server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   addVideoCommentThread,
   8   blockUser,
   9   cleanupTests,
  10   closeAllSequelize,
  11   createUser,
  12   deleteMe,
  13   flushAndRunServer,
  14   follow,
  15   getAccountRatings,
  16   getBlacklistedVideosList,
  17   getCustomConfig,
  18   getMyUserInformation,
  19   getMyUserVideoQuotaUsed,
  20   getMyUserVideoRating,
  21   getMyVideos,
  22   getUserInformation,
  23   getUsersList,
  24   getUsersListPaginationAndSort,
  25   getVideoChannel,
  26   getVideosList,
  27   installPlugin,
  28   killallServers,
  29   login,
  30   logout,
  31   makePutBodyRequest,
  32   rateVideo,
  33   refreshToken,
  34   registerUserWithChannel,
  35   removeUser,
  36   removeVideo,
  37   reRunServer,
  38   ServerInfo,
  39   setAccessTokensToServers,
  40   setTokenField,
  41   testImage,
  42   unblockUser,
  43   updateCustomSubConfig,
  44   updateMyAvatar,
  45   updateMyUser,
  46   updateUser,
  47   uploadVideo,
  48   userLogin,
  49   waitJobs
  50 } from '@shared/extra-utils'
  51 import { AbuseState, CustomConfig, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  52
  53 const expect = chai.expect
  54
  55 describe('Test users', function () {
  56   let server: ServerInfo
  57   let accessToken: string
  58   let accessTokenUser: string
  59   let videoId: number
  60   let userId: number
  61   const user = {
  62     username: 'user_1',
  63     password: 'super password'
  64   }
  65
  66   before(async function () {
  67     this.timeout(30000)
  68
  69     server = await flushAndRunServer(1, {
  70       rates_limit: {
  71         login: {
  72           max: 30
  73         }
  74       }
  75     })
  76
  77     await setAccessTokensToServers([ server ])
  78
  79     await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
  80   })
  81
  82   describe('OAuth client', function () {
  83     it('Should create a new client')
  84
  85     it('Should return the first client')
  86
  87     it('Should remove the last client')
  88
  89     it('Should not login with an invalid client id', async function () {
  90       const client = { id: 'client', secret: server.client.secret }
  91       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  92
  93       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  94       expect(res.body.error).to.contain('client is invalid')
  95       expect(res.body.type.startsWith('https://')).to.be.true
  96       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  97     })
  98
  99     it('Should not login with an invalid client secret', async function () {
 100       const client = { id: server.client.id, secret: 'coucou' }
 101       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
 102
 103       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
 104       expect(res.body.error).to.contain('client is invalid')
 105       expect(res.body.type.startsWith('https://')).to.be.true
 106       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 107     })
 108   })
 109
 110   describe('Login', function () {
 111
 112     it('Should not login with an invalid username', async function () {
 113       const user = { username: 'captain crochet', password: server.user.password }
 114       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 115
 116       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 117       expect(res.body.error).to.contain('credentials are invalid')
 118       expect(res.body.type.startsWith('https://')).to.be.true
 119       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 120     })
 121
 122     it('Should not login with an invalid password', async function () {
 123       const user = { username: server.user.username, password: 'mew_three' }
 124       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 125
 126       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 127       expect(res.body.error).to.contain('credentials are invalid')
 128       expect(res.body.type.startsWith('https://')).to.be.true
 129       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 130     })
 131
 132     it('Should not be able to upload a video', async function () {
 133       accessToken = 'my_super_token'
 134
 135       const videoAttributes = {}
 136       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 137     })
 138
 139     it('Should not be able to follow', async function () {
 140       accessToken = 'my_super_token'
 141       await follow(server.url, [ 'http://example.com' ], accessToken, HttpStatusCode.UNAUTHORIZED_401)
 142     })
 143
 144     it('Should not be able to unfollow')
 145
 146     it('Should be able to login', async function () {
 147       const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
 148
 149       accessToken = res.body.access_token
 150     })
 151
 152     it('Should be able to login with an insensitive username', async function () {
 153       const user = { username: 'RoOt', password: server.user.password }
 154       await login(server.url, server.client, user, HttpStatusCode.OK_200)
 155
 156       const user2 = { username: 'rOoT', password: server.user.password }
 157       await login(server.url, server.client, user2, HttpStatusCode.OK_200)
 158
