server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import { expect } from 'chai'
   4 import { testImageSize } from '@server/tests/shared'
   5 import { AbuseState, HttpStatusCode, UserAdminFlag, UserRole, VideoPlaylistType } from '@shared/models'
   6 import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
   7
   8 describe('Test users', function () {
   9   let server: PeerTubeServer
  10   let token: string
  11   let userToken: string
  12   let videoId: number
  13   let userId: number
  14   const user = {
  15     username: 'user_1',
  16     password: 'super password'
  17   }
  18
  19   before(async function () {
  20     this.timeout(30000)
  21
  22     server = await createSingleServer(1, {
  23       rates_limit: {
  24         login: {
  25           max: 30
  26         }
  27       }
  28     })
  29
  30     await setAccessTokensToServers([ server ])
  31
  32     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  33   })
  34
  35   describe('Creating a user', function () {
  36
  37     it('Should be able to create a new user', async function () {
  38       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
  39     })
  40
  41     it('Should be able to login with this user', async function () {
  42       userToken = await server.login.getAccessToken(user)
  43     })
  44
  45     it('Should be able to get user information', async function () {
  46       const userMe = await server.users.getMyInfo({ token: userToken })
  47
  48       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
  49
  50       for (const user of [ userMe, userGet ]) {
  51         expect(user.username).to.equal('user_1')
  52         expect(user.email).to.equal('user_1@example.com')
  53         expect(user.nsfwPolicy).to.equal('display')
  54         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
  55         expect(user.role.label).to.equal('User')
  56         expect(user.id).to.be.a('number')
  57         expect(user.account.displayName).to.equal('user_1')
  58         expect(user.account.description).to.be.null
  59       }
  60
  61       expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
  62       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
  63
  64       expect(userMe.specialPlaylists).to.have.lengthOf(1)
  65       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
  66
  67       // Check stats are included with withStats
  68       expect(userGet.videosCount).to.be.a('number')
  69       expect(userGet.videosCount).to.equal(0)
  70       expect(userGet.videoCommentsCount).to.be.a('number')
  71       expect(userGet.videoCommentsCount).to.equal(0)
  72       expect(userGet.abusesCount).to.be.a('number')
  73       expect(userGet.abusesCount).to.equal(0)
  74       expect(userGet.abusesAcceptedCount).to.be.a('number')
  75       expect(userGet.abusesAcceptedCount).to.equal(0)
  76     })
  77   })
  78
  79   describe('Users listing', function () {
  80
  81     it('Should list all the users', async function () {
  82       const { data, total } = await server.users.list()
  83
  84       expect(total).to.equal(2)
  85       expect(data).to.be.an('array')
  86       expect(data.length).to.equal(2)
  87
  88       const user = data[0]
  89       expect(user.username).to.equal('user_1')
  90       expect(user.email).to.equal('user_1@example.com')
  91       expect(user.nsfwPolicy).to.equal('display')
  92
  93       const rootUser = data[1]
  94       expect(rootUser.username).to.equal('root')
  95       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
  96       expect(user.nsfwPolicy).to.equal('display')
  97
  98       expect(rootUser.lastLoginDate).to.exist
  99       expect(user.lastLoginDate).to.exist
 100
 101       userId = user.id
 102     })
 103
 104     it('Should list only the first user by username asc', async function () {
 105       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 106
 107       expect(total).to.equal(2)
 108       expect(data.length).to.equal(1)
 109
 110       const user = data[0]
 111       expect(user.username).to.equal('root')
 112       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 113       expect(user.role.label).to.equal('Administrator')
 114       expect(user.nsfwPolicy).to.equal('display')
 115     })
 116
 117     it('Should list only the first user by username desc', async function () {
 118       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 119
 120       expect(total).to.equal(2)
 121       expect(data.length).to.equal(1)
 122
 123       const user = data[0]
 124       expect(user.username).to.equal('user_1')
 125       expect(user.email).to.equal('user_1@example.com')
 126       expect(user.nsfwPolicy).to.equal('display')
 127     })
 128
 129     it('Should list only the second user by createdAt desc', async function () {
 130       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 131       expect(total).to.equal(2)
 132
 133       expect(data.length).to.equal(1)
 134
 135       const user = data[0]
 136       expect(user.username).to.equal('user_1')
 137       expect(user.email).to.equal('user_1@example.com')
 138       expect(user.nsfwPolicy).to.equal('display')
