123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158 |
- /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
- import { omit } from 'lodash'
- import 'mocha'
- import { join } from 'path'
- import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared'
- import {
- addVideoChannel,
- blockUser,
- cleanupTests,
- createUser,
- deleteMe,
- flushAndRunServer,
- getMyUserInformation,
- getMyUserVideoRating,
- getUsersList,
- immutableAssign,
- killallServers,
- makeGetRequest,
- makePostBodyRequest,
- makePutBodyRequest,
- makeUploadRequest,
- registerUser,
- removeUser,
- reRunServer,
- ServerInfo,
- setAccessTokensToServers,
- unblockUser,
- updateUser,
- uploadVideo,
- userLogin
- } from '../../../../shared/extra-utils'
- import {
- checkBadCountPagination,
- checkBadSortPagination,
- checkBadStartPagination
- } from '../../../../shared/extra-utils/requests/check-api-params'
- import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports'
- import { VideoPrivacy } from '../../../../shared/models/videos'
- import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
- import { expect } from 'chai'
- import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
- import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
- describe('Test users API validators', function () {
- const path = '/api/v1/users/'
- let userId: number
- let rootId: number
- let moderatorId: number
- let videoId: number
- let server: ServerInfo
- let serverWithRegistrationDisabled: ServerInfo
- let userAccessToken = ''
- let moderatorAccessToken = ''
- let emailPort: number
- let overrideConfig: Object
- // ---------------------------------------------------------------
- before(async function () {
- this.timeout(30000)
- const emails: object[] = []
- emailPort = await MockSmtpServer.Instance.collectEmails(emails)
- overrideConfig = { signup: { limit: 8 } }
- {
- const res = await Promise.all([
- flushAndRunServer(1, overrideConfig),
- flushAndRunServer(2)
- ])
- server = res[0]
- serverWithRegistrationDisabled = res[1]
- await setAccessTokensToServers([ server ])
- }
- {
- const user = {
- username: 'user1',
- password: 'my super password'
- }
- const videoQuota = 42000000
- await createUser({
- url: server.url,
- accessToken: server.accessToken,
- username: user.username,
- password: user.password,
- videoQuota: videoQuota
- })
- userAccessToken = await userLogin(server, user)
- }
- {
- const moderator = {
- username: 'moderator1',
- password: 'super password'
- }
- await createUser({
- url: server.url,
- accessToken: server.accessToken,
- username: moderator.username,
- password: moderator.password,
- role: UserRole.MODERATOR
- })
- moderatorAccessToken = await userLogin(server, moderator)
- }
- {
- const moderator = {
- username: 'moderator2',
- password: 'super password'
- }
- await createUser({
- url: server.url,
- accessToken: server.accessToken,
- username: moderator.username,
- password: moderator.password,
- role: UserRole.MODERATOR
- })
- }
- {
- const res = await uploadVideo(server.url, server.accessToken, {})
- videoId = res.body.video.id
- }
- {
- const res = await getUsersList(server.url, server.accessToken)
- const users: User[] = res.body.data
- userId = users.find(u => u.username === 'user1').id
- rootId = users.find(u => u.username === 'root').id
- moderatorId = users.find(u => u.username === 'moderator2').id
- }
- })
- describe('When listing users', function () {
- it('Should fail with a bad start pagination', async function () {
- await checkBadStartPagination(server.url, path, server.accessToken)
- })
- it('Should fail with a bad count pagination', async function () {
- await checkBadCountPagination(server.url, path, server.accessToken)
- })
- it('Should fail with an incorrect sort', async function () {
- await checkBadSortPagination(server.url, path, server.accessToken)
- })
- it('Should fail with a bad blocked/banned user filter', async function () {
- await makeGetRequest({
- url: server.url,
- path,
- query: {
- blocked: 42
- },
- token: server.accessToken,
- statusCodeExpected: 400
- })
- })
- it('Should fail with a non authenticated user', async function () {
- await makeGetRequest({
- url: server.url,
- path,
- statusCodeExpected: 401
- })
- })
- it('Should fail with a non admin user', async function () {
- await makeGetRequest({
- url: server.url,
- path,
- token: userAccessToken,
- statusCodeExpected: 403
- })
- })
- })
- describe('When adding a new user', function () {
- const baseCorrectParams = {
- username: 'user2',
- email: 'test@example.com',
- password: 'my super password',
- videoQuota: -1,
- videoQuotaDaily: -1,
- role: UserRole.USER,
- adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
- }
- it('Should fail with a too small username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: '' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a too long username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a not lowercase username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an incorrect username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a missing email', async function () {
- const fields = omit(baseCorrectParams, 'email')
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid email', async function () {
- const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a too small password', async function () {
- const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a too long password', async function () {
- const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with empty password and no smtp configured', async function () {
