aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users.ts18
-rw-r--r--server/middlewares/validators/users.ts14
-rw-r--r--server/tests/api/check-params/users.ts8
-rw-r--r--server/tests/api/users/users.ts17
-rw-r--r--server/tests/utils/users/users.ts11
5 files changed, 65 insertions, 3 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 36bf0e0fe..3d2586c3a 100644
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -30,6 +30,7 @@ import {
30 usersVideoRatingValidator 30 usersVideoRatingValidator
31} from '../../middlewares' 31} from '../../middlewares'
32import { 32import {
33 deleteMeValidator,
33 usersAskResetPasswordValidator, 34 usersAskResetPasswordValidator,
34 usersResetPasswordValidator, 35 usersResetPasswordValidator,
35 videoImportsSortValidator, 36 videoImportsSortValidator,
@@ -62,6 +63,11 @@ usersRouter.get('/me',
62 authenticate, 63 authenticate,
63 asyncMiddleware(getUserInformation) 64 asyncMiddleware(getUserInformation)
64) 65)
66usersRouter.delete('/me',
67 authenticate,
68 asyncMiddleware(deleteMeValidator),
69 asyncMiddleware(deleteMe)
70)
65 71
66usersRouter.get('/me/video-quota-used', 72usersRouter.get('/me/video-quota-used',
67 authenticate, 73 authenticate,
@@ -296,8 +302,18 @@ async function listUsers (req: express.Request, res: express.Response, next: exp
296 return res.json(getFormattedObjects(resultList.data, resultList.total)) 302 return res.json(getFormattedObjects(resultList.data, resultList.total))
297} 303}
298 304
305async function deleteMe (req: express.Request, res: express.Response) {
306 const user: UserModel = res.locals.oauth.token.User
307
308 await user.destroy()
309
310 auditLogger.delete(res.locals.oauth.token.User.Account.Actor.getIdentifier(), new UserAuditView(user.toFormattedJSON()))
311
312 return res.sendStatus(204)
313}
314
299async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { 315async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
300 const user = await UserModel.loadById(req.params.id) 316 const user: UserModel = res.locals.user
301 317
302 await user.destroy() 318 await user.destroy()
303 319
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 8ca9763a1..3c207c81f 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -74,6 +74,19 @@ const usersRemoveValidator = [
74 } 74 }
75] 75]
76 76
77const deleteMeValidator = [
78 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
79 const user: UserModel = res.locals.oauth.token.User
80 if (user.username === 'root') {
81 return res.status(400)
82 .send({ error: 'You cannot delete your root account.' })
83 .end()
84 }
85
86 return next()
87 }
88]
89
77const usersUpdateValidator = [ 90const usersUpdateValidator = [
78 param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), 91 param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
79 body('email').optional().isEmail().withMessage('Should have a valid email attribute'), 92 body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
@@ -215,6 +228,7 @@ const usersResetPasswordValidator = [
215 228
216export { 229export {
217 usersAddValidator, 230 usersAddValidator,
231 deleteMeValidator,
218 usersRegisterValidator, 232 usersRegisterValidator,
219 usersRemoveValidator, 233 usersRemoveValidator,
220 usersUpdateValidator, 234 usersUpdateValidator,
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 62faabc54..60165ae22 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -8,7 +8,7 @@ import { UserRole, VideoImport, VideoImportState } from '../../../../shared'
8import { 8import {
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest, 9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers, 10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin 11 updateUser, uploadVideo, userLogin, deleteMe
12} from '../../utils' 12} from '../../utils'
13import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' 13import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
14import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../utils/videos/video-imports' 14import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../utils/videos/video-imports'
@@ -469,6 +469,12 @@ describe('Test users API validators', function () {
469 }) 469 })
470 }) 470 })
471 471
472 describe('When deleting our account', function () {
473 it('Should fail with with the root account', async function () {
474 await deleteMe(server.url, server.accessToken, 400)
475 })
476 })
477
472 describe('When register a new user', function () { 478 describe('When register a new user', function () {
473 const registrationPath = path + '/register' 479 const registrationPath = path + '/register'
474 const baseCorrectParams = { 480 const baseCorrectParams = {
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts
index 1ea599859..c9e8eb6f9 100644
--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@@ -6,7 +6,8 @@ import { UserRole } from '../../../../shared/index'
6import { 6import {
7 createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, 7 createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating,
8 getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, 8 getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo,
9 registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin 9 registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin,
10 deleteMe
10} from '../../utils/index' 11} from '../../utils/index'
11import { follow } from '../../utils/server/follows' 12import { follow } from '../../utils/server/follows'
12import { setAccessTokensToServers } from '../../utils/users/login' 13import { setAccessTokensToServers } from '../../utils/users/login'
@@ -478,6 +479,20 @@ describe('Test users', function () {
478 expect(user.videoQuota).to.equal(5 * 1024 * 1024) 479 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
479 }) 480 })
480 481
482 it('Should remove me', async function () {
483 {
484 const res = await getUsersList(server.url, server.accessToken)
485 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
486 }
487
488 await deleteMe(server.url, accessToken)
489
490 {
491 const res = await getUsersList(server.url, server.accessToken)
492 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
493 }
494 })
495
481 after(async function () { 496 after(async function () {
482 killallServers([ server ]) 497 killallServers([ server ])
483 498
diff --git a/server/tests/utils/users/users.ts b/server/tests/utils/users/users.ts
index 37b15f64a..e24e721bd 100644
--- a/server/tests/utils/users/users.ts
+++ b/server/tests/utils/users/users.ts
@@ -56,6 +56,16 @@ function getMyUserInformation (url: string, accessToken: string, specialStatus =
56 .expect('Content-Type', /json/) 56 .expect('Content-Type', /json/)
57} 57}
58 58
59function deleteMe (url: string, accessToken: string, specialStatus = 204) {
60 const path = '/api/v1/users/me'
61
62 return request(url)
63 .delete(path)
64 .set('Accept', 'application/json')
65 .set('Authorization', 'Bearer ' + accessToken)
66 .expect(specialStatus)
67}
68
59function getMyUserVideoQuotaUsed (url: string, accessToken: string, specialStatus = 200) { 69function getMyUserVideoQuotaUsed (url: string, accessToken: string, specialStatus = 200) {
60 const path = '/api/v1/users/me/video-quota-used' 70 const path = '/api/v1/users/me/video-quota-used'
61 71
@@ -216,6 +226,7 @@ export {
216 registerUser, 226 registerUser,
217 getMyUserInformation, 227 getMyUserInformation,
218 getMyUserVideoRating, 228 getMyUserVideoRating,
229 deleteMe,
219 getMyUserVideoQuotaUsed, 230 getMyUserVideoQuotaUsed,
220 getUsersList, 231 getUsersList,
221 getUsersListPaginationAndSort, 232 getUsersListPaginationAndSort,