aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params/users.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params/users.ts')
-rw-r--r--server/tests/api/check-params/users.ts911
1 files changed, 12 insertions, 899 deletions
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 517e2f423..5f9cbc5eb 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -3,925 +3,36 @@
3import 'mocha' 3import 'mocha'
4import { omit } from 'lodash' 4import { omit } from 'lodash'
5import { 5import {
6 buildAbsoluteFixturePath,
7 checkBadCountPagination,
8 checkBadSortPagination,
9 checkBadStartPagination,
10 cleanupTests, 6 cleanupTests,
11 createSingleServer, 7 createSingleServer,
12 killallServers,
13 makeGetRequest,
14 makePostBodyRequest, 8 makePostBodyRequest,
15 makePutBodyRequest,
16 makeUploadRequest,
17 MockSmtpServer, 9 MockSmtpServer,
18 PeerTubeServer, 10 PeerTubeServer,
19 setAccessTokensToServers, 11 setAccessTokensToServers
20 UsersCommand
21} from '@shared/extra-utils' 12} from '@shared/extra-utils'
22import { HttpStatusCode, UserAdminFlag, UserRole, VideoCreateResult } from '@shared/models' 13import { HttpStatusCode, UserRole } from '@shared/models'
23 14
24describe('Test users API validators', function () { 15describe('Test users API validators', function () {
25 const path = '/api/v1/users/' 16 const path = '/api/v1/users/'
26 let userId: number
27 let rootId: number
28 let moderatorId: number
29 let video: VideoCreateResult
30 let server: PeerTubeServer 17 let server: PeerTubeServer
31 let serverWithRegistrationDisabled: PeerTubeServer 18 let serverWithRegistrationDisabled: PeerTubeServer
32 let userToken = ''
33 let moderatorToken = ''
34 let emailPort: number
35 let overrideConfig: Object
36 19
37 // --------------------------------------------------------------- 20 // ---------------------------------------------------------------
38 21
39 before(async function () { 22 before(async function () {
40 this.timeout(30000) 23 this.timeout(30000)
41 24
42 const emails: object[] = [] 25 const res = await Promise.all([
43 emailPort = await MockSmtpServer.Instance.collectEmails(emails) 26 createSingleServer(1, { signup: { limit: 3 } }),
27 createSingleServer(2)
28 ])
44 29
45 overrideConfig = { signup: { limit: 8 } } 30 server = res[0]
31 serverWithRegistrationDisabled = res[1]
46 32
47 { 33 await setAccessTokensToServers([ server ])
48 const res = await Promise.all([
49 createSingleServer(1, overrideConfig),
50 createSingleServer(2)
51 ])
52 34
53 server = res[0] 35 await server.users.generate('moderator2', UserRole.MODERATOR)
54 serverWithRegistrationDisabled = res[1]
55
56 await setAccessTokensToServers([ server ])
57 }
58
59 {
60 const user = { username: 'user1' }
61 await server.users.create({ ...user })
62 userToken = await server.login.getAccessToken(user)
63 }
64
65 {
66 const moderator = { username: 'moderator1' }
67 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
68 moderatorToken = await server.login.getAccessToken(moderator)
69 }
70
71 {
72 const moderator = { username: 'moderator2' }
73 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
74 }
75
76 {
77 video = await server.videos.upload()
78 }
79
80 {
81 const { data } = await server.users.list()
82 userId = data.find(u => u.username === 'user1').id
83 rootId = data.find(u => u.username === 'root').id
84 moderatorId = data.find(u => u.username === 'moderator2').id
85 }
86 })
87
88 describe('When listing users', function () {
89 it('Should fail with a bad start pagination', async function () {
90 await checkBadStartPagination(server.url, path, server.accessToken)
91 })
92
93 it('Should fail with a bad count pagination', async function () {
94 await checkBadCountPagination(server.url, path, server.accessToken)
95 })
96
97 it('Should fail with an incorrect sort', async function () {
98 await checkBadSortPagination(server.url, path, server.accessToken)
99 })
100
101 it('Should fail with a non authenticated user', async function () {
102 await makeGetRequest({
103 url: server.url,
104 path,
105 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
106 })
107 })
108
109 it('Should fail with a non admin user', async function () {
110 await makeGetRequest({
111 url: server.url,
112 path,
113 token: userToken,
114 expectedStatus: HttpStatusCode.FORBIDDEN_403
115 })
116 })
117 })
118
119 describe('When adding a new user', function () {
120 const baseCorrectParams = {
121 username: 'user2',
122 email: 'test@example.com',
123 password: 'my super password',
124 videoQuota: -1,
125 videoQuotaDaily: -1,
126 role: UserRole.USER,
127 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
