1 /* tslint:disable:no-unused-expression */
3 import * as chai from 'chai'
5 import { User, UserRole, Video, MyUser } from '../../../../shared/index'
13 getBlacklistedVideosList,
15 getMyUserVideoQuotaUsed,
19 getUsersListPaginationAndSort,
21 getVideosList, installPlugin,
25 registerUserWithChannel,
36 } from '../../../../shared/extra-utils'
37 import { follow } from '../../../../shared/extra-utils/server/follows'
38 import { setAccessTokensToServers } from '../../../../shared/extra-utils/users/login'
39 import { getMyVideos } from '../../../../shared/extra-utils/videos/videos'
40 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
42 const expect = chai.expect
44 describe('Test users', function () {
45 let server: ServerInfo
46 let accessToken: string
47 let accessTokenUser: string
52 password: 'super password'
55 before(async function () {
57 server = await flushAndRunServer(1)
59 await setAccessTokensToServers([ server ])
61 await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' })
64 describe('OAuth client', function () {
65 it('Should create a new client')
67 it('Should return the first client')
69 it('Should remove the last client')
71 it('Should not login with an invalid client id', async function () {
72 const client = { id: 'client', secret: server.client.secret }
73 const res = await login(server.url, client, server.user, 400)
75 expect(res.body.error).to.contain('client is invalid')
78 it('Should not login with an invalid client secret', async function () {
79 const client = { id: server.client.id, secret: 'coucou' }
80 const res = await login(server.url, client, server.user, 400)
82 expect(res.body.error).to.contain('client is invalid')
86 describe('Login', function () {
88 it('Should not login with an invalid username', async function () {
89 const user = { username: 'captain crochet', password: server.user.password }
90 const res = await login(server.url, server.client, user, 400)
92 expect(res.body.error).to.contain('credentials are invalid')
95 it('Should not login with an invalid password', async function () {
96 const user = { username: server.user.username, password: 'mew_three' }
97 const res = await login(server.url, server.client, user, 400)
99 expect(res.body.error).to.contain('credentials are invalid')
102 it('Should not be able to upload a video', async function () {
103 accessToken = 'my_super_token'
105 const videoAttributes = {}
106 await uploadVideo(server.url, accessToken, videoAttributes, 401)
109 it('Should not be able to follow', async function () {
110 accessToken = 'my_super_token'
111 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
114 it('Should not be able to unfollow')
116 it('Should be able to login', async function () {
117 const res = await login(server.url, server.client, server.user, 200)
119 accessToken = res.body.access_token
122 it('Should be able to login with an insensitive username', async function () {
123 const user = { username: 'RoOt', password: server.user.password }
124 const res = await login(server.url, server.client, user, 200)
126 const user2 = { username: 'rOoT', password: server.user.password }
127 const res2 = await login(server.url, server.client, user2, 200)
129 const user3 = { username: 'ROOt', password: server.user.password }
130 const res3 = await login(server.url, server.client, user3, 200)
134 describe('Upload', function () {
136 it('Should upload the video with the correct token', async function () {
137 const videoAttributes = {}
138 await uploadVideo(server.url, accessToken, videoAttributes)
139 const res = await getVideosList(server.url)
140 const video = res.body.data[ 0 ]
142 expect(video.account.name).to.equal('root')
146 it('Should upload the video again with the correct token', async function () {
147 const videoAttributes = {}
148 await uploadVideo(server.url, accessToken, videoAttributes)
152 describe('Ratings', function () {
154 it('Should retrieve a video rating', async function () {
155 await rateVideo(server.url, accessToken, videoId, 'like')
156 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
157 const rating = res.body
159 expect(rating.videoId).to.equal(videoId)
160 expect(rating.rating).to.equal('like')
163 it('Should retrieve ratings list', async function () {
164 await rateVideo(server.url, accessToken, videoId, 'like')
166 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
167 const ratings = res.body
169 expect(ratings.total).to.equal(1)
170 expect(ratings.data[ 0 ].video.id).to.equal(videoId)
171 expect(ratings.data[ 0 ].rating).to.equal('like')
174 it('Should retrieve ratings list by rating type', async function () {
176 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
177 const ratings = res.body
178 expect(ratings.data.length).to.equal(1)
182 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
183 const ratings = res.body
184 expect(ratings.data.length).to.equal(0)
189 describe('Remove video', function () {
190 it('Should not be able to remove the video with an incorrect token', async function () {
191 await removeVideo(server.url, 'bad_token', videoId, 401)
194 it('Should not be able to remove the video with the token of another account')
196 it('Should be able to remove the video with the correct token', async function () {
