1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
3 import * as chai from 'chai'
5 import { MyUser, User, UserRole, Video, VideoPlaylistType, VideoAbuseState, VideoAbuseUpdate } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
26 registerUserWithChannel,
38 addVideoCommentThread,
41 } from '../../../../shared/extra-utils'
42 import { follow } from '../../../../shared/extra-utils/server/follows'
43 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
44 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
45 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
47 const expect = chai.expect
49 describe('Test users', function () {
50 let server: ServerInfo
51 let accessToken: string
52 let accessTokenUser: string
57 password: 'super password'
60 before(async function () {
62 server = await flushAndRunServer(1)
64 await setAccessTokensToServers([ server ])
66 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
69 describe('OAuth client', function () {
70 it('Should create a new client')
72 it('Should return the first client')
74 it('Should remove the last client')
76 it('Should not login with an invalid client id', async function () {
77 const client = { id: 'client', secret: server.client.secret }
78 const res = await login(server.url, client, server.user, 400)
80 expect(res.body.error).to.contain('client is invalid')
83 it('Should not login with an invalid client secret', async function () {
84 const client = { id: server.client.id, secret: 'coucou' }
85 const res = await login(server.url, client, server.user, 400)
87 expect(res.body.error).to.contain('client is invalid')
91 describe('Login', function () {
93 it('Should not login with an invalid username', async function () {
94 const user = { username: 'captain crochet', password: server.user.password }
95 const res = await login(server.url, server.client, user, 400)
97 expect(res.body.error).to.contain('credentials are invalid')
100 it('Should not login with an invalid password', async function () {
101 const user = { username: server.user.username, password: 'mew_three' }
102 const res = await login(server.url, server.client, user, 400)
104 expect(res.body.error).to.contain('credentials are invalid')
107 it('Should not be able to upload a video', async function () {
108 accessToken = 'my_super_token'
110 const videoAttributes = {}
111 await uploadVideo(server.url, accessToken, videoAttributes, 401)
114 it('Should not be able to follow', async function () {
115 accessToken = 'my_super_token'
116 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
119 it('Should not be able to unfollow')
121 it('Should be able to login', async function () {
122 const res = await login(server.url, server.client, server.user, 200)
124 accessToken = res.body.access_token
127 it('Should be able to login with an insensitive username', async function () {
128 const user = { username: 'RoOt', password: server.user.password }
129 await login(server.url, server.client, user, 200)
131 const user2 = { username: 'rOoT', password: server.user.password }
132 await login(server.url, server.client, user2, 200)
134 const user3 = { username: 'ROOt', password: server.user.password }
135 await login(server.url, server.client, user3, 200)
139 describe('Upload', function () {
141 it('Should upload the video with the correct token', async function () {
142 const videoAttributes = {}
143 await uploadVideo(server.url, accessToken, videoAttributes)
144 const res = await getVideosList(server.url)
145 const video = res.body.data[0]
147 expect(video.account.name).to.equal('root')
151 it('Should upload the video again with the correct token', async function () {
152 const videoAttributes = {}
153 await uploadVideo(server.url, accessToken, videoAttributes)
157 describe('Ratings', function () {
159 it('Should retrieve a video rating', async function () {
160 await rateVideo(server.url, accessToken, videoId, 'like')
161 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
162 const rating = res.body
164 expect(rating.videoId).to.equal(videoId)
165 expect(rating.rating).to.equal('like')
168 it('Should retrieve ratings list', async function () {
169 await rateVideo(server.url, accessToken, videoId, 'like')
171 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
172 const ratings = res.body
174 expect(ratings.total).to.equal(1)
175 expect(ratings.data[0].video.id).to.equal(videoId)
176 expect(ratings.data[0].rating).to.equal('like')
179 it('Should retrieve ratings list by rating type', async function () {
181 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
182 const ratings = res.body
183 expect(ratings.data.length).to.equal(1)
187 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
188 const ratings = res.body
189 expect(ratings.data.length).to.equal(0)
