1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole, Video, MyUser, VideoPlaylistType } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
21 getVideosList, installPlugin,
25 registerUserWithChannel,
36 } from '../../../../shared/extra-utils'
37 import { follow } from '../../../../shared/extra-utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
39 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
57 server = await flushAndRunServer(1)
59 await setAccessTokensToServers([ server ])
61 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
64 describe('OAuth client', function () {
65 it('Should create a new client')
67 it('Should return the first client')
69 it('Should remove the last client')
71 it('Should not login with an invalid client id', async function () {
72 const client = { id: 'client', secret: server.client.secret }
73 const res = await login(server.url, client, server.user, 400)
75 expect(res.body.error).to.contain('client is invalid')
78 it('Should not login with an invalid client secret', async function () {
79 const client = { id: server.client.id, secret: 'coucou' }
80 const res = await login(server.url, client, server.user, 400)
82 expect(res.body.error).to.contain('client is invalid')
86 describe('Login', function () {
88 it('Should not login with an invalid username', async function () {
89 const user = { username: 'captain crochet', password: server.user.password }
90 const res = await login(server.url, server.client, user, 400)
92 expect(res.body.error).to.contain('credentials are invalid')
95 it('Should not login with an invalid password', async function () {
96 const user = { username: server.user.username, password: 'mew_three' }
97 const res = await login(server.url, server.client, user, 400)
99 expect(res.body.error).to.contain('credentials are invalid')
102 it('Should not be able to upload a video', async function () {
103 accessToken = 'my_super_token'
105 const videoAttributes = {}
106 await uploadVideo(server.url, accessToken, videoAttributes, 401)
109 it('Should not be able to follow', async function () {
110 accessToken = 'my_super_token'
111 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
114 it('Should not be able to unfollow')
116 it('Should be able to login', async function () {
117 const res = await login(server.url, server.client, server.user, 200)
119 accessToken = res.body.access_token
122 it('Should be able to login with an insensitive username', async function () {
123 const user = { username: 'RoOt', password: server.user.password }
124 const res = await login(server.url, server.client, user, 200)
126 const user2 = { username: 'rOoT', password: server.user.password }
127 const res2 = await login(server.url, server.client, user2, 200)
129 const user3 = { username: 'ROOt', password: server.user.password }
130 const res3 = await login(server.url, server.client, user3, 200)
134 describe('Upload', function () {
136 it('Should upload the video with the correct token', async function () {
137 const videoAttributes = {}
138 await uploadVideo(server.url, accessToken, videoAttributes)
139 const res = await getVideosList(server.url)
140 const video = res.body.data[ 0 ]
142 expect(video.account.name).to.equal('root')
146 it('Should upload the video again with the correct token', async function () {
147 const videoAttributes = {}
148 await uploadVideo(server.url, accessToken, videoAttributes)
152 describe('Ratings', function () {
154 it('Should retrieve a video rating', async function () {
155 await rateVideo(server.url, accessToken, videoId, 'like')
156 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
157 const rating = res.body
159 expect(rating.videoId).to.equal(videoId)
160 expect(rating.rating).to.equal('like')
163 it('Should retrieve ratings list', async function () {
164 await rateVideo(server.url, accessToken, videoId, 'like')
166 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
167 const ratings = res.body
169 expect(ratings.total).to.equal(1)
170 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
171 expect(ratings.data[ 0 ].rating).to.equal('like')
174 it('Should retrieve ratings list by rating type', async function () {
176 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
177 const ratings = res.body
178 expect(ratings.data.length).to.equal(1)
182 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
183 const ratings = res.body
184 expect(ratings.data.length).to.equal(0)
189 describe('Remove video', function () {
190 it('Should not be able to remove the video with an incorrect token', async function () {
191 await removeVideo(server.url, 'bad_token', videoId, 401)
194 it('Should not be able to remove the video with the token of another account')
196 it('Should be able to remove the video with the correct token', async function () {
197 await removeVideo(server.url, accessToken, videoId)
201 describe('Logout', function () {
202 it('Should logout (revoke token)')
204 it('Should not be able to get the user information')
206 it('Should not be able to upload a video')
208 it('Should not be able to remove a video')
210 it('Should not be able to rate a video', async function () {