197 await removeVideo(server.url, accessToken, videoId)
201 describe('Logout', function () {
202 it('Should logout (revoke token)')
204 it('Should not be able to get the user information')
206 it('Should not be able to upload a video')
208 it('Should not be able to remove a video')
210 it('Should not be able to rate a video', async function () {
211 const path = '/api/v1/videos/'
218 path: path + videoId,
219 token: 'wrong token',
221 statusCodeExpected: 401
223 await makePutBodyRequest(options)
226 it('Should be able to login again')
228 it('Should have an expired access token')
230 it('Should refresh the token')
232 it('Should be able to upload a video again')
235 describe('Creating a user', function () {
237 it('Should be able to create a new user', async function () {
240 accessToken: accessToken,
241 username: user.username,
242 password: user.password,
243 videoQuota: 2 * 1024 * 1024,
244 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
248 it('Should be able to login with this user', async function () {
249 accessTokenUser = await userLogin(server, user)
252 it('Should be able to get user information', async function () {
253 const res1 = await getMyUserInformation(server.url, accessTokenUser)
254 const userMe: User & MyUser = res1.body
256 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id)
257 const userGet: User = res2.body
259 for (const user of [ userMe, userGet ]) {
260 expect(user.username).to.equal('user_1')
261 expect(user.email).to.equal('user_1@example.com')
262 expect(user.nsfwPolicy).to.equal('display')
263 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
264 expect(user.roleLabel).to.equal('User')
265 expect(user.id).to.be.a('number')
266 expect(user.account.displayName).to.equal('user_1')
267 expect(user.account.description).to.be.null
270 expect(userMe.adminFlags).to.be.undefined
271 expect(userGet.adminFlags).to.equal(UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST)
273 expect(userMe.specialPlaylists).to.have.lengthOf(1)
277 describe('My videos & quotas', function () {
279 it('Should be able to upload a video with this user', async function () {
282 const videoAttributes = {
283 name: 'super user video',
284 fixture: 'video_short.webm'
286 await uploadVideo(server.url, accessTokenUser, videoAttributes)
289 it('Should have video quota updated', async function () {
290 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
291 const data = res.body
293 expect(data.videoQuotaUsed).to.equal(218910)
295 const resUsers = await getUsersList(server.url, server.accessToken)
297 const users: User[] = resUsers.body.data
298 const tmpUser = users.find(u => u.username === user.username)
299 expect(tmpUser.videoQuotaUsed).to.equal(218910)
302 it('Should be able to list my videos', async function () {
303 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
304 expect(res.body.total).to.equal(1)
306 const videos = res.body.data
307 expect(videos).to.have.lengthOf(1)
309 const video: Video = videos[ 0 ]
310 expect(video.name).to.equal('super user video')
311 expect(video.thumbnailPath).to.not.be.null
312 expect(video.previewPath).to.not.be.null
315 it('Should be able to search in my videos', async function () {
317 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
318 expect(res.body.total).to.equal(1)
320 const videos = res.body.data
321 expect(videos).to.have.lengthOf(1)
325 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
326 expect(res.body.total).to.equal(0)
328 const videos = res.body.data
329 expect(videos).to.have.lengthOf(0)
334 describe('Users listing', function () {
336 it('Should list all the users', async function () {
337 const res = await getUsersList(server.url, server.accessToken)
338 const result = res.body
339 const total = result.total
340 const users = result.data
342 expect(total).to.equal(2)
343 expect(users).to.be.an('array')
344 expect(users.length).to.equal(2)
346 const user = users[ 0 ]
347 expect(user.username).to.equal('user_1')
348 expect(user.email).to.equal('user_1@example.com')
349 expect(user.nsfwPolicy).to.equal('display')
351 const rootUser = users[ 1 ]
352 expect(rootUser.username).to.equal('root')
353 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
354 expect(user.nsfwPolicy).to.equal('display')
359 it('Should list only the first user by username asc', async function () {
360 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
362 const result = res.body
363 const total = result.total
364 const users = result.data
366 expect(total).to.equal(2)
367 expect(users.length).to.equal(1)
369 const user = users[ 0 ]
370 expect(user.username).to.equal('root')
371 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
372 expect(user.roleLabel).to.equal('Administrator')
373 expect(user.nsfwPolicy).to.equal('display')
376 it('Should list only the first user by username desc', async function () {
377 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
378 const result = res.body
379 const total = result.total
380 const users = result.data
382 expect(total).to.equal(2)
383 expect(users.length).to.equal(1)
385 const user = users[ 0 ]
386 expect(user.username).to.equal('user_1')
387 expect(user.email).to.equal('user_1@example.com')
388 expect(user.nsfwPolicy).to.equal('display')
