1 files changed, 343 insertions, 0 deletions
diff --git a/server/tests/api/users.ts b/server/tests/api/users.ts
new file mode 100644
index 000000000..fd3b51123
--- /dev/null
+++ b/server/tests/api/users.ts
@@ -0,0 +1,343 @@
+/* tslint:disable:no-unused-expression */
+import 'mocha'
+import * as chai from 'chai'
+const expect = chai.expect
+import {
+  ServerInfo,
+  flushTests,
+  runServer,
+  login,
+  uploadVideo,
+  makeFriends,
+  quitFriends,
+  getVideosList,
+  rateVideo,
+  getUserVideoRating,
+  removeVideo,
+  makePutBodyRequest,
+  createUser,
+  loginAndGetAccessToken,
+  getUserInformation,
+  getUsersList,
+  getUsersListPaginationAndSort,
+  updateUser,
+  registerUser,
+  removeUser
+} from '../utils'
+import { killallServers } from '../utils/servers'
+describe('Test users', function () {
+  let server: ServerInfo
+  let accessToken: string
+  let accessTokenUser: string
+  let videoId: number
+  let userId: number
+  before(async function () {
+    this.timeout(120000)
+    await flushTests()
+    server = await runServer(1)
+  })
+  it('Should create a new client')
+  it('Should return the first client')
+  it('Should remove the last client')
+  it('Should not login with an invalid client id', async function () {
+    const client = { id: 'client', secret: server.client.secret }
+    const res = await login(server.url, client, server.user, 400)
+    expect(res.body.error).to.equal('invalid_client')
+  })
+  it('Should not login with an invalid client secret', async function () {
+    const client = { id: server.client.id, secret: 'coucou' }
+    const res = await login(server.url, client, server.user, 400)
+    expect(res.body.error).to.equal('invalid_client')
+  })
+  it('Should not login with an invalid username', async function () {
+    const user = { username: 'captain crochet', password: server.user.password }
+    const res = await login(server.url, server.client, user, 400)
+    expect(res.body.error).to.equal('invalid_grant')
+  })
+  it('Should not login with an invalid password', async function () {
+    const user = { username: server.user.username, password: 'mewthree' }
+    const res = await login(server.url, server.client, user, 400)
+    expect(res.body.error).to.equal('invalid_grant')
+  })
+  it('Should not be able to upload a video', async function () {
+    accessToken = 'my_super_token'
+    const videoAttributes = {}
+    await uploadVideo(server.url, accessToken, videoAttributes, 401)
+  })
+  it('Should not be able to make friends', async function () {
+    accessToken = 'my_super_token'
+    await makeFriends(server.url, accessToken, 401)
+  })
+  it('Should not be able to quit friends', async function () {
+    accessToken = 'my_super_token'
+    await quitFriends(server.url, accessToken, 401)
+  })
+  it('Should be able to login', async function () {
+    const res = await login(server.url, server.client, server.user, 200)
+    accessToken = res.body.access_token
+  })
+  it('Should upload the video with the correct token', async function () {
+    const videoAttributes = {}
+    await uploadVideo(server.url, accessToken, videoAttributes, 204)
+    const res = await getVideosList(server.url)
+    const video = res.body.data[0]
+    expect(video.author).to.equal('root')
+    videoId = video.id
+  })
+  it('Should upload the video again with the correct token', async function () {
+    const videoAttributes = {}
+    await uploadVideo(server.url, accessToken, videoAttributes, 204)
+  })
+  it('Should retrieve a video rating', async function () {
+    await rateVideo(server.url, accessToken, videoId, 'like')
+    const res = await getUserVideoRating(server.url, accessToken, videoId)
+    const rating = res.body
+    expect(rating.videoId).to.equal(videoId)
+    expect(rating.rating).to.equal('like')
+  })
+  it('Should not be able to remove the video with an incorrect token', async function () {
+    await removeVideo(server.url, 'bad_token', videoId, 401)
+  })
+  it('Should not be able to remove the video with the token of another account')
+  it('Should be able to remove the video with the correct token', async function () {
+    await removeVideo(server.url, accessToken, videoId)
+  })
+  it('Should logout (revoke token)')
