Add tests to user roles
This commit is contained in:
parent
954605a804
commit
757f0da370
|
@ -123,7 +123,7 @@ export class AuthUser extends User {
|
||||||
this.tokens.refreshToken = refreshToken
|
this.tokens.refreshToken = refreshToken
|
||||||
}
|
}
|
||||||
|
|
||||||
hasRight(right: UserRight) {
|
hasRight (right: UserRight) {
|
||||||
return hasUserRight(this.role, right)
|
return hasUserRight(this.role, right)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,6 @@ export const USER_VIDEO_QUOTA = {
|
||||||
export const USER_ROLE = {
|
export const USER_ROLE = {
|
||||||
VALIDATORS: [ Validators.required ],
|
VALIDATORS: [ Validators.required ],
|
||||||
MESSAGES: {
|
MESSAGES: {
|
||||||
'required': 'User role is required.',
|
'required': 'User role is required.'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
import * as Sequelize from 'sequelize'
|
import * as Sequelize from 'sequelize'
|
||||||
import * as uuidv4 from 'uuid/v4'
|
|
||||||
|
|
||||||
async function up (utils: {
|
async function up (utils: {
|
||||||
transaction: Sequelize.Transaction,
|
transaction: Sequelize.Transaction,
|
||||||
|
|
|
@ -19,6 +19,7 @@ import {
|
||||||
makePostBodyRequest,
|
makePostBodyRequest,
|
||||||
getUserAccessToken
|
getUserAccessToken
|
||||||
} from '../../utils'
|
} from '../../utils'
|
||||||
|
import { UserRole } from '../../../../shared'
|
||||||
|
|
||||||
describe('Test users API validators', function () {
|
describe('Test users API validators', function () {
|
||||||
const path = '/api/v1/users/'
|
const path = '/api/v1/users/'
|
||||||
|
@ -92,6 +93,7 @@ describe('Test users API validators', function () {
|
||||||
username: 'ji',
|
username: 'ji',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my_super_password',
|
password: 'my_super_password',
|
||||||
|
role: UserRole.USER,
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -103,7 +105,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_super_username_which_is_very_long',
|
username: 'my_super_username_which_is_very_long',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my_super_password',
|
password: 'my_super_password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -114,7 +117,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my username',
|
username: 'my username',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my_super_password',
|
password: 'my_super_password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -124,7 +128,8 @@ describe('Test users API validators', function () {
|
||||||
const fields = {
|
const fields = {
|
||||||
username: 'ji',
|
username: 'ji',
|
||||||
password: 'my_super_password',
|
password: 'my_super_password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -135,7 +140,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_super_username_which_is_very_long',
|
username: 'my_super_username_which_is_very_long',
|
||||||
email: 'test_example.com',
|
email: 'test_example.com',
|
||||||
password: 'my_super_password',
|
password: 'my_super_password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -146,7 +152,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_username',
|
username: 'my_username',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'bla',
|
password: 'bla',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -159,7 +166,8 @@ describe('Test users API validators', function () {
|
||||||
password: 'my super long password which is very very very very very very very very very very very very very very' +
|
password: 'my super long password which is very very very very very very very very very very very very very very' +
|
||||||
'very very very very very very very very very very very very very very very veryv very very very very' +
|
'very very very very very very very very very very very very very very very veryv very very very very' +
|
||||||
'very very very very very very very very very very very very very very very very very very very very long',
|
'very very very very very very very very very very very very very very very very very very very very long',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -170,7 +178,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_username',
|
username: 'my_username',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my super password',
|
password: 'my super password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
|
await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
|
||||||
|
@ -181,7 +190,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'user1',
|
username: 'user1',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my super password',
