aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users.ts30
-rw-r--r--server/initializers/checker.ts2
-rw-r--r--server/middlewares/validators/users.ts61
-rw-r--r--server/middlewares/validators/videos.ts9
-rw-r--r--server/models/user/user.ts26
-rw-r--r--server/tests/api/check-params/users.ts159
-rw-r--r--server/tests/api/users.ts4
-rw-r--r--server/tests/utils/users.ts2
8 files changed, 220 insertions, 73 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 6922661ae..1ecaaf93f 100644
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -8,6 +8,7 @@ import {
8 ensureIsAdmin, 8 ensureIsAdmin,
9 ensureUserRegistrationAllowed, 9 ensureUserRegistrationAllowed,
10 usersAddValidator, 10 usersAddValidator,
11 usersRegisterValidator,
11 usersUpdateValidator, 12 usersUpdateValidator,
12 usersUpdateMeValidator, 13 usersUpdateMeValidator,
13 usersRemoveValidator, 14 usersRemoveValidator,
@@ -25,6 +26,7 @@ import {
25 UserUpdate, 26 UserUpdate,
26 UserUpdateMe 27 UserUpdateMe
27} from '../../../shared' 28} from '../../../shared'
29import { UserInstance } from '../../models'
28 30
29const usersRouter = express.Router() 31const usersRouter = express.Router()
30 32
@@ -61,8 +63,8 @@ usersRouter.post('/',
61 63
62usersRouter.post('/register', 64usersRouter.post('/register',
63 ensureUserRegistrationAllowed, 65 ensureUserRegistrationAllowed,
64 usersAddValidator, 66 usersRegisterValidator,
65 createUser 67 registerUser
66) 68)
67 69
68usersRouter.put('/me', 70usersRouter.put('/me',
@@ -99,11 +101,6 @@ export {
99function createUser (req: express.Request, res: express.Response, next: express.NextFunction) { 101function createUser (req: express.Request, res: express.Response, next: express.NextFunction) {
100 const body: UserCreate = req.body 102 const body: UserCreate = req.body
101 103
102 // On registration, we set the user video quota
103 if (body.videoQuota === undefined) {
104 body.videoQuota = CONFIG.USER.VIDEO_QUOTA
105 }
106
107 const user = db.User.build({ 104 const user = db.User.build({
108 username: body.username, 105 username: body.username,
109 password: body.password, 106 password: body.password,
@@ -118,6 +115,23 @@ function createUser (req: express.Request, res: express.Response, next: express.
118 .catch(err => next(err)) 115 .catch(err => next(err))
119} 116}
120 117
118function registerUser (req: express.Request, res: express.Response, next: express.NextFunction) {
119 const body: UserCreate = req.body
120
121 const user = db.User.build({
122 username: body.username,
123 password: body.password,
124 email: body.email,
125 displayNSFW: false,
126 role: USER_ROLES.USER,
127 videoQuota: CONFIG.USER.VIDEO_QUOTA
128 })
129
130 user.save()
131 .then(() => res.type('json').status(204).end())
132 .catch(err => next(err))
133}
134
121function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) { 135function getUserInformation (req: express.Request, res: express.Response, next: express.NextFunction) {
122 db.User.loadByUsername(res.locals.oauth.token.user.username) 136 db.User.loadByUsername(res.locals.oauth.token.user.username)
123 .then(user => res.json(user.toFormattedJSON())) 137 .then(user => res.json(user.toFormattedJSON()))
@@ -180,7 +194,7 @@ function updateMe (req: express.Request, res: express.Response, next: express.Ne
180 194
181function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) { 195function updateUser (req: express.Request, res: express.Response, next: express.NextFunction) {
182 const body: UserUpdate = req.body 196 const body: UserUpdate = req.body
183 const user = res.locals.user 197 const user: UserInstance = res.locals.user
184 198
185 if (body.email !== undefined) user.email = body.email 199 if (body.email !== undefined) user.email = body.email
186 if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota 200 if (body.videoQuota !== undefined) user.videoQuota = body.videoQuota
diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts
index 97606ef31..eb9e9e280 100644
--- a/server/initializers/checker.ts
+++ b/server/initializers/checker.ts
@@ -22,7 +22,7 @@ function checkMissedConfig () {
22 'webserver.https', 'webserver.hostname', 'webserver.port', 22 'webserver.https', 'webserver.hostname', 'webserver.port',
23 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', 23 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password',
24 'storage.certs', 'storage.videos', 'storage.logs', 'storage.thumbnails', 'storage.previews', 'storage.torrents', 'storage.cache', 24 'storage.certs', 'storage.videos', 'storage.logs', 'storage.thumbnails', 'storage.previews', 'storage.torrents', 'storage.cache',
