server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   addVideoCommentThread,
   8   blockUser,
   9   cleanupTests,
  10   closeAllSequelize,
  11   createUser,
  12   deleteMe,
  13   flushAndRunServer,
  14   getAccountRatings,
  15   getBlacklistedVideosList,
  16   getCustomConfig,
  17   getMyUserInformation,
  18   getMyUserVideoQuotaUsed,
  19   getMyUserVideoRating,
  20   getMyVideos,
  21   getUserInformation,
  22   getUsersList,
  23   getUsersListPaginationAndSort,
  24   getVideoChannel,
  25   getVideosList,
  26   installPlugin,
  27   killallServers,
  28   login,
  29   logout,
  30   makePutBodyRequest,
  31   rateVideo,
  32   refreshToken,
  33   registerUserWithChannel,
  34   removeUser,
  35   removeVideo,
  36   reRunServer,
  37   ServerInfo,
  38   setAccessTokensToServers,
  39   setTokenField,
  40   testImage,
  41   unblockUser,
  42   updateCustomSubConfig,
  43   updateMyAvatar,
  44   updateMyUser,
  45   updateUser,
  46   uploadVideo,
  47   userLogin,
  48   waitJobs
  49 } from '@shared/extra-utils'
  50 import { AbuseState, CustomConfig, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  51
  52 const expect = chai.expect
  53
  54 describe('Test users', function () {
  55   let server: ServerInfo
  56   let accessToken: string
  57   let accessTokenUser: string
  58   let videoId: number
  59   let userId: number
  60   const user = {
  61     username: 'user_1',
  62     password: 'super password'
  63   }
  64
  65   before(async function () {
  66     this.timeout(30000)
  67
  68     server = await flushAndRunServer(1, {
  69       rates_limit: {
  70         login: {
  71           max: 30
  72         }
  73       }
  74     })
  75
  76     await setAccessTokensToServers([ server ])
  77
  78     await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
  79   })
  80
  81   describe('OAuth client', function () {
  82     it('Should create a new client')
  83
  84     it('Should return the first client')
  85
  86     it('Should remove the last client')
  87
  88     it('Should not login with an invalid client id', async function () {
  89       const client = { id: 'client', secret: server.client.secret }
  90       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  91
  92       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  93       expect(res.body.error).to.contain('client is invalid')
  94       expect(res.body.type.startsWith('https://')).to.be.true
  95       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  96     })
  97
  98     it('Should not login with an invalid client secret', async function () {
  99       const client = { id: server.client.id, secret: 'coucou' }
 100       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
 101
 102       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
 103       expect(res.body.error).to.contain('client is invalid')
 104       expect(res.body.type.startsWith('https://')).to.be.true
 105       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 106     })
 107   })
 108
 109   describe('Login', function () {
 110
 111     it('Should not login with an invalid username', async function () {
 112       const user = { username: 'captain crochet', password: server.user.password }
 113       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 114
 115       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 116       expect(res.body.error).to.contain('credentials are invalid')
 117       expect(res.body.type.startsWith('https://')).to.be.true
 118       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 119     })
 120
 121     it('Should not login with an invalid password', async function () {
 122       const user = { username: server.user.username, password: 'mew_three' }
 123       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 124
 125       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 126       expect(res.body.error).to.contain('credentials are invalid')
 127       expect(res.body.type.startsWith('https://')).to.be.true
 128       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 129     })
 130
 131     it('Should not be able to upload a video', async function () {
 132       accessToken = 'my_super_token'
 133
 134       const videoAttributes = {}
 135       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 136     })
 137
 138     it('Should not be able to follow', async function () {
 139       accessToken = 'my_super_token'
 140
 141       await server.followsCommand.follow({
 142         targets: [ 'http://example.com' ],
 143         token: accessToken,
 144         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 145       })
 146     })
 147
 148     it('Should not be able to unfollow')
 149
 150     it('Should be able to login', async function () {
 151       const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
 152
 153       accessToken = res.body.access_token
 154     })
 155
 156     it('Should be able to login with an insensitive username', async function () {
 157       const user = { username: 'RoOt', password: server.user.password }
 158       await login(server.url, server.client, user, HttpStatusCode.OK_200)
 159
 160       const user2 = { username: 'rOoT', password: server.user.password }
