1 /* tslint:disable:no-unused-expression */
3 import * as request from 'supertest'
14 loginAndGetAccessToken,
17 setAccessTokensToServers,
22 import { UserRole } from '../../../../shared'
24 describe('Test users API validators', function () {
25 const path = '/api/v1/users/'
29 let server: ServerInfo
30 let serverWithRegistrationDisabled: ServerInfo
31 let userAccessToken = ''
33 // ---------------------------------------------------------------
35 before(async function () {
40 server = await runServer(1)
41 serverWithRegistrationDisabled = await runServer(2)
43 await setAccessTokensToServers([ server ])
45 const username = 'user1'
46 const password = 'my super password'
47 const videoQuota = 42000000
48 await createUser(server.url, server.accessToken, username, password, videoQuota)
50 const videoAttributes = {}
51 await uploadVideo(server.url, server.accessToken, videoAttributes)
53 const res = await getVideosList(server.url)
54 const videos = res.body.data
55 videoId = videos[0].id
59 password: 'my super password'
61 userAccessToken = await getUserAccessToken(server, user)
64 describe('When listing users', function () {
65 it('Should fail with a bad start pagination', async function () {
66 await request(server.url)
68 .query({ start: 'hello' })
69 .set('Accept', 'application/json')
70 .set('Authorization', 'Bearer ' + server.accessToken)
74 it('Should fail with a bad count pagination', async function () {
75 await request(server.url)
77 .query({ count: 'hello' })
78 .set('Accept', 'application/json')
79 .set('Authorization', 'Bearer ' + server.accessToken)
83 it('Should fail with an incorrect sort', async function () {
84 await request(server.url)
86 .query({ sort: 'hello' })
87 .set('Accept', 'application/json')
88 .set('Authorization', 'Bearer ' + server.accessToken)
92 it('Should fail with a non authenticated user', async function () {
93 await request(server.url)
95 .set('Accept', 'application/json')
99 it('Should fail with a non admin user', async function () {
100 await request(server.url)
102 .set('Accept', 'application/json')
103 .set('Authorization', 'Bearer ' + userAccessToken)
108 describe('When adding a new user', function () {
109 it('Should fail with a too small username', async function () {
112 email: 'test@example.com',
113 password: 'my_super_password',
118 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
121 it('Should fail with a too long username', async function () {
123 username: 'my_super_username_which_is_very_long',
124 email: 'test@example.com',
125 password: 'my_super_password',
126 videoQuota: 42000000,
130 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
133 it('Should fail with a not lowercase username', async function () {
136 email: 'test@example.com',
137 password: 'my_super_password',
138 videoQuota: 42000000,
142 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
145 it('Should fail with an incorrect username', async function () {
147 username: 'my username',
148 email: 'test@example.com',
149 password: 'my_super_password',
150 videoQuota: 42000000,
154 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
157 it('Should fail with a missing email', async function () {
160 password: 'my_super_password',
161 videoQuota: 42000000,
165 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
168 it('Should fail with an invalid email', async function () {
170 username: 'my_super_username_which_is_very_long',
171 email: 'test_example.com',
172 password: 'my_super_password',
173 videoQuota: 42000000,
177 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 it('Should fail with a too small password', async function () {
182 username: 'my_username',
183 email: 'test@example.com',
185 videoQuota: 42000000,
189 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
192 it('Should fail with a too long password', async function () {
194 username: 'my_username',
195 email: 'test@example.com',
196 password: 'my super long password which is very very very very very very very very very very very very very very' +
197 'very very very very very very very very very very very very very very very veryv very very very very' +
198 'very very very very very very very very very very very very very very very very very very very very long',
199 videoQuota: 42000000,
203 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
206 it('Should fail with an non authenticated user', async function () {
208 username: 'my_username',
209 email: 'test@example.com',
210 password: 'my super password',
211 videoQuota: 42000000,
215 await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
218 it('Should fail if we add a user with the same username', async function () {
221 email: 'test@example.com',
222 password: 'my super password',
223 videoQuota: 42000000,
227 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
230 it('Should fail if we add a user with the same email', async function () {
232 username: 'my_username',
233 email: 'user1@example.com',
234 password: 'my super password',
235 videoQuota: 42000000,
239 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
242 it('Should fail without a videoQuota', async function () {
244 username: 'my_username',
