aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2018-06-21 11:54:22 +0200
committerChocobozzz <me@florianbigard.com>2018-06-21 11:54:22 +0200
commit2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109 (patch)
treee22ca1c1acc26a2597df3c4bc97e56b10905ca71
parent6387f320bf10f6b6c90b338bded8d7392dead18a (diff)
downloadPeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.tar.gz
PeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.tar.zst
PeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.zip
Do not create a user with the same username than another actor name
-rw-r--r--server/middlewares/validators/users.ts9
-rw-r--r--server/tests/api/check-params/users.ts24
2 files changed, 33 insertions, 0 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 4ad0e33da..8fbab4dd0 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -21,6 +21,7 @@ import { CONFIG, CONSTRAINTS_FIELDS } from '../../initializers'
21import { Redis } from '../../lib/redis' 21import { Redis } from '../../lib/redis'
22import { UserModel } from '../../models/account/user' 22import { UserModel } from '../../models/account/user'
23import { areValidationErrors } from './utils' 23import { areValidationErrors } from './utils'
24import { ActorModel } from '../../models/activitypub/actor'
24 25
25const usersAddValidator = [ 26const usersAddValidator = [
26 body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), 27 body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
@@ -271,6 +272,14 @@ async function checkUserNameOrEmailDoesNotAlreadyExist (username: string, email:
271 return false 272 return false
272 } 273 }
273 274
275 const actor = await ActorModel.loadLocalByName(username)
276 if (actor) {
277 res.status(409)
278 .send({ error: 'Another actor (account/channel) with this name already exists.' })
279 .end()
280 return false
281 }
282
274 return true 283 return true
275} 284}
276 285
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index dba57778d..f36146c53 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -179,6 +179,18 @@ describe('Test users API validators', function () {
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 }) 180 })
181 181
182 it('Should fail with a "peertube" username', async function () {
183 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
184
185 await makePostBodyRequest({
186 url: server.url,
187 path,
188 token: server.accessToken,
189 fields,
190 statusCodeExpected: 409
191 })
192 })
193
182 it('Should succeed with the correct params', async function () { 194 it('Should succeed with the correct params', async function () {
183 await makePostBodyRequest({ 195 await makePostBodyRequest({
184 url: server.url, 196 url: server.url,
@@ -493,6 +505,18 @@ describe('Test users API validators', function () {
493 }) 505 })
494 }) 506 })
495 507
508 it('Should fail with a "peertube" username', async function () {
509 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
510
511 await makePostBodyRequest({
512 url: server.url,
513 path: registrationPath,
514 token: server.accessToken,
515 fields,
516 statusCodeExpected: 409
517 })
518 })
519
496 it('Should fail if we register a user with the same email', async function () { 520 it('Should fail if we register a user with the same email', async function () {
497 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' }) 521 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
498 522