aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/users.js
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-04-14 22:06:11 +0200
committerChocobozzz <florian.bigard@gmail.com>2016-04-14 22:06:11 +0200
commit0c1cbbfe29d91c95f9c574b57adf067654b8b5b4 (patch)
treeb61e48caedea8881cbfd1159295f6c311b35be90 /server/tests/api/users.js
parentc9bf7d30bd688e84b12dca03029dde6e9645a997 (diff)
downloadPeerTube-0c1cbbfe29d91c95f9c574b57adf067654b8b5b4.tar.gz
PeerTube-0c1cbbfe29d91c95f9c574b57adf067654b8b5b4.tar.zst
PeerTube-0c1cbbfe29d91c95f9c574b57adf067654b8b5b4.zip
Add authentications for routes that need it and adapts the tests
Diffstat (limited to 'server/tests/api/users.js')
-rw-r--r--server/tests/api/users.js133
1 files changed, 133 insertions, 0 deletions
diff --git a/server/tests/api/users.js b/server/tests/api/users.js
new file mode 100644
index 000000000..506b19299
--- /dev/null
+++ b/server/tests/api/users.js
@@ -0,0 +1,133 @@
1'use strict'
2
3const async = require('async')
4const chai = require('chai')
5const expect = chai.expect
6const pathUtils = require('path')
7
8const webtorrent = require(pathUtils.join(__dirname, '../../lib/webtorrent'))
9webtorrent.silent = true
10
11const utils = require('./utils')
12
13describe('Test users', function () {
14 let server = null
15 let access_token = null
16 let video_id
17
18 before(function (done) {
19 this.timeout(20000)
20
21 async.series([
22 function (next) {
23 utils.flushTests(next)
24 },
25 function (next) {
26 utils.runServer(1, function (server1) {
27 server = server1
28 next()
29 })
30 }
31 ], done)
32 })
33
34 it('Should not login with an invalid client id', function (done) {
35 const client = { id: 'client', password: server.client.secret }
36 utils.login(server.url, client, server.user, 400, function (err, res) {
37 if (err) throw err
38
39 expect(res.body.error).to.equal('invalid_client')
40 done()
41 })
42 })
43
44 it('Should not login with an invalid client password', function (done) {
45 const client = { id: server.client.id, password: 'coucou' }
46 utils.login(server.url, client, server.user, 400, function (err, res) {
47 if (err) throw err
48
49 expect(res.body.error).to.equal('invalid_client')
50 done()
51 })
52 })
53
54 it('Should not login with an invalid username', function (done) {
55 const user = { username: 'captain crochet', password: server.user.password }
56 utils.login(server.url, server.client, user, 400, function (err, res) {
57 if (err) throw err
58
59 expect(res.body.error).to.equal('invalid_grant')
60 done()
61 })
62 })
63
64 it('Should not login with an invalid password', function (done) {
65 const user = { username: server.user.username, password: 'mewthree' }
66 utils.login(server.url, server.client, user, 400, function (err, res) {
67 if (err) throw err
68
69 expect(res.body.error).to.equal('invalid_grant')
70 done()
71 })
72 })
73
74 it('Should not be able to upload a video', function (done) {
75 access_token = 'mysupertoken'
76 utils.uploadVideo(server.url, access_token, 'my super name', 'my super description', 'video_short.webm', 401, done)
77 })
78
79 it('Should be able to login', function (done) {
80 utils.login(server.url, server.client, server.user, 200, function (err, res) {
81 if (err) throw err
82
83 access_token = res.body.access_token
84 done()
85 })
86 })
87
88 it('Should upload the video with the correct token', function (done) {
89 utils.uploadVideo(server.url, access_token, 'my super name', 'my super description', 'video_short.webm', 204, function (err, res) {
90 if (err) throw err
91
92 utils.getVideosList(server.url, function (err, res) {
93 if (err) throw err
94
95 video_id = res.body[0].id
96 done()
97 })
98 })
99 })
100
101 it('Should upload the video again with the correct token', function (done) {
102 utils.uploadVideo(server.url, access_token, 'my super name 2', 'my super description 2', 'video_short.webm', 204, done)
103 })
104
105 it('Should not be able to remove the video with an incorrect token', function (done) {
106 utils.removeVideo(server.url, 'bad_token', video_id, 401, done)
107 })
108
109 it('Should not be able to remove the video with the token of another account')
110
111 it('Should be able to remove the video with the correct token', function (done) {
112 utils.removeVideo(server.url, access_token, video_id, done)
113 })
114
115 it('Should logout')
116
117 it('Should not be able to upload a video')
118
119 it('Should not be able to remove a video')
120
121 it('Should be able to login again')
122
123 after(function (done) {
124 process.kill(-server.app.pid)
125
126 // Keep the logs if the test failed
127 if (this.ok) {
128 utils.flushTests(done)
129 } else {
130 done()
131 }
132 })
133})