aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2023-01-19 09:28:29 +0100
committerChocobozzz <chocobozzz@cpy.re>2023-01-19 13:53:40 +0100
commitb379759f55a35837b803a3b988674972db2903d1 (patch)
tree895d556973fea9be21492fb60aec2ff7767f5b18 /server/tests/api/check-params
parent3e5716dd3a5b0db4a1db327714247da687419f92 (diff)
downloadPeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.gz
PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.zst
PeerTube-b379759f55a35837b803a3b988674972db2903d1.zip
Add signup approval API tests
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r--server/tests/api/check-params/config.ts2
-rw-r--r--server/tests/api/check-params/contact-form.ts13
-rw-r--r--server/tests/api/check-params/index.ts3
-rw-r--r--server/tests/api/check-params/registrations.ts402
-rw-r--r--server/tests/api/check-params/upload-quota.ts4
-rw-r--r--server/tests/api/check-params/users-admin.ts9
-rw-r--r--server/tests/api/check-params/users-emails.ts119
-rw-r--r--server/tests/api/check-params/users.ts255
8 files changed, 539 insertions, 268 deletions
diff --git a/server/tests/api/check-params/config.ts b/server/tests/api/check-params/config.ts
index 3415625ca..93a3f3eb9 100644
--- a/server/tests/api/check-params/config.ts
+++ b/server/tests/api/check-params/config.ts
@@ -79,6 +79,7 @@ describe('Test config API validators', function () {
79 signup: { 79 signup: {
80 enabled: false, 80 enabled: false,
81 limit: 5, 81 limit: 5,
82 requiresApproval: false,
82 requiresEmailVerification: false, 83 requiresEmailVerification: false,
83 minimumAge: 16 84 minimumAge: 16
84 }, 85 },
@@ -313,6 +314,7 @@ describe('Test config API validators', function () {
313 signup: { 314 signup: {
314 enabled: true, 315 enabled: true,
315 limit: 5, 316 limit: 5,
317 requiresApproval: true,
316 requiresEmailVerification: true 318 requiresEmailVerification: true
317 } 319 }
318 } 320 }
diff --git a/server/tests/api/check-params/contact-form.ts b/server/tests/api/check-params/contact-form.ts
index 7968ef802..f0f8819b9 100644
--- a/server/tests/api/check-params/contact-form.ts
+++ b/server/tests/api/check-params/contact-form.ts
@@ -2,7 +2,14 @@
2 2
3import { MockSmtpServer } from '@server/tests/shared' 3import { MockSmtpServer } from '@server/tests/shared'
4import { HttpStatusCode } from '@shared/models' 4import { HttpStatusCode } from '@shared/models'
5import { cleanupTests, ContactFormCommand, createSingleServer, killallServers, PeerTubeServer } from '@shared/server-commands' 5import {
6 cleanupTests,
7 ConfigCommand,
8 ContactFormCommand,
9 createSingleServer,
10 killallServers,
11 PeerTubeServer
12} from '@shared/server-commands'
6 13
7describe('Test contact form API validators', function () { 14describe('Test contact form API validators', function () {
8 let server: PeerTubeServer 15 let server: PeerTubeServer
@@ -38,7 +45,7 @@ describe('Test contact form API validators', function () {
38 await killallServers([ server ]) 45 await killallServers([ server ])
39 46
40 // Contact form is disabled 47 // Contact form is disabled
41 await server.run({ smtp: { hostname: '127.0.0.1', port: emailPort }, contact_form: { enabled: false } }) 48 await server.run({ ...ConfigCommand.getEmailOverrideConfig(emailPort), contact_form: { enabled: false } })
42 await command.send({ ...defaultBody, expectedStatus: HttpStatusCode.CONFLICT_409 }) 49 await command.send({ ...defaultBody, expectedStatus: HttpStatusCode.CONFLICT_409 })
43 }) 50 })
44 51
@@ -48,7 +55,7 @@ describe('Test contact form API validators', function () {
48 await killallServers([ server ]) 55 await killallServers([ server ])
49 56
50 // Email & contact form enabled 57 // Email & contact form enabled
51 await server.run({ smtp: { hostname: '127.0.0.1', port: emailPort } }) 58 await server.run(ConfigCommand.getEmailOverrideConfig(emailPort))
52 59
53 await command.send({ ...defaultBody, fromEmail: 'badEmail', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) 60 await command.send({ ...defaultBody, fromEmail: 'badEmail', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
54 await command.send({ ...defaultBody, fromEmail: 'badEmail@', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) 61 await command.send({ ...defaultBody, fromEmail: 'badEmail@', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
diff --git a/server/tests/api/check-params/index.ts b/server/tests/api/check-params/index.ts
index 961093bb5..ddbcb42f8 100644
--- a/server/tests/api/check-params/index.ts
+++ b/server/tests/api/check-params/index.ts
@@ -15,6 +15,7 @@ import './metrics'
15import './my-user' 15import './my-user'
16import './plugins' 16import './plugins'
17import './redundancy' 17import './redundancy'
