1 files changed, 0 insertions, 456 deletions
diff --git a/server/tests/api/check-params/users-admin.ts b/server/tests/api/check-params/users-admin.ts
deleted file mode 100644
index 819da0bb2..000000000
--- a/server/tests/api/check-params/users-admin.ts
+++ /dev/null
@@ -1,456 +0,0 @@
-/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
-import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination, MockSmtpServer } from '@server/tests/shared'
-import { omit } from '@shared/core-utils'
-import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models'
-import {
-  cleanupTests,
-  ConfigCommand,
-  createSingleServer,
-  killallServers,
-  makeGetRequest,
-  makePostBodyRequest,
-  makePutBodyRequest,
-  PeerTubeServer,
-  setAccessTokensToServers
-} from '@shared/server-commands'
-describe('Test users admin API validators', function () {
-  const path = '/api/v1/users/'
-  let userId: number
-  let rootId: number
-  let moderatorId: number
-  let server: PeerTubeServer
-  let userToken = ''
-  let moderatorToken = ''
-  let emailPort: number
-  // ---------------------------------------------------------------
-  before(async function () {
-    this.timeout(30000)
-    const emails: object[] = []
-    emailPort = await MockSmtpServer.Instance.collectEmails(emails)
-    {
-      server = await createSingleServer(1)
-      await setAccessTokensToServers([ server ])
-    }
-    {
-      const result = await server.users.generate('user1')
-      userToken = result.token
-      userId = result.userId
-    }
-    {
-      const result = await server.users.generate('moderator1', UserRole.MODERATOR)
-      moderatorToken = result.token
-    }
-    {
-      const result = await server.users.generate('moderator2', UserRole.MODERATOR)
-      moderatorId = result.userId
-    }
-  })
-  describe('When listing users', function () {
-    it('Should fail with a bad start pagination', async function () {
-      await checkBadStartPagination(server.url, path, server.accessToken)
-    })
-    it('Should fail with a bad count pagination', async function () {
-      await checkBadCountPagination(server.url, path, server.accessToken)
-    })
-    it('Should fail with an incorrect sort', async function () {
-      await checkBadSortPagination(server.url, path, server.accessToken)
-    })
-    it('Should fail with a non authenticated user', async function () {
-      await makeGetRequest({
-        url: server.url,
-        path,
-        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
-      })
-    })
-    it('Should fail with a non admin user', async function () {
-      await makeGetRequest({
-        url: server.url,
-        path,
-        token: userToken,
-        expectedStatus: HttpStatusCode.FORBIDDEN_403
-      })
-    })
-  })
-  describe('When adding a new user', function () {
-    const baseCorrectParams = {
-      username: 'user2',
-      email: 'test@example.com',
-      password: 'my super password',
-      videoQuota: -1,
-      videoQuotaDaily: -1,
-      role: UserRole.USER,
-      adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
-    }
-    it('Should fail with a too small username', async function () {
-      const fields = { ...baseCorrectParams, username: '' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a too long username', async function () {
-      const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a not lowercase username', async function () {
-      const fields = { ...baseCorrectParams, username: 'Toto' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with an incorrect username', async function () {
-      const fields = { ...baseCorrectParams, username: 'my username' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a missing email', async function () {
-      const fields = omit(baseCorrectParams, [ 'email' ])
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid email', async function () {
-      const fields = { ...baseCorrectParams, email: 'test_example.com' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a too small password', async function () {
-      const fields = { ...baseCorrectParams, password: 'bla' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a too long password', async function () {
-      const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with empty password and no smtp configured', async function () {
-      const fields = { ...baseCorrectParams, password: '' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should succeed with no password on a server with smtp enabled', async function () {
-      this.timeout(20000)
-      await killallServers([ server ])
-      await server.run(ConfigCommand.getEmailOverrideConfig(emailPort))
-      const fields = {
-        ...baseCorrectParams,
-        password: '',
-        username: 'create_password',
-        email: 'create_password@example.com'
-      }
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: server.accessToken,
