server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   blockUser,
   8   cleanupTests,
   9   createUser,
  10   deleteMe,
  11   flushAndRunServer,
  12   getMyUserInformation,
  13   getMyUserVideoQuotaUsed,
  14   getMyUserVideoRating,
  15   getMyVideos,
  16   getUserInformation,
  17   getUsersList,
  18   getUsersListPaginationAndSort,
  19   getVideosList,
  20   killallServers,
  21   makePutBodyRequest,
  22   rateVideo,
  23   registerUserWithChannel,
  24   removeUser,
  25   removeVideo,
  26   reRunServer,
  27   ServerInfo,
  28   setAccessTokensToServers,
  29   testImage,
  30   unblockUser,
  31   updateMyAvatar,
  32   updateMyUser,
  33   updateUser,
  34   uploadVideo,
  35   waitJobs
  36 } from '@shared/extra-utils'
  37 import { AbuseState, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  38
  39 const expect = chai.expect
  40
  41 describe('Test users', function () {
  42   let server: ServerInfo
  43   let accessToken: string
  44   let accessTokenUser: string
  45   let videoId: number
  46   let userId: number
  47   const user = {
  48     username: 'user_1',
  49     password: 'super password'
  50   }
  51
  52   before(async function () {
  53     this.timeout(30000)
  54
  55     server = await flushAndRunServer(1, {
  56       rates_limit: {
  57         login: {
  58           max: 30
  59         }
  60       }
  61     })
  62
  63     await setAccessTokensToServers([ server ])
  64
  65     await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
  66   })
  67
  68   describe('OAuth client', function () {
  69     it('Should create a new client')
  70
  71     it('Should return the first client')
  72
  73     it('Should remove the last client')
  74
  75     it('Should not login with an invalid client id', async function () {
  76       const client = { id: 'client', secret: server.client.secret }
  77       const body = await server.loginCommand.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  78
  79       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  80       expect(body.error).to.contain('client is invalid')
  81       expect(body.type.startsWith('https://')).to.be.true
  82       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  83     })
  84
  85     it('Should not login with an invalid client secret', async function () {
  86       const client = { id: server.client.id, secret: 'coucou' }
  87       const body = await server.loginCommand.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  88
  89       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  90       expect(body.error).to.contain('client is invalid')
  91       expect(body.type.startsWith('https://')).to.be.true
  92       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  93     })
  94   })
  95
  96   describe('Login', function () {
  97
  98     it('Should not login with an invalid username', async function () {
  99       const user = { username: 'captain crochet', password: server.user.password }
 100       const body = await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 101
 102       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 103       expect(body.error).to.contain('credentials are invalid')
 104       expect(body.type.startsWith('https://')).to.be.true
 105       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 106     })
 107
 108     it('Should not login with an invalid password', async function () {
 109       const user = { username: server.user.username, password: 'mew_three' }
 110       const body = await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 111
 112       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 113       expect(body.error).to.contain('credentials are invalid')
 114       expect(body.type.startsWith('https://')).to.be.true
 115       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 116     })
 117
 118     it('Should not be able to upload a video', async function () {
 119       accessToken = 'my_super_token'
 120
 121       const videoAttributes = {}
 122       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 123     })
 124
 125     it('Should not be able to follow', async function () {
 126       accessToken = 'my_super_token'
 127
 128       await server.followsCommand.follow({
 129         targets: [ 'http://example.com' ],
 130         token: accessToken,
 131         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 132       })
 133     })
 134
 135     it('Should not be able to unfollow')
 136
 137     it('Should be able to login', async function () {
 138       const body = await server.loginCommand.login({ expectedStatus: HttpStatusCode.OK_200 })
 139
 140       accessToken = body.access_token
 141     })
 142
 143     it('Should be able to login with an insensitive username', async function () {
 144       const user = { username: 'RoOt', password: server.user.password }
 145       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 146
 147       const user2 = { username: 'rOoT', password: server.user.password }
 148       await server.loginCommand.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 149
 150       const user3 = { username: 'ROOt', password: server.user.password }
 151       await server.loginCommand.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 152     })
