1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole } from '../../../../shared/index'
12 getBlacklistedVideosList,
14 getMyUserVideoQuotaUsed,
18 getUsersListPaginationAndSort,
36 } from '../../../../shared/extra-utils'
37 import { follow } from '../../../../shared/extra-utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
39 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
57 server = await flushAndRunServer(1)
59 await setAccessTokensToServers([ server ])
62 describe('OAuth client', function () {
63 it('Should create a new client')
65 it('Should return the first client')
67 it('Should remove the last client')
69 it('Should not login with an invalid client id', async function () {
70 const client = { id: 'client', secret: server.client.secret }
71 const res = await login(server.url, client, server.user, 400)
73 expect(res.body.error).to.contain('client is invalid')
76 it('Should not login with an invalid client secret', async function () {
77 const client = { id: server.client.id, secret: 'coucou' }
78 const res = await login(server.url, client, server.user, 400)
80 expect(res.body.error).to.contain('client is invalid')
84 describe('Login', function () {
86 it('Should not login with an invalid username', async function () {
87 const user = { username: 'captain crochet', password: server.user.password }
88 const res = await login(server.url, server.client, user, 400)
90 expect(res.body.error).to.contain('credentials are invalid')
93 it('Should not login with an invalid password', async function () {
94 const user = { username: server.user.username, password: 'mew_three' }
95 const res = await login(server.url, server.client, user, 400)
97 expect(res.body.error).to.contain('credentials are invalid')
100 it('Should not be able to upload a video', async function () {
101 accessToken = 'my_super_token'
103 const videoAttributes = {}
104 await uploadVideo(server.url, accessToken, videoAttributes, 401)
107 it('Should not be able to follow', async function () {
108 accessToken = 'my_super_token'
109 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
112 it('Should not be able to unfollow')
114 it('Should be able to login', async function () {
115 const res = await login(server.url, server.client, server.user, 200)
117 accessToken = res.body.access_token
121 describe('Upload', function () {
123 it('Should upload the video with the correct token', async function () {
124 const videoAttributes = {}
125 await uploadVideo(server.url, accessToken, videoAttributes)
126 const res = await getVideosList(server.url)
127 const video = res.body.data[ 0 ]
129 expect(video.account.name).to.equal('root')
133 it('Should upload the video again with the correct token', async function () {
134 const videoAttributes = {}
135 await uploadVideo(server.url, accessToken, videoAttributes)
139 describe('Ratings', function () {
141 it('Should retrieve a video rating', async function () {
142 await rateVideo(server.url, accessToken, videoId, 'like')
143 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
144 const rating = res.body
146 expect(rating.videoId).to.equal(videoId)
147 expect(rating.rating).to.equal('like')
150 it('Should retrieve ratings list', async function () {
151 await rateVideo(server.url, accessToken, videoId, 'like')
153 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
154 const ratings = res.body
156 expect(ratings.total).to.equal(1)
157 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
158 expect(ratings.data[ 0 ].rating).to.equal('like')
161 it('Should retrieve ratings list by rating type', async function () {
163 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
164 const ratings = res.body
165 expect(ratings.data.length).to.equal(1)
169 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
170 const ratings = res.body
171 expect(ratings.data.length).to.equal(0)
176 describe('Remove video', function () {
177 it('Should not be able to remove the video with an incorrect token', async function () {
178 await removeVideo(server.url, 'bad_token', videoId, 401)
181 it('Should not be able to remove the video with the token of another account')
183 it('Should be able to remove the video with the correct token', async function () {
184 await removeVideo(server.url, accessToken, videoId)
188 describe('Logout', function () {
189 it('Should logout (revoke token)')
191 it('Should not be able to get the user information')
