aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api')
-rw-r--r--server/tests/api/checkParams.js268
-rw-r--r--server/tests/api/users.js83
-rw-r--r--server/tests/api/utils.js62
3 files changed, 393 insertions, 20 deletions
diff --git a/server/tests/api/checkParams.js b/server/tests/api/checkParams.js
index c1ba9c2c0..bd7227e9c 100644
--- a/server/tests/api/checkParams.js
+++ b/server/tests/api/checkParams.js
@@ -11,9 +11,8 @@ const utils = require('./utils')
11describe('Test parameters validator', function () { 11describe('Test parameters validator', function () {
12 let server = null 12 let server = null
13 13
14 function makePostRequest (path, token, fields, attaches, done, fail) { 14 function makePostRequest (path, token, fields, attaches, done, statusCodeExpected) {
15 let statusCode = 400 15 if (!statusCodeExpected) statusCodeExpected = 400
16 if (fail !== undefined && fail === false) statusCode = 204
17 16
18 const req = request(server.url) 17 const req = request(server.url)
19 .post(path) 18 .post(path)
@@ -38,18 +37,31 @@ describe('Test parameters validator', function () {
38 req.attach(attach, value) 37 req.attach(attach, value)
39 }) 38 })
40 39
41 req.expect(statusCode, done) 40 req.expect(statusCodeExpected, done)
42 } 41 }
43 42
44 function makePostBodyRequest (path, fields, done, fail) { 43 function makePostBodyRequest (path, token, fields, done, statusCodeExpected) {
45 let statusCode = 400 44 if (!statusCodeExpected) statusCodeExpected = 400
46 if (fail !== undefined && fail === false) statusCode = 200
47 45
48 request(server.url) 46 const req = request(server.url)
49 .post(path) 47 .post(path)
50 .set('Accept', 'application/json') 48 .set('Accept', 'application/json')
51 .send(fields) 49
52 .expect(statusCode, done) 50 if (token) req.set('Authorization', 'Bearer ' + token)
51
52 req.send(fields).expect(statusCodeExpected, done)
53 }
54
55 function makePutBodyRequest (path, token, fields, done, statusCodeExpected) {
56 if (!statusCodeExpected) statusCodeExpected = 400
57
58 const req = request(server.url)
59 .put(path)
60 .set('Accept', 'application/json')
61
62 if (token) req.set('Authorization', 'Bearer ' + token)
63
64 req.send(fields).expect(statusCodeExpected, done)
53 } 65 }
54 66
55 // --------------------------------------------------------------- 67 // ---------------------------------------------------------------
@@ -85,21 +97,21 @@ describe('Test parameters validator', function () {
85 describe('When adding a pod', function () { 97 describe('When adding a pod', function () {
86 it('Should fail with nothing', function (done) { 98 it('Should fail with nothing', function (done) {
87 const data = {} 99 const data = {}
88 makePostBodyRequest(path, data, done) 100 makePostBodyRequest(path, null, data, done)
89 }) 101 })
90 102
91 it('Should fail without public key', function (done) { 103 it('Should fail without public key', function (done) {
92 const data = { 104 const data = {
93 url: 'http://coucou.com' 105 url: 'http://coucou.com'
94 } 106 }
95 makePostBodyRequest(path, data, done) 107 makePostBodyRequest(path, null, data, done)
96 }) 108 })
97 109
98 it('Should fail without an url', function (done) { 110 it('Should fail without an url', function (done) {
99 const data = { 111 const data = {
100 publicKey: 'mysuperpublickey' 112 publicKey: 'mysuperpublickey'
101 } 113 }
102 makePostBodyRequest(path, data, done) 114 makePostBodyRequest(path, null, data, done)
103 }) 115 })
104 116
105 it('Should fail with an incorrect url', function (done) { 117 it('Should fail with an incorrect url', function (done) {
@@ -107,11 +119,11 @@ describe('Test parameters validator', function () {
107 url: 'coucou.com', 119 url: 'coucou.com',
108 publicKey: 'mysuperpublickey' 120 publicKey: 'mysuperpublickey'
109 } 121 }
110 makePostBodyRequest(path, data, function () { 122 makePostBodyRequest(path, null, data, function () {
