server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   addVideoCommentThread,
   8   blockUser,
   9   cleanupTests,
  10   closeAllSequelize,
  11   createUser,
  12   deleteMe,
  13   flushAndRunServer,
  14   getMyUserInformation,
  15   getMyUserVideoQuotaUsed,
  16   getMyUserVideoRating,
  17   getMyVideos,
  18   getUserInformation,
  19   getUsersList,
  20   getUsersListPaginationAndSort,
  21   getVideosList,
  22   killallServers,
  23   login,
  24   logout,
  25   makePutBodyRequest,
  26   rateVideo,
  27   refreshToken,
  28   registerUserWithChannel,
  29   removeUser,
  30   removeVideo,
  31   reRunServer,
  32   ServerInfo,
  33   setAccessTokensToServers,
  34   setTokenField,
  35   testImage,
  36   unblockUser,
  37   updateMyAvatar,
  38   updateMyUser,
  39   updateUser,
  40   uploadVideo,
  41   userLogin,
  42   waitJobs
  43 } from '@shared/extra-utils'
  44 import { AbuseState, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  45
  46 const expect = chai.expect
  47
  48 describe('Test users', function () {
  49   let server: ServerInfo
  50   let accessToken: string
  51   let accessTokenUser: string
  52   let videoId: number
  53   let userId: number
  54   const user = {
  55     username: 'user_1',
  56     password: 'super password'
  57   }
  58
  59   before(async function () {
  60     this.timeout(30000)
  61
  62     server = await flushAndRunServer(1, {
  63       rates_limit: {
  64         login: {
  65           max: 30
  66         }
  67       }
  68     })
  69
  70     await setAccessTokensToServers([ server ])
  71
  72     await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
  73   })
  74
  75   describe('OAuth client', function () {
  76     it('Should create a new client')
  77
  78     it('Should return the first client')
  79
  80     it('Should remove the last client')
  81
  82     it('Should not login with an invalid client id', async function () {
  83       const client = { id: 'client', secret: server.client.secret }
  84       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  85
  86       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  87       expect(res.body.error).to.contain('client is invalid')
  88       expect(res.body.type.startsWith('https://')).to.be.true
  89       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  90     })
  91
  92     it('Should not login with an invalid client secret', async function () {
  93       const client = { id: server.client.id, secret: 'coucou' }
  94       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  95
  96       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  97       expect(res.body.error).to.contain('client is invalid')
  98       expect(res.body.type.startsWith('https://')).to.be.true
  99       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 100     })
 101   })
 102
 103   describe('Login', function () {
 104
 105     it('Should not login with an invalid username', async function () {
 106       const user = { username: 'captain crochet', password: server.user.password }
 107       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 108
 109       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 110       expect(res.body.error).to.contain('credentials are invalid')
 111       expect(res.body.type.startsWith('https://')).to.be.true
 112       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 113     })
 114
 115     it('Should not login with an invalid password', async function () {
 116       const user = { username: server.user.username, password: 'mew_three' }
 117       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 118
 119       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 120       expect(res.body.error).to.contain('credentials are invalid')
 121       expect(res.body.type.startsWith('https://')).to.be.true
 122       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 123     })
 124
 125     it('Should not be able to upload a video', async function () {
 126       accessToken = 'my_super_token'
 127
 128       const videoAttributes = {}
 129       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 130     })
 131
 132     it('Should not be able to follow', async function () {
 133       accessToken = 'my_super_token'
 134
 135       await server.followsCommand.follow({
 136         targets: [ 'http://example.com' ],
 137         token: accessToken,
 138         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 139       })
 140     })
 141
 142     it('Should not be able to unfollow')
 143
 144     it('Should be able to login', async function () {
 145       const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
 146
 147       accessToken = res.body.access_token
 148     })
 149
 150     it('Should be able to login with an insensitive username', async function () {
 151       const user = { username: 'RoOt', password: server.user.password }
 152       await login(server.url, server.client, user, HttpStatusCode.OK_200)
 153
 154       const user2 = { username: 'rOoT', password: server.user.password }
 155       await login(server.url, server.client, user2, HttpStatusCode.OK_200)
 156
 157       const user3 = { username: 'ROOt', password: server.user.password }