 153   })
 154
 155   describe('Upload', function () {
 156
 157     it('Should upload the video with the correct token', async function () {
 158       const videoAttributes = {}
 159       await uploadVideo(server.url, accessToken, videoAttributes)
 160       const res = await getVideosList(server.url)
 161       const video = res.body.data[0]
 162
 163       expect(video.account.name).to.equal('root')
 164       videoId = video.id
 165     })
 166
 167     it('Should upload the video again with the correct token', async function () {
 168       const videoAttributes = {}
 169       await uploadVideo(server.url, accessToken, videoAttributes)
 170     })
 171   })
 172
 173   describe('Ratings', function () {
 174
 175     it('Should retrieve a video rating', async function () {
 176       await rateVideo(server.url, accessToken, videoId, 'like')
 177       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 178       const rating = res.body
 179
 180       expect(rating.videoId).to.equal(videoId)
 181       expect(rating.rating).to.equal('like')
 182     })
 183
 184     it('Should retrieve ratings list', async function () {
 185       await rateVideo(server.url, accessToken, videoId, 'like')
 186
 187       const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
 188
 189       expect(body.total).to.equal(1)
 190       expect(body.data[0].video.id).to.equal(videoId)
 191       expect(body.data[0].rating).to.equal('like')
 192     })
 193
 194     it('Should retrieve ratings list by rating type', async function () {
 195       {
 196         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
 197         expect(body.data.length).to.equal(1)
 198       }
 199
 200       {
 201         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
 202         expect(body.data.length).to.equal(0)
 203       }
 204     })
 205   })
 206
 207   describe('Remove video', function () {
 208     it('Should not be able to remove the video with an incorrect token', async function () {
 209       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 210     })
 211
 212     it('Should not be able to remove the video with the token of another account')
 213
 214     it('Should be able to remove the video with the correct token', async function () {
 215       await removeVideo(server.url, accessToken, videoId)
 216     })
 217   })
 218
 219   describe('Logout', function () {
 220     it('Should logout (revoke token)', async function () {
 221       await server.loginCommand.logout({ token: server.accessToken })
 222     })
 223
 224     it('Should not be able to get the user information', async function () {
 225       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 226     })
 227
 228     it('Should not be able to upload a video', async function () {
 229       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 230     })
 231
 232     it('Should not be able to rate a video', async function () {
 233       const path = '/api/v1/videos/'
 234       const data = {
 235         rating: 'likes'
 236       }
 237
 238       const options = {
 239         url: server.url,
 240         path: path + videoId,
 241         token: 'wrong token',
 242         fields: data,
 243         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 244       }
 245       await makePutBodyRequest(options)
 246     })
 247
 248     it('Should be able to login again', async function () {
 249       const body = await server.loginCommand.login()
 250       server.accessToken = body.access_token
 251       server.refreshToken = body.refresh_token
 252     })
 253
 254     it('Should be able to get my user information again', async function () {
 255       await getMyUserInformation(server.url, server.accessToken)
 256     })
 257
 258     it('Should have an expired access token', async function () {
 259       this.timeout(15000)
 260
 261       await server.sqlCommand.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 262       await server.sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 263
 264       await killallServers([ server ])
 265       await reRunServer(server)
 266
 267       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 268     })
 269
 270     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 271       await server.loginCommand.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 272     })
 273
 274     it('Should refresh the token', async function () {
 275       this.timeout(15000)
 276
 277       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 278       await server.sqlCommand.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 279
 280       await killallServers([ server ])
 281       await reRunServer(server)
 282
 283       const res = await server.loginCommand.refreshToken({ refreshToken: server.refreshToken })
 284       server.accessToken = res.body.access_token
 285       server.refreshToken = res.body.refresh_token
 286     })
 287
 288     it('Should be able to get my user information again', async function () {
 289       await getMyUserInformation(server.url, server.accessToken)
 290     })
 291   })
 292
 293   describe('Creating a user', function () {
 294
 295     it('Should be able to create a new user', async function () {