391 it('Should list only the second user by createdAt desc', async function () {
392 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
393 const result = res.body
394 const total = result.total
395 const users = result.data
397 expect(total).to.equal(2)
398 expect(users.length).to.equal(1)
400 const user = users[ 0 ]
401 expect(user.username).to.equal('user_1')
402 expect(user.email).to.equal('user_1@example.com')
403 expect(user.nsfwPolicy).to.equal('display')
406 it('Should list all the users by createdAt asc', async function () {
407 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
408 const result = res.body
409 const total = result.total
410 const users = result.data
412 expect(total).to.equal(2)
413 expect(users.length).to.equal(2)
415 expect(users[ 0 ].username).to.equal('root')
416 expect(users[ 0 ].email).to.equal('admin' + server.internalServerNumber + '@example.com')
417 expect(users[ 0 ].nsfwPolicy).to.equal('display')
419 expect(users[ 1 ].username).to.equal('user_1')
420 expect(users[ 1 ].email).to.equal('user_1@example.com')
421 expect(users[ 1 ].nsfwPolicy).to.equal('display')
424 it('Should search user by username', async function () {
425 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
426 const users = res.body.data as User[]
428 expect(res.body.total).to.equal(1)
429 expect(users.length).to.equal(1)
431 expect(users[ 0 ].username).to.equal('root')
434 it('Should search user by email', async function () {
436 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
437 const users = res.body.data as User[]
439 expect(res.body.total).to.equal(1)
440 expect(users.length).to.equal(1)
442 expect(users[ 0 ].username).to.equal('user_1')
443 expect(users[ 0 ].email).to.equal('user_1@example.com')
447 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
448 const users = res.body.data as User[]
450 expect(res.body.total).to.equal(2)
451 expect(users.length).to.equal(2)
453 expect(users[ 0 ].username).to.equal('root')
454 expect(users[ 1 ].username).to.equal('user_1')
459 describe('Update my account', function () {
460 it('Should update my password', async function () {
463 accessToken: accessTokenUser,
464 currentPassword: 'super password',
465 password: 'new password'
467 user.password = 'new password'
469 await userLogin(server, user, 200)
472 it('Should be able to change the NSFW display attribute', async function () {
475 accessToken: accessTokenUser,
476 nsfwPolicy: 'do_not_list'
479 const res = await getMyUserInformation(server.url, accessTokenUser)
480 const user = res.body
482 expect(user.username).to.equal('user_1')
483 expect(user.email).to.equal('user_1@example.com')
484 expect(user.nsfwPolicy).to.equal('do_not_list')
485 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
486 expect(user.id).to.be.a('number')
487 expect(user.account.displayName).to.equal('user_1')
488 expect(user.account.description).to.be.null
491 it('Should be able to change the autoPlayVideo attribute', async function () {
494 accessToken: accessTokenUser,
498 const res = await getMyUserInformation(server.url, accessTokenUser)
499 const user = res.body
501 expect(user.autoPlayVideo).to.be.false
504 it('Should be able to change the autoPlayNextVideo attribute', async function () {
507 accessToken: accessTokenUser,
508 autoPlayNextVideo: true
511 const res = await getMyUserInformation(server.url, accessTokenUser)
512 const user = res.body
514 expect(user.autoPlayNextVideo).to.be.true
517 it('Should be able to change the email attribute', async function () {
520 accessToken: accessTokenUser,
521 currentPassword: 'new password',
522 email: 'updated@example.com'
525 const res = await getMyUserInformation(server.url, accessTokenUser)
526 const user = res.body
528 expect(user.username).to.equal('user_1')
529 expect(user.email).to.equal('updated@example.com')
530 expect(user.nsfwPolicy).to.equal('do_not_list')
531 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
532 expect(user.id).to.be.a('number')
533 expect(user.account.displayName).to.equal('user_1')
534 expect(user.account.description).to.be.null
537 it('Should be able to update my avatar', async function () {
538 const fixture = 'avatar.png'
540 await updateMyAvatar({
542 accessToken: accessTokenUser,
546 const res = await getMyUserInformation(server.url, accessTokenUser)
547 const user = res.body
549 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
552 it('Should be able to update my display name', async function () {
555 accessToken: accessTokenUser,
556 displayName: 'new display name'
559 const res = await getMyUserInformation(server.url, accessTokenUser)
560 const user = res.body
562 expect(user.username).to.equal('user_1')
563 expect(user.email).to.equal('updated@example.com')
564 expect(user.nsfwPolicy).to.equal('do_not_list')
565 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
566 expect(user.id).to.be.a('number')
567 expect(user.account.displayName).to.equal('new display name')
568 expect(user.account.description).to.be.null
571 it('Should be able to update my description', async function () {
574 accessToken: accessTokenUser,
575 description: 'my super description updated'
578 const res = await getMyUserInformation(server.url, accessTokenUser)
579 const user: User = res.body
581 expect(user.username).to.equal('user_1')