- const fields = immutableAssign(baseCorrectParams, { password: '' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should succeed with no password on a server with smtp enabled', async function () {
- this.timeout(10000)
- killallServers([ server ])
- const config = immutableAssign(overrideConfig, {
- smtp: {
- hostname: 'localhost',
- port: emailPort
- }
- })
- await reRunServer(server, config)
- const fields = immutableAssign(baseCorrectParams, {
- password: '',
- username: 'create_password',
- email: 'create_password@example.com'
- })
- await makePostBodyRequest({
- url: server.url,
- path: path,
- token: server.accessToken,
- fields,
- statusCodeExpected: 200
- })
- })
- it('Should fail with invalid admin flags', async function () {
- const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an non authenticated user', async function () {
- await makePostBodyRequest({
- url: server.url,
- path,
- token: 'super token',
- fields: baseCorrectParams,
- statusCodeExpected: 401
- })
- })
- it('Should fail if we add a user with the same username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
- })
- it('Should fail if we add a user with the same email', async function () {
- const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
- })
- it('Should fail without a videoQuota', async function () {
- const fields = omit(baseCorrectParams, 'videoQuota')
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail without a videoQuotaDaily', async function () {
- const fields = omit(baseCorrectParams, 'videoQuotaDaily')
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid videoQuota', async function () {
- const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid videoQuotaDaily', async function () {
- const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail without a user role', async function () {
- const fields = omit(baseCorrectParams, 'role')
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid user role', async function () {
- const fields = immutableAssign(baseCorrectParams, { role: 88989 })
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with a "peertube" username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
- await makePostBodyRequest({
- url: server.url,
- path,
- token: server.accessToken,
- fields,
- statusCodeExpected: 409
- })
- })
- it('Should fail to create a moderator or an admin with a moderator', async function () {
- for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
- const fields = immutableAssign(baseCorrectParams, { role })
- await makePostBodyRequest({
- url: server.url,
- path,
- token: moderatorAccessToken,
- fields,
- statusCodeExpected: 403
- })
- }
- })
- it('Should succeed to create a user with a moderator', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER })
- await makePostBodyRequest({
- url: server.url,
- path,
- token: moderatorAccessToken,
- fields,
- statusCodeExpected: 200
- })
- })
- it('Should succeed with the correct params', async function () {
- await makePostBodyRequest({
- url: server.url,
- path,
- token: server.accessToken,
- fields: baseCorrectParams,
- statusCodeExpected: 200
- })
- })
- it('Should fail with a non admin user', async function () {
- const user = {
- username: 'user1',
- password: 'my super password'
- }
- userAccessToken = await userLogin(server, user)
- const fields = {
- username: 'user3',
- email: 'test@example.com',
- password: 'my super password',
- videoQuota: 42000000
- }
- await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
- })
- })
- describe('When updating my account', function () {
- it('Should fail with an invalid email attribute', async function () {
- const fields = {
- email: 'blabla'
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
- })
- it('Should fail with a too small password', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'bla'
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with a too long password', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'super'.repeat(61)
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail without the current password', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'super'.repeat(61)
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid current password', async function () {
- const fields = {
- currentPassword: 'my super password fail',
- password: 'super'.repeat(61)
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
- })
- it('Should fail with an invalid NSFW policy attribute', async function () {
- const fields = {
- nsfwPolicy: 'hello'
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid autoPlayVideo attribute', async function () {
- const fields = {
- autoPlayVideo: -1
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
- const fields = {
- autoPlayNextVideo: -1
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
- const fields = {
- videosHistoryEnabled: -1
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an non authenticated user', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'my super password'
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
- })
- it('Should fail with a too long description', async function () {
- const fields = {
- description: 'super'.repeat(201)
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid videoLanguages attribute', async function () {
- {
- const fields = {
- videoLanguages: 'toto'
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- }
- {
- const languages = []
- for (let i = 0; i < 1000; i++) {
- languages.push('fr')
- }
- const fields = {
