check email enabled for requiresEmailVer config

diff --git a/server/middlewares/validators/config.ts b/server/middlewares/validators/config.ts
index 90108fa825d9cb57070d3248b31bd92fc4501186..270ce66f68a75a0058f2f2cc3c8a804b456ad91f 100644 (file)
--- a/server/middlewares/validators/config.ts
+++ b/server/middlewares/validators/config.ts
@@ -2,6 +2,8 @@ import * as express from 'express'
 import { body } from 'express-validator/check'
 import { isUserNSFWPolicyValid, isUserVideoQuotaValid, isUserVideoQuotaDailyValid } from '../../helpers/custom-validators/users'
 import { logger } from '../../helpers/logger'
+import { CustomConfig } from '../../../shared/models/server/custom-config.model'
+import { Emailer } from '../../lib/emailer'
 import { areValidationErrors } from './utils'
 
 const customConfigUpdateValidator = [
@@ -46,11 +48,27 @@ const customConfigUpdateValidator = [
     logger.debug('Checking customConfigUpdateValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
+    if (!checkInvalidConfigIfEmailDisabled(req.body as CustomConfig, res)) return
 
     return next()
   }
 ]
 
+// ---------------------------------------------------------------------------
+
 export {
   customConfigUpdateValidator
 }
+
+function checkInvalidConfigIfEmailDisabled (customConfig: CustomConfig, res: express.Response) {
+  if (Emailer.isEnabled()) return true
+
+  if (customConfig.signup.requiresEmailVerification === true) {
+    res.status(400)
+      .send({ error: 'Emailer is disabled but you require signup email verification.' })
+      .end()
+    return false
+  }
+
+  return true
+}

diff --git a/server/tests/api/check-params/config.ts b/server/tests/api/check-params/config.ts
index 07de2b5a511e83e135959e6d792d716aca74c9c7..3895c4f9ae73a5b1de1498ae94b81479bb15b2f4 100644 (file)
--- a/server/tests/api/check-params/config.ts
+++ b/server/tests/api/check-params/config.ts
@@ -167,6 +167,25 @@ describe('Test config API validators', function () {
       })
     })
 
+    it('Should fail if email disabled and signup requires email verification', async function () {
+      // opposite scenario - succcess when enable enabled - covered via tests/api/users/user-verification.ts
+      const newUpdateParams = immutableAssign(updateParams, {
+        signup: {
+          enabled: true,
+          limit: 5,
+          requiresEmailVerification: true
+        }
+      })
+
+      await makePutBodyRequest({
+        url: server.url,
+        path,
+        fields: newUpdateParams,
+        token: server.accessToken,
+        statusCodeExpected: 400
+      })
+    })
+
     it('Should success with the correct parameters', async function () {
       await makePutBodyRequest({
         url: server.url,

diff --git a/server/tests/api/server/config.ts b/server/tests/api/server/config.ts
index 0dfe6e4fee8cc1d83a5db72ab29291ca16dec7d5..3be1c94314e94e353b74d086022f51f2f68e8b13 100644 (file)
--- a/server/tests/api/server/config.ts
+++ b/server/tests/api/server/config.ts
@@ -81,7 +81,7 @@ function checkUpdatedConfig (data: CustomConfig) {
 
   expect(data.signup.enabled).to.be.false
   expect(data.signup.limit).to.equal(5)
-  expect(data.signup.requiresEmailVerification).to.be.true
+  expect(data.signup.requiresEmailVerification).to.be.false
 
   expect(data.admin.email).to.equal('superadmin1@example.com')
   expect(data.contactForm.enabled).to.be.false
@@ -186,7 +186,7 @@ describe('Test config', function () {
       signup: {
         enabled: false,
         limit: 5,
-        requiresEmailVerification: true
+        requiresEmailVerification: false
       },
       admin: {
         email: 'superadmin1@example.com'