211 const path = '/api/v1/videos/'
218 path: path + videoId,
219 token: 'wrong token',
221 statusCodeExpected: 401
223 await makePutBodyRequest(options)
226 it('Should be able to login again')
228 it('Should have an expired access token')
230 it('Should refresh the token')
232 it('Should be able to upload a video again')
235 describe('Creating a user', function () {
237 it('Should be able to create a new user', async function () {
240 accessToken: accessToken,
241 username: user.username,
242 password: user.password,
243 videoQuota: 2 * 1024 * 1024,
244 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
248 it('Should be able to login with this user', async function () {
249 accessTokenUser = await userLogin(server, user)
252 it('Should be able to get user information', async function () {
253 const res1 = await getMyUserInformation(server.url, accessTokenUser)
254 const userMe: MyUser = res1.body
256 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
257 const userGet: User = res2.body
259 for (const user of [ userMe, userGet ]) {
260 expect(user.username).to.equal('user_1')
261 expect(user.email).to.equal('user_1@example.com')
262 expect(user.nsfwPolicy).to.equal('display')
263 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
264 expect(user.roleLabel).to.equal('User')
265 expect(user.id).to.be.a('number')
266 expect(user.account.displayName).to.equal('user_1')
267 expect(user.account.description).to.be.null
270 expect(userMe.adminFlags).to.be.undefined
271 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
273 expect(userMe.specialPlaylists).to.have.lengthOf(1)
274 expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
278 describe('My videos & quotas', function () {
280 it('Should be able to upload a video with this user', async function () {
283 const videoAttributes = {
284 name: 'super user video',
285 fixture: 'video_short.webm'
287 await uploadVideo(server.url, accessTokenUser, videoAttributes)
290 it('Should have video quota updated', async function () {
291 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
292 const data = res.body
294 expect(data.videoQuotaUsed).to.equal(218910)
296 const resUsers = await getUsersList(server.url, server.accessToken)
298 const users: User[] = resUsers.body.data
299 const tmpUser = users.find(u => u.username === user.username)
300 expect(tmpUser.videoQuotaUsed).to.equal(218910)
303 it('Should be able to list my videos', async function () {
304 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
305 expect(res.body.total).to.equal(1)
307 const videos = res.body.data
308 expect(videos).to.have.lengthOf(1)
310 const video: Video = videos[ 0 ]
311 expect(video.name).to.equal('super user video')
312 expect(video.thumbnailPath).to.not.be.null
313 expect(video.previewPath).to.not.be.null
316 it('Should be able to search in my videos', async function () {
318 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
319 expect(res.body.total).to.equal(1)
321 const videos = res.body.data
322 expect(videos).to.have.lengthOf(1)
326 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
327 expect(res.body.total).to.equal(0)
329 const videos = res.body.data
330 expect(videos).to.have.lengthOf(0)
335 describe('Users listing', function () {
337 it('Should list all the users', async function () {
338 const res = await getUsersList(server.url, server.accessToken)
339 const result = res.body
340 const total = result.total
341 const users = result.data
343 expect(total).to.equal(2)
344 expect(users).to.be.an('array')
345 expect(users.length).to.equal(2)
347 const user = users[ 0 ]
348 expect(user.username).to.equal('user_1')
349 expect(user.email).to.equal('user_1@example.com')
350 expect(user.nsfwPolicy).to.equal('display')
352 const rootUser = users[ 1 ]
353 expect(rootUser.username).to.equal('root')
354 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
355 expect(user.nsfwPolicy).to.equal('display')
360 it('Should list only the first user by username asc', async function () {
361 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
363 const result = res.body
364 const total = result.total
365 const users = result.data
367 expect(total).to.equal(2)
368 expect(users.length).to.equal(1)
370 const user = users[ 0 ]
371 expect(user.username).to.equal('root')
372 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
373 expect(user.roleLabel).to.equal('Administrator')
374 expect(user.nsfwPolicy).to.equal('display')
377 it('Should list only the first user by username desc', async function () {
378 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
379 const result = res.body
380 const total = result.total
381 const users = result.data
383 expect(total).to.equal(2)
384 expect(users.length).to.equal(1)
386 const user = users[ 0 ]
387 expect(user.username).to.equal('user_1')
388 expect(user.email).to.equal('user_1@example.com')
389 expect(user.nsfwPolicy).to.equal('display')
392 it('Should list only the second user by createdAt desc', async function () {
393 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
394 const result = res.body
395 const total = result.total
396 const users = result.data
398 expect(total).to.equal(2)
