diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-01-12 15:20:03 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-01-12 15:20:03 +0100 |
commit | 99fe265a5fc077cb66c322e7f3d191ff7110aea0 (patch) | |
tree | c9e04ccfcc5496d2300d7c26db5833e494b4cdad /server/tests/api/check-params/users.js | |
parent | fcc5f77b95d330bfcb439c172b7fcc58f3162e4d (diff) | |
parent | 91cc839af88730ba55f84997c56b85ea100070a7 (diff) | |
download | PeerTube-99fe265a5fc077cb66c322e7f3d191ff7110aea0.tar.gz PeerTube-99fe265a5fc077cb66c322e7f3d191ff7110aea0.tar.zst PeerTube-99fe265a5fc077cb66c322e7f3d191ff7110aea0.zip |
Merge branch 'postgresql'
Diffstat (limited to 'server/tests/api/check-params/users.js')
-rw-r--r-- | server/tests/api/check-params/users.js | 284 |
1 files changed, 284 insertions, 0 deletions
diff --git a/server/tests/api/check-params/users.js b/server/tests/api/check-params/users.js new file mode 100644 index 000000000..c1fcf34a4 --- /dev/null +++ b/server/tests/api/check-params/users.js | |||
@@ -0,0 +1,284 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const request = require('supertest') | ||
4 | const series = require('async/series') | ||
5 | |||
6 | const loginUtils = require('../../utils/login') | ||
7 | const requestsUtils = require('../../utils/requests') | ||
8 | const serversUtils = require('../../utils/servers') | ||
9 | const usersUtils = require('../../utils/users') | ||
10 | |||
11 | describe('Test users API validators', function () { | ||
12 | const path = '/api/v1/users/' | ||
13 | let userId = null | ||
14 | let rootId = null | ||
15 | let server = null | ||
16 | let userAccessToken = null | ||
17 | |||
18 | // --------------------------------------------------------------- | ||
19 | |||
20 | before(function (done) { | ||
21 | this.timeout(20000) | ||
22 | |||
23 | series([ | ||
24 | function (next) { | ||
25 | serversUtils.flushTests(next) | ||
26 | }, | ||
27 | function (next) { | ||
28 | serversUtils.runServer(1, function (server1) { | ||
29 | server = server1 | ||
30 | |||
31 | next() | ||
32 | }) | ||
33 | }, | ||
34 | function (next) { | ||
35 | loginUtils.loginAndGetAccessToken(server, function (err, token) { | ||
36 | if (err) throw err | ||
37 | server.accessToken = token | ||
38 | |||
39 | next() | ||
40 | }) | ||
41 | }, | ||
42 | function (next) { | ||
43 | const username = 'user1' | ||
44 | const password = 'my super password' | ||
45 | |||
46 | usersUtils.createUser(server.url, server.accessToken, username, password, next) | ||
47 | }, | ||
48 | function (next) { | ||
49 | const user = { | ||
50 | username: 'user1', | ||
51 | password: 'my super password' | ||
52 | } | ||
53 | |||
54 | loginUtils.getUserAccessToken(server, user, function (err, accessToken) { | ||
55 | if (err) throw err | ||
56 | |||
57 | userAccessToken = accessToken | ||
58 | |||
59 | next() | ||
60 | }) | ||
61 | } | ||
62 | ], done) | ||
63 | }) | ||
64 | |||
65 | describe('When listing users', function () { | ||
66 | it('Should fail with a bad start pagination', function (done) { | ||
67 | request(server.url) | ||
68 | .get(path) | ||
69 | .query({ start: 'hello' }) | ||
70 | .set('Accept', 'application/json') | ||
71 | .expect(400, done) | ||
72 | }) | ||
73 | |||
74 | it('Should fail with a bad count pagination', function (done) { | ||
75 | request(server.url) | ||
76 | .get(path) | ||
77 | .query({ count: 'hello' }) | ||
78 | .set('Accept', 'application/json') | ||
79 | .expect(400, done) | ||
80 | }) | ||
81 | |||
82 | it('Should fail with an incorrect sort', function (done) { | ||
83 | request(server.url) | ||
84 | .get(path) | ||
85 | .query({ sort: 'hello' }) | ||
86 | .set('Accept', 'application/json') | ||
87 | .expect(400, done) | ||
88 | }) | ||
89 | }) | ||
90 | |||
91 | describe('When adding a new user', function () { | ||
92 | it('Should fail with a too small username', function (done) { | ||
93 | const data = { | ||
94 | username: 'ji', | ||
95 | password: 'mysuperpassword' | ||
96 | } | ||
97 | |||
98 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | ||
99 | }) | ||
100 | |||
101 | it('Should fail with a too long username', function (done) { | ||
102 | const data = { | ||
103 | username: 'mysuperusernamewhichisverylong', | ||
104 | password: 'mysuperpassword' | ||
105 | } | ||
106 | |||
107 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | ||
108 | }) | ||
109 | |||
110 | it('Should fail with an incorrect username', function (done) { | ||
111 | const data = { | ||
112 | username: 'my username', | ||
113 | password: 'mysuperpassword' | ||
114 | } | ||
115 | |||
116 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | ||
117 | }) | ||
118 | |||
119 | it('Should fail with a too small password', function (done) { | ||
120 | const data = { | ||
121 | username: 'myusername', | ||
122 | password: 'bla' | ||
123 | } | ||
124 | |||
125 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | ||
126 | }) | ||
127 | |||
128 | it('Should fail with a too long password', function (done) { | ||
129 | const data = { | ||
130 | username: 'myusername', | ||
131 | password: 'my super long password which is very very very very very very very very very very very very very very' + | ||