128 }
129
130 it('Should fail with a too small username', async function () {
131 const fields = { ...baseCorrectParams, username: '' }
132
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
134 })
135
136 it('Should fail with a too long username', async function () {
137 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
138
139 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
140 })
141
142 it('Should fail with a not lowercase username', async function () {
143 const fields = { ...baseCorrectParams, username: 'Toto' }
144
145 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
146 })
147
148 it('Should fail with an incorrect username', async function () {
149 const fields = { ...baseCorrectParams, username: 'my username' }
150
151 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
152 })
153
154 it('Should fail with a missing email', async function () {
155 const fields = omit(baseCorrectParams, 'email')
156
157 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
158 })
159
160 it('Should fail with an invalid email', async function () {
161 const fields = { ...baseCorrectParams, email: 'test_example.com' }
162
163 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
164 })
165
166 it('Should fail with a too small password', async function () {
167 const fields = { ...baseCorrectParams, password: 'bla' }
168
169 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
170 })
171
172 it('Should fail with a too long password', async function () {
173 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
174
175 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 })
177
178 it('Should fail with empty password and no smtp configured', async function () {
179 const fields = { ...baseCorrectParams, password: '' }
180
181 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 })
183
184 it('Should succeed with no password on a server with smtp enabled', async function () {
185 this.timeout(20000)
186
187 await killallServers([ server ])
188
189 const config = {
190 ...overrideConfig,
191
192 smtp: {
193 hostname: 'localhost',
194 port: emailPort
195 }
196 }
197 await server.run(config)
198
199 const fields = {
200 ...baseCorrectParams,
201
202 password: '',
203 username: 'create_password',
204 email: 'create_password@example.com'
205 }
206
207 await makePostBodyRequest({
208 url: server.url,
209 path: path,
210 token: server.accessToken,
211 fields,
212 expectedStatus: HttpStatusCode.OK_200
213 })
214 })
215
216 it('Should fail with invalid admin flags', async function () {
217 const fields = { ...baseCorrectParams, adminFlags: 'toto' }
218
219 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
220 })
221
222 it('Should fail with an non authenticated user', async function () {
223 await makePostBodyRequest({
224 url: server.url,
225 path,
226 token: 'super token',
227 fields: baseCorrectParams,
228 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
229 })
230 })
231
232 it('Should fail if we add a user with the same username', async function () {
233 const fields = { ...baseCorrectParams, username: 'user1' }
234
235 await makePostBodyRequest({
236 url: server.url,
237 path,
238 token: server.accessToken,
239 fields,
240 expectedStatus: HttpStatusCode.CONFLICT_409
241 })
242 })
243
244 it('Should fail if we add a user with the same email', async function () {
245 const fields = { ...baseCorrectParams, email: 'user1@example.com' }
246
247 await makePostBodyRequest({
248 url: server.url,
249 path,
250 token: server.accessToken,
251 fields,
252 expectedStatus: HttpStatusCode.CONFLICT_409
253 })
254 })
255
256 it('Should fail without a videoQuota', async function () {
257 const fields = omit(baseCorrectParams, 'videoQuota')
258
259 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
260 })
261
262 it('Should fail without a videoQuotaDaily', async function () {
263 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
264
265 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
266 })
267
268 it('Should fail with an invalid videoQuota', async function () {
269 const fields = { ...baseCorrectParams, videoQuota: -5 }
270
271 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
272 })
273
274 it('Should fail with an invalid videoQuotaDaily', async function () {
275 const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
276
277 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
278 })
279
280 it('Should fail without a user role', async function () {
281 const fields = omit(baseCorrectParams, 'role')
282
283 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
284 })
285
286 it('Should fail with an invalid user role', async function () {
