server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import {
   6   cleanupTests,
   7   createSingleServer,
   8   killallServers,
   9   makePutBodyRequest,
  10   PeerTubeServer,
  11   setAccessTokensToServers,
  12   testImage,
  13   waitJobs
  14 } from '@shared/extra-utils'
  15 import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
  16
  17 const expect = chai.expect
  18
  19 describe('Test users', function () {
  20   let server: PeerTubeServer
  21   let token: string
  22   let userToken: string
  23   let videoId: number
  24   let userId: number
  25   const user = {
  26     username: 'user_1',
  27     password: 'super password'
  28   }
  29
  30   before(async function () {
  31     this.timeout(30000)
  32
  33     server = await createSingleServer(1, {
  34       rates_limit: {
  35         login: {
  36           max: 30
  37         }
  38       }
  39     })
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  44   })
  45
  46   describe('OAuth client', function () {
  47     it('Should create a new client')
  48
  49     it('Should return the first client')
  50
  51     it('Should remove the last client')
  52
  53     it('Should not login with an invalid client id', async function () {
  54       const client = { id: 'client', secret: server.store.client.secret }
  55       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  56
  57       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  58       expect(body.error).to.contain('client is invalid')
  59       expect(body.type.startsWith('https://')).to.be.true
  60       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  61     })
  62
  63     it('Should not login with an invalid client secret', async function () {
  64       const client = { id: server.store.client.id, secret: 'coucou' }
  65       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  66
  67       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  68       expect(body.error).to.contain('client is invalid')
  69       expect(body.type.startsWith('https://')).to.be.true
  70       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  71     })
  72   })
  73
  74   describe('Login', function () {
  75
  76     it('Should not login with an invalid username', async function () {
  77       const user = { username: 'captain crochet', password: server.store.user.password }
  78       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  79
  80       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  81       expect(body.error).to.contain('credentials are invalid')
  82       expect(body.type.startsWith('https://')).to.be.true
  83       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  84     })
  85
  86     it('Should not login with an invalid password', async function () {
  87       const user = { username: server.store.user.username, password: 'mew_three' }
  88       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  89
  90       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  91       expect(body.error).to.contain('credentials are invalid')
  92       expect(body.type.startsWith('https://')).to.be.true
  93       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  94     })
  95
  96     it('Should not be able to upload a video', async function () {
  97       token = 'my_super_token'
  98
  99       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 100     })
 101
 102     it('Should not be able to follow', async function () {
 103       token = 'my_super_token'
 104
 105       await server.follows.follow({
 106         hosts: [ 'http://example.com' ],
 107         token,
 108         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 109       })
 110     })
 111
 112     it('Should not be able to unfollow')
 113
 114     it('Should be able to login', async function () {
 115       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 116
 117       token = body.access_token
 118     })
 119
 120     it('Should be able to login with an insensitive username', async function () {
 121       const user = { username: 'RoOt', password: server.store.user.password }
 122       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 123
 124       const user2 = { username: 'rOoT', password: server.store.user.password }
 125       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 126
 127       const user3 = { username: 'ROOt', password: server.store.user.password }
 128       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 129     })
 130   })
 131
 132   describe('Upload', function () {
 133
 134     it('Should upload the video with the correct token', async function () {
 135       await server.videos.upload({ token })
 136       const { data } = await server.videos.list()
 137       const video = data[0]
 138
 139       expect(video.account.name).to.equal('root')
 140       videoId = video.id
 141     })
 142
 143     it('Should upload the video again with the correct token', async function () {
 144       await server.videos.upload({ token })
 145     })
 146   })
 147
 148   describe('Ratings', function () {
 149
 150     it('Should retrieve a video rating', async function () {
 151       await server.videos.rate({ id: videoId, rating: 'like' })
 152       const rating = await server.users.getMyRating({ token, videoId })
