+ it('Should not be able to refresh an access token with an expired refresh token', async function () {
+ await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ })
+
+ it('Should refresh the token', async function () {
+ this.timeout(15000)
+
+ const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
+ await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate)
+
+ await killallServers([ server ])
+ await server.run()
+
+ const res = await server.login.refreshToken({ refreshToken: server.refreshToken })
+ server.accessToken = res.body.access_token
+ server.refreshToken = res.body.refresh_token
+ })
+
+ it('Should be able to get my user information again', async function () {
+ await server.users.getMyInfo()
+ })
+ })
+
+ describe('Creating a user', function () {
+
+ it('Should be able to create a new user', async function () {
+ await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST })
+ })
+
+ it('Should be able to login with this user', async function () {
+ userToken = await server.login.getAccessToken(user)
+ })
+
+ it('Should be able to get user information', async function () {
+ const userMe = await server.users.getMyInfo({ token: userToken })
+
+ const userGet = await server.users.get({ userId: userMe.id, withStats: true })
+
+ for (const user of [ userMe, userGet ]) {
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('user_1@example.com')
+ expect(user.nsfwPolicy).to.equal('display')
+ expect(user.videoQuota).to.equal(2 * 1024 * 1024)
+ expect(user.roleLabel).to.equal('User')
+ expect(user.id).to.be.a('number')
+ expect(user.account.displayName).to.equal('user_1')
+ expect(user.account.description).to.be.null
+ }
+
+ expect(userMe.adminFlags).to.be.undefined
+ expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
+
+ expect(userMe.specialPlaylists).to.have.lengthOf(1)
+ expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
+
+ // Check stats are included with withStats
+ expect(userGet.videosCount).to.be.a('number')
+ expect(userGet.videosCount).to.equal(0)
+ expect(userGet.videoCommentsCount).to.be.a('number')
+ expect(userGet.videoCommentsCount).to.equal(0)
+ expect(userGet.abusesCount).to.be.a('number')
+ expect(userGet.abusesCount).to.equal(0)
+ expect(userGet.abusesAcceptedCount).to.be.a('number')
+ expect(userGet.abusesAcceptedCount).to.equal(0)
+ })
+ })
+
+ describe('My videos & quotas', function () {
+
+ it('Should be able to upload a video with this user', async function () {
+ this.timeout(10000)
+
+ const attributes = {
+ name: 'super user video',
+ fixture: 'video_short.webm'
+ }
+ await server.videos.upload({ token: userToken, attributes })
+ })
+
+ it('Should have video quota updated', async function () {
+ const quota = await server.users.getMyQuotaUsed({ token: userToken })
+ expect(quota.videoQuotaUsed).to.equal(218910)
+
+ const { data } = await server.users.list()
+ const tmpUser = data.find(u => u.username === user.username)
+ expect(tmpUser.videoQuotaUsed).to.equal(218910)
+ })
+
+ it('Should be able to list my videos', async function () {
+ const { total, data } = await server.videos.listMyVideos({ token: userToken })
+ expect(total).to.equal(1)
+ expect(data).to.have.lengthOf(1)
+
+ const video: Video = data[0]
+ expect(video.name).to.equal('super user video')
+ expect(video.thumbnailPath).to.not.be.null
+ expect(video.previewPath).to.not.be.null
+ })
+
+ it('Should be able to search in my videos', async function () {
+ {
+ const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'user video' })
+ expect(total).to.equal(1)
+ expect(data).to.have.lengthOf(1)
+ }
+
+ {
+ const { total, data } = await server.videos.listMyVideos({ token: userToken, sort: '-createdAt', search: 'toto' })
+ expect(total).to.equal(0)
+ expect(data).to.have.lengthOf(0)
+ }
+ })
+
+ it('Should disable webtorrent, enable HLS, and update my quota', async function () {
+ this.timeout(60000)
+
+ {
+ const config = await server.config.getCustomConfig()
+ config.transcoding.webtorrent.enabled = false
+ config.transcoding.hls.enabled = true
+ config.transcoding.enabled = true
+ await server.config.updateCustomSubConfig({ newConfig: config })
+ }
+
+ {
+ const attributes = {
+ name: 'super user video 2',
+ fixture: 'video_short.webm'
+ }
+ await server.videos.upload({ token: userToken, attributes })
+
+ await waitJobs([ server ])
+ }
+
+ {
+ const data = await server.users.getMyQuotaUsed({ token: userToken })
+ expect(data.videoQuotaUsed).to.be.greaterThan(220000)
+ }
+ })
+ })
+
+ describe('Users listing', function () {
+
+ it('Should list all the users', async function () {
+ const { data, total } = await server.users.list()
+
+ expect(total).to.equal(2)
