server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { testImage } from '@server/tests/shared'
   6 import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
   7 import {
   8   cleanupTests,
   9   createSingleServer,
  10   killallServers,
  11   makePutBodyRequest,
  12   PeerTubeServer,
  13   setAccessTokensToServers,
  14   waitJobs
  15 } from '@shared/server-commands'
  16
  17 const expect = chai.expect
  18
  19 describe('Test users', function () {
  20   let server: PeerTubeServer
  21   let token: string
  22   let userToken: string
  23   let videoId: number
  24   let userId: number
  25   const user = {
  26     username: 'user_1',
  27     password: 'super password'
  28   }
  29
  30   before(async function () {
  31     this.timeout(30000)
  32
  33     server = await createSingleServer(1, {
  34       rates_limit: {
  35         login: {
  36           max: 30
  37         }
  38       }
  39     })
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     await server.plugins.install({ npmName: 'peertube-theme-background-red' })
  44   })
  45
  46   describe('OAuth client', function () {
  47     it('Should create a new client')
  48
  49     it('Should return the first client')
  50
  51     it('Should remove the last client')
  52
  53     it('Should not login with an invalid client id', async function () {
  54       const client = { id: 'client', secret: server.store.client.secret }
  55       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  56
  57       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  58       expect(body.error).to.contain('client is invalid')
  59       expect(body.type.startsWith('https://')).to.be.true
  60       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  61     })
  62
  63     it('Should not login with an invalid client secret', async function () {
  64       const client = { id: server.store.client.id, secret: 'coucou' }
  65       const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  66
  67       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  68       expect(body.error).to.contain('client is invalid')
  69       expect(body.type.startsWith('https://')).to.be.true
  70       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
  71     })
  72   })
  73
  74   describe('Login', function () {
  75
  76     it('Should not login with an invalid username', async function () {
  77       const user = { username: 'captain crochet', password: server.store.user.password }
  78       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  79
  80       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  81       expect(body.error).to.contain('credentials are invalid')
  82       expect(body.type.startsWith('https://')).to.be.true
  83       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  84     })
  85
  86     it('Should not login with an invalid password', async function () {
  87       const user = { username: server.store.user.username, password: 'mew_three' }
  88       const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
  89
  90       expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
  91       expect(body.error).to.contain('credentials are invalid')
  92       expect(body.type.startsWith('https://')).to.be.true
  93       expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
  94     })
  95
  96     it('Should not be able to upload a video', async function () {
  97       token = 'my_super_token'
  98
  99       await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 100     })
 101
 102     it('Should not be able to follow', async function () {
 103       token = 'my_super_token'
 104
 105       await server.follows.follow({
 106         hosts: [ 'http://example.com' ],
 107         token,
 108         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 109       })
 110     })
 111
 112     it('Should not be able to unfollow')
 113
 114     it('Should be able to login', async function () {
 115       const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 })
 116
 117       token = body.access_token
 118     })
 119
 120     it('Should be able to login with an insensitive username', async function () {
 121       const user = { username: 'RoOt', password: server.store.user.password }
 122       await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 })
 123
 124       const user2 = { username: 'rOoT', password: server.store.user.password }
 125       await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 })
 126
 127       const user3 = { username: 'ROOt', password: server.store.user.password }
 128       await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 })
 129     })
 130   })
 131
 132   describe('Upload', function () {
 133
 134     it('Should upload the video with the correct token', async function () {
 135       await server.videos.upload({ token })
 136       const { data } = await server.videos.list()
 137       const video = data[0]
 138