 161       await login(server.url, server.client, user2, HttpStatusCode.OK_200)
 162
 163       const user3 = { username: 'ROOt', password: server.user.password }
 164       await login(server.url, server.client, user3, HttpStatusCode.OK_200)
 165     })
 166   })
 167
 168   describe('Upload', function () {
 169
 170     it('Should upload the video with the correct token', async function () {
 171       const videoAttributes = {}
 172       await uploadVideo(server.url, accessToken, videoAttributes)
 173       const res = await getVideosList(server.url)
 174       const video = res.body.data[0]
 175
 176       expect(video.account.name).to.equal('root')
 177       videoId = video.id
 178     })
 179
 180     it('Should upload the video again with the correct token', async function () {
 181       const videoAttributes = {}
 182       await uploadVideo(server.url, accessToken, videoAttributes)
 183     })
 184   })
 185
 186   describe('Ratings', function () {
 187
 188     it('Should retrieve a video rating', async function () {
 189       await rateVideo(server.url, accessToken, videoId, 'like')
 190       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 191       const rating = res.body
 192
 193       expect(rating.videoId).to.equal(videoId)
 194       expect(rating.rating).to.equal('like')
 195     })
 196
 197     it('Should retrieve ratings list', async function () {
 198       await rateVideo(server.url, accessToken, videoId, 'like')
 199
 200       const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, HttpStatusCode.OK_200)
 201       const ratings = res.body
 202
 203       expect(ratings.total).to.equal(1)
 204       expect(ratings.data[0].video.id).to.equal(videoId)
 205       expect(ratings.data[0].rating).to.equal('like')
 206     })
 207
 208     it('Should retrieve ratings list by rating type', async function () {
 209       {
 210         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
 211         const ratings = res.body
 212         expect(ratings.data.length).to.equal(1)
 213       }
 214
 215       {
 216         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
 217         const ratings = res.body
 218         expect(ratings.data.length).to.equal(0)
 219       }
 220     })
 221   })
 222
 223   describe('Remove video', function () {
 224     it('Should not be able to remove the video with an incorrect token', async function () {
 225       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 226     })
 227
 228     it('Should not be able to remove the video with the token of another account')
 229
 230     it('Should be able to remove the video with the correct token', async function () {
 231       await removeVideo(server.url, accessToken, videoId)
 232     })
 233   })
 234
 235   describe('Logout', function () {
 236     it('Should logout (revoke token)', async function () {
 237       await logout(server.url, server.accessToken)
 238     })
 239
 240     it('Should not be able to get the user information', async function () {
 241       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 242     })
 243
 244     it('Should not be able to upload a video', async function () {
 245       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 246     })
 247
 248     it('Should not be able to rate a video', async function () {
 249       const path = '/api/v1/videos/'
 250       const data = {
 251         rating: 'likes'
 252       }
 253
 254       const options = {
 255         url: server.url,
 256         path: path + videoId,
 257         token: 'wrong token',
 258         fields: data,
 259         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 260       }
 261       await makePutBodyRequest(options)
 262     })
 263
 264     it('Should be able to login again', async function () {
 265       const res = await login(server.url, server.client, server.user)
 266       server.accessToken = res.body.access_token
 267       server.refreshToken = res.body.refresh_token
 268     })
 269
 270     it('Should be able to get my user information again', async function () {
 271       await getMyUserInformation(server.url, server.accessToken)
 272     })
 273
 274     it('Should have an expired access token', async function () {
 275       this.timeout(15000)
 276
 277       await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 278       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 279
 280       killallServers([ server ])
 281       await reRunServer(server)
 282
 283       await getMyUserInformation(server.url, server.accessToken, 401)
 284     })
 285
 286     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 287       await refreshToken(server, server.refreshToken, 400)
 288     })
 289
 290     it('Should refresh the token', async function () {
 291       this.timeout(15000)
 292
 293       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 294       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 295
 296       killallServers([ server ])
 297       await reRunServer(server)
 298
 299       const res = await refreshToken(server, server.refreshToken)
 300       server.accessToken = res.body.access_token
 301       server.refreshToken = res.body.refresh_token
 302     })
 303
 304     it('Should be able to get my user information again', async function () {