194 describe('Remove video', function () {
195 it('Should not be able to remove the video with an incorrect token', async function () {
196 await removeVideo(server.url, 'bad_token', videoId, 401)
199 it('Should not be able to remove the video with the token of another account')
201 it('Should be able to remove the video with the correct token', async function () {
202 await removeVideo(server.url, accessToken, videoId)
206 describe('Logout', function () {
207 it('Should logout (revoke token)')
209 it('Should not be able to get the user information')
211 it('Should not be able to upload a video')
213 it('Should not be able to remove a video')
215 it('Should not be able to rate a video', async function () {
216 const path = '/api/v1/videos/'
223 path: path + videoId,
224 token: 'wrong token',
226 statusCodeExpected: 401
228 await makePutBodyRequest(options)
231 it('Should be able to login again')
233 it('Should have an expired access token')
235 it('Should refresh the token')
237 it('Should be able to upload a video again')
240 describe('Creating a user', function () {
242 it('Should be able to create a new user', async function () {
245 accessToken: accessToken,
246 username: user.username,
247 password: user.password,
248 videoQuota: 2 * 1024 * 1024,
249 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
253 it('Should be able to login with this user', async function () {
254 accessTokenUser = await userLogin(server, user)
257 it('Should be able to get user information', async function () {
258 const res1 = await getMyUserInformation(server.url, accessTokenUser)
259 const userMe: MyUser = res1.body
261 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
262 const userGet: User = res2.body
264 for (const user of [ userMe, userGet ]) {
265 expect(user.username).to.equal('user_1')
266 expect(user.email).to.equal('user_1@example.com')
267 expect(user.nsfwPolicy).to.equal('display')
268 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
269 expect(user.roleLabel).to.equal('User')
270 expect(user.id).to.be.a('number')
271 expect(user.account.displayName).to.equal('user_1')
272 expect(user.account.description).to.be.null
275 expect(userMe.adminFlags).to.be.undefined
276 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
278 expect(userMe.specialPlaylists).to.have.lengthOf(1)
279 expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
281 // Check stats are included with withStats
282 expect(userGet.videosCount).to.be.a('number')
283 expect(userGet.videosCount).to.equal(0)
284 expect(userGet.videoCommentsCount).to.be.a('number')
285 expect(userGet.videoCommentsCount).to.equal(0)
286 expect(userGet.videoAbusesCount).to.be.a('number')
287 expect(userGet.videoAbusesCount).to.equal(0)
288 expect(userGet.videoAbusesAcceptedCount).to.be.a('number')
289 expect(userGet.videoAbusesAcceptedCount).to.equal(0)
293 describe('My videos & quotas', function () {
295 it('Should be able to upload a video with this user', async function () {
298 const videoAttributes = {
299 name: 'super user video',
300 fixture: 'video_short.webm'
302 await uploadVideo(server.url, accessTokenUser, videoAttributes)
305 it('Should have video quota updated', async function () {
306 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
307 const data = res.body
309 expect(data.videoQuotaUsed).to.equal(218910)
311 const resUsers = await getUsersList(server.url, server.accessToken)
313 const users: User[] = resUsers.body.data
314 const tmpUser = users.find(u => u.username === user.username)
315 expect(tmpUser.videoQuotaUsed).to.equal(218910)
318 it('Should be able to list my videos', async function () {
319 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
320 expect(res.body.total).to.equal(1)
322 const videos = res.body.data
323 expect(videos).to.have.lengthOf(1)
325 const video: Video = videos[0]
326 expect(video.name).to.equal('super user video')
327 expect(video.thumbnailPath).to.not.be.null
328 expect(video.previewPath).to.not.be.null
331 it('Should be able to search in my videos', async function () {
333 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
334 expect(res.body.total).to.equal(1)
336 const videos = res.body.data
337 expect(videos).to.have.lengthOf(1)
341 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
342 expect(res.body.total).to.equal(0)
344 const videos = res.body.data
345 expect(videos).to.have.lengthOf(0)
350 describe('Users listing', function () {
352 it('Should list all the users', async function () {
353 const res = await getUsersList(server.url, server.accessToken)
354 const result = res.body
355 const total = result.total
356 const users = result.data
358 expect(total).to.equal(2)
359 expect(users).to.be.an('array')
360 expect(users.length).to.equal(2)
362 const user = users[0]
