X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=server%2Ftests%2Fapi%2Fcheck-params%2Fusers.ts;h=c2c98f429ec8180f758ddf9e04e285aad22f7beb;hb=254d3579f5338f5fd775c17d15cdfc37078bcfb4;hp=4d597f0a3d53a2502af95c98a96256fc427309cc;hpb=134cf2bce96a8c5aefd55154e884964975d8cf23;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 4d597f0a3..c2c98f429 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts @@ -1,62 +1,39 @@ /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ -import { omit } from 'lodash' import 'mocha' -import { join } from 'path' -import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared' - +import { omit } from 'lodash' +import { HttpStatusCode } from '@shared/core-utils' import { - addVideoChannel, - blockUser, + buildAbsoluteFixturePath, + checkBadCountPagination, + checkBadSortPagination, + checkBadStartPagination, cleanupTests, - createUser, - deleteMe, - flushAndRunServer, - getMyUserInformation, - getMyUserVideoRating, - getUsersList, - immutableAssign, + createSingleServer, killallServers, makeGetRequest, makePostBodyRequest, makePutBodyRequest, makeUploadRequest, - registerUser, - removeUser, - reRunServer, - ServerInfo, + MockSmtpServer, + PeerTubeServer, setAccessTokensToServers, - unblockUser, - updateUser, - uploadVideo, - userLogin -} from '../../../../shared/extra-utils' -import { - checkBadCountPagination, - checkBadSortPagination, - checkBadStartPagination -} from '../../../../shared/extra-utils/requests/check-api-params' -import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports' -import { VideoPrivacy } from '../../../../shared/models/videos' -import { waitJobs } from '../../../../shared/extra-utils/server/jobs' -import { expect } from 'chai' -import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' -import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email' + UsersCommand +} from '@shared/extra-utils' +import { UserAdminFlag, UserRole, VideoCreateResult } from '@shared/models' describe('Test users API validators', function () { const path = '/api/v1/users/' let userId: number let rootId: number let moderatorId: number - let videoId: number - let server: ServerInfo - let serverWithRegistrationDisabled: ServerInfo - let userAccessToken = '' - let moderatorAccessToken = '' + let video: VideoCreateResult + let server: PeerTubeServer + let serverWithRegistrationDisabled: PeerTubeServer + let userToken = '' + let moderatorToken = '' let emailPort: number let overrideConfig: Object - // eslint-disable-next-line @typescript-eslint/no-unused-vars - let channelId: number // --------------------------------------------------------------- @@ -70,8 +47,8 @@ describe('Test users API validators', function () { { const res = await Promise.all([ - flushAndRunServer(1, overrideConfig), - flushAndRunServer(2) + createSingleServer(1, overrideConfig), + createSingleServer(2) ]) server = res[0] @@ -81,71 +58,31 @@ describe('Test users API validators', function () { } { - const user = { - username: 'user1', - password: 'my super password' - } - - const videoQuota = 42000000 - await createUser({ - url: server.url, - accessToken: server.accessToken, - username: user.username, - password: user.password, - videoQuota: videoQuota - }) - userAccessToken = await userLogin(server, user) + const user = { username: 'user1' } + await server.users.create({ ...user }) + userToken = await server.login.getAccessToken(user) } { - const moderator = { - username: 'moderator1', - password: 'super password' - } - - await createUser({ - url: server.url, - accessToken: server.accessToken, - username: moderator.username, - password: moderator.password, - role: UserRole.MODERATOR - }) - - moderatorAccessToken = await userLogin(server, moderator) + const moderator = { username: 'moderator1' } + await server.users.create({ ...moderator, role: UserRole.MODERATOR }) + moderatorToken = await server.login.getAccessToken(moderator) } { - const moderator = { - username: 'moderator2', - password: 'super password' - } - - await createUser({ - url: server.url, - accessToken: server.accessToken, - username: moderator.username, - password: moderator.password, - role: UserRole.MODERATOR - }) - } - - { - const res = await getMyUserInformation(server.url, server.accessToken) - channelId = res.body.videoChannels[0].id + const moderator = { username: 'moderator2' } + await server.users.create({ ...moderator, role: UserRole.MODERATOR }) } { - const res = await uploadVideo(server.url, server.accessToken, {}) - videoId = res.body.video.id + video = await server.videos.upload() } { - const res = await getUsersList(server.url, server.accessToken) - const users: User[] = res.body.data - - userId = users.find(u => u.username === 'user1').id - rootId = users.find(u => u.username === 'root').id - moderatorId = users.find(u => u.username === 'moderator2').id + const { data } = await server.users.list() + userId = data.find(u => u.username === 'user1').id + rootId = data.find(u => u.username === 'root').id + moderatorId = data.find(u => u.username === 'moderator2').id } }) @@ -166,7 +103,7 @@ describe('Test users API validators', function () { await makeGetRequest({ url: server.url, path, - statusCodeExpected: 401 + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -174,8 +111,8 @@ describe('Test users API validators', function () { await makeGetRequest({ url: server.url, path, - token: userAccessToken, - statusCodeExpected: 403 + token: userToken, + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) }) @@ -188,29 +125,29 @@ describe('Test users API validators', function () { videoQuota: -1, videoQuotaDaily: -1, role: UserRole.USER, - adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST + adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST } it('Should fail