server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { testImage } from '@server/tests/shared'
   6 import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
   7 import {
   8   cleanupTests,
   9   createSingleServer,
  10   killallServers,
  11   makePutBodyRequest,
  12   PeerTubeServer,
  13   setAccessTokensToServers,
  14   waitJobs
  15 } from '@shared/server-commands'
  16
  17 const expect = chai.expect
  18
  19 describe('Test users', function () {
  20   let server: PeerTubeServer
  21   let token: string
  22   let userToken: string
  23   let videoId: number
  24   let userId: number
  25   const user = {
  26     username: 'user_1',
  27     password: 'super password'
  28   }
  29
  30   before(async function () {
  31     this.timeout(30000)
  32
  33     server = await createSingleServer(1, {
  34       rates_limit: {
  35         login: {
  36           max: 30
  37         }
  38       }
  39     })
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  44   })
  45
  46   describe('OAuth client', function () {
  47     it('Should create a new client')
  48
  49     it('Should return the first client')
  50
  51     it('Should remove the last client')
  52
  53     it('Should not login with an invalid client id', async function () {
  54       const client = { id: 'client', secret: server.store.client.secret }
  55       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  56
  57       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  58       expect(body.error).to.contain('client is invalid')
  59       expect(body.type.startsWith('https://')).to.be.true
  60       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  61     })
  62
  63     it('Should not login with an invalid client secret', async function () {
  64       const client = { id: server.store.client.id, secret: 'coucou' }
  65       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  66
  67       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  68       expect(body.error).to.contain('client is invalid')
  69       expect(body.type.startsWith('https://')).to.be.true
  70       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  71     })
  72   })
  73
  74   describe('Login', function () {
  75
  76     it('Should not login with an invalid username', async function () {
  77       const user = { username: 'captain crochet', password: server.store.user.password }
  78       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  79
  80       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  81       expect(body.error).to.contain('credentials are invalid')
  82       expect(body.type.startsWith('https://')).to.be.true
  83       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  84     })
  85
  86     it('Should not login with an invalid password', async function () {
  87       const user = { username: server.store.user.username, password: 'mew_three' }
  88       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  89
  90       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  91       expect(body.error).to.contain('credentials are invalid')
  92       expect(body.type.startsWith('https://')).to.be.true
  93       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  94     })
  95
  96     it('Should not be able to upload a video', async function () {
  97       token = 'my_super_token'
  98
  99       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 100     })
 101
 102     it('Should not be able to follow', async function () {
 103       token = 'my_super_token'
 104
 105       await server.follows.follow({
 106         hosts: [ 'http://example.com' ],
 107         token,
 108         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 109       })
 110     })
 111
 112     it('Should not be able to unfollow')
 113
 114     it('Should be able to login', async function () {
 115       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 116
 117       token = body.access_token
 118     })
 119
 120     it('Should be able to login with an insensitive username', async function () {
 121       const user = { username: 'RoOt', password: server.store.user.password }
 122       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 123
 124       const user2 = { username: 'rOoT', password: server.store.user.password }
 125       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 126
 127       const user3 = { username: 'ROOt', password: server.store.user.password }
 128       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 129     })
 130   })
 131
 132   describe('Upload', function () {
 133
 134     it('Should upload the video with the correct token', async function () {
 135       await server.videos.upload({ token })
 136       const { data } = await server.videos.list()
 137       const video = data[0]
 138
 139       expect(video.account.name).to.equal('root')
 140       videoId = video.id
 141     })
 142
 143     it('Should upload the video again with the correct token', async function () {
 144       await server.videos.upload({ token })
 145     })
 146   })
 147
 148   describe('Ratings', function () {
 149
 150     it('Should retrieve a video rating', async function () {
 151       await server.videos.rate({ id: videoId, rating: 'like' })
 152       const rating = await server.users.getMyRating({ token, videoId })
 153
 154       expect(rating.videoId).to.equal(videoId)
 155       expect(rating.rating).to.equal('like')
 156     })
 157
 158     it('Should retrieve ratings list', async function () {
 159       await server.videos.rate({ id: videoId, rating: 'like' })
 160
 161       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 162
