server/tests/api/users/users.ts

   1 /* tslint:disable:no-unused-expression */
   2
   3 import * as chai from 'chai'
   4 import 'mocha'
   5 import { User, UserRole } from '../../../../shared/index'
   6 import {
   7   blockUser,
   8   createUser,
   9   deleteMe,
  10   flushTests,
  11   getBlacklistedVideosList,
  12   getMyUserInformation,
  13   getMyUserVideoQuotaUsed,
  14   getMyUserVideoRating,
  15   getUserInformation,
  16   getUsersList,
  17   getUsersListPaginationAndSort,
  18   getVideosList,
  19   killallServers,
  20   login,
  21   makePutBodyRequest,
  22   rateVideo,
  23   registerUser,
  24   removeUser,
  25   removeVideo,
  26   runServer,
  27   ServerInfo,
  28   testImage,
  29   unblockUser,
  30   updateMyAvatar,
  31   updateMyUser,
  32   updateUser,
  33   uploadVideo,
  34   userLogin
  35 } from '../../utils/index'
  36 import { follow } from '../../utils/server/follows'
  37 import { setAccessTokensToServers } from '../../utils/users/login'
  38 import { getMyVideos } from '../../utils/videos/videos'
  39
  40 const expect = chai.expect
  41
  42 describe('Test users', function () {
  43   let server: ServerInfo
  44   let accessToken: string
  45   let accessTokenUser: string
  46   let videoId: number
  47   let userId: number
  48   const user = {
  49     username: 'user_1',
  50     password: 'super password'
  51   }
  52
  53   before(async function () {
  54     this.timeout(30000)
  55
  56     await flushTests()
  57     server = await runServer(1)
  58
  59     await setAccessTokensToServers([ server ])
  60   })
  61
  62   it('Should create a new client')
  63
  64   it('Should return the first client')
  65
  66   it('Should remove the last client')
  67
  68   it('Should not login with an invalid client id', async function () {
  69     const client = { id: 'client', secret: server.client.secret }
  70     const res = await login(server.url, client, server.user, 400)
  71
  72     expect(res.body.error).to.contain('client is invalid')
  73   })
  74
  75   it('Should not login with an invalid client secret', async function () {
  76     const client = { id: server.client.id, secret: 'coucou' }
  77     const res = await login(server.url, client, server.user, 400)
  78
  79     expect(res.body.error).to.contain('client is invalid')
  80   })
  81
  82   it('Should not login with an invalid username', async function () {
  83     const user = { username: 'captain crochet', password: server.user.password }
  84     const res = await login(server.url, server.client, user, 400)
  85
  86     expect(res.body.error).to.contain('credentials are invalid')
  87   })
  88
  89   it('Should not login with an invalid password', async function () {
  90     const user = { username: server.user.username, password: 'mew_three' }
  91     const res = await login(server.url, server.client, user, 400)
  92
  93     expect(res.body.error).to.contain('credentials are invalid')
  94   })
  95
  96   it('Should not be able to upload a video', async function () {
  97     accessToken = 'my_super_token'
  98
  99     const videoAttributes = {}
 100     await uploadVideo(server.url, accessToken, videoAttributes, 401)
 101   })
 102
 103   it('Should not be able to follow', async function () {
 104     accessToken = 'my_super_token'
 105     await follow(server.url, [ 'http://example.com' ], accessToken, 401)
 106   })
 107
 108   it('Should not be able to unfollow')
 109
 110   it('Should be able to login', async function () {
 111     const res = await login(server.url, server.client, server.user, 200)
 112
 113     accessToken = res.body.access_token
 114   })
 115
 116   it('Should upload the video with the correct token', async function () {
 117     const videoAttributes = {}
 118     await uploadVideo(server.url, accessToken, videoAttributes)
 119     const res = await getVideosList(server.url)
 120     const video = res.body.data[ 0 ]
 121
 122     expect(video.account.name).to.equal('root')
 123     videoId = video.id
 124   })
 125
 126   it('Should upload the video again with the correct token', async function () {
 127     const videoAttributes = {}
 128     await uploadVideo(server.url, accessToken, videoAttributes)
 129   })
 130
 131   it('Should retrieve a video rating', async function () {
 132     await rateVideo(server.url, accessToken, videoId, 'like')
 133     const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 134     const rating = res.body
 135
 136     expect(rating.videoId).to.equal(videoId)
 137     expect(rating.rating).to.equal('like')
 138   })
 139
 140   it('Should not be able to remove the video with an incorrect token', async function () {
 141     await removeVideo(server.url, 'bad_token', videoId, 401)
 142   })
 143
 144   it('Should not be able to remove the video with the token of another account')
 145
 146   it('Should be able to remove the video with the correct token', async function () {
 147     await removeVideo(server.url, accessToken, videoId)
 148   })
 149
 150   it('Should logout (revoke token)')
 151
 152   it('Should not be able to get the user information')
 153