 296       await createUser({
 297         url: server.url,
 298         accessToken: accessToken,
 299         username: user.username,
 300         password: user.password,
 301         videoQuota: 2 * 1024 * 1024,
 302         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 303       })
 304     })
 305
 306     it('Should be able to login with this user', async function () {
 307       accessTokenUser = await server.loginCommand.getAccessToken(user)
 308     })
 309
 310     it('Should be able to get user information', async function () {
 311       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 312       const userMe: MyUser = res1.body
 313
 314       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 315       const userGet: User = res2.body
 316
 317       for (const user of [ userMe, userGet ]) {
 318         expect(user.username).to.equal('user_1')
 319         expect(user.email).to.equal('user_1@example.com')
 320         expect(user.nsfwPolicy).to.equal('display')
 321         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 322         expect(user.roleLabel).to.equal('User')
 323         expect(user.id).to.be.a('number')
 324         expect(user.account.displayName).to.equal('user_1')
 325         expect(user.account.description).to.be.null
 326       }
 327
 328       expect(userMe.adminFlags).to.be.undefined
 329       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 330
 331       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 332       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 333
 334       // Check stats are included with withStats
 335       expect(userGet.videosCount).to.be.a('number')
 336       expect(userGet.videosCount).to.equal(0)
 337       expect(userGet.videoCommentsCount).to.be.a('number')
 338       expect(userGet.videoCommentsCount).to.equal(0)
 339       expect(userGet.abusesCount).to.be.a('number')
 340       expect(userGet.abusesCount).to.equal(0)
 341       expect(userGet.abusesAcceptedCount).to.be.a('number')
 342       expect(userGet.abusesAcceptedCount).to.equal(0)
 343     })
 344   })
 345
 346   describe('My videos & quotas', function () {
 347
 348     it('Should be able to upload a video with this user', async function () {
 349       this.timeout(10000)
 350
 351       const videoAttributes = {
 352         name: 'super user video',
 353         fixture: 'video_short.webm'
 354       }
 355       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 356     })
 357
 358     it('Should have video quota updated', async function () {
 359       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 360       const data = res.body
 361
 362       expect(data.videoQuotaUsed).to.equal(218910)
 363
 364       const resUsers = await getUsersList(server.url, server.accessToken)
 365
 366       const users: User[] = resUsers.body.data
 367       const tmpUser = users.find(u => u.username === user.username)
 368       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 369     })
 370
 371     it('Should be able to list my videos', async function () {
 372       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 373       expect(res.body.total).to.equal(1)
 374
 375       const videos = res.body.data
 376       expect(videos).to.have.lengthOf(1)
 377
 378       const video: Video = videos[0]
 379       expect(video.name).to.equal('super user video')
 380       expect(video.thumbnailPath).to.not.be.null
 381       expect(video.previewPath).to.not.be.null
 382     })
 383
 384     it('Should be able to search in my videos', async function () {
 385       {
 386         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 387         expect(res.body.total).to.equal(1)
 388
 389         const videos = res.body.data
 390         expect(videos).to.have.lengthOf(1)
 391       }
 392
 393       {
 394         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 395         expect(res.body.total).to.equal(0)
 396
 397         const videos = res.body.data
 398         expect(videos).to.have.lengthOf(0)
 399       }
 400     })
 401
 402     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 403       this.timeout(60000)
 404
 405       {
 406         const config = await server.configCommand.getCustomConfig()
 407         config.transcoding.webtorrent.enabled = false
 408         config.transcoding.hls.enabled = true
 409         config.transcoding.enabled = true
 410         await server.configCommand.updateCustomSubConfig({ newConfig: config })
 411       }
 412
 413       {
 414         const videoAttributes = {
 415           name: 'super user video 2',
 416           fixture: 'video_short.webm'
 417         }
 418         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 419
 420         await waitJobs([ server ])
 421       }
 422
 423       {
 424         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 425         const data = res.body
 426
 427         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 428       }
 429     })
 430   })
 431
 432   describe('Users listing', function () {
 433
 434     it('Should list all the users', async function () {
 435       const res = await getUsersList(server.url, server.accessToken)
 436       const result = res.body