 305       await getMyUserInformation(server.url, server.accessToken)
 306     })
 307   })
 308
 309   describe('Creating a user', function () {
 310
 311     it('Should be able to create a new user', async function () {
 312       await createUser({
 313         url: server.url,
 314         accessToken: accessToken,
 315         username: user.username,
 316         password: user.password,
 317         videoQuota: 2 * 1024 * 1024,
 318         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 319       })
 320     })
 321
 322     it('Should be able to login with this user', async function () {
 323       accessTokenUser = await userLogin(server, user)
 324     })
 325
 326     it('Should be able to get user information', async function () {
 327       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 328       const userMe: MyUser = res1.body
 329
 330       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 331       const userGet: User = res2.body
 332
 333       for (const user of [ userMe, userGet ]) {
 334         expect(user.username).to.equal('user_1')
 335         expect(user.email).to.equal('user_1@example.com')
 336         expect(user.nsfwPolicy).to.equal('display')
 337         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 338         expect(user.roleLabel).to.equal('User')
 339         expect(user.id).to.be.a('number')
 340         expect(user.account.displayName).to.equal('user_1')
 341         expect(user.account.description).to.be.null
 342       }
 343
 344       expect(userMe.adminFlags).to.be.undefined
 345       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 346
 347       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 348       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 349
 350       // Check stats are included with withStats
 351       expect(userGet.videosCount).to.be.a('number')
 352       expect(userGet.videosCount).to.equal(0)
 353       expect(userGet.videoCommentsCount).to.be.a('number')
 354       expect(userGet.videoCommentsCount).to.equal(0)
 355       expect(userGet.abusesCount).to.be.a('number')
 356       expect(userGet.abusesCount).to.equal(0)
 357       expect(userGet.abusesAcceptedCount).to.be.a('number')
 358       expect(userGet.abusesAcceptedCount).to.equal(0)
 359     })
 360   })
 361
 362   describe('My videos & quotas', function () {
 363
 364     it('Should be able to upload a video with this user', async function () {
 365       this.timeout(10000)
 366
 367       const videoAttributes = {
 368         name: 'super user video',
 369         fixture: 'video_short.webm'
 370       }
 371       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 372     })
 373
 374     it('Should have video quota updated', async function () {
 375       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 376       const data = res.body
 377
 378       expect(data.videoQuotaUsed).to.equal(218910)
 379
 380       const resUsers = await getUsersList(server.url, server.accessToken)
 381
 382       const users: User[] = resUsers.body.data
 383       const tmpUser = users.find(u => u.username === user.username)
 384       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 385     })
 386
 387     it('Should be able to list my videos', async function () {
 388       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 389       expect(res.body.total).to.equal(1)
 390
 391       const videos = res.body.data
 392       expect(videos).to.have.lengthOf(1)
 393
 394       const video: Video = videos[0]
 395       expect(video.name).to.equal('super user video')
 396       expect(video.thumbnailPath).to.not.be.null
 397       expect(video.previewPath).to.not.be.null
 398     })
 399
 400     it('Should be able to search in my videos', async function () {
 401       {
 402         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 403         expect(res.body.total).to.equal(1)
 404
 405         const videos = res.body.data
 406         expect(videos).to.have.lengthOf(1)
 407       }
 408
 409       {
 410         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 411         expect(res.body.total).to.equal(0)
 412
 413         const videos = res.body.data
 414         expect(videos).to.have.lengthOf(0)
 415       }
 416     })
 417
 418     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 419       this.timeout(60000)
 420
 421       {
 422         const res = await getCustomConfig(server.url, server.accessToken)
 423         const config = res.body as CustomConfig
 424         config.transcoding.webtorrent.enabled = false
 425         config.transcoding.hls.enabled = true
 426         config.transcoding.enabled = true
 427         await updateCustomSubConfig(server.url, server.accessToken, config)
 428       }
 429
 430       {
 431         const videoAttributes = {
 432           name: 'super user video 2',
 433           fixture: 'video_short.webm'
 434         }
 435         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 436
 437         await waitJobs([ server ])
 438       }
 439
 440       {
 441         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 442         const data = res.body
 443
 444         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 445       }
 446     })