193 it('Should not be able to upload a video')
195 it('Should not be able to remove a video')
197 it('Should not be able to rate a video', async function () {
198 const path = '/api/v1/videos/'
205 path: path + videoId,
206 token: 'wrong token',
208 statusCodeExpected: 401
210 await makePutBodyRequest(options)
213 it('Should be able to login again')
215 it('Should have an expired access token')
217 it('Should refresh the token')
219 it('Should be able to upload a video again')
222 describe('Creating a user', function () {
224 it('Should be able to create a new user', async function () {
227 accessToken: accessToken,
228 username: user.username,
229 password: user.password,
230 videoQuota: 2 * 1024 * 1024,
231 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
235 it('Should be able to login with this user', async function () {
236 accessTokenUser = await userLogin(server, user)
239 it('Should be able to get user information', async function () {
240 const res1 = await getMyUserInformation(server.url, accessTokenUser)
241 const userMe: User = res1.body
243 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
244 const userGet: User = res2.body
246 for (const user of [ userMe, userGet ]) {
247 expect(user.username).to.equal('user_1')
248 expect(user.email).to.equal('user_1@example.com')
249 expect(user.nsfwPolicy).to.equal('display')
250 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
251 expect(user.roleLabel).to.equal('User')
252 expect(user.id).to.be.a('number')
253 expect(user.account.displayName).to.equal('user_1')
254 expect(user.account.description).to.be.null
257 expect(userMe.adminFlags).to.be.undefined
258 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
262 describe('My videos & quotas', function () {
264 it('Should be able to upload a video with this user', async function () {
267 const videoAttributes = {
268 name: 'super user video',
269 fixture: 'video_short.webm'
271 await uploadVideo(server.url, accessTokenUser, videoAttributes)
274 it('Should have video quota updated', async function () {
275 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
276 const data = res.body
278 expect(data.videoQuotaUsed).to.equal(218910)
280 const resUsers = await getUsersList(server.url, server.accessToken)
282 const users: User[] = resUsers.body.data
283 const tmpUser = users.find(u => u.username === user.username)
284 expect(tmpUser.videoQuotaUsed).to.equal(218910)
287 it('Should be able to list my videos', async function () {
288 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
289 expect(res.body.total).to.equal(1)
291 const videos = res.body.data
292 expect(videos).to.have.lengthOf(1)
294 expect(videos[ 0 ].name).to.equal('super user video')
298 describe('Users listing', function () {
300 it('Should list all the users', async function () {
301 const res = await getUsersList(server.url, server.accessToken)
302 const result = res.body
303 const total = result.total
304 const users = result.data
306 expect(total).to.equal(2)
307 expect(users).to.be.an('array')
308 expect(users.length).to.equal(2)
310 const user = users[ 0 ]
311 expect(user.username).to.equal('user_1')
312 expect(user.email).to.equal('user_1@example.com')
313 expect(user.nsfwPolicy).to.equal('display')
315 const rootUser = users[ 1 ]
316 expect(rootUser.username).to.equal('root')
317 expect(rootUser.email).to.equal('admin1@example.com')
318 expect(user.nsfwPolicy).to.equal('display')
323 it('Should list only the first user by username asc', async function () {
324 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
326 const result = res.body
327 const total = result.total
328 const users = result.data
330 expect(total).to.equal(2)
331 expect(users.length).to.equal(1)
333 const user = users[ 0 ]
334 expect(user.username).to.equal('root')
335 expect(user.email).to.equal('admin1@example.com')
336 expect(user.roleLabel).to.equal('Administrator')
337 expect(user.nsfwPolicy).to.equal('display')
340 it('Should list only the first user by username desc', async function () {
341 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
342 const result = res.body
343 const total = result.total
344 const users = result.data
346 expect(total).to.equal(2)
347 expect(users.length).to.equal(1)
349 const user = users[ 0 ]
350 expect(user.username).to.equal('user_1')
351 expect(user.email).to.equal('user_1@example.com')
352 expect(user.nsfwPolicy).to.equal('display')
