aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params/my-user.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params/my-user.ts')
-rw-r--r--server/tests/api/check-params/my-user.ts495
1 files changed, 495 insertions, 0 deletions
diff --git a/server/tests/api/check-params/my-user.ts b/server/tests/api/check-params/my-user.ts
new file mode 100644
index 000000000..d35284d60
--- /dev/null
+++ b/server/tests/api/check-params/my-user.ts
@@ -0,0 +1,495 @@
1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3import 'mocha'
4import {
5 buildAbsoluteFixturePath,
6 checkBadCountPagination,
7 checkBadSortPagination,
8 checkBadStartPagination,
9 cleanupTests,
10 createSingleServer,
11 makeGetRequest,
12 makePutBodyRequest,
13 makeUploadRequest,
14 MockSmtpServer,
15 PeerTubeServer,
16 setAccessTokensToServers,
17 UsersCommand
18} from '@shared/extra-utils'
19import { HttpStatusCode, UserRole, VideoCreateResult } from '@shared/models'
20
21describe('Test my user API validators', function () {
22 const path = '/api/v1/users/'
23 let userId: number
24 let rootId: number
25 let moderatorId: number
26 let video: VideoCreateResult
27 let server: PeerTubeServer
28 let userToken = ''
29 let moderatorToken = ''
30
31 // ---------------------------------------------------------------
32
33 before(async function () {
34 this.timeout(30000)
35
36 {
37 server = await createSingleServer(1)
38 await setAccessTokensToServers([ server ])
39 }
40
41 {
42 const result = await server.users.generate('user1')
43 userToken = result.token
44 userId = result.userId
45 }
46
47 {
48 const result = await server.users.generate('moderator1', UserRole.MODERATOR)
49 moderatorToken = result.token
50 }
51
52 {
53 const result = await server.users.generate('moderator2', UserRole.MODERATOR)
54 moderatorId = result.userId
55 }
56
57 {
58 video = await server.videos.upload()
59 }
60 })
61
62 describe('When updating my account', function () {
63
64 it('Should fail with an invalid email attribute', async function () {
65 const fields = {
66 email: 'blabla'
67 }
68
69 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
70 })
71
72 it('Should fail with a too small password', async function () {
73 const fields = {
74 currentPassword: 'password',
75 password: 'bla'
76 }
77
78 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
79 })
80
81 it('Should fail with a too long password', async function () {
82 const fields = {
83 currentPassword: 'password',
84 password: 'super'.repeat(61)
85 }
86
87 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
88 })
89
90 it('Should fail without the current password', async function () {
91 const fields = {
92 currentPassword: 'password',
93 password: 'super'.repeat(61)
94 }
95
96 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
97 })
98
99 it('Should fail with an invalid current password', async function () {
100 const fields = {
101 currentPassword: 'my super password fail',
102 password: 'super'.repeat(61)
103 }
104
105 await makePutBodyRequest({
106 url: server.url,
107 path: path + 'me',
108 token: userToken,
109 fields,
110 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
111 })
112 })
113
114 it('Should fail with an invalid NSFW policy attribute', async function () {
115 const fields = {
116 nsfwPolicy: 'hello'
117 }
118
119 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
120 })
121
122 it('Should fail with an invalid autoPlayVideo attribute', async function () {
123 const fields = {
124 autoPlayVideo: -1
125 }
126
127 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
128 })
129
130 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
131 const fields = {
132 autoPlayNextVideo: -1
133 }
134
135 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
136 })
137
138 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
139 const fields = {
140 videosHistoryEnabled: -1
141 }
142
143 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
144 })
145
146 it('Should fail with an non authenticated user', async function () {
147 const fields = {
148 currentPassword: 'password',
149 password: 'my super password'
150 }
151
152 await makePutBodyRequest({
153 url: server.url,
154 path: path + 'me',
155 token: 'super token',
156 fields,
157 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
158 })
159 })
160
161 it('Should fail with a too long description', async function () {
162 const fields = {
163 description: 'super'.repeat(201)
164 }
165
166 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
167 })
168
169 it('Should fail with an invalid videoLanguages attribute', async function () {
170 {
171 const fields = {
172 videoLanguages: 'toto'
173 }
174
175 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
176 }
177
178 {
