server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   addVideoCommentThread,
   8   blockUser,
   9   cleanupTests,
  10   closeAllSequelize,
  11   createUser,
  12   deleteMe,
  13   flushAndRunServer,
  14   getMyUserInformation,
  15   getMyUserVideoQuotaUsed,
  16   getMyUserVideoRating,
  17   getMyVideos,
  18   getUserInformation,
  19   getUsersList,
  20   getUsersListPaginationAndSort,
  21   getVideoChannel,
  22   getVideosList,
  23   killallServers,
  24   login,
  25   logout,
  26   makePutBodyRequest,
  27   rateVideo,
  28   refreshToken,
  29   registerUserWithChannel,
  30   removeUser,
  31   removeVideo,
  32   reRunServer,
  33   ServerInfo,
  34   setAccessTokensToServers,
  35   setTokenField,
  36   testImage,
  37   unblockUser,
  38   updateMyAvatar,
  39   updateMyUser,
  40   updateUser,
  41   uploadVideo,
  42   userLogin,
  43   waitJobs
  44 } from '@shared/extra-utils'
  45 import { AbuseState, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  46
  47 const expect = chai.expect
  48
  49 describe('Test users', function () {
  50   let server: ServerInfo
  51   let accessToken: string
  52   let accessTokenUser: string
  53   let videoId: number
  54   let userId: number
  55   const user = {
  56     username: 'user_1',
  57     password: 'super password'
  58   }
  59
  60   before(async function () {
  61     this.timeout(30000)
  62
  63     server = await flushAndRunServer(1, {
  64       rates_limit: {
  65         login: {
  66           max: 30
  67         }
  68       }
  69     })
  70
  71     await setAccessTokensToServers([ server ])
  72
  73     await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
  74   })
  75
  76   describe('OAuth client', function () {
  77     it('Should create a new client')
  78
  79     it('Should return the first client')
  80
  81     it('Should remove the last client')
  82
  83     it('Should not login with an invalid client id', async function () {
  84       const client = { id: 'client', secret: server.client.secret }
  85       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  86
  87       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  88       expect(res.body.error).to.contain('client is invalid')
  89       expect(res.body.type.startsWith('https://')).to.be.true
  90       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  91     })
  92
  93     it('Should not login with an invalid client secret', async function () {
  94       const client = { id: server.client.id, secret: 'coucou' }
  95       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  96
  97       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  98       expect(res.body.error).to.contain('client is invalid')
  99       expect(res.body.type.startsWith('https://')).to.be.true
 100       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 101     })
 102   })
 103
 104   describe('Login', function () {
 105
 106     it('Should not login with an invalid username', async function () {
 107       const user = { username: 'captain crochet', password: server.user.password }
 108       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 109
 110       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 111       expect(res.body.error).to.contain('credentials are invalid')
 112       expect(res.body.type.startsWith('https://')).to.be.true
 113       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 114     })
 115
 116     it('Should not login with an invalid password', async function () {
 117       const user = { username: server.user.username, password: 'mew_three' }
 118       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 119
 120       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 121       expect(res.body.error).to.contain('credentials are invalid')
 122       expect(res.body.type.startsWith('https://')).to.be.true
 123       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 124     })
 125
 126     it('Should not be able to upload a video', async function () {
 127       accessToken = 'my_super_token'
 128
 129       const videoAttributes = {}
 130       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 131     })
 132
 133     it('Should not be able to follow', async function () {
 134       accessToken = 'my_super_token'
 135
 136       await server.followsCommand.follow({
 137         targets: [ 'http://example.com' ],
 138         token: accessToken,
 139         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 140       })
 141     })
 142
 143     it('Should not be able to unfollow')
 144
 145     it('Should be able to login', async function () {
 146       const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
 147
 148       accessToken = res.body.access_token
 149     })
 150
 151     it('Should be able to login with an insensitive username', async function () {
 152       const user = { username: 'RoOt', password: server.user.password }
 153       await login(server.url, server.client, user, HttpStatusCode.OK_200)
 154
 155       const user2 = { username: 'rOoT', password: server.user.password }
 156       await login(server.url, server.client, user2, HttpStatusCode.OK_200)
 157