111 data.url = 'http://coucou' 123 data.url = 'http://coucou'
112 makePostBodyRequest(path, data, function () { 124 makePostBodyRequest(path, null, data, function () {
113 data.url = 'coucou' 125 data.url = 'coucou'
114 makePostBodyRequest(path, data, done) 126 makePostBodyRequest(path, null, data, done)
115 }) 127 })
116 }) 128 })
117 }) 129 })
@@ -121,7 +133,68 @@ describe('Test parameters validator', function () {
121 url: 'http://coucou.com', 133 url: 'http://coucou.com',
122 publicKey: 'mysuperpublickey' 134 publicKey: 'mysuperpublickey'
123 } 135 }
124 makePostBodyRequest(path, data, done, false) 136 makePostBodyRequest(path, null, data, done, 200)
137 })
138 })
139
140 describe('For the friends API', function () {
141 let userAccessToken = null
142
143 before(function (done) {
144 utils.createUser(server.url, server.accessToken, 'user1', 'password', function () {
145 server.user = {
146 username: 'user1',
147 password: 'password'
148 }
149
150 utils.loginAndGetAccessToken(server, function (err, accessToken) {
151 if (err) throw err
152
153 userAccessToken = accessToken
154
155 done()
156 })
157 })
158 })
159
160 describe('When making friends', function () {
161 it('Should fail with a invalid token', function (done) {
162 request(server.url)
163 .get(path + '/makefriends')
164 .query({ start: 'hello' })
165 .set('Authorization', 'Bearer faketoken')
166 .set('Accept', 'application/json')
167 .expect(401, done)
168 })
169
170 it('Should fail if the user is not an administrator', function (done) {
171 request(server.url)
172 .get(path + '/makefriends')
173 .query({ start: 'hello' })
174 .set('Authorization', 'Bearer ' + userAccessToken)
175 .set('Accept', 'application/json')
176 .expect(403, done)
177 })
178 })
179
180 describe('When quitting friends', function () {
181 it('Should fail with a invalid token', function (done) {
182 request(server.url)
183 .get(path + '/quitfriends')
184 .query({ start: 'hello' })
185 .set('Authorization', 'Bearer faketoken')
186 .set('Accept', 'application/json')
187 .expect(401, done)
188 })
189
190 it('Should fail if the user is not an administrator', function (done) {
191 request(server.url)
192 .get(path + '/quitfriends')
193 .query({ start: 'hello' })
194 .set('Authorization', 'Bearer ' + userAccessToken)
195 .set('Accept', 'application/json')
196 .expect(403, done)
197 })
125 }) 198 })
126 }) 199 })
127 }) 200 })
@@ -361,7 +434,7 @@ describe('Test parameters validator', function () {
361 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.mp4') 434 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.mp4')
362 makePostRequest(path, server.accessToken, data, attach, function () { 435 makePostRequest(path, server.accessToken, data, attach, function () {
363 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.ogv') 436 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.ogv')
364 makePostRequest(path, server.accessToken, data, attach, done, false) 437 makePostRequest(path, server.accessToken, data, attach, done, 204)
365 }, false) 438 }, false)
366 }, false) 439 }, false)
367 }) 440 })
@@ -429,6 +502,165 @@ describe('Test parameters validator', function () {
429 }) 502 })
430 }) 503 })
431 504
505 describe('Of the users API', function () {
506 const path = '/api/v1/users/'
507
508 describe('When adding a new user', function () {
509 it('Should fail with a too small username', function (done) {
510 const data = {
511 username: 'ji',
512 password: 'mysuperpassword'
513 }
514
515 makePostBodyRequest(path, server.accessToken, data, done)
516 })
517
518 it('Should fail with a too long username', function (done) {
519 const data = {
520 username: 'mysuperusernamewhichisverylong',
521 password: 'mysuperpassword'
522 }
523
524 makePostBodyRequest(path, server.accessToken, data, done)
525 })
526
527 it('Should fail with an incorrect username', function (done) {
528 const data = {
529 username: 'my username',