 163       expect(body.total).to.equal(1)
 164       expect(body.data[0].video.id).to.equal(videoId)
 165       expect(body.data[0].rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list by rating type', async function () {
 169       {
 170         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 171         expect(body.data.length).to.equal(1)
 172       }
 173
 174       {
 175         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 176         expect(body.data.length).to.equal(0)
 177       }
 178     })
 179   })
 180
 181   describe('Remove video', function () {
 182     it('Should not be able to remove the video with an incorrect token', async function () {
 183       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184     })
 185
 186     it('Should not be able to remove the video with the token of another account')
 187
 188     it('Should be able to remove the video with the correct token', async function () {
 189       await server.videos.remove({ token, id: videoId })
 190     })
 191   })
 192
 193   describe('Logout', function () {
 194     it('Should logout (revoke token)', async function () {
 195       await server.login.logout({ token: server.accessToken })
 196     })
 197
 198     it('Should not be able to get the user information', async function () {
 199       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 200     })
 201
 202     it('Should not be able to upload a video', async function () {
 203       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should not be able to rate a video', async function () {
 207       const path = '/api/v1/videos/'
 208       const data = {
 209         rating: 'likes'
 210       }
 211
 212       const options = {
 213         url: server.url,
 214         path: path + videoId,
 215         token: 'wrong token',
 216         fields: data,
 217         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 218       }
 219       await makePutBodyRequest(options)
 220     })
 221
 222     it('Should be able to login again', async function () {
 223       const body = await server.login.login()
 224       server.accessToken = body.access_token
 225       server.refreshToken = body.refresh_token
 226     })
 227
 228     it('Should be able to get my user information again', async function () {
 229       await server.users.getMyInfo()
 230     })
 231
 232     it('Should have an expired access token', async function () {
 233       this.timeout(60000)
 234
 235       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 236       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 237
 238       await killallServers([ server ])
 239       await server.run()
 240
 241       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 242     })
 243
 244     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 245       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 246     })
 247
 248     it('Should refresh the token', async function () {
 249       this.timeout(15000)
 250
 251       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 252       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 253
 254       await killallServers([ server ])
 255       await server.run()
 256
 257       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await server.users.getMyInfo()
 264     })
 265   })
 266
 267   describe('Creating a user', function () {
 268
 269     it('Should be able to create a new user', async function () {
 270       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 271     })
 272
 273     it('Should be able to login with this user', async function () {
 274       userToken = await server.login.getAccessToken(user)
 275     })
 276
 277     it('Should be able to get user information', async function () {
 278       const userMe = await server.users.getMyInfo({ token: userToken })
 279
 280       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 281
 282       for (const user of [ userMe, userGet ]) {
 283         expect(user.username).to.equal('user_1')
 284         expect(user.email).to.equal('user_1@example.com')
 285         expect(user.nsfwPolicy).to.equal('display')
 286         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 287         expect(user.roleLabel).to.equal('User')
 288         expect(user.id).to.be.a('number')
 289         expect(user.account.displayName).to.equal('user_1')
 290         expect(user.account.description).to.be.null
 291       }
 292
 293       expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 294       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 295
 296       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 297       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 298
 299       // Check stats are included with withStats
 300       expect(userGet.videosCount).to.be.a('number')
 301       expect(userGet.videosCount).to.equal(0)
 302       expect(userGet.videoCommentsCount).to.be.a('number')
 303       expect(userGet.videoCommentsCount).to.equal(0)
 304       expect(userGet.abusesCount).to.be.a('number')
 305       expect(userGet.abusesCount).to.equal(0)
 306       expect(userGet.abusesAcceptedCount).to.be.a('number')
 307       expect(userGet.abusesAcceptedCount).to.equal(0)
 308     })
 309   })
 310
 311   describe('My videos & quotas', function () {
 312
 313     it('Should be able to upload a video with this user', async function () {
 314       this.timeout(10000)
 315
 316       const attributes = {
 317         name: 'super user video',
 318         fixture: 'video_short.webm'
 319       }
 320       await server.videos.upload({ token: userToken, attributes })
 321