 158       const user3 = { username: 'ROOt', password: server.user.password }
 159       await login(server.url, server.client, user3, HttpStatusCode.OK_200)
 160     })
 161   })
 162
 163   describe('Upload', function () {
 164
 165     it('Should upload the video with the correct token', async function () {
 166       const videoAttributes = {}
 167       await uploadVideo(server.url, accessToken, videoAttributes)
 168       const res = await getVideosList(server.url)
 169       const video = res.body.data[0]
 170
 171       expect(video.account.name).to.equal('root')
 172       videoId = video.id
 173     })
 174
 175     it('Should upload the video again with the correct token', async function () {
 176       const videoAttributes = {}
 177       await uploadVideo(server.url, accessToken, videoAttributes)
 178     })
 179   })
 180
 181   describe('Ratings', function () {
 182
 183     it('Should retrieve a video rating', async function () {
 184       await rateVideo(server.url, accessToken, videoId, 'like')
 185       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 186       const rating = res.body
 187
 188       expect(rating.videoId).to.equal(videoId)
 189       expect(rating.rating).to.equal('like')
 190     })
 191
 192     it('Should retrieve ratings list', async function () {
 193       await rateVideo(server.url, accessToken, videoId, 'like')
 194
 195       const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
 196
 197       expect(body.total).to.equal(1)
 198       expect(body.data[0].video.id).to.equal(videoId)
 199       expect(body.data[0].rating).to.equal('like')
 200     })
 201
 202     it('Should retrieve ratings list by rating type', async function () {
 203       {
 204         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
 205         expect(body.data.length).to.equal(1)
 206       }
 207
 208       {
 209         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
 210         expect(body.data.length).to.equal(0)
 211       }
 212     })
 213   })
 214
 215   describe('Remove video', function () {
 216     it('Should not be able to remove the video with an incorrect token', async function () {
 217       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 218     })
 219
 220     it('Should not be able to remove the video with the token of another account')
 221
 222     it('Should be able to remove the video with the correct token', async function () {
 223       await removeVideo(server.url, accessToken, videoId)
 224     })
 225   })
 226
 227   describe('Logout', function () {
 228     it('Should logout (revoke token)', async function () {
 229       await logout(server.url, server.accessToken)
 230     })
 231
 232     it('Should not be able to get the user information', async function () {
 233       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 234     })
 235
 236     it('Should not be able to upload a video', async function () {
 237       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 238     })
 239
 240     it('Should not be able to rate a video', async function () {
 241       const path = '/api/v1/videos/'
 242       const data = {
 243         rating: 'likes'
 244       }
 245
 246       const options = {
 247         url: server.url,
 248         path: path + videoId,
 249         token: 'wrong token',
 250         fields: data,
 251         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 252       }
 253       await makePutBodyRequest(options)
 254     })
 255
 256     it('Should be able to login again', async function () {
 257       const res = await login(server.url, server.client, server.user)
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await getMyUserInformation(server.url, server.accessToken)
 264     })
 265
 266     it('Should have an expired access token', async function () {
 267       this.timeout(15000)
 268
 269       await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 270       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 271
 272       killallServers([ server ])
 273       await reRunServer(server)
 274
 275       await getMyUserInformation(server.url, server.accessToken, 401)
 276     })
 277
 278     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 279       await refreshToken(server, server.refreshToken, 400)
 280     })
 281
 282     it('Should refresh the token', async function () {
 283       this.timeout(15000)
 284
 285       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 286       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 287
 288       killallServers([ server ])
 289       await reRunServer(server)
 290
 291       const res = await refreshToken(server, server.refreshToken)
 292       server.accessToken = res.body.access_token
 293       server.refreshToken = res.body.refresh_token
 294     })
 295
 296     it('Should be able to get my user information again', async function () {
 297       await getMyUserInformation(server.url, server.accessToken)
 298     })
 299   })
 300
 301   describe('Creating a user', function () {
 302
 303     it('Should be able to create a new user', async function () {
 304       await createUser({
 305         url: server.url,
 306         accessToken: accessToken,
