X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fusers.ts;h=1e3533bf3cc5a3b83fb17507969e63fda3b711af;hb=8e7f08b5a5e65195ad6dd3d7850fda57021421f3;hp=687999c096a6667adb7e2352d975dee280e9b1fc;hpb=757f0da370a992cf07afd20d3829b2748c76cc15;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 687999c09..1e3533bf3 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -67,6 +67,7 @@ describe('Test users API validators', function () {
               .get(path)
               .query({ start: 'hello' })
               .set('Accept', 'application/json')
+              .set('Authorization', 'Bearer ' + server.accessToken)
               .expect(400)
     })
 
@@ -75,6 +76,7 @@ describe('Test users API validators', function () {
               .get(path)
               .query({ count: 'hello' })
               .set('Accept', 'application/json')
+              .set('Authorization', 'Bearer ' + server.accessToken)
               .expect(400)
     })
 
@@ -83,8 +85,24 @@ describe('Test users API validators', function () {
               .get(path)
               .query({ sort: 'hello' })
               .set('Accept', 'application/json')
+              .set('Authorization', 'Bearer ' + server.accessToken)
               .expect(400)
     })
+
+    it('Should fail with a non authenticated user', async function () {
+      await request(server.url)
+        .get(path)
+        .set('Accept', 'application/json')
+        .expect(401)
+    })
+
+    it('Should fail with a non admin user', async function () {
+      await request(server.url)
+        .get(path)
+        .set('Accept', 'application/json')
+        .set('Authorization', 'Bearer ' + userAccessToken)
+        .expect(403)
+    })
   })
 
   describe('When adding a new user', function () {
@@ -112,6 +130,18 @@ describe('Test users API validators', function () {
       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
     })
 
+    it('Should fail with a not lowercase username', async function () {
+      const fields = {
+        username: 'Toto',
+        email: 'test@example.com',
+        password: 'my_super_password',
+        videoQuota: 42000000,
+        role: UserRole.USER
+      }
+
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+
     it('Should fail with an incorrect username', async function () {
       const fields = {
         username: 'my username',
@@ -342,7 +372,7 @@ describe('Test users API validators', function () {
   describe('When updating a user', function () {
 
     before(async function () {
-      const res = await getUsersList(server.url)
+      const res = await getUsersList(server.url, server.accessToken)
 
       userId = res.body.data[1].id
       rootId = res.body.data[2].id