1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
3 import * as chai from 'chai'
5 import { MyUser, User, UserRole, Video, VideoPlaylistType } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
26 registerUserWithChannel,
37 } from '../../../../shared/extra-utils'
38 import { follow } from '../../../../shared/extra-utils/server/follows'
39 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
40 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
41 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
43 const expect = chai.expect
45 describe('Test users', function () {
46 let server: ServerInfo
47 let accessToken: string
48 let accessTokenUser: string
53 password: 'super password'
56 before(async function () {
58 server = await flushAndRunServer(1)
60 await setAccessTokensToServers([ server ])
62 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
65 describe('OAuth client', function () {
66 it('Should create a new client')
68 it('Should return the first client')
70 it('Should remove the last client')
72 it('Should not login with an invalid client id', async function () {
73 const client = { id: 'client', secret: server.client.secret }
74 const res = await login(server.url, client, server.user, 400)
76 expect(res.body.error).to.contain('client is invalid')
79 it('Should not login with an invalid client secret', async function () {
80 const client = { id: server.client.id, secret: 'coucou' }
81 const res = await login(server.url, client, server.user, 400)
83 expect(res.body.error).to.contain('client is invalid')
87 describe('Login', function () {
89 it('Should not login with an invalid username', async function () {
90 const user = { username: 'captain crochet', password: server.user.password }
91 const res = await login(server.url, server.client, user, 400)
93 expect(res.body.error).to.contain('credentials are invalid')
96 it('Should not login with an invalid password', async function () {
97 const user = { username: server.user.username, password: 'mew_three' }
98 const res = await login(server.url, server.client, user, 400)
100 expect(res.body.error).to.contain('credentials are invalid')
103 it('Should not be able to upload a video', async function () {
104 accessToken = 'my_super_token'
106 const videoAttributes = {}
107 await uploadVideo(server.url, accessToken, videoAttributes, 401)
110 it('Should not be able to follow', async function () {
111 accessToken = 'my_super_token'
112 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
115 it('Should not be able to unfollow')
117 it('Should be able to login', async function () {
118 const res = await login(server.url, server.client, server.user, 200)
120 accessToken = res.body.access_token
123 it('Should be able to login with an insensitive username', async function () {
124 const user = { username: 'RoOt', password: server.user.password }
125 await login(server.url, server.client, user, 200)
127 const user2 = { username: 'rOoT', password: server.user.password }
128 await login(server.url, server.client, user2, 200)
130 const user3 = { username: 'ROOt', password: server.user.password }
131 await login(server.url, server.client, user3, 200)
135 describe('Upload', function () {
137 it('Should upload the video with the correct token', async function () {
138 const videoAttributes = {}
139 await uploadVideo(server.url, accessToken, videoAttributes)
140 const res = await getVideosList(server.url)
141 const video = res.body.data[0]
143 expect(video.account.name).to.equal('root')
147 it('Should upload the video again with the correct token', async function () {
148 const videoAttributes = {}
149 await uploadVideo(server.url, accessToken, videoAttributes)
153 describe('Ratings', function () {
155 it('Should retrieve a video rating', async function () {
156 await rateVideo(server.url, accessToken, videoId, 'like')
157 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
158 const rating = res.body
160 expect(rating.videoId).to.equal(videoId)
161 expect(rating.rating).to.equal('like')
164 it('Should retrieve ratings list', async function () {
165 await rateVideo(server.url, accessToken, videoId, 'like')
167 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
168 const ratings = res.body
170 expect(ratings.total).to.equal(1)
171 expect(ratings.data[0].video.id).to.equal(videoId)
172 expect(ratings.data[0].rating).to.equal('like')
175 it('Should retrieve ratings list by rating type', async function () {
177 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
178 const ratings = res.body
179 expect(ratings.data.length).to.equal(1)
183 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
184 const ratings = res.body
185 expect(ratings.data.length).to.equal(0)
190 describe('Remove video', function () {
191 it('Should not be able to remove the video with an incorrect token', async function () {
192 await removeVideo(server.url, 'bad_token', videoId, 401)
195 it('Should not be able to remove the video with the token of another account')
197 it('Should be able to remove the video with the correct token', async function () {
198 await removeVideo(server.url, accessToken, videoId)
202 describe('Logout', function () {
203 it('Should logout (revoke token)')
