server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import {
   6   cleanupTests,
   7   createSingleServer,
   8   killallServers,
   9   makePutBodyRequest,
  10   PeerTubeServer,
  11   setAccessTokensToServers,
  12   testImage,
  13   waitJobs
  14 } from '@shared/extra-utils'
  15 import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  16
  17 const expect = chai.expect
  18
  19 describe('Test users', function () {
  20   let server: PeerTubeServer
  21   let token: string
  22   let userToken: string
  23   let videoId: number
  24   let userId: number
  25   const user = {
  26     username: 'user_1',
  27     password: 'super password'
  28   }
  29
  30   before(async function () {
  31     this.timeout(30000)
  32
  33     server = await createSingleServer(1, {
  34       rates_limit: {
  35         login: {
  36           max: 30
  37         }
  38       }
  39     })
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  44   })
  45
  46   describe('OAuth client', function () {
  47     it('Should create a new client')
  48
  49     it('Should return the first client')
  50
  51     it('Should remove the last client')
  52
  53     it('Should not login with an invalid client id', async function () {
  54       const client = { id: 'client', secret: server.store.client.secret }
  55       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  56
  57       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  58       expect(body.error).to.contain('client is invalid')
  59       expect(body.type.startsWith('https://')).to.be.true
  60       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  61     })
  62
  63     it('Should not login with an invalid client secret', async function () {
  64       const client = { id: server.store.client.id, secret: 'coucou' }
  65       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  66
  67       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  68       expect(body.error).to.contain('client is invalid')
  69       expect(body.type.startsWith('https://')).to.be.true
  70       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  71     })
  72   })
  73
  74   describe('Login', function () {
  75
  76     it('Should not login with an invalid username', async function () {
  77       const user = { username: 'captain crochet', password: server.store.user.password }
  78       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  79
  80       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  81       expect(body.error).to.contain('credentials are invalid')
  82       expect(body.type.startsWith('https://')).to.be.true
  83       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  84     })
  85
  86     it('Should not login with an invalid password', async function () {
  87       const user = { username: server.store.user.username, password: 'mew_three' }
  88       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  89
  90       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  91       expect(body.error).to.contain('credentials are invalid')
  92       expect(body.type.startsWith('https://')).to.be.true
  93       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  94     })
  95
  96     it('Should not be able to upload a video', async function () {
  97       token = 'my_super_token'
  98
  99       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 100     })
 101
 102     it('Should not be able to follow', async function () {
 103       token = 'my_super_token'
 104
 105       await server.follows.follow({
 106         hosts: [ 'http://example.com' ],
 107         token,
 108         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 109       })
 110     })
 111
 112     it('Should not be able to unfollow')
 113
 114     it('Should be able to login', async function () {
 115       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 116
 117       token = body.access_token
 118     })
 119
 120     it('Should be able to login with an insensitive username', async function () {
 121       const user = { username: 'RoOt', password: server.store.user.password }
 122       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 123
 124       const user2 = { username: 'rOoT', password: server.store.user.password }
 125       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 126
 127       const user3 = { username: 'ROOt', password: server.store.user.password }
 128       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 129     })
 130   })
 131
 132   describe('Upload', function () {
 133
 134     it('Should upload the video with the correct token', async function () {
 135       await server.videos.upload({ token })
 136       const { data } = await server.videos.list()
 137       const video = data[0]
 138
 139       expect(video.account.name).to.equal('root')
 140       videoId = video.id
 141     })
 142
 143     it('Should upload the video again with the correct token', async function () {
 144       await server.videos.upload({ token })
 145     })
 146   })
 147
 148   describe('Ratings', function () {
 149
 150     it('Should retrieve a video rating', async function () {
 151       await server.videos.rate({ id: videoId, rating: 'like' })
 152       const rating = await server.users.getMyRating({ token, videoId })
 153
 154       expect(rating.videoId).to.equal(videoId)
 155       expect(rating.rating).to.equal('like')
 156     })
 157
 158     it('Should retrieve ratings list', async function () {
