1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole, Video } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
21 getVideosList, installPlugin,
25 registerUserWithChannel,
36 } from '../../../../shared/extra-utils'
37 import { follow } from '../../../../shared/extra-utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
39 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
57 server = await flushAndRunServer(1)
59 await setAccessTokensToServers([ server ])
61 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
64 describe('OAuth client', function () {
65 it('Should create a new client')
67 it('Should return the first client')
69 it('Should remove the last client')
71 it('Should not login with an invalid client id', async function () {
72 const client = { id: 'client', secret: server.client.secret }
73 const res = await login(server.url, client, server.user, 400)
75 expect(res.body.error).to.contain('client is invalid')
78 it('Should not login with an invalid client secret', async function () {
79 const client = { id: server.client.id, secret: 'coucou' }
80 const res = await login(server.url, client, server.user, 400)
82 expect(res.body.error).to.contain('client is invalid')
86 describe('Login', function () {
88 it('Should not login with an invalid username', async function () {
89 const user = { username: 'captain crochet', password: server.user.password }
90 const res = await login(server.url, server.client, user, 400)
92 expect(res.body.error).to.contain('credentials are invalid')
95 it('Should not login with an invalid password', async function () {
96 const user = { username: server.user.username, password: 'mew_three' }
97 const res = await login(server.url, server.client, user, 400)
99 expect(res.body.error).to.contain('credentials are invalid')
102 it('Should not be able to upload a video', async function () {
103 accessToken = 'my_super_token'
105 const videoAttributes = {}
106 await uploadVideo(server.url, accessToken, videoAttributes, 401)
109 it('Should not be able to follow', async function () {
110 accessToken = 'my_super_token'
111 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
114 it('Should not be able to unfollow')
116 it('Should be able to login', async function () {
117 const res = await login(server.url, server.client, server.user, 200)
119 accessToken = res.body.access_token
122 it('Should be able to login with an insensitive username', async function () {
123 const user = { username: 'RoOt', password: server.user.password }
124 const res = await login(server.url, server.client, user, 200)
126 const user2 = { username: 'rOoT', password: server.user.password }
127 const res2 = await login(server.url, server.client, user2, 200)
129 const user3 = { username: 'ROOt', password: server.user.password }
130 const res3 = await login(server.url, server.client, user3, 200)
134 describe('Upload', function () {
136 it('Should upload the video with the correct token', async function () {
137 const videoAttributes = {}
138 await uploadVideo(server.url, accessToken, videoAttributes)
139 const res = await getVideosList(server.url)
140 const video = res.body.data[ 0 ]
142 expect(video.account.name).to.equal('root')
146 it('Should upload the video again with the correct token', async function () {
147 const videoAttributes = {}
148 await uploadVideo(server.url, accessToken, videoAttributes)
152 describe('Ratings', function () {
154 it('Should retrieve a video rating', async function () {
155 await rateVideo(server.url, accessToken, videoId, 'like')
156 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
157 const rating = res.body
159 expect(rating.videoId).to.equal(videoId)
160 expect(rating.rating).to.equal('like')
163 it('Should retrieve ratings list', async function () {
164 await rateVideo(server.url, accessToken, videoId, 'like')
166 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
167 const ratings = res.body
169 expect(ratings.total).to.equal(1)
170 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
171 expect(ratings.data[ 0 ].rating).to.equal('like')
174 it('Should retrieve ratings list by rating type', async function () {
176 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
177 const ratings = res.body
178 expect(ratings.data.length).to.equal(1)
182 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
183 const ratings = res.body
184 expect(ratings.data.length).to.equal(0)
189 describe('Remove video', function () {
190 it('Should not be able to remove the video with an incorrect token', async function () {
191 await removeVideo(server.url, 'bad_token', videoId, 401)
194 it('Should not be able to remove the video with the token of another account')
196 it('Should be able to remove the video with the correct token', async function () {
197 await removeVideo(server.url, accessToken, videoId)
201 describe('Logout', function () {
202 it('Should logout (revoke token)')
204 it('Should not be able to get the user information')
206 it('Should not be able to upload a video')
208 it('Should not be able to remove a video')
210 it('Should not be able to rate a video', async function () {