287 const fields = { ...baseCorrectParams, role: 88989 }
288
289 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
290 })
291
292 it('Should fail with a "peertube" username', async function () {
293 const fields = { ...baseCorrectParams, username: 'peertube' }
294
295 await makePostBodyRequest({
296 url: server.url,
297 path,
298 token: server.accessToken,
299 fields,
300 expectedStatus: HttpStatusCode.CONFLICT_409
301 })
302 })
303
304 it('Should fail to create a moderator or an admin with a moderator', async function () {
305 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
306 const fields = { ...baseCorrectParams, role }
307
308 await makePostBodyRequest({
309 url: server.url,
310 path,
311 token: moderatorToken,
312 fields,
313 expectedStatus: HttpStatusCode.FORBIDDEN_403
314 })
315 }
316 })
317
318 it('Should succeed to create a user with a moderator', async function () {
319 const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
320
321 await makePostBodyRequest({
322 url: server.url,
323 path,
324 token: moderatorToken,
325 fields,
326 expectedStatus: HttpStatusCode.OK_200
327 })
328 })
329
330 it('Should succeed with the correct params', async function () {
331 await makePostBodyRequest({
332 url: server.url,
333 path,
334 token: server.accessToken,
335 fields: baseCorrectParams,
336 expectedStatus: HttpStatusCode.OK_200
337 })
338 })
339
340 it('Should fail with a non admin user', async function () {
341 const user = { username: 'user1' }
342 userToken = await server.login.getAccessToken(user)
343
344 const fields = {
345 username: 'user3',
346 email: 'test@example.com',
347 password: 'my super password',
348 videoQuota: 42000000
349 }
350 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
351 })
352 })
353
354 describe('When updating my account', function () {
355
356 it('Should fail with an invalid email attribute', async function () {
357 const fields = {
358 email: 'blabla'
359 }
360
361 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
362 })
363
364 it('Should fail with a too small password', async function () {
365 const fields = {
366 currentPassword: 'password',
367 password: 'bla'
368 }
369
370 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
371 })
372
373 it('Should fail with a too long password', async function () {
374 const fields = {
375 currentPassword: 'password',
376 password: 'super'.repeat(61)
377 }
378
379 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
380 })
381
382 it('Should fail without the current password', async function () {
383 const fields = {
384 currentPassword: 'password',
385 password: 'super'.repeat(61)
386 }
387
388 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
389 })
390
391 it('Should fail with an invalid current password', async function () {
392 const fields = {
393 currentPassword: 'my super password fail',
394 password: 'super'.repeat(61)
395 }
396
397 await makePutBodyRequest({
398 url: server.url,
399 path: path + 'me',
400 token: userToken,
401 fields,
402 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
403 })
404 })
405
406 it('Should fail with an invalid NSFW policy attribute', async function () {
407 const fields = {
408 nsfwPolicy: 'hello'
409 }
410
411 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
412 })
413
414 it('Should fail with an invalid autoPlayVideo attribute', async function () {
415 const fields = {
416 autoPlayVideo: -1
417 }
418
419 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
420 })
421
422 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
423 const fields = {
424 autoPlayNextVideo: -1
425 }
426
427 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
428 })
429
430 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
431 const fields = {
432 videosHistoryEnabled: -1
433 }
434
435 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
436 })
437
438 it('Should fail with an non authenticated user', async function () {
439 const fields = {
440 currentPassword: 'password',
441 password: 'my super password'
442 }
443
444 await makePutBodyRequest({
445 url: server.url,
446 path: path + 'me',
447 token: 'super token',
448 fields,
449 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
450 })
451 })
452
453 it('Should fail with a too long description', async function () {
454 const fields = {
455 description: 'super'.repeat(201)
456 }
457
458 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
459 })
460
461 it('Should fail with an invalid videoLanguages attribute', async function () {
462 {
463 const fields = {
464 videoLanguages: 'toto'
465 }
466