with a too small username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: '' }) + const fields = { ...baseCorrectParams, username: '' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with a too long username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) + const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with a not lowercase username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'Toto' }) + const fields = { ...baseCorrectParams, username: 'Toto' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with an incorrect username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) + const fields = { ...baseCorrectParams, username: 'my username' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) @@ -222,59 +159,63 @@ describe('Test users API validators', function () { }) it('Should fail with an invalid email', async function () { - const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) + const fields = { ...baseCorrectParams, email: 'test_example.com' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with a too small password', async function () { - const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) + const fields = { ...baseCorrectParams, password: 'bla' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with a too long password', async function () { - const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) + const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with empty password and no smtp configured', async function () { - const fields = immutableAssign(baseCorrectParams, { password: '' }) + const fields = { ...baseCorrectParams, password: '' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should succeed with no password on a server with smtp enabled', async function () { - this.timeout(10000) + this.timeout(20000) - killallServers([ server ]) + await killallServers([ server ]) + + const config = { + ...overrideConfig, - const config = immutableAssign(overrideConfig, { smtp: { hostname: 'localhost', port: emailPort } - }) - await reRunServer(server, config) + } + await server.run(config) + + const fields = { + ...baseCorrectParams, - const fields = immutableAssign(baseCorrectParams, { password: '', username: 'create_password', email: 'create_password@example.com' - }) + } await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) }) it('Should fail with invalid admin flags', async function () { - const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' }) + const fields = { ...baseCorrectParams, adminFlags: 'toto' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) @@ -285,20 +226,32 @@ describe('Test users API validators', function () { path, token: 'super token', fields: baseCorrectParams, - statusCodeExpected: 401 + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail if we add a user with the same username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'user1' }) + const fields = { ...baseCorrectParams, username: 'user1' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.CONFLICT_409 + }) }) it('Should fail if we add a user with the same email', async function () { - const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' }) + const fields = { ...baseCorrectParams, email: 'user1@example.com' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.CONFLICT_409 + }) }) it('Should fail without a videoQuota', async function () { @@ -314,13 +267,13 @@ describe('Test users API validators', function () { }) it('Should fail with an invalid videoQuota', async function () { - const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 }) + const fields = { ...baseCorrectParams, videoQuota: -5 } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with an invalid videoQuotaDaily', async function () { - const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 }) + const fields = { ...baseCorrectParams, videoQuotaDaily: -7 } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) @@ -332,46 +285,46 @@ describe('Test users API validators', function () { }) it('Should fail with an invalid user role', async function () { - const fields = immutableAssign(baseCorrectParams, { role: 88989 }) + const fields = { ...baseCorrectParams, role: 88989 } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) }) it('Should fail with a "peertube" username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) + const fields = { ...baseCorrectParams, username: 'peertube' } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, - statusCodeExpected: 409 + statusCodeExpected: HttpStatusCode.CONFLICT_409 }) }) it('Should fail to create a moderator or an admin with a moderator', async function () { for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) { - const fields = immutableAssign(baseCorrectParams, { role }) + const fields = { ...baseCorrectParams, role } await makePostBodyRequest({ url: server.url, path, - token: moderatorAccessToken, + token: moderatorToken, fields, - statusCodeExpected: 403 + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) } }) it('Should succeed to create a user with a moderator', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }) + const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, - token: moderatorAccessToken, + token: moderatorToken, fields, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) }) @@ -381,16 +334,13 @@ describe('Test users API validators', function () { path, token: server.accessToken, fields: baseCorrectParams, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) }) it('Should fail with a non admin user', async function () { - const user = { - username: 'user1', - password: 'my super password' - } - userAccessToken = await userLogin(server, user) + const user = { username: 'user1' } + userToken = await server.login.getAccessToken(user) const