aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-11-29 13:18:05 +0100
committerChocobozzz <florian.bigard@gmail.com>2017-11-29 13:18:05 +0100
commit86d13ec2aa94ec10810ddf9c8b33314bd4968791 (patch)
tree5c4175325362df2a92e367dc4077e53a700bfbad /server/tests/api/check-params
parent165cdc75bf1942ed687f78094c2bd366839a7c99 (diff)
downloadPeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.tar.gz
PeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.tar.zst
PeerTube-86d13ec2aa94ec10810ddf9c8b33314bd4968791.zip
Users list only available when use is authenticated
And has a special right
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r--server/tests/api/check-params/users.ts20
1 files changed, 19 insertions, 1 deletions
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 578fece49..1e3533bf3 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -67,6 +67,7 @@ describe('Test users API validators', function () {
67 .get(path) 67 .get(path)
68 .query({ start: 'hello' }) 68 .query({ start: 'hello' })
69 .set('Accept', 'application/json') 69 .set('Accept', 'application/json')
70 .set('Authorization', 'Bearer ' + server.accessToken)
70 .expect(400) 71 .expect(400)
71 }) 72 })
72 73
@@ -75,6 +76,7 @@ describe('Test users API validators', function () {
75 .get(path) 76 .get(path)
76 .query({ count: 'hello' }) 77 .query({ count: 'hello' })
77 .set('Accept', 'application/json') 78 .set('Accept', 'application/json')
79 .set('Authorization', 'Bearer ' + server.accessToken)
78 .expect(400) 80 .expect(400)
79 }) 81 })
80 82
@@ -83,8 +85,24 @@ describe('Test users API validators', function () {
83 .get(path) 85 .get(path)
84 .query({ sort: 'hello' }) 86 .query({ sort: 'hello' })
85 .set('Accept', 'application/json') 87 .set('Accept', 'application/json')
88 .set('Authorization', 'Bearer ' + server.accessToken)
86 .expect(400) 89 .expect(400)
87 }) 90 })
91
92 it('Should fail with a non authenticated user', async function () {
93 await request(server.url)
94 .get(path)
95 .set('Accept', 'application/json')
96 .expect(401)
97 })
98
99 it('Should fail with a non admin user', async function () {
100 await request(server.url)
101 .get(path)
102 .set('Accept', 'application/json')
103 .set('Authorization', 'Bearer ' + userAccessToken)
104 .expect(403)
105 })
88 }) 106 })
89 107
90 describe('When adding a new user', function () { 108 describe('When adding a new user', function () {
@@ -354,7 +372,7 @@ describe('Test users API validators', function () {
354 describe('When updating a user', function () { 372 describe('When updating a user', function () {
355 373
356 before(async function () { 374 before(async function () {
357 const res = await getUsersList(server.url) 375 const res = await getUsersList(server.url, server.accessToken)
358 376
359 userId = res.body.data[1].id 377 userId = res.body.data[1].id
360 rootId = res.body.data[2].id 378 rootId = res.body.data[2].id