211 const path = '/api/v1/videos/'
218 path: path + videoId,
219 token: 'wrong token',
221 statusCodeExpected: 401
223 await makePutBodyRequest(options)
226 it('Should be able to login again')
228 it('Should have an expired access token')
230 it('Should refresh the token')
232 it('Should be able to upload a video again')
235 describe('Creating a user', function () {
237 it('Should be able to create a new user', async function () {
240 accessToken: accessToken,
241 username: user.username,
242 password: user.password,
243 videoQuota: 2 * 1024 * 1024,
244 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
248 it('Should be able to login with this user', async function () {
249 accessTokenUser = await userLogin(server, user)
252 it('Should be able to get user information', async function () {
253 const res1 = await getMyUserInformation(server.url, accessTokenUser)
254 const userMe: User = res1.body
256 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
257 const userGet: User = res2.body
259 for (const user of [ userMe, userGet ]) {
260 expect(user.username).to.equal('user_1')
261 expect(user.email).to.equal('user_1@example.com')
262 expect(user.nsfwPolicy).to.equal('display')
263 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
264 expect(user.roleLabel).to.equal('User')
265 expect(user.id).to.be.a('number')
266 expect(user.account.displayName).to.equal('user_1')
267 expect(user.account.description).to.be.null
270 expect(userMe.adminFlags).to.be.undefined
271 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
275 describe('My videos & quotas', function () {
277 it('Should be able to upload a video with this user', async function () {
280 const videoAttributes = {
281 name: 'super user video',
282 fixture: 'video_short.webm'
284 await uploadVideo(server.url, accessTokenUser, videoAttributes)
287 it('Should have video quota updated', async function () {
288 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
289 const data = res.body
291 expect(data.videoQuotaUsed).to.equal(218910)
293 const resUsers = await getUsersList(server.url, server.accessToken)
295 const users: User[] = resUsers.body.data
296 const tmpUser = users.find(u => u.username === user.username)
297 expect(tmpUser.videoQuotaUsed).to.equal(218910)
300 it('Should be able to list my videos', async function () {
301 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
302 expect(res.body.total).to.equal(1)
304 const videos = res.body.data
305 expect(videos).to.have.lengthOf(1)
307 const video: Video = videos[ 0 ]
308 expect(video.name).to.equal('super user video')
309 expect(video.thumbnailPath).to.not.be.null
310 expect(video.previewPath).to.not.be.null
313 it('Should be able to search in my videos', async function () {
315 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
316 expect(res.body.total).to.equal(1)
318 const videos = res.body.data
319 expect(videos).to.have.lengthOf(1)
323 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
324 expect(res.body.total).to.equal(0)
326 const videos = res.body.data
327 expect(videos).to.have.lengthOf(0)
332 describe('Users listing', function () {
334 it('Should list all the users', async function () {
335 const res = await getUsersList(server.url, server.accessToken)
336 const result = res.body
337 const total = result.total
338 const users = result.data
340 expect(total).to.equal(2)
341 expect(users).to.be.an('array')
342 expect(users.length).to.equal(2)
344 const user = users[ 0 ]
345 expect(user.username).to.equal('user_1')
346 expect(user.email).to.equal('user_1@example.com')
347 expect(user.nsfwPolicy).to.equal('display')
349 const rootUser = users[ 1 ]
350 expect(rootUser.username).to.equal('root')
351 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
352 expect(user.nsfwPolicy).to.equal('display')
357 it('Should list only the first user by username asc', async function () {
358 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
360 const result = res.body
361 const total = result.total
362 const users = result.data
364 expect(total).to.equal(2)
365 expect(users.length).to.equal(1)
367 const user = users[ 0 ]
368 expect(user.username).to.equal('root')
369 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
370 expect(user.roleLabel).to.equal('Administrator')
371 expect(user.nsfwPolicy).to.equal('display')
374 it('Should list only the first user by username desc', async function () {
375 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
376 const result = res.body
377 const total = result.total
378 const users = result.data
380 expect(total).to.equal(2)
381 expect(users.length).to.equal(1)
383 const user = users[ 0 ]
384 expect(user.username).to.equal('user_1')
385 expect(user.email).to.equal('user_1@example.com')
386 expect(user.nsfwPolicy).to.equal('display')
389 it('Should list only the second user by createdAt desc', async function () {
390 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
391 const result = res.body
392 const total = result.total
393 const users = result.data
395 expect(total).to.equal(2)
396 expect(users.length).to.equal(1)
398 const user = users[ 0 ]