 159       const user3 = { username: 'ROOt', password: server.user.password }
 160       await login(server.url, server.client, user3, HttpStatusCode.OK_200)
 161     })
 162   })
 163
 164   describe('Upload', function () {
 165
 166     it('Should upload the video with the correct token', async function () {
 167       const videoAttributes = {}
 168       await uploadVideo(server.url, accessToken, videoAttributes)
 169       const res = await getVideosList(server.url)
 170       const video = res.body.data[0]
 171
 172       expect(video.account.name).to.equal('root')
 173       videoId = video.id
 174     })
 175
 176     it('Should upload the video again with the correct token', async function () {
 177       const videoAttributes = {}
 178       await uploadVideo(server.url, accessToken, videoAttributes)
 179     })
 180   })
 181
 182   describe('Ratings', function () {
 183
 184     it('Should retrieve a video rating', async function () {
 185       await rateVideo(server.url, accessToken, videoId, 'like')
 186       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 187       const rating = res.body
 188
 189       expect(rating.videoId).to.equal(videoId)
 190       expect(rating.rating).to.equal('like')
 191     })
 192
 193     it('Should retrieve ratings list', async function () {
 194       await rateVideo(server.url, accessToken, videoId, 'like')
 195
 196       const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, HttpStatusCode.OK_200)
 197       const ratings = res.body
 198
 199       expect(ratings.total).to.equal(1)
 200       expect(ratings.data[0].video.id).to.equal(videoId)
 201       expect(ratings.data[0].rating).to.equal('like')
 202     })
 203
 204     it('Should retrieve ratings list by rating type', async function () {
 205       {
 206         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
 207         const ratings = res.body
 208         expect(ratings.data.length).to.equal(1)
 209       }
 210
 211       {
 212         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
 213         const ratings = res.body
 214         expect(ratings.data.length).to.equal(0)
 215       }
 216     })
 217   })
 218
 219   describe('Remove video', function () {
 220     it('Should not be able to remove the video with an incorrect token', async function () {
 221       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 222     })
 223
 224     it('Should not be able to remove the video with the token of another account')
 225
 226     it('Should be able to remove the video with the correct token', async function () {
 227       await removeVideo(server.url, accessToken, videoId)
 228     })
 229   })
 230
 231   describe('Logout', function () {
 232     it('Should logout (revoke token)', async function () {
 233       await logout(server.url, server.accessToken)
 234     })
 235
 236     it('Should not be able to get the user information', async function () {
 237       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 238     })
 239
 240     it('Should not be able to upload a video', async function () {
 241       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 242     })
 243
 244     it('Should not be able to rate a video', async function () {
 245       const path = '/api/v1/videos/'
 246       const data = {
 247         rating: 'likes'
 248       }
 249
 250       const options = {
 251         url: server.url,
 252         path: path + videoId,
 253         token: 'wrong token',
 254         fields: data,
 255         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 256       }
 257       await makePutBodyRequest(options)
 258     })
 259
 260     it('Should be able to login again', async function () {
 261       const res = await login(server.url, server.client, server.user)
 262       server.accessToken = res.body.access_token
 263       server.refreshToken = res.body.refresh_token
 264     })
 265
 266     it('Should be able to get my user information again', async function () {
 267       await getMyUserInformation(server.url, server.accessToken)
 268     })
 269
 270     it('Should have an expired access token', async function () {
 271       this.timeout(15000)
 272
 273       await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 274       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 275
 276       killallServers([ server ])
 277       await reRunServer(server)
 278
 279       await getMyUserInformation(server.url, server.accessToken, 401)
 280     })
 281
 282     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 283       await refreshToken(server, server.refreshToken, 400)
 284     })
 285
 286     it('Should refresh the token', async function () {
 287       this.timeout(15000)
 288
 289       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 290       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 291
 292       killallServers([ server ])
 293       await reRunServer(server)
 294
 295       const res = await refreshToken(server, server.refreshToken)
 296       server.accessToken = res.body.access_token
 297       server.refreshToken = res.body.refresh_token
 298     })
 299
 300     it('Should be able to get my user information again', async function () {
 301       await getMyUserInformation(server.url, server.accessToken)
