]>
Commit | Line | Data |
---|---|---|
1 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' | |
2 | import { omit } from '@shared/core-utils' | |
3 | import { HttpStatusCode, UserRole } from '@shared/models' | |
4 | import { | |
5 | cleanupTests, | |
6 | createSingleServer, | |
7 | makePostBodyRequest, | |
8 | PeerTubeServer, | |
9 | setAccessTokensToServers, | |
10 | setDefaultAccountAvatar, | |
11 | setDefaultChannelAvatar | |
12 | } from '@shared/server-commands' | |
13 | ||
14 | describe('Test registrations API validators', function () { | |
15 | let server: PeerTubeServer | |
16 | let userToken: string | |
17 | let moderatorToken: string | |
18 | ||
19 | // --------------------------------------------------------------- | |
20 | ||
21 | before(async function () { | |
22 | this.timeout(30000) | |
23 | ||
24 | server = await createSingleServer(1) | |
25 | ||
26 | await setAccessTokensToServers([ server ]) | |
27 | await setDefaultAccountAvatar([ server ]) | |
28 | await setDefaultChannelAvatar([ server ]) | |
29 | ||
30 | await server.config.enableSignup(false); | |
31 | ||
32 | ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR)); | |
33 | ({ token: userToken } = await server.users.generate('user', UserRole.USER)) | |
34 | }) | |
35 | ||
36 | describe('Register', function () { | |
37 | const registrationPath = '/api/v1/users/register' | |
38 | const registrationRequestPath = '/api/v1/users/registrations/request' | |
39 | ||
40 | const baseCorrectParams = { | |
41 | username: 'user3', | |
42 | displayName: 'super user', | |
43 | email: 'test3@example.com', | |
44 | password: 'my super password', | |
45 | registrationReason: 'my super registration reason' | |
46 | } | |
47 | ||
48 | describe('When registering a new user or requesting user registration', function () { | |
49 | ||
50 | async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) { | |
51 | await server.config.enableSignup(false) | |
52 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus }) | |
53 | ||
54 | await server.config.enableSignup(true) | |
55 | await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus }) | |
56 | } | |
57 | ||
58 | it('Should fail with a too small username', async function () { | |
59 | const fields = { ...baseCorrectParams, username: '' } | |
60 | ||
61 | await check(fields) | |
62 | }) | |
63 | ||
64 | it('Should fail with a too long username', async function () { | |
65 | const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } | |
66 | ||
67 | await check(fields) | |
68 | }) | |
69 | ||
70 | it('Should fail with an incorrect username', async function () { | |
71 | const fields = { ...baseCorrectParams, username: 'my username' } | |
72 | ||
73 | await check(fields) | |
74 | }) | |
75 | ||
76 | it('Should fail with a missing email', async function () { | |
77 | const fields = omit(baseCorrectParams, [ 'email' ]) | |
78 | ||
79 | await check(fields) | |
80 | }) | |
81 | ||
82 | it('Should fail with an invalid email', async function () { | |
83 | const fields = { ...baseCorrectParams, email: 'test_example.com' } | |
84 | ||
85 | await check(fields) | |
86 | }) | |
87 | ||
88 | it('Should fail with a too small password', async function () { | |
89 | const fields = { ...baseCorrectParams, password: 'bla' } | |
90 | ||
91 | await check(fields) | |
92 | }) | |
93 | ||
94 | it('Should fail with a too long password', async function () { | |
95 | const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } | |
96 | ||
97 | await check(fields) | |
98 | }) | |
99 | ||
100 | it('Should fail if we register a user with the same username', async function () { | |
101 | const fields = { ...baseCorrectParams, username: 'root' } | |
102 | ||
103 | await check(fields, HttpStatusCode.CONFLICT_409) | |
104 | }) | |
105 | ||
106 | it('Should fail with a "peertube" username', async function () { | |
107 | const fields = { ...baseCorrectParams, username: 'peertube' } | |
108 | ||
109 | await check(fields, HttpStatusCode.CONFLICT_409) | |
110 | }) | |
111 | ||
112 | it('Should fail if we register a user with the same email', async function () { | |
113 | const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } | |
114 | ||
115 | await check(fields, HttpStatusCode.CONFLICT_409) | |
116 | }) | |
117 | ||
118 | it('Should fail with a bad display name', async function () { | |
119 | const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } | |
120 | ||
121 | await check(fields) | |
122 | }) | |
123 | ||
124 | it('Should fail with a bad channel name', async function () { | |
125 | const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } | |
126 | ||
127 | await check(fields) | |
128 | }) | |
129 | ||
130 | it('Should fail with a bad channel display name', async function () { | |
131 | const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } | |
132 | ||
133 | await check(fields) | |
134 | }) | |
135 | ||
136 | it('Should fail with a channel name that is the same as username', async function () { | |
137 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | |
138 | const fields = { ...baseCorrectParams, ...source } | |
139 | ||
140 | await check(fields) | |
141 | }) | |
142 | ||
143 | it('Should fail with an existing channel', async function () { | |
144 | const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | |
145 | await server.channels.create({ attributes }) | |
146 | ||