 153
 154       expect(rating.videoId).to.equal(videoId)
 155       expect(rating.rating).to.equal('like')
 156     })
 157
 158     it('Should retrieve ratings list', async function () {
 159       await server.videos.rate({ id: videoId, rating: 'like' })
 160
 161       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 162
 163       expect(body.total).to.equal(1)
 164       expect(body.data[0].video.id).to.equal(videoId)
 165       expect(body.data[0].rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list by rating type', async function () {
 169       {
 170         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 171         expect(body.data.length).to.equal(1)
 172       }
 173
 174       {
 175         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 176         expect(body.data.length).to.equal(0)
 177       }
 178     })
 179   })
 180
 181   describe('Remove video', function () {
 182     it('Should not be able to remove the video with an incorrect token', async function () {
 183       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184     })
 185
 186     it('Should not be able to remove the video with the token of another account')
 187
 188     it('Should be able to remove the video with the correct token', async function () {
 189       await server.videos.remove({ token, id: videoId })
 190     })
 191   })
 192
 193   describe('Logout', function () {
 194     it('Should logout (revoke token)', async function () {
 195       await server.login.logout({ token: server.accessToken })
 196     })
 197
 198     it('Should not be able to get the user information', async function () {
 199       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 200     })
 201
 202     it('Should not be able to upload a video', async function () {
 203       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should not be able to rate a video', async function () {
 207       const path = '/api/v1/videos/'
 208       const data = {
 209         rating: 'likes'
 210       }
 211
 212       const options = {
 213         url: server.url,
 214         path: path + videoId,
 215         token: 'wrong token',
 216         fields: data,
 217         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 218       }
 219       await makePutBodyRequest(options)
 220     })
 221
 222     it('Should be able to login again', async function () {
 223       const body = await server.login.login()
 224       server.accessToken = body.access_token
 225       server.refreshToken = body.refresh_token
 226     })
 227
 228     it('Should be able to get my user information again', async function () {
 229       await server.users.getMyInfo()
 230     })
 231
 232     it('Should have an expired access token', async function () {
 233       this.timeout(15000)
 234
 235       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 236       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 237
 238       await killallServers([ server ])
 239       await server.run()
 240
 241       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 242     })
 243
 244     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 245       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 246     })
 247
 248     it('Should refresh the token', async function () {
 249       this.timeout(15000)
 250
 251       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 252       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 253
 254       await killallServers([ server ])
 255       await server.run()
 256
 257       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await server.users.getMyInfo()
 264     })
 265   })
 266
 267   describe('Creating a user', function () {
 268
 269     it('Should be able to create a new user', async function () {
 270       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 271     })
 272
 273     it('Should be able to login with this user', async function () {
 274       userToken = await server.login.getAccessToken(user)
 275     })
 276
 277     it('Should be able to get user information', async function () {
 278       const userMe = await server.users.getMyInfo({ token: userToken })
 279
 280       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 281
 282       for (const user of [ userMe, userGet ]) {
 283         expect(user.username).to.equal('user_1')
 284         expect(user.email).to.equal('user_1@example.com')
 285         expect(user.nsfwPolicy).to.equal('display')
 286         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 287         expect(user.roleLabel).to.equal('User')
 288         expect(user.id).to.be.a('number')
 289         expect(user.account.displayName).to.equal('user_1')
 290         expect(user.account.description).to.be.null
 291       }
 292
 293       expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 294       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 295
 296       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 297       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 298
 299       // Check stats are included with withStats
 300       expect(userGet.videosCount).to.be.a('number')
 301       expect(userGet.videosCount).to.equal(0)
 302       expect(userGet.videoCommentsCount).to.be.a('number')
 303       expect(userGet.videoCommentsCount).to.equal(0)
