1 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
2 import { omit } from '@shared/core-utils'
3 import { HttpStatusCode, UserRole } from '@shared/models'
4 import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
6 describe('Test registrations API validators', function () {
7 let server: PeerTubeServer
9 let moderatorToken: string
11 // ---------------------------------------------------------------
13 before(async function () {
16 server = await createSingleServer(1)
18 await setAccessTokensToServers([ server ])
19 await server.config.enableSignup(false);
21 ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR));
22 ({ token: userToken } = await server.users.generate('user', UserRole.USER))
25 describe('Register', function () {
26 const registrationPath = '/api/v1/users/register'
27 const registrationRequestPath = '/api/v1/users/registrations/request'
29 const baseCorrectParams = {
31 displayName: 'super user',
32 email: 'test3@example.com',
33 password: 'my super password',
34 registrationReason: 'my super registration reason'
37 describe('When registering a new user or requesting user registration', function () {
39 async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) {
40 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus })
41 await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus })
44 it('Should fail with a too small username', async function () {
45 const fields = { ...baseCorrectParams, username: '' }
50 it('Should fail with a too long username', async function () {
51 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
56 it('Should fail with an incorrect username', async function () {
57 const fields = { ...baseCorrectParams, username: 'my username' }
62 it('Should fail with a missing email', async function () {
63 const fields = omit(baseCorrectParams, [ 'email' ])
68 it('Should fail with an invalid email', async function () {
69 const fields = { ...baseCorrectParams, email: 'test_example.com' }
74 it('Should fail with a too small password', async function () {
75 const fields = { ...baseCorrectParams, password: 'bla' }
80 it('Should fail with a too long password', async function () {
81 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
86 it('Should fail if we register a user with the same username', async function () {
87 const fields = { ...baseCorrectParams, username: 'root' }
89 await check(fields, HttpStatusCode.CONFLICT_409)
92 it('Should fail with a "peertube" username', async function () {
93 const fields = { ...baseCorrectParams, username: 'peertube' }
95 await check(fields, HttpStatusCode.CONFLICT_409)
98 it('Should fail if we register a user with the same email', async function () {
99 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
101 await check(fields, HttpStatusCode.CONFLICT_409)
104 it('Should fail with a bad display name', async function () {
105 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
110 it('Should fail with a bad channel name', async function () {
111 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
116 it('Should fail with a bad channel display name', async function () {
117 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
122 it('Should fail with a channel name that is the same as username', async function () {
123 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
124 const fields = { ...baseCorrectParams, ...source }
129 it('Should fail with an existing channel', async function () {
130 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
131 await server.channels.create({ attributes })
133 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
135 await check(fields, HttpStatusCode.CONFLICT_409)
138 it('Should fail on a server with registration disabled', async function () {
141 await server.config.updateCustomSubConfig({
149 await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
150 await server.registrations.requestRegistration({
152 registrationReason: 'reason',
153 expectedStatus: HttpStatusCode.FORBIDDEN_403
157 it('Should fail if the user limit is reached', async function () {
160 const { total } = await server.users.list()
162 await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } })
164 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
165 await server.registrations.requestRegistration({
167 registrationReason: 'reason',
168 expectedStatus: HttpStatusCode.FORBIDDEN_403
173 describe('On direct registration', function () {
175 it('Should succeed with the correct params', async function () {
176 await server.config.enableSignup(false)
179 username: 'user_direct_1',
180 displayName: 'super user direct 1',
181 email: 'user_direct_1@example.com',
182 password: 'my super password',
183 channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' }
186 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
189 it('Should fail if the instance requires approval', async function () {
192 await server.config.enableSignup(true)
193 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
197 describe('On registration request', function () {
199 before(async function () {
202 await server.config.enableSignup(true)
205 it('Should fail with an invalid registration reason', async function () {
206 for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) {
207 await server.registrations.requestRegistration({
208 username: 'user_request_1',
210 expectedStatus: HttpStatusCode.BAD_REQUEST_400
215 it('Should succeed with the correct params', async function () {