205 it('Should not be able to get the user information')
207 it('Should not be able to upload a video')
209 it('Should not be able to remove a video')
211 it('Should not be able to rate a video', async function () {
212 const path = '/api/v1/videos/'
219 path: path + videoId,
220 token: 'wrong token',
222 statusCodeExpected: 401
224 await makePutBodyRequest(options)
227 it('Should be able to login again')
229 it('Should have an expired access token')
231 it('Should refresh the token')
233 it('Should be able to upload a video again')
236 describe('Creating a user', function () {
238 it('Should be able to create a new user', async function () {
241 accessToken: accessToken,
242 username: user.username,
243 password: user.password,
244 videoQuota: 2 * 1024 * 1024,
245 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
249 it('Should be able to login with this user', async function () {
250 accessTokenUser = await userLogin(server, user)
253 it('Should be able to get user information', async function () {
254 const res1 = await getMyUserInformation(server.url, accessTokenUser)
255 const userMe: MyUser = res1.body
257 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
258 const userGet: User = res2.body
260 for (const user of [ userMe, userGet ]) {
261 expect(user.username).to.equal('user_1')
262 expect(user.email).to.equal('user_1@example.com')
263 expect(user.nsfwPolicy).to.equal('display')
264 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
265 expect(user.roleLabel).to.equal('User')
266 expect(user.id).to.be.a('number')
267 expect(user.account.displayName).to.equal('user_1')
268 expect(user.account.description).to.be.null
271 expect(userMe.adminFlags).to.be.undefined
272 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
274 expect(userMe.specialPlaylists).to.have.lengthOf(1)
275 expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
279 describe('My videos & quotas', function () {
281 it('Should be able to upload a video with this user', async function () {
284 const videoAttributes = {
285 name: 'super user video',
286 fixture: 'video_short.webm'
288 await uploadVideo(server.url, accessTokenUser, videoAttributes)
291 it('Should have video quota updated', async function () {
292 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
293 const data = res.body
295 expect(data.videoQuotaUsed).to.equal(218910)
297 const resUsers = await getUsersList(server.url, server.accessToken)
299 const users: User[] = resUsers.body.data
300 const tmpUser = users.find(u => u.username === user.username)
301 expect(tmpUser.videoQuotaUsed).to.equal(218910)
304 it('Should be able to list my videos', async function () {
305 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
306 expect(res.body.total).to.equal(1)
308 const videos = res.body.data
309 expect(videos).to.have.lengthOf(1)
311 const video: Video = videos[0]
312 expect(video.name).to.equal('super user video')
313 expect(video.thumbnailPath).to.not.be.null
314 expect(video.previewPath).to.not.be.null
317 it('Should be able to search in my videos', async function () {
319 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
320 expect(res.body.total).to.equal(1)
322 const videos = res.body.data
323 expect(videos).to.have.lengthOf(1)
327 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
328 expect(res.body.total).to.equal(0)
330 const videos = res.body.data
331 expect(videos).to.have.lengthOf(0)
336 describe('Users listing', function () {
338 it('Should list all the users', async function () {
339 const res = await getUsersList(server.url, server.accessToken)
340 const result = res.body
341 const total = result.total
342 const users = result.data
344 expect(total).to.equal(2)
345 expect(users).to.be.an('array')
346 expect(users.length).to.equal(2)
348 const user = users[0]
349 expect(user.username).to.equal('user_1')
350 expect(user.email).to.equal('user_1@example.com')
351 expect(user.nsfwPolicy).to.equal('display')
353 const rootUser = users[1]
354 expect(rootUser.username).to.equal('root')
355 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
356 expect(user.nsfwPolicy).to.equal('display')
361 it('Should list only the first user by username asc', async function () {
362 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
364 const result = res.body
365 const total = result.total
366 const users = result.data
368 expect(total).to.equal(2)
369 expect(users.length).to.equal(1)
371 const user = users[0]
372 expect(user.username).to.equal('root')
373 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
374 expect(user.roleLabel).to.equal('Administrator')
375 expect(user.nsfwPolicy).to.equal('display')
378 it('Should list only the first user by username desc', async function () {
379 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
380 const result = res.body
381 const total = result.total
382 const users = result.data
384 expect(total).to.equal(2)
385 expect(users.length).to.equal(1)
387 const user = users[0]
388 expect(user.username).to.equal('user_1')
389 expect(user.email).to.equal('user_1@example.com')
390 expect(user.nsfwPolicy).to.equal('display')
393 it('Should list only the second user by createdAt desc', async function () {