 304       expect(userGet.abusesCount).to.be.a('number')
 305       expect(userGet.abusesCount).to.equal(0)
 306       expect(userGet.abusesAcceptedCount).to.be.a('number')
 307       expect(userGet.abusesAcceptedCount).to.equal(0)
 308     })
 309   })
 310
 311   describe('My videos & quotas', function () {
 312
 313     it('Should be able to upload a video with this user', async function () {
 314       this.timeout(10000)
 315
 316       const attributes = {
 317         name: 'super user video',
 318         fixture: 'video_short.webm'
 319       }
 320       await server.videos.upload({ token: userToken, attributes })
 321     })
 322
 323     it('Should have video quota updated', async function () {
 324       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 325       expect(quota.videoQuotaUsed).to.equal(218910)
 326
 327       const { data } = await server.users.list()
 328       const tmpUser = data.find(u => u.username === user.username)
 329       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 330     })
 331
 332     it('Should be able to list my videos', async function () {
 333       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 334       expect(total).to.equal(1)
 335       expect(data).to.have.lengthOf(1)
 336
 337       const video: Video = data[0]
 338       expect(video.name).to.equal('super user video')
 339       expect(video.thumbnailPath).to.not.be.null
 340       expect(video.previewPath).to.not.be.null
 341     })
 342
 343     it('Should be able to search in my videos', async function () {
 344       {
 345         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 346         expect(total).to.equal(1)
 347         expect(data).to.have.lengthOf(1)
 348       }
 349
 350       {
 351         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 352         expect(total).to.equal(0)
 353         expect(data).to.have.lengthOf(0)
 354       }
 355     })
 356
 357     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 358       this.timeout(60000)
 359
 360       {
 361         const config = await server.config.getCustomConfig()
 362         config.transcoding.webtorrent.enabled = false
 363         config.transcoding.hls.enabled = true
 364         config.transcoding.enabled = true
 365         await server.config.updateCustomSubConfig({ newConfig: config })
 366       }
 367
 368       {
 369         const attributes = {
 370           name: 'super user video 2',
 371           fixture: 'video_short.webm'
 372         }
 373         await server.videos.upload({ token: userToken, attributes })
 374
 375         await waitJobs([ server ])
 376       }
 377
 378       {
 379         const data = await server.users.getMyQuotaUsed({ token: userToken })
 380         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 381       }
 382     })
 383   })
 384
 385   describe('Users listing', function () {
 386
 387     it('Should list all the users', async function () {
 388       const { data, total } = await server.users.list()
 389
 390       expect(total).to.equal(2)
 391       expect(data).to.be.an('array')
 392       expect(data.length).to.equal(2)
 393
 394       const user = data[0]
 395       expect(user.username).to.equal('user_1')
 396       expect(user.email).to.equal('user_1@example.com')
 397       expect(user.nsfwPolicy).to.equal('display')
 398
 399       const rootUser = data[1]
 400       expect(rootUser.username).to.equal('root')
 401       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 402       expect(user.nsfwPolicy).to.equal('display')
 403
 404       expect(rootUser.lastLoginDate).to.exist
 405       expect(user.lastLoginDate).to.exist
 406
 407       userId = user.id
 408     })
 409
 410     it('Should list only the first user by username asc', async function () {
 411       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 412
 413       expect(total).to.equal(2)
 414       expect(data.length).to.equal(1)
 415
 416       const user = data[0]
 417       expect(user.username).to.equal('root')
 418       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 419       expect(user.roleLabel).to.equal('Administrator')
 420       expect(user.nsfwPolicy).to.equal('display')
 421     })
 422
 423     it('Should list only the first user by username desc', async function () {
 424       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 425
 426       expect(total).to.equal(2)
 427       expect(data.length).to.equal(1)
 428
 429       const user = data[0]
 430       expect(user.username).to.equal('user_1')
 431       expect(user.email).to.equal('user_1@example.com')
 432       expect(user.nsfwPolicy).to.equal('display')
 433     })
 434
 435     it('Should list only the second user by createdAt desc', async function () {
 436       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 437       expect(total).to.equal(2)
 438
 439       expect(data.length).to.equal(1)
 440
 441       const user = data[0]
 442       expect(user.username).to.equal('user_1')
 443       expect(user.email).to.equal('user_1@example.com')
 444       expect(user.nsfwPolicy).to.equal('display')
 445     })
 446
 447     it('Should list all the users by createdAt asc', async function () {
 448       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 449