 437       const total = result.total
 438       const users = result.data
 439
 440       expect(total).to.equal(2)
 441       expect(users).to.be.an('array')
 442       expect(users.length).to.equal(2)
 443
 444       const user = users[0]
 445       expect(user.username).to.equal('user_1')
 446       expect(user.email).to.equal('user_1@example.com')
 447       expect(user.nsfwPolicy).to.equal('display')
 448
 449       const rootUser = users[1]
 450       expect(rootUser.username).to.equal('root')
 451       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 452       expect(user.nsfwPolicy).to.equal('display')
 453
 454       expect(rootUser.lastLoginDate).to.exist
 455       expect(user.lastLoginDate).to.exist
 456
 457       userId = user.id
 458     })
 459
 460     it('Should list only the first user by username asc', async function () {
 461       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 462
 463       const result = res.body
 464       const total = result.total
 465       const users = result.data
 466
 467       expect(total).to.equal(2)
 468       expect(users.length).to.equal(1)
 469
 470       const user = users[0]
 471       expect(user.username).to.equal('root')
 472       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 473       expect(user.roleLabel).to.equal('Administrator')
 474       expect(user.nsfwPolicy).to.equal('display')
 475     })
 476
 477     it('Should list only the first user by username desc', async function () {
 478       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 479       const result = res.body
 480       const total = result.total
 481       const users = result.data
 482
 483       expect(total).to.equal(2)
 484       expect(users.length).to.equal(1)
 485
 486       const user = users[0]
 487       expect(user.username).to.equal('user_1')
 488       expect(user.email).to.equal('user_1@example.com')
 489       expect(user.nsfwPolicy).to.equal('display')
 490     })
 491
 492     it('Should list only the second user by createdAt desc', async function () {
 493       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 494       const result = res.body
 495       const total = result.total
 496       const users = result.data
 497
 498       expect(total).to.equal(2)
 499       expect(users.length).to.equal(1)
 500
 501       const user = users[0]
 502       expect(user.username).to.equal('user_1')
 503       expect(user.email).to.equal('user_1@example.com')
 504       expect(user.nsfwPolicy).to.equal('display')
 505     })
 506
 507     it('Should list all the users by createdAt asc', async function () {
 508       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 509       const result = res.body
 510       const total = result.total
 511       const users = result.data
 512
 513       expect(total).to.equal(2)
 514       expect(users.length).to.equal(2)
 515
 516       expect(users[0].username).to.equal('root')
 517       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 518       expect(users[0].nsfwPolicy).to.equal('display')
 519
 520       expect(users[1].username).to.equal('user_1')
 521       expect(users[1].email).to.equal('user_1@example.com')
 522       expect(users[1].nsfwPolicy).to.equal('display')
 523     })
 524
 525     it('Should search user by username', async function () {
 526       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 527       const users = res.body.data as User[]
 528
 529       expect(res.body.total).to.equal(1)
 530       expect(users.length).to.equal(1)
 531
 532       expect(users[0].username).to.equal('root')
 533     })
 534
 535     it('Should search user by email', async function () {
 536       {
 537         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 538         const users = res.body.data as User[]
 539
 540         expect(res.body.total).to.equal(1)
 541         expect(users.length).to.equal(1)
 542
 543         expect(users[0].username).to.equal('user_1')
 544         expect(users[0].email).to.equal('user_1@example.com')
 545       }
 546
 547       {
 548         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 549         const users = res.body.data as User[]
 550
 551         expect(res.body.total).to.equal(2)
 552         expect(users.length).to.equal(2)
 553
 554         expect(users[0].username).to.equal('root')
 555         expect(users[1].username).to.equal('user_1')
 556       }
 557     })
 558   })
 559
 560   describe('Update my account', function () {
 561
 562     it('Should update my password', async function () {
 563       await updateMyUser({
 564         url: server.url,
 565         accessToken: accessTokenUser,
 566         currentPassword: 'super password',
 567         password: 'new password'
 568       })
 569       user.password = 'new password'
 570
 571       await server.loginCommand.login({ user })
 572     })
 573
 574     it('Should be able to change the NSFW display attribute', async function () {
 575       await updateMyUser({
 576         url: server.url,
 577         accessToken: accessTokenUser,
 578         nsfwPolicy: 'do_not_list'
 579       })
 580
 581       const res = await getMyUserInformation(server.url, accessTokenUser)
 582       const user = res.body
 583