394 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
395 const result = res.body
396 const total = result.total
397 const users = result.data
399 expect(total).to.equal(2)
400 expect(users.length).to.equal(1)
402 const user = users[0]
403 expect(user.username).to.equal('user_1')
404 expect(user.email).to.equal('user_1@example.com')
405 expect(user.nsfwPolicy).to.equal('display')
408 it('Should list all the users by createdAt asc', async function () {
409 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
410 const result = res.body
411 const total = result.total
412 const users = result.data
414 expect(total).to.equal(2)
415 expect(users.length).to.equal(2)
417 expect(users[0].username).to.equal('root')
418 expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
419 expect(users[0].nsfwPolicy).to.equal('display')
421 expect(users[1].username).to.equal('user_1')
422 expect(users[1].email).to.equal('user_1@example.com')
423 expect(users[1].nsfwPolicy).to.equal('display')
426 it('Should search user by username', async function () {
427 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
428 const users = res.body.data as User[]
430 expect(res.body.total).to.equal(1)
431 expect(users.length).to.equal(1)
433 expect(users[0].username).to.equal('root')
436 it('Should search user by email', async function () {
438 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
439 const users = res.body.data as User[]
441 expect(res.body.total).to.equal(1)
442 expect(users.length).to.equal(1)
444 expect(users[0].username).to.equal('user_1')
445 expect(users[0].email).to.equal('user_1@example.com')
449 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
450 const users = res.body.data as User[]
452 expect(res.body.total).to.equal(2)
453 expect(users.length).to.equal(2)
455 expect(users[0].username).to.equal('root')
456 expect(users[1].username).to.equal('user_1')
461 describe('Update my account', function () {
462 it('Should update my password', async function () {
465 accessToken: accessTokenUser,
466 currentPassword: 'super password',
467 password: 'new password'
469 user.password = 'new password'
471 await userLogin(server, user, 200)
474 it('Should be able to change the NSFW display attribute', async function () {
477 accessToken: accessTokenUser,
478 nsfwPolicy: 'do_not_list'
481 const res = await getMyUserInformation(server.url, accessTokenUser)
482 const user = res.body
484 expect(user.username).to.equal('user_1')
485 expect(user.email).to.equal('user_1@example.com')
486 expect(user.nsfwPolicy).to.equal('do_not_list')
487 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
488 expect(user.id).to.be.a('number')
489 expect(user.account.displayName).to.equal('user_1')
490 expect(user.account.description).to.be.null
493 it('Should be able to change the autoPlayVideo attribute', async function () {
496 accessToken: accessTokenUser,
500 const res = await getMyUserInformation(server.url, accessTokenUser)
501 const user = res.body
503 expect(user.autoPlayVideo).to.be.false
506 it('Should be able to change the autoPlayNextVideo attribute', async function () {
509 accessToken: accessTokenUser,
510 autoPlayNextVideo: true
513 const res = await getMyUserInformation(server.url, accessTokenUser)
514 const user = res.body
516 expect(user.autoPlayNextVideo).to.be.true
519 it('Should be able to change the email attribute', async function () {
522 accessToken: accessTokenUser,
523 currentPassword: 'new password',
524 email: 'updated@example.com'
527 const res = await getMyUserInformation(server.url, accessTokenUser)
528 const user = res.body
530 expect(user.username).to.equal('user_1')
531 expect(user.email).to.equal('updated@example.com')
532 expect(user.nsfwPolicy).to.equal('do_not_list')
533 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
534 expect(user.id).to.be.a('number')
535 expect(user.account.displayName).to.equal('user_1')
536 expect(user.account.description).to.be.null
539 it('Should be able to update my avatar', async function () {
540 const fixture = 'avatar.png'
542 await updateMyAvatar({
544 accessToken: accessTokenUser,
548 const res = await getMyUserInformation(server.url, accessTokenUser)
549 const user = res.body
551 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
554 it('Should be able to update my display name', async function () {
557 accessToken: accessTokenUser,
558 displayName: 'new display name'
561 const res = await getMyUserInformation(server.url, accessTokenUser)
562 const user = res.body
564 expect(user.username).to.equal('user_1')
565 expect(user.email).to.equal('updated@example.com')
566 expect(user.nsfwPolicy).to.equal('do_not_list')
567 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
568 expect(user.id).to.be.a('number')
569 expect(user.account.displayName).to.equal('new display name')
570 expect(user.account.description).to.be.null
573 it('Should be able to update my description', async function () {
576 accessToken: accessTokenUser,
577 description: 'my super description updated'
580 const res = await getMyUserInformation(server.url, accessTokenUser)
581 const user: User = res.body
583 expect(user.username).to.equal('user_1')
584 expect(user.email).to.equal('updated@example.com')
