/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
-import * as chai from 'chai'
import 'mocha'
-import { MyUser, User, UserRole, Video, VideoPlaylistType, VideoAbuseState, VideoAbuseUpdate } from '../../../../shared/index'
+import * as chai from 'chai'
+import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models'
+import { CustomConfig } from '@shared/models/server'
+import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
import {
+ addVideoCommentThread,
blockUser,
cleanupTests,
+ closeAllSequelize,
createUser,
deleteMe,
flushAndRunServer,
getAccountRatings,
+ getAdminAbusesList,
getBlacklistedVideosList,
+ getCustomConfig,
getMyUserInformation,
getMyUserVideoQuotaUsed,
getMyUserVideoRating,
getVideoChannel,
getVideosList,
installPlugin,
+ killallServers,
login,
makePutBodyRequest,
rateVideo,
registerUserWithChannel,
removeUser,
removeVideo,
+ reportAbuse,
+ reRunServer,
ServerInfo,
+ setTokenField,
testImage,
unblockUser,
+ updateAbuse,
+ updateCustomSubConfig,
updateMyAvatar,
updateMyUser,
updateUser,
uploadVideo,
userLogin,
- reportVideoAbuse,
- addVideoCommentThread,
- updateVideoAbuse,
- getVideoAbusesList
+ waitJobs
} from '../../../../shared/extra-utils'
import { follow } from '../../../../shared/extra-utils/server/follows'
-import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
+import { logout, refreshToken, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
before(async function () {
this.timeout(30000)
- server = await flushAndRunServer(1)
+
+ server = await flushAndRunServer(1, {
+ rates_limit: {
+ login: {
+ max: 30
+ }
+ }
+ })
await setAccessTokensToServers([ server ])
it('Should not login with an invalid client id', async function () {
const client = { id: 'client', secret: server.client.secret }
- const res = await login(server.url, client, server.user, 400)
+ const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_client')
expect(res.body.error).to.contain('client is invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_client')
})
it('Should not login with an invalid client secret', async function () {
const client = { id: server.client.id, secret: 'coucou' }
- const res = await login(server.url, client, server.user, 400)
+ const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_client')
expect(res.body.error).to.contain('client is invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_client')
})
})
it('Should not login with an invalid username', async function () {
const user = { username: 'captain crochet', password: server.user.password }
- const res = await login(server.url, server.client, user, 400)
+ const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_grant')
expect(res.body.error).to.contain('credentials are invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_grant')
})
it('Should not login with an invalid password', async function () {
const user = { username: server.user.username, password: 'mew_three' }
- const res = await login(server.url, server.client, user, 400)
+ const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
+ expect(res.body.code).to.equal('invalid_grant')
expect(res.body.error).to.contain('credentials are invalid')
+ expect(res.body.type.startsWith('https://')).to.be.true
+ expect(res.body.type).to.contain('invalid_grant')
})
it('Should not be able to upload a video', async function () {
accessToken = 'my_super_token'
const videoAttributes = {}
- await uploadVideo(server.url, accessToken, videoAttributes, 401)
+ await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
})
it('Should not be able to follow', async function () {
accessToken = 'my_super_token'
- await follow(server.url, [ 'http://example.com' ], accessToken, 401)
+ await follow(server.url, [ 'http://example.com' ], accessToken, HttpStatusCode.UNAUTHORIZED_401)
})
it('Should not be able to unfollow')
it('Should be able to login', async function () {
- const res = await login(server.url, server.client, server.user, 200)
+ const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
accessToken = res.body.access_token
})
it('Should be able to login with an insensitive username', async function () {
const user = { username: 'RoOt', password: server.user.password }
- await login(server.url, server.client, user, 200)
+ await login(server.url, server.client, user, HttpStatusCode.OK_200)
const user2 = { username: 'rOoT', password: server.user.password }
- await login(server.url, server.client, user2, 200)
+ await login(server.url, server.client, user2, HttpStatusCode.OK_200)
const user3 = { username: 'ROOt', password: server.user.password }
- await login(server.url, server.client, user3, 200)
+ await login(server.url, server.client, user3, HttpStatusCode.OK_200)
})
})
it('Should retrieve ratings list', async function () {
await rateVideo(server.url, accessToken, videoId, 'like')
- const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
+ const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, HttpStatusCode.OK_200)
const ratings = res.body
expect(ratings.total).to.equal(1)
describe('Remove video', function () {
it('Should not be able to remove the video with an incorrect token', async function () {
- await removeVideo(server.url, 'bad_token', videoId, 401)
+ await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
})
it('Should not be able to remove the video with the token of another account')
})
describe('Logout', function () {
- it('Should logout (revoke token)')
-
- it('Should not be able to get the user information')
+ it('Should logout (revoke token)', async function () {
+ await logout(server.url, server.accessToken)