467 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
468 }
469
470 {
471 const languages = []
472 for (let i = 0; i < 1000; i++) {
473 languages.push('fr')
474 }
475
476 const fields = {
477 videoLanguages: languages
478 }
479
480 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
481 }
482 })
483
484 it('Should fail with an invalid theme', async function () {
485 const fields = { theme: 'invalid' }
486 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
487 })
488
489 it('Should fail with an unknown theme', async function () {
490 const fields = { theme: 'peertube-theme-unknown' }
491 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
492 })
493
494 it('Should fail with invalid no modal attributes', async function () {
495 const keys = [
496 'noInstanceConfigWarningModal',
497 'noAccountSetupWarningModal',
498 'noWelcomeModal'
499 ]
500
501 for (const key of keys) {
502 const fields = {
503 [key]: -1
504 }
505
506 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
507 }
508 })
509
510 it('Should succeed to change password with the correct params', async function () {
511 const fields = {
512 currentPassword: 'password',
513 password: 'my super password',
514 nsfwPolicy: 'blur',
515 autoPlayVideo: false,
516 email: 'super_email@example.com',
517 theme: 'default',
518 noInstanceConfigWarningModal: true,
519 noWelcomeModal: true,
520 noAccountSetupWarningModal: true
521 }
522
523 await makePutBodyRequest({
524 url: server.url,
525 path: path + 'me',
526 token: userToken,
527 fields,
528 expectedStatus: HttpStatusCode.NO_CONTENT_204
529 })
530 })
531
532 it('Should succeed without password change with the correct params', async function () {
533 const fields = {
534 nsfwPolicy: 'blur',
535 autoPlayVideo: false
536 }
537
538 await makePutBodyRequest({
539 url: server.url,
540 path: path + 'me',
541 token: userToken,
542 fields,
543 expectedStatus: HttpStatusCode.NO_CONTENT_204
544 })
545 })
546 })
547
548 describe('When updating my avatar', function () {
549 it('Should fail without an incorrect input file', async function () {
550 const fields = {}
551 const attaches = {
552 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
553 }
554 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
555 })
556
557 it('Should fail with a big file', async function () {
558 const fields = {}
559 const attaches = {
560 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
561 }
562 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
563 })
564
565 it('Should fail with an unauthenticated user', async function () {
566 const fields = {}
567 const attaches = {
568 avatarfile: buildAbsoluteFixturePath('avatar.png')
569 }
570 await makeUploadRequest({
571 url: server.url,
572 path: path + '/me/avatar/pick',
573 fields,
574 attaches,
575 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
576 })
577 })
578
579 it('Should succeed with the correct params', async function () {
580 const fields = {}
581 const attaches = {
582 avatarfile: buildAbsoluteFixturePath('avatar.png')
583 }
584 await makeUploadRequest({
585 url: server.url,
586 path: path + '/me/avatar/pick',
587 token: server.accessToken,
588 fields,
589 attaches,
590 expectedStatus: HttpStatusCode.OK_200
591 })
592 })
593 })
594
595 describe('When managing my scoped tokens', function () {
596
597 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
598 await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
599 })
600
601 it('Should fail to get my scoped tokens with a bad token', async function () {
602 await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
603
604 })
605
606 it('Should succeed to get my scoped tokens', async function () {
607 await server.users.getMyScopedTokens()
608 })
609
610 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
611 await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
612 })
613
614 it('Should fail to renew my scoped tokens with a bad token', async function () {
615 await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
616 })
617
618 it('Should succeed to renew my scoped tokens', async function () {
619 await server.users.renewMyScopedTokens()
620 })
621 })
622
623 describe('When getting a user', function () {
624
625 it('Should fail with an non authenticated user', async function () {
626 await makeGetRequest({
627 url: server.url,
628 path: path + userId,
629 token: 'super token',
630 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
631 })
632 })
633
634 it('Should fail with a non admin user', async function () {
635 await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
636 })
637
638 it('Should succeed with the correct params', async function () {