 159       await server.videos.rate({ id: videoId, rating: 'like' })
 160
 161       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 162
 163       expect(body.total).to.equal(1)
 164       expect(body.data[0].video.id).to.equal(videoId)
 165       expect(body.data[0].rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list by rating type', async function () {
 169       {
 170         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 171         expect(body.data.length).to.equal(1)
 172       }
 173
 174       {
 175         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 176         expect(body.data.length).to.equal(0)
 177       }
 178     })
 179   })
 180
 181   describe('Remove video', function () {
 182     it('Should not be able to remove the video with an incorrect token', async function () {
 183       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184     })
 185
 186     it('Should not be able to remove the video with the token of another account')
 187
 188     it('Should be able to remove the video with the correct token', async function () {
 189       await server.videos.remove({ token, id: videoId })
 190     })
 191   })
 192
 193   describe('Logout', function () {
 194     it('Should logout (revoke token)', async function () {
 195       await server.login.logout({ token: server.accessToken })
 196     })
 197
 198     it('Should not be able to get the user information', async function () {
 199       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 200     })
 201
 202     it('Should not be able to upload a video', async function () {
 203       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should not be able to rate a video', async function () {
 207       const path = '/api/v1/videos/'
 208       const data = {
 209         rating: 'likes'
 210       }
 211
 212       const options = {
 213         url: server.url,
 214         path: path + videoId,
 215         token: 'wrong token',
 216         fields: data,
 217         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 218       }
 219       await makePutBodyRequest(options)
 220     })
 221
 222     it('Should be able to login again', async function () {
 223       const body = await server.login.login()
 224       server.accessToken = body.access_token
 225       server.refreshToken = body.refresh_token
 226     })
 227
 228     it('Should be able to get my user information again', async function () {
 229       await server.users.getMyInfo()
 230     })
 231
 232     it('Should have an expired access token', async function () {
 233       this.timeout(15000)
 234
 235       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 236       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 237
 238       await killallServers([ server ])
 239       await server.run()
 240
 241       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 242     })
 243
 244     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 245       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 246     })
 247
 248     it('Should refresh the token', async function () {
 249       this.timeout(15000)
 250
 251       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 252       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 253
 254       await killallServers([ server ])
 255       await server.run()
 256
 257       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await server.users.getMyInfo()
 264     })
 265   })
 266
 267   describe('Creating a user', function () {
 268
 269     it('Should be able to create a new user', async function () {
 270       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 271     })
 272
 273     it('Should be able to login with this user', async function () {
 274       userToken = await server.login.getAccessToken(user)
 275     })
 276
 277     it('Should be able to get user information', async function () {
 278       const userMe = await server.users.getMyInfo({ token: userToken })
 279
 280       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 281
 282       for (const user of [ userMe, userGet ]) {
 283         expect(user.username).to.equal('user_1')
 284         expect(user.email).to.equal('user_1@example.com')
 285         expect(user.nsfwPolicy).to.equal('display')
 286         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 287         expect(user.roleLabel).to.equal('User')
 288         expect(user.id).to.be.a('number')
 289         expect(user.account.displayName).to.equal('user_1')
 290         expect(user.account.description).to.be.null
 291       }
 292
 293       expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 294       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 295
 296       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 297       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 298
 299       // Check stats are included with withStats
 300       expect(userGet.videosCount).to.be.a('number')
 301       expect(userGet.videosCount).to.equal(0)
 302       expect(userGet.videoCommentsCount).to.be.a('number')
 303       expect(userGet.videoCommentsCount).to.equal(0)
 304       expect(userGet.abusesCount).to.be.a('number')
 305       expect(userGet.abusesCount).to.equal(0)
 306       expect(userGet.abusesAcceptedCount).to.be.a('number')
 307       expect(userGet.abusesAcceptedCount).to.equal(0)
 308     })
 309   })
 310
 311   describe('My videos & quotas', function () {
 312