 307         username: user.username,
 308         password: user.password,
 309         videoQuota: 2 * 1024 * 1024,
 310         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 311       })
 312     })
 313
 314     it('Should be able to login with this user', async function () {
 315       accessTokenUser = await userLogin(server, user)
 316     })
 317
 318     it('Should be able to get user information', async function () {
 319       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 320       const userMe: MyUser = res1.body
 321
 322       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 323       const userGet: User = res2.body
 324
 325       for (const user of [ userMe, userGet ]) {
 326         expect(user.username).to.equal('user_1')
 327         expect(user.email).to.equal('user_1@example.com')
 328         expect(user.nsfwPolicy).to.equal('display')
 329         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 330         expect(user.roleLabel).to.equal('User')
 331         expect(user.id).to.be.a('number')
 332         expect(user.account.displayName).to.equal('user_1')
 333         expect(user.account.description).to.be.null
 334       }
 335
 336       expect(userMe.adminFlags).to.be.undefined
 337       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 338
 339       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 340       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 341
 342       // Check stats are included with withStats
 343       expect(userGet.videosCount).to.be.a('number')
 344       expect(userGet.videosCount).to.equal(0)
 345       expect(userGet.videoCommentsCount).to.be.a('number')
 346       expect(userGet.videoCommentsCount).to.equal(0)
 347       expect(userGet.abusesCount).to.be.a('number')
 348       expect(userGet.abusesCount).to.equal(0)
 349       expect(userGet.abusesAcceptedCount).to.be.a('number')
 350       expect(userGet.abusesAcceptedCount).to.equal(0)
 351     })
 352   })
 353
 354   describe('My videos & quotas', function () {
 355
 356     it('Should be able to upload a video with this user', async function () {
 357       this.timeout(10000)
 358
 359       const videoAttributes = {
 360         name: 'super user video',
 361         fixture: 'video_short.webm'
 362       }
 363       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 364     })
 365
 366     it('Should have video quota updated', async function () {
 367       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 368       const data = res.body
 369
 370       expect(data.videoQuotaUsed).to.equal(218910)
 371
 372       const resUsers = await getUsersList(server.url, server.accessToken)
 373
 374       const users: User[] = resUsers.body.data
 375       const tmpUser = users.find(u => u.username === user.username)
 376       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 377     })
 378
 379     it('Should be able to list my videos', async function () {
 380       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 381       expect(res.body.total).to.equal(1)
 382
 383       const videos = res.body.data
 384       expect(videos).to.have.lengthOf(1)
 385
 386       const video: Video = videos[0]
 387       expect(video.name).to.equal('super user video')
 388       expect(video.thumbnailPath).to.not.be.null
 389       expect(video.previewPath).to.not.be.null
 390     })
 391
 392     it('Should be able to search in my videos', async function () {
 393       {
 394         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 395         expect(res.body.total).to.equal(1)
 396
 397         const videos = res.body.data
 398         expect(videos).to.have.lengthOf(1)
 399       }
 400
 401       {
 402         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 403         expect(res.body.total).to.equal(0)
 404
 405         const videos = res.body.data
 406         expect(videos).to.have.lengthOf(0)
 407       }
 408     })
 409
 410     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 411       this.timeout(60000)
 412
 413       {
 414         const config = await server.configCommand.getCustomConfig()
 415         config.transcoding.webtorrent.enabled = false
 416         config.transcoding.hls.enabled = true
 417         config.transcoding.enabled = true
 418         await server.configCommand.updateCustomSubConfig({ newConfig: config })
 419       }
 420
 421       {
 422         const videoAttributes = {
 423           name: 'super user video 2',
 424           fixture: 'video_short.webm'
 425         }
 426         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 427
 428         await waitJobs([ server ])
 429       }
 430
 431       {
 432         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 433         const data = res.body
 434
 435         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 436       }
 437     })
 438   })
 439
 440   describe('Users listing', function () {
 441
 442     it('Should list all the users', async function () {
 443       const res = await getUsersList(server.url, server.accessToken)
 444       const result = res.body
 445       const total = result.total
 446       const users = result.data