 302     })
 303   })
 304
 305   describe('Creating a user', function () {
 306
 307     it('Should be able to create a new user', async function () {
 308       await createUser({
 309         url: server.url,
 310         accessToken: accessToken,
 311         username: user.username,
 312         password: user.password,
 313         videoQuota: 2 * 1024 * 1024,
 314         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 315       })
 316     })
 317
 318     it('Should be able to login with this user', async function () {
 319       accessTokenUser = await userLogin(server, user)
 320     })
 321
 322     it('Should be able to get user information', async function () {
 323       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 324       const userMe: MyUser = res1.body
 325
 326       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 327       const userGet: User = res2.body
 328
 329       for (const user of [ userMe, userGet ]) {
 330         expect(user.username).to.equal('user_1')
 331         expect(user.email).to.equal('user_1@example.com')
 332         expect(user.nsfwPolicy).to.equal('display')
 333         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 334         expect(user.roleLabel).to.equal('User')
 335         expect(user.id).to.be.a('number')
 336         expect(user.account.displayName).to.equal('user_1')
 337         expect(user.account.description).to.be.null
 338       }
 339
 340       expect(userMe.adminFlags).to.be.undefined
 341       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 342
 343       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 344       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 345
 346       // Check stats are included with withStats
 347       expect(userGet.videosCount).to.be.a('number')
 348       expect(userGet.videosCount).to.equal(0)
 349       expect(userGet.videoCommentsCount).to.be.a('number')
 350       expect(userGet.videoCommentsCount).to.equal(0)
 351       expect(userGet.abusesCount).to.be.a('number')
 352       expect(userGet.abusesCount).to.equal(0)
 353       expect(userGet.abusesAcceptedCount).to.be.a('number')
 354       expect(userGet.abusesAcceptedCount).to.equal(0)
 355     })
 356   })
 357
 358   describe('My videos & quotas', function () {
 359
 360     it('Should be able to upload a video with this user', async function () {
 361       this.timeout(10000)
 362
 363       const videoAttributes = {
 364         name: 'super user video',
 365         fixture: 'video_short.webm'
 366       }
 367       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 368     })
 369
 370     it('Should have video quota updated', async function () {
 371       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 372       const data = res.body
 373
 374       expect(data.videoQuotaUsed).to.equal(218910)
 375
 376       const resUsers = await getUsersList(server.url, server.accessToken)
 377
 378       const users: User[] = resUsers.body.data
 379       const tmpUser = users.find(u => u.username === user.username)
 380       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 381     })
 382
 383     it('Should be able to list my videos', async function () {
 384       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 385       expect(res.body.total).to.equal(1)
 386
 387       const videos = res.body.data
 388       expect(videos).to.have.lengthOf(1)
 389
 390       const video: Video = videos[0]
 391       expect(video.name).to.equal('super user video')
 392       expect(video.thumbnailPath).to.not.be.null
 393       expect(video.previewPath).to.not.be.null
 394     })
 395
 396     it('Should be able to search in my videos', async function () {
 397       {
 398         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 399         expect(res.body.total).to.equal(1)
 400
 401         const videos = res.body.data
 402         expect(videos).to.have.lengthOf(1)
 403       }
 404
 405       {
 406         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 407         expect(res.body.total).to.equal(0)
 408
 409         const videos = res.body.data
 410         expect(videos).to.have.lengthOf(0)
 411       }
 412     })
 413
 414     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 415       this.timeout(60000)
 416
 417       {
 418         const res = await getCustomConfig(server.url, server.accessToken)
 419         const config = res.body as CustomConfig
 420         config.transcoding.webtorrent.enabled = false
 421         config.transcoding.hls.enabled = true
 422         config.transcoding.enabled = true
 423         await updateCustomSubConfig(server.url, server.accessToken, config)
 424       }
 425
 426       {
 427         const videoAttributes = {
 428           name: 'super user video 2',
 429           fixture: 'video_short.webm'
 430         }
 431         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 432
 433         await waitJobs([ server ])
 434       }
 435
 436       {
 437         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 438         const data = res.body
 439
 440         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 441       }
 442     })
 443   })
 444
 445   describe('Users listing', function () {