 139       expect(video.account.name).to.equal('root')
 140       videoId = video.id
 141     })
 142
 143     it('Should upload the video again with the correct token', async function () {
 144       await server.videos.upload({ token })
 145     })
 146   })
 147
 148   describe('Ratings', function () {
 149
 150     it('Should retrieve a video rating', async function () {
 151       await server.videos.rate({ id: videoId, rating: 'like' })
 152       const rating = await server.users.getMyRating({ token, videoId })
 153
 154       expect(rating.videoId).to.equal(videoId)
 155       expect(rating.rating).to.equal('like')
 156     })
 157
 158     it('Should retrieve ratings list', async function () {
 159       await server.videos.rate({ id: videoId, rating: 'like' })
 160
 161       const body = await server.accounts.listRatings({ accountName: server.store.user.username })
 162
 163       expect(body.total).to.equal(1)
 164       expect(body.data[0].video.id).to.equal(videoId)
 165       expect(body.data[0].rating).to.equal('like')
 166     })
 167
 168     it('Should retrieve ratings list by rating type', async function () {
 169       {
 170         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'like' })
 171         expect(body.data.length).to.equal(1)
 172       }
 173
 174       {
 175         const body = await server.accounts.listRatings({ accountName: server.store.user.username, rating: 'dislike' })
 176         expect(body.data.length).to.equal(0)
 177       }
 178     })
 179   })
 180
 181   describe('Remove video', function () {
 182     it('Should not be able to remove the video with an incorrect token', async function () {
 183       await server.videos.remove({ token: 'bad_token', id: videoId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184     })
 185
 186     it('Should not be able to remove the video with the token of another account')
 187
 188     it('Should be able to remove the video with the correct token', async function () {
 189       await server.videos.remove({ token, id: videoId })
 190     })
 191   })
 192
 193   describe('Logout', function () {
 194     it('Should logout (revoke token)', async function () {
 195       await server.login.logout({ token: server.accessToken })
 196     })
 197
 198     it('Should not be able to get the user information', async function () {
 199       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 200     })
 201
 202     it('Should not be able to upload a video', async function () {
 203       await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should not be able to rate a video', async function () {
 207       const path = '/api/v1/videos/'
 208       const data = {
 209         rating: 'likes'
 210       }
 211
 212       const options = {
 213         url: server.url,
 214         path: path + videoId,
 215         token: 'wrong token',
 216         fields: data,
 217         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 218       }
 219       await makePutBodyRequest(options)
 220     })
 221
 222     it('Should be able to login again', async function () {
 223       const body = await server.login.login()
 224       server.accessToken = body.access_token
 225       server.refreshToken = body.refresh_token
 226     })
 227
 228     it('Should be able to get my user information again', async function () {
 229       await server.users.getMyInfo()
 230     })
 231
 232     it('Should have an expired access token', async function () {
 233       this.timeout(60000)
 234
 235       await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 236       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 237
 238       await killallServers([ server ])
 239       await server.run()
 240
 241       await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 242     })
 243
 244     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 245       await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 246     })
 247
 248     it('Should refresh the token', async function () {
 249       this.timeout(15000)
 250
 251       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 252       await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
 253
 254       await killallServers([ server ])
 255       await server.run()
 256
 257       const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
 258       server.accessToken = res.body.access_token
 259       server.refreshToken = res.body.refresh_token
 260     })
 261
 262     it('Should be able to get my user information again', async function () {
 263       await server.users.getMyInfo()
 264     })
 265   })
 266
 267   describe('Creating a user', function () {
 268
 269     it('Should be able to create a new user', async function () {
 270       await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
 271     })
 272
 273     it('Should be able to login with this user', async function () {
 274       userToken = await server.login.getAccessToken(user)