 158       await login(server.url, server.client, user3, HttpStatusCode.OK_200)
 159     })
 160   })
 161
 162   describe('Upload', function () {
 163
 164     it('Should upload the video with the correct token', async function () {
 165       const videoAttributes = {}
 166       await uploadVideo(server.url, accessToken, videoAttributes)
 167       const res = await getVideosList(server.url)
 168       const video = res.body.data[0]
 169
 170       expect(video.account.name).to.equal('root')
 171       videoId = video.id
 172     })
 173
 174     it('Should upload the video again with the correct token', async function () {
 175       const videoAttributes = {}
 176       await uploadVideo(server.url, accessToken, videoAttributes)
 177     })
 178   })
 179
 180   describe('Ratings', function () {
 181
 182     it('Should retrieve a video rating', async function () {
 183       await rateVideo(server.url, accessToken, videoId, 'like')
 184       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 185       const rating = res.body
 186
 187       expect(rating.videoId).to.equal(videoId)
 188       expect(rating.rating).to.equal('like')
 189     })
 190
 191     it('Should retrieve ratings list', async function () {
 192       await rateVideo(server.url, accessToken, videoId, 'like')
 193
 194       const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
 195
 196       expect(body.total).to.equal(1)
 197       expect(body.data[0].video.id).to.equal(videoId)
 198       expect(body.data[0].rating).to.equal('like')
 199     })
 200
 201     it('Should retrieve ratings list by rating type', async function () {
 202       {
 203         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
 204         expect(body.data.length).to.equal(1)
 205       }
 206
 207       {
 208         const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
 209         expect(body.data.length).to.equal(0)
 210       }
 211     })
 212   })
 213
 214   describe('Remove video', function () {
 215     it('Should not be able to remove the video with an incorrect token', async function () {
 216       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 217     })
 218
 219     it('Should not be able to remove the video with the token of another account')
 220
 221     it('Should be able to remove the video with the correct token', async function () {
 222       await removeVideo(server.url, accessToken, videoId)
 223     })
 224   })
 225
 226   describe('Logout', function () {
 227     it('Should logout (revoke token)', async function () {
 228       await logout(server.url, server.accessToken)
 229     })
 230
 231     it('Should not be able to get the user information', async function () {
 232       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 233     })
 234
 235     it('Should not be able to upload a video', async function () {
 236       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 237     })
 238
 239     it('Should not be able to rate a video', async function () {
 240       const path = '/api/v1/videos/'
 241       const data = {
 242         rating: 'likes'
 243       }
 244
 245       const options = {
 246         url: server.url,
 247         path: path + videoId,
 248         token: 'wrong token',
 249         fields: data,
 250         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 251       }
 252       await makePutBodyRequest(options)
 253     })
 254
 255     it('Should be able to login again', async function () {
 256       const res = await login(server.url, server.client, server.user)
 257       server.accessToken = res.body.access_token
 258       server.refreshToken = res.body.refresh_token
 259     })
 260
 261     it('Should be able to get my user information again', async function () {
 262       await getMyUserInformation(server.url, server.accessToken)
 263     })
 264
 265     it('Should have an expired access token', async function () {
 266       this.timeout(15000)
 267
 268       await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 269       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 270
 271       killallServers([ server ])
 272       await reRunServer(server)
 273
 274       await getMyUserInformation(server.url, server.accessToken, 401)
 275     })
 276
 277     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 278       await refreshToken(server, server.refreshToken, 400)
 279     })
 280
 281     it('Should refresh the token', async function () {
 282       this.timeout(15000)
 283
 284       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 285       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 286
 287       killallServers([ server ])
 288       await reRunServer(server)
 289
 290       const res = await refreshToken(server, server.refreshToken)
 291       server.accessToken = res.body.access_token
 292       server.refreshToken = res.body.refresh_token
 293     })
 294
 295     it('Should be able to get my user information again', async function () {
 296       await getMyUserInformation(server.url, server.accessToken)
 297     })
 298   })
 299
 300   describe('Creating a user', function () {
 301
 302     it('Should be able to create a new user', async function () {
