]>
Commit | Line | Data |
---|---|---|
1 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' | |
2 | import { omit } from '@shared/core-utils' | |
3 | import { HttpStatusCode, UserRole } from '@shared/models' | |
4 | import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands' | |
5 | ||
6 | describe('Test registrations API validators', function () { | |
7 | let server: PeerTubeServer | |
8 | let userToken: string | |
9 | let moderatorToken: string | |
10 | ||
11 | // --------------------------------------------------------------- | |
12 | ||
13 | before(async function () { | |
14 | this.timeout(30000) | |
15 | ||
16 | server = await createSingleServer(1) | |
17 | ||
18 | await setAccessTokensToServers([ server ]) | |
19 | await server.config.enableSignup(false); | |
20 | ||
21 | ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR)); | |
22 | ({ token: userToken } = await server.users.generate('user', UserRole.USER)) | |
23 | }) | |
24 | ||
25 | describe('Register', function () { | |
26 | const registrationPath = '/api/v1/users/register' | |
27 | const registrationRequestPath = '/api/v1/users/registrations/request' | |
28 | ||
29 | const baseCorrectParams = { | |
30 | username: 'user3', | |
31 | displayName: 'super user', | |
32 | email: 'test3@example.com', | |
33 | password: 'my super password', | |
34 | registrationReason: 'my super registration reason' | |
35 | } | |
36 | ||
37 | describe('When registering a new user or requesting user registration', function () { | |
38 | ||
39 | async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) { | |
40 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus }) | |
41 | await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus }) | |
42 | } | |
43 | ||
44 | it('Should fail with a too small username', async function () { | |
45 | const fields = { ...baseCorrectParams, username: '' } | |
46 | ||
47 | await check(fields) | |
48 | }) | |
49 | ||
50 | it('Should fail with a too long username', async function () { | |
51 | const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } | |
52 | ||
53 | await check(fields) | |
54 | }) | |
55 | ||
56 | it('Should fail with an incorrect username', async function () { | |
57 | const fields = { ...baseCorrectParams, username: 'my username' } | |
58 | ||
59 | await check(fields) | |
60 | }) | |
61 | ||
62 | it('Should fail with a missing email', async function () { | |
63 | const fields = omit(baseCorrectParams, [ 'email' ]) | |
64 | ||
65 | await check(fields) | |
66 | }) | |
67 | ||
68 | it('Should fail with an invalid email', async function () { | |
69 | const fields = { ...baseCorrectParams, email: 'test_example.com' } | |
70 | ||
71 | await check(fields) | |
72 | }) | |
73 | ||
74 | it('Should fail with a too small password', async function () { | |
75 | const fields = { ...baseCorrectParams, password: 'bla' } | |
76 | ||
77 | await check(fields) | |
78 | }) | |
79 | ||
80 | it('Should fail with a too long password', async function () { | |
81 | const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } | |
82 | ||
83 | await check(fields) | |
84 | }) | |
85 | ||
86 | it('Should fail if we register a user with the same username', async function () { | |
87 | const fields = { ...baseCorrectParams, username: 'root' } | |
88 | ||
89 | await check(fields, HttpStatusCode.CONFLICT_409) | |
90 | }) | |
91 | ||
92 | it('Should fail with a "peertube" username', async function () { | |
93 | const fields = { ...baseCorrectParams, username: 'peertube' } | |
94 | ||
95 | await check(fields, HttpStatusCode.CONFLICT_409) | |
96 | }) | |
97 | ||
98 | it('Should fail if we register a user with the same email', async function () { | |
99 | const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } | |
100 | ||
101 | await check(fields, HttpStatusCode.CONFLICT_409) | |
102 | }) | |
103 | ||
104 | it('Should fail with a bad display name', async function () { | |
105 | const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } | |
106 | ||
107 | await check(fields) | |
108 | }) | |
109 | ||
110 | it('Should fail with a bad channel name', async function () { | |
111 | const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } | |
112 | ||
113 | await check(fields) | |
114 | }) | |
115 | ||
116 | it('Should fail with a bad channel display name', async function () { | |
117 | const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } | |
118 | ||
119 | await check(fields) | |
120 | }) | |
121 | ||
122 | it('Should fail with a channel name that is the same as username', async function () { | |
123 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | |
124 | const fields = { ...baseCorrectParams, ...source } | |
125 | ||
126 | await check(fields) | |
127 | }) | |
128 | ||
129 | it('Should fail with an existing channel', async function () { | |
130 | const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | |
131 | await server.channels.create({ attributes }) | |
132 | ||
133 | const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } | |
134 | ||
135 | await check(fields, HttpStatusCode.CONFLICT_409) | |
136 | }) | |
137 | ||
138 | it('Should fail on a server with registration disabled', async function () { | |
139 | this.timeout(60000) | |
140 | ||
141 | await server.config.updateCustomSubConfig({ | |
142 | newConfig: { | |
143 | signup: { | |
144 | enabled: false | |
145 | } | |
146 | } | |
147 | }) | |
148 | ||
149 | await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
150 | await server.registrations.requestRegistration({ | |
151 | username: 'user4', | |
152 | registrationReason: 'reason', | |
153 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
154 | }) | |
155 | }) | |
156 | ||
157 | it('Should fail if the user limit is reached', async function () { | |
158 | this.timeout(60000) | |
159 | ||
160 | const { total } = await server.users.list() | |
161 | ||
162 | await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } }) | |
163 | ||
164 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
165 | await server.registrations.requestRegistration({ | |
166 | username: 'user42', | |
167 | registrationReason: 'reason', | |
168 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
169 | }) | |
170 | }) | |
171 | }) | |
172 | ||
173 | describe('On direct registration', function () { | |
174 | ||
175 | it('Should succeed with the correct params', async function () { | |
176 | await server.config.enableSignup(false) | |
177 | ||
178 | const fields = { | |
179 | username: 'user_direct_1', | |
180 | displayName: 'super user direct 1', | |
181 | email: 'user_direct_1@example.com', | |
182 | password: 'my super password', | |
183 | channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' } | |
184 | } | |
185 | ||
186 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) | |
187 | }) | |
188 | ||
189 | it('Should fail if the instance requires approval', async function () { | |
190 | this.timeout(60000) | |
191 | ||
192 | await server.config.enableSignup(true) | |
193 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
194 | }) | |
195 | }) | |
196 | ||
197 | describe('On registration request', function () { | |
198 | ||
199 | before(async function () { | |
200 | this.timeout(60000) | |
201 | ||
202 | await server.config.enableSignup(true) | |
203 | }) | |
204 | ||
205 | it('Should fail with an invalid registration reason', async function () { | |
206 | for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) { | |
207 | await server.registrations.requestRegistration({ | |
208 | username: 'user_request_1', | |
209 | registrationReason, | |
210 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
211 | }) | |
212 | } | |
213 | }) | |
214 | ||
215 | it('Should succeed with the correct params', async function () { | |
216 | await server.registrations.requestRegistration({ | |
217 | username: 'user_request_2', | |
218 | registrationReason: 'tt', | |
219 | channel: { | |
220 | displayName: 'my user request 2 channel', | |
221 | name: 'user_request_2_channel' | |
222 | } | |
223 | }) | |
224 | }) | |
225 | ||
226 | it('Should fail if the user is already awaiting registration approval', async function () { | |
227 | await server.registrations.requestRegistration({ | |
228 | username: 'user_request_2', | |
229 | registrationReason: 'tt', | |
230 | channel: { | |
231 | displayName: 'my user request 42 channel', | |
232 | name: 'user_request_42_channel' | |
233 | }, | |
234 | expectedStatus: HttpStatusCode.CONFLICT_409 | |
235 | }) | |
236 | }) | |
237 | ||
238 | it('Should fail if the channel is already awaiting registration approval', async function () { | |
239 | await server.registrations.requestRegistration({ | |
240 | username: 'user42', | |
241 | registrationReason: 'tt', | |
242 | channel: { | |
243 | displayName: 'my user request 2 channel', | |
244 | name: 'user_request_2_channel' | |
245 | }, | |
246 | expectedStatus: HttpStatusCode.CONFLICT_409 | |
247 | }) | |
248 | }) | |
249 | ||
250 | it('Should fail if the instance does not require approval', async function () { | |
251 | this.timeout(60000) | |
252 | ||
253 | await server.config.enableSignup(false) | |
254 | ||
255 | await server.registrations.requestRegistration({ | |
256 | username: 'user42', | |
257 | registrationReason: 'toto', | |
258 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
259 | }) | |
260 | }) | |
261 | }) | |
262 | }) | |
263 | ||
264 | describe('Registrations accept/reject', function () { | |
265 | let id1: number | |
266 | let id2: number | |
267 | ||
268 | before(async function () { | |
269 | this.timeout(60000) | |
270 | ||
271 | await server.config.enableSignup(true); | |
272 | ||
273 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' })); | |
274 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' })) | |
275 | }) | |
276 | ||
277 | it('Should fail to accept/reject registration without token', async function () { | |
278 | const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 } | |
279 | await server.registrations.accept(options) | |