 275     })
 276
 277     it('Should be able to get user information', async function () {
 278       const userMe = await server.users.getMyInfo({ token: userToken })
 279
 280       const userGet = await server.users.get({ userId: userMe.id, withStats: true })
 281
 282       for (const user of [ userMe, userGet ]) {
 283         expect(user.username).to.equal('user_1')
 284         expect(user.email).to.equal('user_1@example.com')
 285         expect(user.nsfwPolicy).to.equal('display')
 286         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 287         expect(user.roleLabel).to.equal('User')
 288         expect(user.id).to.be.a('number')
 289         expect(user.account.displayName).to.equal('user_1')
 290         expect(user.account.description).to.be.null
 291       }
 292
 293       expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 294       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 295
 296       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 297       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 298
 299       // Check stats are included with withStats
 300       expect(userGet.videosCount).to.be.a('number')
 301       expect(userGet.videosCount).to.equal(0)
 302       expect(userGet.videoCommentsCount).to.be.a('number')
 303       expect(userGet.videoCommentsCount).to.equal(0)
 304       expect(userGet.abusesCount).to.be.a('number')
 305       expect(userGet.abusesCount).to.equal(0)
 306       expect(userGet.abusesAcceptedCount).to.be.a('number')
 307       expect(userGet.abusesAcceptedCount).to.equal(0)
 308     })
 309   })
 310
 311   describe('My videos & quotas', function () {
 312
 313     it('Should be able to upload a video with this user', async function () {
 314       this.timeout(10000)
 315
 316       const attributes = {
 317         name: 'super user video',
 318         fixture: 'video_short.webm'
 319       }
 320       await server.videos.upload({ token: userToken, attributes })
 321
 322       await server.channels.create({ token: userToken, attributes: { name: 'other_channel' } })
 323     })
 324
 325     it('Should have video quota updated', async function () {
 326       const quota = await server.users.getMyQuotaUsed({ token: userToken })
 327       expect(quota.videoQuotaUsed).to.equal(218910)
 328
 329       const { data } = await server.users.list()
 330       const tmpUser = data.find(u => u.username === user.username)
 331       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 332     })
 333
 334     it('Should be able to list my videos', async function () {
 335       const { total, data } = await server.videos.listMyVideos({ token: userToken })
 336       expect(total).to.equal(1)
 337       expect(data).to.have.lengthOf(1)
 338
 339       const video: Video = data[0]
 340       expect(video.name).to.equal('super user video')
 341       expect(video.thumbnailPath).to.not.be.null
 342       expect(video.previewPath).to.not.be.null
 343     })
 344
 345     it('Should be able to filter by channel in my videos', async function () {
 346       const myInfo = await server.users.getMyInfo({ token: userToken })
 347       const mainChannel = myInfo.videoChannels.find(c => c.name !== 'other_channel')
 348       const otherChannel = myInfo.videoChannels.find(c => c.name === 'other_channel')
 349
 350       {
 351         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: mainChannel.id })
 352         expect(total).to.equal(1)
 353         expect(data).to.have.lengthOf(1)
 354
 355         const video: Video = data[0]
 356         expect(video.name).to.equal('super user video')
 357         expect(video.thumbnailPath).to.not.be.null
 358         expect(video.previewPath).to.not.be.null
 359       }
 360
 361       {
 362         const { total, data } = await server.videos.listMyVideos({ token: userToken, channelId: otherChannel.id })
 363         expect(total).to.equal(0)
 364         expect(data).to.have.lengthOf(0)
 365       }
 366     })
 367
 368     it('Should be able to search in my videos', async function () {
 369       {
 370         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
 371         expect(total).to.equal(1)
 372         expect(data).to.have.lengthOf(1)
 373       }
 374
 375       {
 376         const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
 377         expect(total).to.equal(0)
 378         expect(data).to.have.lengthOf(0)
 379       }
 380     })
 381
 382     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 383       this.timeout(60000)
 384
 385       {
 386         const config = await server.config.getCustomConfig()
 387         config.transcoding.webtorrent.enabled = false
 388         config.transcoding.hls.enabled = true
 389         config.transcoding.enabled = true
 390         await server.config.updateCustomSubConfig({ newConfig: config })
 391       }
 392
 393       {
 394         const attributes = {
 395           name: 'super user video 2',