+  it('Should not be able to get the user information')
+  it('Should not be able to upload a video')
+  it('Should not be able to remove a video')
+  it('Should not be able to rate a video', async function () {
+    const path = '/api/v1/videos/'
+    const data = {
+      rating: 'likes'
+    }
+    const options = {
+      url: server.url,
+      path: path + videoId,
+      token: 'wrong token',
+      fields: data,
+      statusCodeExpected: 401
+    }
+    await makePutBodyRequest(options)
+  })
+  it('Should be able to login again')
+  it('Should have an expired access token')
+  it('Should refresh the token')
+  it('Should be able to upload a video again')
+  it('Should be able to create a new user', async function () {
+    await createUser(server.url, accessToken, 'user_1', 'super password')
+  })
+  it('Should be able to login with this user', async function () {
+    server.user = {
+      username: 'user_1',
+      password: 'super password'
+    }
+    accessTokenUser = await loginAndGetAccessToken(server)
+  })
+  it('Should be able to get the user information', async function () {
+    const res = await getUserInformation(server.url, accessTokenUser)
+    const user = res.body
+    expect(user.username).to.equal('user_1')
+    expect(user.email).to.equal('user_1@example.com')
+    expect(user.displayNSFW).to.be.false
+    expect(user.id).to.be.a('number')
+  })
+  it('Should be able to upload a video with this user', async function () {
+    this.timeout(5000)
+    const videoAttributes = {}
+    await uploadVideo(server.url, accessTokenUser, videoAttributes)
+  })
+  it('Should list all the users', async function () {
+    const res = await getUsersList(server.url)
+    const result = res.body
+    const total = result.total
+    const users = result.data
+    expect(total).to.equal(2)
+    expect(users).to.be.an('array')
+    expect(users.length).to.equal(2)
+    const user = users[0]
+    expect(user.username).to.equal('user_1')
+    expect(user.email).to.equal('user_1@example.com')
+    expect(user.displayNSFW).to.be.false
+    const rootUser = users[1]
+    expect(rootUser.username).to.equal('root')
+    expect(rootUser.email).to.equal('admin1@example.com')
+    expect(rootUser.displayNSFW).to.be.false
+    userId = user.id
+  })
+  it('Should list only the first user by username asc', async function () {
+    const res = await getUsersListPaginationAndSort(server.url, 0, 1, 'username')
+    const result = res.body
+    const total = result.total
+    const users = result.data
+    expect(total).to.equal(2)
+    expect(users.length).to.equal(1)
+    const user = users[0]
+    expect(user.username).to.equal('root')
+    expect(user.email).to.equal('admin1@example.com')
+    expect(user.displayNSFW).to.be.false
+  })
+  it('Should list only the first user by username desc', async function () {
+    const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-username')
+    const result = res.body
+    const total = result.total
+    const users = result.data
+    expect(total).to.equal(2)
+    expect(users.length).to.equal(1)
+    const user = users[0]
+    expect(user.username).to.equal('user_1')
+    expect(user.email).to.equal('user_1@example.com')
+    expect(user.displayNSFW).to.be.false
+  })
+  it('Should list only the second user by createdAt desc', async function () {
+    const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-createdAt')
+    const result = res.body
+    const total = result.total
+    const users = result.data
+    expect(total).to.equal(2)
+    expect(users.length).to.equal(1)
+    const user = users[0]
+    expect(user.username).to.equal('user_1')
+    expect(user.email).to.equal('user_1@example.com')
+    expect(user.displayNSFW).to.be.false
+  })
+  it('Should list all the users by createdAt asc', async function () {
+    const res = await getUsersListPaginationAndSort(server.url, 0, 2, 'createdAt')
+    const result = res.body
+    const total = result.total
+    const users = result.data
+    expect(total).to.equal(2)
+    expect(users.length).to.equal(2)
+    expect(users[0].username).to.equal('root')
+    expect(users[0].email).to.equal('admin1@example.com')
+    expect(users[0].displayNSFW).to.be.false