399 expect(user.username).to.equal('user_1')
400 expect(user.email).to.equal('user_1@example.com')
401 expect(user.nsfwPolicy).to.equal('display')
404 it('Should list all the users by createdAt asc', async function () {
405 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
406 const result = res.body
407 const total = result.total
408 const users = result.data
410 expect(total).to.equal(2)
411 expect(users.length).to.equal(2)
413 expect(users[ 0 ].username).to.equal('root')
414 expect(users[ 0 ].email).to.equal('admin' + server.internalServerNumber + '@example.com')
415 expect(users[ 0 ].nsfwPolicy).to.equal('display')
417 expect(users[ 1 ].username).to.equal('user_1')
418 expect(users[ 1 ].email).to.equal('user_1@example.com')
419 expect(users[ 1 ].nsfwPolicy).to.equal('display')
422 it('Should search user by username', async function () {
423 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
424 const users = res.body.data as User[]
426 expect(res.body.total).to.equal(1)
427 expect(users.length).to.equal(1)
429 expect(users[ 0 ].username).to.equal('root')
432 it('Should search user by email', async function () {
434 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
435 const users = res.body.data as User[]
437 expect(res.body.total).to.equal(1)
438 expect(users.length).to.equal(1)
440 expect(users[ 0 ].username).to.equal('user_1')
441 expect(users[ 0 ].email).to.equal('user_1@example.com')
445 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
446 const users = res.body.data as User[]
448 expect(res.body.total).to.equal(2)
449 expect(users.length).to.equal(2)
451 expect(users[ 0 ].username).to.equal('root')
452 expect(users[ 1 ].username).to.equal('user_1')
457 describe('Update my account', function () {
458 it('Should update my password', async function () {
461 accessToken: accessTokenUser,
462 currentPassword: 'super password',
463 password: 'new password'
465 user.password = 'new password'
467 await userLogin(server, user, 200)
470 it('Should be able to change the NSFW display attribute', async function () {
473 accessToken: accessTokenUser,
474 nsfwPolicy: 'do_not_list'
477 const res = await getMyUserInformation(server.url, accessTokenUser)
478 const user = res.body
480 expect(user.username).to.equal('user_1')
481 expect(user.email).to.equal('user_1@example.com')
482 expect(user.nsfwPolicy).to.equal('do_not_list')
483 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
484 expect(user.id).to.be.a('number')
485 expect(user.account.displayName).to.equal('user_1')
486 expect(user.account.description).to.be.null
489 it('Should be able to change the autoPlayVideo attribute', async function () {
492 accessToken: accessTokenUser,
496 const res = await getMyUserInformation(server.url, accessTokenUser)
497 const user = res.body
499 expect(user.autoPlayVideo).to.be.false
502 it('Should be able to change the autoPlayNextVideo attribute', async function () {
505 accessToken: accessTokenUser,
506 autoPlayNextVideo: true
509 const res = await getMyUserInformation(server.url, accessTokenUser)
510 const user = res.body
512 expect(user.autoPlayNextVideo).to.be.true
515 it('Should be able to change the email attribute', async function () {
518 accessToken: accessTokenUser,
519 currentPassword: 'new password',
520 email: 'updated@example.com'
523 const res = await getMyUserInformation(server.url, accessTokenUser)
524 const user = res.body
526 expect(user.username).to.equal('user_1')
527 expect(user.email).to.equal('updated@example.com')
528 expect(user.nsfwPolicy).to.equal('do_not_list')
529 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
530 expect(user.id).to.be.a('number')
531 expect(user.account.displayName).to.equal('user_1')
532 expect(user.account.description).to.be.null
535 it('Should be able to update my avatar', async function () {
536 const fixture = 'avatar.png'
538 await updateMyAvatar({
540 accessToken: accessTokenUser,
544 const res = await getMyUserInformation(server.url, accessTokenUser)
545 const user = res.body
547 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
550 it('Should be able to update my display name', async function () {
553 accessToken: accessTokenUser,
554 displayName: 'new display name'
557 const res = await getMyUserInformation(server.url, accessTokenUser)
558 const user = res.body
560 expect(user.username).to.equal('user_1')
561 expect(user.email).to.equal('updated@example.com')
562 expect(user.nsfwPolicy).to.equal('do_not_list')
563 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
564 expect(user.id).to.be.a('number')
565 expect(user.account.displayName).to.equal('new display name')
566 expect(user.account.description).to.be.null
569 it('Should be able to update my description', async function () {
572 accessToken: accessTokenUser,
573 description: 'my super description updated'
576 const res = await getMyUserInformation(server.url, accessTokenUser)
577 const user: User = res.body
579 expect(user.username).to.equal('user_1')
580 expect(user.email).to.equal('updated@example.com')
581 expect(user.nsfwPolicy).to.equal('do_not_list')
582 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