 313     it('Should be able to upload a video with this user', async function () {
 314       this.timeout(10000)
 315
 316       const attributes = {
 317         name: 'super user video',
 318         fixture: 'video_short.webm'
 319       }
 320       await server.videos.upload({ token: userToken, attributes })
 321
 322       await server.channels.create({ token: userToken, attributes: { name: 'other_channel' } })
 323     })
 324
 325     it('Should have video quota updated', async function () {
 326       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 327       expect(quota.videoQuotaUsed).to.equal(218910)
 328
 329       const { data } = await server.users.list()
 330       const tmpUser = data.find(u => u.username === user.username)
 331       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 332     })
 333
 334     it('Should be able to list my videos', async function () {
 335       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 336       expect(total).to.equal(1)
 337       expect(data).to.have.lengthOf(1)
 338
 339       const video: Video = data[0]
 340       expect(video.name).to.equal('super user video')
 341       expect(video.thumbnailPath).to.not.be.null
 342       expect(video.previewPath).to.not.be.null
 343     })
 344
 345     it('Should be able to filter by channel in my videos', async function () {
 346       const myInfo = await server.users.getMyInfo({ token: userToken })
 347       const mainChannel = myInfo.videoChannels.find(c => c.name !== 'other_channel')
 348       const otherChannel = myInfo.videoChannels.find(c => c.name === 'other_channel')
 349
 350       {
 351         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: mainChannel.id })
 352         expect(total).to.equal(1)
 353         expect(data).to.have.lengthOf(1)
 354
 355         const video: Video = data[0]
 356         expect(video.name).to.equal('super user video')
 357         expect(video.thumbnailPath).to.not.be.null
 358         expect(video.previewPath).to.not.be.null
 359       }
 360
 361       {
 362         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: otherChannel.id })
 363         expect(total).to.equal(0)
 364         expect(data).to.have.lengthOf(0)
 365       }
 366     })
 367
 368     it('Should be able to search in my videos', async function () {
 369       {
 370         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 371         expect(total).to.equal(1)
 372         expect(data).to.have.lengthOf(1)
 373       }
 374
 375       {
 376         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 377         expect(total).to.equal(0)
 378         expect(data).to.have.lengthOf(0)
 379       }
 380     })
 381
 382     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 383       this.timeout(60000)
 384
 385       {
 386         const config = await server.config.getCustomConfig()
 387         config.transcoding.webtorrent.enabled = false
 388         config.transcoding.hls.enabled = true
 389         config.transcoding.enabled = true
 390         await server.config.updateCustomSubConfig({ newConfig: config })
 391       }
 392
 393       {
 394         const attributes = {
 395           name: 'super user video 2',
 396           fixture: 'video_short.webm'
 397         }
 398         await server.videos.upload({ token: userToken, attributes })
 399
 400         await waitJobs([ server ])
 401       }
 402
 403       {
 404         const data = await server.users.getMyQuotaUsed({ token: userToken })
 405         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 406       }
 407     })
 408   })
 409
 410   describe('Users listing', function () {
 411
 412     it('Should list all the users', async function () {
 413       const { data, total } = await server.users.list()
 414
 415       expect(total).to.equal(2)
 416       expect(data).to.be.an('array')
 417       expect(data.length).to.equal(2)
 418
 419       const user = data[0]
 420       expect(user.username).to.equal('user_1')
 421       expect(user.email).to.equal('user_1@example.com')
 422       expect(user.nsfwPolicy).to.equal('display')
 423
 424       const rootUser = data[1]
 425       expect(rootUser.username).to.equal('root')
 426       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 427       expect(user.nsfwPolicy).to.equal('display')
 428
 429       expect(rootUser.lastLoginDate).to.exist
 430       expect(user.lastLoginDate).to.exist
 431
 432       userId = user.id
 433     })
 434
 435     it('Should list only the first user by username asc', async function () {
 436       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 437
 438       expect(total).to.equal(2)
 439       expect(data.length).to.equal(1)
 440
 441       const user = data[0]
 442       expect(user.username).to.equal('root')
 443       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 444       expect(user.roleLabel).to.equal('Administrator')
 445       expect(user.nsfwPolicy).to.equal('display')
 446     })
 447
 448     it('Should list only the first user by username desc', async function () {
 449       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 450
 451       expect(total).to.equal(2)
 452       expect(data.length).to.equal(1)
 453
 454       const user = data[0]
 455       expect(user.username).to.equal('user_1')
 456       expect(user.email).to.equal('user_1@example.com')
 457       expect(user.nsfwPolicy).to.equal('display')
 458     })
 459
 460     it('Should list only the second user by createdAt desc', async function () {