355 it('Should list only the second user by createdAt desc', async function () {
356 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
357 const result = res.body
358 const total = result.total
359 const users = result.data
361 expect(total).to.equal(2)
362 expect(users.length).to.equal(1)
364 const user = users[ 0 ]
365 expect(user.username).to.equal('user_1')
366 expect(user.email).to.equal('user_1@example.com')
367 expect(user.nsfwPolicy).to.equal('display')
370 it('Should list all the users by createdAt asc', async function () {
371 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
372 const result = res.body
373 const total = result.total
374 const users = result.data
376 expect(total).to.equal(2)
377 expect(users.length).to.equal(2)
379 expect(users[ 0 ].username).to.equal('root')
380 expect(users[ 0 ].email).to.equal('admin1@example.com')
381 expect(users[ 0 ].nsfwPolicy).to.equal('display')
383 expect(users[ 1 ].username).to.equal('user_1')
384 expect(users[ 1 ].email).to.equal('user_1@example.com')
385 expect(users[ 1 ].nsfwPolicy).to.equal('display')
388 it('Should search user by username', async function () {
389 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
390 const users = res.body.data as User[]
392 expect(res.body.total).to.equal(1)
393 expect(users.length).to.equal(1)
395 expect(users[ 0 ].username).to.equal('root')
398 it('Should search user by email', async function () {
400 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
401 const users = res.body.data as User[]
403 expect(res.body.total).to.equal(1)
404 expect(users.length).to.equal(1)
406 expect(users[ 0 ].username).to.equal('user_1')
407 expect(users[ 0 ].email).to.equal('user_1@example.com')
411 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
412 const users = res.body.data as User[]
414 expect(res.body.total).to.equal(2)
415 expect(users.length).to.equal(2)
417 expect(users[ 0 ].username).to.equal('root')
418 expect(users[ 1 ].username).to.equal('user_1')
423 describe('Update my account', function () {
424 it('Should update my password', async function () {
427 accessToken: accessTokenUser,
428 currentPassword: 'super password',
429 newPassword: 'new password'
431 user.password = 'new password'
433 await userLogin(server, user, 200)
436 it('Should be able to change the NSFW display attribute', async function () {
439 accessToken: accessTokenUser,
440 nsfwPolicy: 'do_not_list'
443 const res = await getMyUserInformation(server.url, accessTokenUser)
444 const user = res.body
446 expect(user.username).to.equal('user_1')
447 expect(user.email).to.equal('user_1@example.com')
448 expect(user.nsfwPolicy).to.equal('do_not_list')
449 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
450 expect(user.id).to.be.a('number')
451 expect(user.account.displayName).to.equal('user_1')
452 expect(user.account.description).to.be.null
455 it('Should be able to change the autoPlayVideo attribute', async function () {
458 accessToken: accessTokenUser,
462 const res = await getMyUserInformation(server.url, accessTokenUser)
463 const user = res.body
465 expect(user.autoPlayVideo).to.be.false
468 it('Should be able to change the email display attribute', async function () {
471 accessToken: accessTokenUser,
472 email: 'updated@example.com'
475 const res = await getMyUserInformation(server.url, accessTokenUser)
476 const user = res.body
478 expect(user.username).to.equal('user_1')
479 expect(user.email).to.equal('updated@example.com')
480 expect(user.nsfwPolicy).to.equal('do_not_list')
481 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
482 expect(user.id).to.be.a('number')
483 expect(user.account.displayName).to.equal('user_1')
484 expect(user.account.description).to.be.null
487 it('Should be able to update my avatar', async function () {
488 const fixture = 'avatar.png'
490 await updateMyAvatar({
492 accessToken: accessTokenUser,
496 const res = await getMyUserInformation(server.url, accessTokenUser)
497 const user = res.body
499 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
502 it('Should be able to update my display name', async function () {
505 accessToken: accessTokenUser,
506 displayName: 'new display name'
509 const res = await getMyUserInformation(server.url, accessTokenUser)
510 const user = res.body
512 expect(user.username).to.equal('user_1')
513 expect(user.email).to.equal('updated@example.com')
514 expect(user.nsfwPolicy).to.equal('do_not_list')
