diff options
author | Chocobozzz <me@florianbigard.com> | 2023-01-19 09:28:29 +0100 |
---|---|---|
committer | Chocobozzz <chocobozzz@cpy.re> | 2023-01-19 13:53:40 +0100 |
commit | b379759f55a35837b803a3b988674972db2903d1 (patch) | |
tree | 895d556973fea9be21492fb60aec2ff7767f5b18 /server/tests/api/check-params/registrations.ts | |
parent | 3e5716dd3a5b0db4a1db327714247da687419f92 (diff) | |
download | PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.gz PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.zst PeerTube-b379759f55a35837b803a3b988674972db2903d1.zip |
Add signup approval API tests
Diffstat (limited to 'server/tests/api/check-params/registrations.ts')
-rw-r--r-- | server/tests/api/check-params/registrations.ts | 402 |
1 files changed, 402 insertions, 0 deletions
diff --git a/server/tests/api/check-params/registrations.ts b/server/tests/api/check-params/registrations.ts new file mode 100644 index 000000000..9f0462378 --- /dev/null +++ b/server/tests/api/check-params/registrations.ts | |||
@@ -0,0 +1,402 @@ | |||
1 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' | ||
2 | import { omit } from '@shared/core-utils' | ||
3 | import { HttpStatusCode, UserRole } from '@shared/models' | ||
4 | import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands' | ||
5 | |||
6 | describe('Test registrations API validators', function () { | ||
7 | let server: PeerTubeServer | ||
8 | let userToken: string | ||
9 | let moderatorToken: string | ||
10 | |||
11 | // --------------------------------------------------------------- | ||
12 | |||
13 | before(async function () { | ||
14 | this.timeout(30000) | ||
15 | |||
16 | server = await createSingleServer(1) | ||
17 | |||
18 | await setAccessTokensToServers([ server ]) | ||
19 | await server.config.enableSignup(false); | ||
20 | |||
21 | ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR)); | ||
22 | ({ token: userToken } = await server.users.generate('user', UserRole.USER)) | ||
23 | }) | ||
24 | |||
25 | describe('Register', function () { | ||
26 | const registrationPath = '/api/v1/users/register' | ||
27 | const registrationRequestPath = '/api/v1/users/registrations/request' | ||
28 | |||
29 | const baseCorrectParams = { | ||
30 | username: 'user3', | ||
31 | displayName: 'super user', | ||
32 | email: 'test3@example.com', | ||
33 | password: 'my super password', | ||
34 | registrationReason: 'my super registration reason' | ||
35 | } | ||
36 | |||
37 | describe('When registering a new user or requesting user registration', function () { | ||
38 | |||
39 | async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) { | ||
40 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus }) | ||
41 | await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus }) | ||
42 | } | ||
43 | |||
44 | it('Should fail with a too small username', async function () { | ||
45 | const fields = { ...baseCorrectParams, username: '' } | ||
46 | |||
47 | await check(fields) | ||
48 | }) | ||
49 | |||
50 | it('Should fail with a too long username', async function () { | ||
51 | const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } | ||
52 | |||
53 | await check(fields) | ||
54 | }) | ||
55 | |||
56 | it('Should fail with an incorrect username', async function () { | ||
57 | const fields = { ...baseCorrectParams, username: 'my username' } | ||
58 | |||
59 | await check(fields) | ||
60 | }) | ||
61 | |||
62 | it('Should fail with a missing email', async function () { | ||
63 | const fields = omit(baseCorrectParams, [ 'email' ]) | ||
64 | |||
65 | await check(fields) | ||
66 | }) | ||
67 | |||
68 | it('Should fail with an invalid email', async function () { | ||
69 | const fields = { ...baseCorrectParams, email: 'test_example.com' } | ||
70 | |||
71 | await check(fields) | ||
72 | }) | ||
73 | |||
74 | it('Should fail with a too small password', async function () { | ||
75 | const fields = { ...baseCorrectParams, password: 'bla' } | ||
76 | |||
77 | await check(fields) | ||
78 | }) | ||
79 | |||
80 | it('Should fail with a too long password', async function () { | ||
81 | const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } | ||
82 | |||
83 | await check(fields) | ||
84 | }) | ||
85 | |||
86 | it('Should fail if we register a user with the same username', async function () { | ||
87 | const fields = { ...baseCorrectParams, username: 'root' } | ||
88 | |||
89 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
90 | }) | ||
91 | |||
92 | it('Should fail with a "peertube" username', async function () { | ||
93 | const fields = { ...baseCorrectParams, username: 'peertube' } | ||
94 | |||
95 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
96 | }) | ||
97 | |||
98 | it('Should fail if we register a user with the same email', async function () { | ||
99 | const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } | ||
100 | |||
101 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
102 | }) | ||
103 | |||
104 | it('Should fail with a bad display name', async function () { | ||
105 | const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } | ||
106 | |||
107 | await check(fields) | ||
108 | }) | ||
109 | |||
110 | it('Should fail with a bad channel name', async function () { | ||
111 | const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } | ||
112 | |||
113 | await check(fields) | ||
114 | }) | ||
115 | |||
116 | it('Should fail with a bad channel display name', async function () { | ||
