server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   cleanupTests,
   8   createSingleServer,
   9   killallServers,
  10   makePutBodyRequest,
  11   PeerTubeServer,
  12   setAccessTokensToServers,
  13   testImage,
  14   waitJobs
  15 } from '@shared/extra-utils'
  16 import { AbuseState, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  17
  18 const expect = chai.expect
  19
  20 describe('Test users', function () {
  21   let server: PeerTubeServer
  22   let token: string
  23   let userToken: string
  24   let videoId: number
  25   let userId: number
  26   const user = {
  27     username: 'user_1',
  28     password: 'super password'
  29   }
  30
  31   before(async function () {
  32     this.timeout(30000)
  33
  34     server = await createSingleServer(1, {
  35       rates_limit: {
  36         login: {
  37           max: 30
  38         }
  39       }
  40     })
  41
  42     await setAccessTokensToServers([ server ])
  43
  44     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  45   })
  46
  47   describe('OAuth client', function () {
  48     it('Should create a new client')
  49
  50     it('Should return the first client')
  51
  52     it('Should remove the last client')
  53
  54     it('Should not login with an invalid client id', async function () {
  55       const client = { id: 'client', secret: server.store.client.secret }
  56       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  57
  58       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  59       expect(body.error).to.contain('client is invalid')
  60       expect(body.type.startsWith('https://')).to.be.true
  61       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  62     })
  63
  64     it('Should not login with an invalid client secret', async function () {
  65       const client = { id: server.store.client.id, secret: 'coucou' }
  66       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  67
  68       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  69       expect(body.error).to.contain('client is invalid')
  70       expect(body.type.startsWith('https://')).to.be.true
  71       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  72     })
  73   })
  74
  75   describe('Login', function () {
  76
  77     it('Should not login with an invalid username', async function () {
  78       const user = { username: 'captain crochet', password: server.store.user.password }
  79       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  80
  81       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  82       expect(body.error).to.contain('credentials are invalid')
  83       expect(body.type.startsWith('https://')).to.be.true
  84       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  85     })
  86
  87     it('Should not login with an invalid password', async function () {
  88       const user = { username: server.store.user.username, password: 'mew_three' }
  89       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  90
  91       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  92       expect(body.error).to.contain('credentials are invalid')
  93       expect(body.type.startsWith('https://')).to.be.true
  94       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  95     })
  96
  97     it('Should not be able to upload a video', async function () {
  98       token = 'my_super_token'
  99
 100       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 101     })
 102
 103     it('Should not be able to follow', async function () {
 104       token = 'my_super_token'
 105
 106       await server.follows.follow({
 107         targets: [ 'http://example.com' ],
 108         token,
 109         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 110       })
 111     })
 112
 113     it('Should not be able to unfollow')
 114
 115     it('Should be able to login', async function () {
 116       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 117
 118       token = body.access_token
 119     })
 120
 121     it('Should be able to login with an insensitive username', async function () {
 122       const user = { username: 'RoOt', password: server.store.user.password }
 123       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 124
 125       const user2 = { username: 'rOoT', password: server.store.user.password }
 126       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 127
 128       const user3 = { username: 'ROOt', password: server.store.user.password }
 129       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 130     })
 131   })
 132
 133   describe('Upload', function () {
 134
 135     it('Should upload the video with the correct token', async function () {
 136       await server.videos.upload({ token })
 137       const { data } = await server.videos.list()
 138       const video = data[0]
 139
 140       expect(video.account.name).to.equal('root')
 141       videoId = video.id
 142     })
 143
 144     it('Should upload the video again with the correct token', async function () {
 145       await server.videos.upload({ token })
 146     })
 147   })
 148
 149   describe('Ratings', function () {
 150
 151     it('Should retrieve a video rating', async function () {
 152       await server.videos.rate({ id: videoId, rating: 'like' })