 450       expect(total).to.equal(2)
 451       expect(data.length).to.equal(2)
 452
 453       expect(data[0].username).to.equal('root')
 454       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 455       expect(data[0].nsfwPolicy).to.equal('display')
 456
 457       expect(data[1].username).to.equal('user_1')
 458       expect(data[1].email).to.equal('user_1@example.com')
 459       expect(data[1].nsfwPolicy).to.equal('display')
 460     })
 461
 462     it('Should search user by username', async function () {
 463       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 464       expect(total).to.equal(1)
 465       expect(data.length).to.equal(1)
 466       expect(data[0].username).to.equal('root')
 467     })
 468
 469     it('Should search user by email', async function () {
 470       {
 471         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 472         expect(total).to.equal(1)
 473         expect(data.length).to.equal(1)
 474         expect(data[0].username).to.equal('user_1')
 475         expect(data[0].email).to.equal('user_1@example.com')
 476       }
 477
 478       {
 479         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 480         expect(total).to.equal(2)
 481         expect(data.length).to.equal(2)
 482         expect(data[0].username).to.equal('root')
 483         expect(data[1].username).to.equal('user_1')
 484       }
 485     })
 486   })
 487
 488   describe('Update my account', function () {
 489
 490     it('Should update my password', async function () {
 491       await server.users.updateMe({
 492         token: userToken,
 493         currentPassword: 'super password',
 494         password: 'new password'
 495       })
 496       user.password = 'new password'
 497
 498       await server.login.login({ user })
 499     })
 500
 501     it('Should be able to change the NSFW display attribute', async function () {
 502       await server.users.updateMe({
 503         token: userToken,
 504         nsfwPolicy: 'do_not_list'
 505       })
 506
 507       const user = await server.users.getMyInfo({ token: userToken })
 508       expect(user.username).to.equal('user_1')
 509       expect(user.email).to.equal('user_1@example.com')
 510       expect(user.nsfwPolicy).to.equal('do_not_list')
 511       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 512       expect(user.id).to.be.a('number')
 513       expect(user.account.displayName).to.equal('user_1')
 514       expect(user.account.description).to.be.null
 515     })
 516
 517     it('Should be able to change the autoPlayVideo attribute', async function () {
 518       await server.users.updateMe({
 519         token: userToken,
 520         autoPlayVideo: false
 521       })
 522
 523       const user = await server.users.getMyInfo({ token: userToken })
 524       expect(user.autoPlayVideo).to.be.false
 525     })
 526
 527     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 528       await server.users.updateMe({
 529         token: userToken,
 530         autoPlayNextVideo: true
 531       })
 532
 533       const user = await server.users.getMyInfo({ token: userToken })
 534       expect(user.autoPlayNextVideo).to.be.true
 535     })
 536
 537     it('Should be able to change the email attribute', async function () {
 538       await server.users.updateMe({
 539         token: userToken,
 540         currentPassword: 'new password',
 541         email: 'updated@example.com'
 542       })
 543
 544       const user = await server.users.getMyInfo({ token: userToken })
 545       expect(user.username).to.equal('user_1')
 546       expect(user.email).to.equal('updated@example.com')
 547       expect(user.nsfwPolicy).to.equal('do_not_list')
 548       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 549       expect(user.id).to.be.a('number')
 550       expect(user.account.displayName).to.equal('user_1')
 551       expect(user.account.description).to.be.null
 552     })
 553
 554     it('Should be able to update my avatar with a gif', async function () {
 555       const fixture = 'avatar.gif'
 556
 557       await server.users.updateMyAvatar({ token: userToken, fixture })
 558
 559       const user = await server.users.getMyInfo({ token: userToken })
 560       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 561     })
 562
 563     it('Should be able to update my avatar with a gif, and then a png', async function () {
 564       for (const extension of [ '.png', '.gif' ]) {
 565         const fixture = 'avatar' + extension
 566
 567         await server.users.updateMyAvatar({ token: userToken, fixture })
 568
 569         const user = await server.users.getMyInfo({ token: userToken })
 570         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 571       }
 572     })
 573
 574     it('Should be able to update my display name', async function () {
 575       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 576
 577       const user = await server.users.getMyInfo({ token: userToken })
 578       expect(user.username).to.equal('user_1')
 579       expect(user.email).to.equal('updated@example.com')
 580       expect(user.nsfwPolicy).to.equal('do_not_list')
 581       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 582       expect(user.id).to.be.a('number')
 583       expect(user.account.displayName).to.equal('new display name')