 447   })
 448
 449   describe('Users listing', function () {
 450
 451     it('Should list all the users', async function () {
 452       const res = await getUsersList(server.url, server.accessToken)
 453       const result = res.body
 454       const total = result.total
 455       const users = result.data
 456
 457       expect(total).to.equal(2)
 458       expect(users).to.be.an('array')
 459       expect(users.length).to.equal(2)
 460
 461       const user = users[0]
 462       expect(user.username).to.equal('user_1')
 463       expect(user.email).to.equal('user_1@example.com')
 464       expect(user.nsfwPolicy).to.equal('display')
 465
 466       const rootUser = users[1]
 467       expect(rootUser.username).to.equal('root')
 468       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 469       expect(user.nsfwPolicy).to.equal('display')
 470
 471       expect(rootUser.lastLoginDate).to.exist
 472       expect(user.lastLoginDate).to.exist
 473
 474       userId = user.id
 475     })
 476
 477     it('Should list only the first user by username asc', async function () {
 478       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 479
 480       const result = res.body
 481       const total = result.total
 482       const users = result.data
 483
 484       expect(total).to.equal(2)
 485       expect(users.length).to.equal(1)
 486
 487       const user = users[0]
 488       expect(user.username).to.equal('root')
 489       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 490       expect(user.roleLabel).to.equal('Administrator')
 491       expect(user.nsfwPolicy).to.equal('display')
 492     })
 493
 494     it('Should list only the first user by username desc', async function () {
 495       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 496       const result = res.body
 497       const total = result.total
 498       const users = result.data
 499
 500       expect(total).to.equal(2)
 501       expect(users.length).to.equal(1)
 502
 503       const user = users[0]
 504       expect(user.username).to.equal('user_1')
 505       expect(user.email).to.equal('user_1@example.com')
 506       expect(user.nsfwPolicy).to.equal('display')
 507     })
 508
 509     it('Should list only the second user by createdAt desc', async function () {
 510       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 511       const result = res.body
 512       const total = result.total
 513       const users = result.data
 514
 515       expect(total).to.equal(2)
 516       expect(users.length).to.equal(1)
 517
 518       const user = users[0]
 519       expect(user.username).to.equal('user_1')
 520       expect(user.email).to.equal('user_1@example.com')
 521       expect(user.nsfwPolicy).to.equal('display')
 522     })
 523
 524     it('Should list all the users by createdAt asc', async function () {
 525       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 526       const result = res.body
 527       const total = result.total
 528       const users = result.data
 529
 530       expect(total).to.equal(2)
 531       expect(users.length).to.equal(2)
 532
 533       expect(users[0].username).to.equal('root')
 534       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 535       expect(users[0].nsfwPolicy).to.equal('display')
 536
 537       expect(users[1].username).to.equal('user_1')
 538       expect(users[1].email).to.equal('user_1@example.com')
 539       expect(users[1].nsfwPolicy).to.equal('display')
 540     })
 541
 542     it('Should search user by username', async function () {
 543       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 544       const users = res.body.data as User[]
 545
 546       expect(res.body.total).to.equal(1)
 547       expect(users.length).to.equal(1)
 548
 549       expect(users[0].username).to.equal('root')
 550     })
 551
 552     it('Should search user by email', async function () {
 553       {
 554         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 555         const users = res.body.data as User[]
 556
 557         expect(res.body.total).to.equal(1)
 558         expect(users.length).to.equal(1)
 559
 560         expect(users[0].username).to.equal('user_1')
 561         expect(users[0].email).to.equal('user_1@example.com')
 562       }
 563
 564       {
 565         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 566         const users = res.body.data as User[]
 567
 568         expect(res.body.total).to.equal(2)
 569         expect(users.length).to.equal(2)
 570
 571         expect(users[0].username).to.equal('root')
 572         expect(users[1].username).to.equal('user_1')
 573       }
 574     })
 575   })
 576
 577   describe('Update my account', function () {
 578     it('Should update my password', async function () {
 579       await updateMyUser({
 580         url: server.url,
 581         accessToken: accessTokenUser,
 582         currentPassword: 'super password',
 583         password: 'new password'
 584       })
 585       user.password = 'new password'
 586
 587       await userLogin(server, user, HttpStatusCode.OK_200)
 588     })
 589
 590     it('Should be able to change the NSFW display attribute', async function () {
 591       await updateMyUser({
 592         url: server.url,
 593         accessToken: accessTokenUser,