530 password: 'mysuperpassword'
531 }
532
533 makePostBodyRequest(path, server.accessToken, data, done)
534 })
535
536 it('Should fail with a too small password', function (done) {
537 const data = {
538 username: 'myusername',
539 password: 'bla'
540 }
541
542 makePostBodyRequest(path, server.accessToken, data, done)
543 })
544
545 it('Should fail with a too long password', function (done) {
546 const data = {
547 username: 'myusername',
548 password: 'my super long password which is very very very very very very very very very very very very very very' +
549 'very very very very very very very very very very very very very very very veryv very very very very' +
550 'very very very very very very very very very very very very very very very very very very very very long'
551 }
552
553 makePostBodyRequest(path, server.accessToken, data, done)
554 })
555
556 it('Should fail with an non authenticated user', function (done) {
557 const data = {
558 username: 'myusername',
559 password: 'my super password'
560 }
561
562 makePostBodyRequest(path, 'super token', data, done, 401)
563 })
564
565 it('Should succeed with the correct params', function (done) {
566 const data = {
567 username: 'user1',
568 password: 'my super password'
569 }
570
571 makePostBodyRequest(path, server.accessToken, data, done, 204)
572 })
573
574 it('Should fail with a non admin user', function (done) {
575 server.user = {
576 username: 'user1',
577 password: 'my super password'
578 }
579
580 utils.loginAndGetAccessToken(server, function (err, accessToken) {
581 if (err) throw err
582
583 const data = {
584 username: 'user2',
585 password: 'my super password'
586 }
587
588 makePostBodyRequest(path, accessToken, data, done, 403)
589 })
590 })
591 })
592
593 describe('When updating a user', function () {
594 let userId = null
595
596 before(function (done) {
597 utils.getUsersList(server.url, function (err, res) {
598 if (err) throw err
599
600 userId = res.body.data[1].id
601 done()
602 })
603 })
604
605 it('Should fail with a too small password', function (done) {
606 const data = {
607 password: 'bla'
608 }
609
610 makePutBodyRequest(path + '/' + userId, server.accessToken, data, done)
611 })
612
613 it('Should fail with a too long password', function (done) {
614 const data = {
615 password: 'my super long password which is very very very very very very very very very very very very very very' +
616 'very very very very very very very very very very very very very very very veryv very very very very' +
617 'very very very very very very very very very very very very very very very very very very very very long'
618 }
619
620 makePutBodyRequest(path + '/' + userId, server.accessToken, data, done)
621 })
622
623 it('Should fail with an non authenticated user', function (done) {
624 const data = {
625 password: 'my super password'
626 }
627
628 makePutBodyRequest(path + '/' + userId, 'super token', data, done, 401)
629 })
630
631 it('Should succeed with the correct params', function (done) {
632 const data = {
633 password: 'my super password'
634 }
635
636 makePutBodyRequest(path + '/' + userId, server.accessToken, data, done, 204)
637 })
638 })
639
640 describe('When removing an user', function () {
641 it('Should fail with an incorrect username', function (done) {
642 request(server.url)
643 .delete(path + 'bla-bla')
644 .set('Authorization', 'Bearer ' + server.accessToken)
645 .expect(400, done)
646 })
647
648 it('Should return 404 with a non existing username', function (done) {
649 request(server.url)
650 .delete(path + 'qzzerg')
651 .set('Authorization', 'Bearer ' + server.accessToken)
652 .expect(404, done)
653 })
654
655 it('Should success with the correct parameters', function (done) {
656 request(server.url)
657 .delete(path + 'user1')
658 .set('Authorization', 'Bearer ' + server.accessToken)
659 .expect(204, done)
660 })
661 })
662 })
663