-        fields,
-        expectedStatus: HttpStatusCode.OK_200
-      })
-    })
-    it('Should fail with invalid admin flags', async function () {
-      const fields = { ...baseCorrectParams, adminFlags: 'toto' }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with an non authenticated user', async function () {
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: 'super token',
-        fields: baseCorrectParams,
-        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
-      })
-    })
-    it('Should fail if we add a user with the same username', async function () {
-      const fields = { ...baseCorrectParams, username: 'user1' }
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: server.accessToken,
-        fields,
-        expectedStatus: HttpStatusCode.CONFLICT_409
-      })
-    })
-    it('Should fail if we add a user with the same email', async function () {
-      const fields = { ...baseCorrectParams, email: 'user1@example.com' }
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: server.accessToken,
-        fields,
-        expectedStatus: HttpStatusCode.CONFLICT_409
-      })
-    })
-    it('Should fail with an invalid videoQuota', async function () {
-      const fields = { ...baseCorrectParams, videoQuota: -5 }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid videoQuotaDaily', async function () {
-      const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail without a user role', async function () {
-      const fields = omit(baseCorrectParams, [ 'role' ])
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid user role', async function () {
-      const fields = { ...baseCorrectParams, role: 88989 }
-      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail with a "peertube" username', async function () {
-      const fields = { ...baseCorrectParams, username: 'peertube' }
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: server.accessToken,
-        fields,
-        expectedStatus: HttpStatusCode.CONFLICT_409
-      })
-    })
-    it('Should fail to create a moderator or an admin with a moderator', async function () {
-      for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
-        const fields = { ...baseCorrectParams, role }
-        await makePostBodyRequest({
-          url: server.url,
-          path,
-          token: moderatorToken,
-          fields,
-          expectedStatus: HttpStatusCode.FORBIDDEN_403
-        })
-      }
-    })
-    it('Should succeed to create a user with a moderator', async function () {
-      const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: moderatorToken,
-        fields,
-        expectedStatus: HttpStatusCode.OK_200
-      })
-    })
-    it('Should succeed with the correct params', async function () {
-      await makePostBodyRequest({
-        url: server.url,
-        path,
-        token: server.accessToken,
-        fields: baseCorrectParams,
-        expectedStatus: HttpStatusCode.OK_200
-      })
-    })
-    it('Should fail with a non admin user', async function () {
-      const user = { username: 'user1' }
-      userToken = await server.login.getAccessToken(user)
-      const fields = {
-        username: 'user3',
-        email: 'test@example.com',
-        password: 'my super password',
-        videoQuota: 42000000
-      }
-      await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
-    })
-  })
-  describe('When getting a user', function () {
-    it('Should fail with an non authenticated user', async function () {
-      await makeGetRequest({
-        url: server.url,
-        path: path + userId,
-        token: 'super token',
-        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
-      })
-    })
-    it('Should fail with a non admin user', async function () {
-      await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
-    })
-    it('Should succeed with the correct params', async function () {
-      await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 })
-    })
-  })
-  describe('When updating a user', function () {
-    it('Should fail with an invalid email attribute', async function () {
-      const fields = {
-        email: 'blabla'
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid emailVerified attribute', async function () {
-      const fields = {
-        emailVerified: 'yes'
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid videoQuota attribute', async function () {
-      const fields = {
-        videoQuota: -90
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with an invalid user role attribute', async function () {
-      const fields = {
-        role: 54878
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with a too small password', async function () {
-      const fields = {
-        currentPassword: 'password',
-        password: 'bla'
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with a too long password', async function () {