 303       await createUser({
 304         url: server.url,
 305         accessToken: accessToken,
 306         username: user.username,
 307         password: user.password,
 308         videoQuota: 2 * 1024 * 1024,
 309         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 310       })
 311     })
 312
 313     it('Should be able to login with this user', async function () {
 314       accessTokenUser = await userLogin(server, user)
 315     })
 316
 317     it('Should be able to get user information', async function () {
 318       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 319       const userMe: MyUser = res1.body
 320
 321       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 322       const userGet: User = res2.body
 323
 324       for (const user of [ userMe, userGet ]) {
 325         expect(user.username).to.equal('user_1')
 326         expect(user.email).to.equal('user_1@example.com')
 327         expect(user.nsfwPolicy).to.equal('display')
 328         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 329         expect(user.roleLabel).to.equal('User')
 330         expect(user.id).to.be.a('number')
 331         expect(user.account.displayName).to.equal('user_1')
 332         expect(user.account.description).to.be.null
 333       }
 334
 335       expect(userMe.adminFlags).to.be.undefined
 336       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 337
 338       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 339       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 340
 341       // Check stats are included with withStats
 342       expect(userGet.videosCount).to.be.a('number')
 343       expect(userGet.videosCount).to.equal(0)
 344       expect(userGet.videoCommentsCount).to.be.a('number')
 345       expect(userGet.videoCommentsCount).to.equal(0)
 346       expect(userGet.abusesCount).to.be.a('number')
 347       expect(userGet.abusesCount).to.equal(0)
 348       expect(userGet.abusesAcceptedCount).to.be.a('number')
 349       expect(userGet.abusesAcceptedCount).to.equal(0)
 350     })
 351   })
 352
 353   describe('My videos & quotas', function () {
 354
 355     it('Should be able to upload a video with this user', async function () {
 356       this.timeout(10000)
 357
 358       const videoAttributes = {
 359         name: 'super user video',
 360         fixture: 'video_short.webm'
 361       }
 362       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 363     })
 364
 365     it('Should have video quota updated', async function () {
 366       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 367       const data = res.body
 368
 369       expect(data.videoQuotaUsed).to.equal(218910)
 370
 371       const resUsers = await getUsersList(server.url, server.accessToken)
 372
 373       const users: User[] = resUsers.body.data
 374       const tmpUser = users.find(u => u.username === user.username)
 375       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 376     })
 377
 378     it('Should be able to list my videos', async function () {
 379       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 380       expect(res.body.total).to.equal(1)
 381
 382       const videos = res.body.data
 383       expect(videos).to.have.lengthOf(1)
 384
 385       const video: Video = videos[0]
 386       expect(video.name).to.equal('super user video')
 387       expect(video.thumbnailPath).to.not.be.null
 388       expect(video.previewPath).to.not.be.null
 389     })
 390
 391     it('Should be able to search in my videos', async function () {
 392       {
 393         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 394         expect(res.body.total).to.equal(1)
 395
 396         const videos = res.body.data
 397         expect(videos).to.have.lengthOf(1)
 398       }
 399
 400       {
 401         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 402         expect(res.body.total).to.equal(0)
 403
 404         const videos = res.body.data
 405         expect(videos).to.have.lengthOf(0)
 406       }
 407     })
 408
 409     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 410       this.timeout(60000)
 411
 412       {
 413         const config = await server.configCommand.getCustomConfig()
 414         config.transcoding.webtorrent.enabled = false
 415         config.transcoding.hls.enabled = true
 416         config.transcoding.enabled = true
 417         await server.configCommand.updateCustomSubConfig({ newConfig: config })
 418       }
 419
 420       {
 421         const videoAttributes = {
 422           name: 'super user video 2',
 423           fixture: 'video_short.webm'
 424         }
 425         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 426
 427         await waitJobs([ server ])
 428       }
 429
 430       {
 431         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 432         const data = res.body
 433
 434         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 435       }
 436     })
 437   })
 438
 439   describe('Users listing', function () {
 440
 441     it('Should list all the users', async function () {
 442       const res = await getUsersList(server.url, server.accessToken)
 443       const result = res.body