216 await server.registrations.requestRegistration({
217 username: 'user_request_2',
218 registrationReason: 'tt',
220 displayName: 'my user request 2 channel',
221 name: 'user_request_2_channel'
226 it('Should fail if the user is already awaiting registration approval', async function () {
227 await server.registrations.requestRegistration({
228 username: 'user_request_2',
229 registrationReason: 'tt',
231 displayName: 'my user request 42 channel',
232 name: 'user_request_42_channel'
234 expectedStatus: HttpStatusCode.CONFLICT_409
238 it('Should fail if the channel is already awaiting registration approval', async function () {
239 await server.registrations.requestRegistration({
241 registrationReason: 'tt',
243 displayName: 'my user request 2 channel',
244 name: 'user_request_2_channel'
246 expectedStatus: HttpStatusCode.CONFLICT_409
250 it('Should fail if the instance does not require approval', async function () {
253 await server.config.enableSignup(false)
255 await server.registrations.requestRegistration({
257 registrationReason: 'toto',
258 expectedStatus: HttpStatusCode.BAD_REQUEST_400
264 describe('Registrations accept/reject', function () {
268 before(async function () {
271 await server.config.enableSignup(true);
273 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' }));
274 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' }))
277 it('Should fail to accept/reject registration without token', async function () {
278 const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }
279 await server.registrations.accept(options)
280 await server.registrations.reject(options)
283 it('Should fail to accept/reject registration with a non moderator user', async function () {
284 const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
285 await server.registrations.accept(options)
286 await server.registrations.reject(options)
289 it('Should fail to accept/reject registration with a bad registration id', async function () {
291 const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
292 await server.registrations.accept(options)
293 await server.registrations.reject(options)
297 const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
298 await server.registrations.accept(options)
299 await server.registrations.reject(options)
303 it('Should fail to accept/reject registration with a bad moderation resposne', async function () {
304 for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) {
305 const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
306 await server.registrations.accept(options)
307 await server.registrations.reject(options)
311 it('Should succeed to accept a registration', async function () {
312 await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken })
315 it('Should succeed to reject a registration', async function () {
316 await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken })
319 it('Should fail to accept/reject a registration that was already accepted/rejected', async function () {
320 for (const id of [ id1, id2 ]) {
321 const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 }
322 await server.registrations.accept(options)
323 await server.registrations.reject(options)
328 describe('Registrations deletion', function () {
333 before(async function () {
334 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' }));
335 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' }));
336 ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' }))
338 await server.registrations.accept({ id: id2, moderationResponse: 'tt' })
339 await server.registrations.reject({ id: id3, moderationResponse: 'tt' })
342 it('Should fail to delete registration without token', async function () {
343 await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
346 it('Should fail to delete registration with a non moderator user', async function () {
347 await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
350 it('Should fail to delete registration with a bad registration id', async function () {
351 await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
352 await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
355 it('Should succeed with the correct params', async function () {
356 await server.registrations.delete({ id: id1, token: moderatorToken })
357 await server.registrations.delete({ id: id2, token: moderatorToken })
358 await server.registrations.delete({ id: id3, token: moderatorToken })
362 describe('Listing registrations', function () {
363 const path = '/api/v1/users/registrations'
365 it('Should fail with a bad start pagination', async function () {
366 await checkBadStartPagination(server.url, path, server.accessToken)
369 it('Should fail with a bad count pagination', async function () {
370 await checkBadCountPagination(server.url, path, server.accessToken)
373 it('Should fail with an incorrect sort', async function () {
374 await checkBadSortPagination(server.url, path, server.accessToken)
377 it('Should fail with a non authenticated user', async function () {
378 await server.registrations.list({
380 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
384 it('Should fail with a non admin user', async function () {
385 await server.registrations.list({
387 expectedStatus: HttpStatusCode.FORBIDDEN_403
391 it('Should succeed with the correct params', async function () {
392 await server.registrations.list({
393 token: moderatorToken,
399 after(async function () {
400 await cleanupTests([ server ])