 446
 447     it('Should list all the users', async function () {
 448       const res = await getUsersList(server.url, server.accessToken)
 449       const result = res.body
 450       const total = result.total
 451       const users = result.data
 452
 453       expect(total).to.equal(2)
 454       expect(users).to.be.an('array')
 455       expect(users.length).to.equal(2)
 456
 457       const user = users[0]
 458       expect(user.username).to.equal('user_1')
 459       expect(user.email).to.equal('user_1@example.com')
 460       expect(user.nsfwPolicy).to.equal('display')
 461
 462       const rootUser = users[1]
 463       expect(rootUser.username).to.equal('root')
 464       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 465       expect(user.nsfwPolicy).to.equal('display')
 466
 467       expect(rootUser.lastLoginDate).to.exist
 468       expect(user.lastLoginDate).to.exist
 469
 470       userId = user.id
 471     })
 472
 473     it('Should list only the first user by username asc', async function () {
 474       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 475
 476       const result = res.body
 477       const total = result.total
 478       const users = result.data
 479
 480       expect(total).to.equal(2)
 481       expect(users.length).to.equal(1)
 482
 483       const user = users[0]
 484       expect(user.username).to.equal('root')
 485       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 486       expect(user.roleLabel).to.equal('Administrator')
 487       expect(user.nsfwPolicy).to.equal('display')
 488     })
 489
 490     it('Should list only the first user by username desc', async function () {
 491       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 492       const result = res.body
 493       const total = result.total
 494       const users = result.data
 495
 496       expect(total).to.equal(2)
 497       expect(users.length).to.equal(1)
 498
 499       const user = users[0]
 500       expect(user.username).to.equal('user_1')
 501       expect(user.email).to.equal('user_1@example.com')
 502       expect(user.nsfwPolicy).to.equal('display')
 503     })
 504
 505     it('Should list only the second user by createdAt desc', async function () {
 506       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 507       const result = res.body
 508       const total = result.total
 509       const users = result.data
 510
 511       expect(total).to.equal(2)
 512       expect(users.length).to.equal(1)
 513
 514       const user = users[0]
 515       expect(user.username).to.equal('user_1')
 516       expect(user.email).to.equal('user_1@example.com')
 517       expect(user.nsfwPolicy).to.equal('display')
 518     })
 519
 520     it('Should list all the users by createdAt asc', async function () {
 521       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 522       const result = res.body
 523       const total = result.total
 524       const users = result.data
 525
 526       expect(total).to.equal(2)
 527       expect(users.length).to.equal(2)
 528
 529       expect(users[0].username).to.equal('root')
 530       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 531       expect(users[0].nsfwPolicy).to.equal('display')
 532
 533       expect(users[1].username).to.equal('user_1')
 534       expect(users[1].email).to.equal('user_1@example.com')
 535       expect(users[1].nsfwPolicy).to.equal('display')
 536     })
 537
 538     it('Should search user by username', async function () {
 539       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 540       const users = res.body.data as User[]
 541
 542       expect(res.body.total).to.equal(1)
 543       expect(users.length).to.equal(1)
 544
 545       expect(users[0].username).to.equal('root')
 546     })
 547
 548     it('Should search user by email', async function () {
 549       {
 550         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 551         const users = res.body.data as User[]
 552
 553         expect(res.body.total).to.equal(1)
 554         expect(users.length).to.equal(1)
 555
 556         expect(users[0].username).to.equal('user_1')
 557         expect(users[0].email).to.equal('user_1@example.com')
 558       }
 559
 560       {
 561         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 562         const users = res.body.data as User[]
 563
 564         expect(res.body.total).to.equal(2)
 565         expect(users.length).to.equal(2)
 566
 567         expect(users[0].username).to.equal('root')
 568         expect(users[1].username).to.equal('user_1')
 569       }
 570     })
 571   })
 572
 573   describe('Update my account', function () {
 574     it('Should update my password', async function () {
 575       await updateMyUser({
 576         url: server.url,
 577         accessToken: accessTokenUser,
 578         currentPassword: 'super password',
 579         password: 'new password'
 580       })
 581       user.password = 'new password'
 582
 583       await userLogin(server, user, HttpStatusCode.OK_200)
 584     })
 585
 586     it('Should be able to change the NSFW display attribute', async function () {
 587       await updateMyUser({
 588         url: server.url,
 589         accessToken: accessTokenUser,
 590         nsfwPolicy: 'do_not_list'