 322       await server.channels.create({ token: userToken, attributes: { name: 'other_channel' } })
 323     })
 324
 325     it('Should have video quota updated', async function () {
 326       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 327       expect(quota.videoQuotaUsed).to.equal(218910)
 328
 329       const { data } = await server.users.list()
 330       const tmpUser = data.find(u => u.username === user.username)
 331       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 332     })
 333
 334     it('Should be able to list my videos', async function () {
 335       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 336       expect(total).to.equal(1)
 337       expect(data).to.have.lengthOf(1)
 338
 339       const video: Video = data[0]
 340       expect(video.name).to.equal('super user video')
 341       expect(video.thumbnailPath).to.not.be.null
 342       expect(video.previewPath).to.not.be.null
 343     })
 344
 345     it('Should be able to filter by channel in my videos', async function () {
 346       const myInfo = await server.users.getMyInfo({ token: userToken })
 347       const mainChannel = myInfo.videoChannels.find(c => c.name !== 'other_channel')
 348       const otherChannel = myInfo.videoChannels.find(c => c.name === 'other_channel')
 349
 350       {
 351         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: mainChannel.id })
 352         expect(total).to.equal(1)
 353         expect(data).to.have.lengthOf(1)
 354
 355         const video: Video = data[0]
 356         expect(video.name).to.equal('super user video')
 357         expect(video.thumbnailPath).to.not.be.null
 358         expect(video.previewPath).to.not.be.null
 359       }
 360
 361       {
 362         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: otherChannel.id })
 363         expect(total).to.equal(0)
 364         expect(data).to.have.lengthOf(0)
 365       }
 366     })
 367
 368     it('Should be able to search in my videos', async function () {
 369       {
 370         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 371         expect(total).to.equal(1)
 372         expect(data).to.have.lengthOf(1)
 373       }
 374
 375       {
 376         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 377         expect(total).to.equal(0)
 378         expect(data).to.have.lengthOf(0)
 379       }
 380     })
 381
 382     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 383       this.timeout(160000)
 384
 385       {
 386         const config = await server.config.getCustomConfig()
 387         config.transcoding.webtorrent.enabled = false
 388         config.transcoding.hls.enabled = true
 389         config.transcoding.enabled = true
 390         await server.config.updateCustomSubConfig({ newConfig: config })
 391       }
 392
 393       {
 394         const attributes = {
 395           name: 'super user video 2',
 396           fixture: 'video_short.webm'
 397         }
 398         await server.videos.upload({ token: userToken, attributes })
 399
 400         await waitJobs([ server ])
 401       }
 402
 403       {
 404         const data = await server.users.getMyQuotaUsed({ token: userToken })
 405         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 406       }
 407     })
 408   })
 409
 410   describe('Users listing', function () {
 411
 412     it('Should list all the users', async function () {
 413       const { data, total } = await server.users.list()
 414
 415       expect(total).to.equal(2)
 416       expect(data).to.be.an('array')
 417       expect(data.length).to.equal(2)
 418
 419       const user = data[0]
 420       expect(user.username).to.equal('user_1')
 421       expect(user.email).to.equal('user_1@example.com')
 422       expect(user.nsfwPolicy).to.equal('display')
 423
 424       const rootUser = data[1]
 425       expect(rootUser.username).to.equal('root')
 426       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 427       expect(user.nsfwPolicy).to.equal('display')
 428
 429       expect(rootUser.lastLoginDate).to.exist
 430       expect(user.lastLoginDate).to.exist
 431
 432       userId = user.id
 433     })
 434
 435     it('Should list only the first user by username asc', async function () {
 436       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 437
 438       expect(total).to.equal(2)
 439       expect(data.length).to.equal(1)
 440
 441       const user = data[0]
 442       expect(user.username).to.equal('root')
 443       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 444       expect(user.roleLabel).to.equal('Administrator')
 445       expect(user.nsfwPolicy).to.equal('display')
 446     })
 447
 448     it('Should list only the first user by username desc', async function () {
 449       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 450
 451       expect(total).to.equal(2)
 452       expect(data.length).to.equal(1)
 453
 454       const user = data[0]
 455       expect(user.username).to.equal('user_1')
 456       expect(user.email).to.equal('user_1@example.com')
 457       expect(user.nsfwPolicy).to.equal('display')
 458     })
 459
 460     it('Should list only the second user by createdAt desc', async function () {
 461       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 462       expect(total).to.equal(2)
 463
 464       expect(data.length).to.equal(1)
 465
 466       const user = data[0]
 467       expect(user.username).to.equal('user_1')
 468       expect(user.email).to.equal('user_1@example.com')
 469       expect(user.nsfwPolicy).to.equal('display')
 470     })
 471
 472     it('Should list all the users by createdAt asc', async function () {
 473       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 474