fields = { username: 'user3', @@ -398,11 +348,12 @@ describe('Test users API validators', function () { password: 'my super password', videoQuota: 42000000 } - await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) }) describe('When updating my account', function () { + it('Should fail with an invalid email attribute', async function () { const fields = { email: 'blabla' @@ -413,29 +364,29 @@ describe('Test users API validators', function () { it('Should fail with a too small password', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'bla' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with a too long password', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'super'.repeat(61) } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail without the current password', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'super'.repeat(61) } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid current password', async function () { @@ -444,7 +395,13 @@ describe('Test users API validators', function () { password: 'super'.repeat(61) } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 }) + await makePutBodyRequest({ + url: server.url, + path: path + 'me', + token: userToken, + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with an invalid NSFW policy attribute', async function () { @@ -452,7 +409,7 @@ describe('Test users API validators', function () { nsfwPolicy: 'hello' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid autoPlayVideo attribute', async function () { @@ -460,7 +417,7 @@ describe('Test users API validators', function () { autoPlayVideo: -1 } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid autoPlayNextVideo attribute', async function () { @@ -468,7 +425,7 @@ describe('Test users API validators', function () { autoPlayNextVideo: -1 } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid videosHistoryEnabled attribute', async function () { @@ -476,16 +433,22 @@ describe('Test users API validators', function () { videosHistoryEnabled: -1 } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an non authenticated user', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'my super password' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) + await makePutBodyRequest({ + url: server.url, + path: path + 'me', + token: 'super token', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with a too long description', async function () { @@ -493,7 +456,7 @@ describe('Test users API validators', function () { description: 'super'.repeat(201) } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid videoLanguages attribute', async function () { @@ -502,7 +465,7 @@ describe('Test users API validators', function () { videoLanguages: 'toto' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) } { @@ -515,18 +478,18 @@ describe('Test users API validators', function () { videoLanguages: languages } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) } }) it('Should fail with an invalid theme', async function () { const fields = { theme: 'invalid' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an unknown theme', async function () { const fields = { theme: 'peertube-theme-unknown' } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () { @@ -534,7 +497,7 @@ describe('Test users API validators', function () { noInstanceConfigWarningModal: -1 } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should fail with an invalid noWelcomeModal attribute', async function () { @@ -542,12 +505,12 @@ describe('Test users API validators', function () { noWelcomeModal: -1 } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) }) it('Should succeed to change password with the correct params', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'my super password', nsfwPolicy: 'blur', autoPlayVideo: false, @@ -557,7 +520,13 @@ describe('Test users API validators', function () { noWelcomeModal: true } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) + await makePutBodyRequest({ + url: server.url, + path: path + 'me', + token: userToken, + fields, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) it('Should succeed without password change with the correct params', async function () { @@ -566,7 +535,13 @@ describe('Test users API validators', function () { autoPlayVideo: false } - await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) + await makePutBodyRequest({ + url: server.url, + path: path + 'me', + token: userToken, + fields, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) }) @@ -574,7 +549,7 @@ describe('Test users API validators', function () { it('Should fail without an incorrect input file', async function () { const fields = {} const attaches = { - avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4') + avatarfile: buildAbsoluteFixturePath('video_short.mp4') } await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) }) @@ -582,7 +557,7 @@ describe('Test users API validators', function () { it('Should fail with a big file', async function () { const fields = {} const attaches = { - avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png') + avatarfile: buildAbsoluteFixturePath('avatar-big.png') } await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) }) @@ -590,21 +565,21 @@ describe('Test users API validators', function () { it('Should fail with an unauthenticated user', async function () { const fields = {} const attaches = { - avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png') + avatarfile: buildAbsoluteFixturePath('avatar.png') } await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', fields, attaches, - statusCodeExpected: 401 + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should succeed with the correct params', async function () { const fields = {} const attaches = { - avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png') + avatarfile: buildAbsoluteFixturePath('avatar.png') } await makeUploadRequest({ url: server.url, @@ -612,23 +587,56 @@ describe('Test users API validators', function () { token: server.accessToken, fields, attaches, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) }) }) + describe('When managing my scoped tokens', function () { + + it('Should fail to get my scoped tokens with an non authenticated user', async function () { + await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail to get my scoped tokens with a bad token', async function () { + await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + + }) + + it('Should succeed to get my scoped tokens', async function () { + await server.users.getMyScopedTokens() + }) + + it('Should fail to renew my scoped tokens with an non authenticated user', async function () { + await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail to renew my scoped tokens with a bad token', async function () { + await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should succeed to renew my scoped tokens', async function () { + await server.users.renewMyScopedTokens() + }) + }) + describe('When getting a user', function () { it('Should fail with an non authenticated user', async function () { - await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 }) + await makeGetRequest({ + url: server.url, + path: path + userId, + token: 'super token', + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with a non admin user', async function () { - await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 }) + await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) it('Should succeed with the correct params', async function () { - await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 }) + await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: HttpStatusCode.OK_200 }) }) }) @@ -668,7 +676,7 @@ describe('Test users API validators', function () { it('Should fail with a too small password', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'bla' } @@ -677,7 +685,7 @@ describe('Test users API validators', function () { it('Should fail with a too long password', async function () { const fields = { - currentPassword: 'my super password', + currentPassword: 'password', password: 'super'.repeat(61) } @@ -689,7 +697,13 @@ describe('Test users API validators', function () { videoQuota: 42 } - await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) + await makePutBodyRequest({ + url: server.url, + path: path + userId, + token: 'super token', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail when updating root role', async function () { @@ -714,9 +728,9 @@ describe('Test users API validators', function () { await makePutBodyRequest({ url: server.url, path: path + moderatorId, - token: moderatorAccessToken, + token: moderatorToken, fields, - statusCodeExpected: 403 + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) @@ -728,9 +742,9 @@ describe('Test users API validators', function () { await makePutBodyRequest({ url: server.url, path: path + userId, - token: moderatorAccessToken, + token: moderatorToken, fields, - statusCodeExpected: 204 + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) }) @@ -742,35 +756,49 @@ describe('Test users API validators', function () { role: UserRole.USER } - await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) + await makePutBodyRequest({ + url: server.url, + path: path + userId, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) }) describe('When getting my information', function () { it('Should fail with a non authenticated user', async function () { - await getMyUserInformation(server.url, 'fake_token', 401) + await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should success with the correct parameters', async function () { - await getMyUserInformation(server.url, userAccessToken) + await server.users.getMyInfo({ token: userToken }) }) }) describe('When getting my video rating', function () { + let command: UsersCommand + + before(function () { + command = server.users + }) + it('Should fail with a non authenticated user', async function () { - await getMyUserVideoRating(server.url, 'fake_token', videoId, 401) + await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with an incorrect video uuid', async function () { - await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400) + await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should fail with an unknown video', async function () { - await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404) + await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should succeed with the correct parameters', async function () { - await getMyUserVideoRating(server.url, server.accessToken, videoId) + await command.getMyRating({ videoId: video.id }) + await command.getMyRating({ videoId: video.uuid }) + await command.getMyRating({ videoId: video.shortUUID }) }) }) @@ -778,74 +806,93 @@ describe('Test users API validators', function () { const path = '/api/v1/accounts/user1/ratings' it('Should fail with a bad start pagination', async function () { - await checkBadStartPagination(server.url, path, userAccessToken) + await checkBadStartPagination(server.url, path, userToken) }) it('Should fail with a bad count pagination', async function () { - await checkBadCountPagination(server.url, path, userAccessToken) + await checkBadCountPagination(server.url, path, userToken) }) it('Should fail with an incorrect sort', async function () { - await checkBadSortPagination(server.url, path, userAccessToken) + await checkBadSortPagination(server.url, path, userToken) }) it('Should fail with a unauthenticated user', async function () { - await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 }) + await makeGetRequest({ url: server.url, path, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a another user', async function () { - await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 }) + await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) it('Should fail with a bad type', async function () { - await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 }) + await makeGetRequest({ + url: server.url, + path, + token: userToken, + query: { rating: 'toto ' }, + statusCodeExpected: HttpStatusCode.BAD_REQUEST_400 + }) }) it('Should succeed with the correct params', async function () { - await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 }) + await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.OK_200 }) }) }) describe('When blocking/unblocking/removing user', function () { + it('Should fail with an incorrect id', async function () { - await removeUser(server.url, 'blabla', server.accessToken, 400) - await blockUser(server.url, 'blabla', server.accessToken, 400) - await unblockUser(server.url, 'blabla', server.accessToken, 400) + const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } + + await server.users.remove(options) + await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should fail with the root user', async function () { - await removeUser(server.url, rootId, server.accessToken, 400) - await blockUser(server.url, rootId, server.accessToken, 400) - await unblockUser(server.url, rootId, server.accessToken, 400) + const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } + + await server.users.remove(options) + await server.users.banUser(options) + await server.users.unbanUser(options) }) it('Should return 404 with a non existing id', async function () { - await removeUser(server.url, 4545454, server.accessToken, 404) - await blockUser(server.url, 4545454, server.accessToken, 404) - await unblockUser(server.url, 4545454, server.accessToken, 404) + const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 } + + await server.users.remove(options) + await server.users.banUser(options) + await server.users.unbanUser(options) }) it('Should fail with a non admin user', async function () { - await removeUser(server.url, userId, userAccessToken, 403) - await blockUser(server.url, userId, userAccessToken, 403) - await unblockUser(server.url, userId, userAccessToken, 403) + const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } + + await server.users.remove(options) + await server.users.banUser(options) + await server.users.unbanUser(options) }) it('Should fail on a moderator with a moderator', async function () { - await removeUser(server.url, moderatorId, moderatorAccessToken, 403) - await blockUser(server.url, moderatorId, moderatorAccessToken, 403) - await unblockUser(server.url, moderatorId, moderatorAccessToken, 403) + const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } + + await server.users.remove(options) + await server.users.banUser(options) + await server.users.unbanUser(options) }) it('Should succeed on a user with a moderator', async function () { - await blockUser(server.url, userId, moderatorAccessToken) - await unblockUser(server.url, userId, moderatorAccessToken) + const options = { userId, token: moderatorToken } + + await server.users.banUser(options) + await server.users.unbanUser(options) }) }) describe('When deleting our account', function () { it('Should fail with with the root account', async function () { - await deleteMe(server.url, server.accessToken, 400) + await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) }) @@ -859,19 +906,19 @@ describe('Test users API validators', function () { } it('Should fail with a too small username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: '' }) + const fields = { ...baseCorrectParams, username: '' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a too long username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) + const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with an incorrect username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) + const fields = { ...baseCorrectParams, username: 'my username' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) @@ -883,102 +930,108 @@ describe('Test users API validators', function () { }) it('Should fail with an invalid email', async function () { - const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) + const fields = { ...baseCorrectParams, email: 'test_example.com' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a too small password', async function () { - const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) + const fields = { ...baseCorrectParams, password: 'bla' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a too long password', async function () { - const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) + const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail if we register a user with the same username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'root' }) + const fields = { ...baseCorrectParams, username: 'root' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, - statusCodeExpected: 409 + statusCodeExpected: HttpStatusCode.CONFLICT_409 }) }) it('Should fail with a "peertube" username', async function () { - const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) + const fields = { ...baseCorrectParams, username: 'peertube' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, - statusCodeExpected: 409 + statusCodeExpected: HttpStatusCode.CONFLICT_409 }) }) it('Should fail if we register a user with the same email', async function () { - const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' }) + const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, - statusCodeExpected: 