server/tests/api/users/users.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models'
   6 import { CustomConfig, OAuth2ErrorCode } from '@shared/models/server'
   7 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
   8 import {
   9   addVideoCommentThread,
  10   blockUser,
  11   cleanupTests,
  12   closeAllSequelize,
  13   createUser,
  14   deleteMe,
  15   flushAndRunServer,
  16   getAccountRatings,
  17   getAdminAbusesList,
  18   getBlacklistedVideosList,
  19   getCustomConfig,
  20   getMyUserInformation,
  21   getMyUserVideoQuotaUsed,
  22   getMyUserVideoRating,
  23   getUserInformation,
  24   getUsersList,
  25   getUsersListPaginationAndSort,
  26   getVideoChannel,
  27   getVideosList,
  28   installPlugin,
  29   killallServers,
  30   login,
  31   makePutBodyRequest,
  32   rateVideo,
  33   registerUserWithChannel,
  34   removeUser,
  35   removeVideo,
  36   reportAbuse,
  37   reRunServer,
  38   ServerInfo,
  39   setTokenField,
  40   testImage,
  41   unblockUser,
  42   updateAbuse,
  43   updateCustomSubConfig,
  44   updateMyAvatar,
  45   updateMyUser,
  46   updateUser,
  47   uploadVideo,
  48   userLogin,
  49   waitJobs
  50 } from '../../../../shared/extra-utils'
  51 import { follow } from '../../../../shared/extra-utils/server/follows'
  52 import { logout, refreshToken, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
  53 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
  54 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
  55
  56 const expect = chai.expect
  57
  58 describe('Test users', function () {
  59   let server: ServerInfo
  60   let accessToken: string
  61   let accessTokenUser: string
  62   let videoId: number
  63   let userId: number
  64   const user = {
  65     username: 'user_1',
  66     password: 'super password'
  67   }
  68
  69   before(async function () {
  70     this.timeout(30000)
  71
  72     server = await flushAndRunServer(1, {
  73       rates_limit: {
  74         login: {
  75           max: 30
  76         }
  77       }
  78     })
  79
  80     await setAccessTokensToServers([ server ])
  81
  82     await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
  83   })
  84
  85   describe('OAuth client', function () {
  86     it('Should create a new client')
  87
  88     it('Should return the first client')
  89
  90     it('Should remove the last client')
  91
  92     it('Should not login with an invalid client id', async function () {
  93       const client = { id: 'client', secret: server.client.secret }
  94       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
  95
  96       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
  97       expect(res.body.error).to.contain('client is invalid')
  98       expect(res.body.type.startsWith('https://')).to.be.true
  99       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 100     })
 101
 102     it('Should not login with an invalid client secret', async function () {
 103       const client = { id: server.client.id, secret: 'coucou' }
 104       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
 105
 106       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
 107       expect(res.body.error).to.contain('client is invalid')
 108       expect(res.body.type.startsWith('https://')).to.be.true
 109       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
 110     })
 111   })
 112
 113   describe('Login', function () {
 114
 115     it('Should not login with an invalid username', async function () {
 116       const user = { username: 'captain crochet', password: server.user.password }
 117       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 118
 119       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 120       expect(res.body.error).to.contain('credentials are invalid')
 121       expect(res.body.type.startsWith('https://')).to.be.true
 122       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 123     })
 124
 125     it('Should not login with an invalid password', async function () {
 126       const user = { username: server.user.username, password: 'mew_three' }
 127       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 128
 129       expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
 130       expect(res.body.error).to.contain('credentials are invalid')
 131       expect(res.body.type.startsWith('https://')).to.be.true
 132       expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
 133     })
 134
 135     it('Should not be able to upload a video', async function () {
 136       accessToken = 'my_super_token'
 137
 138       const videoAttributes = {}
 139       await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