 584       expect(user.username).to.equal('user_1')
 585       expect(user.email).to.equal('user_1@example.com')
 586       expect(user.nsfwPolicy).to.equal('do_not_list')
 587       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 588       expect(user.id).to.be.a('number')
 589       expect(user.account.displayName).to.equal('user_1')
 590       expect(user.account.description).to.be.null
 591     })
 592
 593     it('Should be able to change the autoPlayVideo attribute', async function () {
 594       await updateMyUser({
 595         url: server.url,
 596         accessToken: accessTokenUser,
 597         autoPlayVideo: false
 598       })
 599
 600       const res = await getMyUserInformation(server.url, accessTokenUser)
 601       const user = res.body
 602
 603       expect(user.autoPlayVideo).to.be.false
 604     })
 605
 606     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 607       await updateMyUser({
 608         url: server.url,
 609         accessToken: accessTokenUser,
 610         autoPlayNextVideo: true
 611       })
 612
 613       const res = await getMyUserInformation(server.url, accessTokenUser)
 614       const user = res.body
 615
 616       expect(user.autoPlayNextVideo).to.be.true
 617     })
 618
 619     it('Should be able to change the email attribute', async function () {
 620       await updateMyUser({
 621         url: server.url,
 622         accessToken: accessTokenUser,
 623         currentPassword: 'new password',
 624         email: 'updated@example.com'
 625       })
 626
 627       const res = await getMyUserInformation(server.url, accessTokenUser)
 628       const user = res.body
 629
 630       expect(user.username).to.equal('user_1')
 631       expect(user.email).to.equal('updated@example.com')
 632       expect(user.nsfwPolicy).to.equal('do_not_list')
 633       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 634       expect(user.id).to.be.a('number')
 635       expect(user.account.displayName).to.equal('user_1')
 636       expect(user.account.description).to.be.null
 637     })
 638
 639     it('Should be able to update my avatar with a gif', async function () {
 640       const fixture = 'avatar.gif'
 641
 642       await updateMyAvatar({
 643         url: server.url,
 644         accessToken: accessTokenUser,
 645         fixture
 646       })
 647
 648       const res = await getMyUserInformation(server.url, accessTokenUser)
 649       const user = res.body
 650
 651       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 652     })
 653
 654     it('Should be able to update my avatar with a gif, and then a png', async function () {
 655       for (const extension of [ '.png', '.gif' ]) {
 656         const fixture = 'avatar' + extension
 657
 658         await updateMyAvatar({
 659           url: server.url,
 660           accessToken: accessTokenUser,
 661           fixture
 662         })
 663
 664         const res = await getMyUserInformation(server.url, accessTokenUser)
 665         const user = res.body
 666
 667         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 668       }
 669     })
 670
 671     it('Should be able to update my display name', async function () {
 672       await updateMyUser({
 673         url: server.url,
 674         accessToken: accessTokenUser,
 675         displayName: 'new display name'
 676       })
 677
 678       const res = await getMyUserInformation(server.url, accessTokenUser)
 679       const user = res.body
 680
 681       expect(user.username).to.equal('user_1')
 682       expect(user.email).to.equal('updated@example.com')
 683       expect(user.nsfwPolicy).to.equal('do_not_list')
 684       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 685       expect(user.id).to.be.a('number')
 686       expect(user.account.displayName).to.equal('new display name')
 687       expect(user.account.description).to.be.null
 688     })
 689
 690     it('Should be able to update my description', async function () {
 691       await updateMyUser({
 692         url: server.url,
 693         accessToken: accessTokenUser,
 694         description: 'my super description updated'
 695       })
 696
 697       const res = await getMyUserInformation(server.url, accessTokenUser)
 698       const user: User = res.body
 699
 700       expect(user.username).to.equal('user_1')
 701       expect(user.email).to.equal('updated@example.com')
 702       expect(user.nsfwPolicy).to.equal('do_not_list')
 703       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 704       expect(user.id).to.be.a('number')
 705       expect(user.account.displayName).to.equal('new display name')
 706       expect(user.account.description).to.equal('my super description updated')
 707       expect(user.noWelcomeModal).to.be.false
 708       expect(user.noInstanceConfigWarningModal).to.be.false
 709     })
 710
 711     it('Should be able to update my theme', async function () {
 712       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 713         await updateMyUser({
 714           url: server.url,
 715           accessToken: accessTokenUser,
 716           theme
 717         })
 718
 719         const res = await getMyUserInformation(server.url, accessTokenUser)
 720         const body: User = res.body
 721
