diff options
Diffstat (limited to 'server')
-rw-r--r-- | server/controllers/api/users.ts | 30 | ||||
-rw-r--r-- | server/initializers/checker.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 61 | ||||
-rw-r--r-- | server/middlewares/validators/videos.ts | 9 | ||||
-rw-r--r-- | server/models/user/user.ts | 26 | ||||
-rw-r--r-- | server/tests/api/check-params/users.ts | 159 | ||||
-rw-r--r-- | server/tests/api/users.ts | 4 | ||||
-rw-r--r-- | server/tests/utils/users.ts | 2 |
8 files changed, 220 insertions, 73 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts index 6922661ae..1ecaaf93f 100644 --- a/server/controllers/api/users.ts +++ b/server/controllers/api/users.ts | |||
@@ -8,6 +8,7 @@ import { | |||
8 | ensureIsAdmin, | 8 | ensureIsAdmin, |
9 | ensureUserRegistrationAllowed, | 9 | ensureUserRegistrationAllowed, |
10 | usersAddValidator, | 10 | usersAddValidator, |
11 | usersRegisterValidator, | ||
11 | usersUpdateValidator, | 12 | usersUpdateValidator, |
12 | usersUpdateMeValidator, | 13 | usersUpdateMeValidator, |
13 | usersRemoveValidator, | 14 | usersRemoveValidator, |
@@ -25,6 +26,7 @@ import { | |||
25 | UserUpdate, | 26 | UserUpdate, |
26 | UserUpdateMe | 27 | UserUpdateMe |
27 | } from '../../../shared' | 28 | } from '../../../shared' |
29 | import { UserInstance } from '../../models' | ||
28 | 30 | ||
29 | const usersRouter = express.Router() | 31 | const usersRouter = express.Router() |
30 | 32 | ||
@@ -61,8 +63,8 @@ usersRouter.post('/', | |||
61 | 63 | ||
62 | usersRouter.post('/register', | 64 | usersRouter.post('/register', |
63 | ensureUserRegistrationAllowed, | 65 | ensureUserRegistrationAllowed, |
64 | usersAddValidator, | 66 | usersRegisterValidator, |
65 | createUser | 67 | registerUser |
66 | ) | 68 | ) |
67 | 69 | ||
68 | usersRouter.put('/me', | 70 | usersRouter.put('/me', |
@@ -99,11 +101,6 @@ export { | |||
99 | function createUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 101 | function createUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
100 | const body: UserCreate = req.body | 102 | const body: UserCreate = req.body |
101 | 103 | ||
102 | // On registration, we set the user video quota | ||
103 | if (body.videoQuota === undefined) { | ||
104 | body.videoQuota = CONFIG.USER.VIDEO_QUOTA | ||
105 | } | ||
106 | |||
107 | const user = db.User.build({ | 104 | const user = db.User.build({ |
108 | username: body.username, | 105 | username: body.username, |
109 | password: body.password, | 106 | password: body.password, |
@@ -118,6 +115,23 @@ function createUser (req: express.Request, res: express.Response, next: express. | |||
118 | .catch(err => next(err)) | 115 | .catch(err => next(err)) |
119 | } | 116 | } |
120 | 117 | ||
118 | function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
119 | const body: UserCreate = req.body | ||
120 | |||
121 | const user = db.User.build({ | ||
122 | username: body.username, | ||
123 | password: body.password, | ||
124 | email: body.email, | ||
125 | displayNSFW: false, | ||
126 | role: USER_ROLES.USER, | ||
127 | videoQuota: CONFIG.USER.VIDEO_QUOTA | ||
128 | }) | ||
129 | |||
130 | user.save() | ||
131 | .then(() => res.type('json').status(204).end()) | ||
132 | .catch(err => next(err)) | ||
133 | } | ||
134 | |||
121 | function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) { | 135 | function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) { |
122 | db.User.loadByUsername(res.locals.oauth.token.user.username) | 136 | db.User.loadByUsername(res.locals.oauth.token.user.username) |
123 | .then(user => res.json(user.toFormattedJSON())) | 137 | .then(user => res.json(user.toFormattedJSON())) |
@@ -180,7 +194,7 @@ function updateMe (req: express.Request, res: express.Response, next: express.Ne | |||
180 | 194 | ||
181 | function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { | 195 | function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { |
182 | const body: UserUpdate = req.body | 196 | const body: UserUpdate = req.body |
183 | const user = res.locals.user | 197 | const user: UserInstance = res.locals.user |
184 | 198 | ||
185 | if (body.email !== undefined) user.email = body.email | 199 | if (body.email !== undefined) user.email = body.email |
186 | if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota | 200 | if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota |
diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts index 97606ef31..eb9e9e280 100644 --- a/server/initializers/checker.ts +++ b/server/initializers/checker.ts | |||