 153       const rating = await server.users.getMyRating({ token, videoId })
 154
 155       expect(rating.videoId).to.equal(videoId)
 156       expect(rating.rating).to.equal('like')
 157     })
 158
 159     it('Should retrieve ratings list', async function () {
 160       await server.videos.rate({ id: videoId, rating: 'like' })
 161
 162       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 163
 164       expect(body.total).to.equal(1)
 165       expect(body.data[0].video.id).to.equal(videoId)
 166       expect(body.data[0].rating).to.equal('like')
 167     })
 168
 169     it('Should retrieve ratings list by rating type', async function () {
 170       {
 171         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 172         expect(body.data.length).to.equal(1)
 173       }
 174
 175       {
 176         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 177         expect(body.data.length).to.equal(0)
 178       }
 179     })
 180   })
 181
 182   describe('Remove video', function () {
 183     it('Should not be able to remove the video with an incorrect token', async function () {
 184       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 185     })
 186
 187     it('Should not be able to remove the video with the token of another account')
 188
 189     it('Should be able to remove the video with the correct token', async function () {
 190       await server.videos.remove({ token, id: videoId })
 191     })
 192   })
 193
 194   describe('Logout', function () {
 195     it('Should logout (revoke token)', async function () {
 196       await server.login.logout({ token: server.accessToken })
 197     })
 198
 199     it('Should not be able to get the user information', async function () {
 200       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 201     })
 202
 203     it('Should not be able to upload a video', async function () {
 204       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 205     })
 206
 207     it('Should not be able to rate a video', async function () {
 208       const path = '/api/v1/videos/'
 209       const data = {
 210         rating: 'likes'
 211       }
 212
 213       const options = {
 214         url: server.url,
 215         path: path + videoId,
 216         token: 'wrong token',
 217         fields: data,
 218         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 219       }
 220       await makePutBodyRequest(options)
 221     })
 222
 223     it('Should be able to login again', async function () {
 224       const body = await server.login.login()
 225       server.accessToken = body.access_token
 226       server.refreshToken = body.refresh_token
 227     })
 228
 229     it('Should be able to get my user information again', async function () {
 230       await server.users.getMyInfo()
 231     })
 232
 233     it('Should have an expired access token', async function () {
 234       this.timeout(15000)
 235
 236       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 237       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 238
 239       await killallServers([ server ])
 240       await server.run()
 241
 242       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 243     })
 244
 245     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 246       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 247     })
 248
 249     it('Should refresh the token', async function () {
 250       this.timeout(15000)
 251
 252       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 253       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 254
 255       await killallServers([ server ])
 256       await server.run()
 257
 258       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 259       server.accessToken = res.body.access_token
 260       server.refreshToken = res.body.refresh_token
 261     })
 262
 263     it('Should be able to get my user information again', async function () {
 264       await server.users.getMyInfo()
 265     })
 266   })
 267
 268   describe('Creating a user', function () {
 269
 270     it('Should be able to create a new user', async function () {
 271       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 272     })
 273
 274     it('Should be able to login with this user', async function () {
 275       userToken = await server.login.getAccessToken(user)
 276     })
 277
 278     it('Should be able to get user information', async function () {
 279       const userMe = await server.users.getMyInfo({ token: userToken })
 280
 281       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 282
 283       for (const user of [ userMe, userGet ]) {
 284         expect(user.username).to.equal('user_1')
 285         expect(user.email).to.equal('user_1@example.com')
 286         expect(user.nsfwPolicy).to.equal('display')
 287         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 288         expect(user.roleLabel).to.equal('User')
 289         expect(user.id).to.be.a('number')
 290         expect(user.account.displayName).to.equal('user_1')
 291         expect(user.account.description).to.be.null
 292       }
 293
 294       expect(userMe.adminFlags).to.be.undefined
 295       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 296
 297       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 298       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 299
