7 files changed, 295 insertions, 46 deletions

diff --git a/server/tests/api/activitypub/security.ts b/server/tests/api/activitypub/security.ts
index 8bde54a40..364b53e0f 100644
--- a/server/tests/api/activitypub/security.ts
+++ b/server/tests/api/activitypub/security.ts
@@ -8,6 +8,8 @@ import {
   cleanupTests,
   closeAllSequelize,
   flushAndRunMultipleServers,
+  killallServers,
+  reRunServer,
   ServerInfo,
   setActorField,
   wait
@@ -20,21 +22,32 @@ import { buildGlobalHeaders } from '../../../lib/job-queue/handlers/utils/activi
 const expect = chai.expect
 
 function setKeysOfServer (onServer: ServerInfo, ofServer: ServerInfo, publicKey: string, privateKey: string) {
+  const url = 'http://localhost:' + ofServer.port + '/accounts/peertube'
+
   return Promise.all([
-    setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'publicKey', publicKey),
-    setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'privateKey', privateKey)
+    setActorField(onServer.internalServerNumber, url, 'publicKey', publicKey),
+    setActorField(onServer.internalServerNumber, url, 'privateKey', privateKey)
   ])
 }
 
-function getAnnounceWithoutContext (server2: ServerInfo) {
+function setUpdatedAtOfServer (onServer: ServerInfo, ofServer: ServerInfo, updatedAt: string) {
+  const url = 'http://localhost:' + ofServer.port + '/accounts/peertube'
+
+  return Promise.all([
+    setActorField(onServer.internalServerNumber, url, 'createdAt', updatedAt),
+    setActorField(onServer.internalServerNumber, url, 'updatedAt', updatedAt)
+  ])
+}
+
+function getAnnounceWithoutContext (server: ServerInfo) {
   const json = require('./json/peertube/announce-without-context.json')
   const result: typeof json = {}
 
   for (const key of Object.keys(json)) {
     if (Array.isArray(json[key])) {
-      result[key] = json[key].map(v => v.replace(':9002', `:${server2.port}`))
+      result[key] = json[key].map(v => v.replace(':9002', `:${server.port}`))
     } else {
-      result[key] = json[key].replace(':9002', `:${server2.port}`)
+      result[key] = json[key].replace(':9002', `:${server.port}`)
     }
   }
 
@@ -64,7 +77,8 @@ describe('Test ActivityPub security', function () {
 
     url = servers[0].url + '/inbox'
 
-    await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey)
+    await setKeysOfServer(servers[0], servers[1], keys.publicKey, null)
+    await setKeysOfServer(servers[1], servers[1], keys.publicKey, keys.privateKey)
 
     const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' }
     const by = { url: 'http://localhost:' + servers[1].port + '/accounts/peertube', privateKey: keys.privateKey }
@@ -79,9 +93,12 @@ describe('Test ActivityPub security', function () {
         Digest: buildDigest({ hello: 'coucou' })
       }
 
-      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
 
     it('Should fail with an invalid date', async function () {
@@ -89,9 +106,12 @@ describe('Test ActivityPub security', function () {
       const headers = buildGlobalHeaders(body)
       headers['date'] = 'Wed, 21 Oct 2015 07:28:00 GMT'
 
-      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
 
     it('Should fail with bad keys', async function () {
@@ -101,9 +121,12 @@ describe('Test ActivityPub security', function () {
       const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
       const headers = buildGlobalHeaders(body)
 
-      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
 
     it('Should reject requests without appropriate signed headers', async function () {
@@ -123,8 +146,12 @@ describe('Test ActivityPub security', function () {
       for (const badHeaders of badHeadersMatrix) {
         signatureOptions.headers = badHeaders
 
-        const { response } = await makePOSTAPRequest(url, body, signatureOptions, headers)
-        expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+        try {
+          await makePOSTAPRequest(url, body, signatureOptions, headers)
+          expect(true, 'Did not throw').to.be.false
+        } catch (err) {
+          expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+        }
       }
     })
 
@@ -132,27 +159,32 @@ describe('Test ActivityPub security', function () {
       const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
       const headers = buildGlobalHeaders(body)
 
-      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
+      const { statusCode } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
+      expect(statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
     })
 
     it('Should refresh the actor keys', async function () {
       this.timeout(20000)
 