515 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
516 expect(user.id).to.be.a('number')
517 expect(user.account.displayName).to.equal('new display name')
518 expect(user.account.description).to.be.null
521 it('Should be able to update my description', async function () {
524 accessToken: accessTokenUser,
525 description: 'my super description updated'
528 const res = await getMyUserInformation(server.url, accessTokenUser)
529 const user = res.body
531 expect(user.username).to.equal('user_1')
532 expect(user.email).to.equal('updated@example.com')
533 expect(user.nsfwPolicy).to.equal('do_not_list')
534 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
535 expect(user.id).to.be.a('number')
536 expect(user.account.displayName).to.equal('new display name')
537 expect(user.account.description).to.equal('my super description updated')
541 describe('Updating another user', function () {
543 it('Should be able to update another user', async function () {
548 email: 'updated2@example.com',
551 role: UserRole.MODERATOR,
552 adminFlags: UserAdminFlag.NONE
555 const res = await getUserInformation(server.url, accessToken, userId)
556 const user = res.body
558 expect(user.username).to.equal('user_1')
559 expect(user.email).to.equal('updated2@example.com')
560 expect(user.emailVerified).to.be.true
561 expect(user.nsfwPolicy).to.equal('do_not_list')
562 expect(user.videoQuota).to.equal(42)
563 expect(user.roleLabel).to.equal('Moderator')
564 expect(user.id).to.be.a('number')
565 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
568 it('Should have removed the user token', async function () {
569 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
571 accessTokenUser = await userLogin(server, user)
574 it('Should be able to update another user password', async function () {
579 password: 'password updated'
582 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
584 await userLogin(server, user, 400)
586 user.password = 'password updated'
587 accessTokenUser = await userLogin(server, user)
591 describe('Video blacklists', function () {
592 it('Should be able to list video blacklist by a moderator', async function () {
593 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
597 describe('Remove a user', function () {
598 it('Should be able to remove this user', async function () {
599 await removeUser(server.url, userId, accessToken)
602 it('Should not be able to login with this user', async function () {
603 await userLogin(server, user, 400)
606 it('Should not have videos of this user', async function () {
607 const res = await getVideosList(server.url)
609 expect(res.body.total).to.equal(1)
611 const video = res.body.data[ 0 ]
612 expect(video.account.name).to.equal('root')
616 describe('Registering a new user', function () {
617 it('Should register a new user', async function () {
618 await registerUser(server.url, 'user_15', 'my super password')
621 it('Should be able to login with this registered user', async function () {
624 password: 'my super password'
627 accessToken = await userLogin(server, user15)
630 it('Should have the correct video quota', async function () {
631 const res = await getMyUserInformation(server.url, accessToken)
632 const user = res.body
634 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
637 it('Should remove me', async function () {
639 const res = await getUsersList(server.url, server.accessToken)
640 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
643 await deleteMe(server.url, accessToken)
646 const res = await getUsersList(server.url, server.accessToken)
647 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
652 describe('User blocking', function () {
653 it('Should block and unblock a user', async function () {
656 password: 'my super password'
658 const resUser = await createUser({
660 accessToken: server.accessToken,
661 username: user16.username,
662 password: user16.password
664 const user16Id = resUser.body.user.id
666 accessToken = await userLogin(server, user16)
668 await getMyUserInformation(server.url, accessToken, 200)
669 await blockUser(server.url, user16Id, server.accessToken)
671 await getMyUserInformation(server.url, accessToken, 401)
672 await userLogin(server, user16, 400)
674 await unblockUser(server.url, user16Id, server.accessToken)
675 accessToken = await userLogin(server, user16)
676 await getMyUserInformation(server.url, accessToken, 200)
681 killallServers([ server ])