 300       // Check stats are included with withStats
 301       expect(userGet.videosCount).to.be.a('number')
 302       expect(userGet.videosCount).to.equal(0)
 303       expect(userGet.videoCommentsCount).to.be.a('number')
 304       expect(userGet.videoCommentsCount).to.equal(0)
 305       expect(userGet.abusesCount).to.be.a('number')
 306       expect(userGet.abusesCount).to.equal(0)
 307       expect(userGet.abusesAcceptedCount).to.be.a('number')
 308       expect(userGet.abusesAcceptedCount).to.equal(0)
 309     })
 310   })
 311
 312   describe('My videos & quotas', function () {
 313
 314     it('Should be able to upload a video with this user', async function () {
 315       this.timeout(10000)
 316
 317       const attributes = {
 318         name: 'super user video',
 319         fixture: 'video_short.webm'
 320       }
 321       await server.videos.upload({ token: userToken, attributes })
 322     })
 323
 324     it('Should have video quota updated', async function () {
 325       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 326       expect(quota.videoQuotaUsed).to.equal(218910)
 327
 328       const { data } = await server.users.list()
 329       const tmpUser = data.find(u => u.username === user.username)
 330       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 331     })
 332
 333     it('Should be able to list my videos', async function () {
 334       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 335       expect(total).to.equal(1)
 336       expect(data).to.have.lengthOf(1)
 337
 338       const video: Video = data[0]
 339       expect(video.name).to.equal('super user video')
 340       expect(video.thumbnailPath).to.not.be.null
 341       expect(video.previewPath).to.not.be.null
 342     })
 343
 344     it('Should be able to search in my videos', async function () {
 345       {
 346         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 347         expect(total).to.equal(1)
 348         expect(data).to.have.lengthOf(1)
 349       }
 350
 351       {
 352         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 353         expect(total).to.equal(0)
 354         expect(data).to.have.lengthOf(0)
 355       }
 356     })
 357
 358     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 359       this.timeout(60000)
 360
 361       {
 362         const config = await server.config.getCustomConfig()
 363         config.transcoding.webtorrent.enabled = false
 364         config.transcoding.hls.enabled = true
 365         config.transcoding.enabled = true
 366         await server.config.updateCustomSubConfig({ newConfig: config })
 367       }
 368
 369       {
 370         const attributes = {
 371           name: 'super user video 2',
 372           fixture: 'video_short.webm'
 373         }
 374         await server.videos.upload({ token: userToken, attributes })
 375
 376         await waitJobs([ server ])
 377       }
 378
 379       {
 380         const data = await server.users.getMyQuotaUsed({ token: userToken })
 381         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 382       }
 383     })
 384   })
 385
 386   describe('Users listing', function () {
 387
 388     it('Should list all the users', async function () {
 389       const { data, total } = await server.users.list()
 390
 391       expect(total).to.equal(2)
 392       expect(data).to.be.an('array')
 393       expect(data.length).to.equal(2)
 394
 395       const user = data[0]
 396       expect(user.username).to.equal('user_1')
 397       expect(user.email).to.equal('user_1@example.com')
 398       expect(user.nsfwPolicy).to.equal('display')
 399
 400       const rootUser = data[1]
 401       expect(rootUser.username).to.equal('root')
 402       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 403       expect(user.nsfwPolicy).to.equal('display')
 404
 405       expect(rootUser.lastLoginDate).to.exist
 406       expect(user.lastLoginDate).to.exist
 407
 408       userId = user.id
 409     })
 410
 411     it('Should list only the first user by username asc', async function () {
 412       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 413
 414       expect(total).to.equal(2)
 415       expect(data.length).to.equal(1)
 416
 417       const user = data[0]
 418       expect(user.username).to.equal('root')
 419       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 420       expect(user.roleLabel).to.equal('Administrator')
 421       expect(user.nsfwPolicy).to.equal('display')
 422     })
 423
 424     it('Should list only the first user by username desc', async function () {
 425       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 426
 427       expect(total).to.equal(2)
 428       expect(data.length).to.equal(1)
 429
 430       const user = data[0]
 431       expect(user.username).to.equal('user_1')
 432       expect(user.email).to.equal('user_1@example.com')
 433       expect(user.nsfwPolicy).to.equal('display')
 434     })
 435
 436     it('Should list only the second user by createdAt desc', async function () {
 437       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 438       expect(total).to.equal(2)
 439
 440       expect(data.length).to.equal(1)
 441
 442       const user = data[0]
 443       expect(user.username).to.equal('user_1')
 444       expect(user.email).to.equal('user_1@example.com')
