1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from "path"
6 import { UserRole } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
12 uploadVideo, userLogin
14 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
16 describe('Test users API validators', function () {
17 const path = '/api/v1/users/'
21 let server: ServerInfo
22 let serverWithRegistrationDisabled: ServerInfo
23 let userAccessToken = ''
25 // ---------------------------------------------------------------
27 before(async function () {
32 server = await runServer(1)
33 serverWithRegistrationDisabled = await runServer(2)
35 await setAccessTokensToServers([ server ])
39 password: 'my super password'
41 const videoQuota = 42000000
42 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
43 userAccessToken = await userLogin(server, user)
45 const res = await uploadVideo(server.url, server.accessToken, {})
46 videoId = res.body.video.id
49 describe('When listing users', function () {
50 it('Should fail with a bad start pagination', async function () {
51 await checkBadStartPagination(server.url, path, server.accessToken)
54 it('Should fail with a bad count pagination', async function () {
55 await checkBadCountPagination(server.url, path, server.accessToken)
58 it('Should fail with an incorrect sort', async function () {
59 await checkBadSortPagination(server.url, path, server.accessToken)
62 it('Should fail with a non authenticated user', async function () {
63 await makeGetRequest({
66 statusCodeExpected: 401
70 it('Should fail with a non admin user', async function () {
71 await makeGetRequest({
74 token: userAccessToken,
75 statusCodeExpected: 403
80 describe('When adding a new user', function () {
81 const baseCorrectParams = {
83 email: 'test@example.com',
84 password: 'my super password',
89 it('Should fail with a too small username', async function () {
90 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
92 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
95 it('Should fail with a too long username', async function () {
96 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
98 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
101 it('Should fail with a not lowercase username', async function () {
102 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
104 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
107 it('Should fail with an incorrect username', async function () {
108 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
110 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
113 it('Should fail with a missing email', async function () {
114 const fields = omit(baseCorrectParams, 'email')
116 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
119 it('Should fail with an invalid email', async function () {
120 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
122 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
125 it('Should fail with a too small password', async function () {
126 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
128 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
131 it('Should fail with a too long password', async function () {
132 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
134 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
137 it('Should fail with an non authenticated user', async function () {
138 await makePostBodyRequest({
141 token: 'super token',
142 fields: baseCorrectParams,
143 statusCodeExpected: 401
147 it('Should fail if we add a user with the same username', async function () {
148 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
150 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
153 it('Should fail if we add a user with the same email', async function () {
154 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
156 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
159 it('Should fail without a videoQuota', async function () {
160 const fields = omit(baseCorrectParams, 'videoQuota')
162 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
165 it('Should fail with an invalid videoQuota', async function () {
166 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
168 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
171 it('Should fail without a user role', async function () {
172 const fields = omit(baseCorrectParams, 'role')
174 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
177 it('Should fail with an invalid user role', async function () {
178 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
180 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
183 it('Should succeed with the correct params', async function () {
184 await makePostBodyRequest({
187 token: server.accessToken,
188 fields: baseCorrectParams,
189 statusCodeExpected: 204
193 it('Should fail with a non admin user', async function () {
196 password: 'my super password'
198 userAccessToken = await userLogin(server, user)
202 email: 'test@example.com',
203 password: 'my super password',
206 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
210 describe('When updating my account', function () {
211 it('Should fail with an invalid email attribute', async function () {
216 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
219 it('Should fail with a too small password', async function () {
224 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
227 it('Should fail with a too long password', async function () {
229 password: 'super'.repeat(61)
232 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
235 it('Should fail with an invalid display NSFW attribute', async function () {
240 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
243 it('Should fail with an invalid autoPlayVideo attribute', async function () {
248 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
251 it('Should fail with an non authenticated user', async function () {
253 password: 'my super password'
256 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
259 it('Should succeed with the correct params', async function () {
261 password: 'my super password',
263 autoPlayVideo: false,
264 email: 'super_email@example.com'
267 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
271 describe('When updating my avatar', function () {
272 it('Should fail without an incorrect input file', async function () {
275 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