+ expect(data).to.be.an('array')
+ expect(data.length).to.equal(2)
+
+ const user = data[0]
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('user_1@example.com')
+ expect(user.nsfwPolicy).to.equal('display')
+
+ const rootUser = data[1]
+ expect(rootUser.username).to.equal('root')
+ expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
+ expect(user.nsfwPolicy).to.equal('display')
+
+ expect(rootUser.lastLoginDate).to.exist
+ expect(user.lastLoginDate).to.exist
+
+ userId = user.id
+ })
+
+ it('Should list only the first user by username asc', async function () {
+ const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' })
+
+ expect(total).to.equal(2)
+ expect(data.length).to.equal(1)
+
+ const user = data[0]
+ expect(user.username).to.equal('root')
+ expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
+ expect(user.roleLabel).to.equal('Administrator')
+ expect(user.nsfwPolicy).to.equal('display')
+ })
+
+ it('Should list only the first user by username desc', async function () {
+ const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' })
+
+ expect(total).to.equal(2)
+ expect(data.length).to.equal(1)
+
+ const user = data[0]
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('user_1@example.com')
+ expect(user.nsfwPolicy).to.equal('display')
+ })
+
+ it('Should list only the second user by createdAt desc', async function () {
+ const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' })
+ expect(total).to.equal(2)
+
+ expect(data.length).to.equal(1)
+
+ const user = data[0]
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('user_1@example.com')
+ expect(user.nsfwPolicy).to.equal('display')
+ })
+
+ it('Should list all the users by createdAt asc', async function () {
+ const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' })
+
+ expect(total).to.equal(2)
+ expect(data.length).to.equal(2)
+
+ expect(data[0].username).to.equal('root')
+ expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
+ expect(data[0].nsfwPolicy).to.equal('display')
+
+ expect(data[1].username).to.equal('user_1')
+ expect(data[1].email).to.equal('user_1@example.com')
+ expect(data[1].nsfwPolicy).to.equal('display')
+ })
+
+ it('Should search user by username', async function () {
+ const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' })
+ expect(total).to.equal(1)
+ expect(data.length).to.equal(1)
+ expect(data[0].username).to.equal('root')
+ })
+
+ it('Should search user by email', async function () {
+ {
+ const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' })
+ expect(total).to.equal(1)
+ expect(data.length).to.equal(1)
+ expect(data[0].username).to.equal('user_1')
+ expect(data[0].email).to.equal('user_1@example.com')
+ }
+
+ {
+ const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' })
+ expect(total).to.equal(2)
+ expect(data.length).to.equal(2)
+ expect(data[0].username).to.equal('root')
+ expect(data[1].username).to.equal('user_1')
+ }
+ })
+ })
+
+ describe('Update my account', function () {
+
+ it('Should update my password', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ currentPassword: 'super password',
+ password: 'new password'
+ })
+ user.password = 'new password'
+
+ await server.login.login({ user })
+ })
+
+ it('Should be able to change the NSFW display attribute', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ nsfwPolicy: 'do_not_list'
+ })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('user_1@example.com')
+ expect(user.nsfwPolicy).to.equal('do_not_list')
+ expect(user.videoQuota).to.equal(2 * 1024 * 1024)
+ expect(user.id).to.be.a('number')
+ expect(user.account.displayName).to.equal('user_1')
+ expect(user.account.description).to.be.null
+ })
+
+ it('Should be able to change the autoPlayVideo attribute', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ autoPlayVideo: false
+ })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.autoPlayVideo).to.be.false
+ })
+
+ it('Should be able to change the autoPlayNextVideo attribute', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ autoPlayNextVideo: true
+ })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.autoPlayNextVideo).to.be.true
+ })
+
+ it('Should be able to change the email attribute', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ currentPassword: 'new password',
+ email: 'updated@example.com'
+ })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('updated@example.com')
+ expect(user.nsfwPolicy).to.equal('do_not_list')
+ expect(user.videoQuota).to.equal(2 * 1024 * 1024)
+ expect(user.id).to.be.a('number')
+ expect(user.account.displayName).to.equal('user_1')
+ expect(user.account.description).to.be.null
+ })
+
