diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/controllers/api/users.ts | 18 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 14 | ||||
-rw-r--r-- | server/tests/api/check-params/users.ts | 8 | ||||
-rw-r--r-- | server/tests/api/users/users.ts | 17 | ||||
-rw-r--r-- | server/tests/utils/users/users.ts | 11 |
5 files changed, 65 insertions, 3 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts index 36bf0e0fe..3d2586c3a 100644 --- a/server/controllers/api/users.ts +++ b/server/controllers/api/users.ts | |||
@@ -30,6 +30,7 @@ import { | |||
30 | usersVideoRatingValidator | 30 | usersVideoRatingValidator |
31 | } from '../../middlewares' | 31 | } from '../../middlewares' |
32 | import { | 32 | import { |
33 | deleteMeValidator, | ||
33 | usersAskResetPasswordValidator, | 34 | usersAskResetPasswordValidator, |
34 | usersResetPasswordValidator, | 35 | usersResetPasswordValidator, |
35 | videoImportsSortValidator, | 36 | videoImportsSortValidator, |
@@ -62,6 +63,11 @@ usersRouter.get('/me', | |||
62 | authenticate, | 63 | authenticate, |
63 | asyncMiddleware(getUserInformation) | 64 | asyncMiddleware(getUserInformation) |
64 | ) | 65 | ) |
66 | usersRouter.delete('/me', | ||
67 | authenticate, | ||
68 | asyncMiddleware(deleteMeValidator), | ||
69 | asyncMiddleware(deleteMe) | ||
70 | ) | ||
65 | 71 | ||
66 | usersRouter.get('/me/video-quota-used', | 72 | usersRouter.get('/me/video-quota-used', |
67 | authenticate, | 73 | authenticate, |
@@ -296,8 +302,18 @@ async function listUsers (req: express.Request, res: express.Response, next: exp | |||
296 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 302 | return res.json(getFormattedObjects(resultList.data, resultList.total)) |
297 | } | 303 | } |
298 | 304 | ||
305 | async function deleteMe (req: express.Request, res: express.Response) { | ||
306 | const user: UserModel = res.locals.oauth.token.User | ||
307 | |||
308 | await user.destroy() | ||
309 | |||
310 | auditLogger.delete(res.locals.oauth.token.User.Account.Actor.getIdentifier(), new UserAuditView(user.toFormattedJSON())) | ||
311 | |||
312 | return res.sendStatus(204) | ||
313 | } | ||
314 | |||
299 | async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 315 | async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
300 | const user = await UserModel.loadById(req.params.id) | 316 | const user: UserModel = res.locals.user |
301 | 317 | ||
302 | await user.destroy() | 318 | await user.destroy() |
303 | 319 | ||
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 8ca9763a1..3c207c81f 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -74,6 +74,19 @@ const usersRemoveValidator = [ | |||
74 | } | 74 | } |
75 | ] | 75 | ] |
76 | 76 | ||
77 | const deleteMeValidator = [ | ||
78 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
79 | const user: UserModel = res.locals.oauth.token.User | ||
80 | if (user.username === 'root') { | ||
81 | return res.status(400) | ||
82 | .send({ error: 'You cannot delete your root account.' }) | ||
83 | .end() | ||
84 | } | ||
85 | |||
86 | return next() | ||
87 | } | ||
88 | ] | ||
89 | |||
77 | const usersUpdateValidator = [ | 90 | const usersUpdateValidator = [ |
78 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), | 91 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), |
79 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), | 92 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), |
@@ -215,6 +228,7 @@ const usersResetPasswordValidator = [ | |||
215 | 228 | ||
216 | export { | 229 | export { |
217 | usersAddValidator, | 230 | usersAddValidator, |
231 | deleteMeValidator, | ||
218 | usersRegisterValidator, | 232 | usersRegisterValidator, |
219 | usersRemoveValidator, | 233 | usersRemoveValidator, |
220 | usersUpdateValidator, | 234 | usersUpdateValidator, |
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 62faabc54..60165ae22 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts | |||
@@ -8,7 +8,7 @@ import { UserRole, VideoImport, VideoImportState } from '../../../../shared' | |||
8 | import { | 8 | import { |
9 | createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest, | 9 | createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest, |
10 | makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers, | 10 | makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers, |
11 | updateUser, uploadVideo, userLogin | 11 | updateUser, uploadVideo, userLogin, deleteMe |
12 | } from '../../utils' | 12 | } from '../../utils' |