277 await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
280 it('Should succeed with the correct params', async function () {
283 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
285 await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
289 describe('When updating a user', function () {
291 before(async function () {
292 const res = await getUsersList(server.url, server.accessToken)
294 userId = res.body.data[1].id
295 rootId = res.body.data[2].id
298 it('Should fail with an invalid email attribute', async function () {
303 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
306 it('Should fail with an invalid videoQuota attribute', async function () {
311 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
314 it('Should fail with an invalid user role attribute', async function () {
319 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
322 it('Should fail with an non authenticated user', async function () {
327 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
330 it('Should succeed with the correct params', async function () {
332 email: 'email@example.com',
334 role: UserRole.MODERATOR
337 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
341 describe('When getting my information', function () {
342 it('Should fail with a non authenticated user', async function () {
343 await getMyUserInformation(server.url, 'fake_token', 401)
346 it('Should success with the correct parameters', async function () {
347 await getMyUserInformation(server.url, userAccessToken)
351 describe('When getting my video rating', function () {
352 it('Should fail with a non authenticated user', async function () {
353 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
356 it('Should fail with an incorrect video uuid', async function () {
357 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
360 it('Should fail with an unknown video', async function () {
361 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
364 it('Should succeed with the correct parameters', async function () {
365 await getMyUserVideoRating(server.url, server.accessToken, videoId)
369 describe('When removing an user', function () {
370 it('Should fail with an incorrect id', async function () {
371 await removeUser(server.url, 'blabla', server.accessToken, 400)
374 it('Should fail with the root user', async function () {
375 await removeUser(server.url, rootId, server.accessToken, 400)
378 it('Should return 404 with a non existing id', async function () {
379 await removeUser(server.url, 4545454, server.accessToken, 404)
383 describe('When register a new user', function () {
384 const registrationPath = path + '/register'
385 const baseCorrectParams = {
387 email: 'test3@example.com',
388 password: 'my super password'
391 it('Should fail with a too small username', async function () {
392 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
394 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
397 it('Should fail with a too long username', async function () {
398 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
400 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
403 it('Should fail with an incorrect username', async function () {
404 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
406 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
409 it('Should fail with a missing email', async function () {
410 const fields = omit(baseCorrectParams, 'email')
412 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
415 it('Should fail with an invalid email', async function () {
416 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
418 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
421 it('Should fail with a too small password', async function () {
422 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
424 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
427 it('Should fail with a too long password', async function () {
428 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
430 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
433 it('Should fail if we register a user with the same username', async function () {
434 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
436 await makePostBodyRequest({
438 path: registrationPath,
439 token: server.accessToken,
441 statusCodeExpected: 409
445 it('Should fail if we register a user with the same email', async function () {
446 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
448 await makePostBodyRequest({
450 path: registrationPath,
451 token: server.accessToken,
453 statusCodeExpected: 409
457 it('Should succeed with the correct params', async function () {
458 await makePostBodyRequest({
460 path: registrationPath,
461 token: server.accessToken,
462 fields: baseCorrectParams,
463 statusCodeExpected: 204
467 it('Should fail on a server with registration disabled', async function () {
470 email: 'test4@example.com',
471 password: 'my super password 4'
474 await makePostBodyRequest({
475 url: serverWithRegistrationDisabled.url,
476 path: registrationPath,
477 token: serverWithRegistrationDisabled.accessToken,
479 statusCodeExpected: 403
484 describe('When registering multiple users on a server with users limit', function () {
485 it('Should fail when after 3 registrations', async function () {
486 await registerUser(server.url, 'user42', 'super password', 403)
490 describe('When having a video quota', function () {
491 it('Should fail with a user having too many video', async function () {
495 accessToken: server.accessToken,
499 await uploadVideo(server.url, server.accessToken, {}, 403)
502 it('Should fail with a registered user having too many video', async function () {
507 password: 'my super password'
509 userAccessToken = await userLogin(server, user)
511 const videoAttributes = { fixture: 'video_short2.webm' }
512 await uploadVideo(server.url, userAccessToken, videoAttributes)
513 await uploadVideo(server.url, userAccessToken, videoAttributes)
514 await uploadVideo(server.url, userAccessToken, videoAttributes)
515 await uploadVideo(server.url, userAccessToken, videoAttributes)
516 await uploadVideo(server.url, userAccessToken, videoAttributes)
517 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
521 after(async function () {
522 killallServers([ server, serverWithRegistrationDisabled ])
524 // Keep the logs if the test failed