363 expect(user.username).to.equal('user_1')
364 expect(user.email).to.equal('user_1@example.com')
365 expect(user.nsfwPolicy).to.equal('display')
367 const rootUser = users[1]
368 expect(rootUser.username).to.equal('root')
369 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
370 expect(user.nsfwPolicy).to.equal('display')
375 it('Should list only the first user by username asc', async function () {
376 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
378 const result = res.body
379 const total = result.total
380 const users = result.data
382 expect(total).to.equal(2)
383 expect(users.length).to.equal(1)
385 const user = users[0]
386 expect(user.username).to.equal('root')
387 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
388 expect(user.roleLabel).to.equal('Administrator')
389 expect(user.nsfwPolicy).to.equal('display')
392 it('Should list only the first user by username desc', async function () {
393 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
394 const result = res.body
395 const total = result.total
396 const users = result.data
398 expect(total).to.equal(2)
399 expect(users.length).to.equal(1)
401 const user = users[0]
402 expect(user.username).to.equal('user_1')
403 expect(user.email).to.equal('user_1@example.com')
404 expect(user.nsfwPolicy).to.equal('display')
407 it('Should list only the second user by createdAt desc', async function () {
408 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
409 const result = res.body
410 const total = result.total
411 const users = result.data
413 expect(total).to.equal(2)
414 expect(users.length).to.equal(1)
416 const user = users[0]
417 expect(user.username).to.equal('user_1')
418 expect(user.email).to.equal('user_1@example.com')
419 expect(user.nsfwPolicy).to.equal('display')
422 it('Should list all the users by createdAt asc', async function () {
423 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
424 const result = res.body
425 const total = result.total
426 const users = result.data
428 expect(total).to.equal(2)
429 expect(users.length).to.equal(2)
431 expect(users[0].username).to.equal('root')
432 expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
433 expect(users[0].nsfwPolicy).to.equal('display')
435 expect(users[1].username).to.equal('user_1')
436 expect(users[1].email).to.equal('user_1@example.com')
437 expect(users[1].nsfwPolicy).to.equal('display')
440 it('Should search user by username', async function () {
441 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
442 const users = res.body.data as User[]
444 expect(res.body.total).to.equal(1)
445 expect(users.length).to.equal(1)
447 expect(users[0].username).to.equal('root')
450 it('Should search user by email', async function () {
452 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
453 const users = res.body.data as User[]
455 expect(res.body.total).to.equal(1)
456 expect(users.length).to.equal(1)
458 expect(users[0].username).to.equal('user_1')
459 expect(users[0].email).to.equal('user_1@example.com')
463 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
464 const users = res.body.data as User[]
466 expect(res.body.total).to.equal(2)
467 expect(users.length).to.equal(2)
469 expect(users[0].username).to.equal('root')
470 expect(users[1].username).to.equal('user_1')
475 describe('Update my account', function () {
476 it('Should update my password', async function () {
479 accessToken: accessTokenUser,
480 currentPassword: 'super password',
481 password: 'new password'
483 user.password = 'new password'
485 await userLogin(server, user, 200)
488 it('Should be able to change the NSFW display attribute', async function () {
491 accessToken: accessTokenUser,
492 nsfwPolicy: 'do_not_list'
495 const res = await getMyUserInformation(server.url, accessTokenUser)
496 const user = res.body
498 expect(user.username).to.equal('user_1')
499 expect(user.email).to.equal('user_1@example.com')
500 expect(user.nsfwPolicy).to.equal('do_not_list')
501 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
502 expect(user.id).to.be.a('number')
503 expect(user.account.displayName).to.equal('user_1')
504 expect(user.account.description).to.be.null
507 it('Should be able to change the autoPlayVideo attribute', async function () {
510 accessToken: accessTokenUser,
514 const res = await getMyUserInformation(server.url, accessTokenUser)
515 const user = res.body
517 expect(user.autoPlayVideo).to.be.false
520 it('Should be able to change the autoPlayNextVideo attribute', async function () {
523 accessToken: accessTokenUser,
524 autoPlayNextVideo: true
527 const res = await getMyUserInformation(server.url, accessTokenUser)
528 const user = res.body
530 expect(user.autoPlayNextVideo).to.be.true
533 it('Should be able to change the email attribute', async function () {