 140     })
 141
 142     it('Should not be able to follow', async function () {
 143       accessToken = 'my_super_token'
 144       await follow(server.url, [ 'http://example.com' ], accessToken, HttpStatusCode.UNAUTHORIZED_401)
 145     })
 146
 147     it('Should not be able to unfollow')
 148
 149     it('Should be able to login', async function () {
 150       const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
 151
 152       accessToken = res.body.access_token
 153     })
 154
 155     it('Should be able to login with an insensitive username', async function () {
 156       const user = { username: 'RoOt', password: server.user.password }
 157       await login(server.url, server.client, user, HttpStatusCode.OK_200)
 158
 159       const user2 = { username: 'rOoT', password: server.user.password }
 160       await login(server.url, server.client, user2, HttpStatusCode.OK_200)
 161
 162       const user3 = { username: 'ROOt', password: server.user.password }
 163       await login(server.url, server.client, user3, HttpStatusCode.OK_200)
 164     })
 165   })
 166
 167   describe('Upload', function () {
 168
 169     it('Should upload the video with the correct token', async function () {
 170       const videoAttributes = {}
 171       await uploadVideo(server.url, accessToken, videoAttributes)
 172       const res = await getVideosList(server.url)
 173       const video = res.body.data[0]
 174
 175       expect(video.account.name).to.equal('root')
 176       videoId = video.id
 177     })
 178
 179     it('Should upload the video again with the correct token', async function () {
 180       const videoAttributes = {}
 181       await uploadVideo(server.url, accessToken, videoAttributes)
 182     })
 183   })
 184
 185   describe('Ratings', function () {
 186
 187     it('Should retrieve a video rating', async function () {
 188       await rateVideo(server.url, accessToken, videoId, 'like')
 189       const res = await getMyUserVideoRating(server.url, accessToken, videoId)
 190       const rating = res.body
 191
 192       expect(rating.videoId).to.equal(videoId)
 193       expect(rating.rating).to.equal('like')
 194     })
 195
 196     it('Should retrieve ratings list', async function () {
 197       await rateVideo(server.url, accessToken, videoId, 'like')
 198
 199       const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, HttpStatusCode.OK_200)
 200       const ratings = res.body
 201
 202       expect(ratings.total).to.equal(1)
 203       expect(ratings.data[0].video.id).to.equal(videoId)
 204       expect(ratings.data[0].rating).to.equal('like')
 205     })
 206
 207     it('Should retrieve ratings list by rating type', async function () {
 208       {
 209         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
 210         const ratings = res.body
 211         expect(ratings.data.length).to.equal(1)
 212       }
 213
 214       {
 215         const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
 216         const ratings = res.body
 217         expect(ratings.data.length).to.equal(0)
 218       }
 219     })
 220   })
 221
 222   describe('Remove video', function () {
 223     it('Should not be able to remove the video with an incorrect token', async function () {
 224       await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
 225     })
 226
 227     it('Should not be able to remove the video with the token of another account')
 228
 229     it('Should be able to remove the video with the correct token', async function () {
 230       await removeVideo(server.url, accessToken, videoId)
 231     })
 232   })
 233
 234   describe('Logout', function () {
 235     it('Should logout (revoke token)', async function () {
 236       await logout(server.url, server.accessToken)
 237     })
 238
 239     it('Should not be able to get the user information', async function () {
 240       await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
 241     })
 242
 243     it('Should not be able to upload a video', async function () {
 244       await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
 245     })
 246
 247     it('Should not be able to rate a video', async function () {
 248       const path = '/api/v1/videos/'
 249       const data = {
 250         rating: 'likes'
 251       }
 252
 253       const options = {
 254         url: server.url,
 255         path: path + videoId,
 256         token: 'wrong token',
 257         fields: data,
 258         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 259       }
 260       await makePutBodyRequest(options)
 261     })
 262
 263     it('Should be able to login again', async function () {
 264       const res = await login(server.url, server.client, server.user)