399 expect(users.length).to.equal(1)
401 const user = users[ 0 ]
402 expect(user.username).to.equal('user_1')
403 expect(user.email).to.equal('user_1@example.com')
404 expect(user.nsfwPolicy).to.equal('display')
407 it('Should list all the users by createdAt asc', async function () {
408 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
409 const result = res.body
410 const total = result.total
411 const users = result.data
413 expect(total).to.equal(2)
414 expect(users.length).to.equal(2)
416 expect(users[ 0 ].username).to.equal('root')
417 expect(users[ 0 ].email).to.equal('admin' + server.internalServerNumber + '@example.com')
418 expect(users[ 0 ].nsfwPolicy).to.equal('display')
420 expect(users[ 1 ].username).to.equal('user_1')
421 expect(users[ 1 ].email).to.equal('user_1@example.com')
422 expect(users[ 1 ].nsfwPolicy).to.equal('display')
425 it('Should search user by username', async function () {
426 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
427 const users = res.body.data as User[]
429 expect(res.body.total).to.equal(1)
430 expect(users.length).to.equal(1)
432 expect(users[ 0 ].username).to.equal('root')
435 it('Should search user by email', async function () {
437 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
438 const users = res.body.data as User[]
440 expect(res.body.total).to.equal(1)
441 expect(users.length).to.equal(1)
443 expect(users[ 0 ].username).to.equal('user_1')
444 expect(users[ 0 ].email).to.equal('user_1@example.com')
448 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
449 const users = res.body.data as User[]
451 expect(res.body.total).to.equal(2)
452 expect(users.length).to.equal(2)
454 expect(users[ 0 ].username).to.equal('root')
455 expect(users[ 1 ].username).to.equal('user_1')
460 describe('Update my account', function () {
461 it('Should update my password', async function () {
464 accessToken: accessTokenUser,
465 currentPassword: 'super password',
466 password: 'new password'
468 user.password = 'new password'
470 await userLogin(server, user, 200)
473 it('Should be able to change the NSFW display attribute', async function () {
476 accessToken: accessTokenUser,
477 nsfwPolicy: 'do_not_list'
480 const res = await getMyUserInformation(server.url, accessTokenUser)
481 const user = res.body
483 expect(user.username).to.equal('user_1')
484 expect(user.email).to.equal('user_1@example.com')
485 expect(user.nsfwPolicy).to.equal('do_not_list')
486 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
487 expect(user.id).to.be.a('number')
488 expect(user.account.displayName).to.equal('user_1')
489 expect(user.account.description).to.be.null
492 it('Should be able to change the autoPlayVideo attribute', async function () {
495 accessToken: accessTokenUser,
499 const res = await getMyUserInformation(server.url, accessTokenUser)
500 const user = res.body
502 expect(user.autoPlayVideo).to.be.false
505 it('Should be able to change the autoPlayNextVideo attribute', async function () {
508 accessToken: accessTokenUser,
509 autoPlayNextVideo: true
512 const res = await getMyUserInformation(server.url, accessTokenUser)
513 const user = res.body
515 expect(user.autoPlayNextVideo).to.be.true
518 it('Should be able to change the email attribute', async function () {
521 accessToken: accessTokenUser,
522 currentPassword: 'new password',
523 email: 'updated@example.com'
526 const res = await getMyUserInformation(server.url, accessTokenUser)
527 const user = res.body
529 expect(user.username).to.equal('user_1')
530 expect(user.email).to.equal('updated@example.com')
531 expect(user.nsfwPolicy).to.equal('do_not_list')
532 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
533 expect(user.id).to.be.a('number')
534 expect(user.account.displayName).to.equal('user_1')
535 expect(user.account.description).to.be.null
538 it('Should be able to update my avatar', async function () {
539 const fixture = 'avatar.png'
541 await updateMyAvatar({
543 accessToken: accessTokenUser,
547 const res = await getMyUserInformation(server.url, accessTokenUser)
548 const user = res.body
550 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
553 it('Should be able to update my display name', async function () {
556 accessToken: accessTokenUser,
557 displayName: 'new display name'
560 const res = await getMyUserInformation(server.url, accessTokenUser)
561 const user = res.body
563 expect(user.username).to.equal('user_1')
564 expect(user.email).to.equal('updated@example.com')
565 expect(user.nsfwPolicy).to.equal('do_not_list')
566 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
567 expect(user.id).to.be.a('number')
568 expect(user.account.displayName).to.equal('new display name')
569 expect(user.account.description).to.be.null
572 it('Should be able to update my description', async function () {
575 accessToken: accessTokenUser,
576 description: 'my super description updated'
579 const res = await getMyUserInformation(server.url, accessTokenUser)
580 const user: User = res.body
582 expect(user.username).to.equal('user_1')
583 expect(user.email).to.equal('updated@example.com')
584 expect(user.nsfwPolicy).to.equal('do_not_list')