117 | const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } | ||
118 | |||
119 | await check(fields) | ||
120 | }) | ||
121 | |||
122 | it('Should fail with a channel name that is the same as username', async function () { | ||
123 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | ||
124 | const fields = { ...baseCorrectParams, ...source } | ||
125 | |||
126 | await check(fields) | ||
127 | }) | ||
128 | |||
129 | it('Should fail with an existing channel', async function () { | ||
130 | const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | ||
131 | await server.channels.create({ attributes }) | ||
132 | |||
133 | const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } | ||
134 | |||
135 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
136 | }) | ||
137 | |||
138 | it('Should fail on a server with registration disabled', async function () { | ||
139 | this.timeout(60000) | ||
140 | |||
141 | await server.config.updateCustomSubConfig({ | ||
142 | newConfig: { | ||
143 | signup: { | ||
144 | enabled: false | ||
145 | } | ||
146 | } | ||
147 | }) | ||
148 | |||
149 | await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
150 | await server.registrations.requestRegistration({ | ||
151 | username: 'user4', | ||
152 | registrationReason: 'reason', | ||
153 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
154 | }) | ||
155 | }) | ||
156 | |||
157 | it('Should fail if the user limit is reached', async function () { | ||
158 | this.timeout(60000) | ||
159 | |||
160 | const { total } = await server.users.list() | ||
161 | |||
162 | await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } }) | ||
163 | |||
164 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
165 | await server.registrations.requestRegistration({ | ||
166 | username: 'user42', | ||
167 | registrationReason: 'reason', | ||
168 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
169 | }) | ||
170 | }) | ||
171 | }) | ||
172 | |||
173 | describe('On direct registration', function () { | ||
174 | |||
175 | it('Should succeed with the correct params', async function () { | ||
176 | await server.config.enableSignup(false) | ||
177 | |||
178 | const fields = { | ||
179 | username: 'user_direct_1', | ||
180 | displayName: 'super user direct 1', | ||
181 | email: 'user_direct_1@example.com', | ||
182 | password: 'my super password', | ||
183 | channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' } | ||
184 | } | ||
185 | |||
186 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) | ||
187 | }) | ||
188 | |||
189 | it('Should fail if the instance requires approval', async function () { | ||
190 | this.timeout(60000) | ||
191 | |||
192 | await server.config.enableSignup(true) | ||
193 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
194 | }) | ||
195 | }) | ||
196 | |||
197 | describe('On registration request', function () { | ||
198 | |||
199 | before(async function () { | ||
200 | this.timeout(60000) | ||
201 | |||
202 | await server.config.enableSignup(true) | ||
203 | }) | ||
204 | |||
205 | it('Should fail with an invalid registration reason', async function () { | ||
206 | for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) { | ||
207 | await server.registrations.requestRegistration({ | ||
208 | username: 'user_request_1', | ||
209 | registrationReason, | ||
210 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | ||
211 | }) | ||
212 | } | ||
213 | }) | ||
214 | |||
215 | it('Should succeed with the correct params', async function () { | ||
216 | await server.registrations.requestRegistration({ | ||
217 | username: 'user_request_2', | ||
218 | registrationReason: 'tt', | ||
219 | channel: { | ||
220 | displayName: 'my user request 2 channel', | ||
221 | name: 'user_request_2_channel' | ||
222 | } | ||
223 | }) | ||
224 | }) | ||
225 | |||
226 | it('Should fail if the user is already awaiting registration approval', async function () { | ||
227 | await server.registrations.requestRegistration({ | ||
228 | username: 'user_request_2', | ||
229 | registrationReason: 'tt', | ||
230 | channel: { | ||
231 | displayName: 'my user request 42 channel', | ||
232 | name: 'user_request_42_channel' | ||
233 | }, | ||
234 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
235 | }) | ||
236 | }) | ||
237 | |||
238 | it('Should fail if the channel is already awaiting registration approval', async function () { | ||
239 | await server.registrations.requestRegistration({ | ||
240 | username: 'user42', | ||
241 | registrationReason: 'tt', | ||
242 | channel: { | ||
243 | displayName: 'my user request 2 channel', | ||
244 | name: 'user_request_2_channel' | ||
245 | }, | ||
246 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
247 | }) | ||
248 | }) | ||
249 | |||
250 | it('Should fail if the instance does not require approval', async function () { | ||
251 | this.timeout(60000) | ||
252 | |||
253 | await server.config.enableSignup(false) | ||
254 | |||
255 | await server.registrations.requestRegistration({ | ||
256 | username: 'user42', | ||
257 | registrationReason: 'toto', | ||
258 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | ||
259 | }) | ||
260 | }) | ||
261 | }) | ||
262 | }) | ||
263 | |||
264 | describe('Registrations accept/reject', function () { | ||
265 | let id1: number | ||
266 | let id2: number | ||
267 | |||
268 | before(async function () { | ||
269 | this.timeout(60000) | ||
270 | |||
271 | await server.config.enableSignup(true); | ||
272 | |||