 396           fixture: 'video_short.webm'
 397         }
 398         await server.videos.upload({ token: userToken, attributes })
 399
 400         await waitJobs([ server ])
 401       }
 402
 403       {
 404         const data = await server.users.getMyQuotaUsed({ token: userToken })
 405         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 406       }
 407     })
 408   })
 409
 410   describe('Users listing', function () {
 411
 412     it('Should list all the users', async function () {
 413       const { data, total } = await server.users.list()
 414
 415       expect(total).to.equal(2)
 416       expect(data).to.be.an('array')
 417       expect(data.length).to.equal(2)
 418
 419       const user = data[0]
 420       expect(user.username).to.equal('user_1')
 421       expect(user.email).to.equal('user_1@example.com')
 422       expect(user.nsfwPolicy).to.equal('display')
 423
 424       const rootUser = data[1]
 425       expect(rootUser.username).to.equal('root')
 426       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 427       expect(user.nsfwPolicy).to.equal('display')
 428
 429       expect(rootUser.lastLoginDate).to.exist
 430       expect(user.lastLoginDate).to.exist
 431
 432       userId = user.id
 433     })
 434
 435     it('Should list only the first user by username asc', async function () {
 436       const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
 437
 438       expect(total).to.equal(2)
 439       expect(data.length).to.equal(1)
 440
 441       const user = data[0]
 442       expect(user.username).to.equal('root')
 443       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 444       expect(user.roleLabel).to.equal('Administrator')
 445       expect(user.nsfwPolicy).to.equal('display')
 446     })
 447
 448     it('Should list only the first user by username desc', async function () {
 449       const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
 450
 451       expect(total).to.equal(2)
 452       expect(data.length).to.equal(1)
 453
 454       const user = data[0]
 455       expect(user.username).to.equal('user_1')
 456       expect(user.email).to.equal('user_1@example.com')
 457       expect(user.nsfwPolicy).to.equal('display')
 458     })
 459
 460     it('Should list only the second user by createdAt desc', async function () {
 461       const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
 462       expect(total).to.equal(2)
 463
 464       expect(data.length).to.equal(1)
 465
 466       const user = data[0]
 467       expect(user.username).to.equal('user_1')
 468       expect(user.email).to.equal('user_1@example.com')
 469       expect(user.nsfwPolicy).to.equal('display')
 470     })
 471
 472     it('Should list all the users by createdAt asc', async function () {
 473       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
 474
 475       expect(total).to.equal(2)
 476       expect(data.length).to.equal(2)
 477
 478       expect(data[0].username).to.equal('root')
 479       expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 480       expect(data[0].nsfwPolicy).to.equal('display')
 481
 482       expect(data[1].username).to.equal('user_1')
 483       expect(data[1].email).to.equal('user_1@example.com')
 484       expect(data[1].nsfwPolicy).to.equal('display')
 485     })
 486
 487     it('Should search user by username', async function () {
 488       const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
 489       expect(total).to.equal(1)
 490       expect(data.length).to.equal(1)
 491       expect(data[0].username).to.equal('root')
 492     })
 493
 494     it('Should search user by email', async function () {
 495       {
 496         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
 497         expect(total).to.equal(1)
 498         expect(data.length).to.equal(1)
 499         expect(data[0].username).to.equal('user_1')
 500         expect(data[0].email).to.equal('user_1@example.com')
 501       }
 502
 503       {
 504         const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
 505         expect(total).to.equal(2)
 506         expect(data.length).to.equal(2)
 507         expect(data[0].username).to.equal('root')
 508         expect(data[1].username).to.equal('user_1')
 509       }
 510     })
 511   })
 512
 513   describe('Update my account', function () {
 514
 515     it('Should update my password', async function () {
 516       await server.users.updateMe({
 517         token: userToken,
 518         currentPassword: 'super password',
 519         password: 'new password'
 520       })
 521       user.password = 'new password'
 522
 523       await server.login.login({ user })
 524     })
 525
 526     it('Should be able to change the NSFW display attribute', async function () {
 527       await server.users.updateMe({
 528         token: userToken,
 529         nsfwPolicy: 'do_not_list'
 530       })
 531
 532       const user = await server.users.getMyInfo({ token: userToken })
