diff options
author | Chocobozzz <me@florianbigard.com> | 2018-06-21 11:54:22 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-06-21 11:54:22 +0200 |
commit | 2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109 (patch) | |
tree | e22ca1c1acc26a2597df3c4bc97e56b10905ca71 | |
parent | 6387f320bf10f6b6c90b338bded8d7392dead18a (diff) | |
download | PeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.tar.gz PeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.tar.zst PeerTube-2ef6a0635cb6be32ef6028fb76d1c8ba4a6f7109.zip |
Do not create a user with the same username than another actor name
-rw-r--r-- | server/middlewares/validators/users.ts | 9 | ||||
-rw-r--r-- | server/tests/api/check-params/users.ts | 24 |
2 files changed, 33 insertions, 0 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 4ad0e33da..8fbab4dd0 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -21,6 +21,7 @@ import { CONFIG, CONSTRAINTS_FIELDS } from '../../initializers' | |||
21 | import { Redis } from '../../lib/redis' | 21 | import { Redis } from '../../lib/redis' |
22 | import { UserModel } from '../../models/account/user' | 22 | import { UserModel } from '../../models/account/user' |
23 | import { areValidationErrors } from './utils' | 23 | import { areValidationErrors } from './utils' |
24 | import { ActorModel } from '../../models/activitypub/actor' | ||
24 | 25 | ||
25 | const usersAddValidator = [ | 26 | const usersAddValidator = [ |
26 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), | 27 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), |
@@ -271,6 +272,14 @@ async function checkUserNameOrEmailDoesNotAlreadyExist (username: string, email: | |||
271 | return false | 272 | return false |
272 | } | 273 | } |
273 | 274 | ||
275 | const actor = await ActorModel.loadLocalByName(username) | ||
276 | if (actor) { | ||
277 | res.status(409) | ||
278 | .send({ error: 'Another actor (account/channel) with this name already exists.' }) | ||
279 | .end() | ||
280 | return false | ||
281 | } | ||
282 | |||
274 | return true | 283 | return true |
275 | } | 284 | } |
276 | 285 | ||
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index dba57778d..f36146c53 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts | |||
@@ -179,6 +179,18 @@ describe('Test users API validators', function () { | |||
179 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 179 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) |
180 | }) | 180 | }) |
181 | 181 | ||
182 | it('Should fail with a "peertube" username', async function () { | ||
183 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | ||
184 | |||
185 | await makePostBodyRequest({ | ||
186 | url: server.url, | ||
187 | path, | ||
188 | token: server.accessToken, | ||
189 | fields, | ||
190 | statusCodeExpected: 409 | ||
191 | }) | ||
192 | }) | ||
193 | |||
182 | it('Should succeed with the correct params', async function () { | 194 | it('Should succeed with the correct params', async function () { |
183 | await makePostBodyRequest({ | 195 | await makePostBodyRequest({ |
184 | url: server.url, | 196 | url: server.url, |
@@ -493,6 +505,18 @@ describe('Test users API validators', function () { | |||
493 | }) | 505 | }) |
494 | }) | 506 | }) |
495 | 507 | ||
508 | it('Should fail with a "peertube" username', async function () { | ||
509 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | ||
510 | |||
511 | await makePostBodyRequest({ | ||
512 | url: server.url, | ||
513 | path: registrationPath, | ||
514 | token: server.accessToken, | ||
515 | fields, | ||
516 | statusCodeExpected: 409 | ||
517 | }) | ||
518 | }) | ||
519 | |||
496 | it('Should fail if we register a user with the same email', async function () { | 520 | it('Should fail if we register a user with the same email', async function () { |
497 | const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' }) | 521 | const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' }) |
498 | 522 | ||