147 | const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } | |
148 | ||
149 | await check(fields, HttpStatusCode.CONFLICT_409) | |
150 | }) | |
151 | ||
152 | it('Should fail on a server with registration disabled', async function () { | |
153 | this.timeout(60000) | |
154 | ||
155 | await server.config.updateExistingSubConfig({ | |
156 | newConfig: { | |
157 | signup: { | |
158 | enabled: false | |
159 | } | |
160 | } | |
161 | }) | |
162 | ||
163 | await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
164 | await server.registrations.requestRegistration({ | |
165 | username: 'user4', | |
166 | registrationReason: 'reason', | |
167 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
168 | }) | |
169 | }) | |
170 | ||
171 | it('Should fail if the user limit is reached', async function () { | |
172 | this.timeout(60000) | |
173 | ||
174 | const { total } = await server.users.list() | |
175 | ||
176 | await server.config.enableSignup(false, total) | |
177 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
178 | ||
179 | await server.config.enableSignup(true, total) | |
180 | await server.registrations.requestRegistration({ | |
181 | username: 'user42', | |
182 | registrationReason: 'reason', | |
183 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
184 | }) | |
185 | }) | |
186 | ||
187 | it('Should succeed if the user limit is not reached', async function () { | |
188 | this.timeout(60000) | |
189 | ||
190 | const { total } = await server.users.list() | |
191 | ||
192 | await server.config.enableSignup(false, total + 1) | |
193 | await server.registrations.register({ username: 'user43', expectedStatus: HttpStatusCode.NO_CONTENT_204 }) | |
194 | ||
195 | await server.config.enableSignup(true, total + 2) | |
196 | await server.registrations.requestRegistration({ | |
197 | username: 'user44', | |
198 | registrationReason: 'reason', | |
199 | expectedStatus: HttpStatusCode.OK_200 | |
200 | }) | |
201 | }) | |
202 | }) | |
203 | ||
204 | describe('On direct registration', function () { | |
205 | ||
206 | it('Should succeed with the correct params', async function () { | |
207 | await server.config.enableSignup(false) | |
208 | ||
209 | const fields = { | |
210 | username: 'user_direct_1', | |
211 | displayName: 'super user direct 1', | |
212 | email: 'user_direct_1@example.com', | |
213 | password: 'my super password', | |
214 | channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' } | |
215 | } | |
216 | ||
217 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) | |
218 | }) | |
219 | ||
220 | it('Should fail if the instance requires approval', async function () { | |
221 | this.timeout(60000) | |
222 | ||
223 | await server.config.enableSignup(true) | |
224 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
225 | }) | |
226 | }) | |
227 | ||
228 | describe('On registration request', function () { | |
229 | ||
230 | before(async function () { | |
231 | this.timeout(60000) | |
232 | ||
233 | await server.config.enableSignup(true) | |
234 | }) | |
235 | ||
236 | it('Should fail with an invalid registration reason', async function () { | |
237 | for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) { | |
238 | await server.registrations.requestRegistration({ | |
239 | username: 'user_request_1', | |
240 | registrationReason, | |
241 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
242 | }) | |
243 | } | |
244 | }) | |
245 | ||
246 | it('Should succeed with the correct params', async function () { | |
247 | await server.registrations.requestRegistration({ | |
248 | username: 'user_request_2', | |
249 | registrationReason: 'tt', | |
250 | channel: { | |
251 | displayName: 'my user request 2 channel', | |
252 | name: 'user_request_2_channel' | |
253 | } | |
254 | }) | |
255 | }) | |
256 | ||
257 | it('Should fail if the user is already awaiting registration approval', async function () { | |
258 | await server.registrations.requestRegistration({ | |
259 | username: 'user_request_2', | |
260 | registrationReason: 'tt', | |
261 | channel: { | |
262 | displayName: 'my user request 42 channel', | |
263 | name: 'user_request_42_channel' | |
264 | }, | |
265 | expectedStatus: HttpStatusCode.CONFLICT_409 | |
266 | }) | |
267 | }) | |
268 | ||
269 | it('Should fail if the channel is already awaiting registration approval', async function () { | |
270 | await server.registrations.requestRegistration({ | |
271 | username: 'user42', | |
272 | registrationReason: 'tt', | |
273 | channel: { | |
274 | displayName: 'my user request 2 channel', | |
275 | name: 'user_request_2_channel' | |
276 | }, | |
277 | expectedStatus: HttpStatusCode.CONFLICT_409 | |
278 | }) | |
279 | }) | |
280 | ||
281 | it('Should fail if the instance does not require approval', async function () { | |
282 | this.timeout(60000) | |
283 | ||
284 | await server.config.enableSignup(false) | |
285 | ||
286 | await server.registrations.requestRegistration({ | |
287 | username: 'user42', | |
288 | registrationReason: 'toto', | |
289 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
290 | }) | |
291 | }) | |
292 | }) | |
293 | }) | |
294 | ||
295 | describe('Registrations accept/reject', function () { | |
296 | let id1: number | |
297 | let id2: number | |
298 | ||
299 | before(async function () { | |
300 | this.timeout(60000) | |
301 | ||
302 | await server.config.enableSignup(true); | |
303 | ||