 444       const total = result.total
 445       const users = result.data
 446
 447       expect(total).to.equal(2)
 448       expect(users).to.be.an('array')
 449       expect(users.length).to.equal(2)
 450
 451       const user = users[0]
 452       expect(user.username).to.equal('user_1')
 453       expect(user.email).to.equal('user_1@example.com')
 454       expect(user.nsfwPolicy).to.equal('display')
 455
 456       const rootUser = users[1]
 457       expect(rootUser.username).to.equal('root')
 458       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 459       expect(user.nsfwPolicy).to.equal('display')
 460
 461       expect(rootUser.lastLoginDate).to.exist
 462       expect(user.lastLoginDate).to.exist
 463
 464       userId = user.id
 465     })
 466
 467     it('Should list only the first user by username asc', async function () {
 468       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 469
 470       const result = res.body
 471       const total = result.total
 472       const users = result.data
 473
 474       expect(total).to.equal(2)
 475       expect(users.length).to.equal(1)
 476
 477       const user = users[0]
 478       expect(user.username).to.equal('root')
 479       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 480       expect(user.roleLabel).to.equal('Administrator')
 481       expect(user.nsfwPolicy).to.equal('display')
 482     })
 483
 484     it('Should list only the first user by username desc', async function () {
 485       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 486       const result = res.body
 487       const total = result.total
 488       const users = result.data
 489
 490       expect(total).to.equal(2)
 491       expect(users.length).to.equal(1)
 492
 493       const user = users[0]
 494       expect(user.username).to.equal('user_1')
 495       expect(user.email).to.equal('user_1@example.com')
 496       expect(user.nsfwPolicy).to.equal('display')
 497     })
 498
 499     it('Should list only the second user by createdAt desc', async function () {
 500       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 501       const result = res.body
 502       const total = result.total
 503       const users = result.data
 504
 505       expect(total).to.equal(2)
 506       expect(users.length).to.equal(1)
 507
 508       const user = users[0]
 509       expect(user.username).to.equal('user_1')
 510       expect(user.email).to.equal('user_1@example.com')
 511       expect(user.nsfwPolicy).to.equal('display')
 512     })
 513
 514     it('Should list all the users by createdAt asc', async function () {
 515       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 516       const result = res.body
 517       const total = result.total
 518       const users = result.data
 519
 520       expect(total).to.equal(2)
 521       expect(users.length).to.equal(2)
 522
 523       expect(users[0].username).to.equal('root')
 524       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 525       expect(users[0].nsfwPolicy).to.equal('display')
 526
 527       expect(users[1].username).to.equal('user_1')
 528       expect(users[1].email).to.equal('user_1@example.com')
 529       expect(users[1].nsfwPolicy).to.equal('display')
 530     })
 531
 532     it('Should search user by username', async function () {
 533       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 534       const users = res.body.data as User[]
 535
 536       expect(res.body.total).to.equal(1)
 537       expect(users.length).to.equal(1)
 538
 539       expect(users[0].username).to.equal('root')
 540     })
 541
 542     it('Should search user by email', async function () {
 543       {
 544         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 545         const users = res.body.data as User[]
 546
 547         expect(res.body.total).to.equal(1)
 548         expect(users.length).to.equal(1)
 549
 550         expect(users[0].username).to.equal('user_1')
 551         expect(users[0].email).to.equal('user_1@example.com')
 552       }
 553
 554       {
 555         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 556         const users = res.body.data as User[]
 557
 558         expect(res.body.total).to.equal(2)
 559         expect(users.length).to.equal(2)
 560
 561         expect(users[0].username).to.equal('root')
 562         expect(users[1].username).to.equal('user_1')
 563       }
 564     })
 565   })
 566
 567   describe('Update my account', function () {
 568     it('Should update my password', async function () {
 569       await updateMyUser({
 570         url: server.url,
 571         accessToken: accessTokenUser,
 572         currentPassword: 'super password',
 573         password: 'new password'
 574       })
 575       user.password = 'new password'
 576
 577       await userLogin(server, user, HttpStatusCode.OK_200)
 578     })
 579
 580     it('Should be able to change the NSFW display attribute', async function () {
 581       await updateMyUser({
 582         url: server.url,
 583         accessToken: accessTokenUser,
 584         nsfwPolicy: 'do_not_list'
 585       })
 586
 587       const res = await getMyUserInformation(server.url, accessTokenUser)
 588       const user = res.body