132 | 'very very very very very very very very very very very very very very very veryv very very very very' + | ||
133 | 'very very very very very very very very very very very very very very very very very very very very long' | ||
134 | } | ||
135 | |||
136 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | ||
137 | }) | ||
138 | |||
139 | it('Should fail with an non authenticated user', function (done) { | ||
140 | const data = { | ||
141 | username: 'myusername', | ||
142 | password: 'my super password' | ||
143 | } | ||
144 | |||
145 | requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401) | ||
146 | }) | ||
147 | |||
148 | it('Should fail if we add a user with the same username', function (done) { | ||
149 | const data = { | ||
150 | username: 'user1', | ||
151 | password: 'my super password' | ||
152 | } | ||
153 | |||
154 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) | ||
155 | }) | ||
156 | |||
157 | it('Should succeed with the correct params', function (done) { | ||
158 | const data = { | ||
159 | username: 'user2', | ||
160 | password: 'my super password' | ||
161 | } | ||
162 | |||
163 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204) | ||
164 | }) | ||
165 | |||
166 | it('Should fail with a non admin user', function (done) { | ||
167 | server.user = { | ||
168 | username: 'user1', | ||
169 | password: 'my super password' | ||
170 | } | ||
171 | |||
172 | loginUtils.loginAndGetAccessToken(server, function (err, accessToken) { | ||
173 | if (err) throw err | ||
174 | |||
175 | userAccessToken = accessToken | ||
176 | |||
177 | const data = { | ||
178 | username: 'user3', | ||
179 | password: 'my super password' | ||
180 | } | ||
181 | |||
182 | requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403) | ||
183 | }) | ||
184 | }) | ||
185 | }) | ||
186 | |||
187 | describe('When updating a user', function () { | ||
188 | before(function (done) { | ||
189 | usersUtils.getUsersList(server.url, function (err, res) { | ||
190 | if (err) throw err | ||
191 | |||
192 | userId = res.body.data[1].id | ||
193 | rootId = res.body.data[2].id | ||
194 | done() | ||
195 | }) | ||
196 | }) | ||
197 | |||
198 | it('Should fail with a too small password', function (done) { | ||
199 | const data = { | ||
200 | password: 'bla' | ||
201 | } | ||
202 | |||
203 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | ||
204 | }) | ||
205 | |||
206 | it('Should fail with a too long password', function (done) { | ||
207 | const data = { | ||
208 | password: 'my super long password which is very very very very very very very very very very very very very very' + | ||
209 | 'very very very very very very very very very very very very very very very veryv very very very very' + | ||
210 | 'very very very very very very very very very very very very very very very very very very very very long' | ||
211 | } | ||
212 | |||
213 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | ||
214 | }) | ||
215 | |||
216 | it('Should fail with an non authenticated user', function (done) { | ||
217 | const data = { | ||
218 | password: 'my super password' | ||
219 | } | ||
220 | |||
221 | requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401) | ||
222 | }) | ||
223 | |||
224 | it('Should succeed with the correct params', function (done) { | ||
225 | const data = { | ||
226 | password: 'my super password' | ||
227 | } | ||
228 | |||
229 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) | ||
230 | }) | ||
231 | }) | ||
232 | |||
233 | describe('When getting my information', function () { | ||
234 | it('Should fail with a non authenticated user', function (done) { | ||
235 | request(server.url) | ||
236 | .get(path + 'me') | ||
237 | .set('Authorization', 'Bearer faketoken') | ||
238 | .set('Accept', 'application/json') | ||
239 | .expect(401, done) | ||
240 | }) | ||
241 | |||
242 | it('Should success with the correct parameters', function (done) { | ||
243 | request(server.url) | ||
244 | .get(path + 'me') | ||
245 | .set('Authorization', 'Bearer ' + userAccessToken) | ||
246 | .set('Accept', 'application/json') | ||
247 | .expect(200, done) | ||
248 | }) | ||
249 | }) | ||
250 | |||
251 | describe('When removing an user', function () { | ||
252 | it('Should fail with an incorrect id', function (done) { | ||
253 | request(server.url) | ||
254 | .delete(path + 'bla-bla') | ||
255 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
256 | .expect(400, done) | ||
257 | }) | ||
258 | |||
259 | it('Should fail with the root user', function (done) { | ||
260 | request(server.url) | ||
261 | .delete(path + rootId) | ||
262 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
263 | .expect(400, done) | ||
264 | }) | ||
265 | |||
266 | it('Should return 404 with a non existing id', function (done) { | ||
267 | request(server.url) | ||
268 | .delete(path + '45') | ||
269 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
270 | .expect(404, done) | ||
271 | }) | ||
272 | }) | ||
273 | |||
274 | after(function (done) { | ||
275 | process.kill(-server.app.pid) | ||
276 | |||
277 | // Keep the logs if the test failed | ||
278 | if (this.ok) { | ||
279 | serversUtils.flushTests(done) | ||
280 | } else { | ||
281 | done() | ||
282 | } | ||
283 | }) | ||
284 | }) | ||