-      const fields = {
-        currentPassword: 'password',
-        password: 'super'.repeat(61)
-      }
-      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
-    })
-    it('Should fail with an non authenticated user', async function () {
-      const fields = {
-        videoQuota: 42
-      }
-      await makePutBodyRequest({
-        url: server.url,
-        path: path + userId,
-        token: 'super token',
-        fields,
-        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
-      })
-    })
-    it('Should fail when updating root role', async function () {
-      const fields = {
-        role: UserRole.MODERATOR
-      }
-      await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
-    })
-    it('Should fail with invalid admin flags', async function () {
-      const fields = { adminFlags: 'toto' }
-      await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
-    })
-    it('Should fail to update an admin with a moderator', async function () {
-      const fields = {
-        videoQuota: 42
-      }
-      await makePutBodyRequest({
-        url: server.url,
-        path: path + moderatorId,
-        token: moderatorToken,
-        fields,
-        expectedStatus: HttpStatusCode.FORBIDDEN_403
-      })
-    })
-    it('Should succeed to update a user with a moderator', async function () {
-      const fields = {
-        videoQuota: 42
-      }
-      await makePutBodyRequest({
-        url: server.url,
-        path: path + userId,
-        token: moderatorToken,
-        fields,
-        expectedStatus: HttpStatusCode.NO_CONTENT_204
-      })
-    })
-    it('Should succeed with the correct params', async function () {
-      const fields = {
-        email: 'email@example.com',
-        emailVerified: true,
-        videoQuota: 42,
-        role: UserRole.USER
-      }
-      await makePutBodyRequest({
-        url: server.url,
-        path: path + userId,
-        token: server.accessToken,
-        fields,
-        expectedStatus: HttpStatusCode.NO_CONTENT_204
-      })
-    })
-  })
-  after(async function () {
-    MockSmtpServer.Instance.kill()
-    await cleanupTests([ server ])
-  })
-})

diff --git a/server/tests/api/check-params/users-admin.ts b/server/tests/api/check-params/users-admin.ts deleted file mode 100644 index 819da0bb2..000000000 --- a/server/tests/api/check-params/users-admin.ts +++ /dev/null
@@ -1,456 +0,0 @@
1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination, MockSmtpServer } from '@server/tests/shared'
4	import { omit } from '@shared/core-utils'
5	import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models'
6	import {
7	cleanupTests,
8	ConfigCommand,
9	createSingleServer,
10	killallServers,
11	makeGetRequest,
12	makePostBodyRequest,
13	makePutBodyRequest,
14	PeerTubeServer,
15	setAccessTokensToServers
16	} from '@shared/server-commands'
17
18	describe('Test users admin API validators', function () {
19	const path = '/api/v1/users/'
20	let userId: number
21	let rootId: number
22	let moderatorId: number
23	let server: PeerTubeServer
24	let userToken = ''
25	let moderatorToken = ''
26	let emailPort: number
27
28	// ---------------------------------------------------------------
29
30	before(async function () {
31	this.timeout(30000)
32
33	const emails: object[] = []
34	emailPort = await MockSmtpServer.Instance.collectEmails(emails)
35
36	{
37	server = await createSingleServer(1)
38
39	await setAccessTokensToServers([ server ])
40	}
41
42	{
43	const result = await server.users.generate('user1')
44	userToken = result.token
45	userId = result.userId
46	}
47
48	{
49	const result = await server.users.generate('moderator1', UserRole.MODERATOR)
50	moderatorToken = result.token
51	}
52
53	{
54	const result = await server.users.generate('moderator2', UserRole.MODERATOR)
55	moderatorId = result.userId
56	}
57	})
58
59	describe('When listing users', function () {
60	it('Should fail with a bad start pagination', async function () {
61	await checkBadStartPagination(server.url, path, server.accessToken)
62	})
63
64	it('Should fail with a bad count pagination', async function () {
65	await checkBadCountPagination(server.url, path, server.accessToken)
66	})
67
68	it('Should fail with an incorrect sort', async function () {
69	await checkBadSortPagination(server.url, path, server.accessToken)
70	})
71
72	it('Should fail with a non authenticated user', async function () {
73	await makeGetRequest({
74	url: server.url,
75	path,
76	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
77	})
78	})
79
80	it('Should fail with a non admin user', async function () {
81	await makeGetRequest({
82	url: server.url,
83	path,
84	token: userToken,
85	expectedStatus: HttpStatusCode.FORBIDDEN_403
86	})
87	})
88	})
89
90	describe('When adding a new user', function () {
91	const baseCorrectParams = {
92	username: 'user2',
93	email: 'test@example.com',