585 expect(user.nsfwPolicy).to.equal('do_not_list')
586 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
587 expect(user.id).to.be.a('number')
588 expect(user.account.displayName).to.equal('new display name')
589 expect(user.account.description).to.equal('my super description updated')
590 expect(user.noWelcomeModal).to.be.false
591 expect(user.noInstanceConfigWarningModal).to.be.false
594 it('Should be able to update my theme', async function () {
595 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
598 accessToken: accessTokenUser,
602 const res = await getMyUserInformation(server.url, accessTokenUser)
603 const body: User = res.body
605 expect(body.theme).to.equal(theme)
609 it('Should be able to update my modal preferences', async function () {
612 accessToken: accessTokenUser,
613 noInstanceConfigWarningModal: true,
617 const res = await getMyUserInformation(server.url, accessTokenUser)
618 const user: User = res.body
620 expect(user.noWelcomeModal).to.be.true
621 expect(user.noInstanceConfigWarningModal).to.be.true
625 describe('Updating another user', function () {
627 it('Should be able to update another user', async function () {
632 email: 'updated2@example.com',
635 role: UserRole.MODERATOR,
636 adminFlags: UserAdminFlag.NONE
639 const res = await getUserInformation(server.url, accessToken, userId)
640 const user = res.body
642 expect(user.username).to.equal('user_1')
643 expect(user.email).to.equal('updated2@example.com')
644 expect(user.emailVerified).to.be.true
645 expect(user.nsfwPolicy).to.equal('do_not_list')
646 expect(user.videoQuota).to.equal(42)
647 expect(user.roleLabel).to.equal('Moderator')
648 expect(user.id).to.be.a('number')
649 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
652 it('Should have removed the user token', async function () {
653 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
655 accessTokenUser = await userLogin(server, user)
658 it('Should be able to update another user password', async function () {
663 password: 'password updated'
666 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
668 await userLogin(server, user, 400)
670 user.password = 'password updated'
671 accessTokenUser = await userLogin(server, user)
675 describe('Video blacklists', function () {
676 it('Should be able to list video blacklist by a moderator', async function () {
677 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
681 describe('Remove a user', function () {
682 it('Should be able to remove this user', async function () {
683 await removeUser(server.url, userId, accessToken)
686 it('Should not be able to login with this user', async function () {
687 await userLogin(server, user, 400)
690 it('Should not have videos of this user', async function () {
691 const res = await getVideosList(server.url)
693 expect(res.body.total).to.equal(1)
695 const video = res.body.data[0]
696 expect(video.account.name).to.equal('root')
700 describe('Registering a new user', function () {
701 it('Should register a new user', async function () {
702 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
703 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
705 await registerUserWithChannel({ url: server.url, user, channel })
708 it('Should be able to login with this registered user', async function () {
711 password: 'my super password'
714 accessToken = await userLogin(server, user15)
717 it('Should have the correct display name', async function () {
718 const res = await getMyUserInformation(server.url, accessToken)
719 const user: User = res.body
721 expect(user.account.displayName).to.equal('super user 15')
724 it('Should have the correct video quota', async function () {
725 const res = await getMyUserInformation(server.url, accessToken)
726 const user = res.body
728 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
731 it('Should have created the channel', async function () {
732 const res = await getVideoChannel(server.url, 'my_user_15_channel')
734 expect(res.body.displayName).to.equal('my channel rocks')
737 it('Should remove me', async function () {
739 const res = await getUsersList(server.url, server.accessToken)
740 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
743 await deleteMe(server.url, accessToken)
746 const res = await getUsersList(server.url, server.accessToken)
747 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
752 describe('User blocking', function () {
753 it('Should block and unblock a user', async function () {
756 password: 'my super password'
758 const resUser = await createUser({
760 accessToken: server.accessToken,
761 username: user16.username,
762 password: user16.password
764 const user16Id = resUser.body.user.id
766 accessToken = await userLogin(server, user16)
768 await getMyUserInformation(server.url, accessToken, 200)
769 await blockUser(server.url, user16Id, server.accessToken)
771 await getMyUserInformation(server.url, accessToken, 401)
772 await userLogin(server, user16, 400)
774 await unblockUser(server.url, user16Id, server.accessToken)
775 accessToken = await userLogin(server, user16)
776 await getMyUserInformation(server.url, accessToken, 200)
780 after(async function () {
781 await cleanupTests([ server ])