 584       expect(user.account.description).to.be.null
 585     })
 586
 587     it('Should be able to update my description', async function () {
 588       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 589
 590       const user = await server.users.getMyInfo({ token: userToken })
 591       expect(user.username).to.equal('user_1')
 592       expect(user.email).to.equal('updated@example.com')
 593       expect(user.nsfwPolicy).to.equal('do_not_list')
 594       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 595       expect(user.id).to.be.a('number')
 596       expect(user.account.displayName).to.equal('new display name')
 597       expect(user.account.description).to.equal('my super description updated')
 598       expect(user.noWelcomeModal).to.be.false
 599       expect(user.noInstanceConfigWarningModal).to.be.false
 600       expect(user.noAccountSetupWarningModal).to.be.false
 601     })
 602
 603     it('Should be able to update my theme', async function () {
 604       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 605         await server.users.updateMe({ token: userToken, theme })
 606
 607         const user = await server.users.getMyInfo({ token: userToken })
 608         expect(user.theme).to.equal(theme)
 609       }
 610     })
 611
 612     it('Should be able to update my modal preferences', async function () {
 613       await server.users.updateMe({
 614         token: userToken,
 615         noInstanceConfigWarningModal: true,
 616         noWelcomeModal: true,
 617         noAccountSetupWarningModal: true
 618       })
 619
 620       const user = await server.users.getMyInfo({ token: userToken })
 621       expect(user.noWelcomeModal).to.be.true
 622       expect(user.noInstanceConfigWarningModal).to.be.true
 623       expect(user.noAccountSetupWarningModal).to.be.true
 624     })
 625   })
 626
 627   describe('Updating another user', function () {
 628     it('Should be able to update another user', async function () {
 629       await server.users.update({
 630         userId,
 631         token,
 632         email: 'updated2@example.com',
 633         emailVerified: true,
 634         videoQuota: 42,
 635         role: UserRole.MODERATOR,
 636         adminFlags: UserAdminFlag.NONE,
 637         pluginAuth: 'toto'
 638       })
 639
 640       const user = await server.users.get({ token, userId })
 641
 642       expect(user.username).to.equal('user_1')
 643       expect(user.email).to.equal('updated2@example.com')
 644       expect(user.emailVerified).to.be.true
 645       expect(user.nsfwPolicy).to.equal('do_not_list')
 646       expect(user.videoQuota).to.equal(42)
 647       expect(user.roleLabel).to.equal('Moderator')
 648       expect(user.id).to.be.a('number')
 649       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 650       expect(user.pluginAuth).to.equal('toto')
 651     })
 652
 653     it('Should reset the auth plugin', async function () {
 654       await server.users.update({ userId, token, pluginAuth: null })
 655
 656       const user = await server.users.get({ token, userId })
 657       expect(user.pluginAuth).to.be.null
 658     })
 659
 660     it('Should have removed the user token', async function () {
 661       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 662
 663       userToken = await server.login.getAccessToken(user)
 664     })
 665
 666     it('Should be able to update another user password', async function () {
 667       await server.users.update({ userId, token, password: 'password updated' })
 668
 669       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 670
 671       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 672
 673       user.password = 'password updated'
 674       userToken = await server.login.getAccessToken(user)
 675     })
 676   })
 677
 678   describe('Video blacklists', function () {
 679     it('Should be able to list video blacklist by a moderator', async function () {
 680       await server.blacklist.list({ token: userToken })
 681     })
 682   })
 683
 684   describe('Remove a user', function () {
 685     it('Should be able to remove this user', async function () {
 686       await server.users.remove({ userId, token })
 687     })
 688
 689     it('Should not be able to login with this user', async function () {
 690       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 691     })
 692
 693     it('Should not have videos of this user', async function () {
 694       const { data, total } = await server.videos.list()
 695       expect(total).to.equal(1)
 696
 697       const video = data[0]
 698       expect(video.account.name).to.equal('root')
 699     })
 700   })
 701
 702   describe('Registering a new user', function () {
 703     let user15AccessToken
 704
 705     it('Should register a new user', async function () {
 706       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 707       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 708
 709       await server.users.register({ ...user, channel })
 710     })
 711
 712     it('Should be able to login with this registered user', async function () {
 713       const user15 = {
 714         username: 'user_15',
 715         password: 'my super password'
 716       }
 717