94	password: 'my super password',
95	videoQuota: -1,
96	videoQuotaDaily: -1,
97	role: UserRole.USER,
98	adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
99	}
100
101	it('Should fail with a too small username', async function () {
102	const fields = { ...baseCorrectParams, username: '' }
103
104	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
105	})
106
107	it('Should fail with a too long username', async function () {
108	const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
109
110	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
111	})
112
113	it('Should fail with a not lowercase username', async function () {
114	const fields = { ...baseCorrectParams, username: 'Toto' }
115
116	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
117	})
118
119	it('Should fail with an incorrect username', async function () {
120	const fields = { ...baseCorrectParams, username: 'my username' }
121
122	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
123	})
124
125	it('Should fail with a missing email', async function () {
126	const fields = omit(baseCorrectParams, [ 'email' ])
127
128	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
129	})
130
131	it('Should fail with an invalid email', async function () {
132	const fields = { ...baseCorrectParams, email: 'test_example.com' }
133
134	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
135	})
136
137	it('Should fail with a too small password', async function () {
138	const fields = { ...baseCorrectParams, password: 'bla' }
139
140	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
141	})
142
143	it('Should fail with a too long password', async function () {
144	const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
145
146	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
147	})
148
149	it('Should fail with empty password and no smtp configured', async function () {
150	const fields = { ...baseCorrectParams, password: '' }
151
152	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
153	})
154
155	it('Should succeed with no password on a server with smtp enabled', async function () {
156	this.timeout(20000)
157
158	await killallServers([ server ])
159
160	await server.run(ConfigCommand.getEmailOverrideConfig(emailPort))
161
162	const fields = {
163	...baseCorrectParams,
164
165	password: '',
166	username: 'create_password',
167	email: 'create_password@example.com'
168	}
169
170	await makePostBodyRequest({
171	url: server.url,
172	path,
173	token: server.accessToken,
174	fields,
175	expectedStatus: HttpStatusCode.OK_200
176	})
177	})
178
179	it('Should fail with invalid admin flags', async function () {
180	const fields = { ...baseCorrectParams, adminFlags: 'toto' }
181
182	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
183	})
184
185	it('Should fail with an non authenticated user', async function () {
186	await makePostBodyRequest({
187	url: server.url,
188	path,
189	token: 'super token',
190	fields: baseCorrectParams,
191	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
192	})
193	})
194
195	it('Should fail if we add a user with the same username', async function () {
196	const fields = { ...baseCorrectParams, username: 'user1' }
197
198	await makePostBodyRequest({
199	url: server.url,
200	path,
201	token: server.accessToken,
202	fields,
203	expectedStatus: HttpStatusCode.CONFLICT_409
204	})
205	})
206
207	it('Should fail if we add a user with the same email', async function () {
208	const fields = { ...baseCorrectParams, email: 'user1@example.com' }
209
210	await makePostBodyRequest({
211	url: server.url,
212	path,
213	token: server.accessToken,
214	fields,
215	expectedStatus: HttpStatusCode.CONFLICT_409
216	})
217	})
218
219	it('Should fail with an invalid videoQuota', async function () {
220	const fields = { ...baseCorrectParams, videoQuota: -5 }
221
222	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
223	})
224
225	it('Should fail with an invalid videoQuotaDaily', async function () {
226	const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
227
228	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
229	})
230
231	it('Should fail without a user role', async function () {
232	const fields = omit(baseCorrectParams, [ 'role' ])
233
234	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
235	})
236
237	it('Should fail with an invalid user role', async function () {
238	const fields = { ...baseCorrectParams, role: 88989 }
239
240	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
241	})
242
243	it('Should fail with a "peertube" username', async function () {
244	const fields = { ...baseCorrectParams, username: 'peertube' }
245
246	await makePostBodyRequest({
247	url: server.url,
248	path,
249	token: server.accessToken,
250	fields,
251	expectedStatus: HttpStatusCode.CONFLICT_409
252	})
253	})
254
255	it('Should fail to create a moderator or an admin with a moderator', async function () {
256	for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
