diff options
| author | Chocobozzz <florian.bigard@gmail.com> | 2017-11-29 13:18:05 +0100 |
|---|---|---|
| committer | Chocobozzz <florian.bigard@gmail.com> | 2017-11-29 13:18:05 +0100 |
| commit | 86d13ec2aa94ec10810ddf9c8b33314bd4968791 (patch) | |
| tree | 5c4175325362df2a92e367dc4077e53a700bfbad /server/tests/api/check-params | |
| parent | 165cdc75bf1942ed687f78094c2bd366839a7c99 (diff) | |
| download | PeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.tar.gz PeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.tar.zst PeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.zip | |
Users list only available when use is authenticated
And has a special right
Diffstat (limited to 'server/tests/api/check-params')
| -rw-r--r-- | server/tests/api/check-params/users.ts | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 578fece49..1e3533bf3 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts | |||
| @@ -67,6 +67,7 @@ describe('Test users API validators', function () { | |||
| 67 | .get(path) | 67 | .get(path) |
| 68 | .query({ start: 'hello' }) | 68 | .query({ start: 'hello' }) |
| 69 | .set('Accept', 'application/json') | 69 | .set('Accept', 'application/json') |
| 70 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
| 70 | .expect(400) | 71 | .expect(400) |
| 71 | }) | 72 | }) |
| 72 | 73 | ||
| @@ -75,6 +76,7 @@ describe('Test users API validators', function () { | |||
| 75 | .get(path) | 76 | .get(path) |
| 76 | .query({ count: 'hello' }) | 77 | .query({ count: 'hello' }) |
| 77 | .set('Accept', 'application/json') | 78 | .set('Accept', 'application/json') |
| 79 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
| 78 | .expect(400) | 80 | .expect(400) |
| 79 | }) | 81 | }) |
| 80 | 82 | ||
| @@ -83,8 +85,24 @@ describe('Test users API validators', function () { | |||
| 83 | .get(path) | 85 | .get(path) |
| 84 | .query({ sort: 'hello' }) | 86 | .query({ sort: 'hello' }) |
| 85 | .set('Accept', 'application/json') | 87 | .set('Accept', 'application/json') |
| 88 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
| 86 | .expect(400) | 89 | .expect(400) |
| 87 | }) | 90 | }) |
| 91 | |||
| 92 | it('Should fail with a non authenticated user', async function () { | ||
| 93 | await request(server.url) | ||
| 94 | .get(path) | ||
| 95 | .set('Accept', 'application/json') | ||
| 96 | .expect(401) | ||
| 97 | }) | ||
| 98 | |||
| 99 | it('Should fail with a non admin user', async function () { | ||
| 100 | await request(server.url) | ||
| 101 | .get(path) | ||
| 102 | .set('Accept', 'application/json') | ||
| 103 | .set('Authorization', 'Bearer ' + userAccessToken) | ||
| 104 | .expect(403) | ||
| 105 | }) | ||
| 88 | }) | 106 | }) |
| 89 | 107 | ||
| 90 | describe('When adding a new user', function () { | 108 | describe('When adding a new user', function () { |
| @@ -354,7 +372,7 @@ describe('Test users API validators', function () { | |||
| 354 | describe('When updating a user', function () { | 372 | describe('When updating a user', function () { |
| 355 | 373 | ||
| 356 | before(async function () { | 374 | before(async function () { |
| 357 | const res = await getUsersList(server.url) | 375 | const res = await getUsersList(server.url, server.accessToken) |
| 358 | 376 | ||
| 359 | userId = res.body.data[1].id | 377 | userId = res.body.data[1].id |
| 360 | rootId = res.body.data[2].id | 378 | rootId = res.body.data[2].id |