aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2018-09-26 16:28:15 +0200
committerChocobozzz <me@florianbigard.com>2018-09-26 16:28:27 +0200
commita890d1e0d30851741392e6e7f14acffe685d28e0 (patch)
tree40f6d0c4643f795670943e176d60b2e85a0fb6e0 /server/tests/api
parentbe1206bb934c223893a652be5f1f6c911c9c66be (diff)
downloadPeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.tar.gz
PeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.tar.zst
PeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.zip
Check current password on server side
Diffstat (limited to 'server/tests/api')
-rw-r--r--server/tests/api/check-params/users.ts34
-rw-r--r--server/tests/api/users/users.ts33
2 files changed, 62 insertions, 5 deletions
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 95903c8a5..cbfa0c137 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -254,6 +254,7 @@ describe('Test users API validators', function () {
254 254
255 it('Should fail with a too small password', async function () { 255 it('Should fail with a too small password', async function () {
256 const fields = { 256 const fields = {
257 currentPassword: 'my super password',
257 password: 'bla' 258 password: 'bla'
258 } 259 }
259 260
@@ -262,12 +263,31 @@ describe('Test users API validators', function () {
262 263
263 it('Should fail with a too long password', async function () { 264 it('Should fail with a too long password', async function () {
264 const fields = { 265 const fields = {
266 currentPassword: 'my super password',
265 password: 'super'.repeat(61) 267 password: 'super'.repeat(61)
266 } 268 }
267 269
268 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) 270 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
269 }) 271 })
270 272
273 it('Should fail without the current password', async function () {
274 const fields = {
275 currentPassword: 'my super password',
276 password: 'super'.repeat(61)
277 }
278
279 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
280 })
281
282 it('Should fail with an invalid current password', async function () {
283 const fields = {
284 currentPassword: 'my super password fail',
285 password: 'super'.repeat(61)
286 }
287
288 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
289 })
290
271 it('Should fail with an invalid NSFW policy attribute', async function () { 291 it('Should fail with an invalid NSFW policy attribute', async function () {
272 const fields = { 292 const fields = {
273 nsfwPolicy: 'hello' 293 nsfwPolicy: 'hello'
@@ -286,6 +306,7 @@ describe('Test users API validators', function () {
286 306
287 it('Should fail with an non authenticated user', async function () { 307 it('Should fail with an non authenticated user', async function () {
288 const fields = { 308 const fields = {
309 currentPassword: 'my super password',
289 password: 'my super password' 310 password: 'my super password'
290 } 311 }
291 312
@@ -300,8 +321,9 @@ describe('Test users API validators', function () {
300 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) 321 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
301 }) 322 })
302 323
303 it('Should succeed with the correct params', async function () { 324 it('Should succeed to change password with the correct params', async function () {
304 const fields = { 325 const fields = {
326 currentPassword: 'my super password',
305 password: 'my super password', 327 password: 'my super password',
306 nsfwPolicy: 'blur', 328 nsfwPolicy: 'blur',
307 autoPlayVideo: false, 329 autoPlayVideo: false,
@@ -310,6 +332,16 @@ describe('Test users API validators', function () {
310 332
311 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) 333 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
312 }) 334 })
335
336 it('Should succeed without password change with the correct params', async function () {
337 const fields = {
338 nsfwPolicy: 'blur',
339 autoPlayVideo: false,
340 email: 'super_email@example.com'
341 }
342
343 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
344 })
313 }) 345 })
314 346
315 describe('When updating my avatar', function () { 347 describe('When updating my avatar', function () {
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts
index c0dd587ee..8b9c6b455 100644
--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@@ -4,10 +4,34 @@ import * as chai from 'chai'
4import 'mocha' 4import 'mocha'
5import { User, UserRole } from '../../../../shared/index' 5import { User, UserRole } from '../../../../shared/index'
6import { 6import {
7 createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, 7 blockUser,
8 getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, 8 createUser,
9 registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin, 9 deleteMe,
10 deleteMe, blockUser, unblockUser, updateCustomSubConfig 10 flushTests,
11 getBlacklistedVideosList,
12 getMyUserInformation,
13 getMyUserVideoQuotaUsed,
14 getMyUserVideoRating,
15 getUserInformation,
16 getUsersList,
17 getUsersListPaginationAndSort,
18 getVideosList,
19 killallServers,
20 login,
21 makePutBodyRequest,
22 rateVideo,
23 registerUser,
24 removeUser,
25 removeVideo,
26 runServer,
27 ServerInfo,
28 testImage,
29 unblockUser,
30 updateMyAvatar,
31 updateMyUser,
32 updateUser,
33 uploadVideo,
34 userLogin
11} from '../../utils/index' 35} from '../../utils/index'
12import { follow } from '../../utils/server/follows' 36import { follow } from '../../utils/server/follows'
13import { setAccessTokensToServers } from '../../utils/users/login' 37import { setAccessTokensToServers } from '../../utils/users/login'
@@ -302,6 +326,7 @@ describe('Test users', function () {
302 await updateMyUser({ 326 await updateMyUser({
303 url: server.url, 327 url: server.url,
304 accessToken: accessTokenUser, 328 accessToken: accessTokenUser,
329 currentPassword: 'super password',
305 newPassword: 'new password' 330 newPassword: 'new password'
306 }) 331 })
307 user.password = 'new password' 332 user.password = 'new password'