@@ -22,7 +22,7 @@ function checkMissedConfig () { | |||
22 | 'webserver.https', 'webserver.hostname', 'webserver.port', | 22 | 'webserver.https', 'webserver.hostname', 'webserver.port', |
23 | 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', | 23 | 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', |
24 | 'storage.certs', 'storage.videos', 'storage.logs', 'storage.thumbnails', 'storage.previews', 'storage.torrents', 'storage.cache', | 24 | 'storage.certs', 'storage.videos', 'storage.logs', 'storage.thumbnails', 'storage.previews', 'storage.torrents', 'storage.cache', |
25 | 'cache.previews.size', 'admin.email', 'signup.enabled', 'signup.limit', 'transcoding.enabled', 'transcoding.threads' | 25 | 'cache.previews.size', 'admin.email', 'signup.enabled', 'signup.limit', 'transcoding.enabled', 'transcoding.threads', 'user.video_quota' |
26 | ] | 26 | ] |
27 | const miss: string[] = [] | 27 | const miss: string[] = [] |
28 | 28 | ||
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index ebb343535..aec6324bf 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -6,7 +6,7 @@ import * as validator from 'validator' | |||
6 | import { database as db } from '../../initializers/database' | 6 | import { database as db } from '../../initializers/database' |
7 | import { checkErrors } from './utils' | 7 | import { checkErrors } from './utils' |
8 | import { isSignupAllowed, logger } from '../../helpers' | 8 | import { isSignupAllowed, logger } from '../../helpers' |
9 | import { VideoInstance } from '../../models' | 9 | import { UserInstance, VideoInstance } from '../../models' |
10 | 10 | ||
11 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 11 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
12 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | 12 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() |
@@ -17,16 +17,19 @@ function usersAddValidator (req: express.Request, res: express.Response, next: e | |||
17 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) | 17 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) |
18 | 18 | ||
19 | checkErrors(req, res, () => { | 19 | checkErrors(req, res, () => { |
20 | db.User.loadByUsernameOrEmail(req.body.username, req.body.email) | 20 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) |
21 | .then(user => { | 21 | }) |
22 | if (user) return res.status(409).send('User already exists.') | 22 | } |
23 | 23 | ||
24 | next() | 24 | function usersRegisterValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
25 | }) | 25 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() |
26 | .catch(err => { | 26 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() |
27 | logger.error('Error in usersAdd request validator.', err) | 27 | req.checkBody('email', 'Should have a valid email').isEmail() |
28 | return res.sendStatus(500) | 28 | |
29 | }) | 29 | logger.debug('Checking usersRegister parameters', { parameters: req.body }) |
30 | |||
31 | checkErrors(req, res, () => { | ||
32 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) | ||
30 | }) | 33 | }) |
31 | } | 34 | } |
32 | 35 | ||
@@ -36,18 +39,16 @@ function usersRemoveValidator (req: express.Request, res: express.Response, next | |||
36 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | 39 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) |
37 | 40 | ||
38 | checkErrors(req, res, () => { | 41 | checkErrors(req, res, () => { |
39 | db.User.loadById(req.params.id) | 42 | checkUserExists(req.params.id, res, (err, user) => { |
40 | .then(user => { | 43 | if (err) { |
41 | if (!user) return res.status(404).send('User not found') | 44 | logger.error('Error in usersRemoveValidator.', err) |
45 | return res.sendStatus(500) | ||
46 | } | ||
42 | 47 | ||
43 | if (user.username === 'root') return res.status(400).send('Cannot remove the root user') | 48 | if (user.username === 'root') return res.status(400).send('Cannot remove the root user') |
44 | 49 | ||
45 | next() | 50 | next() |
46 | }) | 51 | }) |
47 | .catch(err => { | ||
48 | logger.error('Error in usersRemove request validator.', err) | ||
49 | return res.sendStatus(500) | ||
50 | }) | ||
51 | }) | 52 | }) |
52 | } | 53 | } |
53 | 54 | ||
@@ -69,7 +70,7 @@ function usersUpdateMeValidator (req: express.Request, res: express.Response, ne | |||
69 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() | 70 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() |