|
password: 'my super password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
|
||||||
|
@ -192,7 +202,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_username',
|
username: 'my_username',
|
||||||
email: 'user1@example.com',
|
email: 'user1@example.com',
|
||||||
password: 'my super password',
|
password: 'my super password',
|
||||||
videoQuota: 42000000
|
videoQuota: 42000000,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
|
||||||
|
@ -202,7 +213,8 @@ describe('Test users API validators', function () {
|
||||||
const fields = {
|
const fields = {
|
||||||
username: 'my_username',
|
username: 'my_username',
|
||||||
email: 'user1@example.com',
|
email: 'user1@example.com',
|
||||||
password: 'my super password'
|
password: 'my super password',
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -213,7 +225,31 @@ describe('Test users API validators', function () {
|
||||||
username: 'my_username',
|
username: 'my_username',
|
||||||
email: 'user1@example.com',
|
email: 'user1@example.com',
|
||||||
password: 'my super password',
|
password: 'my super password',
|
||||||
videoQuota: -5
|
videoQuota: -5,
|
||||||
|
role: UserRole.USER
|
||||||
|
}
|
||||||
|
|
||||||
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Should fail without a user role', async function () {
|
||||||
|
const fields = {
|
||||||
|
username: 'my_username',
|
||||||
|
email: 'user1@example.com',
|
||||||
|
password: 'my super password',
|
||||||
|
videoQuota: 0
|
||||||
|
}
|
||||||
|
|
||||||
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Should fail with an invalid user role', async function () {
|
||||||
|
const fields = {
|
||||||
|
username: 'my_username',
|
||||||
|
email: 'user1@example.com',
|
||||||
|
password: 'my super password',
|
||||||
|
videoQuota: 0,
|
||||||
|
role: 88989
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
|
||||||
|
@ -224,7 +260,8 @@ describe('Test users API validators', function () {
|
||||||
username: 'user2',
|
username: 'user2',
|
||||||
email: 'test@example.com',
|
email: 'test@example.com',
|
||||||
password: 'my super password',
|
password: 'my super password',
|
||||||
videoQuota: -1
|
videoQuota: -1,
|
||||||
|
role: UserRole.USER
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
|
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
|
||||||
|
@ -327,6 +364,14 @@ describe('Test users API validators', function () {
|
||||||
await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
|
await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
|
||||||
})
|
})
|
||||||
|
|
||||||
|
it('Should fail with an invalid user role attribute', async function () {
|
||||||
|
const fields = {
|
||||||
|
role: 54878
|
||||||
|
}
|
||||||
|
|
||||||
|
await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
|
||||||
|
})
|
||||||
|
|
||||||
it('Should fail with an non authenticated user', async function () {
|
it('Should fail with an non authenticated user', async function () {
|
||||||
const fields = {
|
const fields = {
|
||||||
videoQuota: 42
|
videoQuota: 42
|
||||||
|
@ -338,7 +383,8 @@ describe('Test users API validators', function () {
|
||||||
it('Should succeed with the correct params', async function () {
|
it('Should succeed with the correct params', async function () {
|
||||||
const fields = {
|
const fields = {
|
||||||
email: 'email@example.com',
|
email: 'email@example.com',
|
||||||
videoQuota: 42
|
videoQuota: 42,
|
||||||
|
role: UserRole.MODERATOR
|
||||||
}
|
}
|
||||||
|
|
||||||
await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
|
await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
|
||||||
|
|
|
@ -25,10 +25,12 @@ import {
|
||||||
updateUser,
|
updateUser,
|
||||||
updateMyUser,
|
updateMyUser,
|
||||||
registerUser,
|
registerUser,
|
||||||
removeUser
|
removeUser,
|
||||||
|
killallServers,
|
||||||
|
getUserInformation,
|
||||||
|
getBlacklistedVideosList
|
||||||
} from '../utils'
|
} from '../utils'
|
||||||
import { killallServers } from '../utils/servers'
|
import { UserRole } from '../../../shared'
|
||||||
import { getUserInformation } from '../utils/users'
|
|
||||||
|
|
||||||
describe('Test users', function () {
|
describe('Test users', function () {
|
||||||
let server: ServerInfo
|
let server: ServerInfo
|
||||||
|
@ -188,6 +190,7 @@ describe('Test users', function () {
|
||||||
expect(user.email).to.equal('user_1@example.com')
|
expect(user.email).to.equal('user_1@example.com')
|
||||||
expect(user.displayNSFW).to.be.false
|
expect(user.displayNSFW).to.be.false