 718       user15AccessToken = await server.login.getAccessToken(user15)
 719     })
 720
 721     it('Should have the correct display name', async function () {
 722       const user = await server.users.getMyInfo({ token: user15AccessToken })
 723       expect(user.account.displayName).to.equal('super user 15')
 724     })
 725
 726     it('Should have the correct video quota', async function () {
 727       const user = await server.users.getMyInfo({ token: user15AccessToken })
 728       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 729     })
 730
 731     it('Should have created the channel', async function () {
 732       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 733
 734       expect(displayName).to.equal('my channel rocks')
 735     })
 736
 737     it('Should remove me', async function () {
 738       {
 739         const { data } = await server.users.list()
 740         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 741       }
 742
 743       await server.users.deleteMe({ token: user15AccessToken })
 744
 745       {
 746         const { data } = await server.users.list()
 747         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 748       }
 749     })
 750   })
 751
 752   describe('User blocking', function () {
 753     let user16Id
 754     let user16AccessToken
 755     const user16 = {
 756       username: 'user_16',
 757       password: 'my super password'
 758     }
 759
 760     it('Should block a user', async function () {
 761       const user = await server.users.create({ ...user16 })
 762       user16Id = user.id
 763
 764       user16AccessToken = await server.login.getAccessToken(user16)
 765
 766       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 767       await server.users.banUser({ userId: user16Id })
 768
 769       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 770       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 771     })
 772
 773     it('Should search user by banned status', async function () {
 774       {
 775         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 776         expect(total).to.equal(1)
 777         expect(data.length).to.equal(1)
 778
 779         expect(data[0].username).to.equal(user16.username)
 780       }
 781
 782       {
 783         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 784         expect(total).to.equal(1)
 785         expect(data.length).to.equal(1)
 786
 787         expect(data[0].username).to.not.equal(user16.username)
 788       }
 789     })
 790
 791     it('Should unblock a user', async function () {
 792       await server.users.unbanUser({ userId: user16Id })
 793       user16AccessToken = await server.login.getAccessToken(user16)
 794       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 795     })
 796   })
 797
 798   describe('User stats', function () {
 799     let user17Id
 800     let user17AccessToken
 801
 802     it('Should report correct initial statistics about a user', async function () {
 803       const user17 = {
 804         username: 'user_17',
 805         password: 'my super password'
 806       }
 807       const created = await server.users.create({ ...user17 })
 808
 809       user17Id = created.id
 810       user17AccessToken = await server.login.getAccessToken(user17)
 811
 812       const user = await server.users.get({ userId: user17Id, withStats: true })
 813       expect(user.videosCount).to.equal(0)
 814       expect(user.videoCommentsCount).to.equal(0)
 815       expect(user.abusesCount).to.equal(0)
 816       expect(user.abusesCreatedCount).to.equal(0)
 817       expect(user.abusesAcceptedCount).to.equal(0)
 818     })
 819
 820     it('Should report correct videos count', async function () {
 821       const attributes = { name: 'video to test user stats' }
 822       await server.videos.upload({ token: user17AccessToken, attributes })
 823
 824       const { data } = await server.videos.list()
 825       videoId = data.find(video => video.name === attributes.name).id
 826
 827       const user = await server.users.get({ userId: user17Id, withStats: true })
 828       expect(user.videosCount).to.equal(1)
 829     })
 830
 831     it('Should report correct video comments for user', async function () {
 832       const text = 'super comment'
 833       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 834
 835       const user = await server.users.get({ userId: user17Id, withStats: true })
 836       expect(user.videoCommentsCount).to.equal(1)
 837     })
 838
 839     it('Should report correct abuses counts', async function () {
 840       const reason = 'my super bad reason'
 841       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 842
 843       const body1 = await server.abuses.getAdminList()
 844       const abuseId = body1.data[0].id
 845
 846       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 847       expect(user2.abusesCount).to.equal(1) // number of incriminations
 848       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 849
 850       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 851
 852       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 853       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 854     })
 855   })
 856
 857   after(async function () {
 858     await cleanupTests([ server ])
 859   })
 860 })