70 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() | 71 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() |
71 | 72 | ||
72 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | 73 | logger.debug('Checking usersUpdateMe parameters', { parameters: req.body }) |
73 | 74 | ||
74 | checkErrors(req, res, next) | 75 | checkErrors(req, res, next) |
75 | } | 76 | } |
@@ -123,6 +124,7 @@ function ensureUserRegistrationAllowed (req: express.Request, res: express.Respo | |||
123 | 124 | ||
124 | export { | 125 | export { |
125 | usersAddValidator, | 126 | usersAddValidator, |
127 | usersRegisterValidator, | ||
126 | usersRemoveValidator, | 128 | usersRemoveValidator, |
127 | usersUpdateValidator, | 129 | usersUpdateValidator, |
128 | usersUpdateMeValidator, | 130 | usersUpdateMeValidator, |
@@ -133,16 +135,29 @@ export { | |||
133 | 135 | ||
134 | // --------------------------------------------------------------------------- | 136 | // --------------------------------------------------------------------------- |
135 | 137 | ||
136 | function checkUserExists (id: number, res: express.Response, callback: () => void) { | 138 | function checkUserExists (id: number, res: express.Response, callback: (err: Error, user: UserInstance) => void) { |
137 | db.User.loadById(id) | 139 | db.User.loadById(id) |
138 | .then(user => { | 140 | .then(user => { |
139 | if (!user) return res.status(404).send('User not found') | 141 | if (!user) return res.status(404).send('User not found') |
140 | 142 | ||
141 | res.locals.user = user | 143 | res.locals.user = user |
142 | callback() | 144 | callback(null, user) |
143 | }) | 145 | }) |
144 | .catch(err => { | 146 | .catch(err => { |
145 | logger.error('Error in user request validator.', err) | 147 | logger.error('Error in user request validator.', err) |
146 | return res.sendStatus(500) | 148 | return res.sendStatus(500) |
147 | }) | 149 | }) |
148 | } | 150 | } |
151 | |||
152 | function checkUserDoesNotAlreadyExist (username: string, email: string, res: express.Response, callback: () => void) { | ||
153 | db.User.loadByUsernameOrEmail(username, email) | ||
154 | .then(user => { | ||
155 | if (user) return res.status(409).send('User already exists.') | ||
156 | |||
157 | callback() | ||
158 | }) | ||
159 | .catch(err => { | ||
160 | logger.error('Error in usersAdd request validator.', err) | ||
161 | return res.sendStatus(500) | ||
162 | }) | ||
163 | } | ||
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts index ba8c2d834..249da668d 100644 --- a/server/middlewares/validators/videos.ts +++ b/server/middlewares/validators/videos.ts | |||
@@ -36,6 +36,12 @@ function videosAddValidator (req: express.Request, res: express.Response, next: | |||
36 | } | 36 | } |
37 | 37 | ||
38 | return db.Video.getDurationFromFile(videoFile.path) | 38 | return db.Video.getDurationFromFile(videoFile.path) |
39 | .catch(err => { | ||
40 | logger.error('Invalid input file in videosAddValidator.', err) | ||
41 | res.status(400).send('Invalid input file.') | ||
42 | |||
43 | return undefined | ||
44 | }) | ||
39 | }) | 45 | }) |
40 | .then(duration => { | 46 | .then(duration => { |
41 | // Previous test failed, abort | 47 | // Previous test failed, abort |
@@ -51,7 +57,10 @@ function videosAddValidator (req: express.Request, res: express.Response, next: | |||
51 | .catch(err => { | 57 | .catch(err => { |
52 | logger.error('Error in video add validator', err) | 58 | logger.error('Error in video add validator', err) |
53 | res.sendStatus(500) | 59 | res.sendStatus(500) |
60 | |||
61 | return undefined | ||
54 | }) | 62 | }) |
63 | |||
55 | }) | 64 | }) |
56 | } | 65 | } |
57 | 66 | ||
diff --git a/server/models/user/user.ts b/server/models/user/user.ts index 9bf13ad24..79a595528 100644 --- a/server/models/user/user.ts +++ b/server/models/user/user.ts | |||
@@ -242,25 +242,26 @@ loadByUsernameOrEmail = function (username: string, email: string) { | |||
242 | // --------------------------------------------------------------------------- | 242 | // --------------------------------------------------------------------------- |
243 | 243 | ||
244 | function getOriginalVideoFileTotalFromUser (user: UserInstance) { | 244 | function getOriginalVideoFileTotalFromUser (user: UserInstance) { |
245 | // attributes = [] because we don't want other fields than the sum | ||
245 | const query = { | 246 | const query = { |
246 | attributes: [ | ||