 139     })
 140
 141     it('Should list all the users by createdAt asc', async function () {
 142       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 143
 144       expect(total).to.equal(2)
 145       expect(data.length).to.equal(2)
 146
 147       expect(data[0].username).to.equal('root')
 148       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 149       expect(data[0].nsfwPolicy).to.equal('display')
 150
 151       expect(data[1].username).to.equal('user_1')
 152       expect(data[1].email).to.equal('user_1@example.com')
 153       expect(data[1].nsfwPolicy).to.equal('display')
 154     })
 155
 156     it('Should search user by username', async function () {
 157       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 158       expect(total).to.equal(1)
 159       expect(data.length).to.equal(1)
 160       expect(data[0].username).to.equal('root')
 161     })
 162
 163     it('Should search user by email', async function () {
 164       {
 165         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 166         expect(total).to.equal(1)
 167         expect(data.length).to.equal(1)
 168         expect(data[0].username).to.equal('user_1')
 169         expect(data[0].email).to.equal('user_1@example.com')
 170       }
 171
 172       {
 173         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 174         expect(total).to.equal(2)
 175         expect(data.length).to.equal(2)
 176         expect(data[0].username).to.equal('root')
 177         expect(data[1].username).to.equal('user_1')
 178       }
 179     })
 180   })
 181
 182   describe('Update my account', function () {
 183
 184     it('Should update my password', async function () {
 185       await server.users.updateMe({
 186         token: userToken,
 187         currentPassword: 'super password',
 188         password: 'new password'
 189       })
 190       user.password = 'new password'
 191
 192       await server.login.login({ user })
 193     })
 194
 195     it('Should be able to change the NSFW display attribute', async function () {
 196       await server.users.updateMe({
 197         token: userToken,
 198         nsfwPolicy: 'do_not_list'
 199       })
 200
 201       const user = await server.users.getMyInfo({ token: userToken })
 202       expect(user.username).to.equal('user_1')
 203       expect(user.email).to.equal('user_1@example.com')
 204       expect(user.nsfwPolicy).to.equal('do_not_list')
 205       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 206       expect(user.id).to.be.a('number')
 207       expect(user.account.displayName).to.equal('user_1')
 208       expect(user.account.description).to.be.null
 209     })
 210
 211     it('Should be able to change the autoPlayVideo attribute', async function () {
 212       await server.users.updateMe({
 213         token: userToken,
 214         autoPlayVideo: false
 215       })
 216
 217       const user = await server.users.getMyInfo({ token: userToken })
 218       expect(user.autoPlayVideo).to.be.false
 219     })
 220
 221     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 222       await server.users.updateMe({
 223         token: userToken,
 224         autoPlayNextVideo: true
 225       })
 226
 227       const user = await server.users.getMyInfo({ token: userToken })
 228       expect(user.autoPlayNextVideo).to.be.true
 229     })
 230
 231     it('Should be able to change the p2p attribute', async function () {
 232       {
 233         await server.users.updateMe({
 234           token: userToken,
 235           webTorrentEnabled: false
 236         })
 237
 238         const user = await server.users.getMyInfo({ token: userToken })
 239         expect(user.p2pEnabled).to.be.false
 240       }
 241
 242       {
 243         await server.users.updateMe({
 244           token: userToken,
 245           p2pEnabled: true
 246         })
 247
 248         const user = await server.users.getMyInfo({ token: userToken })
 249         expect(user.p2pEnabled).to.be.true
 250       }
 251     })
 252
 253     it('Should be able to change the email attribute', async function () {
 254       await server.users.updateMe({
 255         token: userToken,
 256         currentPassword: 'new password',
 257         email: 'updated@example.com'
 258       })
 259
 260       const user = await server.users.getMyInfo({ token: userToken })
 261       expect(user.username).to.equal('user_1')
 262       expect(user.email).to.equal('updated@example.com')
 263       expect(user.nsfwPolicy).to.equal('do_not_list')
 264       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 265       expect(user.id).to.be.a('number')
 266       expect(user.account.displayName).to.equal('user_1')
 267       expect(user.account.description).to.be.null
 268     })
 269
 270     it('Should be able to update my avatar with a gif', async function () {
 271       const fixture = 'avatar.gif'
 272
 273       await server.users.updateMyAvatar({ token: userToken, fixture })
 274
 275       const user = await server.users.getMyInfo({ token: userToken })
 276       for (const avatar of user.account.avatars) {
