1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2 import { MockSmtpServer } from '@server/tests/shared'
3 import { omit } from '@shared/core-utils'
4 import { HttpStatusCode, UserRole } from '@shared/models'
5 import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
7 describe('Test users API validators', function () {
8 const path = '/api/v1/users/'
9 let server: PeerTubeServer
10 let serverWithRegistrationDisabled: PeerTubeServer
12 // ---------------------------------------------------------------
14 before(async function () {
17 const res = await Promise.all([
18 createSingleServer(1, { signup: { limit: 3 } }),
23 serverWithRegistrationDisabled = res[1]
25 await setAccessTokensToServers([ server ])
27 await server.users.generate('moderator2', UserRole.MODERATOR)
30 describe('When registering a new user', function () {
31 const registrationPath = path + '/register'
32 const baseCorrectParams = {
34 displayName: 'super user',
35 email: 'test3@example.com',
36 password: 'my super password'
39 it('Should fail with a too small username', async function () {
40 const fields = { ...baseCorrectParams, username: '' }
42 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
45 it('Should fail with a too long username', async function () {
46 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
48 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
51 it('Should fail with an incorrect username', async function () {
52 const fields = { ...baseCorrectParams, username: 'my username' }
54 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
57 it('Should fail with a missing email', async function () {
58 const fields = omit(baseCorrectParams, [ 'email' ])
60 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
63 it('Should fail with an invalid email', async function () {
64 const fields = { ...baseCorrectParams, email: 'test_example.com' }
66 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
69 it('Should fail with a too small password', async function () {
70 const fields = { ...baseCorrectParams, password: 'bla' }
72 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
75 it('Should fail with a too long password', async function () {
76 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
78 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
81 it('Should fail if we register a user with the same username', async function () {
82 const fields = { ...baseCorrectParams, username: 'root' }
84 await makePostBodyRequest({
86 path: registrationPath,
87 token: server.accessToken,
89 expectedStatus: HttpStatusCode.CONFLICT_409
93 it('Should fail with a "peertube" username', async function () {
94 const fields = { ...baseCorrectParams, username: 'peertube' }
96 await makePostBodyRequest({
98 path: registrationPath,
99 token: server.accessToken,
101 expectedStatus: HttpStatusCode.CONFLICT_409
105 it('Should fail if we register a user with the same email', async function () {
106 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
108 await makePostBodyRequest({
110 path: registrationPath,
111 token: server.accessToken,
113 expectedStatus: HttpStatusCode.CONFLICT_409
117 it('Should fail with a bad display name', async function () {
118 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
120 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
123 it('Should fail with a bad channel name', async function () {
124 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
126 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
129 it('Should fail with a bad channel display name', async function () {
130 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
132 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
135 it('Should fail with a channel name that is the same as username', async function () {
136 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
137 const fields = { ...baseCorrectParams, ...source }
139 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
142 it('Should fail with an existing channel', async function () {
143 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
144 await server.channels.create({ attributes })
146 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
148 await makePostBodyRequest({
150 path: registrationPath,
151 token: server.accessToken,
153 expectedStatus: HttpStatusCode.CONFLICT_409
157 it('Should succeed with the correct params', async function () {
158 const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } }
160 await makePostBodyRequest({
162 path: registrationPath,
163 token: server.accessToken,
165 expectedStatus: HttpStatusCode.NO_CONTENT_204
169 it('Should fail on a server with registration disabled', async function () {
172 email: 'test4@example.com',
173 password: 'my super password 4'
176 await makePostBodyRequest({
177 url: serverWithRegistrationDisabled.url,
178 path: registrationPath,
179 token: serverWithRegistrationDisabled.accessToken,
181 expectedStatus: HttpStatusCode.FORBIDDEN_403
186 describe('When registering multiple users on a server with users limit', function () {
188 it('Should fail when after 3 registrations', async function () {
189 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
194 describe('When asking a password reset', function () {
195 const path = '/api/v1/users/ask-reset-password'
197 it('Should fail with a missing email', async function () {
200 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
203 it('Should fail with an invalid email', async function () {
204 const fields = { email: 'hello' }
206 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
209 it('Should success with the correct params', async function () {
210 const fields = { email: 'admin@example.com' }
212 await makePostBodyRequest({
215 token: server.accessToken,
217 expectedStatus: HttpStatusCode.NO_CONTENT_204
222 describe('When asking for an account verification email', function () {
223 const path = '/api/v1/users/ask-send-verify-email'
225 it('Should fail with a missing email', async function () {
228 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
231 it('Should fail with an invalid email', async function () {
232 const fields = { email: 'hello' }
234 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
237 it('Should succeed with the correct params', async function () {
238 const fields = { email: 'admin@example.com' }
240 await makePostBodyRequest({
243 token: server.accessToken,
245 expectedStatus: HttpStatusCode.NO_CONTENT_204
250 after(async function () {
251 MockSmtpServer.Instance.kill()
253 await cleanupTests([ server, serverWithRegistrationDisabled ])