304 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' })); | |
305 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' })) | |
306 | }) | |
307 | ||
308 | it('Should fail to accept/reject registration without token', async function () { | |
309 | const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 } | |
310 | await server.registrations.accept(options) | |
311 | await server.registrations.reject(options) | |
312 | }) | |
313 | ||
314 | it('Should fail to accept/reject registration with a non moderator user', async function () { | |
315 | const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | |
316 | await server.registrations.accept(options) | |
317 | await server.registrations.reject(options) | |
318 | }) | |
319 | ||
320 | it('Should fail to accept/reject registration with a bad registration id', async function () { | |
321 | { | |
322 | const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
323 | await server.registrations.accept(options) | |
324 | await server.registrations.reject(options) | |
325 | } | |
326 | ||
327 | { | |
328 | const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 } | |
329 | await server.registrations.accept(options) | |
330 | await server.registrations.reject(options) | |
331 | } | |
332 | }) | |
333 | ||
334 | it('Should fail to accept/reject registration with a bad moderation resposne', async function () { | |
335 | for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) { | |
336 | const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
337 | await server.registrations.accept(options) | |
338 | await server.registrations.reject(options) | |
339 | } | |
340 | }) | |
341 | ||
342 | it('Should succeed to accept a registration', async function () { | |
343 | await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken }) | |
344 | }) | |
345 | ||
346 | it('Should succeed to reject a registration', async function () { | |
347 | await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken }) | |
348 | }) | |
349 | ||
350 | it('Should fail to accept/reject a registration that was already accepted/rejected', async function () { | |
351 | for (const id of [ id1, id2 ]) { | |
352 | const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 } | |
353 | await server.registrations.accept(options) | |
354 | await server.registrations.reject(options) | |
355 | } | |
356 | }) | |
357 | }) | |
358 | ||
359 | describe('Registrations deletion', function () { | |
360 | let id1: number | |
361 | let id2: number | |
362 | let id3: number | |
363 | ||
364 | before(async function () { | |
365 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' })); | |
366 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' })); | |
367 | ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' })) | |
368 | ||
369 | await server.registrations.accept({ id: id2, moderationResponse: 'tt' }) | |
370 | await server.registrations.reject({ id: id3, moderationResponse: 'tt' }) | |
371 | }) | |
372 | ||
373 | it('Should fail to delete registration without token', async function () { | |
374 | await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
375 | }) | |
376 | ||
377 | it('Should fail to delete registration with a non moderator user', async function () { | |
378 | await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
379 | }) | |
380 | ||
381 | it('Should fail to delete registration with a bad registration id', async function () { | |
382 | await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
383 | await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) | |
384 | }) | |
385 | ||
386 | it('Should succeed with the correct params', async function () { | |
387 | await server.registrations.delete({ id: id1, token: moderatorToken }) | |
388 | await server.registrations.delete({ id: id2, token: moderatorToken }) | |
389 | await server.registrations.delete({ id: id3, token: moderatorToken }) | |
390 | }) | |
391 | }) | |
392 | ||
393 | describe('Listing registrations', function () { | |
394 | const path = '/api/v1/users/registrations' | |
395 | ||
396 | it('Should fail with a bad start pagination', async function () { | |
397 | await checkBadStartPagination(server.url, path, server.accessToken) | |
398 | }) | |
399 | ||
400 | it('Should fail with a bad count pagination', async function () { | |
401 | await checkBadCountPagination(server.url, path, server.accessToken) | |
402 | }) | |
403 | ||
404 | it('Should fail with an incorrect sort', async function () { | |
405 | await checkBadSortPagination(server.url, path, server.accessToken) | |
406 | }) | |
407 | ||
408 | it('Should fail with a non authenticated user', async function () { | |
409 | await server.registrations.list({ | |
410 | token: null, | |
411 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
412 | }) | |
413 | }) | |
414 | ||
415 | it('Should fail with a non admin user', async function () { | |
416 | await server.registrations.list({ | |
417 | token: userToken, | |
418 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
419 | }) | |
420 | }) | |
421 | ||
422 | it('Should succeed with the correct params', async function () { | |
423 | await server.registrations.list({ | |
424 | token: moderatorToken, | |
425 | search: 'toto' | |
426 | }) | |
427 | }) | |
428 | }) | |
429 | ||
430 | after(async function () { | |
431 | await cleanupTests([ server ]) | |
432 | }) | |
433 | }) |