 277         await testImageSize(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, '.gif')
 278       }
 279     })
 280
 281     it('Should be able to update my avatar with a gif, and then a png', async function () {
 282       for (const extension of [ '.png', '.gif' ]) {
 283         const fixture = 'avatar' + extension
 284
 285         await server.users.updateMyAvatar({ token: userToken, fixture })
 286
 287         const user = await server.users.getMyInfo({ token: userToken })
 288         for (const avatar of user.account.avatars) {
 289           await testImageSize(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, extension)
 290         }
 291       }
 292     })
 293
 294     it('Should be able to update my display name', async function () {
 295       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 296
 297       const user = await server.users.getMyInfo({ token: userToken })
 298       expect(user.username).to.equal('user_1')
 299       expect(user.email).to.equal('updated@example.com')
 300       expect(user.nsfwPolicy).to.equal('do_not_list')
 301       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 302       expect(user.id).to.be.a('number')
 303       expect(user.account.displayName).to.equal('new display name')
 304       expect(user.account.description).to.be.null
 305     })
 306
 307     it('Should be able to update my description', async function () {
 308       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 309
 310       const user = await server.users.getMyInfo({ token: userToken })
 311       expect(user.username).to.equal('user_1')
 312       expect(user.email).to.equal('updated@example.com')
 313       expect(user.nsfwPolicy).to.equal('do_not_list')
 314       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 315       expect(user.id).to.be.a('number')
 316       expect(user.account.displayName).to.equal('new display name')
 317       expect(user.account.description).to.equal('my super description updated')
 318       expect(user.noWelcomeModal).to.be.false
 319       expect(user.noInstanceConfigWarningModal).to.be.false
 320       expect(user.noAccountSetupWarningModal).to.be.false
 321     })
 322
 323     it('Should be able to update my theme', async function () {
 324       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 325         await server.users.updateMe({ token: userToken, theme })
 326
 327         const user = await server.users.getMyInfo({ token: userToken })
 328         expect(user.theme).to.equal(theme)
 329       }
 330     })
 331
 332     it('Should be able to update my modal preferences', async function () {
 333       await server.users.updateMe({
 334         token: userToken,
 335         noInstanceConfigWarningModal: true,
 336         noWelcomeModal: true,
 337         noAccountSetupWarningModal: true
 338       })
 339
 340       const user = await server.users.getMyInfo({ token: userToken })
 341       expect(user.noWelcomeModal).to.be.true
 342       expect(user.noInstanceConfigWarningModal).to.be.true
 343       expect(user.noAccountSetupWarningModal).to.be.true
 344     })
 345   })
 346
 347   describe('Updating another user', function () {
 348
 349     it('Should be able to update another user', async function () {
 350       await server.users.update({
 351         userId,
 352         token,
 353         email: 'updated2@example.com',
 354         emailVerified: true,
 355         videoQuota: 42,
 356         role: UserRole.MODERATOR,
 357         adminFlags: UserAdminFlag.NONE,
 358         pluginAuth: 'toto'
 359       })
 360
 361       const user = await server.users.get({ token, userId })
 362
 363       expect(user.username).to.equal('user_1')
 364       expect(user.email).to.equal('updated2@example.com')
 365       expect(user.emailVerified).to.be.true
 366       expect(user.nsfwPolicy).to.equal('do_not_list')
 367       expect(user.videoQuota).to.equal(42)
 368       expect(user.role.label).to.equal('Moderator')
 369       expect(user.id).to.be.a('number')
 370       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 371       expect(user.pluginAuth).to.equal('toto')
 372     })
 373
 374     it('Should reset the auth plugin', async function () {
 375       await server.users.update({ userId, token, pluginAuth: null })
 376
 377       const user = await server.users.get({ token, userId })
 378       expect(user.pluginAuth).to.be.null
 379     })
 380
 381     it('Should have removed the user token', async function () {
 382       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 383
 384       userToken = await server.login.getAccessToken(user)
 385     })
 386
 387     it('Should be able to update another user password', async function () {
 388       await server.users.update({ userId, token, password: 'password updated' })
 389
 390       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 391
 392       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 393
 394       user.password = 'password updated'
 395       userToken = await server.login.getAccessToken(user)
 396     })
 397   })
 398
 399   describe('Remove a user', function () {
 400
 401     before(async function () {