247 | Sequelize.fn('COUNT', Sequelize.col('User.Author.Video.VideoFile.size'), 'totalVideoBytes') | ||
248 | ], | ||
249 | where: { | 247 | where: { |
250 | id: user.id | 248 | resolution: 0 // Original, TODO: improve readability |
251 | }, | 249 | }, |
252 | include: [ | 250 | include: [ |
253 | { | 251 | { |
254 | model: User['sequelize'].models.Author, | 252 | attributes: [], |
255 | required: true, | 253 | model: User['sequelize'].models.Video, |
256 | include: [ | 254 | include: [ |
257 | { | 255 | { |
258 | model: User['sequelize'].models.Video, | 256 | attributes: [], |
259 | required: true, | 257 | model: User['sequelize'].models.Author, |
260 | include: [ | 258 | include: [ |
261 | { | 259 | { |
262 | model: User['sequelize'].models.VideoFile, | 260 | attributes: [], |
263 | required: true | 261 | model: User['sequelize'].models.User, |
262 | where: { | ||
263 | id: user.id | ||
264 | } | ||
264 | } | 265 | } |
265 | ] | 266 | ] |
266 | } | 267 | } |
@@ -269,8 +270,5 @@ function getOriginalVideoFileTotalFromUser (user: UserInstance) { | |||
269 | ] | 270 | ] |
270 | } | 271 | } |
271 | 272 | ||
272 | // FIXME: cast to any because of bad typing... | 273 | return User['sequelize'].models.VideoFile.sum('size', query) |
273 | return User.findAll(query).then((res: any) => { | ||
274 | return res.totalVideoBytes | ||
275 | }) | ||
276 | } | 274 | } |
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 643a82afd..ef78c8262 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts | |||
@@ -43,7 +43,8 @@ describe('Test users API validators', function () { | |||
43 | 43 | ||
44 | const username = 'user1' | 44 | const username = 'user1' |
45 | const password = 'my super password' | 45 | const password = 'my super password' |
46 | await createUser(server.url, server.accessToken, username, password) | 46 | const videoQuota = 42000000 |
47 | await createUser(server.url, server.accessToken, username, password, videoQuota) | ||
47 | 48 | ||
48 | const videoAttributes = {} | 49 | const videoAttributes = {} |
49 | await uploadVideo(server.url, server.accessToken, videoAttributes) | 50 | await uploadVideo(server.url, server.accessToken, videoAttributes) |
@@ -90,7 +91,8 @@ describe('Test users API validators', function () { | |||
90 | const fields = { | 91 | const fields = { |
91 | username: 'ji', | 92 | username: 'ji', |
92 | email: 'test@example.com', | 93 | email: 'test@example.com', |
93 | password: 'my_super_password' | 94 | password: 'my_super_password', |
95 | videoQuota: 42000000 | ||
94 | } | 96 | } |
95 | 97 | ||
96 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 98 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -100,7 +102,8 @@ describe('Test users API validators', function () { | |||
100 | const fields = { | 102 | const fields = { |
101 | username: 'my_super_username_which_is_very_long', | 103 | username: 'my_super_username_which_is_very_long', |
102 | email: 'test@example.com', | 104 | email: 'test@example.com', |
103 | password: 'my_super_password' | 105 | password: 'my_super_password', |
106 | videoQuota: 42000000 | ||
104 | } | 107 | } |
105 | 108 | ||
106 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 109 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -110,7 +113,8 @@ describe('Test users API validators', function () { | |||
110 | const fields = { | 113 | const fields = { |
111 | username: 'my username', | 114 | username: 'my username', |
112 | email: 'test@example.com', | 115 | email: 'test@example.com', |
113 | password: 'my_super_password' | 116 | password: 'my_super_password', |
117 | videoQuota: 42000000 | ||
114 | } | 118 | } |
115 | 119 | ||
116 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 120 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -119,7 +123,8 @@ describe('Test users API validators', function () { | |||
119 | it('Should fail with a missing email', async function () { | 123 | it('Should fail with a missing email', async function () { |
120 | const fields = { | 124 | const fields = { |
121 | username: 'ji', | 125 | username: 'ji', |
122 | password: 'my_super_password' | 126 | password: 'my_super_password', |
127 | videoQuota: 42000000 | ||
123 | } | 128 | } |
124 | 129 | ||
125 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 130 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -129,7 +134,8 @@ describe('Test users API validators', function () { | |||
129 | const fields = { | 134 | const fields = { |