 447
 448       expect(total).to.equal(2)
 449       expect(users).to.be.an('array')
 450       expect(users.length).to.equal(2)
 451
 452       const user = users[0]
 453       expect(user.username).to.equal('user_1')
 454       expect(user.email).to.equal('user_1@example.com')
 455       expect(user.nsfwPolicy).to.equal('display')
 456
 457       const rootUser = users[1]
 458       expect(rootUser.username).to.equal('root')
 459       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 460       expect(user.nsfwPolicy).to.equal('display')
 461
 462       expect(rootUser.lastLoginDate).to.exist
 463       expect(user.lastLoginDate).to.exist
 464
 465       userId = user.id
 466     })
 467
 468     it('Should list only the first user by username asc', async function () {
 469       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 470
 471       const result = res.body
 472       const total = result.total
 473       const users = result.data
 474
 475       expect(total).to.equal(2)
 476       expect(users.length).to.equal(1)
 477
 478       const user = users[0]
 479       expect(user.username).to.equal('root')
 480       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 481       expect(user.roleLabel).to.equal('Administrator')
 482       expect(user.nsfwPolicy).to.equal('display')
 483     })
 484
 485     it('Should list only the first user by username desc', async function () {
 486       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 487       const result = res.body
 488       const total = result.total
 489       const users = result.data
 490
 491       expect(total).to.equal(2)
 492       expect(users.length).to.equal(1)
 493
 494       const user = users[0]
 495       expect(user.username).to.equal('user_1')
 496       expect(user.email).to.equal('user_1@example.com')
 497       expect(user.nsfwPolicy).to.equal('display')
 498     })
 499
 500     it('Should list only the second user by createdAt desc', async function () {
 501       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 502       const result = res.body
 503       const total = result.total
 504       const users = result.data
 505
 506       expect(total).to.equal(2)
 507       expect(users.length).to.equal(1)
 508
 509       const user = users[0]
 510       expect(user.username).to.equal('user_1')
 511       expect(user.email).to.equal('user_1@example.com')
 512       expect(user.nsfwPolicy).to.equal('display')
 513     })
 514
 515     it('Should list all the users by createdAt asc', async function () {
 516       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 517       const result = res.body
 518       const total = result.total
 519       const users = result.data
 520
 521       expect(total).to.equal(2)
 522       expect(users.length).to.equal(2)
 523
 524       expect(users[0].username).to.equal('root')
 525       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 526       expect(users[0].nsfwPolicy).to.equal('display')
 527
 528       expect(users[1].username).to.equal('user_1')
 529       expect(users[1].email).to.equal('user_1@example.com')
 530       expect(users[1].nsfwPolicy).to.equal('display')
 531     })
 532
 533     it('Should search user by username', async function () {
 534       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 535       const users = res.body.data as User[]
 536
 537       expect(res.body.total).to.equal(1)
 538       expect(users.length).to.equal(1)
 539
 540       expect(users[0].username).to.equal('root')
 541     })
 542
 543     it('Should search user by email', async function () {
 544       {
 545         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 546         const users = res.body.data as User[]
 547
 548         expect(res.body.total).to.equal(1)
 549         expect(users.length).to.equal(1)
 550
 551         expect(users[0].username).to.equal('user_1')
 552         expect(users[0].email).to.equal('user_1@example.com')
 553       }
 554
 555       {
 556         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 557         const users = res.body.data as User[]
 558
 559         expect(res.body.total).to.equal(2)
 560         expect(users.length).to.equal(2)
 561
 562         expect(users[0].username).to.equal('root')
 563         expect(users[1].username).to.equal('user_1')
 564       }
 565     })
 566   })
 567
 568   describe('Update my account', function () {
 569     it('Should update my password', async function () {
 570       await updateMyUser({
 571         url: server.url,
 572         accessToken: accessTokenUser,
 573         currentPassword: 'super password',
 574         password: 'new password'
 575       })
 576       user.password = 'new password'
 577
 578       await userLogin(server, user, HttpStatusCode.OK_200)
 579     })
 580
 581     it('Should be able to change the NSFW display attribute', async function () {
 582       await updateMyUser({
 583         url: server.url,
 584         accessToken: accessTokenUser,
 585         nsfwPolicy: 'do_not_list'
 586       })
 587
 588       const res = await getMyUserInformation(server.url, accessTokenUser)
 589       const user = res.body
 590
 591       expect(user.username).to.equal('user_1')