 265       server.accessToken = res.body.access_token
 266       server.refreshToken = res.body.refresh_token
 267     })
 268
 269     it('Should be able to get my user information again', async function () {
 270       await getMyUserInformation(server.url, server.accessToken)
 271     })
 272
 273     it('Should have an expired access token', async function () {
 274       this.timeout(15000)
 275
 276       await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
 277       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
 278
 279       killallServers([ server ])
 280       await reRunServer(server)
 281
 282       await getMyUserInformation(server.url, server.accessToken, 401)
 283     })
 284
 285     it('Should not be able to refresh an access token with an expired refresh token', async function () {
 286       await refreshToken(server, server.refreshToken, 400)
 287     })
 288
 289     it('Should refresh the token', async function () {
 290       this.timeout(15000)
 291
 292       const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
 293       await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 294
 295       killallServers([ server ])
 296       await reRunServer(server)
 297
 298       const res = await refreshToken(server, server.refreshToken)
 299       server.accessToken = res.body.access_token
 300       server.refreshToken = res.body.refresh_token
 301     })
 302
 303     it('Should be able to get my user information again', async function () {
 304       await getMyUserInformation(server.url, server.accessToken)
 305     })
 306   })
 307
 308   describe('Creating a user', function () {
 309
 310     it('Should be able to create a new user', async function () {
 311       await createUser({
 312         url: server.url,
 313         accessToken: accessToken,
 314         username: user.username,
 315         password: user.password,
 316         videoQuota: 2 * 1024 * 1024,
 317         adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
 318       })
 319     })
 320
 321     it('Should be able to login with this user', async function () {
 322       accessTokenUser = await userLogin(server, user)
 323     })
 324
 325     it('Should be able to get user information', async function () {
 326       const res1 = await getMyUserInformation(server.url, accessTokenUser)
 327       const userMe: MyUser = res1.body
 328
 329       const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
 330       const userGet: User = res2.body
 331
 332       for (const user of [ userMe, userGet ]) {
 333         expect(user.username).to.equal('user_1')
 334         expect(user.email).to.equal('user_1@example.com')
 335         expect(user.nsfwPolicy).to.equal('display')
 336         expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 337         expect(user.roleLabel).to.equal('User')
 338         expect(user.id).to.be.a('number')
 339         expect(user.account.displayName).to.equal('user_1')
 340         expect(user.account.description).to.be.null
 341       }
 342
 343       expect(userMe.adminFlags).to.be.undefined
 344       expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
 345
 346       expect(userMe.specialPlaylists).to.have.lengthOf(1)
 347       expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
 348
 349       // Check stats are included with withStats
 350       expect(userGet.videosCount).to.be.a('number')
 351       expect(userGet.videosCount).to.equal(0)
 352       expect(userGet.videoCommentsCount).to.be.a('number')
 353       expect(userGet.videoCommentsCount).to.equal(0)
 354       expect(userGet.abusesCount).to.be.a('number')
 355       expect(userGet.abusesCount).to.equal(0)
 356       expect(userGet.abusesAcceptedCount).to.be.a('number')
 357       expect(userGet.abusesAcceptedCount).to.equal(0)
 358     })
 359   })
 360
 361   describe('My videos & quotas', function () {
 362
 363     it('Should be able to upload a video with this user', async function () {
 364       this.timeout(10000)
 365
 366       const videoAttributes = {
 367         name: 'super user video',
 368         fixture: 'video_short.webm'
 369       }
 370       await uploadVideo(server.url, accessTokenUser, videoAttributes)
 371     })
 372
 373     it('Should have video quota updated', async function () {
 374       const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 375       const data = res.body
 376
 377       expect(data.videoQuotaUsed).to.equal(218910)
 378
 379       const resUsers = await getUsersList(server.url, server.accessToken)
 380
 381       const users: User[] = resUsers.body.data
 382       const tmpUser = users.find(u => u.username === user.username)