-      // Wait refresh invalidation
-      await wait(10000)
-
       // Update keys of server 2 to invalid keys
       // Server 1 should refresh the actor and fail
       await setKeysOfServer(servers[1], servers[1], invalidKeys.publicKey, invalidKeys.privateKey)
+      await setUpdatedAtOfServer(servers[0], servers[1], '2015-07-17 22:00:00+00')
+
+      // Invalid peertube actor cache
+      killallServers([ servers[1] ])
+      await reRunServer(servers[1])
 
       const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
       const headers = buildGlobalHeaders(body)
 
-      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        console.error(err)
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
   })
 
@@ -183,9 +215,12 @@ describe('Test ActivityPub security', function () {
 
       const headers = buildGlobalHeaders(signedBody)
 
-      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
 
     it('Should fail with an altered body', async function () {
@@ -204,9 +239,12 @@ describe('Test ActivityPub security', function () {
 
       const headers = buildGlobalHeaders(signedBody)
 
-      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
 
     it('Should succeed with a valid signature', async function () {
@@ -220,9 +258,8 @@ describe('Test ActivityPub security', function () {
 
       const headers = buildGlobalHeaders(signedBody)
 
-      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
+      const { statusCode } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
+      expect(statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
     })
 
     it('Should refresh the actor keys', async function () {
@@ -243,9 +280,12 @@ describe('Test ActivityPub security', function () {
 
       const headers = buildGlobalHeaders(signedBody)
 
-      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
-
-      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      try {
+        await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
+        expect(true, 'Did not throw').to.be.false
+      } catch (err) {
+        expect(err.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
+      }
     })
   })
 
diff --git a/server/tests/api/check-params/user-notifications.ts b/server/tests/api/check-params/user-notifications.ts
index 05a78b0ad..26d4423f9 100644
--- a/server/tests/api/check-params/user-notifications.ts
+++ b/server/tests/api/check-params/user-notifications.ts
@@ -176,7 +176,9 @@ describe('Test user notifications API validators', function () {
       newInstanceFollower: UserNotificationSettingValue.WEB,
       autoInstanceFollowing: UserNotificationSettingValue.WEB,
       abuseNewMessage: UserNotificationSettingValue.WEB,
-      abuseStateChange: UserNotificationSettingValue.WEB
+      abuseStateChange: UserNotificationSettingValue.WEB,
+      newPeerTubeVersion: UserNotificationSettingValue.WEB,
+      newPluginVersion: UserNotificationSettingValue.WEB
     }
 
     it('Should fail with missing fields', async function () {
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 0a13f5b67..2b03fde2d 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -241,7 +241,7 @@ describe('Test users API validators', function () {
     })
 
     it('Should succeed with no password on a server with smtp enabled', async function () {
-      this.timeout(10000)
+      this.timeout(20000)
 
       killallServers([ server ])
 