130 | username: 'my_super_username_which_is_very_long', | 135 | username: 'my_super_username_which_is_very_long', |
131 | email: 'test_example.com', | 136 | email: 'test_example.com', |
132 | password: 'my_super_password' | 137 | password: 'my_super_password', |
138 | videoQuota: 42000000 | ||
133 | } | 139 | } |
134 | 140 | ||
135 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 141 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -139,7 +145,8 @@ describe('Test users API validators', function () { | |||
139 | const fields = { | 145 | const fields = { |
140 | username: 'my_username', | 146 | username: 'my_username', |
141 | email: 'test@example.com', | 147 | email: 'test@example.com', |
142 | password: 'bla' | 148 | password: 'bla', |
149 | videoQuota: 42000000 | ||
143 | } | 150 | } |
144 | 151 | ||
145 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 152 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -151,7 +158,8 @@ describe('Test users API validators', function () { | |||
151 | email: 'test@example.com', | 158 | email: 'test@example.com', |
152 | password: 'my super long password which is very very very very very very very very very very very very very very' + | 159 | password: 'my super long password which is very very very very very very very very very very very very very very' + |
153 | 'very very very very very very very very very very very very very very very veryv very very very very' + | 160 | 'very very very very very very very very very very very very very very very veryv very very very very' + |
154 | 'very very very very very very very very very very very very very very very very very very very very long' | 161 | 'very very very very very very very very very very very very very very very very very very very very long', |
162 | videoQuota: 42000000 | ||
155 | } | 163 | } |
156 | 164 | ||
157 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 165 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
@@ -161,7 +169,8 @@ describe('Test users API validators', function () { | |||
161 | const fields = { | 169 | const fields = { |
162 | username: 'my_username', | 170 | username: 'my_username', |
163 | email: 'test@example.com', | 171 | email: 'test@example.com', |
164 | password: 'my super password' | 172 | password: 'my super password', |
173 | videoQuota: 42000000 | ||
165 | } | 174 | } |
166 | 175 | ||
167 | await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) | 176 | await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) |
@@ -171,7 +180,8 @@ describe('Test users API validators', function () { | |||
171 | const fields = { | 180 | const fields = { |
172 | username: 'user1', | 181 | username: 'user1', |
173 | email: 'test@example.com', | 182 | email: 'test@example.com', |
174 | password: 'my super password' | 183 | password: 'my super password', |
184 | videoQuota: 42000000 | ||
175 | } | 185 | } |
176 | 186 | ||
177 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | 187 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) |
@@ -181,17 +191,40 @@ describe('Test users API validators', function () { | |||
181 | const fields = { | 191 | const fields = { |
182 | username: 'my_username', | 192 | username: 'my_username', |
183 | email: 'user1@example.com', | 193 | email: 'user1@example.com', |
184 | password: 'my super password' | 194 | password: 'my super password', |
195 | videoQuota: 42000000 | ||
185 | } | 196 | } |
186 | 197 | ||
187 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | 198 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) |
188 | }) | 199 | }) |
189 | 200 | ||
201 | it('Should fail without a videoQuota', async function () { | ||
202 | const fields = { | ||
203 | username: 'my_username', | ||
204 | email: 'user1@example.com', | ||
205 | password: 'my super password' | ||
206 | } | ||
207 | |||
208 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
209 | }) | ||
210 | |||
211 | it('Should fail with an invalid videoQuota', async function () { | ||
212 | const fields = { | ||
213 | username: 'my_username', | ||
214 | email: 'user1@example.com', | ||
215 | password: 'my super password', | ||
216 | videoQuota: -5 | ||
217 | } | ||
218 | |||
219 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
220 | }) | ||
221 | |||
190 | it('Should succeed with the correct params', async function () { | 222 | it('Should succeed with the correct params', async function () { |
191 | const fields = { | 223 | const fields = { |
192 | username: 'user2', | 224 | username: 'user2', |