 533       expect(user.username).to.equal('user_1')
 534       expect(user.email).to.equal('user_1@example.com')
 535       expect(user.nsfwPolicy).to.equal('do_not_list')
 536       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 537       expect(user.id).to.be.a('number')
 538       expect(user.account.displayName).to.equal('user_1')
 539       expect(user.account.description).to.be.null
 540     })
 541
 542     it('Should be able to change the autoPlayVideo attribute', async function () {
 543       await server.users.updateMe({
 544         token: userToken,
 545         autoPlayVideo: false
 546       })
 547
 548       const user = await server.users.getMyInfo({ token: userToken })
 549       expect(user.autoPlayVideo).to.be.false
 550     })
 551
 552     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 553       await server.users.updateMe({
 554         token: userToken,
 555         autoPlayNextVideo: true
 556       })
 557
 558       const user = await server.users.getMyInfo({ token: userToken })
 559       expect(user.autoPlayNextVideo).to.be.true
 560     })
 561
 562     it('Should be able to change the p2p attribute', async function () {
 563       {
 564         await server.users.updateMe({
 565           token: userToken,
 566           webTorrentEnabled: false
 567         })
 568
 569         const user = await server.users.getMyInfo({ token: userToken })
 570         expect(user.p2pEnabled).to.be.false
 571       }
 572
 573       {
 574         await server.users.updateMe({
 575           token: userToken,
 576           p2pEnabled: true
 577         })
 578
 579         const user = await server.users.getMyInfo({ token: userToken })
 580         expect(user.p2pEnabled).to.be.true
 581       }
 582     })
 583
 584     it('Should be able to change the email attribute', async function () {
 585       await server.users.updateMe({
 586         token: userToken,
 587         currentPassword: 'new password',
 588         email: 'updated@example.com'
 589       })
 590
 591       const user = await server.users.getMyInfo({ token: userToken })
 592       expect(user.username).to.equal('user_1')
 593       expect(user.email).to.equal('updated@example.com')
 594       expect(user.nsfwPolicy).to.equal('do_not_list')
 595       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 596       expect(user.id).to.be.a('number')
 597       expect(user.account.displayName).to.equal('user_1')
 598       expect(user.account.description).to.be.null
 599     })
 600
 601     it('Should be able to update my avatar with a gif', async function () {
 602       const fixture = 'avatar.gif'
 603
 604       await server.users.updateMyAvatar({ token: userToken, fixture })
 605
 606       const user = await server.users.getMyInfo({ token: userToken })
 607       for (const avatar of user.account.avatars) {
 608         await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, '.gif')
 609       }
 610     })
 611
 612     it('Should be able to update my avatar with a gif, and then a png', async function () {
 613       for (const extension of [ '.png', '.gif' ]) {
 614         const fixture = 'avatar' + extension
 615
 616         await server.users.updateMyAvatar({ token: userToken, fixture })
 617
 618         const user = await server.users.getMyInfo({ token: userToken })
 619         for (const avatar of user.account.avatars) {
 620           await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, extension)
 621         }
 622       }
 623     })
 624
 625     it('Should be able to update my display name', async function () {
 626       await server.users.updateMe({ token: userToken, displayName: 'new display name' })
 627
 628       const user = await server.users.getMyInfo({ token: userToken })
 629       expect(user.username).to.equal('user_1')
 630       expect(user.email).to.equal('updated@example.com')
 631       expect(user.nsfwPolicy).to.equal('do_not_list')
 632       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 633       expect(user.id).to.be.a('number')
 634       expect(user.account.displayName).to.equal('new display name')
 635       expect(user.account.description).to.be.null
 636     })
 637
 638     it('Should be able to update my description', async function () {
 639       await server.users.updateMe({ token: userToken, description: 'my super description updated' })
 640
 641       const user = await server.users.getMyInfo({ token: userToken })
 642       expect(user.username).to.equal('user_1')
 643       expect(user.email).to.equal('updated@example.com')
 644       expect(user.nsfwPolicy).to.equal('do_not_list')
 645       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 646       expect(user.id).to.be.a('number')
 647       expect(user.account.displayName).to.equal('new display name')
 648       expect(user.account.description).to.equal('my super description updated')
 649       expect(user.noWelcomeModal).to.be.false
 650       expect(user.noInstanceConfigWarningModal).to.be.false