25 'cache.previews.size', 'admin.email', 'signup.enabled', 'signup.limit', 'transcoding.enabled', 'transcoding.threads' 25 'cache.previews.size', 'admin.email', 'signup.enabled', 'signup.limit', 'transcoding.enabled', 'transcoding.threads', 'user.video_quota'
26 ] 26 ]
27 const miss: string[] = [] 27 const miss: string[] = []
28 28
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index ebb343535..aec6324bf 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -6,7 +6,7 @@ import * as validator from 'validator'
6import { database as db } from '../../initializers/database' 6import { database as db } from '../../initializers/database'
7import { checkErrors } from './utils' 7import { checkErrors } from './utils'
8import { isSignupAllowed, logger } from '../../helpers' 8import { isSignupAllowed, logger } from '../../helpers'
9import { VideoInstance } from '../../models' 9import { UserInstance, VideoInstance } from '../../models'
10 10
11function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { 11function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
12 req.checkBody('username', 'Should have a valid username').isUserUsernameValid() 12 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
@@ -17,16 +17,19 @@ function usersAddValidator (req: express.Request, res: express.Response, next: e
17 logger.debug('Checking usersAdd parameters', { parameters: req.body }) 17 logger.debug('Checking usersAdd parameters', { parameters: req.body })
18 18
19 checkErrors(req, res, () => { 19 checkErrors(req, res, () => {
20 db.User.loadByUsernameOrEmail(req.body.username, req.body.email) 20 checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next)
21 .then(user => { 21 })
22 if (user) return res.status(409).send('User already exists.') 22}
23 23
24 next() 24function usersRegisterValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
25 }) 25 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
26 .catch(err => { 26 req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
27 logger.error('Error in usersAdd request validator.', err) 27 req.checkBody('email', 'Should have a valid email').isEmail()
28 return res.sendStatus(500) 28
29 }) 29 logger.debug('Checking usersRegister parameters', { parameters: req.body })
30
31 checkErrors(req, res, () => {
32 checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next)
30 }) 33 })
31} 34}
32 35
@@ -36,18 +39,16 @@ function usersRemoveValidator (req: express.Request, res: express.Response, next
36 logger.debug('Checking usersRemove parameters', { parameters: req.params }) 39 logger.debug('Checking usersRemove parameters', { parameters: req.params })
37 40
38 checkErrors(req, res, () => { 41 checkErrors(req, res, () => {
39 db.User.loadById(req.params.id) 42 checkUserExists(req.params.id, res, (err, user) => {
40 .then(user => { 43 if (err) {
41 if (!user) return res.status(404).send('User not found') 44 logger.error('Error in usersRemoveValidator.', err)
45 return res.sendStatus(500)
46 }
42 47
43 if (user.username === 'root') return res.status(400).send('Cannot remove the root user') 48 if (user.username === 'root') return res.status(400).send('Cannot remove the root user')
44 49
45 next() 50 next()
46 }) 51 })
47 .catch(err => {
48 logger.error('Error in usersRemove request validator.', err)
49 return res.sendStatus(500)
50 })
51 }) 52 })
52} 53}
53 54
@@ -69,7 +70,7 @@ function usersUpdateMeValidator (req: express.Request, res: express.Response, ne
69 req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() 70 req.checkBody('email', 'Should have a valid email attribute').optional().isEmail()
70 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() 71 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
71 72
72 logger.debug('Checking usersUpdate parameters', { parameters: req.body }) 73 logger.debug('Checking usersUpdateMe parameters', { parameters: req.body })
73 74
74 checkErrors(req, res, next) 75 checkErrors(req, res, next)
75} 76}
@@ -123,6 +124,7 @@ function ensureUserRegistrationAllowed (req: express.Request, res: express.Respo
123 124
124export { 125export {
125 usersAddValidator, 126 usersAddValidator,
127 usersRegisterValidator,
126 usersRemoveValidator, 128 usersRemoveValidator,
127 usersUpdateValidator, 129 usersUpdateValidator,
128 usersUpdateMeValidator, 130 usersUpdateMeValidator,
@@ -133,16 +135,29 @@ export {
133 135
134// --------------------------------------------------------------------------- 136// ---------------------------------------------------------------------------
135 137