582 expect(user.email).to.equal('updated@example.com')
583 expect(user.nsfwPolicy).to.equal('do_not_list')
584 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
585 expect(user.id).to.be.a('number')
586 expect(user.account.displayName).to.equal('new display name')
587 expect(user.account.description).to.equal('my super description updated')
588 expect(user.noWelcomeModal).to.be.false
589 expect(user.noInstanceConfigWarningModal).to.be.false
592 it('Should be able to update my theme', async function () {
593 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
596 accessToken: accessTokenUser,
600 const res = await getMyUserInformation(server.url, accessTokenUser)
601 const body: User = res.body
603 expect(body.theme).to.equal(theme)
607 it('Should be able to update my modal preferences', async function () {
610 accessToken: accessTokenUser,
611 noInstanceConfigWarningModal: true,
615 const res = await getMyUserInformation(server.url, accessTokenUser)
616 const user: User = res.body
618 expect(user.noWelcomeModal).to.be.true
619 expect(user.noInstanceConfigWarningModal).to.be.true
623 describe('Updating another user', function () {
625 it('Should be able to update another user', async function () {
630 email: 'updated2@example.com',
633 role: UserRole.MODERATOR,
634 adminFlags: UserAdminFlag.NONE
637 const res = await getUserInformation(server.url, accessToken, userId)
638 const user = res.body
640 expect(user.username).to.equal('user_1')
641 expect(user.email).to.equal('updated2@example.com')
642 expect(user.emailVerified).to.be.true
643 expect(user.nsfwPolicy).to.equal('do_not_list')
644 expect(user.videoQuota).to.equal(42)
645 expect(user.roleLabel).to.equal('Moderator')
646 expect(user.id).to.be.a('number')
647 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
650 it('Should have removed the user token', async function () {
651 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
653 accessTokenUser = await userLogin(server, user)
656 it('Should be able to update another user password', async function () {
661 password: 'password updated'
664 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
666 await userLogin(server, user, 400)
668 user.password = 'password updated'
669 accessTokenUser = await userLogin(server, user)
673 describe('Video blacklists', function () {
674 it('Should be able to list video blacklist by a moderator', async function () {
675 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
679 describe('Remove a user', function () {
680 it('Should be able to remove this user', async function () {
681 await removeUser(server.url, userId, accessToken)
684 it('Should not be able to login with this user', async function () {
685 await userLogin(server, user, 400)
688 it('Should not have videos of this user', async function () {
689 const res = await getVideosList(server.url)
691 expect(res.body.total).to.equal(1)
693 const video = res.body.data[ 0 ]
694 expect(video.account.name).to.equal('root')
698 describe('Registering a new user', function () {
699 it('Should register a new user', async function () {
700 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
701 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
703 await registerUserWithChannel({ url: server.url, user, channel })
706 it('Should be able to login with this registered user', async function () {
709 password: 'my super password'
712 accessToken = await userLogin(server, user15)
715 it('Should have the correct display name', async function () {
716 const res = await getMyUserInformation(server.url, accessToken)
717 const user: User = res.body
719 expect(user.account.displayName).to.equal('super user 15')
722 it('Should have the correct video quota', async function () {
723 const res = await getMyUserInformation(server.url, accessToken)
724 const user = res.body
726 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
729 it('Should have created the channel', async function () {
730 const res = await getVideoChannel(server.url, 'my_user_15_channel')
732 expect(res.body.displayName).to.equal('my channel rocks')
735 it('Should remove me', async function () {
737 const res = await getUsersList(server.url, server.accessToken)
738 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
741 await deleteMe(server.url, accessToken)
744 const res = await getUsersList(server.url, server.accessToken)
745 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
750 describe('User blocking', function () {
751 it('Should block and unblock a user', async function () {
754 password: 'my super password'
756 const resUser = await createUser({
758 accessToken: server.accessToken,
759 username: user16.username,
760 password: user16.password
762 const user16Id = resUser.body.user.id
764 accessToken = await userLogin(server, user16)
766 await getMyUserInformation(server.url, accessToken, 200)
767 await blockUser(server.url, user16Id, server.accessToken)
769 await getMyUserInformation(server.url, accessToken, 401)
770 await userLogin(server, user16, 400)
772 await unblockUser(server.url, user16Id, server.accessToken)
773 accessToken = await userLogin(server, user16)
774 await getMyUserInformation(server.url, accessToken, 200)
778 after(async function () {
779 await cleanupTests([ server ])