 594         nsfwPolicy: 'do_not_list'
 595       })
 596
 597       const res = await getMyUserInformation(server.url, accessTokenUser)
 598       const user = res.body
 599
 600       expect(user.username).to.equal('user_1')
 601       expect(user.email).to.equal('user_1@example.com')
 602       expect(user.nsfwPolicy).to.equal('do_not_list')
 603       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 604       expect(user.id).to.be.a('number')
 605       expect(user.account.displayName).to.equal('user_1')
 606       expect(user.account.description).to.be.null
 607     })
 608
 609     it('Should be able to change the autoPlayVideo attribute', async function () {
 610       await updateMyUser({
 611         url: server.url,
 612         accessToken: accessTokenUser,
 613         autoPlayVideo: false
 614       })
 615
 616       const res = await getMyUserInformation(server.url, accessTokenUser)
 617       const user = res.body
 618
 619       expect(user.autoPlayVideo).to.be.false
 620     })
 621
 622     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 623       await updateMyUser({
 624         url: server.url,
 625         accessToken: accessTokenUser,
 626         autoPlayNextVideo: true
 627       })
 628
 629       const res = await getMyUserInformation(server.url, accessTokenUser)
 630       const user = res.body
 631
 632       expect(user.autoPlayNextVideo).to.be.true
 633     })
 634
 635     it('Should be able to change the email attribute', async function () {
 636       await updateMyUser({
 637         url: server.url,
 638         accessToken: accessTokenUser,
 639         currentPassword: 'new password',
 640         email: 'updated@example.com'
 641       })
 642
 643       const res = await getMyUserInformation(server.url, accessTokenUser)
 644       const user = res.body
 645
 646       expect(user.username).to.equal('user_1')
 647       expect(user.email).to.equal('updated@example.com')
 648       expect(user.nsfwPolicy).to.equal('do_not_list')
 649       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 650       expect(user.id).to.be.a('number')
 651       expect(user.account.displayName).to.equal('user_1')
 652       expect(user.account.description).to.be.null
 653     })
 654
 655     it('Should be able to update my avatar with a gif', async function () {
 656       const fixture = 'avatar.gif'
 657
 658       await updateMyAvatar({
 659         url: server.url,
 660         accessToken: accessTokenUser,
 661         fixture
 662       })
 663
 664       const res = await getMyUserInformation(server.url, accessTokenUser)
 665       const user = res.body
 666
 667       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 668     })
 669
 670     it('Should be able to update my avatar with a gif, and then a png', async function () {
 671       for (const extension of [ '.png', '.gif' ]) {
 672         const fixture = 'avatar' + extension
 673
 674         await updateMyAvatar({
 675           url: server.url,
 676           accessToken: accessTokenUser,
 677           fixture
 678         })
 679
 680         const res = await getMyUserInformation(server.url, accessTokenUser)
 681         const user = res.body
 682
 683         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 684       }
 685     })
 686
 687     it('Should be able to update my display name', async function () {
 688       await updateMyUser({
 689         url: server.url,
 690         accessToken: accessTokenUser,
 691         displayName: 'new display name'
 692       })
 693
 694       const res = await getMyUserInformation(server.url, accessTokenUser)
 695       const user = res.body
 696
 697       expect(user.username).to.equal('user_1')
 698       expect(user.email).to.equal('updated@example.com')
 699       expect(user.nsfwPolicy).to.equal('do_not_list')
 700       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 701       expect(user.id).to.be.a('number')
 702       expect(user.account.displayName).to.equal('new display name')
 703       expect(user.account.description).to.be.null
 704     })
 705
 706     it('Should be able to update my description', async function () {
 707       await updateMyUser({
 708         url: server.url,
 709         accessToken: accessTokenUser,
 710         description: 'my super description updated'
 711       })
 712
 713       const res = await getMyUserInformation(server.url, accessTokenUser)
 714       const user: User = res.body
 715
 716       expect(user.username).to.equal('user_1')
 717       expect(user.email).to.equal('updated@example.com')
 718       expect(user.nsfwPolicy).to.equal('do_not_list')
 719       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 720       expect(user.id).to.be.a('number')
 721       expect(user.account.displayName).to.equal('new display name')
 722       expect(user.account.description).to.equal('my super description updated')
 723       expect(user.noWelcomeModal).to.be.false
 724       expect(user.noInstanceConfigWarningModal).to.be.false
 725     })
 726
 727     it('Should be able to update my theme', async function () {
 728       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 729         await updateMyUser({
 730           url: server.url,
 731           accessToken: accessTokenUser,