136function checkUserExists (id: number, res: express.Response, callback: () => void) { 138function checkUserExists (id: number, res: express.Response, callback: (err: Error, user: UserInstance) => void) {
137 db.User.loadById(id) 139 db.User.loadById(id)
138 .then(user => { 140 .then(user => {
139 if (!user) return res.status(404).send('User not found') 141 if (!user) return res.status(404).send('User not found')
140 142
141 res.locals.user = user 143 res.locals.user = user
142 callback() 144 callback(null, user)
143 }) 145 })
144 .catch(err => { 146 .catch(err => {
145 logger.error('Error in user request validator.', err) 147 logger.error('Error in user request validator.', err)
146 return res.sendStatus(500) 148 return res.sendStatus(500)
147 }) 149 })
148} 150}
151
152function checkUserDoesNotAlreadyExist (username: string, email: string, res: express.Response, callback: () => void) {
153 db.User.loadByUsernameOrEmail(username, email)
154 .then(user => {
155 if (user) return res.status(409).send('User already exists.')
156
157 callback()
158 })
159 .catch(err => {
160 logger.error('Error in usersAdd request validator.', err)
161 return res.sendStatus(500)
162 })
163}
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index ba8c2d834..249da668d 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -36,6 +36,12 @@ function videosAddValidator (req: express.Request, res: express.Response, next:
36 } 36 }
37 37
38 return db.Video.getDurationFromFile(videoFile.path) 38 return db.Video.getDurationFromFile(videoFile.path)
39 .catch(err => {
40 logger.error('Invalid input file in videosAddValidator.', err)
41 res.status(400).send('Invalid input file.')
42
43 return undefined
44 })
39 }) 45 })
40 .then(duration => { 46 .then(duration => {
41 // Previous test failed, abort 47 // Previous test failed, abort
@@ -51,7 +57,10 @@ function videosAddValidator (req: express.Request, res: express.Response, next:
51 .catch(err => { 57 .catch(err => {
52 logger.error('Error in video add validator', err) 58 logger.error('Error in video add validator', err)
53 res.sendStatus(500) 59 res.sendStatus(500)
60
61 return undefined
54 }) 62 })
63
55 }) 64 })
56} 65}
57 66
diff --git a/server/models/user/user.ts b/server/models/user/user.ts
index 9bf13ad24..79a595528 100644
--- a/server/models/user/user.ts
+++ b/server/models/user/user.ts
@@ -242,25 +242,26 @@ loadByUsernameOrEmail = function (username: string, email: string) {
242// --------------------------------------------------------------------------- 242// ---------------------------------------------------------------------------
243 243
244function getOriginalVideoFileTotalFromUser (user: UserInstance) { 244function getOriginalVideoFileTotalFromUser (user: UserInstance) {
245 // attributes = [] because we don't want other fields than the sum
245 const query = { 246 const query = {
246 attributes: [
247 Sequelize.fn('COUNT', Sequelize.col('User.Author.Video.VideoFile.size'), 'totalVideoBytes')
248 ],
249 where: { 247 where: {
250 id: user.id 248 resolution: 0 // Original, TODO: improve readability
251 }, 249 },
252 include: [ 250 include: [
253 { 251 {
254 model: User['sequelize'].models.Author, 252 attributes: [],
255 required: true, 253 model: User['sequelize'].models.Video,
256 include: [ 254 include: [
257 { 255 {
258 model: User['sequelize'].models.Video, 256 attributes: [],
259 required: true, 257 model: User['sequelize'].models.Author,
260 include: [ 258 include: [
261 { 259 {
262 model: User['sequelize'].models.VideoFile, 260 attributes: [],
263 required: true 261 model: User['sequelize'].models.User,
262 where: {
263 id: user.id
264 }
264 } 265 }
265 ] 266 ]
266 } 267 }
@@ -269,8 +270,5 @@ function getOriginalVideoFileTotalFromUser (user: UserInstance) {
269 ] 270 ]
270 } 271 }
271 272
272 // FIXME: cast to any because of bad typing... 273 return User['sequelize'].models.VideoFile.sum('size', query)
273 return User.findAll(query).then((res: any) => {
274 return res.totalVideoBytes
275 })
276} 274}
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 643a82afd..ef78c8262 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -43,7 +43,8 @@ describe('Test users API validators', function () {
43 43
44 const username = 'user1' 44 const username = 'user1'
45 const password = 'my super password' 45 const password = 'my super password'
46 await createUser(server.url, server.accessToken, username, password) 46 const videoQuota = 42000000
47 await createUser(server.url, server.accessToken, username, password, videoQuota)
47 48
48 const videoAttributes = {} 49 const videoAttributes = {}