639 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, expectedStatus: HttpStatusCode.OK_200 })
640 })
641 })
642
643 describe('When updating a user', function () {
644
645 it('Should fail with an invalid email attribute', async function () {
646 const fields = {
647 email: 'blabla'
648 }
649
650 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
651 })
652
653 it('Should fail with an invalid emailVerified attribute', async function () {
654 const fields = {
655 emailVerified: 'yes'
656 }
657
658 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
659 })
660
661 it('Should fail with an invalid videoQuota attribute', async function () {
662 const fields = {
663 videoQuota: -90
664 }
665
666 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
667 })
668
669 it('Should fail with an invalid user role attribute', async function () {
670 const fields = {
671 role: 54878
672 }
673
674 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
675 })
676
677 it('Should fail with a too small password', async function () {
678 const fields = {
679 currentPassword: 'password',
680 password: 'bla'
681 }
682
683 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
684 })
685
686 it('Should fail with a too long password', async function () {
687 const fields = {
688 currentPassword: 'password',
689 password: 'super'.repeat(61)
690 }
691
692 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
693 })
694
695 it('Should fail with an non authenticated user', async function () {
696 const fields = {
697 videoQuota: 42
698 }
699
700 await makePutBodyRequest({
701 url: server.url,
702 path: path + userId,
703 token: 'super token',
704 fields,
705 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
706 })
707 })
708
709 it('Should fail when updating root role', async function () {
710 const fields = {
711 role: UserRole.MODERATOR
712 }
713
714 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
715 })
716
717 it('Should fail with invalid admin flags', async function () {
718 const fields = { adminFlags: 'toto' }
719
720 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
721 })
722
723 it('Should fail to update an admin with a moderator', async function () {
724 const fields = {
725 videoQuota: 42
726 }
727
728 await makePutBodyRequest({
729 url: server.url,
730 path: path + moderatorId,
731 token: moderatorToken,
732 fields,
733 expectedStatus: HttpStatusCode.FORBIDDEN_403
734 })
735 })
736
737 it('Should succeed to update a user with a moderator', async function () {
738 const fields = {
739 videoQuota: 42
740 }
741
742 await makePutBodyRequest({
743 url: server.url,
744 path: path + userId,
745 token: moderatorToken,
746 fields,
747 expectedStatus: HttpStatusCode.NO_CONTENT_204
748 })
749 })
750
751 it('Should succeed with the correct params', async function () {
752 const fields = {
753 email: 'email@example.com',
754 emailVerified: true,
755 videoQuota: 42,
756 role: UserRole.USER
757 }
758
759 await makePutBodyRequest({
760 url: server.url,
761 path: path + userId,
762 token: server.accessToken,
763 fields,
764 expectedStatus: HttpStatusCode.NO_CONTENT_204
765 })
766 })
767 })
768
769 describe('When getting my information', function () {
770 it('Should fail with a non authenticated user', async function () {
771 await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
772 })
773
774 it('Should success with the correct parameters', async function () {
775 await server.users.getMyInfo({ token: userToken })
776 })
777 })
778
779 describe('When getting my video rating', function () {
780 let command: UsersCommand
781
782 before(function () {
783 command = server.users
784 })
785
786 it('Should fail with a non authenticated user', async function () {
787 await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
788 })
789
790 it('Should fail with an incorrect video uuid', async function () {
791 await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792 })
793
794 it('Should fail with an unknown video', async function () {
795 await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 })
796 })
797
798 it('Should succeed with the correct parameters', async function () {
799 await command.getMyRating({ videoId: video.id })
800 await command.getMyRating({ videoId: video.uuid })
801 await command.getMyRating({ videoId: video.shortUUID })
802 })
803 })
804
805 describe('When retrieving my global ratings', function () {
806 const path = '/api/v1/accounts/user1/ratings'
807
808 it('Should fail with a bad start pagination', async function () {
809 await checkBadStartPagination(server.url, path, userToken)
810 })
811