 475       expect(total).to.equal(2)
 476       expect(data.length).to.equal(2)
 477
 478       expect(data[0].username).to.equal('root')
 479       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 480       expect(data[0].nsfwPolicy).to.equal('display')
 481
 482       expect(data[1].username).to.equal('user_1')
 483       expect(data[1].email).to.equal('user_1@example.com')
 484       expect(data[1].nsfwPolicy).to.equal('display')
 485     })
 486
 487     it('Should search user by username', async function () {
 488       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 489       expect(total).to.equal(1)
 490       expect(data.length).to.equal(1)
 491       expect(data[0].username).to.equal('root')
 492     })
 493
 494     it('Should search user by email', async function () {
 495       {
 496         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 497         expect(total).to.equal(1)
 498         expect(data.length).to.equal(1)
 499         expect(data[0].username).to.equal('user_1')
 500         expect(data[0].email).to.equal('user_1@example.com')
 501       }
 502
 503       {
 504         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 505         expect(total).to.equal(2)
 506         expect(data.length).to.equal(2)
 507         expect(data[0].username).to.equal('root')
 508         expect(data[1].username).to.equal('user_1')
 509       }
 510     })
 511   })
 512
 513   describe('Update my account', function () {
 514
 515     it('Should update my password', async function () {
 516       await server.users.updateMe({
 517         token: userToken,
 518         currentPassword: 'super password',
 519         password: 'new password'
 520       })
 521       user.password = 'new password'
 522
 523       await server.login.login({ user })
 524     })
 525
 526     it('Should be able to change the NSFW display attribute', async function () {
 527       await server.users.updateMe({
 528         token: userToken,
 529         nsfwPolicy: 'do_not_list'
 530       })
 531
 532       const user = await server.users.getMyInfo({ token: userToken })
 533       expect(user.username).to.equal('user_1')
 534       expect(user.email).to.equal('user_1@example.com')
 535       expect(user.nsfwPolicy).to.equal('do_not_list')
 536       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 537       expect(user.id).to.be.a('number')
 538       expect(user.account.displayName).to.equal('user_1')
 539       expect(user.account.description).to.be.null
 540     })
 541
 542     it('Should be able to change the autoPlayVideo attribute', async function () {
 543       await server.users.updateMe({
 544         token: userToken,
 545         autoPlayVideo: false
 546       })
 547
 548       const user = await server.users.getMyInfo({ token: userToken })
 549       expect(user.autoPlayVideo).to.be.false
 550     })
 551
 552     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 553       await server.users.updateMe({
 554         token: userToken,
 555         autoPlayNextVideo: true
 556       })
 557
 558       const user = await server.users.getMyInfo({ token: userToken })
 559       expect(user.autoPlayNextVideo).to.be.true
 560     })
 561
 562     it('Should be able to change the p2p attribute', async function () {
 563       {
 564         await server.users.updateMe({
 565           token: userToken,
 566           webTorrentEnabled: false
 567         })
 568
 569         const user = await server.users.getMyInfo({ token: userToken })
 570         expect(user.p2pEnabled).to.be.false
 571       }
 572
 573       {
 574         await server.users.updateMe({
 575           token: userToken,
 576           p2pEnabled: true
 577         })
 578
 579         const user = await server.users.getMyInfo({ token: userToken })
 580         expect(user.p2pEnabled).to.be.true
 581       }
 582     })
 583
 584     it('Should be able to change the email attribute', async function () {
 585       await server.users.updateMe({
 586         token: userToken,
 587         currentPassword: 'new password',
 588         email: 'updated@example.com'
 589       })
 590
 591       const user = await server.users.getMyInfo({ token: userToken })
 592       expect(user.username).to.equal('user_1')
 593       expect(user.email).to.equal('updated@example.com')
 594       expect(user.nsfwPolicy).to.equal('do_not_list')
 595       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 596       expect(user.id).to.be.a('number')
 597       expect(user.account.displayName).to.equal('user_1')
 598       expect(user.account.description).to.be.null
 599     })
 600
 601     it('Should be able to update my avatar with a gif', async function () {
 602       const fixture = 'avatar.gif'
 603
 604       await server.users.updateMyAvatar({ token: userToken, fixture })
 605
 606       const user = await server.users.getMyInfo({ token: userToken })
 607       for (const avatar of user.account.avatars) {
 608         await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, '.gif')
 609       }
 610     })
 611
 612     it('Should be able to update my avatar with a gif, and then a png', async function () {
 613       for (const extension of [ '.png', '.gif' ]) {
 614         const fixture = 'avatar' + extension
 615
 616         await server.users.updateMyAvatar({ token: userToken, fixture })
 617
 618         const user = await server.users.getMyInfo({ token: userToken })
 619         for (const avatar of user.account.avatars) {
 620           await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, extension)
 621         }
 622       }
 623     })
 624
 625     it('Should still have the same amount of videos in my account', async function () {