585 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
586 expect(user.id).to.be.a('number')
587 expect(user.account.displayName).to.equal('new display name')
588 expect(user.account.description).to.equal('my super description updated')
589 expect(user.noWelcomeModal).to.be.false
590 expect(user.noInstanceConfigWarningModal).to.be.false
593 it('Should be able to update my theme', async function () {
594 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
597 accessToken: accessTokenUser,
601 const res = await getMyUserInformation(server.url, accessTokenUser)
602 const body: User = res.body
604 expect(body.theme).to.equal(theme)
608 it('Should be able to update my modal preferences', async function () {
611 accessToken: accessTokenUser,
612 noInstanceConfigWarningModal: true,
616 const res = await getMyUserInformation(server.url, accessTokenUser)
617 const user: User = res.body
619 expect(user.noWelcomeModal).to.be.true
620 expect(user.noInstanceConfigWarningModal).to.be.true
624 describe('Updating another user', function () {
626 it('Should be able to update another user', async function () {
631 email: 'updated2@example.com',
634 role: UserRole.MODERATOR,
635 adminFlags: UserAdminFlag.NONE
638 const res = await getUserInformation(server.url, accessToken, userId)
639 const user = res.body
641 expect(user.username).to.equal('user_1')
642 expect(user.email).to.equal('updated2@example.com')
643 expect(user.emailVerified).to.be.true
644 expect(user.nsfwPolicy).to.equal('do_not_list')
645 expect(user.videoQuota).to.equal(42)
646 expect(user.roleLabel).to.equal('Moderator')
647 expect(user.id).to.be.a('number')
648 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
651 it('Should have removed the user token', async function () {
652 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
654 accessTokenUser = await userLogin(server, user)
657 it('Should be able to update another user password', async function () {
662 password: 'password updated'
665 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
667 await userLogin(server, user, 400)
669 user.password = 'password updated'
670 accessTokenUser = await userLogin(server, user)
674 describe('Video blacklists', function () {
675 it('Should be able to list video blacklist by a moderator', async function () {
676 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
680 describe('Remove a user', function () {
681 it('Should be able to remove this user', async function () {
682 await removeUser(server.url, userId, accessToken)
685 it('Should not be able to login with this user', async function () {
686 await userLogin(server, user, 400)
689 it('Should not have videos of this user', async function () {
690 const res = await getVideosList(server.url)
692 expect(res.body.total).to.equal(1)
694 const video = res.body.data[ 0 ]
695 expect(video.account.name).to.equal('root')
699 describe('Registering a new user', function () {
700 it('Should register a new user', async function () {
701 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
702 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
704 await registerUserWithChannel({ url: server.url, user, channel })
707 it('Should be able to login with this registered user', async function () {
710 password: 'my super password'
713 accessToken = await userLogin(server, user15)
716 it('Should have the correct display name', async function () {
717 const res = await getMyUserInformation(server.url, accessToken)
718 const user: User = res.body
720 expect(user.account.displayName).to.equal('super user 15')
723 it('Should have the correct video quota', async function () {
724 const res = await getMyUserInformation(server.url, accessToken)
725 const user = res.body
727 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
730 it('Should have created the channel', async function () {
731 const res = await getVideoChannel(server.url, 'my_user_15_channel')
733 expect(res.body.displayName).to.equal('my channel rocks')
736 it('Should remove me', async function () {
738 const res = await getUsersList(server.url, server.accessToken)
739 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
742 await deleteMe(server.url, accessToken)
745 const res = await getUsersList(server.url, server.accessToken)
746 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
751 describe('User blocking', function () {
752 it('Should block and unblock a user', async function () {
755 password: 'my super password'
757 const resUser = await createUser({
759 accessToken: server.accessToken,
760 username: user16.username,
761 password: user16.password
763 const user16Id = resUser.body.user.id
765 accessToken = await userLogin(server, user16)
767 await getMyUserInformation(server.url, accessToken, 200)
768 await blockUser(server.url, user16Id, server.accessToken)
770 await getMyUserInformation(server.url, accessToken, 401)
771 await userLogin(server, user16, 400)
773 await unblockUser(server.url, user16Id, server.accessToken)
774 accessToken = await userLogin(server, user16)
775 await getMyUserInformation(server.url, accessToken, 200)
779 after(async function () {
780 await cleanupTests([ server ])