 461       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 462       expect(total).to.equal(2)
 463
 464       expect(data.length).to.equal(1)
 465
 466       const user = data[0]
 467       expect(user.username).to.equal('user_1')
 468       expect(user.email).to.equal('user_1@example.com')
 469       expect(user.nsfwPolicy).to.equal('display')
 470     })
 471
 472     it('Should list all the users by createdAt asc', async function () {
 473       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 474
 475       expect(total).to.equal(2)
 476       expect(data.length).to.equal(2)
 477
 478       expect(data[0].username).to.equal('root')
 479       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 480       expect(data[0].nsfwPolicy).to.equal('display')
 481
 482       expect(data[1].username).to.equal('user_1')
 483       expect(data[1].email).to.equal('user_1@example.com')
 484       expect(data[1].nsfwPolicy).to.equal('display')
 485     })
 486
 487     it('Should search user by username', async function () {
 488       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 489       expect(total).to.equal(1)
 490       expect(data.length).to.equal(1)
 491       expect(data[0].username).to.equal('root')
 492     })
 493
 494     it('Should search user by email', async function () {
 495       {
 496         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 497         expect(total).to.equal(1)
 498         expect(data.length).to.equal(1)
 499         expect(data[0].username).to.equal('user_1')
 500         expect(data[0].email).to.equal('user_1@example.com')
 501       }
 502
 503       {
 504         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 505         expect(total).to.equal(2)
 506         expect(data.length).to.equal(2)
 507         expect(data[0].username).to.equal('root')
 508         expect(data[1].username).to.equal('user_1')
 509       }
 510     })
 511   })
 512
 513   describe('Update my account', function () {
 514
 515     it('Should update my password', async function () {
 516       await server.users.updateMe({
 517         token: userToken,
 518         currentPassword: 'super password',
 519         password: 'new password'
 520       })
 521       user.password = 'new password'
 522
 523       await server.login.login({ user })
 524     })
 525
 526     it('Should be able to change the NSFW display attribute', async function () {
 527       await server.users.updateMe({
 528         token: userToken,
 529         nsfwPolicy: 'do_not_list'
 530       })
 531
 532       const user = await server.users.getMyInfo({ token: userToken })
 533       expect(user.username).to.equal('user_1')
 534       expect(user.email).to.equal('user_1@example.com')
 535       expect(user.nsfwPolicy).to.equal('do_not_list')
 536       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 537       expect(user.id).to.be.a('number')
 538       expect(user.account.displayName).to.equal('user_1')
 539       expect(user.account.description).to.be.null
 540     })
 541
 542     it('Should be able to change the autoPlayVideo attribute', async function () {
 543       await server.users.updateMe({
 544         token: userToken,
 545         autoPlayVideo: false
 546       })
 547
 548       const user = await server.users.getMyInfo({ token: userToken })
 549       expect(user.autoPlayVideo).to.be.false
 550     })
 551
 552     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 553       await server.users.updateMe({
 554         token: userToken,
 555         autoPlayNextVideo: true
 556       })
 557
 558       const user = await server.users.getMyInfo({ token: userToken })
 559       expect(user.autoPlayNextVideo).to.be.true
 560     })
 561
 562     it('Should be able to change the email attribute', async function () {
 563       await server.users.updateMe({
 564         token: userToken,
 565         currentPassword: 'new password',
 566         email: 'updated@example.com'
 567       })
 568
 569       const user = await server.users.getMyInfo({ token: userToken })
 570       expect(user.username).to.equal('user_1')
 571       expect(user.email).to.equal('updated@example.com')
 572       expect(user.nsfwPolicy).to.equal('do_not_list')
 573       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 574       expect(user.id).to.be.a('number')
 575       expect(user.account.displayName).to.equal('user_1')
 576       expect(user.account.description).to.be.null
 577     })
 578
 579     it('Should be able to update my avatar with a gif', async function () {
 580       const fixture = 'avatar.gif'
 581
 582       await server.users.updateMyAvatar({ token: userToken, fixture })
 583
 584       const user = await server.users.getMyInfo({ token: userToken })
 585       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 586     })
 587
 588     it('Should be able to update my avatar with a gif, and then a png', async function () {
 589       for (const extension of [ '.png', '.gif' ]) {
 590         const fixture = 'avatar' + extension
 591
 592         await server.users.updateMyAvatar({ token: userToken, fixture })
 593
 594         const user = await server.users.getMyInfo({ token: userToken })
 595         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 596       }
 597     })
 598
 599     it('Should be able to update my display name', async function () {
 600       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 601