49 await uploadVideo(server.url, server.accessToken, videoAttributes) 50 await uploadVideo(server.url, server.accessToken, videoAttributes)
@@ -90,7 +91,8 @@ describe('Test users API validators', function () {
90 const fields = { 91 const fields = {
91 username: 'ji', 92 username: 'ji',
92 email: 'test@example.com', 93 email: 'test@example.com',
93 password: 'my_super_password' 94 password: 'my_super_password',
95 videoQuota: 42000000
94 } 96 }
95 97
96 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 98 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -100,7 +102,8 @@ describe('Test users API validators', function () {
100 const fields = { 102 const fields = {
101 username: 'my_super_username_which_is_very_long', 103 username: 'my_super_username_which_is_very_long',
102 email: 'test@example.com', 104 email: 'test@example.com',
103 password: 'my_super_password' 105 password: 'my_super_password',
106 videoQuota: 42000000
104 } 107 }
105 108
106 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -110,7 +113,8 @@ describe('Test users API validators', function () {
110 const fields = { 113 const fields = {
111 username: 'my username', 114 username: 'my username',
112 email: 'test@example.com', 115 email: 'test@example.com',
113 password: 'my_super_password' 116 password: 'my_super_password',
117 videoQuota: 42000000
114 } 118 }
115 119
116 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 120 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -119,7 +123,8 @@ describe('Test users API validators', function () {
119 it('Should fail with a missing email', async function () { 123 it('Should fail with a missing email', async function () {
120 const fields = { 124 const fields = {
121 username: 'ji', 125 username: 'ji',
122 password: 'my_super_password' 126 password: 'my_super_password',
127 videoQuota: 42000000
123 } 128 }
124 129
125 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 130 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -129,7 +134,8 @@ describe('Test users API validators', function () {
129 const fields = { 134 const fields = {
130 username: 'my_super_username_which_is_very_long', 135 username: 'my_super_username_which_is_very_long',
131 email: 'test_example.com', 136 email: 'test_example.com',
132 password: 'my_super_password' 137 password: 'my_super_password',
138 videoQuota: 42000000
133 } 139 }
134 140
135 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 141 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -139,7 +145,8 @@ describe('Test users API validators', function () {
139 const fields = { 145 const fields = {
140 username: 'my_username', 146 username: 'my_username',
141 email: 'test@example.com', 147 email: 'test@example.com',
142 password: 'bla' 148 password: 'bla',
149 videoQuota: 42000000
143 } 150 }
144 151
145 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 152 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -151,7 +158,8 @@ describe('Test users API validators', function () {
151 email: 'test@example.com', 158 email: 'test@example.com',
152 password: 'my super long password which is very very very very very very very very very very very very very very' + 159 password: 'my super long password which is very very very very very very very very very very very very very very' +
153 'very very very very very very very very very very very very very very very veryv very very very very' + 160 'very very very very very very very very very very very very very very very veryv very very very very' +
154 'very very very very very very very very very very very very very very very very very very very very long' 161 'very very very very very very very very very very very very very very very very very very very very long',
162 videoQuota: 42000000
155 } 163 }
156 164
157 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 165 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
@@ -161,7 +169,8 @@ describe('Test users API validators', function () {
161 const fields = { 169 const fields = {
162 username: 'my_username', 170 username: 'my_username',
163 email: 'test@example.com', 171 email: 'test@example.com',
164 password: 'my super password' 172 password: 'my super password',
173 videoQuota: 42000000
165 } 174 }
166 175
167 await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) 176 await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
@@ -171,7 +180,8 @@ describe('Test users API validators', function () {
171 const fields = { 180 const fields = {
172 username: 'user1', 181 username: 'user1',
173 email: 'test@example.com', 182 email: 'test@example.com',