193 | email: 'test@example.com', | 225 | email: 'test@example.com', |
194 | password: 'my super password' | 226 | password: 'my super password', |
227 | videoQuota: -1 | ||
195 | } | 228 | } |
196 | 229 | ||
197 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | 230 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) |
@@ -208,18 +241,20 @@ describe('Test users API validators', function () { | |||
208 | const fields = { | 241 | const fields = { |
209 | username: 'user3', | 242 | username: 'user3', |
210 | email: 'test@example.com', | 243 | email: 'test@example.com', |
211 | password: 'my super password' | 244 | password: 'my super password', |
245 | videoQuota: 42000000 | ||
212 | } | 246 | } |
213 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | 247 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) |
214 | }) | 248 | }) |
215 | }) | 249 | }) |
216 | 250 | ||
217 | describe('When updating a user', function () { | 251 | describe('When updating my account', function () { |
218 | before(async function () { | 252 | it('Should fail with an invalid email attribute', async function () { |
219 | const res = await getUsersList(server.url) | 253 | const fields = { |
254 | email: 'blabla' | ||
255 | } | ||
220 | 256 | ||
221 | userId = res.body.data[1].id | 257 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) |
222 | rootId = res.body.data[2].id | ||
223 | }) | 258 | }) |
224 | 259 | ||
225 | it('Should fail with a too small password', async function () { | 260 | it('Should fail with a too small password', async function () { |
@@ -227,7 +262,7 @@ describe('Test users API validators', function () { | |||
227 | password: 'bla' | 262 | password: 'bla' |
228 | } | 263 | } |
229 | 264 | ||
230 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | 265 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
231 | }) | 266 | }) |
232 | 267 | ||
233 | it('Should fail with a too long password', async function () { | 268 | it('Should fail with a too long password', async function () { |
@@ -237,7 +272,7 @@ describe('Test users API validators', function () { | |||
237 | 'very very very very very very very very very very very very very very very very very very very very long' | 272 | 'very very very very very very very very very very very very very very very very very very very very long' |
238 | } | 273 | } |
239 | 274 | ||
240 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | 275 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
241 | }) | 276 | }) |
242 | 277 | ||
243 | it('Should fail with an invalid display NSFW attribute', async function () { | 278 | it('Should fail with an invalid display NSFW attribute', async function () { |
@@ -245,7 +280,7 @@ describe('Test users API validators', function () { | |||
245 | displayNSFW: -1 | 280 | displayNSFW: -1 |
246 | } | 281 | } |
247 | 282 | ||
248 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | 283 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
249 | }) | 284 | }) |
250 | 285 | ||
251 | it('Should fail with an non authenticated user', async function () { | 286 | it('Should fail with an non authenticated user', async function () { |
@@ -253,16 +288,60 @@ describe('Test users API validators', function () { | |||
253 | password: 'my super password' | 288 | password: 'my super password' |
254 | } | 289 | } |
255 | 290 | ||
256 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | 291 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) |
257 | }) | 292 | }) |
258 | 293 | ||
259 | it('Should succeed with the correct params', async function () { | 294 | it('Should succeed with the correct params', async function () { |
260 | const fields = { | 295 | const fields = { |
261 | password: 'my super password', | 296 | password: 'my super password', |
262 | displayNSFW: true | 297 | displayNSFW: true, |
298 | email: 'super_email@example.com' | ||
263 | } | 299 | } |
264 | 300 | ||
265 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields, statusCodeExpected: 204 }) | 301 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) |
302 | }) | ||
303 | }) | ||
304 | |||
305 | describe('When updating a user', function () { | ||
306 | |||
307 | before(async function () { | ||
308 | const res = await getUsersList(server.url) | ||
309 | |||
310 | userId = res.body.data[1].id | ||
311 | rootId = res.body.data[2].id | ||
312 | }) | ||
313 | |||
314 | it('Should fail with an invalid email attribute', async function () { | ||