 602       const user = await server.users.getMyInfo({ token: userToken })
 603       expect(user.username).to.equal('user_1')
 604       expect(user.email).to.equal('updated@example.com')
 605       expect(user.nsfwPolicy).to.equal('do_not_list')
 606       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 607       expect(user.id).to.be.a('number')
 608       expect(user.account.displayName).to.equal('new display name')
 609       expect(user.account.description).to.be.null
 610     })
 611
 612     it('Should be able to update my description', async function () {
 613       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 614
 615       const user = await server.users.getMyInfo({ token: userToken })
 616       expect(user.username).to.equal('user_1')
 617       expect(user.email).to.equal('updated@example.com')
 618       expect(user.nsfwPolicy).to.equal('do_not_list')
 619       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 620       expect(user.id).to.be.a('number')
 621       expect(user.account.displayName).to.equal('new display name')
 622       expect(user.account.description).to.equal('my super description updated')
 623       expect(user.noWelcomeModal).to.be.false
 624       expect(user.noInstanceConfigWarningModal).to.be.false
 625       expect(user.noAccountSetupWarningModal).to.be.false
 626     })
 627
 628     it('Should be able to update my theme', async function () {
 629       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 630         await server.users.updateMe({ token: userToken, theme })
 631
 632         const user = await server.users.getMyInfo({ token: userToken })
 633         expect(user.theme).to.equal(theme)
 634       }
 635     })
 636
 637     it('Should be able to update my modal preferences', async function () {
 638       await server.users.updateMe({
 639         token: userToken,
 640         noInstanceConfigWarningModal: true,
 641         noWelcomeModal: true,
 642         noAccountSetupWarningModal: true
 643       })
 644
 645       const user = await server.users.getMyInfo({ token: userToken })
 646       expect(user.noWelcomeModal).to.be.true
 647       expect(user.noInstanceConfigWarningModal).to.be.true
 648       expect(user.noAccountSetupWarningModal).to.be.true
 649     })
 650   })
 651
 652   describe('Updating another user', function () {
 653     it('Should be able to update another user', async function () {
 654       await server.users.update({
 655         userId,
 656         token,
 657         email: 'updated2@example.com',
 658         emailVerified: true,
 659         videoQuota: 42,
 660         role: UserRole.MODERATOR,
 661         adminFlags: UserAdminFlag.NONE,
 662         pluginAuth: 'toto'
 663       })
 664
 665       const user = await server.users.get({ token, userId })
 666
 667       expect(user.username).to.equal('user_1')
 668       expect(user.email).to.equal('updated2@example.com')
 669       expect(user.emailVerified).to.be.true
 670       expect(user.nsfwPolicy).to.equal('do_not_list')
 671       expect(user.videoQuota).to.equal(42)
 672       expect(user.roleLabel).to.equal('Moderator')
 673       expect(user.id).to.be.a('number')
 674       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 675       expect(user.pluginAuth).to.equal('toto')
 676     })
 677
 678     it('Should reset the auth plugin', async function () {
 679       await server.users.update({ userId, token, pluginAuth: null })
 680
 681       const user = await server.users.get({ token, userId })
 682       expect(user.pluginAuth).to.be.null
 683     })
 684
 685     it('Should have removed the user token', async function () {
 686       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 687
 688       userToken = await server.login.getAccessToken(user)
 689     })
 690
 691     it('Should be able to update another user password', async function () {
 692       await server.users.update({ userId, token, password: 'password updated' })
 693
 694       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 695
 696       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 697
 698       user.password = 'password updated'
 699       userToken = await server.login.getAccessToken(user)
 700     })
 701   })
 702
 703   describe('Video blacklists', function () {
 704     it('Should be able to list video blacklist by a moderator', async function () {
 705       await server.blacklist.list({ token: userToken })
 706     })
 707   })
 708
 709   describe('Remove a user', function () {
 710     it('Should be able to remove this user', async function () {
 711       await server.users.remove({ userId, token })
 712     })
 713
 714     it('Should not be able to login with this user', async function () {
 715       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 716     })
 717
 718     it('Should not have videos of this user', async function () {
 719       const { data, total } = await server.videos.list()
 720       expect(total).to.equal(1)
 721
 722       const video = data[0]
 723       expect(video.account.name).to.equal('root')
 724     })
 725   })
 726
 727   describe('Registering a new user', function () {
 728     let user15AccessToken
 729
 730     it('Should register a new user', async function () {
 731       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 732       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 733
 734       await server.users.register({ ...user, channel })
 735     })
 736
 737     it('Should be able to login with this registered user', async function () {
