]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/users.js
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Server: do not allow a user to remove a video of another user
[github/Chocobozzz/PeerTube.git] / server / tests / api / users.js
1 'use strict'
2
3 const chai = require('chai')
4 const expect = chai.expect
5 const pathUtils = require('path')
6 const series = require('async/series')
7
8 const webtorrent = require(pathUtils.join(__dirname, '../../lib/webtorrent'))
9 webtorrent.silent = true
10
11 const utils = require('./utils')
12
13 describe('Test users', function () {
14 let server = null
15 let accessToken = null
16 let accessTokenUser = null
17 let videoId = null
18 let userId = null
19
20 before(function (done) {
21 this.timeout(20000)
22
23 series([
24 function (next) {
25 utils.flushTests(next)
26 },
27 function (next) {
28 utils.runServer(1, function (server1) {
29 server = server1
30 next()
31 })
32 }
33 ], done)
34 })
35
36 it('Should create a new client')
37
38 it('Should return the first client')
39
40 it('Should remove the last client')
41
42 it('Should not login with an invalid client id', function (done) {
43 const client = { id: 'client', password: server.client.secret }
44 utils.login(server.url, client, server.user, 400, function (err, res) {
45 if (err) throw err
46
47 expect(res.body.error).to.equal('invalid_client')
48 done()
49 })
50 })
51
52 it('Should not login with an invalid client password', function (done) {
53 const client = { id: server.client.id, password: 'coucou' }
54 utils.login(server.url, client, server.user, 400, function (err, res) {
55 if (err) throw err
56
57 expect(res.body.error).to.equal('invalid_client')
58 done()
59 })
60 })
61
62 it('Should not login with an invalid username', function (done) {
63 const user = { username: 'captain crochet', password: server.user.password }
64 utils.login(server.url, server.client, user, 400, function (err, res) {
65 if (err) throw err
66
67 expect(res.body.error).to.equal('invalid_grant')
68 done()
69 })
70 })
71
72 it('Should not login with an invalid password', function (done) {
73 const user = { username: server.user.username, password: 'mewthree' }
74 utils.login(server.url, server.client, user, 400, function (err, res) {
75 if (err) throw err
76
77 expect(res.body.error).to.equal('invalid_grant')
78 done()
79 })
80 })
81
82 it('Should not be able to upload a video', function (done) {
83 accessToken = 'mysupertoken'
84
85 const name = 'my super name'
86 const description = 'my super description'
87 const tags = [ 'tag1', 'tag2' ]
88 const video = 'video_short.webm'
89 utils.uploadVideo(server.url, accessToken, name, description, tags, video, 401, done)
90 })
91
92 it('Should not be able to make friends', function (done) {
93 accessToken = 'mysupertoken'
94 utils.makeFriends(server.url, accessToken, 401, done)
95 })
96
97 it('Should not be able to quit friends', function (done) {
98 accessToken = 'mysupertoken'
99 utils.quitFriends(server.url, accessToken, 401, done)
100 })
101
102 it('Should be able to login', function (done) {
103 utils.login(server.url, server.client, server.user, 200, function (err, res) {
104 if (err) throw err
105
106 accessToken = res.body.access_token
107 done()
108 })
109 })
110
111 it('Should upload the video with the correct token', function (done) {
112 const name = 'my super name'
113 const description = 'my super description'
114 const tags = [ 'tag1', 'tag2' ]
115 const video = 'video_short.webm'
116 utils.uploadVideo(server.url, accessToken, name, description, tags, video, 204, function (err, res) {
117 if (err) throw err
118
119 utils.getVideosList(server.url, function (err, res) {
120 if (err) throw err
121
122 const video = res.body.data[0]
123 expect(video.author).to.equal('root')
124
125 videoId = video.id
126 done()
127 })
128 })
129 })
130
131 it('Should upload the video again with the correct token', function (done) {
132 const name = 'my super name 2'
133 const description = 'my super description 2'
134 const tags = [ 'tag1' ]
135 const video = 'video_short.webm'
136 utils.uploadVideo(server.url, accessToken, name, description, tags, video, 204, done)
137 })
138
139 it('Should not be able to remove the video with an incorrect token', function (done) {
140 utils.removeVideo(server.url, 'bad_token', videoId, 401, done)
141 })
142
143 it('Should not be able to remove the video with the token of another account')
144
145 it('Should be able to remove the video with the correct token', function (done) {
146 utils.removeVideo(server.url, accessToken, videoId, done)
147 })
148
149 it('Should logout (revoke token)')
150
151 it('Should not be able to upload a video')
152
153 it('Should not be able to remove a video')
154
155 it('Should be able to login again')
156
157 it('Should have an expired access token')
158
159 it('Should refresh the token')
160
161 it('Should be able to upload a video again')
162
163 it('Should be able to create a new user', function (done) {
164 utils.createUser(server.url, accessToken, 'user_1', 'super password', done)
165 })
166
167 it('Should be able to login with this user', function (done) {
168 server.user = {
169 username: 'user_1',
170 password: 'super password'
171 }
172
173 utils.loginAndGetAccessToken(server, function (err, token) {
174 if (err) throw err
175
176 accessTokenUser = token
177
178 done()
179 })
180 })
181
182 it('Should be able to get the user informations', function (done) {
183 utils.getUserInformation(server.url, accessTokenUser, function (err, res) {
184 if (err) throw err
185
186 const user = res.body
187
188 expect(user.username).to.equal('user_1')
189 expect(user.id).to.exist
190
191 done()
192 })
193 })
194
195 it('Should be able to upload a video with this user', function (done) {
196 this.timeout(5000)
197
198 const name = 'my super name'
199 const description = 'my super description'
200 const tags = [ 'tag1', 'tag2', 'tag3' ]
201 const file = 'video_short.webm'
202 utils.uploadVideo(server.url, accessTokenUser, name, description, tags, file, done)
203 })
204
205 it('Should list all the users', function (done) {
206 utils.getUsersList(server.url, function (err, res) {
207 if (err) throw err
208
209 const users = res.body.data
210
211 expect(users).to.be.an('array')
212 expect(users.length).to.equal(2)
213
214 const rootUser = users[0]
215 expect(rootUser.username).to.equal('root')
216
217 const user = users[1]
218 expect(user.username).to.equal('user_1')
219 userId = user.id
220
221 done()
222 })
223 })
224
225 it('Should update the user password', function (done) {
226 utils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) {
227 if (err) throw err
228
229 server.user.password = 'new password'
230 utils.login(server.url, server.client, server.user, 200, done)
231 })
232 })
233
234 it('Should be able to remove this user', function (done) {
235 utils.removeUser(server.url, accessToken, 'user_1', done)
236 })
237
238 it('Should not be able to login with this user', function (done) {
239 // server.user is already set to user 1
240 utils.login(server.url, server.client, server.user, 400, done)
241 })
242
243 it('Should not have videos of this user', function (done) {
244 utils.getVideosList(server.url, function (err, res) {
245 if (err) throw err
246
247 expect(res.body.total).to.equal(1)
248 const video = res.body.data[0]
249 expect(video.author).to.equal('root')
250
251 done()
252 })
253 })
254
255 after(function (done) {
256 process.kill(-server.app.pid)
257
258 // Keep the logs if the test failed
259 if (this.ok) {
260 utils.flushTests(done)
261 } else {
262 done()
263 }
264 })
265 })
ActivityPub-federated video streaming platform using P2P directly in your web browser