432 describe('Of the remote videos API', function () { 664 describe('Of the remote videos API', function () {
433 describe('When making a secure request', function () { 665 describe('When making a secure request', function () {
434 it('Should check a secure request') 666 it('Should check a secure request')
diff --git a/server/tests/api/users.js b/server/tests/api/users.js
index 68ba9de33..c711d6b64 100644
--- a/server/tests/api/users.js
+++ b/server/tests/api/users.js
@@ -13,7 +13,9 @@ const utils = require('./utils')
13describe('Test users', function () { 13describe('Test users', function () {
14 let server = null 14 let server = null
15 let accessToken = null 15 let accessToken = null
16 let videoId 16 let accessTokenUser = null
17 let videoId = null
18 let userId = null
17 19
18 before(function (done) { 20 before(function (done) {
19 this.timeout(20000) 21 this.timeout(20000)
@@ -158,6 +160,85 @@ describe('Test users', function () {
158 160
159 it('Should be able to upload a video again') 161 it('Should be able to upload a video again')
160 162
163 it('Should be able to create a new user', function (done) {
164 utils.createUser(server.url, accessToken, 'user_1', 'super password', done)
165 })
166
167 it('Should be able to login with this user', function (done) {
168 server.user = {
169 username: 'user_1',
170 password: 'super password'
171 }
172
173 utils.loginAndGetAccessToken(server, function (err, token) {
174 if (err) throw err
175
176 accessTokenUser = token
177
178 done()
179 })
180 })
181
182 it('Should be able to upload a video with this user', function (done) {
183 this.timeout(5000)
184
185 const name = 'my super name'
186 const description = 'my super description'
187 const tags = [ 'tag1', 'tag2', 'tag3' ]
188 const file = 'video_short.webm'
189 utils.uploadVideo(server.url, accessTokenUser, name, description, tags, file, done)
190 })
191
192 it('Should list all the users', function (done) {
193 utils.getUsersList(server.url, function (err, res) {
194 if (err) throw err
195
196 const users = res.body.data
197
198 expect(users).to.be.an('array')
199 expect(users.length).to.equal(2)
200
201 const rootUser = users[0]
202 expect(rootUser.username).to.equal('root')
203
204 const user = users[1]
205 expect(user.username).to.equal('user_1')
206 userId = user.id
207
208 done()
209 })
210 })
211
212 it('Should update the user password', function (done) {
213 utils.updateUser(server.url, userId, accessTokenUser, 'new password', function (err, res) {
214 if (err) throw err
215
216 server.user.password = 'new password'
217 utils.login(server.url, server.client, server.user, 200, done)
218 })
219 })
220
221 it('Should be able to remove this user', function (done) {
222 utils.removeUser(server.url, accessToken, 'user_1', done)
223 })
224
225 it('Should not be able to login with this user', function (done) {
226 // server.user is already set to user 1
227 utils.login(server.url, server.client, server.user, 400, done)
228 })
229
230 it('Should not have videos of this user', function (done) {
231 utils.getVideosList(server.url, function (err, res) {
232 if (err) throw err
233
234 expect(res.body.total).to.equal(1)
235 const video = res.body.data[0]
236 expect(video.author).to.equal('root')
237
238 done()
239 })
240 })
241
161 after(function (done) { 242 after(function (done) {
162 process.kill(-server.app.pid) 243 process.kill(-server.app.pid)
163 244
diff --git a/server/tests/api/utils.js b/server/tests/api/utils.js
index 3cc769f26..f34b81e4a 100644
--- a/server/tests/api/utils.js
+++ b/server/tests/api/utils.js
@@ -8,11 +8,13 @@ const pathUtils = require('path')
8const request = require('supertest') 8const request = require('supertest')
9 9
10const testUtils = { 10const testUtils = {
11 createUser: createUser,
11 dateIsValid: dateIsValid, 12 dateIsValid: dateIsValid,
12 flushTests: flushTests, 13 flushTests: flushTests,
13 getAllVideosListBy: getAllVideosListBy, 14 getAllVideosListBy: getAllVideosListBy,