 402       await server.users.update({
 403         userId,
 404         token,
 405         videoQuota: 2 * 1024 * 1024
 406       })
 407
 408       await server.videos.quickUpload({ name: 'user video', token: userToken, fixture: 'video_short.webm' })
 409       await server.videos.quickUpload({ name: 'root video' })
 410
 411       const { total } = await server.videos.list()
 412       expect(total).to.equal(2)
 413     })
 414
 415     it('Should be able to remove this user', async function () {
 416       await server.users.remove({ userId, token })
 417     })
 418
 419     it('Should not be able to login with this user', async function () {
 420       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 421     })
 422
 423     it('Should not have videos of this user', async function () {
 424       const { data, total } = await server.videos.list()
 425       expect(total).to.equal(1)
 426
 427       const video = data[0]
 428       expect(video.account.name).to.equal('root')
 429     })
 430   })
 431
 432   describe('User blocking', function () {
 433     let user16Id: number
 434     let user16AccessToken: string
 435
 436     const user16 = {
 437       username: 'user_16',
 438       password: 'my super password'
 439     }
 440
 441     it('Should block a user', async function () {
 442       const user = await server.users.create({ ...user16 })
 443       user16Id = user.id
 444
 445       user16AccessToken = await server.login.getAccessToken(user16)
 446
 447       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 448       await server.users.banUser({ userId: user16Id })
 449
 450       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 451       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 452     })
 453
 454     it('Should search user by banned status', async function () {
 455       {
 456         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 457         expect(total).to.equal(1)
 458         expect(data.length).to.equal(1)
 459
 460         expect(data[0].username).to.equal(user16.username)
 461       }
 462
 463       {
 464         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 465         expect(total).to.equal(1)
 466         expect(data.length).to.equal(1)
 467
 468         expect(data[0].username).to.not.equal(user16.username)
 469       }
 470     })
 471
 472     it('Should unblock a user', async function () {
 473       await server.users.unbanUser({ userId: user16Id })
 474       user16AccessToken = await server.login.getAccessToken(user16)
 475       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 476     })
 477   })
 478
 479   describe('User stats', function () {
 480     let user17Id: number
 481     let user17AccessToken: string
 482
 483     it('Should report correct initial statistics about a user', async function () {
 484       const user17 = {
 485         username: 'user_17',
 486         password: 'my super password'
 487       }
 488       const created = await server.users.create({ ...user17 })
 489
 490       user17Id = created.id
 491       user17AccessToken = await server.login.getAccessToken(user17)
 492
 493       const user = await server.users.get({ userId: user17Id, withStats: true })
 494       expect(user.videosCount).to.equal(0)
 495       expect(user.videoCommentsCount).to.equal(0)
 496       expect(user.abusesCount).to.equal(0)
 497       expect(user.abusesCreatedCount).to.equal(0)
 498       expect(user.abusesAcceptedCount).to.equal(0)
 499     })
 500
 501     it('Should report correct videos count', async function () {
 502       const attributes = { name: 'video to test user stats' }
 503       await server.videos.upload({ token: user17AccessToken, attributes })
 504
 505       const { data } = await server.videos.list()
 506       videoId = data.find(video => video.name === attributes.name).id
 507
 508       const user = await server.users.get({ userId: user17Id, withStats: true })
 509       expect(user.videosCount).to.equal(1)
 510     })
 511
 512     it('Should report correct video comments for user', async function () {
 513       const text = 'super comment'
 514       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 515
 516       const user = await server.users.get({ userId: user17Id, withStats: true })
 517       expect(user.videoCommentsCount).to.equal(1)
 518     })
 519
 520     it('Should report correct abuses counts', async function () {
 521       const reason = 'my super bad reason'
 522       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 523
 524       const body1 = await server.abuses.getAdminList()
 525       const abuseId = body1.data[0].id
 526
 527       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 528       expect(user2.abusesCount).to.equal(1) // number of incriminations
 529       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 530
 531       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 532
 533       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 534       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 535     })
 536   })
 537
 538   after(async function () {
 539     await cleanupTests([ server ])
 540   })
 541 })