|
||||||
expect(user.videoQuota).to.equal(2 * 1024 * 1024)
|
expect(user.videoQuota).to.equal(2 * 1024 * 1024)
|
||||||
|
expect(user.roleLabel).to.equal('User')
|
||||||
expect(user.id).to.be.a('number')
|
expect(user.id).to.be.a('number')
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -234,6 +237,7 @@ describe('Test users', function () {
|
||||||
const user = users[0]
|
const user = users[0]
|
||||||
expect(user.username).to.equal('root')
|
expect(user.username).to.equal('root')
|
||||||
expect(user.email).to.equal('admin1@example.com')
|
expect(user.email).to.equal('admin1@example.com')
|
||||||
|
expect(user.roleLabel).to.equal('Administrator')
|
||||||
expect(user.displayNSFW).to.be.false
|
expect(user.displayNSFW).to.be.false
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -319,7 +323,7 @@ describe('Test users', function () {
|
||||||
})
|
})
|
||||||
|
|
||||||
it('Should be able to update another user', async function () {
|
it('Should be able to update another user', async function () {
|
||||||
await updateUser(server.url, userId, accessToken, 'updated2@example.com', 42)
|
await updateUser(server.url, userId, accessToken, 'updated2@example.com', 42, UserRole.MODERATOR)
|
||||||
|
|
||||||
const res = await getUserInformation(server.url, accessToken, userId)
|
const res = await getUserInformation(server.url, accessToken, userId)
|
||||||
const user = res.body
|
const user = res.body
|
||||||
|
@ -328,9 +332,18 @@ describe('Test users', function () {
|
||||||
expect(user.email).to.equal('updated2@example.com')
|
expect(user.email).to.equal('updated2@example.com')
|
||||||
expect(user.displayNSFW).to.be.ok
|
expect(user.displayNSFW).to.be.ok
|
||||||
expect(user.videoQuota).to.equal(42)
|
expect(user.videoQuota).to.equal(42)
|
||||||
|
expect(user.roleLabel).to.equal('Moderator')
|
||||||
expect(user.id).to.be.a('number')
|
expect(user.id).to.be.a('number')
|
||||||
})
|
})
|
||||||
|
|
||||||
|
it('Should not be able to delete a user by a moderator', async function () {
|
||||||
|
await removeUser(server.url, 2, accessTokenUser, 403)
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Should be able to list video blacklist by a moderator', async function () {
|
||||||
|
await getBlacklistedVideosList(server.url, accessTokenUser)
|
||||||
|
})
|
||||||
|
|
||||||
it('Should be able to remove this user', async function () {
|
it('Should be able to remove this user', async function () {
|
||||||
await removeUser(server.url, userId, accessToken)
|
await removeUser(server.url, userId, accessToken)
|
||||||
})
|
})
|
||||||
|
|
|
@ -1,10 +1,21 @@
|
||||||
import * as request from 'supertest'
|
import * as request from 'supertest'
|
||||||
|
|
||||||
function createUser (url: string, accessToken: string, username: string, password: string, videoQuota = 1000000, specialStatus = 204) {
|
import { UserRole } from '../../../shared'
|
||||||
|
|
||||||
|
function createUser (
|
||||||
|
url: string,
|
||||||
|
accessToken: string,
|
||||||
|
username: string,
|
||||||
|
password: string,
|
||||||
|
videoQuota = 1000000,
|
||||||
|
role: UserRole = UserRole.USER,
|
||||||
|
specialStatus = 204
|
||||||
|
) {
|
||||||
const path = '/api/v1/users'
|
const path = '/api/v1/users'
|
||||||
const body = {
|
const body = {
|
||||||
username,
|
username,
|
||||||
password,
|
password,
|
||||||
|
role,
|
||||||
email: username + '@example.com',
|
email: username + '@example.com',
|
||||||
videoQuota
|
videoQuota
|
||||||
}
|
}
|
||||||
|
@ -114,12 +125,13 @@ function updateMyUser (url: string, accessToken: string, newPassword: string, di
|
||||||
.expect(204)
|
.expect(204)
|
||||||
}
|
}
|
||||||
|
|
||||||
function updateUser (url: string, userId: number, accessToken: string, email: string, videoQuota: number) {
|
function updateUser (url: string, userId: number, accessToken: string, email: string, videoQuota: number, role: UserRole) {
|
||||||
const path = '/api/v1/users/' + userId
|
const path = '/api/v1/users/' + userId
|
||||||
|
|
||||||
const toSend = {}
|
const toSend = {}
|
||||||
if (email !== undefined && email !== null) toSend['email'] = email
|
if (email !== undefined && email !== null) toSend['email'] = email
|
||||||
if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota
|
if (videoQuota !== undefined && videoQuota !== null) toSend['videoQuota'] = videoQuota
|
||||||
|
if (role !== undefined && role !== null) toSend['role'] = role
|
||||||
|
|
||||||
return request(url)
|
return request(url)
|
||||||
.put(path)
|
.put(path)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user