536 accessToken: accessTokenUser,
537 currentPassword: 'new password',
538 email: 'updated@example.com'
541 const res = await getMyUserInformation(server.url, accessTokenUser)
542 const user = res.body
544 expect(user.username).to.equal('user_1')
545 expect(user.email).to.equal('updated@example.com')
546 expect(user.nsfwPolicy).to.equal('do_not_list')
547 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
548 expect(user.id).to.be.a('number')
549 expect(user.account.displayName).to.equal('user_1')
550 expect(user.account.description).to.be.null
553 it('Should be able to update my avatar', async function () {
554 const fixture = 'avatar.png'
556 await updateMyAvatar({
558 accessToken: accessTokenUser,
562 const res = await getMyUserInformation(server.url, accessTokenUser)
563 const user = res.body
565 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
568 it('Should be able to update my display name', async function () {
571 accessToken: accessTokenUser,
572 displayName: 'new display name'
575 const res = await getMyUserInformation(server.url, accessTokenUser)
576 const user = res.body
578 expect(user.username).to.equal('user_1')
579 expect(user.email).to.equal('updated@example.com')
580 expect(user.nsfwPolicy).to.equal('do_not_list')
581 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
582 expect(user.id).to.be.a('number')
583 expect(user.account.displayName).to.equal('new display name')
584 expect(user.account.description).to.be.null
587 it('Should be able to update my description', async function () {
590 accessToken: accessTokenUser,
591 description: 'my super description updated'
594 const res = await getMyUserInformation(server.url, accessTokenUser)
595 const user: User = res.body
597 expect(user.username).to.equal('user_1')
598 expect(user.email).to.equal('updated@example.com')
599 expect(user.nsfwPolicy).to.equal('do_not_list')
600 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
601 expect(user.id).to.be.a('number')
602 expect(user.account.displayName).to.equal('new display name')
603 expect(user.account.description).to.equal('my super description updated')
604 expect(user.noWelcomeModal).to.be.false
605 expect(user.noInstanceConfigWarningModal).to.be.false
608 it('Should be able to update my theme', async function () {
609 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
612 accessToken: accessTokenUser,
616 const res = await getMyUserInformation(server.url, accessTokenUser)
617 const body: User = res.body
619 expect(body.theme).to.equal(theme)
623 it('Should be able to update my modal preferences', async function () {
626 accessToken: accessTokenUser,
627 noInstanceConfigWarningModal: true,
631 const res = await getMyUserInformation(server.url, accessTokenUser)
632 const user: User = res.body
634 expect(user.noWelcomeModal).to.be.true
635 expect(user.noInstanceConfigWarningModal).to.be.true
639 describe('Updating another user', function () {
640 it('Should be able to update another user', async function () {
645 email: 'updated2@example.com',
648 role: UserRole.MODERATOR,
649 adminFlags: UserAdminFlag.NONE
652 const res = await getUserInformation(server.url, accessToken, userId)
653 const user = res.body
655 expect(user.username).to.equal('user_1')
656 expect(user.email).to.equal('updated2@example.com')
657 expect(user.emailVerified).to.be.true
658 expect(user.nsfwPolicy).to.equal('do_not_list')
659 expect(user.videoQuota).to.equal(42)
660 expect(user.roleLabel).to.equal('Moderator')
661 expect(user.id).to.be.a('number')
662 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
665 it('Should have removed the user token', async function () {
666 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
668 accessTokenUser = await userLogin(server, user)
671 it('Should be able to update another user password', async function () {
676 password: 'password updated'
679 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
681 await userLogin(server, user, 400)
683 user.password = 'password updated'
684 accessTokenUser = await userLogin(server, user)
688 describe('Video blacklists', function () {
689 it('Should be able to list video blacklist by a moderator', async function () {
690 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
694 describe('Remove a user', function () {
695 it('Should be able to remove this user', async function () {
696 await removeUser(server.url, userId, accessToken)
699 it('Should not be able to login with this user', async function () {
700 await userLogin(server, user, 400)
703 it('Should not have videos of this user', async function () {
704 const res = await getVideosList(server.url)
706 expect(res.body.total).to.equal(1)
708 const video = res.body.data[0]
709 expect(video.account.name).to.equal('root')