+    expect(users[1].username).to.equal('user_1')
+    expect(users[1].email).to.equal('user_1@example.com')
+    expect(users[1].displayNSFW).to.be.false
+  })
+  it('Should update the user password', async function () {
+    await updateUser(server.url, userId, accessTokenUser, 'new password', null)
+    server.user.password = 'new password'
+    await login(server.url, server.client, server.user, 200)
+  })
+  it('Should be able to change the NSFW display attribute', async function () {
+    await updateUser(server.url, userId, accessTokenUser, null, true)
+    const res = await getUserInformation(server.url, accessTokenUser)
+    const user = res.body
+    expect(user.username).to.equal('user_1')
+    expect(user.email).to.equal('user_1@example.com')
+    expect(user.displayNSFW).to.be.ok
+    expect(user.id).to.be.a('number')
+  })
+  it('Should be able to remove this user', async function () {
+    await removeUser(server.url, userId, accessToken)
+  })
+  it('Should not be able to login with this user', async function () {
+    // server.user is already set to user 1
+    await login(server.url, server.client, server.user, 400)
+  })
+  it('Should not have videos of this user', async function () {
+    const res = await getVideosList(server.url)
+    expect(res.body.total).to.equal(1)
+    const video = res.body.data[0]
+    expect(video.author).to.equal('root')
+  })
+  it('Should register a new user', async function () {
+    await registerUser(server.url, 'user_15', 'my super password')
+  })
+  it('Should be able to login with this registered user', async function () {
+    server.user = {
+      username: 'user_15',
+      password: 'my super password'
+    }
+    await loginAndGetAccessToken(server)
+  })
+  after(async function () {
+    killallServers([ server ])
+    // Keep the logs if the test failed
+    if (this['ok']) {
+      await flushTests()
+    }
+  })
+})

diff --git a/server/tests/api/users.ts b/server/tests/api/users.ts new file mode 100644 index 000000000..fd3b51123 --- /dev/null +++ b/server/tests/api/users.ts
@@ -0,0 +1,343 @@
	1	/* tslint:disable:no-unused-expression */
	2
	3	import 'mocha'
	4	import * as chai from 'chai'
	5	const expect = chai.expect
	6
	7	import {
	8	ServerInfo,
	9	flushTests,
	10	runServer,
	11	login,
	12	uploadVideo,
	13	makeFriends,
	14	quitFriends,
	15	getVideosList,
	16	rateVideo,
	17	getUserVideoRating,
	18	removeVideo,
	19	makePutBodyRequest,
	20	createUser,
	21	loginAndGetAccessToken,
	22	getUserInformation,
	23	getUsersList,
	24	getUsersListPaginationAndSort,
	25	updateUser,
	26	registerUser,
	27	removeUser
	28	} from '../utils'
	29	import { killallServers } from '../utils/servers'
	30
	31	describe('Test users', function () {
	32	let server: ServerInfo
	33	let accessToken: string
	34	let accessTokenUser: string
	35	let videoId: number
	36	let userId: number
	37
	38	before(async function () {
	39	this.timeout(120000)
	40
	41	await flushTests()
	42	server = await runServer(1)
	43	})
	44
	45	it('Should create a new client')
	46
	47	it('Should return the first client')
	48
	49	it('Should remove the last client')
	50
	51	it('Should not login with an invalid client id', async function () {
	52	const client = { id: 'client', secret: server.client.secret }
	53	const res = await login(server.url, client, server.user, 400)
	54
	55	expect(res.body.error).to.equal('invalid_client')
	56	})
	57
	58	it('Should not login with an invalid client secret', async function () {
	59	const client = { id: server.client.id, secret: 'coucou' }
	60	const res = await login(server.url, client, server.user, 400)
	61
	62	expect(res.body.error).to.equal('invalid_client')
	63	})
	64
	65	it('Should not login with an invalid username', async function () {
	66	const user = { username: 'captain crochet', password: server.user.password }
	67	const res = await login(server.url, server.client, user, 400)
	68
	69	expect(res.body.error).to.equal('invalid_grant')
	70	})
	71
	72	it('Should not login with an invalid password', async function () {
	73	const user = { username: server.user.username, password: 'mewthree' }
	74	const res = await login(server.url, server.client, user, 400)
	75
	76	expect(res.body.error).to.equal('invalid_grant')
	77	})
	78
