Check current password on server side

[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts

diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 95903c8a57d020a18e9b8f1a86833673cac5d7cc..cbfa0c137cd879b2cdd2ce08f8a45294d48f5b2c 100644 (file)
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -254,6 +254,7 @@ describe('Test users API validators', function () {
 
     it('Should fail with a too small password', async function () {
       const fields = {
+        currentPassword: 'my super password',
         password: 'bla'
       }
 
@@ -262,12 +263,31 @@ describe('Test users API validators', function () {
 
     it('Should fail with a too long password', async function () {
       const fields = {
+        currentPassword: 'my super password',
         password: 'super'.repeat(61)
       }
 
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
     })
 
+    it('Should fail without the current password', async function () {
+      const fields = {
+        currentPassword: 'my super password',
+        password: 'super'.repeat(61)
+      }
+
+      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
+    })
+
+    it('Should fail with an invalid current password', async function () {
+      const fields = {
+        currentPassword: 'my super password fail',
+        password: 'super'.repeat(61)
+      }
+
+      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
+    })
+
     it('Should fail with an invalid NSFW policy attribute', async function () {
       const fields = {
         nsfwPolicy: 'hello'
@@ -286,6 +306,7 @@ describe('Test users API validators', function () {
 
     it('Should fail with an non authenticated user', async function () {
       const fields = {
+        currentPassword: 'my super password',
         password: 'my super password'
       }
 
@@ -300,8 +321,9 @@ describe('Test users API validators', function () {
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
     })
 
-    it('Should succeed with the correct params', async function () {
+    it('Should succeed to change password with the correct params', async function () {
       const fields = {
+        currentPassword: 'my super password',
         password: 'my super password',
         nsfwPolicy: 'blur',
         autoPlayVideo: false,
@@ -310,6 +332,16 @@ describe('Test users API validators', function () {
 
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
     })
+
+    it('Should succeed without password change with the correct params', async function () {
+      const fields = {
+        nsfwPolicy: 'blur',
+        autoPlayVideo: false,
+        email: 'super_email@example.com'
+      }
+
+      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
+    })
   })
 
   describe('When updating my avatar', function () {