 591       })
 592
 593       const res = await getMyUserInformation(server.url, accessTokenUser)
 594       const user = res.body
 595
 596       expect(user.username).to.equal('user_1')
 597       expect(user.email).to.equal('user_1@example.com')
 598       expect(user.nsfwPolicy).to.equal('do_not_list')
 599       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 600       expect(user.id).to.be.a('number')
 601       expect(user.account.displayName).to.equal('user_1')
 602       expect(user.account.description).to.be.null
 603     })
 604
 605     it('Should be able to change the autoPlayVideo attribute', async function () {
 606       await updateMyUser({
 607         url: server.url,
 608         accessToken: accessTokenUser,
 609         autoPlayVideo: false
 610       })
 611
 612       const res = await getMyUserInformation(server.url, accessTokenUser)
 613       const user = res.body
 614
 615       expect(user.autoPlayVideo).to.be.false
 616     })
 617
 618     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 619       await updateMyUser({
 620         url: server.url,
 621         accessToken: accessTokenUser,
 622         autoPlayNextVideo: true
 623       })
 624
 625       const res = await getMyUserInformation(server.url, accessTokenUser)
 626       const user = res.body
 627
 628       expect(user.autoPlayNextVideo).to.be.true
 629     })
 630
 631     it('Should be able to change the email attribute', async function () {
 632       await updateMyUser({
 633         url: server.url,
 634         accessToken: accessTokenUser,
 635         currentPassword: 'new password',
 636         email: 'updated@example.com'
 637       })
 638
 639       const res = await getMyUserInformation(server.url, accessTokenUser)
 640       const user = res.body
 641
 642       expect(user.username).to.equal('user_1')
 643       expect(user.email).to.equal('updated@example.com')
 644       expect(user.nsfwPolicy).to.equal('do_not_list')
 645       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 646       expect(user.id).to.be.a('number')
 647       expect(user.account.displayName).to.equal('user_1')
 648       expect(user.account.description).to.be.null
 649     })
 650
 651     it('Should be able to update my avatar with a gif', async function () {
 652       const fixture = 'avatar.gif'
 653
 654       await updateMyAvatar({
 655         url: server.url,
 656         accessToken: accessTokenUser,
 657         fixture
 658       })
 659
 660       const res = await getMyUserInformation(server.url, accessTokenUser)
 661       const user = res.body
 662
 663       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 664     })
 665
 666     it('Should be able to update my avatar with a gif, and then a png', async function () {
 667       for (const extension of [ '.png', '.gif' ]) {
 668         const fixture = 'avatar' + extension
 669
 670         await updateMyAvatar({
 671           url: server.url,
 672           accessToken: accessTokenUser,
 673           fixture
 674         })
 675
 676         const res = await getMyUserInformation(server.url, accessTokenUser)
 677         const user = res.body
 678
 679         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 680       }
 681     })
 682
 683     it('Should be able to update my display name', async function () {
 684       await updateMyUser({
 685         url: server.url,
 686         accessToken: accessTokenUser,
 687         displayName: 'new display name'
 688       })
 689
 690       const res = await getMyUserInformation(server.url, accessTokenUser)
 691       const user = res.body
 692
 693       expect(user.username).to.equal('user_1')
 694       expect(user.email).to.equal('updated@example.com')
 695       expect(user.nsfwPolicy).to.equal('do_not_list')
 696       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 697       expect(user.id).to.be.a('number')
 698       expect(user.account.displayName).to.equal('new display name')
 699       expect(user.account.description).to.be.null
 700     })
 701
 702     it('Should be able to update my description', async function () {
 703       await updateMyUser({
 704         url: server.url,
 705         accessToken: accessTokenUser,
 706         description: 'my super description updated'
 707       })
 708
 709       const res = await getMyUserInformation(server.url, accessTokenUser)
 710       const user: User = res.body
 711
 712       expect(user.username).to.equal('user_1')
 713       expect(user.email).to.equal('updated@example.com')
 714       expect(user.nsfwPolicy).to.equal('do_not_list')
 715       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 716       expect(user.id).to.be.a('number')
 717       expect(user.account.displayName).to.equal('new display name')
 718       expect(user.account.description).to.equal('my super description updated')
 719       expect(user.noWelcomeModal).to.be.false
 720       expect(user.noInstanceConfigWarningModal).to.be.false
 721     })
 722
 723     it('Should be able to update my theme', async function () {
 724       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 725         await updateMyUser({
 726           url: server.url,
 727           accessToken: accessTokenUser,
 728           theme