 383       expect(tmpUser.videoQuotaUsed).to.equal(218910)
 384     })
 385
 386     it('Should be able to list my videos', async function () {
 387       const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
 388       expect(res.body.total).to.equal(1)
 389
 390       const videos = res.body.data
 391       expect(videos).to.have.lengthOf(1)
 392
 393       const video: Video = videos[0]
 394       expect(video.name).to.equal('super user video')
 395       expect(video.thumbnailPath).to.not.be.null
 396       expect(video.previewPath).to.not.be.null
 397     })
 398
 399     it('Should be able to search in my videos', async function () {
 400       {
 401         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
 402         expect(res.body.total).to.equal(1)
 403
 404         const videos = res.body.data
 405         expect(videos).to.have.lengthOf(1)
 406       }
 407
 408       {
 409         const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
 410         expect(res.body.total).to.equal(0)
 411
 412         const videos = res.body.data
 413         expect(videos).to.have.lengthOf(0)
 414       }
 415     })
 416
 417     it('Should disable webtorrent, enable HLS, and update my quota', async function () {
 418       this.timeout(60000)
 419
 420       {
 421         const res = await getCustomConfig(server.url, server.accessToken)
 422         const config = res.body as CustomConfig
 423         config.transcoding.webtorrent.enabled = false
 424         config.transcoding.hls.enabled = true
 425         config.transcoding.enabled = true
 426         await updateCustomSubConfig(server.url, server.accessToken, config)
 427       }
 428
 429       {
 430         const videoAttributes = {
 431           name: 'super user video 2',
 432           fixture: 'video_short.webm'
 433         }
 434         await uploadVideo(server.url, accessTokenUser, videoAttributes)
 435
 436         await waitJobs([ server ])
 437       }
 438
 439       {
 440         const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
 441         const data = res.body
 442
 443         expect(data.videoQuotaUsed).to.be.greaterThan(220000)
 444       }
 445     })
 446   })
 447
 448   describe('Users listing', function () {
 449
 450     it('Should list all the users', async function () {
 451       const res = await getUsersList(server.url, server.accessToken)
 452       const result = res.body
 453       const total = result.total
 454       const users = result.data
 455
 456       expect(total).to.equal(2)
 457       expect(users).to.be.an('array')
 458       expect(users.length).to.equal(2)
 459
 460       const user = users[0]
 461       expect(user.username).to.equal('user_1')
 462       expect(user.email).to.equal('user_1@example.com')
 463       expect(user.nsfwPolicy).to.equal('display')
 464
 465       const rootUser = users[1]
 466       expect(rootUser.username).to.equal('root')
 467       expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 468       expect(user.nsfwPolicy).to.equal('display')
 469
 470       expect(rootUser.lastLoginDate).to.exist
 471       expect(user.lastLoginDate).to.exist
 472
 473       userId = user.id
 474     })
 475
 476     it('Should list only the first user by username asc', async function () {
 477       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
 478
 479       const result = res.body
 480       const total = result.total
 481       const users = result.data
 482
 483       expect(total).to.equal(2)
 484       expect(users.length).to.equal(1)
 485
 486       const user = users[0]
 487       expect(user.username).to.equal('root')
 488       expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
 489       expect(user.roleLabel).to.equal('Administrator')
 490       expect(user.nsfwPolicy).to.equal('display')
 491     })
 492
 493     it('Should list only the first user by username desc', async function () {
 494       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
 495       const result = res.body
 496       const total = result.total
 497       const users = result.data
 498
 499       expect(total).to.equal(2)
 500       expect(users.length).to.equal(1)
 501
 502       const user = users[0]
 503       expect(user.username).to.equal('user_1')
 504       expect(user.email).to.equal('user_1@example.com')
 505       expect(user.nsfwPolicy).to.equal('display')
 506     })
 507
 508     it('Should list only the second user by createdAt desc', async function () {
 509       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
 510       const result = res.body
 511       const total = result.total
 512       const users = result.data
 513
 514       expect(total).to.equal(2)
 515       expect(users.length).to.equal(1)