 722         expect(body.theme).to.equal(theme)
 723       }
 724     })
 725
 726     it('Should be able to update my modal preferences', async function () {
 727       await updateMyUser({
 728         url: server.url,
 729         accessToken: accessTokenUser,
 730         noInstanceConfigWarningModal: true,
 731         noWelcomeModal: true
 732       })
 733
 734       const res = await getMyUserInformation(server.url, accessTokenUser)
 735       const user: User = res.body
 736
 737       expect(user.noWelcomeModal).to.be.true
 738       expect(user.noInstanceConfigWarningModal).to.be.true
 739     })
 740   })
 741
 742   describe('Updating another user', function () {
 743     it('Should be able to update another user', async function () {
 744       await updateUser({
 745         url: server.url,
 746         userId,
 747         accessToken,
 748         email: 'updated2@example.com',
 749         emailVerified: true,
 750         videoQuota: 42,
 751         role: UserRole.MODERATOR,
 752         adminFlags: UserAdminFlag.NONE,
 753         pluginAuth: 'toto'
 754       })
 755
 756       const res = await getUserInformation(server.url, accessToken, userId)
 757       const user = res.body as User
 758
 759       expect(user.username).to.equal('user_1')
 760       expect(user.email).to.equal('updated2@example.com')
 761       expect(user.emailVerified).to.be.true
 762       expect(user.nsfwPolicy).to.equal('do_not_list')
 763       expect(user.videoQuota).to.equal(42)
 764       expect(user.roleLabel).to.equal('Moderator')
 765       expect(user.id).to.be.a('number')
 766       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 767       expect(user.pluginAuth).to.equal('toto')
 768     })
 769
 770     it('Should reset the auth plugin', async function () {
 771       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 772
 773       const res = await getUserInformation(server.url, accessToken, userId)
 774       const user = res.body as User
 775       expect(user.pluginAuth).to.be.null
 776     })
 777
 778     it('Should have removed the user token', async function () {
 779       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 780
 781       accessTokenUser = await server.loginCommand.getAccessToken(user)
 782     })
 783
 784     it('Should be able to update another user password', async function () {
 785       await updateUser({
 786         url: server.url,
 787         userId,
 788         accessToken,
 789         password: 'password updated'
 790       })
 791
 792       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 793
 794       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 795
 796       user.password = 'password updated'
 797       accessTokenUser = await server.loginCommand.getAccessToken(user)
 798     })
 799   })
 800
 801   describe('Video blacklists', function () {
 802     it('Should be able to list video blacklist by a moderator', async function () {
 803       await server.blacklistCommand.list({ token: accessTokenUser })
 804     })
 805   })
 806
 807   describe('Remove a user', function () {
 808     it('Should be able to remove this user', async function () {
 809       await removeUser(server.url, userId, accessToken)
 810     })
 811
 812     it('Should not be able to login with this user', async function () {
 813       await server.loginCommand.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 814     })
 815
 816     it('Should not have videos of this user', async function () {
 817       const res = await getVideosList(server.url)
 818
 819       expect(res.body.total).to.equal(1)
 820
 821       const video = res.body.data[0]
 822       expect(video.account.name).to.equal('root')
 823     })
 824   })
 825
 826   describe('Registering a new user', function () {
 827     let user15AccessToken
 828
 829     it('Should register a new user', async function () {
 830       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 831       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 832
 833       await registerUserWithChannel({ url: server.url, user, channel })
 834     })
 835
 836     it('Should be able to login with this registered user', async function () {
 837       const user15 = {
 838         username: 'user_15',
 839         password: 'my super password'
 840       }
 841
 842       user15AccessToken = await server.loginCommand.getAccessToken(user15)
 843     })
 844
 845     it('Should have the correct display name', async function () {
 846       const res = await getMyUserInformation(server.url, user15AccessToken)
 847       const user: User = res.body
 848
 849       expect(user.account.displayName).to.equal('super user 15')
 850     })
 851
 852     it('Should have the correct video quota', async function () {
 853       const res = await getMyUserInformation(server.url, user15AccessToken)
 854       const user = res.body
 855
 856       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 857     })
 858
 859     it('Should have created the channel', async function () {
 860       const { displayName } = await server.channelsCommand.get({ channelName: 'my_user_15_channel' })
 861
 862       expect(displayName).to.equal('my channel rocks')
 863     })
 864
 865     it('Should remove me', async function () {