 154   it('Should not be able to upload a video')
 155
 156   it('Should not be able to remove a video')
 157
 158   it('Should not be able to rate a video', async function () {
 159     const path = '/api/v1/videos/'
 160     const data = {
 161       rating: 'likes'
 162     }
 163
 164     const options = {
 165       url: server.url,
 166       path: path + videoId,
 167       token: 'wrong token',
 168       fields: data,
 169       statusCodeExpected: 401
 170     }
 171     await makePutBodyRequest(options)
 172   })
 173
 174   it('Should be able to login again')
 175
 176   it('Should have an expired access token')
 177
 178   it('Should refresh the token')
 179
 180   it('Should be able to upload a video again')
 181
 182   it('Should be able to create a new user', async function () {
 183     await createUser(server.url, accessToken, user.username, user.password, 2 * 1024 * 1024)
 184   })
 185
 186   it('Should be able to login with this user', async function () {
 187     accessTokenUser = await userLogin(server, user)
 188   })
 189
 190   it('Should be able to get the user information', async function () {
 191     const res = await getMyUserInformation(server.url, accessTokenUser)
 192     const user = res.body
 193
 194     expect(user.username).to.equal('user_1')
 195     expect(user.email).to.equal('user_1@example.com')
 196     expect(user.nsfwPolicy).to.equal('display')
 197     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 198     expect(user.roleLabel).to.equal('User')
 199     expect(user.id).to.be.a('number')
 200     expect(user.account.displayName).to.equal('user_1')
 201     expect(user.account.description).to.be.null
 202   })
 203
 204   it('Should be able to upload a video with this user', async function () {
 205     this.timeout(5000)
 206
 207     const videoAttributes = {
 208       name: 'super user video',
 209       fixture: 'video_short.webm'
 210     }
 211     await uploadVideo(server.url, accessTokenUser, videoAttributes)
 212   })
 213
 214   it('Should have video quota updated', async function () {
 215     const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 216     const data = res.body
 217
 218     expect(data.videoQuotaUsed).to.equal(218910)
 219
 220     const resUsers = await getUsersList(server.url, server.accessToken)
 221
 222     const users: User[] = resUsers.body.data
 223     const tmpUser = users.find(u => u.username === user.username)
 224     expect(tmpUser.videoQuotaUsed).to.equal(218910)
 225   })
 226
 227   it('Should be able to list my videos', async function () {
 228     const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 229     expect(res.body.total).to.equal(1)
 230
 231     const videos = res.body.data
 232     expect(videos).to.have.lengthOf(1)
 233
 234     expect(videos[ 0 ].name).to.equal('super user video')
 235   })
 236
 237   it('Should list all the users', async function () {
 238     const res = await getUsersList(server.url, server.accessToken)
 239     const result = res.body
 240     const total = result.total
 241     const users = result.data
 242
 243     expect(total).to.equal(2)
 244     expect(users).to.be.an('array')
 245     expect(users.length).to.equal(2)
 246
 247     const user = users[ 0 ]
 248     expect(user.username).to.equal('user_1')
 249     expect(user.email).to.equal('user_1@example.com')
 250     expect(user.nsfwPolicy).to.equal('display')
 251
 252     const rootUser = users[ 1 ]
 253     expect(rootUser.username).to.equal('root')
 254     expect(rootUser.email).to.equal('admin1@example.com')
 255     expect(user.nsfwPolicy).to.equal('display')
 256
 257     userId = user.id
 258   })
 259
 260   it('Should list only the first user by username asc', async function () {
 261     const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 262
 263     const result = res.body
 264     const total = result.total
 265     const users = result.data
 266
 267     expect(total).to.equal(2)
 268     expect(users.length).to.equal(1)
 269
 270     const user = users[ 0 ]
 271     expect(user.username).to.equal('root')
 272     expect(user.email).to.equal('admin1@example.com')
 273     expect(user.roleLabel).to.equal('Administrator')
 274     expect(user.nsfwPolicy).to.equal('display')
 275   })
 276
 277   it('Should list only the first user by username desc', async function () {
 278     const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 279     const result = res.body
 280     const total = result.total
 281     const users = result.data
 282
 283     expect(total).to.equal(2)
 284     expect(users.length).to.equal(1)
 285
 286     const user = users[ 0 ]
 287     expect(user.username).to.equal('user_1')
 288     expect(user.email).to.equal('user_1@example.com')
 289     expect(user.nsfwPolicy).to.equal('display')
 290   })
 291
 292   it('Should list only the second user by createdAt desc', async function () {
 293     const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 294     const result = res.body
 295     const total = result.total
 296     const users = result.data
 297
 298     expect(total).to.equal(2)
 299     expect(users.length).to.equal(1)
 300