 729         })
 730
 731         const res = await getMyUserInformation(server.url, accessTokenUser)
 732         const body: User = res.body
 733
 734         expect(body.theme).to.equal(theme)
 735       }
 736     })
 737
 738     it('Should be able to update my modal preferences', async function () {
 739       await updateMyUser({
 740         url: server.url,
 741         accessToken: accessTokenUser,
 742         noInstanceConfigWarningModal: true,
 743         noWelcomeModal: true
 744       })
 745
 746       const res = await getMyUserInformation(server.url, accessTokenUser)
 747       const user: User = res.body
 748
 749       expect(user.noWelcomeModal).to.be.true
 750       expect(user.noInstanceConfigWarningModal).to.be.true
 751     })
 752   })
 753
 754   describe('Updating another user', function () {
 755     it('Should be able to update another user', async function () {
 756       await updateUser({
 757         url: server.url,
 758         userId,
 759         accessToken,
 760         email: 'updated2@example.com',
 761         emailVerified: true,
 762         videoQuota: 42,
 763         role: UserRole.MODERATOR,
 764         adminFlags: UserAdminFlag.NONE,
 765         pluginAuth: 'toto'
 766       })
 767
 768       const res = await getUserInformation(server.url, accessToken, userId)
 769       const user = res.body as User
 770
 771       expect(user.username).to.equal('user_1')
 772       expect(user.email).to.equal('updated2@example.com')
 773       expect(user.emailVerified).to.be.true
 774       expect(user.nsfwPolicy).to.equal('do_not_list')
 775       expect(user.videoQuota).to.equal(42)
 776       expect(user.roleLabel).to.equal('Moderator')
 777       expect(user.id).to.be.a('number')
 778       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 779       expect(user.pluginAuth).to.equal('toto')
 780     })
 781
 782     it('Should reset the auth plugin', async function () {
 783       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 784
 785       const res = await getUserInformation(server.url, accessToken, userId)
 786       const user = res.body as User
 787       expect(user.pluginAuth).to.be.null
 788     })
 789
 790     it('Should have removed the user token', async function () {
 791       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 792
 793       accessTokenUser = await userLogin(server, user)
 794     })
 795
 796     it('Should be able to update another user password', async function () {
 797       await updateUser({
 798         url: server.url,
 799         userId,
 800         accessToken,
 801         password: 'password updated'
 802       })
 803
 804       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 805
 806       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 807
 808       user.password = 'password updated'
 809       accessTokenUser = await userLogin(server, user)
 810     })
 811   })
 812
 813   describe('Video blacklists', function () {
 814     it('Should be able to list video blacklist by a moderator', async function () {
 815       await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
 816     })
 817   })
 818
 819   describe('Remove a user', function () {
 820     it('Should be able to remove this user', async function () {
 821       await removeUser(server.url, userId, accessToken)
 822     })
 823
 824     it('Should not be able to login with this user', async function () {
 825       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 826     })
 827
 828     it('Should not have videos of this user', async function () {
 829       const res = await getVideosList(server.url)
 830
 831       expect(res.body.total).to.equal(1)
 832
 833       const video = res.body.data[0]
 834       expect(video.account.name).to.equal('root')
 835     })
 836   })
 837
 838   describe('Registering a new user', function () {
 839     let user15AccessToken
 840
 841     it('Should register a new user', async function () {
 842       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 843       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 844
 845       await registerUserWithChannel({ url: server.url, user, channel })
 846     })
 847
 848     it('Should be able to login with this registered user', async function () {
 849       const user15 = {
 850         username: 'user_15',
 851         password: 'my super password'
 852       }
 853
 854       user15AccessToken = await userLogin(server, user15)
 855     })
 856
 857     it('Should have the correct display name', async function () {
 858       const res = await getMyUserInformation(server.url, user15AccessToken)
 859       const user: User = res.body
 860
 861       expect(user.account.displayName).to.equal('super user 15')
 862     })
 863
 864     it('Should have the correct video quota', async function () {
 865       const res = await getMyUserInformation(server.url, user15AccessToken)
 866       const user = res.body
 867
 868       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 869     })
 870
 871     it('Should have created the channel', async function () {
 872       const res = await getVideoChannel(server.url, 'my_user_15_channel')
 873
 874       expect(res.body.displayName).to.equal('my channel rocks')