+ })
- it('Should not be able to upload a video')
+ it('Should not be able to get the user information', async function () {
+ await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
+ })
- it('Should not be able to remove a video')
+ it('Should not be able to upload a video', async function () {
+ await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
+ })
it('Should not be able to rate a video', async function () {
const path = '/api/v1/videos/'
path: path + videoId,
token: 'wrong token',
fields: data,
- statusCodeExpected: 401
+ statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
}
await makePutBodyRequest(options)
})
- it('Should be able to login again')
+ it('Should be able to login again', async function () {
+ const res = await login(server.url, server.client, server.user)
+ server.accessToken = res.body.access_token
+ server.refreshToken = res.body.refresh_token
+ })
+
+ it('Should be able to get my user information again', async function () {
+ await getMyUserInformation(server.url, server.accessToken)
+ })
+
+ it('Should have an expired access token', async function () {
+ this.timeout(15000)
+
+ await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
+ await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
+
+ killallServers([ server ])
+ await reRunServer(server)
+
+ await getMyUserInformation(server.url, server.accessToken, 401)
+ })
+
+ it('Should not be able to refresh an access token with an expired refresh token', async function () {
+ await refreshToken(server, server.refreshToken, 400)
+ })
+
+ it('Should refresh the token', async function () {
+ this.timeout(15000)
+
+ const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
+ await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
- it('Should have an expired access token')
+ killallServers([ server ])
+ await reRunServer(server)
- it('Should refresh the token')
+ const res = await refreshToken(server, server.refreshToken)
+ server.accessToken = res.body.access_token
+ server.refreshToken = res.body.refresh_token
+ })
- it('Should be able to upload a video again')
+ it('Should be able to get my user information again', async function () {
+ await getMyUserInformation(server.url, server.accessToken)
+ })
})
describe('Creating a user', function () {
username: user.username,
password: user.password,
videoQuota: 2 * 1024 * 1024,
- adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
+ adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
})
})
}
expect(userMe.adminFlags).to.be.undefined
- expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
+ expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
expect(userMe.specialPlaylists).to.have.lengthOf(1)
expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
expect(userGet.videosCount).to.equal(0)
expect(userGet.videoCommentsCount).to.be.a('number')
expect(userGet.videoCommentsCount).to.equal(0)
- expect(userGet.videoAbusesCount).to.be.a('number')
- expect(userGet.videoAbusesCount).to.equal(0)
- expect(userGet.videoAbusesAcceptedCount).to.be.a('number')
- expect(userGet.videoAbusesAcceptedCount).to.equal(0)
+ expect(userGet.abusesCount).to.be.a('number')
+ expect(userGet.abusesCount).to.equal(0)
+ expect(userGet.abusesAcceptedCount).to.be.a('number')
+ expect(userGet.abusesAcceptedCount).to.equal(0)
})
})
describe('My videos & quotas', function () {
it('Should be able to upload a video with this user', async function () {
- this.timeout(5000)
+ this.timeout(10000)
const videoAttributes = {
name: 'super user video',
expect(videos).to.have.lengthOf(0)
}
})
+
+ it('Should disable webtorrent, enable HLS, and update my quota', async function () {
+ this.timeout(60000)
+
+ {
+ const res = await getCustomConfig(server.url, server.accessToken)
+ const config = res.body as CustomConfig
+ config.transcoding.webtorrent.enabled = false
+ config.transcoding.hls.enabled = true
+ config.transcoding.enabled = true
+ await updateCustomSubConfig(server.url, server.accessToken, config)
+ }
+
+ {
+ const videoAttributes = {
+ name: 'super user video 2',
+ fixture: 'video_short.webm'
+ }
+ await uploadVideo(server.url, accessTokenUser, videoAttributes)
+
+ await waitJobs([ server ])
+ }
+
+ {
+ const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
+ const data = res.body
+
+ expect(data.videoQuotaUsed).to.be.greaterThan(220000)
+ }
+ })
})
describe('Users listing', function () {
expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
expect(user.nsfwPolicy).to.equal('display')
+ expect(rootUser.lastLoginDate).to.exist
+ expect(user.lastLoginDate).to.exist
+
userId = user.id
})
})
user.password = 'new password'
- await userLogin(server, user, 200)
+ await userLogin(server, user, HttpStatusCode.OK_200)
})
it('Should be able to change the NSFW display attribute', async function () {
expect(user.account.description).to.be.null
})
- it('Should be able to update my avatar', async function () {
- const fixture = 'avatar.png'
+ it('Should be able to update my avatar with a gif', async function () {
+ const fixture = 'avatar.gif'
await updateMyAvatar({
url: server.url,
const res = await getMyUserInformation(server.url, accessTokenUser)
const user = res.body
- await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
+ await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
+ })
+
+ it('Should be able to update my avatar with a gif, and then a png', async function () {
+ for (const extension of [ '.png', '.gif' ]) {
+ const fixture = 'avatar' + extension
+
+ await updateMyAvatar({
+ url: server.url,
+ accessToken: accessTokenUser,
+ fixture