+ it('Should be able to update my avatar with a gif', async function () {
+ const fixture = 'avatar.gif'
+
+ await server.users.updateMyAvatar({ token: userToken, fixture })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
+ })
+
+ it('Should be able to update my avatar with a gif, and then a png', async function () {
+ for (const extension of [ '.png', '.gif' ]) {
+ const fixture = 'avatar' + extension
+
+ await server.users.updateMyAvatar({ token: userToken, fixture })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
+ }
+ })
+
+ it('Should be able to update my display name', async function () {
+ await server.users.updateMe({ token: userToken, displayName: 'new display name' })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('updated@example.com')
+ expect(user.nsfwPolicy).to.equal('do_not_list')
+ expect(user.videoQuota).to.equal(2 * 1024 * 1024)
+ expect(user.id).to.be.a('number')
+ expect(user.account.displayName).to.equal('new display name')
+ expect(user.account.description).to.be.null
+ })
+
+ it('Should be able to update my description', async function () {
+ await server.users.updateMe({ token: userToken, description: 'my super description updated' })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('updated@example.com')
+ expect(user.nsfwPolicy).to.equal('do_not_list')
+ expect(user.videoQuota).to.equal(2 * 1024 * 1024)
+ expect(user.id).to.be.a('number')
+ expect(user.account.displayName).to.equal('new display name')
+ expect(user.account.description).to.equal('my super description updated')
+ expect(user.noWelcomeModal).to.be.false
+ expect(user.noInstanceConfigWarningModal).to.be.false
+ })
+
+ it('Should be able to update my theme', async function () {
+ for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
+ await server.users.updateMe({ token: userToken, theme })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.theme).to.equal(theme)
+ }
+ })
+
+ it('Should be able to update my modal preferences', async function () {
+ await server.users.updateMe({
+ token: userToken,
+ noInstanceConfigWarningModal: true,
+ noWelcomeModal: true
+ })
+
+ const user = await server.users.getMyInfo({ token: userToken })
+ expect(user.noWelcomeModal).to.be.true
+ expect(user.noInstanceConfigWarningModal).to.be.true
+ })
+ })
+
+ describe('Updating another user', function () {
+ it('Should be able to update another user', async function () {
+ await server.users.update({
+ userId,
+ token,
+ email: 'updated2@example.com',
+ emailVerified: true,
+ videoQuota: 42,
+ role: UserRole.MODERATOR,
+ adminFlags: UserAdminFlag.NONE,
+ pluginAuth: 'toto'
+ })
+
+ const user = await server.users.get({ token, userId })
+
+ expect(user.username).to.equal('user_1')
+ expect(user.email).to.equal('updated2@example.com')
+ expect(user.emailVerified).to.be.true
+ expect(user.nsfwPolicy).to.equal('do_not_list')
+ expect(user.videoQuota).to.equal(42)
+ expect(user.roleLabel).to.equal('Moderator')
+ expect(user.id).to.be.a('number')
+ expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
+ expect(user.pluginAuth).to.equal('toto')
+ })
+
+ it('Should reset the auth plugin', async function () {
+ await server.users.update({ userId, token, pluginAuth: null })
+
+ const user = await server.users.get({ token, userId })
+ expect(user.pluginAuth).to.be.null
+ })
+
+ it('Should have removed the user token', async function () {
+ await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+
+ userToken = await server.login.getAccessToken(user)
+ })
+
+ it('Should be able to update another user password', async function () {
+ await server.users.update({ userId, token, password: 'password updated' })
+
+ await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+
+ await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+
+ user.password = 'password updated'
+ userToken = await server.login.getAccessToken(user)
+ })
+ })
+
+ describe('Video blacklists', function () {
+ it('Should be able to list video blacklist by a moderator', async function () {
+ await server.blacklist.list({ token: userToken })
+ })
+ })
+
+ describe('Remove a user', function () {
+ it('Should be able to remove this user', async function () {
+ await server.users.remove({ userId, token })
+ })
+
+ it('Should not be able to login with this user', async function () {
+ await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+ })
+
+ it('Should not have videos of this user', async function () {
+ const { data, total } = await server.videos.list()
+ expect(total).to.equal(1)
+
+ const video = data[0]
+ expect(video.account.name).to.equal('root')
+ })
+ })
+
+ describe('Registering a new user', function () {
+ let user15AccessToken