174 password: 'my super password' 183 password: 'my super password',
184 videoQuota: 42000000
175 } 185 }
176 186
177 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) 187 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
@@ -181,17 +191,40 @@ describe('Test users API validators', function () {
181 const fields = { 191 const fields = {
182 username: 'my_username', 192 username: 'my_username',
183 email: 'user1@example.com', 193 email: 'user1@example.com',
184 password: 'my super password' 194 password: 'my super password',
195 videoQuota: 42000000
185 } 196 }
186 197
187 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) 198 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
188 }) 199 })
189 200
201 it('Should fail without a videoQuota', async function () {
202 const fields = {
203 username: 'my_username',
204 email: 'user1@example.com',
205 password: 'my super password'
206 }
207
208 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
209 })
210
211 it('Should fail with an invalid videoQuota', async function () {
212 const fields = {
213 username: 'my_username',
214 email: 'user1@example.com',
215 password: 'my super password',
216 videoQuota: -5
217 }
218
219 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
220 })
221
190 it('Should succeed with the correct params', async function () { 222 it('Should succeed with the correct params', async function () {
191 const fields = { 223 const fields = {
192 username: 'user2', 224 username: 'user2',
193 email: 'test@example.com', 225 email: 'test@example.com',
194 password: 'my super password' 226 password: 'my super password',
227 videoQuota: -1
195 } 228 }
196 229
197 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) 230 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
@@ -208,18 +241,20 @@ describe('Test users API validators', function () {
208 const fields = { 241 const fields = {
209 username: 'user3', 242 username: 'user3',
210 email: 'test@example.com', 243 email: 'test@example.com',
211 password: 'my super password' 244 password: 'my super password',
245 videoQuota: 42000000
212 } 246 }
213 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) 247 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
214 }) 248 })
215 }) 249 })
216 250
217 describe('When updating a user', function () { 251 describe('When updating my account', function () {
218 before(async function () { 252 it('Should fail with an invalid email attribute', async function () {
219 const res = await getUsersList(server.url) 253 const fields = {
254 email: 'blabla'
255 }
220 256
221 userId = res.body.data[1].id 257 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
222 rootId = res.body.data[2].id
223 }) 258 })
224 259
225 it('Should fail with a too small password', async function () { 260 it('Should fail with a too small password', async function () {
@@ -227,7 +262,7 @@ describe('Test users API validators', function () {
227 password: 'bla' 262 password: 'bla'
228 } 263 }
229 264
230 await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) 265 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
231 }) 266 })
232 267
233 it('Should fail with a too long password', async function () { 268 it('Should fail with a too long password', async function () {
@@ -237,7 +272,7 @@ describe('Test users API validators', function () {
237 'very very very very very very very very very very very very very very very very very very very very long' 272 'very very very very very very very very very very very very very very very very very very very very long'
238 } 273 }
239 274
240 await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) 275 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
241 }) 276 })
242 277
243 it('Should fail with an invalid display NSFW attribute', async function () { 278 it('Should fail with an invalid display NSFW attribute', async function () {
@@ -245,7 +280,7 @@ describe('Test users API validators', function () {
245 displayNSFW: -1 280 displayNSFW: -1
246 } 281 }
247 282
248 await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) 283 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
249 }) 284 })
250 285
251 it('Should fail with an non authenticated user', async function () { 286 it('Should fail with an non authenticated user', async function () {
@@ -253,16 +288,60 @@ describe('Test users API validators', function () {
253 password: 'my super password' 288 password: 'my super password'
254 } 289 }
255 290
256 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) 291 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
257 }) 292 })
258 293