 445       expect(user.nsfwPolicy).to.equal('display')
 446     })
 447
 448     it('Should list all the users by createdAt asc', async function () {
 449       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 450
 451       expect(total).to.equal(2)
 452       expect(data.length).to.equal(2)
 453
 454       expect(data[0].username).to.equal('root')
 455       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 456       expect(data[0].nsfwPolicy).to.equal('display')
 457
 458       expect(data[1].username).to.equal('user_1')
 459       expect(data[1].email).to.equal('user_1@example.com')
 460       expect(data[1].nsfwPolicy).to.equal('display')
 461     })
 462
 463     it('Should search user by username', async function () {
 464       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 465       expect(total).to.equal(1)
 466       expect(data.length).to.equal(1)
 467       expect(data[0].username).to.equal('root')
 468     })
 469
 470     it('Should search user by email', async function () {
 471       {
 472         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 473         expect(total).to.equal(1)
 474         expect(data.length).to.equal(1)
 475         expect(data[0].username).to.equal('user_1')
 476         expect(data[0].email).to.equal('user_1@example.com')
 477       }
 478
 479       {
 480         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 481         expect(total).to.equal(2)
 482         expect(data.length).to.equal(2)
 483         expect(data[0].username).to.equal('root')
 484         expect(data[1].username).to.equal('user_1')
 485       }
 486     })
 487   })
 488
 489   describe('Update my account', function () {
 490
 491     it('Should update my password', async function () {
 492       await server.users.updateMe({
 493         token: userToken,
 494         currentPassword: 'super password',
 495         password: 'new password'
 496       })
 497       user.password = 'new password'
 498
 499       await server.login.login({ user })
 500     })
 501
 502     it('Should be able to change the NSFW display attribute', async function () {
 503       await server.users.updateMe({
 504         token: userToken,
 505         nsfwPolicy: 'do_not_list'
 506       })
 507
 508       const user = await server.users.getMyInfo({ token: userToken })
 509       expect(user.username).to.equal('user_1')
 510       expect(user.email).to.equal('user_1@example.com')
 511       expect(user.nsfwPolicy).to.equal('do_not_list')
 512       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 513       expect(user.id).to.be.a('number')
 514       expect(user.account.displayName).to.equal('user_1')
 515       expect(user.account.description).to.be.null
 516     })
 517
 518     it('Should be able to change the autoPlayVideo attribute', async function () {
 519       await server.users.updateMe({
 520         token: userToken,
 521         autoPlayVideo: false
 522       })
 523
 524       const user = await server.users.getMyInfo({ token: userToken })
 525       expect(user.autoPlayVideo).to.be.false
 526     })
 527
 528     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 529       await server.users.updateMe({
 530         token: userToken,
 531         autoPlayNextVideo: true
 532       })
 533
 534       const user = await server.users.getMyInfo({ token: userToken })
 535       expect(user.autoPlayNextVideo).to.be.true
 536     })
 537
 538     it('Should be able to change the email attribute', async function () {
 539       await server.users.updateMe({
 540         token: userToken,
 541         currentPassword: 'new password',
 542         email: 'updated@example.com'
 543       })
 544
 545       const user = await server.users.getMyInfo({ token: userToken })
 546       expect(user.username).to.equal('user_1')
 547       expect(user.email).to.equal('updated@example.com')
 548       expect(user.nsfwPolicy).to.equal('do_not_list')
 549       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 550       expect(user.id).to.be.a('number')
 551       expect(user.account.displayName).to.equal('user_1')
 552       expect(user.account.description).to.be.null
 553     })
 554
 555     it('Should be able to update my avatar with a gif', async function () {
 556       const fixture = 'avatar.gif'
 557
 558       await server.users.updateMyAvatar({ token: userToken, fixture })
 559
 560       const user = await server.users.getMyInfo({ token: userToken })
 561       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 562     })
 563
 564     it('Should be able to update my avatar with a gif, and then a png', async function () {
 565       for (const extension of [ '.png', '.gif' ]) {
 566         const fixture = 'avatar' + extension
 567
 568         await server.users.updateMyAvatar({ token: userToken, fixture })
 569
 570         const user = await server.users.getMyInfo({ token: userToken })
 571         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 572       }
 573     })
 574
 575     it('Should be able to update my display name', async function () {
 576       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 577
 578       const user = await server.users.getMyInfo({ token: userToken })
 579       expect(user.username).to.equal('user_1')
 580       expect(user.email).to.equal('updated@example.com')