 592       expect(user.email).to.equal('user_1@example.com')
 593       expect(user.nsfwPolicy).to.equal('do_not_list')
 594       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 595       expect(user.id).to.be.a('number')
 596       expect(user.account.displayName).to.equal('user_1')
 597       expect(user.account.description).to.be.null
 598     })
 599
 600     it('Should be able to change the autoPlayVideo attribute', async function () {
 601       await updateMyUser({
 602         url: server.url,
 603         accessToken: accessTokenUser,
 604         autoPlayVideo: false
 605       })
 606
 607       const res = await getMyUserInformation(server.url, accessTokenUser)
 608       const user = res.body
 609
 610       expect(user.autoPlayVideo).to.be.false
 611     })
 612
 613     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 614       await updateMyUser({
 615         url: server.url,
 616         accessToken: accessTokenUser,
 617         autoPlayNextVideo: true
 618       })
 619
 620       const res = await getMyUserInformation(server.url, accessTokenUser)
 621       const user = res.body
 622
 623       expect(user.autoPlayNextVideo).to.be.true
 624     })
 625
 626     it('Should be able to change the email attribute', async function () {
 627       await updateMyUser({
 628         url: server.url,
 629         accessToken: accessTokenUser,
 630         currentPassword: 'new password',
 631         email: 'updated@example.com'
 632       })
 633
 634       const res = await getMyUserInformation(server.url, accessTokenUser)
 635       const user = res.body
 636
 637       expect(user.username).to.equal('user_1')
 638       expect(user.email).to.equal('updated@example.com')
 639       expect(user.nsfwPolicy).to.equal('do_not_list')
 640       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 641       expect(user.id).to.be.a('number')
 642       expect(user.account.displayName).to.equal('user_1')
 643       expect(user.account.description).to.be.null
 644     })
 645
 646     it('Should be able to update my avatar with a gif', async function () {
 647       const fixture = 'avatar.gif'
 648
 649       await updateMyAvatar({
 650         url: server.url,
 651         accessToken: accessTokenUser,
 652         fixture
 653       })
 654
 655       const res = await getMyUserInformation(server.url, accessTokenUser)
 656       const user = res.body
 657
 658       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 659     })
 660
 661     it('Should be able to update my avatar with a gif, and then a png', async function () {
 662       for (const extension of [ '.png', '.gif' ]) {
 663         const fixture = 'avatar' + extension
 664
 665         await updateMyAvatar({
 666           url: server.url,
 667           accessToken: accessTokenUser,
 668           fixture
 669         })
 670
 671         const res = await getMyUserInformation(server.url, accessTokenUser)
 672         const user = res.body
 673
 674         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 675       }
 676     })
 677
 678     it('Should be able to update my display name', async function () {
 679       await updateMyUser({
 680         url: server.url,
 681         accessToken: accessTokenUser,
 682         displayName: 'new display name'
 683       })
 684
 685       const res = await getMyUserInformation(server.url, accessTokenUser)
 686       const user = res.body
 687
 688       expect(user.username).to.equal('user_1')
 689       expect(user.email).to.equal('updated@example.com')
 690       expect(user.nsfwPolicy).to.equal('do_not_list')
 691       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 692       expect(user.id).to.be.a('number')
 693       expect(user.account.displayName).to.equal('new display name')
 694       expect(user.account.description).to.be.null
 695     })
 696
 697     it('Should be able to update my description', async function () {
 698       await updateMyUser({
 699         url: server.url,
 700         accessToken: accessTokenUser,
 701         description: 'my super description updated'
 702       })
 703
 704       const res = await getMyUserInformation(server.url, accessTokenUser)
 705       const user: User = res.body
 706
 707       expect(user.username).to.equal('user_1')
 708       expect(user.email).to.equal('updated@example.com')
 709       expect(user.nsfwPolicy).to.equal('do_not_list')
 710       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 711       expect(user.id).to.be.a('number')
 712       expect(user.account.displayName).to.equal('new display name')
 713       expect(user.account.description).to.equal('my super description updated')
 714       expect(user.noWelcomeModal).to.be.false
 715       expect(user.noInstanceConfigWarningModal).to.be.false
 716     })
 717
 718     it('Should be able to update my theme', async function () {
 719       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 720         await updateMyUser({
 721           url: server.url,
 722           accessToken: accessTokenUser,
 723           theme
 724         })
 725
 726         const res = await getMyUserInformation(server.url, accessTokenUser)