315 | const fields = { | ||
316 | email: 'blabla' | ||
317 | } | ||
318 | |||
319 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | ||
320 | }) | ||
321 | |||
322 | it('Should fail with an invalid videoQuota attribute', async function () { | ||
323 | const fields = { | ||
324 | videoQuota: -90 | ||
325 | } | ||
326 | |||
327 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | ||
328 | }) | ||
329 | |||
330 | it('Should fail with an non authenticated user', async function () { | ||
331 | const fields = { | ||
332 | videoQuota: 42 | ||
333 | } | ||
334 | |||
335 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | ||
336 | }) | ||
337 | |||
338 | it('Should succeed with the correct params', async function () { | ||
339 | const fields = { | ||
340 | email: 'email@example.com', | ||
341 | videoQuota: 42 | ||
342 | } | ||
343 | |||
344 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) | ||
266 | }) | 345 | }) |
267 | }) | 346 | }) |
268 | 347 | ||
@@ -491,6 +570,38 @@ describe('Test users API validators', function () { | |||
491 | }) | 570 | }) |
492 | }) | 571 | }) |
493 | 572 | ||
573 | describe('When having a video quota', function () { | ||
574 | it('Should fail with a user having too many video', async function () { | ||
575 | const fields = { | ||
576 | videoQuota: 42 | ||
577 | } | ||
578 | |||
579 | await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 }) | ||
580 | |||
581 | const videoAttributes = {} | ||
582 | await uploadVideo(server.url, server.accessToken, videoAttributes, 403) | ||
583 | }) | ||
584 | |||
585 | it('Should fail with a registered user having too many video', async function () { | ||
586 | this.timeout(10000) | ||
587 | |||
588 | server.user = { | ||
589 | username: 'user3', | ||
590 | email: 'test3@example.com', | ||
591 | password: 'my super password' | ||
592 | } | ||
593 | userAccessToken = await loginAndGetAccessToken(server) | ||
594 | |||
595 | const videoAttributes = { fixture: 'video_short2.webm' } | ||
596 | await uploadVideo(server.url, userAccessToken, videoAttributes) | ||
597 | await uploadVideo(server.url, userAccessToken, videoAttributes) | ||
598 | await uploadVideo(server.url, userAccessToken, videoAttributes) | ||
599 | await uploadVideo(server.url, userAccessToken, videoAttributes) | ||
600 | await uploadVideo(server.url, userAccessToken, videoAttributes) | ||
601 | await uploadVideo(server.url, userAccessToken, videoAttributes, 403) | ||
602 | }) | ||
603 | }) | ||
604 | |||
494 | after(async function () { | 605 | after(async function () { |
495 | killallServers([ server, serverWithRegistrationDisabled ]) | 606 | killallServers([ server, serverWithRegistrationDisabled ]) |
496 | 607 | ||
diff --git a/server/tests/api/users.ts b/server/tests/api/users.ts index 104d783bb..04c68d4ea 100644 --- a/server/tests/api/users.ts +++ b/server/tests/api/users.ts | |||
@@ -319,9 +319,9 @@ describe('Test users', function () { | |||
319 | }) | 319 | }) |
320 | 320 | ||
321 | it('Should be able to update another user', async function () { | 321 | it('Should be able to update another user', async function () { |
322 | await updateUser(server.url, userId, server.accessToken, 'updated2@example.com', 42 ) | 322 | await updateUser(server.url, userId, accessToken, 'updated2@example.com', 42) |
323 | 323 | ||
324 | const res = await getUserInformation(server.url, server.accessToken, userId) | 324 | const res = await getUserInformation(server.url, accessToken, userId) |
325 | const user = res.body | 325 | const user = res.body |
326 | 326 | ||
327 | expect(user.username).to.equal('user_1') | 327 | expect(user.username).to.equal('user_1') |
diff --git a/server/tests/utils/users.ts b/server/tests/utils/users.ts index 1c3f6826e..e5f3eb1b3 100644 --- a/server/tests/utils/users.ts +++ b/server/tests/utils/users.ts | |||
@@ -118,7 +118,7 @@ function updateUser (url: string, userId: number, accessToken: string, email: st | |||
118 | const path = '/api/v1/users/' + userId | 118 | const path = '/api/v1/users/' + userId |
119 | 119 | ||
120 | const toSend = {} | 120 | const toSend = {} |
121 | if (email !== undefined && email !== null) toSend['password'] = email | 121 | if (email !== undefined && email !== null) toSend['email'] = email |
122 | if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota | 122 | if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota |
123 | 123 | ||
124 | return request(url) | 124 | return request(url) |