X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fusers.ts;h=e8a6ffd196d701c302ee513671ed7157e46a15fb;hb=7fb39378d85d3c41e3cd1dbfbfd539060540a13f;hp=14fcf870327689ab41371f37ffb8b7e01759ea5e;hpb=01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 14fcf8703..e8a6ffd19 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -7,7 +7,7 @@ import { UserRole } from '../../../../shared'
 
 import {
   createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
-  makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
+  makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
   updateUser, uploadVideo, userLogin
 } from '../../utils'
 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
@@ -20,11 +20,15 @@ describe('Test users API validators', function () {
   let server: ServerInfo
   let serverWithRegistrationDisabled: ServerInfo
   let userAccessToken = ''
+  const user = {
+    username: 'user1',
+    password: 'my super password'
+  }
 
   // ---------------------------------------------------------------
 
   before(async function () {
-    this.timeout(20000)
+    this.timeout(30000)
 
     await flushTests()
 
@@ -33,10 +37,6 @@ describe('Test users API validators', function () {
 
     await setAccessTokensToServers([ server ])
 
-    const user = {
-      username: 'user1',
-      password: 'my super password'
-    }
     const videoQuota = 42000000
     await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
     userAccessToken = await userLogin(server, user)
@@ -185,7 +185,7 @@ describe('Test users API validators', function () {
         path,
         token: server.accessToken,
         fields: baseCorrectParams,
-        statusCodeExpected: 204
+        statusCodeExpected: 200
       })
     })
 
@@ -231,9 +231,9 @@ describe('Test users API validators', function () {
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
     })
 
-    it('Should fail with an invalid display NSFW attribute', async function () {
+    it('Should fail with an invalid NSFW policy attribute', async function () {
       const fields = {
-        displayNSFW: -1
+        nsfwPolicy: 'hello'
       }
 
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
@@ -255,10 +255,18 @@ describe('Test users API validators', function () {
       await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
     })
 
+    it('Should fail with a too long description', async function () {
+      const fields = {
+        description: 'super'.repeat(60)
+      }
+
+      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
+    })
+
     it('Should succeed with the correct params', async function () {
       const fields = {
         password: 'my super password',
-        displayNSFW: true,
+        nsfwPolicy: 'blur',
         autoPlayVideo: false,
         email: 'super_email@example.com'
       }
@@ -273,7 +281,7 @@ describe('Test users API validators', function () {
       const attaches = {
         'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
       }
-      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
+      await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
     })
 
     it('Should fail with a big file', async function () {
@@ -281,7 +289,7 @@ describe('Test users API validators', function () {
       const attaches = {
         'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
       }
-      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
+      await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
     })
 
     it('Should succeed with the correct params', async function () {
@@ -289,7 +297,7 @@ describe('Test users API validators', function () {
       const attaches = {
         'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
       }
-      await makePostUploadRequest({
+      await makeUploadRequest({
         url: server.url,
         path: path + '/me/avatar/pick',
         token: server.accessToken,
@@ -300,6 +308,26 @@ describe('Test users API validators', function () {
     })
   })
 
+  describe('When getting a user', function () {
+    before(async function () {
+      const res = await getUsersList(server.url, server.accessToken)
+
+      userId = res.body.data[1].id
+    })
+
+    it('Should fail with an non authenticated user', async function () {
+      await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
+    })
+
+    it('Should fail with a non admin user', async function () {
+      await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
+    })
+
+    it('Should succeed with the correct params', async function () {
+      await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
+    })
+  })
+
   describe('When updating a user', function () {
 
     before(async function () {
@@ -341,6 +369,14 @@ describe('Test users API validators', function () {
       await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
     })
 
+    it('Should fail when updating root role', async function () {
+      const fields = {
+        role: UserRole.MODERATOR
+      }
+
+      await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
+    })
+
     it('Should succeed with the correct params', async function () {
       const fields = {
         email: 'email@example.com',
@@ -349,6 +385,7 @@ describe('Test users API validators', function () {
       }
 
       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
+      userAccessToken = await userLogin(server, user)
     })
   })
 
@@ -514,7 +551,7 @@ describe('Test users API validators', function () {
     })
 
     it('Should fail with a registered user having too many video', async function () {
-      this.timeout(10000)
+      this.timeout(15000)
 
       const user = {
         username: 'user3',
@@ -532,6 +569,28 @@ describe('Test users API validators', function () {
     })
   })
 
+  describe('When asking a password reset', function () {
+    const path = '/api/v1/users/ask-reset-password'
+
+    it('Should fail with a missing email', async function () {
+      const fields = {}
+
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+
+    it('Should fail with an invalid email', async function () {
+      const fields = { email: 'hello' }
+
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+
+    it('Should success with the correct params', async function () {
+      const fields = { email: 'admin@example.com' }
+
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
+    })
+  })
+
   after(async function () {
     killallServers([ server, serverWithRegistrationDisabled ])