 516
 517       const user = users[0]
 518       expect(user.username).to.equal('user_1')
 519       expect(user.email).to.equal('user_1@example.com')
 520       expect(user.nsfwPolicy).to.equal('display')
 521     })
 522
 523     it('Should list all the users by createdAt asc', async function () {
 524       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
 525       const result = res.body
 526       const total = result.total
 527       const users = result.data
 528
 529       expect(total).to.equal(2)
 530       expect(users.length).to.equal(2)
 531
 532       expect(users[0].username).to.equal('root')
 533       expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
 534       expect(users[0].nsfwPolicy).to.equal('display')
 535
 536       expect(users[1].username).to.equal('user_1')
 537       expect(users[1].email).to.equal('user_1@example.com')
 538       expect(users[1].nsfwPolicy).to.equal('display')
 539     })
 540
 541     it('Should search user by username', async function () {
 542       const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
 543       const users = res.body.data as User[]
 544
 545       expect(res.body.total).to.equal(1)
 546       expect(users.length).to.equal(1)
 547
 548       expect(users[0].username).to.equal('root')
 549     })
 550
 551     it('Should search user by email', async function () {
 552       {
 553         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
 554         const users = res.body.data as User[]
 555
 556         expect(res.body.total).to.equal(1)
 557         expect(users.length).to.equal(1)
 558
 559         expect(users[0].username).to.equal('user_1')
 560         expect(users[0].email).to.equal('user_1@example.com')
 561       }
 562
 563       {
 564         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
 565         const users = res.body.data as User[]
 566
 567         expect(res.body.total).to.equal(2)
 568         expect(users.length).to.equal(2)
 569
 570         expect(users[0].username).to.equal('root')
 571         expect(users[1].username).to.equal('user_1')
 572       }
 573     })
 574   })
 575
 576   describe('Update my account', function () {
 577     it('Should update my password', async function () {
 578       await updateMyUser({
 579         url: server.url,
 580         accessToken: accessTokenUser,
 581         currentPassword: 'super password',
 582         password: 'new password'
 583       })
 584       user.password = 'new password'
 585
 586       await userLogin(server, user, HttpStatusCode.OK_200)
 587     })
 588
 589     it('Should be able to change the NSFW display attribute', async function () {
 590       await updateMyUser({
 591         url: server.url,
 592         accessToken: accessTokenUser,
 593         nsfwPolicy: 'do_not_list'
 594       })
 595
 596       const res = await getMyUserInformation(server.url, accessTokenUser)
 597       const user = res.body
 598
 599       expect(user.username).to.equal('user_1')
 600       expect(user.email).to.equal('user_1@example.com')
 601       expect(user.nsfwPolicy).to.equal('do_not_list')
 602       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 603       expect(user.id).to.be.a('number')
 604       expect(user.account.displayName).to.equal('user_1')
 605       expect(user.account.description).to.be.null
 606     })
 607
 608     it('Should be able to change the autoPlayVideo attribute', async function () {
 609       await updateMyUser({
 610         url: server.url,
 611         accessToken: accessTokenUser,
 612         autoPlayVideo: false
 613       })
 614
 615       const res = await getMyUserInformation(server.url, accessTokenUser)
 616       const user = res.body
 617
 618       expect(user.autoPlayVideo).to.be.false
 619     })
 620
 621     it('Should be able to change the autoPlayNextVideo attribute', async function () {
 622       await updateMyUser({
 623         url: server.url,
 624         accessToken: accessTokenUser,
 625         autoPlayNextVideo: true
 626       })
 627
 628       const res = await getMyUserInformation(server.url, accessTokenUser)
 629       const user = res.body
 630
 631       expect(user.autoPlayNextVideo).to.be.true
 632     })
 633
 634     it('Should be able to change the email attribute', async function () {
 635       await updateMyUser({
 636         url: server.url,
 637         accessToken: accessTokenUser,
 638         currentPassword: 'new password',
 639         email: 'updated@example.com'
 640       })
 641
 642       const res = await getMyUserInformation(server.url, accessTokenUser)
 643       const user = res.body
 644
 645       expect(user.username).to.equal('user_1')
 646       expect(user.email).to.equal('updated@example.com')