 651       expect(user.noAccountSetupWarningModal).to.be.false
 652     })
 653
 654     it('Should be able to update my theme', async function () {
 655       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 656         await server.users.updateMe({ token: userToken, theme })
 657
 658         const user = await server.users.getMyInfo({ token: userToken })
 659         expect(user.theme).to.equal(theme)
 660       }
 661     })
 662
 663     it('Should be able to update my modal preferences', async function () {
 664       await server.users.updateMe({
 665         token: userToken,
 666         noInstanceConfigWarningModal: true,
 667         noWelcomeModal: true,
 668         noAccountSetupWarningModal: true
 669       })
 670
 671       const user = await server.users.getMyInfo({ token: userToken })
 672       expect(user.noWelcomeModal).to.be.true
 673       expect(user.noInstanceConfigWarningModal).to.be.true
 674       expect(user.noAccountSetupWarningModal).to.be.true
 675     })
 676   })
 677
 678   describe('Updating another user', function () {
 679     it('Should be able to update another user', async function () {
 680       await server.users.update({
 681         userId,
 682         token,
 683         email: 'updated2@example.com',
 684         emailVerified: true,
 685         videoQuota: 42,
 686         role: UserRole.MODERATOR,
 687         adminFlags: UserAdminFlag.NONE,
 688         pluginAuth: 'toto'
 689       })
 690
 691       const user = await server.users.get({ token, userId })
 692
 693       expect(user.username).to.equal('user_1')
 694       expect(user.email).to.equal('updated2@example.com')
 695       expect(user.emailVerified).to.be.true
 696       expect(user.nsfwPolicy).to.equal('do_not_list')
 697       expect(user.videoQuota).to.equal(42)
 698       expect(user.roleLabel).to.equal('Moderator')
 699       expect(user.id).to.be.a('number')
 700       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 701       expect(user.pluginAuth).to.equal('toto')
 702     })
 703
 704     it('Should reset the auth plugin', async function () {
 705       await server.users.update({ userId, token, pluginAuth: null })
 706
 707       const user = await server.users.get({ token, userId })
 708       expect(user.pluginAuth).to.be.null
 709     })
 710
 711     it('Should have removed the user token', async function () {
 712       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 713
 714       userToken = await server.login.getAccessToken(user)
 715     })
 716
 717     it('Should be able to update another user password', async function () {
 718       await server.users.update({ userId, token, password: 'password updated' })
 719
 720       await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 721
 722       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 723
 724       user.password = 'password updated'
 725       userToken = await server.login.getAccessToken(user)
 726     })
 727   })
 728
 729   describe('Video blacklists', function () {
 730     it('Should be able to list video blacklist by a moderator', async function () {
 731       await server.blacklist.list({ token: userToken })
 732     })
 733   })
 734
 735   describe('Remove a user', function () {
 736     it('Should be able to remove this user', async function () {
 737       await server.users.remove({ userId, token })
 738     })
 739
 740     it('Should not be able to login with this user', async function () {
 741       await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 742     })
 743
 744     it('Should not have videos of this user', async function () {
 745       const { data, total } = await server.videos.list()
 746       expect(total).to.equal(1)
 747
 748       const video = data[0]
 749       expect(video.account.name).to.equal('root')
 750     })
 751   })
 752
 753   describe('Registering a new user', function () {
 754     let user15AccessToken
 755
 756     it('Should register a new user', async function () {
 757       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 758       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 759
 760       await server.users.register({ ...user, channel })
 761     })
 762
 763     it('Should be able to login with this registered user', async function () {
 764       const user15 = {
 765         username: 'user_15',
 766         password: 'my super password'
 767       }
 768
 769       user15AccessToken = await server.login.getAccessToken(user15)
 770     })
 771
 772     it('Should have the correct display name', async function () {
 773       const user = await server.users.getMyInfo({ token: user15AccessToken })
 774       expect(user.account.displayName).to.equal('super user 15')
 775     })
 776
 777     it('Should have the correct video quota', async function () {
 778       const user = await server.users.getMyInfo({ token: user15AccessToken })
 779       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 780     })