 875     })
 876
 877     it('Should remove me', async function () {
 878       {
 879         const res = await getUsersList(server.url, server.accessToken)
 880         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 881       }
 882
 883       await deleteMe(server.url, user15AccessToken)
 884
 885       {
 886         const res = await getUsersList(server.url, server.accessToken)
 887         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 888       }
 889     })
 890   })
 891
 892   describe('User blocking', function () {
 893     let user16Id
 894     let user16AccessToken
 895     const user16 = {
 896       username: 'user_16',
 897       password: 'my super password'
 898     }
 899
 900     it('Should block a user', async function () {
 901       const resUser = await createUser({
 902         url: server.url,
 903         accessToken: server.accessToken,
 904         username: user16.username,
 905         password: user16.password
 906       })
 907       user16Id = resUser.body.user.id
 908
 909       user16AccessToken = await userLogin(server, user16)
 910
 911       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 912       await blockUser(server.url, user16Id, server.accessToken)
 913
 914       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 915       await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
 916     })
 917
 918     it('Should search user by banned status', async function () {
 919       {
 920         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 921         const users = res.body.data as User[]
 922
 923         expect(res.body.total).to.equal(1)
 924         expect(users.length).to.equal(1)
 925
 926         expect(users[0].username).to.equal(user16.username)
 927       }
 928
 929       {
 930         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 931         const users = res.body.data as User[]
 932
 933         expect(res.body.total).to.equal(1)
 934         expect(users.length).to.equal(1)
 935
 936         expect(users[0].username).to.not.equal(user16.username)
 937       }
 938     })
 939
 940     it('Should unblock a user', async function () {
 941       await unblockUser(server.url, user16Id, server.accessToken)
 942       user16AccessToken = await userLogin(server, user16)
 943       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 944     })
 945   })
 946
 947   describe('User stats', function () {
 948     let user17Id
 949     let user17AccessToken
 950
 951     it('Should report correct initial statistics about a user', async function () {
 952       const user17 = {
 953         username: 'user_17',
 954         password: 'my super password'
 955       }
 956       const resUser = await createUser({
 957         url: server.url,
 958         accessToken: server.accessToken,
 959         username: user17.username,
 960         password: user17.password
 961       })
 962
 963       user17Id = resUser.body.user.id
 964       user17AccessToken = await userLogin(server, user17)
 965
 966       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 967       const user: User = res.body
 968
 969       expect(user.videosCount).to.equal(0)
 970       expect(user.videoCommentsCount).to.equal(0)
 971       expect(user.abusesCount).to.equal(0)
 972       expect(user.abusesCreatedCount).to.equal(0)
 973       expect(user.abusesAcceptedCount).to.equal(0)
 974     })
 975
 976     it('Should report correct videos count', async function () {
 977       const videoAttributes = {
 978         name: 'video to test user stats'
 979       }
 980       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 981       const res1 = await getVideosList(server.url)
 982       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 983
 984       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 985       const user: User = res2.body
 986
 987       expect(user.videosCount).to.equal(1)
 988     })
 989
 990     it('Should report correct video comments for user', async function () {
 991       const text = 'super comment'
 992       await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
 993
 994       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 995       const user: User = res.body
 996
 997       expect(user.videoCommentsCount).to.equal(1)
 998     })
 999
1000     it('Should report correct abuses counts', async function () {
1001       const reason = 'my super bad reason'
1002       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
1003
1004       const body1 = await server.abusesCommand.getAdminList()
1005       const abuseId = body1.data[0].id
1006
1007       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1008       const user2: User = res2.body
1009
1010       expect(user2.abusesCount).to.equal(1) // number of incriminations
1011       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1012
1013       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
1014
1015       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1016       const user3: User = res3.body
1017
1018       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1019     })
1020   })
1021
1022   after(async function () {
1023     await closeAllSequelize([ server ])
1024     await cleanupTests([ server ])
1025   })
1026 })