diff --git a/server/tests/api/notifications/admin-notifications.ts b/server/tests/api/notifications/admin-notifications.ts
new file mode 100644
index 000000000..e07327d74
--- /dev/null
+++ b/server/tests/api/notifications/admin-notifications.ts
@@ -0,0 +1,165 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import 'mocha'
+import { expect } from 'chai'
+import { MockJoinPeerTubeVersions } from '@shared/extra-utils/mock-servers/joinpeertube-versions'
+import { cleanupTests, installPlugin, setPluginLatestVersion, setPluginVersion, wait } from '../../../../shared/extra-utils'
+import { ServerInfo } from '../../../../shared/extra-utils/index'
+import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
+import {
+  CheckerBaseParams,
+  checkNewPeerTubeVersion,
+  checkNewPluginVersion,
+  prepareNotificationsTest
+} from '../../../../shared/extra-utils/users/user-notifications'
+import { UserNotification, UserNotificationType } from '../../../../shared/models/users'
+import { PluginType } from '@shared/models'
+
+describe('Test admin notifications', function () {
+  let server: ServerInfo
+  let userNotifications: UserNotification[] = []
+  let adminNotifications: UserNotification[] = []
+  let emails: object[] = []
+  let baseParams: CheckerBaseParams
+  let joinPeerTubeServer: MockJoinPeerTubeVersions
+
+  before(async function () {
+    this.timeout(120000)
+
+    const config = {
+      peertube: {
+        check_latest_version: {
+          enabled: true,
+          url: 'http://localhost:42102/versions.json'
+        }
+      },
+      plugins: {
+        index: {
+          enabled: true,
+          check_latest_versions_interval: '5 seconds'
+        }
+      }
+    }
+
+    const res = await prepareNotificationsTest(1, config)
+    emails = res.emails
+    server = res.servers[0]
+
+    userNotifications = res.userNotifications
+    adminNotifications = res.adminNotifications
+
+    baseParams = {
+      server: server,
+      emails,
+      socketNotifications: adminNotifications,
+      token: server.accessToken
+    }
+
+    await installPlugin({
+      url: server.url,
+      accessToken: server.accessToken,
+      npmName: 'peertube-plugin-hello-world'
+    })
+
+    await installPlugin({
+      url: server.url,
+      accessToken: server.accessToken,
+      npmName: 'peertube-theme-background-red'
+    })
+
+    joinPeerTubeServer = new MockJoinPeerTubeVersions()
+    await joinPeerTubeServer.initialize()
+  })
+
+  describe('Latest PeerTube version notification', function () {
+
+    it('Should not send a notification to admins if there is not a new version', async function () {
+      this.timeout(30000)
+
+      joinPeerTubeServer.setLatestVersion('1.4.2')
+
+      await wait(3000)
+      await checkNewPeerTubeVersion(baseParams, '1.4.2', 'absence')
+    })
+
+    it('Should send a notification to admins on new plugin version', async function () {
+      this.timeout(30000)
+
+      joinPeerTubeServer.setLatestVersion('15.4.2')
+
+      await wait(3000)
+      await checkNewPeerTubeVersion(baseParams, '15.4.2', 'presence')
+    })
+
+    it('Should not send the same notification to admins', async function () {
+      this.timeout(30000)
+
+      await wait(3000)
+      expect(adminNotifications.filter(n => n.type === UserNotificationType.NEW_PEERTUBE_VERSION)).to.have.lengthOf(1)
+    })
+
+    it('Should not have sent a notification to users', async function () {
+      this.timeout(30000)
+
+      expect(userNotifications.filter(n => n.type === UserNotificationType.NEW_PEERTUBE_VERSION)).to.have.lengthOf(0)
+    })
+
+    it('Should send a new notification after a new release', async function () {
+      this.timeout(30000)
+
+      joinPeerTubeServer.setLatestVersion('15.4.3')
+
+      await wait(3000)
+      await checkNewPeerTubeVersion(baseParams, '15.4.3', 'presence')
+      expect(adminNotifications.filter(n => n.type === UserNotificationType.NEW_PEERTUBE_VERSION)).to.have.lengthOf(2)
+    })
+  })
+
+  describe('Latest plugin version notification', function () {
+
+    it('Should not send a notification to admins if there is no new plugin version', async function () {
+      this.timeout(30000)
+
+      await wait(6000)
+      await checkNewPluginVersion(baseParams, PluginType.PLUGIN, 'hello-world', 'absence')
+    })
+
+    it('Should send a notification to admins on new plugin version', async function () {
+      this.timeout(30000)
+
+      await setPluginVersion(server.internalServerNumber, 'hello-world', '0.0.1')
+      await setPluginLatestVersion(server.internalServerNumber, 'hello-world', '0.0.1')
+      await wait(6000)
+
+      await checkNewPluginVersion(baseParams, PluginType.PLUGIN, 'hello-world', 'presence')
+    })
+
+    it('Should not send the same notification to admins', async function () {
+      this.timeout(30000)
+
+      await wait(6000)
+
+      expect(adminNotifications.filter(n => n.type === UserNotificationType.NEW_PLUGIN_VERSION)).to.have.lengthOf(1)
+    })
+
+    it('Should not have sent a notification to users', async function () {
+      expect(userNotifications.filter(n => n.type === UserNotificationType.NEW_PLUGIN_VERSION)).to.have.lengthOf(0)
+    })
+
+    it('Should send a new notification after a new plugin release', async function () {
+      this.timeout(30000)
+
+      await setPluginVersion(server.internalServerNumber, 'hello-world', '0.0.1')
+      await setPluginLatestVersion(server.internalServerNumber, 'hello-world', '0.0.1')
+      await wait(6000)
+
+      expect(adminNotifications.filter(n => n.type === UserNotificationType.NEW_PEERTUBE_VERSION)).to.have.lengthOf(2)
+    })
+  })
+
+  after(async function () {
+    MockSmtpServer.Instance.kill()
+
+    await cleanupTests([ server ])
+  })
+})
diff --git a/server/tests/api/notifications/index.ts b/server/tests/api/notifications/index.ts
index bd07a339e..8caa30a3d 100644
--- a/server/tests/api/notifications/index.ts
+++ b/server/tests/api/notifications/index.ts
@@ -1,3 +1,4 @@
+import './admin-notifications'
 import './comments-notifications'
 import './moderation-notifications'
 import './notifications-api'
diff --git a/server/tests/api/server/handle-down.ts b/server/tests/api/server/handle-down.ts
index 043754e70..f3ba11950 100644
--- a/server/tests/api/server/handle-down.ts
+++ b/server/tests/api/server/handle-down.ts
@@ -348,8 +348,8 @@ describe('Test handle downs', function () {
 
