}))
// For body requests
app.use(bodyParser.json({
- type: 'application/*+json',
+ type: [ 'application/json', 'application/*+json' ],
limit: '500kb'
}))
app.use(bodyParser.urlencoded({ extended: false }))
)
usersRouter.get('/',
+ authenticate,
+ ensureUserHasRight(UserRight.MANAGE_USERS),
paginationValidator,
usersSortValidator,
setUsersSort,
.get(path)
.query({ start: 'hello' })
.set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + server.accessToken)
.expect(400)
})
.get(path)
.query({ count: 'hello' })
.set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + server.accessToken)
.expect(400)
})
.get(path)
.query({ sort: 'hello' })
.set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + server.accessToken)
.expect(400)
})
+
+ it('Should fail with a non authenticated user', async function () {
+ await request(server.url)
+ .get(path)
+ .set('Accept', 'application/json')
+ .expect(401)
+ })
+
+ it('Should fail with a non admin user', async function () {
+ await request(server.url)
+ .get(path)
+ .set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + userAccessToken)
+ .expect(403)
+ })
})
describe('When adding a new user', function () {
describe('When updating a user', function () {
before(async function () {
- const res = await getUsersList(server.url)
+ const res = await getUsersList(server.url, server.accessToken)
userId = res.body.data[1].id
rootId = res.body.data[2].id
/* tslint:disable:no-unused-expression */
+
import * as chai from 'chai'
import 'mocha'
import { UserRole } from '../../../shared'
} from '../utils'
import { follow } from '../utils/follows'
import { getMyVideos } from '../utils/videos'
+import { setAccessTokensToServers } from '../utils/login'
const expect = chai.expect
await flushTests()
server = await runServer(1)
+
+ await setAccessTokensToServers([ server ])
})
it('Should create a new client')
})
it('Should list all the users', async function () {
- const res = await getUsersList(server.url)
+ const res = await getUsersList(server.url, server.accessToken)
const result = res.body
const total = result.total
const users = result.data
})
it('Should list only the first user by username asc', async function () {
- const res = await getUsersListPaginationAndSort(server.url, 0, 1, 'username')
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
const result = res.body
const total = result.total
})
it('Should list only the first user by username desc', async function () {
- const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-username')
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
const result = res.body
const total = result.total
const users = result.data
})
it('Should list only the second user by createdAt desc', async function () {
- const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-createdAt')
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
const result = res.body
const total = result.total
const users = result.data
})
it('Should list all the users by createdAt asc', async function () {
- const res = await getUsersListPaginationAndSort(server.url, 0, 2, 'createdAt')
+ const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
const result = res.body
const total = result.total
const users = result.data
.expect('Content-Type', /json/)
}
-function getUsersList (url: string) {
+function getUsersList (url: string, accessToken: string) {
const path = '/api/v1/users'
return request(url)
.get(path)
.set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + accessToken)
.expect(200)
.expect('Content-Type', /json/)
}
-function getUsersListPaginationAndSort (url: string, start: number, count: number, sort: string) {
+function getUsersListPaginationAndSort (url: string, accessToken: string, start: number, count: number, sort: string) {
const path = '/api/v1/users'
return request(url)
.query({ count })
.query({ sort })
.set('Accept', 'application/json')
+ .set('Authorization', 'Bearer ' + accessToken)
.expect(200)
.expect('Content-Type', /json/)
}