aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params/registrations.ts
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2023-01-19 09:28:29 +0100
committerChocobozzz <chocobozzz@cpy.re>2023-01-19 13:53:40 +0100
commitb379759f55a35837b803a3b988674972db2903d1 (patch)
tree895d556973fea9be21492fb60aec2ff7767f5b18 /server/tests/api/check-params/registrations.ts
parent3e5716dd3a5b0db4a1db327714247da687419f92 (diff)
downloadPeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.gz
PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.zst
PeerTube-b379759f55a35837b803a3b988674972db2903d1.zip
Add signup approval API tests
Diffstat (limited to 'server/tests/api/check-params/registrations.ts')
-rw-r--r--server/tests/api/check-params/registrations.ts402
1 files changed, 402 insertions, 0 deletions
diff --git a/server/tests/api/check-params/registrations.ts b/server/tests/api/check-params/registrations.ts
new file mode 100644
index 000000000..9f0462378
--- /dev/null
+++ b/server/tests/api/check-params/registrations.ts
@@ -0,0 +1,402 @@
1import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
2import { omit } from '@shared/core-utils'
3import { HttpStatusCode, UserRole } from '@shared/models'
4import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
5
6describe('Test registrations API validators', function () {
7 let server: PeerTubeServer
8 let userToken: string
9 let moderatorToken: string
10
11 // ---------------------------------------------------------------
12
13 before(async function () {
14 this.timeout(30000)
15
16 server = await createSingleServer(1)
17
18 await setAccessTokensToServers([ server ])
19 await server.config.enableSignup(false);
20
21 ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR));
22 ({ token: userToken } = await server.users.generate('user', UserRole.USER))
23 })
24
25 describe('Register', function () {
26 const registrationPath = '/api/v1/users/register'
27 const registrationRequestPath = '/api/v1/users/registrations/request'
28
29 const baseCorrectParams = {
30 username: 'user3',
31 displayName: 'super user',
32 email: 'test3@example.com',
33 password: 'my super password',
34 registrationReason: 'my super registration reason'
35 }
36
37 describe('When registering a new user or requesting user registration', function () {
38
39 async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) {
40 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus })
41 await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus })
42 }
43
44 it('Should fail with a too small username', async function () {
45 const fields = { ...baseCorrectParams, username: '' }
46
47 await check(fields)
48 })
49
50 it('Should fail with a too long username', async function () {
51 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
52
53 await check(fields)
54 })
55
56 it('Should fail with an incorrect username', async function () {
57 const fields = { ...baseCorrectParams, username: 'my username' }
58
59 await check(fields)
60 })
61
62 it('Should fail with a missing email', async function () {
63 const fields = omit(baseCorrectParams, [ 'email' ])
64
65 await check(fields)
66 })
67
68 it('Should fail with an invalid email', async function () {
69 const fields = { ...baseCorrectParams, email: 'test_example.com' }
70
71 await check(fields)
72 })
73
74 it('Should fail with a too small password', async function () {
75 const fields = { ...baseCorrectParams, password: 'bla' }
76
77 await check(fields)
78 })
79
80 it('Should fail with a too long password', async function () {
81 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
82
83 await check(fields)
84 })
85
86 it('Should fail if we register a user with the same username', async function () {
87 const fields = { ...baseCorrectParams, username: 'root' }
88
89 await check(fields, HttpStatusCode.CONFLICT_409)
90 })
91
92 it('Should fail with a "peertube" username', async function () {
93 const fields = { ...baseCorrectParams, username: 'peertube' }
94
95 await check(fields, HttpStatusCode.CONFLICT_409)
96 })
97
98 it('Should fail if we register a user with the same email', async function () {
99 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
100
101 await check(fields, HttpStatusCode.CONFLICT_409)
102 })
103
104 it('Should fail with a bad display name', async function () {
105 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
106
107 await check(fields)
108 })
109
110 it('Should fail with a bad channel name', async function () {
111 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
112
113 await check(fields)
114 })
115
116 it('Should fail with a bad channel display name', async function () {
117 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
118
119 await check(fields)
120 })
121
122 it('Should fail with a channel name that is the same as username', async function () {
123 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
124 const fields = { ...baseCorrectParams, ...source }
125
126 await check(fields)
127 })
128
129 it('Should fail with an existing channel', async function () {
130 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
131 await server.channels.create({ attributes })
132
133 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
134
135 await check(fields, HttpStatusCode.CONFLICT_409)
136 })
137
138 it('Should fail on a server with registration disabled', async function () {
139 this.timeout(60000)
140
141 await server.config.updateCustomSubConfig({
142 newConfig: {
143 signup: {
144 enabled: false
145 }
146 }
147 })
148
149 await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
150 await server.registrations.requestRegistration({
151 username: 'user4',
152 registrationReason: 'reason',
153 expectedStatus: HttpStatusCode.FORBIDDEN_403
154 })
155 })
156
157 it('Should fail if the user limit is reached', async function () {
158 this.timeout(60000)
159
160 const { total } = await server.users.list()
161
162 await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } })
163
164 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
165 await server.registrations.requestRegistration({
166 username: 'user42',
167 registrationReason: 'reason',
168 expectedStatus: HttpStatusCode.FORBIDDEN_403
169 })
170 })
171 })
172
173 describe('On direct registration', function () {
174
175 it('Should succeed with the correct params', async function () {
176 await server.config.enableSignup(false)
177
178 const fields = {
179 username: 'user_direct_1',
180 displayName: 'super user direct 1',
181 email: 'user_direct_1@example.com',
182 password: 'my super password',
183 channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' }
184 }
185
186 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
187 })
188
189 it('Should fail if the instance requires approval', async function () {
190 this.timeout(60000)
191
192 await server.config.enableSignup(true)