 581       expect(user.nsfwPolicy).to.equal('do_not_list')
 582       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 583       expect(user.id).to.be.a('number')
 584       expect(user.account.displayName).to.equal('new display name')
 585       expect(user.account.description).to.be.null
 586     })
 587
 588     it('Should be able to update my description', async function () {
 589       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 590
 591       const user = await server.users.getMyInfo({ token: userToken })
 592       expect(user.username).to.equal('user_1')
 593       expect(user.email).to.equal('updated@example.com')
 594       expect(user.nsfwPolicy).to.equal('do_not_list')
 595       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 596       expect(user.id).to.be.a('number')
 597       expect(user.account.displayName).to.equal('new display name')
 598       expect(user.account.description).to.equal('my super description updated')
 599       expect(user.noWelcomeModal).to.be.false
 600       expect(user.noInstanceConfigWarningModal).to.be.false
 601     })
 602
 603     it('Should be able to update my theme', async function () {
 604       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 605         await server.users.updateMe({ token: userToken, theme })
 606
 607         const user = await server.users.getMyInfo({ token: userToken })
 608         expect(user.theme).to.equal(theme)
 609       }
 610     })
 611
 612     it('Should be able to update my modal preferences', async function () {
 613       await server.users.updateMe({
 614         token: userToken,
 615         noInstanceConfigWarningModal: true,
 616         noWelcomeModal: true
 617       })
 618
 619       const user = await server.users.getMyInfo({ token: userToken })
 620       expect(user.noWelcomeModal).to.be.true
 621       expect(user.noInstanceConfigWarningModal).to.be.true
 622     })
 623   })
 624
 625   describe('Updating another user', function () {
 626     it('Should be able to update another user', async function () {
 627       await server.users.update({
 628         userId,
 629         token,
 630         email: 'updated2@example.com',
 631         emailVerified: true,
 632         videoQuota: 42,
 633         role: UserRole.MODERATOR,
 634         adminFlags: UserAdminFlag.NONE,
 635         pluginAuth: 'toto'
 636       })
 637
 638       const user = await server.users.get({ token, userId })
 639
 640       expect(user.username).to.equal('user_1')
 641       expect(user.email).to.equal('updated2@example.com')
 642       expect(user.emailVerified).to.be.true
 643       expect(user.nsfwPolicy).to.equal('do_not_list')
 644       expect(user.videoQuota).to.equal(42)
 645       expect(user.roleLabel).to.equal('Moderator')
 646       expect(user.id).to.be.a('number')
 647       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 648       expect(user.pluginAuth).to.equal('toto')
 649     })
 650
 651     it('Should reset the auth plugin', async function () {
 652       await server.users.update({ userId, token, pluginAuth: null })
 653
 654       const user = await server.users.get({ token, userId })
 655       expect(user.pluginAuth).to.be.null
 656     })
 657
 658     it('Should have removed the user token', async function () {
 659       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 660
 661       userToken = await server.login.getAccessToken(user)
 662     })
 663
 664     it('Should be able to update another user password', async function () {
 665       await server.users.update({ userId, token, password: 'password updated' })
 666
 667       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 668
 669       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 670
 671       user.password = 'password updated'
 672       userToken = await server.login.getAccessToken(user)
 673     })
 674   })
 675
 676   describe('Video blacklists', function () {
 677     it('Should be able to list video blacklist by a moderator', async function () {
 678       await server.blacklist.list({ token: userToken })
 679     })
 680   })
 681
 682   describe('Remove a user', function () {
 683     it('Should be able to remove this user', async function () {
 684       await server.users.remove({ userId, token })
 685     })
 686
 687     it('Should not be able to login with this user', async function () {
 688       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 689     })
 690
 691     it('Should not have videos of this user', async function () {
 692       const { data, total } = await server.videos.list()
 693       expect(total).to.equal(1)
 694
 695       const video = data[0]
 696       expect(video.account.name).to.equal('root')
 697     })
 698   })
 699
 700   describe('Registering a new user', function () {
 701     let user15AccessToken
 702
 703     it('Should register a new user', async function () {
 704       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 705       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 706
 707       await server.users.register({ ...user, channel })
 708     })
 709
 710     it('Should be able to login with this registered user', async function () {
 711       const user15 = {
 712         username: 'user_15',
 713         password: 'my super password'
 714       }
 715