713 describe('Registering a new user', function () {
714 let user15AccessToken
716 it('Should register a new user', async function () {
717 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
718 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
720 await registerUserWithChannel({ url: server.url, user, channel })
723 it('Should be able to login with this registered user', async function () {
726 password: 'my super password'
729 user15AccessToken = await userLogin(server, user15)
732 it('Should have the correct display name', async function () {
733 const res = await getMyUserInformation(server.url, user15AccessToken)
734 const user: User = res.body
736 expect(user.account.displayName).to.equal('super user 15')
739 it('Should have the correct video quota', async function () {
740 const res = await getMyUserInformation(server.url, user15AccessToken)
741 const user = res.body
743 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
746 it('Should have created the channel', async function () {
747 const res = await getVideoChannel(server.url, 'my_user_15_channel')
749 expect(res.body.displayName).to.equal('my channel rocks')
752 it('Should remove me', async function () {
754 const res = await getUsersList(server.url, server.accessToken)
755 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
758 await deleteMe(server.url, user15AccessToken)
761 const res = await getUsersList(server.url, server.accessToken)
762 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
767 describe('User blocking', function () {
769 let user16AccessToken
771 it('Should block and unblock a user', async function () {
774 password: 'my super password'
776 const resUser = await createUser({
778 accessToken: server.accessToken,
779 username: user16.username,
780 password: user16.password
782 user16Id = resUser.body.user.id
784 user16AccessToken = await userLogin(server, user16)
786 await getMyUserInformation(server.url, user16AccessToken, 200)
787 await blockUser(server.url, user16Id, server.accessToken)
789 await getMyUserInformation(server.url, user16AccessToken, 401)
790 await userLogin(server, user16, 400)
792 await unblockUser(server.url, user16Id, server.accessToken)
793 user16AccessToken = await userLogin(server, user16)
794 await getMyUserInformation(server.url, user16AccessToken, 200)
798 describe('User stats', function () {
800 let user17AccessToken
802 it('Should report correct initial statistics about a user', async function () {
805 password: 'my super password'
807 const resUser = await createUser({
809 accessToken: server.accessToken,
810 username: user17.username,
811 password: user17.password
814 user17Id = resUser.body.user.id
815 user17AccessToken = await userLogin(server, user17)
817 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
818 const user: User = res.body
820 expect(user.videosCount).to.equal(0)
821 expect(user.videoCommentsCount).to.equal(0)
822 expect(user.videoAbusesCount).to.equal(0)
823 expect(user.videoAbusesCreatedCount).to.equal(0)
824 expect(user.videoAbusesAcceptedCount).to.equal(0)
827 it('Should report correct videos count', async function () {
828 const videoAttributes = {
829 name: 'video to test user stats'
831 await uploadVideo(server.url, user17AccessToken, videoAttributes)
832 const res1 = await getVideosList(server.url)
833 videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
835 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
836 const user: User = res2.body
838 expect(user.videosCount).to.equal(1)
841 it('Should report correct video comments for user', async function () {
842 const text = 'super comment'
843 await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
845 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
846 const user: User = res.body
848 expect(user.videoCommentsCount).to.equal(1)
851 it('Should report correct video abuses counts', async function () {
852 const reason = 'my super bad reason'
853 await reportVideoAbuse(server.url, user17AccessToken, videoId, reason)
855 const res1 = await getVideoAbusesList(server.url, server.accessToken)
856 const abuseId = res1.body.data[0].id
858 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
859 const user2: User = res2.body
861 expect(user2.videoAbusesCount).to.equal(1) // number of incriminations
862 expect(user2.videoAbusesCreatedCount).to.equal(1) // number of reports created
864 const body: VideoAbuseUpdate = { state: VideoAbuseState.ACCEPTED }
865 await updateVideoAbuse(server.url, server.accessToken, videoId, abuseId, body)
867 const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
868 const user3: User = res3.body
870 expect(user3.videoAbusesAcceptedCount).to.equal(1) // number of reports created accepted
874 after(async function () {
875 await cleanupTests([ server ])