 301     const user = users[ 0 ]
 302     expect(user.username).to.equal('user_1')
 303     expect(user.email).to.equal('user_1@example.com')
 304     expect(user.nsfwPolicy).to.equal('display')
 305   })
 306
 307   it('Should list all the users by createdAt asc', async function () {
 308     const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 309     const result = res.body
 310     const total = result.total
 311     const users = result.data
 312
 313     expect(total).to.equal(2)
 314     expect(users.length).to.equal(2)
 315
 316     expect(users[ 0 ].username).to.equal('root')
 317     expect(users[ 0 ].email).to.equal('admin1@example.com')
 318     expect(users[ 0 ].nsfwPolicy).to.equal('display')
 319
 320     expect(users[ 1 ].username).to.equal('user_1')
 321     expect(users[ 1 ].email).to.equal('user_1@example.com')
 322     expect(users[ 1 ].nsfwPolicy).to.equal('display')
 323   })
 324
 325   it('Should search user by username', async function () {
 326     const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 327     const users = res.body.data as User[]
 328
 329     expect(res.body.total).to.equal(1)
 330     expect(users.length).to.equal(1)
 331
 332     expect(users[ 0 ].username).to.equal('root')
 333   })
 334
 335   it('Should search user by email', async function () {
 336     {
 337       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 338       const users = res.body.data as User[]
 339
 340       expect(res.body.total).to.equal(1)
 341       expect(users.length).to.equal(1)
 342
 343       expect(users[ 0 ].username).to.equal('user_1')
 344       expect(users[ 0 ].email).to.equal('user_1@example.com')
 345     }
 346
 347     {
 348       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 349       const users = res.body.data as User[]
 350
 351       expect(res.body.total).to.equal(2)
 352       expect(users.length).to.equal(2)
 353
 354       expect(users[ 0 ].username).to.equal('root')
 355       expect(users[ 1 ].username).to.equal('user_1')
 356     }
 357   })
 358
 359   it('Should update my password', async function () {
 360     await updateMyUser({
 361       url: server.url,
 362       accessToken: accessTokenUser,
 363       currentPassword: 'super password',
 364       newPassword: 'new password'
 365     })
 366     user.password = 'new password'
 367
 368     await userLogin(server, user, 200)
 369   })
 370
 371   it('Should be able to change the NSFW display attribute', async function () {
 372     await updateMyUser({
 373       url: server.url,
 374       accessToken: accessTokenUser,
 375       nsfwPolicy: 'do_not_list'
 376     })
 377
 378     const res = await getMyUserInformation(server.url, accessTokenUser)
 379     const user = res.body
 380
 381     expect(user.username).to.equal('user_1')
 382     expect(user.email).to.equal('user_1@example.com')
 383     expect(user.nsfwPolicy).to.equal('do_not_list')
 384     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 385     expect(user.id).to.be.a('number')
 386     expect(user.account.displayName).to.equal('user_1')
 387     expect(user.account.description).to.be.null
 388   })
 389
 390   it('Should be able to change the autoPlayVideo attribute', async function () {
 391     await updateMyUser({
 392       url: server.url,
 393       accessToken: accessTokenUser,
 394       autoPlayVideo: false
 395     })
 396
 397     const res = await getMyUserInformation(server.url, accessTokenUser)
 398     const user = res.body
 399
 400     expect(user.autoPlayVideo).to.be.false
 401   })
 402
 403   it('Should be able to change the email display attribute', async function () {
 404     await updateMyUser({
 405       url: server.url,
 406       accessToken: accessTokenUser,
 407       email: 'updated@example.com'
 408     })
 409
 410     const res = await getMyUserInformation(server.url, accessTokenUser)
 411     const user = res.body
 412
 413     expect(user.username).to.equal('user_1')
 414     expect(user.email).to.equal('updated@example.com')
 415     expect(user.nsfwPolicy).to.equal('do_not_list')
 416     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 417     expect(user.id).to.be.a('number')
 418     expect(user.account.displayName).to.equal('user_1')
 419     expect(user.account.description).to.be.null
 420   })
 421
 422   it('Should be able to update my avatar', async function () {
 423     const fixture = 'avatar.png'
 424
 425     await updateMyAvatar({
 426       url: server.url,
 427       accessToken: accessTokenUser,
 428       fixture
 429     })
 430
 431     const res = await getMyUserInformation(server.url, accessTokenUser)
 432     const user = res.body
 433
 434     await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
 435   })
 436
 437   it('Should be able to update my display name', async function () {
 438     await updateMyUser({
 439       url: server.url,
 440       accessToken: accessTokenUser,
 441       displayName: 'new display name'
 442     })
 443
 444     const res = await getMyUserInformation(server.url, accessTokenUser)
 445     const user = res.body
 446
 447     expect(user.username).to.equal('user_1')