 732           theme
 733         })
 734
 735         const res = await getMyUserInformation(server.url, accessTokenUser)
 736         const body: User = res.body
 737
 738         expect(body.theme).to.equal(theme)
 739       }
 740     })
 741
 742     it('Should be able to update my modal preferences', async function () {
 743       await updateMyUser({
 744         url: server.url,
 745         accessToken: accessTokenUser,
 746         noInstanceConfigWarningModal: true,
 747         noWelcomeModal: true
 748       })
 749
 750       const res = await getMyUserInformation(server.url, accessTokenUser)
 751       const user: User = res.body
 752
 753       expect(user.noWelcomeModal).to.be.true
 754       expect(user.noInstanceConfigWarningModal).to.be.true
 755     })
 756   })
 757
 758   describe('Updating another user', function () {
 759     it('Should be able to update another user', async function () {
 760       await updateUser({
 761         url: server.url,
 762         userId,
 763         accessToken,
 764         email: 'updated2@example.com',
 765         emailVerified: true,
 766         videoQuota: 42,
 767         role: UserRole.MODERATOR,
 768         adminFlags: UserAdminFlag.NONE,
 769         pluginAuth: 'toto'
 770       })
 771
 772       const res = await getUserInformation(server.url, accessToken, userId)
 773       const user = res.body as User
 774
 775       expect(user.username).to.equal('user_1')
 776       expect(user.email).to.equal('updated2@example.com')
 777       expect(user.emailVerified).to.be.true
 778       expect(user.nsfwPolicy).to.equal('do_not_list')
 779       expect(user.videoQuota).to.equal(42)
 780       expect(user.roleLabel).to.equal('Moderator')
 781       expect(user.id).to.be.a('number')
 782       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 783       expect(user.pluginAuth).to.equal('toto')
 784     })
 785
 786     it('Should reset the auth plugin', async function () {
 787       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 788
 789       const res = await getUserInformation(server.url, accessToken, userId)
 790       const user = res.body as User
 791       expect(user.pluginAuth).to.be.null
 792     })
 793
 794     it('Should have removed the user token', async function () {
 795       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 796
 797       accessTokenUser = await userLogin(server, user)
 798     })
 799
 800     it('Should be able to update another user password', async function () {
 801       await updateUser({
 802         url: server.url,
 803         userId,
 804         accessToken,
 805         password: 'password updated'
 806       })
 807
 808       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 809
 810       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 811
 812       user.password = 'password updated'
 813       accessTokenUser = await userLogin(server, user)
 814     })
 815   })
 816
 817   describe('Video blacklists', function () {
 818     it('Should be able to list video blacklist by a moderator', async function () {
 819       await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
 820     })
 821   })
 822
 823   describe('Remove a user', function () {
 824     it('Should be able to remove this user', async function () {
 825       await removeUser(server.url, userId, accessToken)
 826     })
 827
 828     it('Should not be able to login with this user', async function () {
 829       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 830     })
 831
 832     it('Should not have videos of this user', async function () {
 833       const res = await getVideosList(server.url)
 834
 835       expect(res.body.total).to.equal(1)
 836
 837       const video = res.body.data[0]
 838       expect(video.account.name).to.equal('root')
 839     })
 840   })
 841
 842   describe('Registering a new user', function () {
 843     let user15AccessToken
 844
 845     it('Should register a new user', async function () {
 846       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 847       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 848
 849       await registerUserWithChannel({ url: server.url, user, channel })
 850     })
 851
 852     it('Should be able to login with this registered user', async function () {
 853       const user15 = {
 854         username: 'user_15',
 855         password: 'my super password'
 856       }
 857
 858       user15AccessToken = await userLogin(server, user15)
 859     })
 860
 861     it('Should have the correct display name', async function () {
 862       const res = await getMyUserInformation(server.url, user15AccessToken)
 863       const user: User = res.body
 864
 865       expect(user.account.displayName).to.equal('super user 15')
 866     })
 867
 868     it('Should have the correct video quota', async function () {
 869       const res = await getMyUserInformation(server.url, user15AccessToken)
 870       const user = res.body
 871
 872       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 873     })
 874
 875     it('Should have created the channel', async function () {
 876       const res = await getVideoChannel(server.url, 'my_user_15_channel')
 877
 878       expect(res.body.displayName).to.equal('my channel rocks')