	79	it('Should not be able to upload a video', async function () {
	80	accessToken = 'my_super_token'
	81
	82	const videoAttributes = {}
	83	await uploadVideo(server.url, accessToken, videoAttributes, 401)
	84	})
	85
	86	it('Should not be able to make friends', async function () {
	87	accessToken = 'my_super_token'
	88	await makeFriends(server.url, accessToken, 401)
	89	})
	90
	91	it('Should not be able to quit friends', async function () {
	92	accessToken = 'my_super_token'
	93	await quitFriends(server.url, accessToken, 401)
	94	})
	95
	96	it('Should be able to login', async function () {
	97	const res = await login(server.url, server.client, server.user, 200)
	98
	99	accessToken = res.body.access_token
	100	})
	101
	102	it('Should upload the video with the correct token', async function () {
	103	const videoAttributes = {}
	104	await uploadVideo(server.url, accessToken, videoAttributes, 204)
	105	const res = await getVideosList(server.url)
	106	const video = res.body.data[0]
	107
	108	expect(video.author).to.equal('root')
	109	videoId = video.id
	110	})
	111
	112	it('Should upload the video again with the correct token', async function () {
	113	const videoAttributes = {}
	114	await uploadVideo(server.url, accessToken, videoAttributes, 204)
	115	})
	116
	117	it('Should retrieve a video rating', async function () {
	118	await rateVideo(server.url, accessToken, videoId, 'like')
	119	const res = await getUserVideoRating(server.url, accessToken, videoId)
	120	const rating = res.body
	121
	122	expect(rating.videoId).to.equal(videoId)
	123	expect(rating.rating).to.equal('like')
	124	})
	125
	126	it('Should not be able to remove the video with an incorrect token', async function () {
	127	await removeVideo(server.url, 'bad_token', videoId, 401)
	128	})
	129
	130	it('Should not be able to remove the video with the token of another account')
	131
	132	it('Should be able to remove the video with the correct token', async function () {
	133	await removeVideo(server.url, accessToken, videoId)
	134	})
	135
	136	it('Should logout (revoke token)')
	137
	138	it('Should not be able to get the user information')
	139
	140	it('Should not be able to upload a video')
	141
	142	it('Should not be able to remove a video')
	143
	144	it('Should not be able to rate a video', async function () {
	145	const path = '/api/v1/videos/'
	146	const data = {
	147	rating: 'likes'
	148	}
	149
	150	const options = {
	151	url: server.url,
	152	path: path + videoId,
	153	token: 'wrong token',
	154	fields: data,
	155	statusCodeExpected: 401
	156	}
	157	await makePutBodyRequest(options)
	158	})
	159
	160	it('Should be able to login again')
	161
	162	it('Should have an expired access token')
	163
	164	it('Should refresh the token')
	165
	166	it('Should be able to upload a video again')
	167
	168	it('Should be able to create a new user', async function () {
	169	await createUser(server.url, accessToken, 'user_1', 'super password')
	170	})
	171
	172	it('Should be able to login with this user', async function () {
	173	server.user = {
	174	username: 'user_1',
	175	password: 'super password'
	176	}
	177
	178	accessTokenUser = await loginAndGetAccessToken(server)
	179	})
	180
	181	it('Should be able to get the user information', async function () {
	182	const res = await getUserInformation(server.url, accessTokenUser)
	183	const user = res.body
	184
	185	expect(user.username).to.equal('user_1')
	186	expect(user.email).to.equal('user_1@example.com')
	187	expect(user.displayNSFW).to.be.false
	188	expect(user.id).to.be.a('number')
	189	})
	190
	191	it('Should be able to upload a video with this user', async function () {
	192	this.timeout(5000)
	193
	194	const videoAttributes = {}
	195	await uploadVideo(server.url, accessTokenUser, videoAttributes)
	196	})
	197
	198	it('Should list all the users', async function () {
	199	const res = await getUsersList(server.url)
	200	const result = res.body
	201	const total = result.total
	202	const users = result.data
	203
	204	expect(total).to.equal(2)
	205	expect(users).to.be.an('array')
	206	expect(users.length).to.equal(2)
	207
	208	const user = users[0]
	209	expect(user.username).to.equal('user_1')
	210	expect(user.email).to.equal('user_1@example.com')
	211	expect(user.displayNSFW).to.be.false
	212
	213	const rootUser = users[1]
