login with this user', async function () {
635 await userLogin(server, user, 400)
638 it('Should not have videos of this user', async function () {
639 const res = await getVideosList(server.url)
641 expect(res.body.total).to.equal(1)
643 const video = res.body.data[ 0 ]
644 expect(video.account.name).to.equal('root')
648 describe('Registering a new user', function () {
649 it('Should register a new user', async function () {
650 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
651 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
653 await registerUserWithChannel({ url: server.url, user, channel })
656 it('Should be able to login with this registered user', async function () {
659 password: 'my super password'
662 accessToken = await userLogin(server, user15)
665 it('Should have the correct display name', async function () {
666 const res = await getMyUserInformation(server.url, accessToken)
667 const user: User = res.body
669 expect(user.account.displayName).to.equal('super user 15')
672 it('Should have the correct video quota', async function () {
673 const res = await getMyUserInformation(server.url, accessToken)
674 const user = res.body
676 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
679 it('Should have created the channel', async function () {
680 const res = await getVideoChannel(server.url, 'my_user_15_channel')
682 expect(res.body.displayName).to.equal('my channel rocks')
685 it('Should remove me', async function () {
687 const res = await getUsersList(server.url, server.accessToken)
688 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
691 await deleteMe(server.url, accessToken)
694 const res = await getUsersList(server.url, server.accessToken)
695 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
700 describe('User blocking', function () {
701 it('Should block and unblock a user', async function () {
704 password: 'my super password'
706 const resUser = await createUser({
708 accessToken: server.accessToken,
709 username: user16.username,
710 password: user16.password
712 const user16Id = resUser.body.user.id
714 accessToken = await userLogin(server, user16)
716 await getMyUserInformation(server.url, accessToken, 200)
717 await blockUser(server.url, user16Id, server.accessToken)
719 await getMyUserInformation(server.url, accessToken, 401)
720 await userLogin(server, user16, 400)
722 await unblockUser(server.url, user16Id, server.accessToken)
723 accessToken = await userLogin(server, user16)
724 await getMyUserInformation(server.url, accessToken, 200)
728 after(async function () {
729 await cleanupTests([ server ])