245 email: 'user1@example.com',
246 password: 'my super password',
250 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
253 it('Should fail with an invalid videoQuota', async function () {
255 username: 'my_username',
256 email: 'user1@example.com',
257 password: 'my super password',
262 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
265 it('Should fail without a user role', async function () {
267 username: 'my_username',
268 email: 'user1@example.com',
269 password: 'my super password',
273 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
276 it('Should fail with an invalid user role', async function () {
278 username: 'my_username',
279 email: 'user1@example.com',
280 password: 'my super password',
285 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
288 it('Should succeed with the correct params', async function () {
291 email: 'test@example.com',
292 password: 'my super password',
297 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
300 it('Should fail with a non admin user', async function () {
303 email: 'test@example.com',
304 password: 'my super password'
307 userAccessToken = await loginAndGetAccessToken(server)
310 email: 'test@example.com',
311 password: 'my super password',
314 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
318 describe('When updating my account', function () {
319 it('Should fail with an invalid email attribute', async function () {
324 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
327 it('Should fail with a too small password', async function () {
332 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
335 it('Should fail with a too long password', async function () {
337 password: 'my super long password which is very very very very very very very very very very very very very very' +
338 'very very very very very very very very very very very very very very very veryv very very very very' +
339 'very very very very very very very very very very very very very very very very very very very very long'
342 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
345 it('Should fail with an invalid display NSFW attribute', async function () {
350 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
353 it('Should fail with an non authenticated user', async function () {
355 password: 'my super password'
358 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
361 it('Should succeed with the correct params', async function () {
363 password: 'my super password',
365 email: 'super_email@example.com'
368 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
372 describe('When updating a user', function () {
374 before(async function () {
375 const res = await getUsersList(server.url, server.accessToken)
377 userId = res.body.data[1].id
378 rootId = res.body.data[2].id
381 it('Should fail with an invalid email attribute', async function () {
386 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
389 it('Should fail with an invalid videoQuota attribute', async function () {
394 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
397 it('Should fail with an invalid user role attribute', async function () {
402 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
405 it('Should fail with an non authenticated user', async function () {
410 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
413 it('Should succeed with the correct params', async function () {
415 email: 'email@example.com',
417 role: UserRole.MODERATOR
420 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
424 describe('When getting my information', function () {
425 it('Should fail with a non authenticated user', async function () {
426 await request(server.url)
428 .set('Authorization', 'Bearer fake_token')
429 .set('Accept', 'application/json')
433 it('Should success with the correct parameters', async function () {
434 await request(server.url)
436 .set('Authorization', 'Bearer ' + userAccessToken)
437 .set('Accept', 'application/json')
442 describe('When getting my video rating', function () {
443 it('Should fail with a non authenticated user', async function () {
444 await request(server.url)
445 .get(path + 'me/videos/' + videoId + '/rating')
446 .set('Authorization', 'Bearer fake_token')
447 .set('Accept', 'application/json')
451 it('Should fail with an incorrect video uuid', async function () {
452 await request(server.url)
453 .get(path + 'me/videos/blabla/rating')
454 .set('Authorization', 'Bearer ' + userAccessToken)
455 .set('Accept', 'application/json')
459 it('Should fail with an unknown video', async function () {
460 await request(server.url)
461 .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
462 .set('Authorization', 'Bearer ' + userAccessToken)
463 .set('Accept', 'application/json')
467 it('Should success with the correct parameters', async function () {
468 await request(server.url)
469 .get(path + 'me/videos/' + videoId + '/rating')
470 .set('Authorization', 'Bearer ' + userAccessToken)
471 .set('Accept', 'application/json')
476 describe('When removing an user', function () {
477 it('Should fail with an incorrect id', async function () {
478 await request(server.url)