 866       {
 867         const res = await getUsersList(server.url, server.accessToken)
 868         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 869       }
 870
 871       await deleteMe(server.url, user15AccessToken)
 872
 873       {
 874         const res = await getUsersList(server.url, server.accessToken)
 875         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 876       }
 877     })
 878   })
 879
 880   describe('User blocking', function () {
 881     let user16Id
 882     let user16AccessToken
 883     const user16 = {
 884       username: 'user_16',
 885       password: 'my super password'
 886     }
 887
 888     it('Should block a user', async function () {
 889       const resUser = await createUser({
 890         url: server.url,
 891         accessToken: server.accessToken,
 892         username: user16.username,
 893         password: user16.password
 894       })
 895       user16Id = resUser.body.user.id
 896
 897       user16AccessToken = await server.loginCommand.getAccessToken(user16)
 898
 899       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 900       await blockUser(server.url, user16Id, server.accessToken)
 901
 902       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 903       await server.loginCommand.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 904     })
 905
 906     it('Should search user by banned status', async function () {
 907       {
 908         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 909         const users = res.body.data as User[]
 910
 911         expect(res.body.total).to.equal(1)
 912         expect(users.length).to.equal(1)
 913
 914         expect(users[0].username).to.equal(user16.username)
 915       }
 916
 917       {
 918         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 919         const users = res.body.data as User[]
 920
 921         expect(res.body.total).to.equal(1)
 922         expect(users.length).to.equal(1)
 923
 924         expect(users[0].username).to.not.equal(user16.username)
 925       }
 926     })
 927
 928     it('Should unblock a user', async function () {
 929       await unblockUser(server.url, user16Id, server.accessToken)
 930       user16AccessToken = await server.loginCommand.getAccessToken(user16)
 931       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 932     })
 933   })
 934
 935   describe('User stats', function () {
 936     let user17Id
 937     let user17AccessToken
 938
 939     it('Should report correct initial statistics about a user', async function () {
 940       const user17 = {
 941         username: 'user_17',
 942         password: 'my super password'
 943       }
 944       const resUser = await createUser({
 945         url: server.url,
 946         accessToken: server.accessToken,
 947         username: user17.username,
 948         password: user17.password
 949       })
 950
 951       user17Id = resUser.body.user.id
 952       user17AccessToken = await server.loginCommand.getAccessToken(user17)
 953
 954       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 955       const user: User = res.body
 956
 957       expect(user.videosCount).to.equal(0)
 958       expect(user.videoCommentsCount).to.equal(0)
 959       expect(user.abusesCount).to.equal(0)
 960       expect(user.abusesCreatedCount).to.equal(0)
 961       expect(user.abusesAcceptedCount).to.equal(0)
 962     })
 963
 964     it('Should report correct videos count', async function () {
 965       const videoAttributes = {
 966         name: 'video to test user stats'
 967       }
 968       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 969       const res1 = await getVideosList(server.url)
 970       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 971
 972       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 973       const user: User = res2.body
 974
 975       expect(user.videosCount).to.equal(1)
 976     })
 977
 978     it('Should report correct video comments for user', async function () {
 979       const text = 'super comment'
 980       await server.commentsCommand.createThread({ token: user17AccessToken, videoId, text })
 981
 982       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 983       const user: User = res.body
 984
 985       expect(user.videoCommentsCount).to.equal(1)
 986     })
 987
 988     it('Should report correct abuses counts', async function () {
 989       const reason = 'my super bad reason'
 990       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
 991
 992       const body1 = await server.abusesCommand.getAdminList()
 993       const abuseId = body1.data[0].id
 994
 995       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 996       const user2: User = res2.body
 997
 998       expect(user2.abusesCount).to.equal(1) // number of incriminations
 999       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1000
1001       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
1002
1003       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1004       const user3: User = res3.body
1005
1006       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1007     })
1008   })
1009
1010   after(async function () {
1011     await cleanupTests([ server ])
1012   })
1013 })