 448     expect(user.email).to.equal('updated@example.com')
 449     expect(user.nsfwPolicy).to.equal('do_not_list')
 450     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 451     expect(user.id).to.be.a('number')
 452     expect(user.account.displayName).to.equal('new display name')
 453     expect(user.account.description).to.be.null
 454   })
 455
 456   it('Should be able to update my description', async function () {
 457     await updateMyUser({
 458       url: server.url,
 459       accessToken: accessTokenUser,
 460       description: 'my super description updated'
 461     })
 462
 463     const res = await getMyUserInformation(server.url, accessTokenUser)
 464     const user = res.body
 465
 466     expect(user.username).to.equal('user_1')
 467     expect(user.email).to.equal('updated@example.com')
 468     expect(user.nsfwPolicy).to.equal('do_not_list')
 469     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 470     expect(user.id).to.be.a('number')
 471     expect(user.account.displayName).to.equal('new display name')
 472     expect(user.account.description).to.equal('my super description updated')
 473   })
 474
 475   it('Should be able to update another user', async function () {
 476     await updateUser({
 477       url: server.url,
 478       userId,
 479       accessToken,
 480       email: 'updated2@example.com',
 481       videoQuota: 42,
 482       role: UserRole.MODERATOR
 483     })
 484
 485     const res = await getUserInformation(server.url, accessToken, userId)
 486     const user = res.body
 487
 488     expect(user.username).to.equal('user_1')
 489     expect(user.email).to.equal('updated2@example.com')
 490     expect(user.nsfwPolicy).to.equal('do_not_list')
 491     expect(user.videoQuota).to.equal(42)
 492     expect(user.roleLabel).to.equal('Moderator')
 493     expect(user.id).to.be.a('number')
 494   })
 495
 496   it('Should have removed the user token', async function () {
 497     await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
 498
 499     accessTokenUser = await userLogin(server, user)
 500   })
 501
 502   it('Should not be able to delete a user by a moderator', async function () {
 503     await removeUser(server.url, 2, accessTokenUser, 403)
 504   })
 505
 506   it('Should be able to list video blacklist by a moderator', async function () {
 507     await getBlacklistedVideosList(server.url, accessTokenUser)
 508   })
 509
 510   it('Should be able to remove this user', async function () {
 511     await removeUser(server.url, userId, accessToken)
 512   })
 513
 514   it('Should not be able to login with this user', async function () {
 515     await userLogin(server, user, 400)
 516   })
 517
 518   it('Should not have videos of this user', async function () {
 519     const res = await getVideosList(server.url)
 520
 521     expect(res.body.total).to.equal(1)
 522
 523     const video = res.body.data[ 0 ]
 524     expect(video.account.name).to.equal('root')
 525   })
 526
 527   it('Should register a new user', async function () {
 528     await registerUser(server.url, 'user_15', 'my super password')
 529   })
 530
 531   it('Should be able to login with this registered user', async function () {
 532     const user15 = {
 533       username: 'user_15',
 534       password: 'my super password'
 535     }
 536
 537     accessToken = await userLogin(server, user15)
 538   })
 539
 540   it('Should have the correct video quota', async function () {
 541     const res = await getMyUserInformation(server.url, accessToken)
 542     const user = res.body
 543
 544     expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 545   })
 546
 547   it('Should remove me', async function () {
 548     {
 549       const res = await getUsersList(server.url, server.accessToken)
 550       expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 551     }
 552
 553     await deleteMe(server.url, accessToken)
 554
 555     {
 556       const res = await getUsersList(server.url, server.accessToken)
 557       expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 558     }
 559   })
 560
 561   it('Should block and unblock a user', async function () {
 562     const user16 = {
 563       username: 'user_16',
 564       password: 'my super password'
 565     }
 566     const resUser = await createUser(server.url, server.accessToken, user16.username, user16.password)
 567     const user16Id = resUser.body.user.id
 568
 569     accessToken = await userLogin(server, user16)
 570
 571     await getMyUserInformation(server.url, accessToken, 200)
 572     await blockUser(server.url, user16Id, server.accessToken)
 573
 574     await getMyUserInformation(server.url, accessToken, 401)
 575     await userLogin(server, user16, 400)
 576
 577     await unblockUser(server.url, user16Id, server.accessToken)
 578     accessToken = await userLogin(server, user16)
 579     await getMyUserInformation(server.url, accessToken, 200)
 580   })
 581
 582   after(async function () {
 583     killallServers([ server ])
 584
 585     // Keep the logs if the test failed
 586     if (this[ 'ok' ]) {
 587       await flushTests()
 588     }
 589   })
 590 })