 589
 590       expect(user.username).to.equal('user_1')
 591       expect(user.email).to.equal('user_1@example.com')
 592       expect(user.nsfwPolicy).to.equal('do_not_list')
 593       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 594       expect(user.id).to.be.a('number')
 595       expect(user.account.displayName).to.equal('user_1')
 596       expect(user.account.description).to.be.null
 597     })
 598
 599     it('Should be able to change the autoPlayVideo attribute', async function () {
 600       await updateMyUser({
 601         url: server.url,
 602         accessToken: accessTokenUser,
 603         autoPlayVideo: false
 604       })
 605
 606       const res = await getMyUserInformation(server.url, accessTokenUser)
 607       const user = res.body
 608
 609       expect(user.autoPlayVideo).to.be.false
 610     })
 611
 612     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 613       await updateMyUser({
 614         url: server.url,
 615         accessToken: accessTokenUser,
 616         autoPlayNextVideo: true
 617       })
 618
 619       const res = await getMyUserInformation(server.url, accessTokenUser)
 620       const user = res.body
 621
 622       expect(user.autoPlayNextVideo).to.be.true
 623     })
 624
 625     it('Should be able to change the email attribute', async function () {
 626       await updateMyUser({
 627         url: server.url,
 628         accessToken: accessTokenUser,
 629         currentPassword: 'new password',
 630         email: 'updated@example.com'
 631       })
 632
 633       const res = await getMyUserInformation(server.url, accessTokenUser)
 634       const user = res.body
 635
 636       expect(user.username).to.equal('user_1')
 637       expect(user.email).to.equal('updated@example.com')
 638       expect(user.nsfwPolicy).to.equal('do_not_list')
 639       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 640       expect(user.id).to.be.a('number')
 641       expect(user.account.displayName).to.equal('user_1')
 642       expect(user.account.description).to.be.null
 643     })
 644
 645     it('Should be able to update my avatar with a gif', async function () {
 646       const fixture = 'avatar.gif'
 647
 648       await updateMyAvatar({
 649         url: server.url,
 650         accessToken: accessTokenUser,
 651         fixture
 652       })
 653
 654       const res = await getMyUserInformation(server.url, accessTokenUser)
 655       const user = res.body
 656
 657       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 658     })
 659
 660     it('Should be able to update my avatar with a gif, and then a png', async function () {
 661       for (const extension of [ '.png', '.gif' ]) {
 662         const fixture = 'avatar' + extension
 663
 664         await updateMyAvatar({
 665           url: server.url,
 666           accessToken: accessTokenUser,
 667           fixture
 668         })
 669
 670         const res = await getMyUserInformation(server.url, accessTokenUser)
 671         const user = res.body
 672
 673         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 674       }
 675     })
 676
 677     it('Should be able to update my display name', async function () {
 678       await updateMyUser({
 679         url: server.url,
 680         accessToken: accessTokenUser,
 681         displayName: 'new display name'
 682       })
 683
 684       const res = await getMyUserInformation(server.url, accessTokenUser)
 685       const user = res.body
 686
 687       expect(user.username).to.equal('user_1')
 688       expect(user.email).to.equal('updated@example.com')
 689       expect(user.nsfwPolicy).to.equal('do_not_list')
 690       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 691       expect(user.id).to.be.a('number')
 692       expect(user.account.displayName).to.equal('new display name')
 693       expect(user.account.description).to.be.null
 694     })
 695
 696     it('Should be able to update my description', async function () {
 697       await updateMyUser({
 698         url: server.url,
 699         accessToken: accessTokenUser,
 700         description: 'my super description updated'
 701       })
 702
 703       const res = await getMyUserInformation(server.url, accessTokenUser)
 704       const user: User = res.body
 705
 706       expect(user.username).to.equal('user_1')
 707       expect(user.email).to.equal('updated@example.com')
 708       expect(user.nsfwPolicy).to.equal('do_not_list')
 709       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 710       expect(user.id).to.be.a('number')
 711       expect(user.account.displayName).to.equal('new display name')
 712       expect(user.account.description).to.equal('my super description updated')
 713       expect(user.noWelcomeModal).to.be.false
 714       expect(user.noInstanceConfigWarningModal).to.be.false
 715     })
 716
 717     it('Should be able to update my theme', async function () {
 718       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 719         await updateMyUser({
 720           url: server.url,
 721           accessToken: accessTokenUser,
 722           theme
 723         })
 724
 725         const res = await getMyUserInformation(server.url, accessTokenUser)