179 const languages = []
180 for (let i = 0; i < 1000; i++) {
181 languages.push('fr')
182 }
183
184 const fields = {
185 videoLanguages: languages
186 }
187
188 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
189 }
190 })
191
192 it('Should fail with an invalid theme', async function () {
193 const fields = { theme: 'invalid' }
194 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
195 })
196
197 it('Should fail with an unknown theme', async function () {
198 const fields = { theme: 'peertube-theme-unknown' }
199 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
200 })
201
202 it('Should fail with invalid no modal attributes', async function () {
203 const keys = [
204 'noInstanceConfigWarningModal',
205 'noAccountSetupWarningModal',
206 'noWelcomeModal'
207 ]
208
209 for (const key of keys) {
210 const fields = {
211 [key]: -1
212 }
213
214 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
215 }
216 })
217
218 it('Should succeed to change password with the correct params', async function () {
219 const fields = {
220 currentPassword: 'password',
221 password: 'my super password',
222 nsfwPolicy: 'blur',
223 autoPlayVideo: false,
224 email: 'super_email@example.com',
225 theme: 'default',
226 noInstanceConfigWarningModal: true,
227 noWelcomeModal: true,
228 noAccountSetupWarningModal: true
229 }
230
231 await makePutBodyRequest({
232 url: server.url,
233 path: path + 'me',
234 token: userToken,
235 fields,
236 expectedStatus: HttpStatusCode.NO_CONTENT_204
237 })
238 })
239
240 it('Should succeed without password change with the correct params', async function () {
241 const fields = {
242 nsfwPolicy: 'blur',
243 autoPlayVideo: false
244 }
245
246 await makePutBodyRequest({
247 url: server.url,
248 path: path + 'me',
249 token: userToken,
250 fields,
251 expectedStatus: HttpStatusCode.NO_CONTENT_204
252 })
253 })
254 })
255
256 describe('When updating my avatar', function () {
257 it('Should fail without an incorrect input file', async function () {
258 const fields = {}
259 const attaches = {
260 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
261 }
262 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
263 })
264
265 it('Should fail with a big file', async function () {
266 const fields = {}
267 const attaches = {
268 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
269 }
270 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
271 })
272
273 it('Should fail with an unauthenticated user', async function () {
274 const fields = {}
275 const attaches = {
276 avatarfile: buildAbsoluteFixturePath('avatar.png')
277 }
278 await makeUploadRequest({
279 url: server.url,
280 path: path + '/me/avatar/pick',
281 fields,
282 attaches,
283 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
284 })
285 })
286
287 it('Should succeed with the correct params', async function () {
288 const fields = {}
289 const attaches = {
290 avatarfile: buildAbsoluteFixturePath('avatar.png')
291 }
292 await makeUploadRequest({
293 url: server.url,
294 path: path + '/me/avatar/pick',
295 token: server.accessToken,
296 fields,
297 attaches,
298 expectedStatus: HttpStatusCode.OK_200
299 })
300 })
301 })
302
303 describe('When managing my scoped tokens', function () {
304
305 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
306 await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
307 })
308
309 it('Should fail to get my scoped tokens with a bad token', async function () {
310 await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
311
312 })
313
314 it('Should succeed to get my scoped tokens', async function () {
315 await server.users.getMyScopedTokens()
316 })
317
318 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
319 await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
320 })
321
322 it('Should fail to renew my scoped tokens with a bad token', async function () {
323 await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
324 })
325
326 it('Should succeed to renew my scoped tokens', async function () {
327 await server.users.renewMyScopedTokens()
328 })
329 })
330
331 describe('When getting my information', function () {
332 it('Should fail with a non authenticated user', async function () {
333 await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
334 })
335
336 it('Should success with the correct parameters', async function () {
337 await server.users.getMyInfo({ token: userToken })
338 })
339 })
340
341 describe('When getting my video rating', function () {
342 let command: UsersCommand
343
344 before(function () {
345 command = server.users
346 })
347
348 it('Should fail with a non authenticated user', async function () {
349 await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
350 })
351