 727         const body: User = res.body
 728
 729         expect(body.theme).to.equal(theme)
 730       }
 731     })
 732
 733     it('Should be able to update my modal preferences', async function () {
 734       await updateMyUser({
 735         url: server.url,
 736         accessToken: accessTokenUser,
 737         noInstanceConfigWarningModal: true,
 738         noWelcomeModal: true
 739       })
 740
 741       const res = await getMyUserInformation(server.url, accessTokenUser)
 742       const user: User = res.body
 743
 744       expect(user.noWelcomeModal).to.be.true
 745       expect(user.noInstanceConfigWarningModal).to.be.true
 746     })
 747   })
 748
 749   describe('Updating another user', function () {
 750     it('Should be able to update another user', async function () {
 751       await updateUser({
 752         url: server.url,
 753         userId,
 754         accessToken,
 755         email: 'updated2@example.com',
 756         emailVerified: true,
 757         videoQuota: 42,
 758         role: UserRole.MODERATOR,
 759         adminFlags: UserAdminFlag.NONE,
 760         pluginAuth: 'toto'
 761       })
 762
 763       const res = await getUserInformation(server.url, accessToken, userId)
 764       const user = res.body as User
 765
 766       expect(user.username).to.equal('user_1')
 767       expect(user.email).to.equal('updated2@example.com')
 768       expect(user.emailVerified).to.be.true
 769       expect(user.nsfwPolicy).to.equal('do_not_list')
 770       expect(user.videoQuota).to.equal(42)
 771       expect(user.roleLabel).to.equal('Moderator')
 772       expect(user.id).to.be.a('number')
 773       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 774       expect(user.pluginAuth).to.equal('toto')
 775     })
 776
 777     it('Should reset the auth plugin', async function () {
 778       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 779
 780       const res = await getUserInformation(server.url, accessToken, userId)
 781       const user = res.body as User
 782       expect(user.pluginAuth).to.be.null
 783     })
 784
 785     it('Should have removed the user token', async function () {
 786       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 787
 788       accessTokenUser = await userLogin(server, user)
 789     })
 790
 791     it('Should be able to update another user password', async function () {
 792       await updateUser({
 793         url: server.url,
 794         userId,
 795         accessToken,
 796         password: 'password updated'
 797       })
 798
 799       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 800
 801       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 802
 803       user.password = 'password updated'
 804       accessTokenUser = await userLogin(server, user)
 805     })
 806   })
 807
 808   describe('Video blacklists', function () {
 809     it('Should be able to list video blacklist by a moderator', async function () {
 810       await server.blacklistCommand.list({ token: accessTokenUser })
 811     })
 812   })
 813
 814   describe('Remove a user', function () {
 815     it('Should be able to remove this user', async function () {
 816       await removeUser(server.url, userId, accessToken)
 817     })
 818
 819     it('Should not be able to login with this user', async function () {
 820       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 821     })
 822
 823     it('Should not have videos of this user', async function () {
 824       const res = await getVideosList(server.url)
 825
 826       expect(res.body.total).to.equal(1)
 827
 828       const video = res.body.data[0]
 829       expect(video.account.name).to.equal('root')
 830     })
 831   })
 832
 833   describe('Registering a new user', function () {
 834     let user15AccessToken
 835
 836     it('Should register a new user', async function () {
 837       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 838       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 839
 840       await registerUserWithChannel({ url: server.url, user, channel })
 841     })
 842
 843     it('Should be able to login with this registered user', async function () {
 844       const user15 = {
 845         username: 'user_15',
 846         password: 'my super password'
 847       }
 848
 849       user15AccessToken = await userLogin(server, user15)
 850     })
 851
 852     it('Should have the correct display name', async function () {
 853       const res = await getMyUserInformation(server.url, user15AccessToken)
 854       const user: User = res.body
 855
 856       expect(user.account.displayName).to.equal('super user 15')
 857     })
 858
 859     it('Should have the correct video quota', async function () {
 860       const res = await getMyUserInformation(server.url, user15AccessToken)
 861       const user = res.body
 862
 863       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 864     })
 865
 866     it('Should have created the channel', async function () {
 867       const res = await getVideoChannel(server.url, 'my_user_15_channel')
 868
 869       expect(res.body.displayName).to.equal('my channel rocks')
 870     })
 871
 872     it('Should remove me', async function () {