- videoLanguages: languages
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- }
- })
- it('Should fail with an invalid theme', async function () {
- const fields = { theme: 'invalid' }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an unknown theme', async function () {
- const fields = { theme: 'peertube-theme-unknown' }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
- const fields = {
- noInstanceConfigWarningModal: -1
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should fail with an invalid noWelcomeModal attribute', async function () {
- const fields = {
- noWelcomeModal: -1
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
- })
- it('Should succeed to change password with the correct params', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'my super password',
- nsfwPolicy: 'blur',
- autoPlayVideo: false,
- email: 'super_email@example.com',
- theme: 'default',
- noInstanceConfigWarningModal: true,
- noWelcomeModal: true
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
- })
- it('Should succeed without password change with the correct params', async function () {
- const fields = {
- nsfwPolicy: 'blur',
- autoPlayVideo: false
- }
- await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
- })
- })
- describe('When updating my avatar', function () {
- it('Should fail without an incorrect input file', async function () {
- const fields = {}
- const attaches = {
- avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
- }
- await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
- })
- it('Should fail with a big file', async function () {
- const fields = {}
- const attaches = {
- avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
- }
- await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
- })
- it('Should fail with an unauthenticated user', async function () {
- const fields = {}
- const attaches = {
- avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
- }
- await makeUploadRequest({
- url: server.url,
- path: path + '/me/avatar/pick',
- fields,
- attaches,
- statusCodeExpected: 401
- })
- })
- it('Should succeed with the correct params', async function () {
- const fields = {}
- const attaches = {
- avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
- }
- await makeUploadRequest({
- url: server.url,
- path: path + '/me/avatar/pick',
- token: server.accessToken,
- fields,
- attaches,
- statusCodeExpected: 200
- })
- })
- })
- describe('When getting a user', function () {
- it('Should fail with an non authenticated user', async function () {
- await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
- })
- it('Should fail with a non admin user', async function () {
- await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
- })
- it('Should succeed with the correct params', async function () {
- await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
- })
- })
- describe('When updating a user', function () {
- it('Should fail with an invalid email attribute', async function () {
- const fields = {
- email: 'blabla'
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with an invalid emailVerified attribute', async function () {
- const fields = {
- emailVerified: 'yes'
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with an invalid videoQuota attribute', async function () {
- const fields = {
- videoQuota: -90
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with an invalid user role attribute', async function () {
- const fields = {
- role: 54878
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with a too small password', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'bla'
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with a too long password', async function () {
- const fields = {
- currentPassword: 'my super password',
- password: 'super'.repeat(61)
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
- })
- it('Should fail with an non authenticated user', async function () {
- const fields = {
- videoQuota: 42
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
- })
- it('Should fail when updating root role', async function () {
- const fields = {
- role: UserRole.MODERATOR
- }
- await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
- })
- it('Should fail with invalid admin flags', async function () {
- const fields = { adminFlags: 'toto' }
- await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail to update an admin with a moderator', async function () {
- const fields = {
- videoQuota: 42
- }
- await makePutBodyRequest({
- url: server.url,
- path: path + moderatorId,
- token: moderatorAccessToken,
- fields,
- statusCodeExpected: 403
- })
- })
- it('Should succeed to update a user with a moderator', async function () {
- const fields = {
- videoQuota: 42
- }
- await makePutBodyRequest({
- url: server.url,
- path: path + userId,
- token: moderatorAccessToken,
- fields,
- statusCodeExpected: 204
- })
- })
- it('Should succeed with the correct params', async function () {
- const fields = {
- email: 'email@example.com',
- emailVerified: true,
- videoQuota: 42,
- role: UserRole.USER
- }
- await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
- })
- })
- describe('When getting my information', function () {
- it('Should fail with a non authenticated user', async function () {
- await getMyUserInformation(server.url, 'fake_token', 401)
- })
- it('Should success with the correct parameters', async function () {
- await getMyUserInformation(server.url, userAccessToken)
- })
- })
- describe('When getting my video rating', function () {