 647       expect(user.nsfwPolicy).to.equal('do_not_list')
 648       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 649       expect(user.id).to.be.a('number')
 650       expect(user.account.displayName).to.equal('user_1')
 651       expect(user.account.description).to.be.null
 652     })
 653
 654     it('Should be able to update my avatar with a gif', async function () {
 655       const fixture = 'avatar.gif'
 656
 657       await updateMyAvatar({
 658         url: server.url,
 659         accessToken: accessTokenUser,
 660         fixture
 661       })
 662
 663       const res = await getMyUserInformation(server.url, accessTokenUser)
 664       const user = res.body
 665
 666       await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
 667     })
 668
 669     it('Should be able to update my avatar with a gif, and then a png', async function () {
 670       for (const extension of [ '.png', '.gif' ]) {
 671         const fixture = 'avatar' + extension
 672
 673         await updateMyAvatar({
 674           url: server.url,
 675           accessToken: accessTokenUser,
 676           fixture
 677         })
 678
 679         const res = await getMyUserInformation(server.url, accessTokenUser)
 680         const user = res.body
 681
 682         await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
 683       }
 684     })
 685
 686     it('Should be able to update my display name', async function () {
 687       await updateMyUser({
 688         url: server.url,
 689         accessToken: accessTokenUser,
 690         displayName: 'new display name'
 691       })
 692
 693       const res = await getMyUserInformation(server.url, accessTokenUser)
 694       const user = res.body
 695
 696       expect(user.username).to.equal('user_1')
 697       expect(user.email).to.equal('updated@example.com')
 698       expect(user.nsfwPolicy).to.equal('do_not_list')
 699       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 700       expect(user.id).to.be.a('number')
 701       expect(user.account.displayName).to.equal('new display name')
 702       expect(user.account.description).to.be.null
 703     })
 704
 705     it('Should be able to update my description', async function () {
 706       await updateMyUser({
 707         url: server.url,
 708         accessToken: accessTokenUser,
 709         description: 'my super description updated'
 710       })
 711
 712       const res = await getMyUserInformation(server.url, accessTokenUser)
 713       const user: User = res.body
 714
 715       expect(user.username).to.equal('user_1')
 716       expect(user.email).to.equal('updated@example.com')
 717       expect(user.nsfwPolicy).to.equal('do_not_list')
 718       expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 719       expect(user.id).to.be.a('number')
 720       expect(user.account.displayName).to.equal('new display name')
 721       expect(user.account.description).to.equal('my super description updated')
 722       expect(user.noWelcomeModal).to.be.false
 723       expect(user.noInstanceConfigWarningModal).to.be.false
 724     })
 725
 726     it('Should be able to update my theme', async function () {
 727       for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
 728         await updateMyUser({
 729           url: server.url,
 730           accessToken: accessTokenUser,
 731           theme
 732         })
 733
 734         const res = await getMyUserInformation(server.url, accessTokenUser)
 735         const body: User = res.body
 736
 737         expect(body.theme).to.equal(theme)
 738       }
 739     })
 740
 741     it('Should be able to update my modal preferences', async function () {
 742       await updateMyUser({
 743         url: server.url,
 744         accessToken: accessTokenUser,
 745         noInstanceConfigWarningModal: true,
 746         noWelcomeModal: true
 747       })
 748
 749       const res = await getMyUserInformation(server.url, accessTokenUser)
 750       const user: User = res.body
 751
 752       expect(user.noWelcomeModal).to.be.true
 753       expect(user.noInstanceConfigWarningModal).to.be.true
 754     })
 755   })
 756
 757   describe('Updating another user', function () {
 758     it('Should be able to update another user', async function () {
 759       await updateUser({
 760         url: server.url,
 761         userId,
 762         accessToken,
 763         email: 'updated2@example.com',
 764         emailVerified: true,
 765         videoQuota: 42,
 766         role: UserRole.MODERATOR,
 767         adminFlags: UserAdminFlag.NONE,
 768         pluginAuth: 'toto'
 769       })
 770
 771       const res = await getUserInformation(server.url, accessToken, userId)