 873       {
 874         const res = await getUsersList(server.url, server.accessToken)
 875         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 876       }
 877
 878       await deleteMe(server.url, user15AccessToken)
 879
 880       {
 881         const res = await getUsersList(server.url, server.accessToken)
 882         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 883       }
 884     })
 885   })
 886
 887   describe('User blocking', function () {
 888     let user16Id
 889     let user16AccessToken
 890     const user16 = {
 891       username: 'user_16',
 892       password: 'my super password'
 893     }
 894
 895     it('Should block a user', async function () {
 896       const resUser = await createUser({
 897         url: server.url,
 898         accessToken: server.accessToken,
 899         username: user16.username,
 900         password: user16.password
 901       })
 902       user16Id = resUser.body.user.id
 903
 904       user16AccessToken = await userLogin(server, user16)
 905
 906       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 907       await blockUser(server.url, user16Id, server.accessToken)
 908
 909       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 910       await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
 911     })
 912
 913     it('Should search user by banned status', async function () {
 914       {
 915         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 916         const users = res.body.data as User[]
 917
 918         expect(res.body.total).to.equal(1)
 919         expect(users.length).to.equal(1)
 920
 921         expect(users[0].username).to.equal(user16.username)
 922       }
 923
 924       {
 925         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 926         const users = res.body.data as User[]
 927
 928         expect(res.body.total).to.equal(1)
 929         expect(users.length).to.equal(1)
 930
 931         expect(users[0].username).to.not.equal(user16.username)
 932       }
 933     })
 934
 935     it('Should unblock a user', async function () {
 936       await unblockUser(server.url, user16Id, server.accessToken)
 937       user16AccessToken = await userLogin(server, user16)
 938       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 939     })
 940   })
 941
 942   describe('User stats', function () {
 943     let user17Id
 944     let user17AccessToken
 945
 946     it('Should report correct initial statistics about a user', async function () {
 947       const user17 = {
 948         username: 'user_17',
 949         password: 'my super password'
 950       }
 951       const resUser = await createUser({
 952         url: server.url,
 953         accessToken: server.accessToken,
 954         username: user17.username,
 955         password: user17.password
 956       })
 957
 958       user17Id = resUser.body.user.id
 959       user17AccessToken = await userLogin(server, user17)
 960
 961       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 962       const user: User = res.body
 963
 964       expect(user.videosCount).to.equal(0)
 965       expect(user.videoCommentsCount).to.equal(0)
 966       expect(user.abusesCount).to.equal(0)
 967       expect(user.abusesCreatedCount).to.equal(0)
 968       expect(user.abusesAcceptedCount).to.equal(0)
 969     })
 970
 971     it('Should report correct videos count', async function () {
 972       const videoAttributes = {
 973         name: 'video to test user stats'
 974       }
 975       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 976       const res1 = await getVideosList(server.url)
 977       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 978
 979       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 980       const user: User = res2.body
 981
 982       expect(user.videosCount).to.equal(1)
 983     })
 984
 985     it('Should report correct video comments for user', async function () {
 986       const text = 'super comment'
 987       await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
 988
 989       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 990       const user: User = res.body
 991
 992       expect(user.videoCommentsCount).to.equal(1)
 993     })
 994
 995     it('Should report correct abuses counts', async function () {
 996       const reason = 'my super bad reason'
 997       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
 998
 999       const body1 = await server.abusesCommand.getAdminList()
1000       const abuseId = body1.data[0].id
1001
1002       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1003       const user2: User = res2.body
1004
1005       expect(user2.abusesCount).to.equal(1) // number of incriminations
1006       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1007
1008       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
1009
1010       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1011       const user3: User = res3.body
1012
1013       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1014     })
1015   })
1016
1017   after(async function () {
1018     await closeAllSequelize([ server ])
1019     await cleanupTests([ server ])
1020   })
1021 })