 626       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 627
 628       expect(total).to.equal(2)
 629       expect(data).to.have.lengthOf(2)
 630     })
 631
 632     it('Should be able to update my display name', async function () {
 633       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 634
 635       const user = await server.users.getMyInfo({ token: userToken })
 636       expect(user.username).to.equal('user_1')
 637       expect(user.email).to.equal('updated@example.com')
 638       expect(user.nsfwPolicy).to.equal('do_not_list')
 639       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 640       expect(user.id).to.be.a('number')
 641       expect(user.account.displayName).to.equal('new display name')
 642       expect(user.account.description).to.be.null
 643     })
 644
 645     it('Should be able to update my description', async function () {
 646       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 647
 648       const user = await server.users.getMyInfo({ token: userToken })
 649       expect(user.username).to.equal('user_1')
 650       expect(user.email).to.equal('updated@example.com')
 651       expect(user.nsfwPolicy).to.equal('do_not_list')
 652       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 653       expect(user.id).to.be.a('number')
 654       expect(user.account.displayName).to.equal('new display name')
 655       expect(user.account.description).to.equal('my super description updated')
 656       expect(user.noWelcomeModal).to.be.false
 657       expect(user.noInstanceConfigWarningModal).to.be.false
 658       expect(user.noAccountSetupWarningModal).to.be.false
 659     })
 660
 661     it('Should be able to update my theme', async function () {
 662       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 663         await server.users.updateMe({ token: userToken, theme })
 664
 665         const user = await server.users.getMyInfo({ token: userToken })
 666         expect(user.theme).to.equal(theme)
 667       }
 668     })
 669
 670     it('Should be able to update my modal preferences', async function () {
 671       await server.users.updateMe({
 672         token: userToken,
 673         noInstanceConfigWarningModal: true,
 674         noWelcomeModal: true,
 675         noAccountSetupWarningModal: true
 676       })
 677
 678       const user = await server.users.getMyInfo({ token: userToken })
 679       expect(user.noWelcomeModal).to.be.true
 680       expect(user.noInstanceConfigWarningModal).to.be.true
 681       expect(user.noAccountSetupWarningModal).to.be.true
 682     })
 683   })
 684
 685   describe('Updating another user', function () {
 686     it('Should be able to update another user', async function () {
 687       await server.users.update({
 688         userId,
 689         token,
 690         email: 'updated2@example.com',
 691         emailVerified: true,
 692         videoQuota: 42,
 693         role: UserRole.MODERATOR,
 694         adminFlags: UserAdminFlag.NONE,
 695         pluginAuth: 'toto'
 696       })
 697
 698       const user = await server.users.get({ token, userId })
 699
 700       expect(user.username).to.equal('user_1')
 701       expect(user.email).to.equal('updated2@example.com')
 702       expect(user.emailVerified).to.be.true
 703       expect(user.nsfwPolicy).to.equal('do_not_list')
 704       expect(user.videoQuota).to.equal(42)
 705       expect(user.roleLabel).to.equal('Moderator')
 706       expect(user.id).to.be.a('number')
 707       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 708       expect(user.pluginAuth).to.equal('toto')
 709     })
 710
 711     it('Should reset the auth plugin', async function () {
 712       await server.users.update({ userId, token, pluginAuth: null })
 713
 714       const user = await server.users.get({ token, userId })
 715       expect(user.pluginAuth).to.be.null
 716     })
 717
 718     it('Should have removed the user token', async function () {
 719       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 720
 721       userToken = await server.login.getAccessToken(user)
 722     })
 723
 724     it('Should be able to update another user password', async function () {
 725       await server.users.update({ userId, token, password: 'password updated' })
 726
 727       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 728
 729       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 730
 731       user.password = 'password updated'
 732       userToken = await server.login.getAccessToken(user)
 733     })
 734   })
 735
 736   describe('Video blacklists', function () {
 737     it('Should be able to list video blacklist by a moderator', async function () {
 738       await server.blacklist.list({ token: userToken })
 739     })
 740   })
 741
 742   describe('Remove a user', function () {
 743     it('Should be able to remove this user', async function () {
 744       await server.users.remove({ userId, token })
 745     })
 746
 747     it('Should not be able to login with this user', async function () {
 748       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 749     })
 750
 751     it('Should not have videos of this user', async function () {
 752       const { data, total } = await server.videos.list()
 753       expect(total).to.equal(1)
 754
 755       const video = data[0]
 756       expect(video.account.name).to.equal('root')
 757     })
 758   })
 759
 760   describe('Registering a new user', function () {
 761     let user15AccessToken
 762
 763     it('Should register a new user', async function () {
 764       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 765       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 766