 738       const user15 = {
 739         username: 'user_15',
 740         password: 'my super password'
 741       }
 742
 743       user15AccessToken = await server.login.getAccessToken(user15)
 744     })
 745
 746     it('Should have the correct display name', async function () {
 747       const user = await server.users.getMyInfo({ token: user15AccessToken })
 748       expect(user.account.displayName).to.equal('super user 15')
 749     })
 750
 751     it('Should have the correct video quota', async function () {
 752       const user = await server.users.getMyInfo({ token: user15AccessToken })
 753       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 754     })
 755
 756     it('Should have created the channel', async function () {
 757       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 758
 759       expect(displayName).to.equal('my channel rocks')
 760     })
 761
 762     it('Should remove me', async function () {
 763       {
 764         const { data } = await server.users.list()
 765         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 766       }
 767
 768       await server.users.deleteMe({ token: user15AccessToken })
 769
 770       {
 771         const { data } = await server.users.list()
 772         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 773       }
 774     })
 775   })
 776
 777   describe('User blocking', function () {
 778     let user16Id
 779     let user16AccessToken
 780     const user16 = {
 781       username: 'user_16',
 782       password: 'my super password'
 783     }
 784
 785     it('Should block a user', async function () {
 786       const user = await server.users.create({ ...user16 })
 787       user16Id = user.id
 788
 789       user16AccessToken = await server.login.getAccessToken(user16)
 790
 791       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 792       await server.users.banUser({ userId: user16Id })
 793
 794       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 795       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 796     })
 797
 798     it('Should search user by banned status', async function () {
 799       {
 800         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 801         expect(total).to.equal(1)
 802         expect(data.length).to.equal(1)
 803
 804         expect(data[0].username).to.equal(user16.username)
 805       }
 806
 807       {
 808         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 809         expect(total).to.equal(1)
 810         expect(data.length).to.equal(1)
 811
 812         expect(data[0].username).to.not.equal(user16.username)
 813       }
 814     })
 815
 816     it('Should unblock a user', async function () {
 817       await server.users.unbanUser({ userId: user16Id })
 818       user16AccessToken = await server.login.getAccessToken(user16)
 819       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 820     })
 821   })
 822
 823   describe('User stats', function () {
 824     let user17Id
 825     let user17AccessToken
 826
 827     it('Should report correct initial statistics about a user', async function () {
 828       const user17 = {
 829         username: 'user_17',
 830         password: 'my super password'
 831       }
 832       const created = await server.users.create({ ...user17 })
 833
 834       user17Id = created.id
 835       user17AccessToken = await server.login.getAccessToken(user17)
 836
 837       const user = await server.users.get({ userId: user17Id, withStats: true })
 838       expect(user.videosCount).to.equal(0)
 839       expect(user.videoCommentsCount).to.equal(0)
 840       expect(user.abusesCount).to.equal(0)
 841       expect(user.abusesCreatedCount).to.equal(0)
 842       expect(user.abusesAcceptedCount).to.equal(0)
 843     })
 844
 845     it('Should report correct videos count', async function () {
 846       const attributes = { name: 'video to test user stats' }
 847       await server.videos.upload({ token: user17AccessToken, attributes })
 848
 849       const { data } = await server.videos.list()
 850       videoId = data.find(video => video.name === attributes.name).id
 851
 852       const user = await server.users.get({ userId: user17Id, withStats: true })
 853       expect(user.videosCount).to.equal(1)
 854     })
 855
 856     it('Should report correct video comments for user', async function () {
 857       const text = 'super comment'
 858       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 859
 860       const user = await server.users.get({ userId: user17Id, withStats: true })
 861       expect(user.videoCommentsCount).to.equal(1)
 862     })
 863
 864     it('Should report correct abuses counts', async function () {
 865       const reason = 'my super bad reason'
 866       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 867
 868       const body1 = await server.abuses.getAdminList()
 869       const abuseId = body1.data[0].id
 870
 871       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 872       expect(user2.abusesCount).to.equal(1) // number of incriminations
 873       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 874
 875       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 876
 877       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 878       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 879     })
 880   })
 881
 882   after(async function () {
 883     await cleanupTests([ server ])
 884   })
 885 })