14 getClient: getClient, 15 getClient: getClient,
15 getFriendsList: getFriendsList, 16 getFriendsList: getFriendsList,
17 getUsersList: getUsersList,
16 getVideo: getVideo, 18 getVideo: getVideo,
17 getVideosList: getVideosList, 19 getVideosList: getVideosList,
18 getVideosListPagination: getVideosListPagination, 20 getVideosListPagination: getVideosListPagination,
@@ -21,6 +23,7 @@ const testUtils = {
21 loginAndGetAccessToken: loginAndGetAccessToken, 23 loginAndGetAccessToken: loginAndGetAccessToken,
22 makeFriends: makeFriends, 24 makeFriends: makeFriends,
23 quitFriends: quitFriends, 25 quitFriends: quitFriends,
26 removeUser: removeUser,
24 removeVideo: removeVideo, 27 removeVideo: removeVideo,
25 flushAndRunMultipleServers: flushAndRunMultipleServers, 28 flushAndRunMultipleServers: flushAndRunMultipleServers,
26 runServer: runServer, 29 runServer: runServer,
@@ -28,11 +31,29 @@ const testUtils = {
28 searchVideoWithPagination: searchVideoWithPagination, 31 searchVideoWithPagination: searchVideoWithPagination,
29 searchVideoWithSort: searchVideoWithSort, 32 searchVideoWithSort: searchVideoWithSort,
30 testImage: testImage, 33 testImage: testImage,
31 uploadVideo: uploadVideo 34 uploadVideo: uploadVideo,
35 updateUser: updateUser
32} 36}
33 37
34// ---------------------- Export functions -------------------- 38// ---------------------- Export functions --------------------
35 39
40function createUser (url, accessToken, username, password, specialStatus, end) {
41 if (!end) {
42 end = specialStatus
43 specialStatus = 204
44 }
45
46 const path = '/api/v1/users'
47
48 request(url)
49 .post(path)
50 .set('Accept', 'application/json')
51 .set('Authorization', 'Bearer ' + accessToken)
52 .send({ username: username, password: password })
53 .expect(specialStatus)
54 .end(end)
55}
56
36function dateIsValid (dateString) { 57function dateIsValid (dateString) {
37 const dateToCheck = new Date(dateString) 58 const dateToCheck = new Date(dateString)
38 const now = new Date() 59 const now = new Date()
@@ -72,6 +93,17 @@ function getClient (url, end) {
72 .end(end) 93 .end(end)
73} 94}
74 95
96function getUsersList (url, end) {
97 const path = '/api/v1/users'
98
99 request(url)
100 .get(path)
101 .set('Accept', 'application/json')
102 .expect(200)
103 .expect('Content-Type', /json/)
104 .end(end)
105}
106
75function getFriendsList (url, end) { 107function getFriendsList (url, end) {
76 const path = '/api/v1/pods/' 108 const path = '/api/v1/pods/'
77 109
@@ -209,6 +241,22 @@ function quitFriends (url, accessToken, expectedStatus, callback) {
209 }) 241 })
210} 242}
211 243
244function removeUser (url, token, username, expectedStatus, end) {
245 if (!end) {
246 end = expectedStatus
247 expectedStatus = 204
248 }
249
250 const path = '/api/v1/users'
251
252 request(url)
253 .delete(path + '/' + username)
254 .set('Accept', 'application/json')
255 .set('Authorization', 'Bearer ' + token)
256 .expect(expectedStatus)
257 .end(end)
258}
259
212function removeVideo (url, token, id, expectedStatus, end) { 260function removeVideo (url, token, id, expectedStatus, end) {
213 if (!end) { 261 if (!end) {
214 end = expectedStatus 262 end = expectedStatus
@@ -414,6 +462,18 @@ function uploadVideo (url, accessToken, name, description, tags, fixture, specia
414 .end(end) 462 .end(end)
415} 463}
416 464
465function updateUser (url, userId, accessToken, newPassword, end) {
466 const path = '/api/v1/users/' + userId
467
468 request(url)
469 .put(path)
470 .set('Accept', 'application/json')
471 .set('Authorization', 'Bearer ' + accessToken)
472 .send({ password: newPassword })
473 .expect(200)
474 .end(end)
475}
476
417// --------------------------------------------------------------------------- 477// ---------------------------------------------------------------------------
418 478
419module.exports = testUtils 479module.exports = testUtils