409 + statusCodeExpected: HttpStatusCode.CONFLICT_409 }) }) it('Should fail with a bad display name', async function () { - const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) }) + const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a bad channel name', async function () { - const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } }) + const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a bad channel display name', async function () { - const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } }) + const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with a channel name that is the same as username', async function () { const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } - const fields = immutableAssign(baseCorrectParams, source) + const fields = { ...baseCorrectParams, ...source } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) }) it('Should fail with an existing channel', async function () { - const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' } - await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg) + const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } + await server.channels.create({ attributes }) - const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } }) + const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } - await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) + await makePostBodyRequest({ + url: server.url, + path: registrationPath, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.CONFLICT_409 + }) }) it('Should succeed with the correct params', async function () { - const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } }) + const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } } await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields: fields, - statusCodeExpected: 204 + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) }) @@ -994,110 +1047,14 @@ describe('Test users API validators', function () { path: registrationPath, token: serverWithRegistrationDisabled.accessToken, fields, - statusCodeExpected: 403 + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) }) }) describe('When registering multiple users on a server with users limit', function () { it('Should fail when after 3 registrations', async function () { - await registerUser(server.url, 'user42', 'super password', 403) - }) - }) - - describe('When having a video quota', function () { - it('Should fail with a user having too many videos', async function () { - await updateUser({ - url: server.url, - userId: rootId, - accessToken: server.accessToken, - videoQuota: 42 - }) - - await uploadVideo(server.url, server.accessToken, {}, 403) - }) - - it('Should fail with a registered user having too many videos', async function () { - this.timeout(30000) - - const user = { - username: 'user3', - password: 'my super password' - } - userAccessToken = await userLogin(server, user) - - const videoAttributes = { fixture: 'video_short2.webm' } - await uploadVideo(server.url, userAccessToken, videoAttributes) - await uploadVideo(server.url, userAccessToken, videoAttributes) - await uploadVideo(server.url, userAccessToken, videoAttributes) - await uploadVideo(server.url, userAccessToken, videoAttributes) - await uploadVideo(server.url, userAccessToken, videoAttributes) - await uploadVideo(server.url, userAccessToken, videoAttributes, 403) - }) - - it('Should fail to import with HTTP/Torrent/magnet', async function () { - this.timeout(120000) - - const baseAttributes = { - channelId: 1, - privacy: VideoPrivacy.PUBLIC - } - await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() })) - await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() })) - await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' })) - - await waitJobs([ server ]) - - const res = await getMyVideoImports(server.url, server.accessToken) - - expect(res.body.total).to.equal(3) - const videoImports: VideoImport[] = res.body.data - expect(videoImports).to.have.lengthOf(3) - - for (const videoImport of videoImports) { - expect(videoImport.state.id).to.equal(VideoImportState.FAILED) - expect(videoImport.error).not.to.be.undefined - expect(videoImport.error).to.contain('user video quota is exceeded') - } - }) - }) - - describe('When having a daily video quota', function () { - it('Should fail with a user having too many videos', async function () { - await updateUser({ - url: server.url, - userId: rootId, - accessToken: server.accessToken, - videoQuotaDaily: 42 - }) - - await uploadVideo(server.url, server.accessToken, {}, 403) - }) - }) - - describe('When having an absolute and daily video quota', function () { - it('Should fail if exceeding total quota', async function () { - await updateUser({ - url: server.url, - userId: rootId, - accessToken: server.accessToken, - videoQuota: 42, - videoQuotaDaily: 1024 * 1024 * 1024 - }) - - await uploadVideo(server.url, server.accessToken, {}, 403) - }) - - it('Should fail if exceeding daily quota', async function () { - await updateUser({ - url: server.url, - userId: rootId, - accessToken: server.accessToken, - videoQuota: 1024 * 1024 * 1024, - videoQuotaDaily: 42 - }) - - await uploadVideo(server.url, server.accessToken, {}, 403) + await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) }) @@ -1119,7 +1076,13 @@ describe('Test users API validators', function () { it('Should success with the correct params', async function () { const fields = { email: 'admin@example.com' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) }) @@ -1141,7 +1104,13 @@ describe('Test users API validators', function () { it('Should succeed with the correct params', async function () { const fields = { email: 'admin@example.com' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) })