812 it('Should fail with a bad count pagination', async function () {
813 await checkBadCountPagination(server.url, path, userToken)
814 })
815
816 it('Should fail with an incorrect sort', async function () {
817 await checkBadSortPagination(server.url, path, userToken)
818 })
819
820 it('Should fail with a unauthenticated user', async function () {
821 await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
822 })
823
824 it('Should fail with a another user', async function () {
825 await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
826 })
827
828 it('Should fail with a bad type', async function () {
829 await makeGetRequest({
830 url: server.url,
831 path,
832 token: userToken,
833 query: { rating: 'toto ' },
834 expectedStatus: HttpStatusCode.BAD_REQUEST_400
835 })
836 })
837
838 it('Should succeed with the correct params', async function () {
839 await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 })
840 })
841 })
842
843 describe('When getting my global followers', function () {
844 const path = '/api/v1/accounts/user1/followers'
845
846 it('Should fail with a bad start pagination', async function () {
847 await checkBadStartPagination(server.url, path, userToken)
848 })
849
850 it('Should fail with a bad count pagination', async function () {
851 await checkBadCountPagination(server.url, path, userToken)
852 })
853
854 it('Should fail with an incorrect sort', async function () {
855 await checkBadSortPagination(server.url, path, userToken)
856 })
857
858 it('Should fail with a unauthenticated user', async function () {
859 await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
860 })
861
862 it('Should fail with a another user', async function () {
863 await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
864 })
865
866 it('Should succeed with the correct params', async function () {
867 await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 })
868 })
869 })
870
871 describe('When blocking/unblocking/removing user', function () {
872
873 it('Should fail with an incorrect id', async function () {
874 const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
875
876 await server.users.remove(options)
877 await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
878 await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
879 })
880
881 it('Should fail with the root user', async function () {
882 const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
883
884 await server.users.remove(options)
885 await server.users.banUser(options)
886 await server.users.unbanUser(options)
887 })
888
889 it('Should return 404 with a non existing id', async function () {
890 const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
891
892 await server.users.remove(options)
893 await server.users.banUser(options)
894 await server.users.unbanUser(options)
895 })
896
897 it('Should fail with a non admin user', async function () {
898 const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
899
900 await server.users.remove(options)
901 await server.users.banUser(options)
902 await server.users.unbanUser(options)
903 })
904
905 it('Should fail on a moderator with a moderator', async function () {
906 const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
907
908 await server.users.remove(options)
909 await server.users.banUser(options)
910 await server.users.unbanUser(options)
911 })
912
913 it('Should succeed on a user with a moderator', async function () {
914 const options = { userId, token: moderatorToken }
915
916 await server.users.banUser(options)
917 await server.users.unbanUser(options)
918 })
919 })
920
921 describe('When deleting our account', function () {
922 it('Should fail with with the root account', async function () {
923 await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
924 })
925 }) 36 })
926 37
927 describe('When registering a new user', function () { 38 describe('When registering a new user', function () {
@@ -1081,9 +192,11 @@ describe('Test users API validators', function () {
1081 }) 192 })
1082 193
1083 describe('When registering multiple users on a server with users limit', function () { 194 describe('When registering multiple users on a server with users limit', function () {
195
1084 it('Should fail when after 3 registrations', async function () { 196 it('Should fail when after 3 registrations', async function () {
1085 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) 197 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
1086 }) 198 })
199
1087 }) 200 })
1088 201
1089 describe('When asking a password reset', function () { 202 describe('When asking a password reset', function () {