+ })
+
+ const res = await getMyUserInformation(server.url, accessTokenUser)
+ const user = res.body
+
+ await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
+ }
})
it('Should be able to update my display name', async function () {
emailVerified: true,
videoQuota: 42,
role: UserRole.MODERATOR,
- adminFlags: UserAdminFlag.NONE
+ adminFlags: UserAdminFlag.NONE,
+ pluginAuth: 'toto'
})
const res = await getUserInformation(server.url, accessToken, userId)
- const user = res.body
+ const user = res.body as User
expect(user.username).to.equal('user_1')
expect(user.email).to.equal('updated2@example.com')
expect(user.roleLabel).to.equal('Moderator')
expect(user.id).to.be.a('number')
expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
+ expect(user.pluginAuth).to.equal('toto')
+ })
+
+ it('Should reset the auth plugin', async function () {
+ await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
+
+ const res = await getUserInformation(server.url, accessToken, userId)
+ const user = res.body as User
+ expect(user.pluginAuth).to.be.null
})
it('Should have removed the user token', async function () {
- await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
+ await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
accessTokenUser = await userLogin(server, user)
})
password: 'password updated'
})
- await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
+ await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
- await userLogin(server, user, 400)
+ await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
user.password = 'password updated'
accessTokenUser = await userLogin(server, user)
})
it('Should not be able to login with this user', async function () {
- await userLogin(server, user, 400)
+ await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
})
it('Should not have videos of this user', async function () {
describe('User blocking', function () {
let user16Id
let user16AccessToken
+ const user16 = {
+ username: 'user_16',
+ password: 'my super password'
+ }
- it('Should block and unblock a user', async function () {
- const user16 = {
- username: 'user_16',
- password: 'my super password'
- }
+ it('Should block a user', async function () {
const resUser = await createUser({
url: server.url,
accessToken: server.accessToken,
user16AccessToken = await userLogin(server, user16)
- await getMyUserInformation(server.url, user16AccessToken, 200)
+ await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
await blockUser(server.url, user16Id, server.accessToken)
- await getMyUserInformation(server.url, user16AccessToken, 401)
- await userLogin(server, user16, 400)
+ await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
+ await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
+ })
+
+ it('Should search user by banned status', async function () {
+ {
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
+ const users = res.body.data as User[]
+
+ expect(res.body.total).to.equal(1)
+ expect(users.length).to.equal(1)
+
+ expect(users[0].username).to.equal(user16.username)
+ }
+
+ {
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
+ const users = res.body.data as User[]
+
+ expect(res.body.total).to.equal(1)
+ expect(users.length).to.equal(1)
+
+ expect(users[0].username).to.not.equal(user16.username)
+ }
+ })
+ it('Should unblock a user', async function () {
await unblockUser(server.url, user16Id, server.accessToken)
user16AccessToken = await userLogin(server, user16)
- await getMyUserInformation(server.url, user16AccessToken, 200)
+ await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
})
})
expect(user.videosCount).to.equal(0)
expect(user.videoCommentsCount).to.equal(0)
- expect(user.videoAbusesCount).to.equal(0)
- expect(user.videoAbusesCreatedCount).to.equal(0)
- expect(user.videoAbusesAcceptedCount).to.equal(0)
+ expect(user.abusesCount).to.equal(0)
+ expect(user.abusesCreatedCount).to.equal(0)
+ expect(user.abusesAcceptedCount).to.equal(0)
})
it('Should report correct videos count', async function () {
expect(user.videoCommentsCount).to.equal(1)
})
- it('Should report correct video abuses counts', async function () {
+ it('Should report correct abuses counts', async function () {
const reason = 'my super bad reason'
- await reportVideoAbuse(server.url, user17AccessToken, videoId, reason)
+ await reportAbuse({ url: server.url, token: user17AccessToken, videoId, reason })
- const res1 = await getVideoAbusesList(server.url, server.accessToken)
+ const res1 = await getAdminAbusesList({ url: server.url, token: server.accessToken })
const abuseId = res1.body.data[0].id
const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
const user2: User = res2.body
- expect(user2.videoAbusesCount).to.equal(1) // number of incriminations
- expect(user2.videoAbusesCreatedCount).to.equal(1) // number of reports created
+ expect(user2.abusesCount).to.equal(1) // number of incriminations
+ expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
- const body: VideoAbuseUpdate = { state: VideoAbuseState.ACCEPTED }
- await updateVideoAbuse(server.url, server.accessToken, videoId, abuseId, body)
+ const body: AbuseUpdate = { state: AbuseState.ACCEPTED }
+ await updateAbuse(server.url, server.accessToken, abuseId, body)
const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
const user3: User = res3.body
- expect(user3.videoAbusesAcceptedCount).to.equal(1) // number of reports created accepted
+ expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
})
})
after(async function () {
+ await closeAllSequelize([ server ])
await cleanupTests([ server ])
})
})