 772       const user = res.body as User
 773
 774       expect(user.username).to.equal('user_1')
 775       expect(user.email).to.equal('updated2@example.com')
 776       expect(user.emailVerified).to.be.true
 777       expect(user.nsfwPolicy).to.equal('do_not_list')
 778       expect(user.videoQuota).to.equal(42)
 779       expect(user.roleLabel).to.equal('Moderator')
 780       expect(user.id).to.be.a('number')
 781       expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
 782       expect(user.pluginAuth).to.equal('toto')
 783     })
 784
 785     it('Should reset the auth plugin', async function () {
 786       await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
 787
 788       const res = await getUserInformation(server.url, accessToken, userId)
 789       const user = res.body as User
 790       expect(user.pluginAuth).to.be.null
 791     })
 792
 793     it('Should have removed the user token', async function () {
 794       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 795
 796       accessTokenUser = await userLogin(server, user)
 797     })
 798
 799     it('Should be able to update another user password', async function () {
 800       await updateUser({
 801         url: server.url,
 802         userId,
 803         accessToken,
 804         password: 'password updated'
 805       })
 806
 807       await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
 808
 809       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 810
 811       user.password = 'password updated'
 812       accessTokenUser = await userLogin(server, user)
 813     })
 814   })
 815
 816   describe('Video blacklists', function () {
 817     it('Should be able to list video blacklist by a moderator', async function () {
 818       await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
 819     })
 820   })
 821
 822   describe('Remove a user', function () {
 823     it('Should be able to remove this user', async function () {
 824       await removeUser(server.url, userId, accessToken)
 825     })
 826
 827     it('Should not be able to login with this user', async function () {
 828       await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
 829     })
 830
 831     it('Should not have videos of this user', async function () {
 832       const res = await getVideosList(server.url)
 833
 834       expect(res.body.total).to.equal(1)
 835
 836       const video = res.body.data[0]
 837       expect(video.account.name).to.equal('root')
 838     })
 839   })
 840
 841   describe('Registering a new user', function () {
 842     let user15AccessToken
 843
 844     it('Should register a new user', async function () {
 845       const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
 846       const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
 847
 848       await registerUserWithChannel({ url: server.url, user, channel })
 849     })
 850
 851     it('Should be able to login with this registered user', async function () {
 852       const user15 = {
 853         username: 'user_15',
 854         password: 'my super password'
 855       }
 856
 857       user15AccessToken = await userLogin(server, user15)
 858     })
 859
 860     it('Should have the correct display name', async function () {
 861       const res = await getMyUserInformation(server.url, user15AccessToken)
 862       const user: User = res.body
 863
 864       expect(user.account.displayName).to.equal('super user 15')
 865     })
 866
 867     it('Should have the correct video quota', async function () {
 868       const res = await getMyUserInformation(server.url, user15AccessToken)
 869       const user = res.body
 870
 871       expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 872     })
 873
 874     it('Should have created the channel', async function () {
 875       const res = await getVideoChannel(server.url, 'my_user_15_channel')
 876
 877       expect(res.body.displayName).to.equal('my channel rocks')
 878     })
 879
 880     it('Should remove me', async function () {
 881       {
 882         const res = await getUsersList(server.url, server.accessToken)
 883         expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
 884       }
 885
 886       await deleteMe(server.url, user15AccessToken)
 887
 888       {
 889         const res = await getUsersList(server.url, server.accessToken)
 890         expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
 891       }
 892     })
 893   })
 894
 895   describe('User blocking', function () {
 896     let user16Id
 897     let user16AccessToken
 898     const user16 = {
 899       username: 'user_16',
 900       password: 'my super password'
 901     }
 902
 903     it('Should block a user', async function () {