273 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' })); | ||
274 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' })) | ||
275 | }) | ||
276 | |||
277 | it('Should fail to accept/reject registration without token', async function () { | ||
278 | const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 } | ||
279 | await server.registrations.accept(options) | ||
280 | await server.registrations.reject(options) | ||
281 | }) | ||
282 | |||
283 | it('Should fail to accept/reject registration with a non moderator user', async function () { | ||
284 | const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | ||
285 | await server.registrations.accept(options) | ||
286 | await server.registrations.reject(options) | ||
287 | }) | ||
288 | |||
289 | it('Should fail to accept/reject registration with a bad registration id', async function () { | ||
290 | { | ||
291 | const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | ||
292 | await server.registrations.accept(options) | ||
293 | await server.registrations.reject(options) | ||
294 | } | ||
295 | |||
296 | { | ||
297 | const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 } | ||
298 | await server.registrations.accept(options) | ||
299 | await server.registrations.reject(options) | ||
300 | } | ||
301 | }) | ||
302 | |||
303 | it('Should fail to accept/reject registration with a bad moderation resposne', async function () { | ||
304 | for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) { | ||
305 | const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | ||
306 | await server.registrations.accept(options) | ||
307 | await server.registrations.reject(options) | ||
308 | } | ||
309 | }) | ||
310 | |||
311 | it('Should succeed to accept a registration', async function () { | ||
312 | await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken }) | ||
313 | }) | ||
314 | |||
315 | it('Should succeed to reject a registration', async function () { | ||
316 | await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken }) | ||
317 | }) | ||
318 | |||
319 | it('Should fail to accept/reject a registration that was already accepted/rejected', async function () { | ||
320 | for (const id of [ id1, id2 ]) { | ||
321 | const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 } | ||
322 | await server.registrations.accept(options) | ||
323 | await server.registrations.reject(options) | ||
324 | } | ||
325 | }) | ||
326 | }) | ||
327 | |||
328 | describe('Registrations deletion', function () { | ||
329 | let id1: number | ||
330 | let id2: number | ||
331 | let id3: number | ||
332 | |||
333 | before(async function () { | ||
334 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' })); | ||
335 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' })); | ||
336 | ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' })) | ||
337 | |||
338 | await server.registrations.accept({ id: id2, moderationResponse: 'tt' }) | ||
339 | await server.registrations.reject({ id: id3, moderationResponse: 'tt' }) | ||
340 | }) | ||
341 | |||
342 | it('Should fail to delete registration without token', async function () { | ||
343 | await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | ||
344 | }) | ||
345 | |||
346 | it('Should fail to delete registration with a non moderator user', async function () { | ||
347 | await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
348 | }) | ||
349 | |||
350 | it('Should fail to delete registration with a bad registration id', async function () { | ||
351 | await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | ||
352 | await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) | ||
353 | }) | ||
354 | |||
355 | it('Should succeed with the correct params', async function () { | ||
356 | await server.registrations.delete({ id: id1, token: moderatorToken }) | ||
357 | await server.registrations.delete({ id: id2, token: moderatorToken }) | ||
358 | await server.registrations.delete({ id: id3, token: moderatorToken }) | ||
359 | }) | ||
360 | }) | ||
361 | |||
362 | describe('Listing registrations', function () { | ||
363 | const path = '/api/v1/users/registrations' | ||
364 | |||
365 | it('Should fail with a bad start pagination', async function () { | ||
366 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
367 | }) | ||
368 | |||
369 | it('Should fail with a bad count pagination', async function () { | ||
370 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
371 | }) | ||
372 | |||
373 | it('Should fail with an incorrect sort', async function () { | ||
374 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
375 | }) | ||
376 | |||
377 | it('Should fail with a non authenticated user', async function () { | ||
378 | await server.registrations.list({ | ||
379 | token: null, | ||
380 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | ||
381 | }) | ||
382 | }) | ||
383 | |||
384 | it('Should fail with a non admin user', async function () { | ||
385 | await server.registrations.list({ | ||
386 | token: userToken, | ||
387 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
388 | }) | ||
389 | }) | ||
390 | |||
391 | it('Should succeed with the correct params', async function () { | ||
392 | await server.registrations.list({ | ||
393 | token: moderatorToken, | ||
394 | search: 'toto' | ||
395 | }) | ||
396 | }) | ||
397 | }) | ||
398 | |||
399 | after(async function () { | ||
400 | await cleanupTests([ server ]) | ||
401 | }) | ||
402 | }) | ||