	214	expect(rootUser.username).to.equal('root')
	215	expect(rootUser.email).to.equal('admin1@example.com')
	216	expect(rootUser.displayNSFW).to.be.false
	217
	218	userId = user.id
	219	})
	220
	221	it('Should list only the first user by username asc', async function () {
	222	const res = await getUsersListPaginationAndSort(server.url, 0, 1, 'username')
	223
	224	const result = res.body
	225	const total = result.total
	226	const users = result.data
	227
	228	expect(total).to.equal(2)
	229	expect(users.length).to.equal(1)
	230
	231	const user = users[0]
	232	expect(user.username).to.equal('root')
	233	expect(user.email).to.equal('admin1@example.com')
	234	expect(user.displayNSFW).to.be.false
	235	})
	236
	237	it('Should list only the first user by username desc', async function () {
	238	const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-username')
	239	const result = res.body
	240	const total = result.total
	241	const users = result.data
	242
	243	expect(total).to.equal(2)
	244	expect(users.length).to.equal(1)
	245
	246	const user = users[0]
	247	expect(user.username).to.equal('user_1')
	248	expect(user.email).to.equal('user_1@example.com')
	249	expect(user.displayNSFW).to.be.false
	250	})
	251
	252	it('Should list only the second user by createdAt desc', async function () {
	253	const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-createdAt')
	254	const result = res.body
	255	const total = result.total
	256	const users = result.data
	257
	258	expect(total).to.equal(2)
	259	expect(users.length).to.equal(1)
	260
	261	const user = users[0]
	262	expect(user.username).to.equal('user_1')
	263	expect(user.email).to.equal('user_1@example.com')
	264	expect(user.displayNSFW).to.be.false
	265	})
	266
	267	it('Should list all the users by createdAt asc', async function () {
	268	const res = await getUsersListPaginationAndSort(server.url, 0, 2, 'createdAt')
	269	const result = res.body
	270	const total = result.total
	271	const users = result.data
	272
	273	expect(total).to.equal(2)
	274	expect(users.length).to.equal(2)
	275
	276	expect(users[0].username).to.equal('root')
	277	expect(users[0].email).to.equal('admin1@example.com')
	278	expect(users[0].displayNSFW).to.be.false
	279
	280	expect(users[1].username).to.equal('user_1')
	281	expect(users[1].email).to.equal('user_1@example.com')
	282	expect(users[1].displayNSFW).to.be.false
	283	})
	284
	285	it('Should update the user password', async function () {
	286	await updateUser(server.url, userId, accessTokenUser, 'new password', null)
	287	server.user.password = 'new password'
	288
	289	await login(server.url, server.client, server.user, 200)
	290	})
	291
	292	it('Should be able to change the NSFW display attribute', async function () {
	293	await updateUser(server.url, userId, accessTokenUser, null, true)
	294
	295	const res = await getUserInformation(server.url, accessTokenUser)
	296	const user = res.body
	297
	298	expect(user.username).to.equal('user_1')
	299	expect(user.email).to.equal('user_1@example.com')
	300	expect(user.displayNSFW).to.be.ok
	301	expect(user.id).to.be.a('number')
	302	})
	303
	304	it('Should be able to remove this user', async function () {
	305	await removeUser(server.url, userId, accessToken)
	306	})
	307
	308	it('Should not be able to login with this user', async function () {
	309	// server.user is already set to user 1
	310	await login(server.url, server.client, server.user, 400)
	311	})
	312
	313	it('Should not have videos of this user', async function () {
	314	const res = await getVideosList(server.url)
	315
	316	expect(res.body.total).to.equal(1)
	317
	318	const video = res.body.data[0]
	319	expect(video.author).to.equal('root')
	320	})
	321
	322	it('Should register a new user', async function () {
	323	await registerUser(server.url, 'user_15', 'my super password')
	324	})
	325
	326	it('Should be able to login with this registered user', async function () {
	327	server.user = {
	328	username: 'user_15',
	329	password: 'my super password'
	330	}
	331
	332	await loginAndGetAccessToken(server)
	333	})
	334
	335	after(async function () {
	336	killallServers([ server ])
	337
	338	// Keep the logs if the test failed
	339	if (this['ok']) {
	340	await flushTests()
	341	}
	342	})
	343	})