 904       const resUser = await createUser({
 905         url: server.url,
 906         accessToken: server.accessToken,
 907         username: user16.username,
 908         password: user16.password
 909       })
 910       user16Id = resUser.body.user.id
 911
 912       user16AccessToken = await userLogin(server, user16)
 913
 914       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 915       await blockUser(server.url, user16Id, server.accessToken)
 916
 917       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
 918       await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
 919     })
 920
 921     it('Should search user by banned status', async function () {
 922       {
 923         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
 924         const users = res.body.data as User[]
 925
 926         expect(res.body.total).to.equal(1)
 927         expect(users.length).to.equal(1)
 928
 929         expect(users[0].username).to.equal(user16.username)
 930       }
 931
 932       {
 933         const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
 934         const users = res.body.data as User[]
 935
 936         expect(res.body.total).to.equal(1)
 937         expect(users.length).to.equal(1)
 938
 939         expect(users[0].username).to.not.equal(user16.username)
 940       }
 941     })
 942
 943     it('Should unblock a user', async function () {
 944       await unblockUser(server.url, user16Id, server.accessToken)
 945       user16AccessToken = await userLogin(server, user16)
 946       await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
 947     })
 948   })
 949
 950   describe('User stats', function () {
 951     let user17Id
 952     let user17AccessToken
 953
 954     it('Should report correct initial statistics about a user', async function () {
 955       const user17 = {
 956         username: 'user_17',
 957         password: 'my super password'
 958       }
 959       const resUser = await createUser({
 960         url: server.url,
 961         accessToken: server.accessToken,
 962         username: user17.username,
 963         password: user17.password
 964       })
 965
 966       user17Id = resUser.body.user.id
 967       user17AccessToken = await userLogin(server, user17)
 968
 969       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 970       const user: User = res.body
 971
 972       expect(user.videosCount).to.equal(0)
 973       expect(user.videoCommentsCount).to.equal(0)
 974       expect(user.abusesCount).to.equal(0)
 975       expect(user.abusesCreatedCount).to.equal(0)
 976       expect(user.abusesAcceptedCount).to.equal(0)
 977     })
 978
 979     it('Should report correct videos count', async function () {
 980       const videoAttributes = {
 981         name: 'video to test user stats'
 982       }
 983       await uploadVideo(server.url, user17AccessToken, videoAttributes)
 984       const res1 = await getVideosList(server.url)
 985       videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
 986
 987       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
 988       const user: User = res2.body
 989
 990       expect(user.videosCount).to.equal(1)
 991     })
 992
 993     it('Should report correct video comments for user', async function () {
 994       const text = 'super comment'
 995       await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
 996
 997       const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
 998       const user: User = res.body
 999
1000       expect(user.videoCommentsCount).to.equal(1)
1001     })
1002
1003     it('Should report correct abuses counts', async function () {
1004       const reason = 'my super bad reason'
1005       await reportAbuse({ url: server.url, token: user17AccessToken, videoId, reason })
1006
1007       const res1 = await getAdminAbusesList({ url: server.url, token: server.accessToken })
1008       const abuseId = res1.body.data[0].id
1009
1010       const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1011       const user2: User = res2.body
1012
1013       expect(user2.abusesCount).to.equal(1) // number of incriminations
1014       expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
1015
1016       const body: AbuseUpdate = { state: AbuseState.ACCEPTED }
1017       await updateAbuse(server.url, server.accessToken, abuseId, body)
1018
1019       const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1020       const user3: User = res3.body
1021
1022       expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1023     })
1024   })
1025
1026   after(async function () {
1027     await closeAllSequelize([ server ])
1028     await cleanupTests([ server ])
1029   })
1030 })