     for (let i = 0; i < 3; i++) {
       await getVideo(servers[1].url, videoIdsServer1[i])
-      await wait(1000)
       await waitJobs([ servers[1] ])
+      await wait(1500)
     }
 
     for (const id of videoIdsServer1) {
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts
index 62a59033f..cea98aac7 100644
--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@@ -4,10 +4,12 @@ import 'mocha'
 import * as chai from 'chai'
 import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models'
 import { CustomConfig } from '@shared/models/server'
+import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
 import {
   addVideoCommentThread,
   blockUser,
   cleanupTests,
+  closeAllSequelize,
   createUser,
   deleteMe,
   flushAndRunServer,
@@ -24,6 +26,7 @@ import {
   getVideoChannel,
   getVideosList,
   installPlugin,
+  killallServers,
   login,
   makePutBodyRequest,
   rateVideo,
@@ -31,7 +34,9 @@ import {
   removeUser,
   removeVideo,
   reportAbuse,
+  reRunServer,
   ServerInfo,
+  setTokenField,
   testImage,
   unblockUser,
   updateAbuse,
@@ -44,10 +49,9 @@ import {
   waitJobs
 } from '../../../../shared/extra-utils'
 import { follow } from '../../../../shared/extra-utils/server/follows'
-import { logout, serverLogin, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
+import { logout, refreshToken, setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
-import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
 
 const expect = chai.expect
 
@@ -89,6 +93,7 @@ describe('Test users', function () {
       const client = { id: 'client', secret: server.client.secret }
       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
 
+      expect(res.body.code).to.equal('invalid_client')
       expect(res.body.error).to.contain('client is invalid')
     })
 
@@ -96,6 +101,7 @@ describe('Test users', function () {
       const client = { id: server.client.id, secret: 'coucou' }
       const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
 
+      expect(res.body.code).to.equal('invalid_client')
       expect(res.body.error).to.contain('client is invalid')
     })
   })
@@ -106,6 +112,7 @@ describe('Test users', function () {
       const user = { username: 'captain crochet', password: server.user.password }
       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 
+      expect(res.body.code).to.equal('invalid_grant')
       expect(res.body.error).to.contain('credentials are invalid')
     })
 
@@ -113,6 +120,7 @@ describe('Test users', function () {
       const user = { username: server.user.username, password: 'mew_three' }
       const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
 
+      expect(res.body.code).to.equal('invalid_grant')
       expect(res.body.error).to.contain('credentials are invalid')
     })
 
@@ -245,12 +253,44 @@ describe('Test users', function () {
     })
 
     it('Should be able to login again', async function () {
-      server.accessToken = await serverLogin(server)
+      const res = await login(server.url, server.client, server.user)
+      server.accessToken = res.body.access_token
+      server.refreshToken = res.body.refresh_token
+    })
+
+    it('Should be able to get my user information again', async function () {
+      await getMyUserInformation(server.url, server.accessToken)
+    })
+
+    it('Should have an expired access token', async function () {
+      this.timeout(15000)
+
+      await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
+      await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
+
+      killallServers([ server ])
+      await reRunServer(server)
+
+      await getMyUserInformation(server.url, server.accessToken, 401)
+    })
+
+    it('Should not be able to refresh an access token with an expired refresh token', async function () {
+      await refreshToken(server, server.refreshToken, 400)
     })
 
-    it('Should have an expired access token')
+    it('Should refresh the token', async function () {
+      this.timeout(15000)
+
+      const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
+      await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
 
-    it('Should refresh the token')
+      killallServers([ server ])
+      await reRunServer(server)
+
+      const res = await refreshToken(server, server.refreshToken)
+      server.accessToken = res.body.access_token
+      server.refreshToken = res.body.refresh_token
+    })
 
     it('Should be able to get my user information again', async function () {
       await getMyUserInformation(server.url, server.accessToken)
@@ -976,6 +1016,7 @@ describe('Test users', function () {
   })
 
   after(async function () {
+    await closeAllSequelize([ server ])
     await cleanupTests([ server ])
   })
 })