259 it('Should succeed with the correct params', async function () { 294 it('Should succeed with the correct params', async function () {
260 const fields = { 295 const fields = {
261 password: 'my super password', 296 password: 'my super password',
262 displayNSFW: true 297 displayNSFW: true,
298 email: 'super_email@example.com'
263 } 299 }
264 300
265 await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields, statusCodeExpected: 204 }) 301 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
302 })
303 })
304
305 describe('When updating a user', function () {
306
307 before(async function () {
308 const res = await getUsersList(server.url)
309
310 userId = res.body.data[1].id
311 rootId = res.body.data[2].id
312 })
313
314 it('Should fail with an invalid email attribute', async function () {
315 const fields = {
316 email: 'blabla'
317 }
318
319 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
320 })
321
322 it('Should fail with an invalid videoQuota attribute', async function () {
323 const fields = {
324 videoQuota: -90
325 }
326
327 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
328 })
329
330 it('Should fail with an non authenticated user', async function () {
331 const fields = {
332 videoQuota: 42
333 }
334
335 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
336 })
337
338 it('Should succeed with the correct params', async function () {
339 const fields = {
340 email: 'email@example.com',
341 videoQuota: 42
342 }
343
344 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
266 }) 345 })
267 }) 346 })
268 347
@@ -491,6 +570,38 @@ describe('Test users API validators', function () {
491 }) 570 })
492 }) 571 })
493 572
573 describe('When having a video quota', function () {
574 it('Should fail with a user having too many video', async function () {
575 const fields = {
576 videoQuota: 42
577 }
578
579 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })
580
581 const videoAttributes = {}
582 await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
583 })
584
585 it('Should fail with a registered user having too many video', async function () {
586 this.timeout(10000)
587
588 server.user = {
589 username: 'user3',
590 email: 'test3@example.com',
591 password: 'my super password'
592 }
593 userAccessToken = await loginAndGetAccessToken(server)
594
595 const videoAttributes = { fixture: 'video_short2.webm' }
596 await uploadVideo(server.url, userAccessToken, videoAttributes)
597 await uploadVideo(server.url, userAccessToken, videoAttributes)
598 await uploadVideo(server.url, userAccessToken, videoAttributes)
599 await uploadVideo(server.url, userAccessToken, videoAttributes)
600 await uploadVideo(server.url, userAccessToken, videoAttributes)
601 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
602 })
603 })
604
494 after(async function () { 605 after(async function () {
495 killallServers([ server, serverWithRegistrationDisabled ]) 606 killallServers([ server, serverWithRegistrationDisabled ])
496 607
diff --git a/server/tests/api/users.ts b/server/tests/api/users.ts
index 104d783bb..04c68d4ea 100644
--- a/server/tests/api/users.ts
+++ b/server/tests/api/users.ts
@@ -319,9 +319,9 @@ describe('Test users', function () {
319 }) 319 })
320 320
321 it('Should be able to update another user', async function () { 321 it('Should be able to update another user', async function () {
322 await updateUser(server.url, userId, server.accessToken, 'updated2@example.com', 42 ) 322 await updateUser(server.url, userId, accessToken, 'updated2@example.com', 42)
323 323
324 const res = await getUserInformation(server.url, server.accessToken, userId) 324 const res = await getUserInformation(server.url, accessToken, userId)
325 const user = res.body 325 const user = res.body
326 326
327 expect(user.username).to.equal('user_1') 327 expect(user.username).to.equal('user_1')
diff --git a/server/tests/utils/users.ts b/server/tests/utils/users.ts
index 1c3f6826e..e5f3eb1b3 100644
--- a/server/tests/utils/users.ts
+++ b/server/tests/utils/users.ts
@@ -118,7 +118,7 @@ function updateUser (url: string, userId: number, accessToken: string, email: st
118 const path = '/api/v1/users/' + userId 118 const path = '/api/v1/users/' + userId
119 119
120 const toSend = {} 120 const toSend = {}
121 if (email !== undefined && email !== null) toSend['password'] = email 121 if (email !== undefined && email !== null) toSend['email'] = email
122 if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota 122 if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota
123 123
124 return request(url) 124 return request(url)