257	const fields = { ...baseCorrectParams, role }
258
259	await makePostBodyRequest({
260	url: server.url,
261	path,
262	token: moderatorToken,
263	fields,
264	expectedStatus: HttpStatusCode.FORBIDDEN_403
265	})
266	}
267	})
268
269	it('Should succeed to create a user with a moderator', async function () {
270	const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
271
272	await makePostBodyRequest({
273	url: server.url,
274	path,
275	token: moderatorToken,
276	fields,
277	expectedStatus: HttpStatusCode.OK_200
278	})
279	})
280
281	it('Should succeed with the correct params', async function () {
282	await makePostBodyRequest({
283	url: server.url,
284	path,
285	token: server.accessToken,
286	fields: baseCorrectParams,
287	expectedStatus: HttpStatusCode.OK_200
288	})
289	})
290
291	it('Should fail with a non admin user', async function () {
292	const user = { username: 'user1' }
293	userToken = await server.login.getAccessToken(user)
294
295	const fields = {
296	username: 'user3',
297	email: 'test@example.com',
298	password: 'my super password',
299	videoQuota: 42000000
300	}
301	await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
302	})
303	})
304
305	describe('When getting a user', function () {
306
307	it('Should fail with an non authenticated user', async function () {
308	await makeGetRequest({
309	url: server.url,
310	path: path + userId,
311	token: 'super token',
312	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
313	})
314	})
315
316	it('Should fail with a non admin user', async function () {
317	await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
318	})
319
320	it('Should succeed with the correct params', async function () {
321	await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 })
322	})
323	})
324
325	describe('When updating a user', function () {
326
327	it('Should fail with an invalid email attribute', async function () {
328	const fields = {
329	email: 'blabla'
330	}
331
332	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
333	})
334
335	it('Should fail with an invalid emailVerified attribute', async function () {
336	const fields = {
337	emailVerified: 'yes'
338	}
339
340	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
341	})
342
343	it('Should fail with an invalid videoQuota attribute', async function () {
344	const fields = {
345	videoQuota: -90
346	}
347
348	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
349	})
350
351	it('Should fail with an invalid user role attribute', async function () {
352	const fields = {
353	role: 54878
354	}
355
356	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
357	})
358
359	it('Should fail with a too small password', async function () {
360	const fields = {
361	currentPassword: 'password',
362	password: 'bla'
363	}
364
365	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
366	})
367
368	it('Should fail with a too long password', async function () {
369	const fields = {
370	currentPassword: 'password',
371	password: 'super'.repeat(61)
372	}
373
374	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
375	})
376
377	it('Should fail with an non authenticated user', async function () {
378	const fields = {
379	videoQuota: 42
380	}
381
382	await makePutBodyRequest({
383	url: server.url,
384	path: path + userId,
385	token: 'super token',
386	fields,
387	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
388	})
389	})
390
391	it('Should fail when updating root role', async function () {
392	const fields = {
393	role: UserRole.MODERATOR
394	}
395
396	await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
397	})
398
399	it('Should fail with invalid admin flags', async function () {
400	const fields = { adminFlags: 'toto' }
401
402	await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
403	})
404
405	it('Should fail to update an admin with a moderator', async function () {
406	const fields = {
407	videoQuota: 42
408	}
409
410	await makePutBodyRequest({
411	url: server.url,
412	path: path + moderatorId,
413	token: moderatorToken,
414	fields,
415	expectedStatus: HttpStatusCode.FORBIDDEN_403
416	})
417	})
418
419	it('Should succeed to update a user with a moderator', async function () {
420	const fields = {
421	videoQuota: 42
422	}
423
424	await makePutBodyRequest({
425	url: server.url,
426	path: path + userId,
427	token: moderatorToken,
428	fields,
429	expectedStatus: HttpStatusCode.NO_CONTENT_204
430	})
431	})
432
433	it('Should succeed with the correct params', async function () {
434	const fields = {
435	email: 'email@example.com',
436	emailVerified: true,
437	videoQuota: 42,
438	role: UserRole.USER
439	}
440
441	await makePutBodyRequest({
442	url: server.url,
443	path: path + userId,
444	token: server.accessToken,
445	fields,
446	expectedStatus: HttpStatusCode.NO_CONTENT_204
447	})
448	})
449	})
450
451	after(async function () {
452	MockSmtpServer.Instance.kill()
453
454	await cleanupTests([ server ])
455	})
456	})