 781
 782     it('Should have created the channel', async function () {
 783       const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' })
 784
 785       expect(displayName).to.equal('my channel rocks')
 786     })
 787
 788     it('Should remove me', async function () {
 789       {
 790         const { data } = await server.users.list()
 791         expect(data.find(u => u.username === 'user_15')).to.not.be.undefined
 792       }
 793
 794       await server.users.deleteMe({ token: user15AccessToken })
 795
 796       {
 797         const { data } = await server.users.list()
 798         expect(data.find(u => u.username === 'user_15')).to.be.undefined
 799       }
 800     })
 801   })
 802
 803   describe('User blocking', function () {
 804     let user16Id
 805     let user16AccessToken
 806     const user16 = {
 807       username: 'user_16',
 808       password: 'my super password'
 809     }
 810
 811     it('Should block a user', async function () {
 812       const user = await server.users.create({ ...user16 })
 813       user16Id = user.id
 814
 815       user16AccessToken = await server.login.getAccessToken(user16)
 816
 817       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 818       await server.users.banUser({ userId: user16Id })
 819
 820       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 821       await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 822     })
 823
 824     it('Should search user by banned status', async function () {
 825       {
 826         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true })
 827         expect(total).to.equal(1)
 828         expect(data.length).to.equal(1)
 829
 830         expect(data[0].username).to.equal(user16.username)
 831       }
 832
 833       {
 834         const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false })
 835         expect(total).to.equal(1)
 836         expect(data.length).to.equal(1)
 837
 838         expect(data[0].username).to.not.equal(user16.username)
 839       }
 840     })
 841
 842     it('Should unblock a user', async function () {
 843       await server.users.unbanUser({ userId: user16Id })
 844       user16AccessToken = await server.login.getAccessToken(user16)
 845       await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 })
 846     })
 847   })
 848
 849   describe('User stats', function () {
 850     let user17Id
 851     let user17AccessToken
 852
 853     it('Should report correct initial statistics about a user', async function () {
 854       const user17 = {
 855         username: 'user_17',
 856         password: 'my super password'
 857       }
 858       const created = await server.users.create({ ...user17 })
 859
 860       user17Id = created.id
 861       user17AccessToken = await server.login.getAccessToken(user17)
 862
 863       const user = await server.users.get({ userId: user17Id, withStats: true })
 864       expect(user.videosCount).to.equal(0)
 865       expect(user.videoCommentsCount).to.equal(0)
 866       expect(user.abusesCount).to.equal(0)
 867       expect(user.abusesCreatedCount).to.equal(0)
 868       expect(user.abusesAcceptedCount).to.equal(0)
 869     })
 870
 871     it('Should report correct videos count', async function () {
 872       const attributes = { name: 'video to test user stats' }
 873       await server.videos.upload({ token: user17AccessToken, attributes })
 874
 875       const { data } = await server.videos.list()
 876       videoId = data.find(video => video.name === attributes.name).id
 877
 878       const user = await server.users.get({ userId: user17Id, withStats: true })
 879       expect(user.videosCount).to.equal(1)
 880     })
 881
 882     it('Should report correct video comments for user', async function () {
 883       const text = 'super comment'
 884       await server.comments.createThread({ token: user17AccessToken, videoId, text })
 885
 886       const user = await server.users.get({ userId: user17Id, withStats: true })
 887       expect(user.videoCommentsCount).to.equal(1)
 888     })
 889
 890     it('Should report correct abuses counts', async function () {
 891       const reason = 'my super bad reason'
 892       await server.abuses.report({ token: user17AccessToken, videoId, reason })
 893
 894       const body1 = await server.abuses.getAdminList()
 895       const abuseId = body1.data[0].id
 896
 897       const user2 = await server.users.get({ userId: user17Id, withStats: true })
 898       expect(user2.abusesCount).to.equal(1) // number of incriminations
 899       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
 900
 901       await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
 902
 903       const user3 = await server.users.get({ userId: user17Id, withStats: true })
 904       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
 905     })
 906   })
 907
 908   after(async function () {
 909     await cleanupTests([ server ])
 910   })
 911 })