280 | await server.registrations.reject(options) | |
281 | }) | |
282 | ||
283 | it('Should fail to accept/reject registration with a non moderator user', async function () { | |
284 | const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | |
285 | await server.registrations.accept(options) | |
286 | await server.registrations.reject(options) | |
287 | }) | |
288 | ||
289 | it('Should fail to accept/reject registration with a bad registration id', async function () { | |
290 | { | |
291 | const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
292 | await server.registrations.accept(options) | |
293 | await server.registrations.reject(options) | |
294 | } | |
295 | ||
296 | { | |
297 | const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 } | |
298 | await server.registrations.accept(options) | |
299 | await server.registrations.reject(options) | |
300 | } | |
301 | }) | |
302 | ||
303 | it('Should fail to accept/reject registration with a bad moderation resposne', async function () { | |
304 | for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) { | |
305 | const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
306 | await server.registrations.accept(options) | |
307 | await server.registrations.reject(options) | |
308 | } | |
309 | }) | |
310 | ||
311 | it('Should succeed to accept a registration', async function () { | |
312 | await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken }) | |
313 | }) | |
314 | ||
315 | it('Should succeed to reject a registration', async function () { | |
316 | await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken }) | |
317 | }) | |
318 | ||
319 | it('Should fail to accept/reject a registration that was already accepted/rejected', async function () { | |
320 | for (const id of [ id1, id2 ]) { | |
321 | const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 } | |
322 | await server.registrations.accept(options) | |
323 | await server.registrations.reject(options) | |
324 | } | |
325 | }) | |
326 | }) | |
327 | ||
328 | describe('Registrations deletion', function () { | |
329 | let id1: number | |
330 | let id2: number | |
331 | let id3: number | |
332 | ||
333 | before(async function () { | |
334 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' })); | |
335 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' })); | |
336 | ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' })) | |
337 | ||
338 | await server.registrations.accept({ id: id2, moderationResponse: 'tt' }) | |
339 | await server.registrations.reject({ id: id3, moderationResponse: 'tt' }) | |
340 | }) | |
341 | ||
342 | it('Should fail to delete registration without token', async function () { | |
343 | await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
344 | }) | |
345 | ||
346 | it('Should fail to delete registration with a non moderator user', async function () { | |
347 | await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
348 | }) | |
349 | ||
350 | it('Should fail to delete registration with a bad registration id', async function () { | |
351 | await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
352 | await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) | |
353 | }) | |
354 | ||
355 | it('Should succeed with the correct params', async function () { | |
356 | await server.registrations.delete({ id: id1, token: moderatorToken }) | |
357 | await server.registrations.delete({ id: id2, token: moderatorToken }) | |
358 | await server.registrations.delete({ id: id3, token: moderatorToken }) | |
359 | }) | |
360 | }) | |
361 | ||
362 | describe('Listing registrations', function () { | |
363 | const path = '/api/v1/users/registrations' | |
364 | ||
365 | it('Should fail with a bad start pagination', async function () { | |
366 | await checkBadStartPagination(server.url, path, server.accessToken) | |
367 | }) | |
368 | ||
369 | it('Should fail with a bad count pagination', async function () { | |
370 | await checkBadCountPagination(server.url, path, server.accessToken) | |
371 | }) | |
372 | ||
373 | it('Should fail with an incorrect sort', async function () { | |
374 | await checkBadSortPagination(server.url, path, server.accessToken) | |
375 | }) | |
376 | ||
377 | it('Should fail with a non authenticated user', async function () { | |
378 | await server.registrations.list({ | |
379 | token: null, | |
380 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
381 | }) | |
382 | }) | |
383 | ||
384 | it('Should fail with a non admin user', async function () { | |
385 | await server.registrations.list({ | |
386 | token: userToken, | |
387 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | |
388 | }) | |
389 | }) | |
390 | ||
391 | it('Should succeed with the correct params', async function () { | |
392 | await server.registrations.list({ | |
393 | token: moderatorToken, | |
394 | search: 'toto' | |
395 | }) | |
396 | }) | |
397 | }) | |
398 | ||
399 | after(async function () { | |
400 | await cleanupTests([ server ]) | |
401 | }) | |
402 | }) |