352 it('Should fail with an incorrect video uuid', async function () {
353 await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
354 })
355
356 it('Should fail with an unknown video', async function () {
357 await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 })
358 })
359
360 it('Should succeed with the correct parameters', async function () {
361 await command.getMyRating({ videoId: video.id })
362 await command.getMyRating({ videoId: video.uuid })
363 await command.getMyRating({ videoId: video.shortUUID })
364 })
365 })
366
367 describe('When retrieving my global ratings', function () {
368 const path = '/api/v1/accounts/user1/ratings'
369
370 it('Should fail with a bad start pagination', async function () {
371 await checkBadStartPagination(server.url, path, userToken)
372 })
373
374 it('Should fail with a bad count pagination', async function () {
375 await checkBadCountPagination(server.url, path, userToken)
376 })
377
378 it('Should fail with an incorrect sort', async function () {
379 await checkBadSortPagination(server.url, path, userToken)
380 })
381
382 it('Should fail with a unauthenticated user', async function () {
383 await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
384 })
385
386 it('Should fail with a another user', async function () {
387 await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
388 })
389
390 it('Should fail with a bad type', async function () {
391 await makeGetRequest({
392 url: server.url,
393 path,
394 token: userToken,
395 query: { rating: 'toto ' },
396 expectedStatus: HttpStatusCode.BAD_REQUEST_400
397 })
398 })
399
400 it('Should succeed with the correct params', async function () {
401 await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 })
402 })
403 })
404
405 describe('When getting my global followers', function () {
406 const path = '/api/v1/accounts/user1/followers'
407
408 it('Should fail with a bad start pagination', async function () {
409 await checkBadStartPagination(server.url, path, userToken)
410 })
411
412 it('Should fail with a bad count pagination', async function () {
413 await checkBadCountPagination(server.url, path, userToken)
414 })
415
416 it('Should fail with an incorrect sort', async function () {
417 await checkBadSortPagination(server.url, path, userToken)
418 })
419
420 it('Should fail with a unauthenticated user', async function () {
421 await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
422 })
423
424 it('Should fail with a another user', async function () {
425 await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
426 })
427
428 it('Should succeed with the correct params', async function () {
429 await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 })
430 })
431 })
432
433 describe('When blocking/unblocking/removing user', function () {
434
435 it('Should fail with an incorrect id', async function () {
436 const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
437
438 await server.users.remove(options)
439 await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
440 await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
441 })
442
443 it('Should fail with the root user', async function () {
444 const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
445
446 await server.users.remove(options)
447 await server.users.banUser(options)
448 await server.users.unbanUser(options)
449 })
450
451 it('Should return 404 with a non existing id', async function () {
452 const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
453
454 await server.users.remove(options)
455 await server.users.banUser(options)
456 await server.users.unbanUser(options)
457 })
458
459 it('Should fail with a non admin user', async function () {
460 const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
461
462 await server.users.remove(options)
463 await server.users.banUser(options)
464 await server.users.unbanUser(options)
465 })
466
467 it('Should fail on a moderator with a moderator', async function () {
468 const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
469
470 await server.users.remove(options)
471 await server.users.banUser(options)
472 await server.users.unbanUser(options)
473 })
474
475 it('Should succeed on a user with a moderator', async function () {
476 const options = { userId, token: moderatorToken }
477
478 await server.users.banUser(options)
479 await server.users.unbanUser(options)
480 })
481 })
482
483 describe('When deleting our account', function () {
484
485 it('Should fail with with the root account', async function () {
486 await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
487 })
488 })
489
490 after(async function () {
491 MockSmtpServer.Instance.kill()
492
493 await cleanupTests([ server ])
494 })
495})