X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fusers.ts;h=578fece49a7fc2bfd5223342e8b318acf95ea634;hb=a01f107bc436250706d4bc765f45335ee15b8e80;hp=643a82afdce0c167332049caac0efc93d8a62aa6;hpb=0e1dc3e7c69995c691e1dd82e3c2bc68748661ca;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 643a82afd..578fece49 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts @@ -19,6 +19,7 @@ import { makePostBodyRequest, getUserAccessToken } from '../../utils' +import { UserRole } from '../../../../shared' describe('Test users API validators', function () { const path = '/api/v1/users/' @@ -43,7 +44,8 @@ describe('Test users API validators', function () { const username = 'user1' const password = 'my super password' - await createUser(server.url, server.accessToken, username, password) + const videoQuota = 42000000 + await createUser(server.url, server.accessToken, username, password, videoQuota) const videoAttributes = {} await uploadVideo(server.url, server.accessToken, videoAttributes) @@ -90,7 +92,9 @@ describe('Test users API validators', function () { const fields = { username: 'ji', email: 'test@example.com', - password: 'my_super_password' + password: 'my_super_password', + role: UserRole.USER, + videoQuota: 42000000 } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -100,7 +104,21 @@ describe('Test users API validators', function () { const fields = { username: 'my_super_username_which_is_very_long', email: 'test@example.com', - password: 'my_super_password' + password: 'my_super_password', + videoQuota: 42000000, + role: UserRole.USER + } + + await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + }) + + it('Should fail with a not lowercase username', async function () { + const fields = { + username: 'Toto', + email: 'test@example.com', + password: 'my_super_password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -110,7 +128,9 @@ describe('Test users API validators', function () { const fields = { username: 'my username', email: 'test@example.com', - password: 'my_super_password' + password: 'my_super_password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -119,7 +139,9 @@ describe('Test users API validators', function () { it('Should fail with a missing email', async function () { const fields = { username: 'ji', - password: 'my_super_password' + password: 'my_super_password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -129,7 +151,9 @@ describe('Test users API validators', function () { const fields = { username: 'my_super_username_which_is_very_long', email: 'test_example.com', - password: 'my_super_password' + password: 'my_super_password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -139,7 +163,9 @@ describe('Test users API validators', function () { const fields = { username: 'my_username', email: 'test@example.com', - password: 'bla' + password: 'bla', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -151,7 +177,9 @@ describe('Test users API validators', function () { email: 'test@example.com', password: 'my super long password which is very very very very very very very very very very very very very very' + 'very very very very very very very very very very very very very very very veryv very very very very' + - 'very very very very very very very very very very very very very very very very very very very very long' + 'very very very very very very very very very very very very very very very very very very very very long', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) @@ -161,7 +189,9 @@ describe('Test users API validators', function () { const fields = { username: 'my_username', email: 'test@example.com', - password: 'my super password' + password: 'my super password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) @@ -171,7 +201,9 @@ describe('Test users API validators', function () { const fields = { username: 'user1', email: 'test@example.com', - password: 'my super password' + password: 'my super password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) @@ -181,17 +213,67 @@ describe('Test users API validators', function () { const fields = { username: 'my_username', email: 'user1@example.com', - password: 'my super password' + password: 'my super password', + videoQuota: 42000000, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) }) + it('Should fail without a videoQuota', async function () { + const fields = { + username: 'my_username', + email: 'user1@example.com', + password: 'my super password', + role: UserRole.USER + } + + await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + }) + + it('Should fail with an invalid videoQuota', async function () { + const fields = { + username: 'my_username', + email: 'user1@example.com', + password: 'my super password', + videoQuota: -5, + role: UserRole.USER + } + + await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + }) + + it('Should fail without a user role', async function () { + const fields = { + username: 'my_username', + email: 'user1@example.com', + password: 'my super password', + videoQuota: 0 + } + + await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + }) + + it('Should fail with an invalid user role', async function () { + const fields = { + username: 'my_username', + email: 'user1@example.com', + password: 'my super password', + videoQuota: 0, + role: 88989 + } + + await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + }) + it('Should succeed with the correct params', async function () { const fields = { username: 'user2', email: 'test@example.com', - password: 'my super password' + password: 'my super password', + videoQuota: -1, + role: UserRole.USER } await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) @@ -208,18 +290,20 @@ describe('Test users API validators', function () { const fields = { username: 'user3', email: 'test@example.com', - password: 'my super password' + password: 'my super password', + videoQuota: 42000000 } await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) }) }) - describe('When updating a user', function () { - before(async function () { - const res = await getUsersList(server.url) + describe('When updating my account', function () { + it('Should fail with an invalid email attribute', async function () { + const fields = { + email: 'blabla' + } - userId = res.body.data[1].id - rootId = res.body.data[2].id + await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) }) it('Should fail with a too small password', async function () { @@ -227,7 +311,7 @@ describe('Test users API validators', function () { password: 'bla' } - await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) }) it('Should fail with a too long password', async function () { @@ -237,7 +321,7 @@ describe('Test users API validators', function () { 'very very very very very very very very very very very very very very very very very very very very long' } - await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) }) it('Should fail with an invalid display NSFW attribute', async function () { @@ -245,7 +329,7 @@ describe('Test users API validators', function () { displayNSFW: -1 } - await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) }) it('Should fail with an non authenticated user', async function () { @@ -253,16 +337,69 @@ describe('Test users API validators', function () { password: 'my super password' } - await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) }) it('Should succeed with the correct params', async function () { const fields = { password: 'my super password', - displayNSFW: true + displayNSFW: true, + email: 'super_email@example.com' } - await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields, statusCodeExpected: 204 }) + await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) + }) + }) + + describe('When updating a user', function () { + + before(async function () { + const res = await getUsersList(server.url) + + userId = res.body.data[1].id + rootId = res.body.data[2].id + }) + + it('Should fail with an invalid email attribute', async function () { + const fields = { + email: 'blabla' + } + + await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) + }) + + it('Should fail with an invalid videoQuota attribute', async function () { + const fields = { + videoQuota: -90 + } + + await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) + }) + + it('Should fail with an invalid user role attribute', async function () { + const fields = { + role: 54878 + } + + await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) + }) + + it('Should fail with an non authenticated user', async function () { + const fields = { + videoQuota: 42 + } + + await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) + }) + + it('Should succeed with the correct params', async function () { + const fields = { + email: 'email@example.com', + videoQuota: 42, + role: UserRole.MODERATOR + } + + await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) }) }) @@ -491,6 +628,38 @@ describe('Test users API validators', function () { }) }) + describe('When having a video quota', function () { + it('Should fail with a user having too many video', async function () { + const fields = { + videoQuota: 42 + } + + await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 }) + + const videoAttributes = {} + await uploadVideo(server.url, server.accessToken, videoAttributes, 403) + }) + + it('Should fail with a registered user having too many video', async function () { + this.timeout(10000) + + server.user = { + username: 'user3', + email: 'test3@example.com', + password: 'my super password' + } + userAccessToken = await loginAndGetAccessToken(server) + + const videoAttributes = { fixture: 'video_short2.webm' } + await uploadVideo(server.url, userAccessToken, videoAttributes) + await uploadVideo(server.url, userAccessToken, videoAttributes) + await uploadVideo(server.url, userAccessToken, videoAttributes) + await uploadVideo(server.url, userAccessToken, videoAttributes) + await uploadVideo(server.url, userAccessToken, videoAttributes) + await uploadVideo(server.url, userAccessToken, videoAttributes, 403) + }) + }) + after(async function () { killallServers([ server, serverWithRegistrationDisabled ])