583 expect(user.id).to.be.a('number')
584 expect(user.account.displayName).to.equal('new display name')
585 expect(user.account.description).to.equal('my super description updated')
586 expect(user.noWelcomeModal).to.be.false
587 expect(user.noInstanceConfigWarningModal).to.be.false
590 it('Should be able to update my theme', async function () {
591 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
594 accessToken: accessTokenUser,
598 const res = await getMyUserInformation(server.url, accessTokenUser)
599 const body: User = res.body
601 expect(body.theme).to.equal(theme)
605 it('Should be able to update my modal preferences', async function () {
608 accessToken: accessTokenUser,
609 noInstanceConfigWarningModal: true,
613 const res = await getMyUserInformation(server.url, accessTokenUser)
614 const user: User = res.body
616 expect(user.noWelcomeModal).to.be.true
617 expect(user.noInstanceConfigWarningModal).to.be.true
621 describe('Updating another user', function () {
623 it('Should be able to update another user', async function () {
628 email: 'updated2@example.com',
631 role: UserRole.MODERATOR,
632 adminFlags: UserAdminFlag.NONE
635 const res = await getUserInformation(server.url, accessToken, userId)
636 const user = res.body
638 expect(user.username).to.equal('user_1')
639 expect(user.email).to.equal('updated2@example.com')
640 expect(user.emailVerified).to.be.true
641 expect(user.nsfwPolicy).to.equal('do_not_list')
642 expect(user.videoQuota).to.equal(42)
643 expect(user.roleLabel).to.equal('Moderator')
644 expect(user.id).to.be.a('number')
645 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
648 it('Should have removed the user token', async function () {
649 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
651 accessTokenUser = await userLogin(server, user)
654 it('Should be able to update another user password', async function () {
659 password: 'password updated'
662 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
664 await userLogin(server, user, 400)
666 user.password = 'password updated'
667 accessTokenUser = await userLogin(server, user)
671 describe('Video blacklists', function () {
672 it('Should be able to list video blacklist by a moderator', async function () {
673 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
677 describe('Remove a user', function () {
678 it('Should be able to remove this user', async function () {
679 await removeUser(server.url, userId, accessToken)
682 it('Should not be able to login with this user', async function () {
683 await userLogin(server, user, 400)
686 it('Should not have videos of this user', async function () {
687 const res = await getVideosList(server.url)
689 expect(res.body.total).to.equal(1)
691 const video = res.body.data[ 0 ]
692 expect(video.account.name).to.equal('root')
696 describe('Registering a new user', function () {
697 it('Should register a new user', async function () {
698 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
699 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
701 await registerUserWithChannel({ url: server.url, user, channel })
704 it('Should be able to login with this registered user', async function () {
707 password: 'my super password'
710 accessToken = await userLogin(server, user15)
713 it('Should have the correct display name', async function () {
714 const res = await getMyUserInformation(server.url, accessToken)
715 const user: User = res.body
717 expect(user.account.displayName).to.equal('super user 15')
720 it('Should have the correct video quota', async function () {
721 const res = await getMyUserInformation(server.url, accessToken)
722 const user = res.body
724 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
727 it('Should have created the channel', async function () {
728 const res = await getVideoChannel(server.url, 'my_user_15_channel')
730 expect(res.body.displayName).to.equal('my channel rocks')
733 it('Should remove me', async function () {
735 const res = await getUsersList(server.url, server.accessToken)
736 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
739 await deleteMe(server.url, accessToken)
742 const res = await getUsersList(server.url, server.accessToken)
743 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
748 describe('User blocking', function () {
749 it('Should block and unblock a user', async function () {
752 password: 'my super password'
754 const resUser = await createUser({
756 accessToken: server.accessToken,
757 username: user16.username,
758 password: user16.password
760 const user16Id = resUser.body.user.id
762 accessToken = await userLogin(server, user16)
764 await getMyUserInformation(server.url, accessToken, 200)
765 await blockUser(server.url, user16Id, server.accessToken)
767 await getMyUserInformation(server.url, accessToken, 401)
768 await userLogin(server, user16, 400)
770 await unblockUser(server.url, user16Id, server.accessToken)
771 accessToken = await userLogin(server, user16)
772 await getMyUserInformation(server.url, accessToken, 200)
776 after(async function () {
777 await cleanupTests([ server ])