 726         const body: User = res.body
 727
 728         expect(body.theme).to.equal(theme)
 729       }
 730     })
 731
 732     it('Should be able to update my modal preferences', async function () {
 733       await updateMyUser({
 734         url: server.url,
 735         accessToken: accessTokenUser,
 736         noInstanceConfigWarningModal: true,
 737         noWelcomeModal: true
 738       })
 739
 740       const res = await getMyUserInformation(server.url, accessTokenUser)
 741       const user: User = res.body
 742
 743       expect(user.noWelcomeModal).to.be.true
 744       expect(user.noInstanceConfigWarningModal).to.be.true
 745     })
 746   })
 747
 748   describe('Updating another user', function () {
 749     it('Should be able to update another user', async function () {
 750       await updateUser({
 751         url: server.url,
 752         userId,
 753         accessToken,
 754         email: 'updated2@example.com',
 755         emailVerified: true,
 756         videoQuota: 42,
 757         role: UserRole.MODERATOR,
 758         adminFlags: UserAdminFlag.NONE,
 759         pluginAuth: 'toto'
 760       })
 761
 762       const res = await getUserInformation(server.url, accessToken, userId)
 763       const user = res.body as User
 764
 765       expect(user.username).to.equal('user_1')
 766       expect(user.email).to.equal('updated2@example.com')
 767       expect(user.emailVerified).to.be.true
 768       expect(user.nsfwPolicy).to.equal('do_not_list')
 769       expect(user.videoQuota).to.equal(42)
 770       expect(user.roleLabel).to.equal('Moderator')
 771       expect(user.id).to.be.a('number')
 772       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 773       expect(user.pluginAuth).to.equal('toto')
 774     })
 775
 776     it('Should reset the auth plugin', async function () {
 777       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 778
 779       const res = await getUserInformation(server.url, accessToken, userId)
 780       const user = res.body as User
 781       expect(user.pluginAuth).to.be.null
 782     })
 783
 784     it('Should have removed the user token', async function () {
 785       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 786
 787       accessTokenUser = await userLogin(server, user)
 788     })
 789
 790     it('Should be able to update another user password', async function () {
 791       await updateUser({
 792         url: server.url,
 793         userId,
 794         accessToken,
 795         password: 'password updated'
 796       })
 797
 798       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 799
 800       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 801
 802       user.password = 'password updated'
 803       accessTokenUser = await userLogin(server, user)
 804     })
 805   })
 806
 807   describe('Video blacklists', function () {
 808     it('Should be able to list video blacklist by a moderator', async function () {
 809       await server.blacklistCommand.list({ token: accessTokenUser })
 810     })
 811   })
 812
 813   describe('Remove a user', function () {
 814     it('Should be able to remove this user', async function () {
 815       await removeUser(server.url, userId, accessToken)
 816     })
 817
 818     it('Should not be able to login with this user', async function () {
 819       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 820     })
 821
 822     it('Should not have videos of this user', async function () {
 823       const res = await getVideosList(server.url)
 824
 825       expect(res.body.total).to.equal(1)
 826
 827       const video = res.body.data[0]
 828       expect(video.account.name).to.equal('root')
 829     })
 830   })
 831
 832   describe('Registering a new user', function () {
 833     let user15AccessToken
 834
 835     it('Should register a new user', async function () {
 836       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 837       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 838
 839       await registerUserWithChannel({ url: server.url, user, channel })
 840     })
 841
 842     it('Should be able to login with this registered user', async function () {
 843       const user15 = {
 844         username: 'user_15',
 845         password: 'my super password'
 846       }
 847
 848       user15AccessToken = await userLogin(server, user15)
 849     })
 850
 851     it('Should have the correct display name', async function () {
 852       const res = await getMyUserInformation(server.url, user15AccessToken)
 853       const user: User = res.body
 854
 855       expect(user.account.displayName).to.equal('super user 15')
 856     })
 857
 858     it('Should have the correct video quota', async function () {
 859       const res = await getMyUserInformation(server.url, user15AccessToken)
 860       const user = res.body
 861
 862       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 863     })
 864
 865     it('Should have created the channel', async function () {
 866       const { displayName } = await server.channelsCommand.get({ channelName: 'my_user_15_channel' })
 867
 868       expect(displayName).to.equal('my channel rocks')
 869     })
 870
 871     it('Should remove me', async function () {