- it('Should fail with a non authenticated user', async function () {
- await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
- })
- it('Should fail with an incorrect video uuid', async function () {
- await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
- })
- it('Should fail with an unknown video', async function () {
- await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
- })
- it('Should succeed with the correct parameters', async function () {
- await getMyUserVideoRating(server.url, server.accessToken, videoId)
- })
- })
- describe('When retrieving my global ratings', function () {
- const path = '/api/v1/accounts/user1/ratings'
- it('Should fail with a bad start pagination', async function () {
- await checkBadStartPagination(server.url, path, userAccessToken)
- })
- it('Should fail with a bad count pagination', async function () {
- await checkBadCountPagination(server.url, path, userAccessToken)
- })
- it('Should fail with an incorrect sort', async function () {
- await checkBadSortPagination(server.url, path, userAccessToken)
- })
- it('Should fail with a unauthenticated user', async function () {
- await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 })
- })
- it('Should fail with a another user', async function () {
- await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 })
- })
- it('Should fail with a bad type', async function () {
- await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 })
- })
- it('Should succeed with the correct params', async function () {
- await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 })
- })
- })
- describe('When blocking/unblocking/removing user', function () {
- it('Should fail with an incorrect id', async function () {
- await removeUser(server.url, 'blabla', server.accessToken, 400)
- await blockUser(server.url, 'blabla', server.accessToken, 400)
- await unblockUser(server.url, 'blabla', server.accessToken, 400)
- })
- it('Should fail with the root user', async function () {
- await removeUser(server.url, rootId, server.accessToken, 400)
- await blockUser(server.url, rootId, server.accessToken, 400)
- await unblockUser(server.url, rootId, server.accessToken, 400)
- })
- it('Should return 404 with a non existing id', async function () {
- await removeUser(server.url, 4545454, server.accessToken, 404)
- await blockUser(server.url, 4545454, server.accessToken, 404)
- await unblockUser(server.url, 4545454, server.accessToken, 404)
- })
- it('Should fail with a non admin user', async function () {
- await removeUser(server.url, userId, userAccessToken, 403)
- await blockUser(server.url, userId, userAccessToken, 403)
- await unblockUser(server.url, userId, userAccessToken, 403)
- })
- it('Should fail on a moderator with a moderator', async function () {
- await removeUser(server.url, moderatorId, moderatorAccessToken, 403)
- await blockUser(server.url, moderatorId, moderatorAccessToken, 403)
- await unblockUser(server.url, moderatorId, moderatorAccessToken, 403)
- })
- it('Should succeed on a user with a moderator', async function () {
- await blockUser(server.url, userId, moderatorAccessToken)
- await unblockUser(server.url, userId, moderatorAccessToken)
- })
- })
- describe('When deleting our account', function () {
- it('Should fail with with the root account', async function () {
- await deleteMe(server.url, server.accessToken, 400)
- })
- })
- describe('When registering a new user', function () {
- const registrationPath = path + '/register'
- const baseCorrectParams = {
- username: 'user3',
- displayName: 'super user',
- email: 'test3@example.com',
- password: 'my super password'
- }
- it('Should fail with a too small username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: '' })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a too long username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with an incorrect username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a missing email', async function () {
- const fields = omit(baseCorrectParams, 'email')
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with an invalid email', async function () {
- const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a too small password', async function () {
- const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a too long password', async function () {
- const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail if we register a user with the same username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'root' })
- await makePostBodyRequest({
- url: server.url,
- path: registrationPath,
- token: server.accessToken,
- fields,
- statusCodeExpected: 409
- })
- })
- it('Should fail with a "peertube" username', async function () {
- const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
- await makePostBodyRequest({
- url: server.url,
- path: registrationPath,
- token: server.accessToken,
- fields,
- statusCodeExpected: 409
- })
- })
- it('Should fail if we register a user with the same email', async function () {
- const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
- await makePostBodyRequest({
- url: server.url,
- path: registrationPath,
- token: server.accessToken,
- fields,
- statusCodeExpected: 409
- })
- })
- it('Should fail with a bad display name', async function () {
- const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a bad channel name', async function () {
- const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a bad channel display name', async function () {