 716       user15AccessToken = await server.login.getAccessToken(user15)
 717     })
 718
 719     it('Should have the correct display name', async function () {
 720       const user = await server.users.getMyInfo({ token: user15AccessToken })
 721       expect(user.account.displayName).to.equal('super user 15')
 722     })
 723
 724     it('Should have the correct video quota', async function () {
 725       const user = await server.users.getMyInfo({ token: user15AccessToken })
 726       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 727     })
 728
 729     it('Should have created the channel', async function () {
 730       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 731
 732       expect(displayName).to.equal('my channel rocks')
 733     })
 734
 735     it('Should remove me', async function () {
 736       {
 737         const { data } = await server.users.list()
 738         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 739       }
 740
 741       await server.users.deleteMe({ token: user15AccessToken })
 742
 743       {
 744         const { data } = await server.users.list()
 745         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 746       }
 747     })
 748   })
 749
 750   describe('User blocking', function () {
 751     let user16Id
 752     let user16AccessToken
 753     const user16 = {
 754       username: 'user_16',
 755       password: 'my super password'
 756     }
 757
 758     it('Should block a user', async function () {
 759       const user = await server.users.create({ ...user16 })
 760       user16Id = user.id
 761
 762       user16AccessToken = await server.login.getAccessToken(user16)
 763
 764       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 765       await server.users.banUser({ userId: user16Id })
 766
 767       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 768       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 769     })
 770
 771     it('Should search user by banned status', async function () {
 772       {
 773         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 774         expect(total).to.equal(1)
 775         expect(data.length).to.equal(1)
 776
 777         expect(data[0].username).to.equal(user16.username)
 778       }
 779
 780       {
 781         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 782         expect(total).to.equal(1)
 783         expect(data.length).to.equal(1)
 784
 785         expect(data[0].username).to.not.equal(user16.username)
 786       }
 787     })
 788
 789     it('Should unblock a user', async function () {
 790       await server.users.unbanUser({ userId: user16Id })
 791       user16AccessToken = await server.login.getAccessToken(user16)
 792       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 793     })
 794   })
 795
 796   describe('User stats', function () {
 797     let user17Id
 798     let user17AccessToken
 799
 800     it('Should report correct initial statistics about a user', async function () {
 801       const user17 = {
 802         username: 'user_17',
 803         password: 'my super password'
 804       }
 805       const created = await server.users.create({ ...user17 })
 806
 807       user17Id = created.id
 808       user17AccessToken = await server.login.getAccessToken(user17)
 809
 810       const user = await server.users.get({ userId: user17Id, withStats: true })
 811       expect(user.videosCount).to.equal(0)
 812       expect(user.videoCommentsCount).to.equal(0)
 813       expect(user.abusesCount).to.equal(0)
 814       expect(user.abusesCreatedCount).to.equal(0)
 815       expect(user.abusesAcceptedCount).to.equal(0)
 816     })
 817
 818     it('Should report correct videos count', async function () {
 819       const attributes = { name: 'video to test user stats' }
 820       await server.videos.upload({ token: user17AccessToken, attributes })
 821
 822       const { data } = await server.videos.list()
 823       videoId = data.find(video => video.name === attributes.name).id
 824
 825       const user = await server.users.get({ userId: user17Id, withStats: true })
 826       expect(user.videosCount).to.equal(1)
 827     })
 828
 829     it('Should report correct video comments for user', async function () {
 830       const text = 'super comment'
 831       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 832
 833       const user = await server.users.get({ userId: user17Id, withStats: true })
 834       expect(user.videoCommentsCount).to.equal(1)
 835     })
 836
 837     it('Should report correct abuses counts', async function () {
 838       const reason = 'my super bad reason'
 839       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 840
 841       const body1 = await server.abuses.getAdminList()
 842       const abuseId = body1.data[0].id
 843
 844       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 845       expect(user2.abusesCount).to.equal(1) // number of incriminations
 846       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 847
 848       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 849
 850       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 851       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 852     })
 853   })
 854
 855   after(async function () {
 856     await cleanupTests([ server ])
 857   })
 858 })