 872       {
 873         const res = await getUsersList(server.url, server.accessToken)
 874         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 875       }
 876
 877       await deleteMe(server.url, user15AccessToken)
 878
 879       {
 880         const res = await getUsersList(server.url, server.accessToken)
 881         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 882       }
 883     })
 884   })
 885
 886   describe('User blocking', function () {
 887     let user16Id
 888     let user16AccessToken
 889     const user16 = {
 890       username: 'user_16',
 891       password: 'my super password'
 892     }
 893
 894     it('Should block a user', async function () {
 895       const resUser = await createUser({
 896         url: server.url,
 897         accessToken: server.accessToken,
 898         username: user16.username,
 899         password: user16.password
 900       })
 901       user16Id = resUser.body.user.id
 902
 903       user16AccessToken = await userLogin(server, user16)
 904
 905       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 906       await blockUser(server.url, user16Id, server.accessToken)
 907
 908       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 909       await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
 910     })
 911
 912     it('Should search user by banned status', async function () {
 913       {
 914         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 915         const users = res.body.data as User[]
 916
 917         expect(res.body.total).to.equal(1)
 918         expect(users.length).to.equal(1)
 919
 920         expect(users[0].username).to.equal(user16.username)
 921       }
 922
 923       {
 924         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 925         const users = res.body.data as User[]
 926
 927         expect(res.body.total).to.equal(1)
 928         expect(users.length).to.equal(1)
 929
 930         expect(users[0].username).to.not.equal(user16.username)
 931       }
 932     })
 933
 934     it('Should unblock a user', async function () {
 935       await unblockUser(server.url, user16Id, server.accessToken)
 936       user16AccessToken = await userLogin(server, user16)
 937       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 938     })
 939   })
 940
 941   describe('User stats', function () {
 942     let user17Id
 943     let user17AccessToken
 944
 945     it('Should report correct initial statistics about a user', async function () {
 946       const user17 = {
 947         username: 'user_17',
 948         password: 'my super password'
 949       }
 950       const resUser = await createUser({
 951         url: server.url,
 952         accessToken: server.accessToken,
 953         username: user17.username,
 954         password: user17.password
 955       })
 956
 957       user17Id = resUser.body.user.id
 958       user17AccessToken = await userLogin(server, user17)
 959
 960       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 961       const user: User = res.body
 962
 963       expect(user.videosCount).to.equal(0)
 964       expect(user.videoCommentsCount).to.equal(0)
 965       expect(user.abusesCount).to.equal(0)
 966       expect(user.abusesCreatedCount).to.equal(0)
 967       expect(user.abusesAcceptedCount).to.equal(0)
 968     })
 969
 970     it('Should report correct videos count', async function () {
 971       const videoAttributes = {
 972         name: 'video to test user stats'
 973       }
 974       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 975       const res1 = await getVideosList(server.url)
 976       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 977
 978       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 979       const user: User = res2.body
 980
 981       expect(user.videosCount).to.equal(1)
 982     })
 983
 984     it('Should report correct video comments for user', async function () {
 985       const text = 'super comment'
 986       await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
 987
 988       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 989       const user: User = res.body
 990
 991       expect(user.videoCommentsCount).to.equal(1)
 992     })
 993
 994     it('Should report correct abuses counts', async function () {
 995       const reason = 'my super bad reason'
 996       await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
 997
 998       const body1 = await server.abusesCommand.getAdminList()
 999       const abuseId = body1.data[0].id
1000
1001       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1002       const user2: User = res2.body
1003
1004       expect(user2.abusesCount).to.equal(1) // number of incriminations
1005       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1006
1007       await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
1008
1009       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1010       const user3: User = res3.body
1011
1012       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1013     })
1014   })
1015
1016   after(async function () {
1017     await closeAllSequelize([ server ])
1018     await cleanupTests([ server ])
1019   })
1020 })