 767       await server.users.register({ ...user, channel })
 768     })
 769
 770     it('Should be able to login with this registered user', async function () {
 771       const user15 = {
 772         username: 'user_15',
 773         password: 'my super password'
 774       }
 775
 776       user15AccessToken = await server.login.getAccessToken(user15)
 777     })
 778
 779     it('Should have the correct display name', async function () {
 780       const user = await server.users.getMyInfo({ token: user15AccessToken })
 781       expect(user.account.displayName).to.equal('super user 15')
 782     })
 783
 784     it('Should have the correct video quota', async function () {
 785       const user = await server.users.getMyInfo({ token: user15AccessToken })
 786       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 787     })
 788
 789     it('Should have created the channel', async function () {
 790       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 791
 792       expect(displayName).to.equal('my channel rocks')
 793     })
 794
 795     it('Should remove me', async function () {
 796       {
 797         const { data } = await server.users.list()
 798         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 799       }
 800
 801       await server.users.deleteMe({ token: user15AccessToken })
 802
 803       {
 804         const { data } = await server.users.list()
 805         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 806       }
 807     })
 808   })
 809
 810   describe('User blocking', function () {
 811     let user16Id
 812     let user16AccessToken
 813     const user16 = {
 814       username: 'user_16',
 815       password: 'my super password'
 816     }
 817
 818     it('Should block a user', async function () {
 819       const user = await server.users.create({ ...user16 })
 820       user16Id = user.id
 821
 822       user16AccessToken = await server.login.getAccessToken(user16)
 823
 824       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 825       await server.users.banUser({ userId: user16Id })
 826
 827       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 828       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 829     })
 830
 831     it('Should search user by banned status', async function () {
 832       {
 833         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 834         expect(total).to.equal(1)
 835         expect(data.length).to.equal(1)
 836
 837         expect(data[0].username).to.equal(user16.username)
 838       }
 839
 840       {
 841         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 842         expect(total).to.equal(1)
 843         expect(data.length).to.equal(1)
 844
 845         expect(data[0].username).to.not.equal(user16.username)
 846       }
 847     })
 848
 849     it('Should unblock a user', async function () {
 850       await server.users.unbanUser({ userId: user16Id })
 851       user16AccessToken = await server.login.getAccessToken(user16)
 852       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 853     })
 854   })
 855
 856   describe('User stats', function () {
 857     let user17Id
 858     let user17AccessToken
 859
 860     it('Should report correct initial statistics about a user', async function () {
 861       const user17 = {
 862         username: 'user_17',
 863         password: 'my super password'
 864       }
 865       const created = await server.users.create({ ...user17 })
 866
 867       user17Id = created.id
 868       user17AccessToken = await server.login.getAccessToken(user17)
 869
 870       const user = await server.users.get({ userId: user17Id, withStats: true })
 871       expect(user.videosCount).to.equal(0)
 872       expect(user.videoCommentsCount).to.equal(0)
 873       expect(user.abusesCount).to.equal(0)
 874       expect(user.abusesCreatedCount).to.equal(0)
 875       expect(user.abusesAcceptedCount).to.equal(0)
 876     })
 877
 878     it('Should report correct videos count', async function () {
 879       const attributes = { name: 'video to test user stats' }
 880       await server.videos.upload({ token: user17AccessToken, attributes })
 881
 882       const { data } = await server.videos.list()
 883       videoId = data.find(video => video.name === attributes.name).id
 884
 885       const user = await server.users.get({ userId: user17Id, withStats: true })
 886       expect(user.videosCount).to.equal(1)
 887     })
 888
 889     it('Should report correct video comments for user', async function () {
 890       const text = 'super comment'
 891       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 892
 893       const user = await server.users.get({ userId: user17Id, withStats: true })
 894       expect(user.videoCommentsCount).to.equal(1)
 895     })
 896
 897     it('Should report correct abuses counts', async function () {
 898       const reason = 'my super bad reason'
 899       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 900
 901       const body1 = await server.abuses.getAdminList()
 902       const abuseId = body1.data[0].id
 903
 904       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 905       expect(user2.abusesCount).to.equal(1) // number of incriminations
 906       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 907
 908       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 909
 910       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 911       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 912     })
 913   })
 914
 915   after(async function () {
 916     await cleanupTests([ server ])
 917   })
 918 })