 879     })
 880
 881     it('Should remove me', async function () {
 882       {
 883         const res = await getUsersList(server.url, server.accessToken)
 884         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 885       }
 886
 887       await deleteMe(server.url, user15AccessToken)
 888
 889       {
 890         const res = await getUsersList(server.url, server.accessToken)
 891         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 892       }
 893     })
 894   })
 895
 896   describe('User blocking', function () {
 897     let user16Id
 898     let user16AccessToken
 899     const user16 = {
 900       username: 'user_16',
 901       password: 'my super password'
 902     }
 903
 904     it('Should block a user', async function () {
 905       const resUser = await createUser({
 906         url: server.url,
 907         accessToken: server.accessToken,
 908         username: user16.username,
 909         password: user16.password
 910       })
 911       user16Id = resUser.body.user.id
 912
 913       user16AccessToken = await userLogin(server, user16)
 914
 915       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 916       await blockUser(server.url, user16Id, server.accessToken)
 917
 918       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 919       await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
 920     })
 921
 922     it('Should search user by banned status', async function () {
 923       {
 924         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 925         const users = res.body.data as User[]
 926
 927         expect(res.body.total).to.equal(1)
 928         expect(users.length).to.equal(1)
 929
 930         expect(users[0].username).to.equal(user16.username)
 931       }
 932
 933       {
 934         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 935         const users = res.body.data as User[]
 936
 937         expect(res.body.total).to.equal(1)
 938         expect(users.length).to.equal(1)
 939
 940         expect(users[0].username).to.not.equal(user16.username)
 941       }
 942     })
 943
 944     it('Should unblock a user', async function () {
 945       await unblockUser(server.url, user16Id, server.accessToken)
 946       user16AccessToken = await userLogin(server, user16)
 947       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 948     })
 949   })
 950
 951   describe('User stats', function () {
 952     let user17Id
 953     let user17AccessToken
 954
 955     it('Should report correct initial statistics about a user', async function () {
 956       const user17 = {
 957         username: 'user_17',
 958         password: 'my super password'
 959       }
 960       const resUser = await createUser({
 961         url: server.url,
 962         accessToken: server.accessToken,
 963         username: user17.username,
 964         password: user17.password
 965       })
 966
 967       user17Id = resUser.body.user.id
 968       user17AccessToken = await userLogin(server, user17)
 969
 970       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 971       const user: User = res.body
 972
 973       expect(user.videosCount).to.equal(0)
 974       expect(user.videoCommentsCount).to.equal(0)
 975       expect(user.abusesCount).to.equal(0)
 976       expect(user.abusesCreatedCount).to.equal(0)
 977       expect(user.abusesAcceptedCount).to.equal(0)
 978     })
 979
 980     it('Should report correct videos count', async function () {
 981       const videoAttributes = {
 982         name: 'video to test user stats'
 983       }
 984       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 985       const res1 = await getVideosList(server.url)
 986       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 987
 988       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 989       const user: User = res2.body
 990
 991       expect(user.videosCount).to.equal(1)
 992     })
 993
 994     it('Should report correct video comments for user', async function () {
 995       const text = 'super comment'
 996       await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
 997
 998       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 999       const user: User = res.body
1000
1001       expect(user.videoCommentsCount).to.equal(1)
1002     })
1003
1004     it('Should report correct abuses counts', async function () {
1005       const reason = 'my super bad reason'
1006       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
1007
1008       const body1 = await server.abusesCommand.getAdminList()
1009       const abuseId = body1.data[0].id
1010
1011       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1012       const user2: User = res2.body
1013
1014       expect(user2.abusesCount).to.equal(1) // number of incriminations
1015       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1016
1017       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
1018
1019       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1020       const user3: User = res3.body
1021
1022       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1023     })
1024   })
1025
1026   after(async function () {
1027     await closeAllSequelize([ server ])
1028     await cleanupTests([ server ])
1029   })
1030 })