13 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' | 13 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' |
14 | import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../utils/videos/video-imports' | 14 | import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../utils/videos/video-imports' |
@@ -469,6 +469,12 @@ describe('Test users API validators', function () { | |||
469 | }) | 469 | }) |
470 | }) | 470 | }) |
471 | 471 | ||
472 | describe('When deleting our account', function () { | ||
473 | it('Should fail with with the root account', async function () { | ||
474 | await deleteMe(server.url, server.accessToken, 400) | ||
475 | }) | ||
476 | }) | ||
477 | |||
472 | describe('When register a new user', function () { | 478 | describe('When register a new user', function () { |
473 | const registrationPath = path + '/register' | 479 | const registrationPath = path + '/register' |
474 | const baseCorrectParams = { | 480 | const baseCorrectParams = { |
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index 1ea599859..c9e8eb6f9 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts | |||
@@ -6,7 +6,8 @@ import { UserRole } from '../../../../shared/index' | |||
6 | import { | 6 | import { |
7 | createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, | 7 | createUser, flushTests, getBlacklistedVideosList, getMyUserInformation, getMyUserVideoQuotaUsed, getMyUserVideoRating, |
8 | getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, | 8 | getUserInformation, getUsersList, getUsersListPaginationAndSort, getVideosList, killallServers, login, makePutBodyRequest, rateVideo, |
9 | registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin | 9 | registerUser, removeUser, removeVideo, runServer, ServerInfo, testImage, updateMyAvatar, updateMyUser, updateUser, uploadVideo, userLogin, |
10 | deleteMe | ||
10 | } from '../../utils/index' | 11 | } from '../../utils/index' |
11 | import { follow } from '../../utils/server/follows' | 12 | import { follow } from '../../utils/server/follows' |
12 | import { setAccessTokensToServers } from '../../utils/users/login' | 13 | import { setAccessTokensToServers } from '../../utils/users/login' |
@@ -478,6 +479,20 @@ describe('Test users', function () { | |||
478 | expect(user.videoQuota).to.equal(5 * 1024 * 1024) | 479 | expect(user.videoQuota).to.equal(5 * 1024 * 1024) |
479 | }) | 480 | }) |
480 | 481 | ||
482 | it('Should remove me', async function () { | ||
483 | { | ||
484 | const res = await getUsersList(server.url, server.accessToken) | ||
485 | expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined | ||
486 | } | ||
487 | |||
488 | await deleteMe(server.url, accessToken) | ||
489 | |||
490 | { | ||
491 | const res = await getUsersList(server.url, server.accessToken) | ||
492 | expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined | ||
493 | } | ||
494 | }) | ||
495 | |||
481 | after(async function () { | 496 | after(async function () { |
482 | killallServers([ server ]) | 497 | killallServers([ server ]) |
483 | 498 | ||
diff --git a/server/tests/utils/users/users.ts b/server/tests/utils/users/users.ts index 37b15f64a..e24e721bd 100644 --- a/server/tests/utils/users/users.ts +++ b/server/tests/utils/users/users.ts | |||
@@ -56,6 +56,16 @@ function getMyUserInformation (url: string, accessToken: string, specialStatus = | |||
56 | .expect('Content-Type', /json/) | 56 | .expect('Content-Type', /json/) |
57 | } | 57 | } |
58 | 58 | ||
59 | function deleteMe (url: string, accessToken: string, specialStatus = 204) { | ||
60 | const path = '/api/v1/users/me' | ||
61 | |||
62 | return request(url) | ||
63 | .delete(path) | ||
64 | .set('Accept', 'application/json') | ||
65 | .set('Authorization', 'Bearer ' + accessToken) | ||
66 | .expect(specialStatus) | ||
67 | } | ||
68 | |||
59 | function getMyUserVideoQuotaUsed (url: string, accessToken: string, specialStatus = 200) { | 69 | function getMyUserVideoQuotaUsed (url: string, accessToken: string, specialStatus = 200) { |
60 | const path = '/api/v1/users/me/video-quota-used' | 70 | const path = '/api/v1/users/me/video-quota-used' |
61 | 71 | ||
@@ -216,6 +226,7 @@ export { | |||
216 | registerUser, | 226 | registerUser, |
217 | getMyUserInformation, | 227 | getMyUserInformation, |
218 | getMyUserVideoRating, | 228 | getMyUserVideoRating, |
229 | deleteMe, | ||
219 | getMyUserVideoQuotaUsed, | 230 | getMyUserVideoQuotaUsed, |
220 | getUsersList, | 231 | getUsersList, |
221 | getUsersListPaginationAndSort, | 232 | getUsersListPaginationAndSort, |