- const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with a channel name that is the same as username', async function () {
- const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
- const fields = immutableAssign(baseCorrectParams, source)
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
- })
- it('Should fail with an existing channel', async function () {
- const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
- await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg)
- const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
- await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
- })
- it('Should succeed with the correct params', async function () {
- const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
- await makePostBodyRequest({
- url: server.url,
- path: registrationPath,
- token: server.accessToken,
- fields: fields,
- statusCodeExpected: 204
- })
- })
- it('Should fail on a server with registration disabled', async function () {
- const fields = {
- username: 'user4',
- email: 'test4@example.com',
- password: 'my super password 4'
- }
- await makePostBodyRequest({
- url: serverWithRegistrationDisabled.url,
- path: registrationPath,
- token: serverWithRegistrationDisabled.accessToken,
- fields,
- statusCodeExpected: 403
- })
- })
- })
- describe('When registering multiple users on a server with users limit', function () {
- it('Should fail when after 3 registrations', async function () {
- await registerUser(server.url, 'user42', 'super password', 403)
- })
- })
- describe('When having a video quota', function () {
- it('Should fail with a user having too many videos', async function () {
- await updateUser({
- url: server.url,
- userId: rootId,
- accessToken: server.accessToken,
- videoQuota: 42
- })
- await uploadVideo(server.url, server.accessToken, {}, 403)
- })
- it('Should fail with a registered user having too many videos', async function () {
- this.timeout(30000)
- const user = {
- username: 'user3',
- password: 'my super password'
- }
- userAccessToken = await userLogin(server, user)
- const videoAttributes = { fixture: 'video_short2.webm' }
- await uploadVideo(server.url, userAccessToken, videoAttributes)
- await uploadVideo(server.url, userAccessToken, videoAttributes)
- await uploadVideo(server.url, userAccessToken, videoAttributes)
- await uploadVideo(server.url, userAccessToken, videoAttributes)
- await uploadVideo(server.url, userAccessToken, videoAttributes)
- await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
- })
- it('Should fail to import with HTTP/Torrent/magnet', async function () {
- this.timeout(120000)
- const baseAttributes = {
- channelId: 1,
- privacy: VideoPrivacy.PUBLIC
- }
- await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() }))
- await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
- await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' as any }))
- await waitJobs([ server ])
- const res = await getMyVideoImports(server.url, server.accessToken)
- expect(res.body.total).to.equal(3)
- const videoImports: VideoImport[] = res.body.data
- expect(videoImports).to.have.lengthOf(3)
- for (const videoImport of videoImports) {
- expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
- expect(videoImport.error).not.to.be.undefined
- expect(videoImport.error).to.contain('user video quota is exceeded')
- }
- })
- })
- describe('When having a daily video quota', function () {
- it('Should fail with a user having too many videos', async function () {
- await updateUser({
- url: server.url,
- userId: rootId,
- accessToken: server.accessToken,
- videoQuotaDaily: 42
- })
- await uploadVideo(server.url, server.accessToken, {}, 403)
- })
- })
- describe('When having an absolute and daily video quota', function () {
- it('Should fail if exceeding total quota', async function () {
- await updateUser({
- url: server.url,
- userId: rootId,
- accessToken: server.accessToken,
- videoQuota: 42,
- videoQuotaDaily: 1024 * 1024 * 1024
- })
- await uploadVideo(server.url, server.accessToken, {}, 403)
- })
- it('Should fail if exceeding daily quota', async function () {
- await updateUser({
- url: server.url,
- userId: rootId,
- accessToken: server.accessToken,
- videoQuota: 1024 * 1024 * 1024,
- videoQuotaDaily: 42
- })
- await uploadVideo(server.url, server.accessToken, {}, 403)
- })
- })
- describe('When asking a password reset', function () {
- const path = '/api/v1/users/ask-reset-password'
- it('Should fail with a missing email', async function () {
- const fields = {}
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid email', async function () {
- const fields = { email: 'hello' }
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should success with the correct params', async function () {
- const fields = { email: 'admin@example.com' }
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
- })
- })
- describe('When asking for an account verification email', function () {
- const path = '/api/v1/users/ask-send-verify-email'
- it('Should fail with a missing email', async function () {
- const fields = {}
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should fail with an invalid email', async function () {
- const fields = { email: 'hello' }
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
- })
- it('Should succeed with the correct params', async function () {
- const fields = { email: 'admin@example.com' }
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
- })
- })
- after(async function () {
- MockSmtpServer.Instance.kill()
- await cleanupTests([ server, serverWithRegistrationDisabled ])
- })
- })
|