diff options
author | Chocobozzz <me@florianbigard.com> | 2019-05-28 09:50:27 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2019-05-28 10:16:59 +0200 |
commit | 4d09cfba7820544e72f04bf83c680bc24b775358 (patch) | |
tree | a4b4993ee3886658376c83648043442225fcd139 /server | |
parent | ec893ae07554e37ba4e04773b346b5b80e71e152 (diff) | |
download | PeerTube-4d09cfba7820544e72f04bf83c680bc24b775358.tar.gz PeerTube-4d09cfba7820544e72f04bf83c680bc24b775358.tar.zst PeerTube-4d09cfba7820544e72f04bf83c680bc24b775358.zip |
Fix playlist get for classic users
Diffstat (limited to 'server')
-rw-r--r-- | server/middlewares/validators/videos/video-playlists.ts | 3 | ||||
-rw-r--r-- | server/tests/api/videos/video-playlists.ts | 15 |
2 files changed, 16 insertions, 2 deletions
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 2c3f7e542..f68eeeeb3 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts | |||
@@ -140,9 +140,10 @@ const videoPlaylistsGetValidator = [ | |||
140 | await authenticatePromiseIfNeeded(req, res) | 140 | await authenticatePromiseIfNeeded(req, res) |
141 | 141 | ||
142 | const user = res.locals.oauth ? res.locals.oauth.token.User : null | 142 | const user = res.locals.oauth ? res.locals.oauth.token.User : null |
143 | |||
143 | if ( | 144 | if ( |
144 | !user || | 145 | !user || |
145 | (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) | 146 | (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) |
146 | ) { | 147 | ) { |
147 | return res.status(403) | 148 | return res.status(403) |
148 | .json({ error: 'Cannot get this private video playlist.' }) | 149 | .json({ error: 'Cannot get this private video playlist.' }) |
diff --git a/server/tests/api/videos/video-playlists.ts b/server/tests/api/videos/video-playlists.ts index 83a2f3d4d..3ebb1df0b 100644 --- a/server/tests/api/videos/video-playlists.ts +++ b/server/tests/api/videos/video-playlists.ts | |||
@@ -36,7 +36,8 @@ import { | |||
36 | uploadVideo, | 36 | uploadVideo, |
37 | uploadVideoAndGetId, | 37 | uploadVideoAndGetId, |
38 | userLogin, | 38 | userLogin, |
39 | waitJobs | 39 | waitJobs, |
40 | generateUserAccessToken | ||
40 | } from '../../../../shared/extra-utils' | 41 | } from '../../../../shared/extra-utils' |
41 | import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model' | 42 | import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model' |
42 | import { VideoPlaylist } from '../../../../shared/models/videos/playlist/video-playlist.model' | 43 | import { VideoPlaylist } from '../../../../shared/models/videos/playlist/video-playlist.model' |
@@ -138,6 +139,18 @@ describe('Test video playlists', function () { | |||
138 | } | 139 | } |
139 | }) | 140 | }) |
140 | 141 | ||
142 | it('Should get private playlist for a classic user', async function () { | ||
143 | const token = await generateUserAccessToken(servers[0], 'toto') | ||
144 | |||
145 | const res = await getAccountPlaylistsListWithToken(servers[0].url, token, 'toto', 0, 5) | ||
146 | |||
147 | expect(res.body.total).to.equal(1) | ||
148 | expect(res.body.data).to.have.lengthOf(1) | ||
149 | |||
150 | const playlistId = res.body.data[0].id | ||
151 | await getPlaylistVideos(servers[0].url, token, playlistId, 0, 5) | ||
152 | }) | ||
153 | |||
141 | it('Should create a playlist on server 1 and have the playlist on server 2 and 3', async function () { | 154 | it('Should create a playlist on server 1 and have the playlist on server 2 and 3', async function () { |
142 | this.timeout(30000) | 155 | this.timeout(30000) |
143 | 156 | ||