479 .delete(path + 'bla-bla')
480 .set('Authorization', 'Bearer ' + server.accessToken)
484 it('Should fail with the root user', async function () {
485 await request(server.url)
486 .delete(path + rootId)
487 .set('Authorization', 'Bearer ' + server.accessToken)
491 it('Should return 404 with a non existing id', async function () {
492 await request(server.url)
494 .set('Authorization', 'Bearer ' + server.accessToken)
499 describe('When removing an user', function () {
500 it('Should fail with an incorrect id', async function () {
501 await request(server.url)
502 .delete(path + 'bla-bla')
503 .set('Authorization', 'Bearer ' + server.accessToken)
507 it('Should fail with the root user', async function () {
508 await request(server.url)
509 .delete(path + rootId)
510 .set('Authorization', 'Bearer ' + server.accessToken)
514 it('Should return 404 with a non existing id', async function () {
515 await request(server.url)
517 .set('Authorization', 'Bearer ' + server.accessToken)
522 describe('When register a new user', function () {
523 const registrationPath = path + '/register'
525 it('Should fail with a too small username', async function () {
528 email: 'test@example.com',
529 password: 'my_super_password'
532 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
535 it('Should fail with a too long username', async function () {
537 username: 'my_super_username_which_is_very_long',
538 email: 'test@example.com',
539 password: 'my_super_password'
542 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
545 it('Should fail with an incorrect username', async function () {
547 username: 'my username',
548 email: 'test@example.com',
549 password: 'my_super_password'
552 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
555 it('Should fail with a missing email', async function () {
558 password: 'my_super_password'
561 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
564 it('Should fail with an invalid email', async function () {
566 username: 'my_super_username_which_is_very_long',
567 email: 'test_example.com',
568 password: 'my_super_password'
571 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
574 it('Should fail with a too small password', async function () {
576 username: 'my_username',
577 email: 'test@example.com',
581 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
584 it('Should fail with a too long password', async function () {
586 username: 'my_username',
587 email: 'test@example.com',
588 password: 'my super long password which is very very very very very very very very very very very very very very' +
589 'very very very very very very very very very very very very very very very veryv very very very very' +
590 'very very very very very very very very very very very very very very very very very very very very long'
593 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
596 it('Should fail if we register a user with the same username', async function () {
599 email: 'test@example.com',
600 password: 'my super password'
603 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
606 it('Should fail if we register a user with the same email', async function () {
608 username: 'my_username',
609 email: 'admin1@example.com',
610 password: 'my super password'
613 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
616 it('Should succeed with the correct params', async function () {
619 email: 'test3@example.com',
620 password: 'my super password'
623 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 })
626 it('Should fail on a server with registration disabled', async function () {
629 email: 'test4@example.com',
630 password: 'my super password 4'
633 await makePostBodyRequest({
634 url: serverWithRegistrationDisabled.url,
635 path: registrationPath,
636 token: serverWithRegistrationDisabled.accessToken,
638 statusCodeExpected: 403
643 describe('When registering multiple users on a server with users limit', function () {
644 it('Should fail when after 3 registrations', async function () {
645 await registerUser(server.url, 'user42', 'super password', 403)
649 describe('When having a video quota', function () {
650 it('Should fail with a user having too many video', async function () {
655 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })
657 const videoAttributes = {}
658 await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
661 it('Should fail with a registered user having too many video', async function () {
666 email: 'test3@example.com',
667 password: 'my super password'
669 userAccessToken = await loginAndGetAccessToken(server)
671 const videoAttributes = { fixture: 'video_short2.webm' }
672 await uploadVideo(server.url, userAccessToken, videoAttributes)
673 await uploadVideo(server.url, userAccessToken, videoAttributes)
674 await uploadVideo(server.url, userAccessToken, videoAttributes)
675 await uploadVideo(server.url, userAccessToken, videoAttributes)
676 await uploadVideo(server.url, userAccessToken, videoAttributes)
677 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
681 after(async function () {
682 killallServers([ server, serverWithRegistrationDisabled ])
684 // Keep the logs if the test failed