diff options
author | Chocobozzz <me@florianbigard.com> | 2018-09-26 16:28:15 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-09-26 16:28:27 +0200 |
commit | a890d1e0d30851741392e6e7f14acffe685d28e0 (patch) | |
tree | 40f6d0c4643f795670943e176d60b2e85a0fb6e0 /server/tests/api | |
parent | be1206bb934c223893a652be5f1f6c911c9c66be (diff) | |
download | PeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.tar.gz PeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.tar.zst PeerTube-a890d1e0d30851741392e6e7f14acffe685d28e0.zip |
Check current password on server side
Diffstat (limited to 'server/tests/api')
-rw-r--r-- | server/tests/api/check-params/users.ts | 34 | ||||
-rw-r--r-- | server/tests/api/users/users.ts | 33 |
2 files changed, 62 insertions, 5 deletions
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 95903c8a5..cbfa0c137 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts | |||
@@ -254,6 +254,7 @@ describe('Test users API validators', function () { | |||
254 | 254 | ||
255 | it('Should fail with a too small password', async function () { | 255 | it('Should fail with a too small password', async function () { |
256 | const fields = { | 256 | const fields = { |
257 | currentPassword: 'my super password', | ||
257 | password: 'bla' | 258 | password: 'bla' |
258 | } | 259 | } |
259 | 260 | ||
@@ -262,12 +263,31 @@ describe('Test users API validators', function () { | |||
262 | 263 | ||
263 | it('Should fail with a too long password', async function () { | 264 | it('Should fail with a too long password', async function () { |
264 | const fields = { | 265 | const fields = { |
266 | currentPassword: 'my super password', | ||
265 | password: 'super'.repeat(61) | 267 | password: 'super'.repeat(61) |
266 | } | 268 | } |
267 | 269 | ||
268 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | 270 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
269 | }) | 271 | }) |
270 | 272 | ||
273 | it('Should fail without the current password', async function () { | ||
274 | const fields = { | ||
275 | currentPassword: 'my super password', | ||
276 | password: 'super'.repeat(61) | ||
277 | } | ||
278 | |||
279 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | ||
280 | }) | ||
281 | |||
282 | it('Should fail with an invalid current password', async function () { | ||
283 | const fields = { | ||
284 | currentPassword: 'my super password fail', | ||
285 | password: 'super'.repeat(61) | ||
286 | } | ||
287 | |||
288 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 }) | ||
289 | }) | ||
290 | |||
271 | it('Should fail with an invalid NSFW policy attribute', async function () { | 291 | it('Should fail with an invalid NSFW policy attribute', async function () { |
272 | const fields = { | 292 | const fields = { |
273 | nsfwPolicy: 'hello' | 293 | nsfwPolicy: 'hello' |
@@ -286,6 +306,7 @@ describe('Test users API validators', function () { | |||
286 | 306 | ||
287 | it('Should fail with an non authenticated user', async function () { | 307 | it('Should fail with an non authenticated user', async function () { |
288 | const fields = { | 308 | const fields = { |
309 | currentPassword: 'my super password', | ||
289 | password: 'my super password' | 310 | password: 'my super password' |
290 | } | 311 | } |
291 | 312 | ||
@@ -300,8 +321,9 @@ describe('Test users API validators', function () { | |||
300 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | 321 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
301 | }) | 322 | }) |
302 | 323 | ||
303 | it('Should succeed with the correct params', async function () { | 324 | it('Should succeed to change password with the correct params', async function () { |
304 | const fields = { | 325 | const fields = { |
326 | currentPassword: 'my super password', | ||
305 | password: 'my super password', | 327 | password: 'my super password', |
306 | nsfwPolicy: 'blur', | 328 | nsfwPolicy: 'blur', |
307 | autoPlayVideo: false, | 329 | autoPlayVideo: false, |
@@ -310,6 +332,16 @@ describe('Test users API validators', function () { | |||
310 | 332 | ||
311 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) | 333 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) |
312 | }) | 334 | }) |
335 | |||
336 | it('Should succeed without password change with the correct params', async function () { | ||
337 | const fields = { | ||
338 | nsfwPolicy: 'blur', | ||
339 | autoPlayVideo: false, | ||
340 | email: 'super_email@example.com' | ||
341 | } | ||
342 | |||
343 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) | ||
344 | }) | ||
313 | }) | 345 | }) |
314 | 346 | ||
315 | describe('When updating my avatar', function () { | 347 | describe('When updating my avatar', function () { |
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index c0dd587ee..8b9c6b455 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts | |||
@@ -4,10 +4,34 @@ import * as chai from 'chai' | |||
4 | import 'mocha' | 4 | import 'mocha' |
5 | import { User, UserRole } from '../../../../shared/index' | 5 | import { User, UserRole } from '../../../../shared/index' |
6 | import { | 6 | import { |
7 | createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, | 7 | blockUser, |
8 | getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, | 8 | createUser, |
9 | registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin, | 9 | deleteMe, |
10 | deleteMe, blockUser, unblockUser, updateCustomSubConfig | 10 | flushTests, |
11 | getBlacklistedVideosList, | ||
12 | getMyUserInformation, | ||
13 | getMyUserVideoQuotaUsed, | ||
14 | getMyUserVideoRating, | ||
15 | getUserInformation, | ||
16 | getUsersList, | ||
17 | getUsersListPaginationAndSort, | ||
18 | getVideosList, | ||
19 | killallServers, | ||
20 | login, | ||
21 | makePutBodyRequest, | ||
22 | rateVideo, | ||
23 | registerUser, | ||
24 | removeUser, | ||
25 | removeVideo, | ||
26 | runServer, | ||
27 | ServerInfo, | ||
28 | testImage, | ||
29 | unblockUser, | ||
30 | updateMyAvatar, | ||
31 | updateMyUser, | ||
32 | updateUser, | ||
33 | uploadVideo, | ||
34 | userLogin | ||
11 | } from '../../utils/index' | 35 | } from '../../utils/index' |
12 | import { follow } from '../../utils/server/follows' | 36 | import { follow } from '../../utils/server/follows' |
13 | import { setAccessTokensToServers } from '../../utils/users/login' | 37 | import { setAccessTokensToServers } from '../../utils/users/login' |
@@ -302,6 +326,7 @@ describe('Test users', function () { | |||
302 | await updateMyUser({ | 326 | await updateMyUser({ |
303 | url: server.url, | 327 | url: server.url, |
304 | accessToken: accessTokenUser, | 328 | accessToken: accessTokenUser, |
329 | currentPassword: 'super password', | ||
305 | newPassword: 'new password' | 330 | newPassword: 'new password' |
306 | }) | 331 | }) |
307 | user.password = 'new password' | 332 | user.password = 'new password' |