X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fusers.ts;h=1e3533bf3cc5a3b83fb17507969e63fda3b711af;hb=86d13ec2aa94ec10810ddf9c8b33314bd4968791;hp=578fece49a7fc2bfd5223342e8b318acf95ea634;hpb=165cdc75bf1942ed687f78094c2bd366839a7c99;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 578fece49..1e3533bf3 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts @@ -67,6 +67,7 @@ describe('Test users API validators', function () { .get(path) .query({ start: 'hello' }) .set('Accept', 'application/json') + .set('Authorization', 'Bearer ' + server.accessToken) .expect(400) }) @@ -75,6 +76,7 @@ describe('Test users API validators', function () { .get(path) .query({ count: 'hello' }) .set('Accept', 'application/json') + .set('Authorization', 'Bearer ' + server.accessToken) .expect(400) }) @@ -83,8 +85,24 @@ describe('Test users API validators', function () { .get(path) .query({ sort: 'hello' }) .set('Accept', 'application/json') + .set('Authorization', 'Bearer ' + server.accessToken) .expect(400) }) + + it('Should fail with a non authenticated user', async function () { + await request(server.url) + .get(path) + .set('Accept', 'application/json') + .expect(401) + }) + + it('Should fail with a non admin user', async function () { + await request(server.url) + .get(path) + .set('Accept', 'application/json') + .set('Authorization', 'Bearer ' + userAccessToken) + .expect(403) + }) }) describe('When adding a new user', function () { @@ -354,7 +372,7 @@ describe('Test users API validators', function () { describe('When updating a user', function () { before(async function () { - const res = await getUsersList(server.url) + const res = await getUsersList(server.url, server.accessToken) userId = res.body.data[1].id rootId = res.body.data[2].id