193 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
194 })
195 })
196
197 describe('On registration request', function () {
198
199 before(async function () {
200 this.timeout(60000)
201
202 await server.config.enableSignup(true)
203 })
204
205 it('Should fail with an invalid registration reason', async function () {
206 for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) {
207 await server.registrations.requestRegistration({
208 username: 'user_request_1',
209 registrationReason,
210 expectedStatus: HttpStatusCode.BAD_REQUEST_400
211 })
212 }
213 })
214
215 it('Should succeed with the correct params', async function () {
216 await server.registrations.requestRegistration({
217 username: 'user_request_2',
218 registrationReason: 'tt',
219 channel: {
220 displayName: 'my user request 2 channel',
221 name: 'user_request_2_channel'
222 }
223 })
224 })
225
226 it('Should fail if the user is already awaiting registration approval', async function () {
227 await server.registrations.requestRegistration({
228 username: 'user_request_2',
229 registrationReason: 'tt',
230 channel: {
231 displayName: 'my user request 42 channel',
232 name: 'user_request_42_channel'
233 },
234 expectedStatus: HttpStatusCode.CONFLICT_409
235 })
236 })
237
238 it('Should fail if the channel is already awaiting registration approval', async function () {
239 await server.registrations.requestRegistration({
240 username: 'user42',
241 registrationReason: 'tt',
242 channel: {
243 displayName: 'my user request 2 channel',
244 name: 'user_request_2_channel'
245 },
246 expectedStatus: HttpStatusCode.CONFLICT_409
247 })
248 })
249
250 it('Should fail if the instance does not require approval', async function () {
251 this.timeout(60000)
252
253 await server.config.enableSignup(false)
254
255 await server.registrations.requestRegistration({
256 username: 'user42',
257 registrationReason: 'toto',
258 expectedStatus: HttpStatusCode.BAD_REQUEST_400
259 })
260 })
261 })
262 })
263
264 describe('Registrations accept/reject', function () {
265 let id1: number
266 let id2: number
267
268 before(async function () {
269 this.timeout(60000)
270
271 await server.config.enableSignup(true);
272
273 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' }));
274 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' }))
275 })
276
277 it('Should fail to accept/reject registration without token', async function () {
278 const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }
279 await server.registrations.accept(options)
280 await server.registrations.reject(options)
281 })
282
283 it('Should fail to accept/reject registration with a non moderator user', async function () {
284 const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
285 await server.registrations.accept(options)
286 await server.registrations.reject(options)
287 })
288
289 it('Should fail to accept/reject registration with a bad registration id', async function () {
290 {
291 const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
292 await server.registrations.accept(options)
293 await server.registrations.reject(options)
294 }
295
296 {
297 const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
298 await server.registrations.accept(options)
299 await server.registrations.reject(options)
300 }
301 })
302
303 it('Should fail to accept/reject registration with a bad moderation resposne', async function () {
304 for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) {
305 const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
306 await server.registrations.accept(options)
307 await server.registrations.reject(options)
308 }
309 })
310
311 it('Should succeed to accept a registration', async function () {
312 await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken })
313 })
314
315 it('Should succeed to reject a registration', async function () {
316 await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken })
317 })
318
319 it('Should fail to accept/reject a registration that was already accepted/rejected', async function () {
320 for (const id of [ id1, id2 ]) {
321 const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 }
322 await server.registrations.accept(options)
323 await server.registrations.reject(options)
324 }
325 })
326 })
327
328 describe('Registrations deletion', function () {
329 let id1: number
330 let id2: number
331 let id3: number
332
333 before(async function () {
334 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' }));
335 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' }));
336 ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' }))
337
338 await server.registrations.accept({ id: id2, moderationResponse: 'tt' })
339 await server.registrations.reject({ id: id3, moderationResponse: 'tt' })
340 })
341
342 it('Should fail to delete registration without token', async function () {
343 await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
344 })
345
346 it('Should fail to delete registration with a non moderator user', async function () {
347 await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
348 })
349
350 it('Should fail to delete registration with a bad registration id', async function () {
351 await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
352 await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
353 })
354
355 it('Should succeed with the correct params', async function () {
356 await server.registrations.delete({ id: id1, token: moderatorToken })
357 await server.registrations.delete({ id: id2, token: moderatorToken })
358 await server.registrations.delete({ id: id3, token: moderatorToken })
359 })
360 })
361
362 describe('Listing registrations', function () {
363 const path = '/api/v1/users/registrations'
364
365 it('Should fail with a bad start pagination', async function () {
366 await checkBadStartPagination(server.url, path, server.accessToken)
367 })
368
369 it('Should fail with a bad count pagination', async function () {
370 await checkBadCountPagination(server.url, path, server.accessToken)
371 })
372
373 it('Should fail with an incorrect sort', async function () {
374 await checkBadSortPagination(server.url, path, server.accessToken)
375 })
376
377 it('Should fail with a non authenticated user', async function () {
378 await server.registrations.list({
379 token: null,
380 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
381 })
382 })
383
384 it('Should fail with a non admin user', async function () {
385 await server.registrations.list({
386 token: userToken,
387 expectedStatus: HttpStatusCode.FORBIDDEN_403
388 })
389 })
390
391 it('Should succeed with the correct params', async function () {
392 await server.registrations.list({
393 token: moderatorToken,
394 search: 'toto'
395 })
396 })
397 })
398
399 after(async function () {
400 await cleanupTests([ server ])
401 })
402})