18import './registrations'
18import './search' 19import './search'
19import './services' 20import './services'
20import './transcoding' 21import './transcoding'
@@ -23,7 +24,7 @@ import './upload-quota'
23import './user-notifications' 24import './user-notifications'
24import './user-subscriptions' 25import './user-subscriptions'
25import './users-admin' 26import './users-admin'
26import './users' 27import './users-emails'
27import './video-blacklist' 28import './video-blacklist'
28import './video-captions' 29import './video-captions'
29import './video-channel-syncs' 30import './video-channel-syncs'
diff --git a/server/tests/api/check-params/registrations.ts b/server/tests/api/check-params/registrations.ts
new file mode 100644
index 000000000..9f0462378
--- /dev/null
+++ b/server/tests/api/check-params/registrations.ts
@@ -0,0 +1,402 @@
1import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
2import { omit } from '@shared/core-utils'
3import { HttpStatusCode, UserRole } from '@shared/models'
4import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
5
6describe('Test registrations API validators', function () {
7 let server: PeerTubeServer
8 let userToken: string
9 let moderatorToken: string
10
11 // ---------------------------------------------------------------
12
13 before(async function () {
14 this.timeout(30000)
15
16 server = await createSingleServer(1)
17
18 await setAccessTokensToServers([ server ])
19 await server.config.enableSignup(false);
20
21 ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR));
22 ({ token: userToken } = await server.users.generate('user', UserRole.USER))
23 })
24
25 describe('Register', function () {
26 const registrationPath = '/api/v1/users/register'
27 const registrationRequestPath = '/api/v1/users/registrations/request'
28
29 const baseCorrectParams = {
30 username: 'user3',
31 displayName: 'super user',
32 email: 'test3@example.com',
33 password: 'my super password',
34 registrationReason: 'my super registration reason'
35 }
36
37 describe('When registering a new user or requesting user registration', function () {
38
39 async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) {
40 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus })
41 await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus })
42 }
43
44 it('Should fail with a too small username', async function () {
45 const fields = { ...baseCorrectParams, username: '' }
46
47 await check(fields)
48 })
49
50 it('Should fail with a too long username', async function () {
51 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
52
53 await check(fields)
54 })
55
56 it('Should fail with an incorrect username', async function () {
57 const fields = { ...baseCorrectParams, username: 'my username' }
58
59 await check(fields)
60 })
61
62 it('Should fail with a missing email', async function () {
63 const fields = omit(baseCorrectParams, [ 'email' ])
64
65 await check(fields)
66 })
67
68 it('Should fail with an invalid email', async function () {
69 const fields = { ...baseCorrectParams, email: 'test_example.com' }
70
71 await check(fields)
72 })
73
74 it('Should fail with a too small password', async function () {
75 const fields = { ...baseCorrectParams, password: 'bla' }
76
77 await check(fields)
78 })
79
80 it('Should fail with a too long password', async function () {
81 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
82
83 await check(fields)
84 })
85
86 it('Should fail if we register a user with the same username', async function () {
87 const fields = { ...baseCorrectParams, username: 'root' }
88
89 await check(fields, HttpStatusCode.CONFLICT_409)
90 })
91
92 it('Should fail with a "peertube" username', async function () {
93 const fields = { ...baseCorrectParams, username: 'peertube' }
94
95 await check(fields, HttpStatusCode.CONFLICT_409)
96 })
97
98 it('Should fail if we register a user with the same email', async function () {
99 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
100
101 await check(fields, HttpStatusCode.CONFLICT_409)
102 })
103
104 it('Should fail with a bad display name', async function () {
105 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
106
107 await check(fields)
108 })
109
110 it('Should fail with a bad channel name', async function () {
111 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
112
113 await check(fields)
114 })
115
116 it('Should fail with a bad channel display name', async function () {
117 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
118
119 await check(fields)
120 })
121
122 it('Should fail with a channel name that is the same as username', async function () {
123 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
124 const fields = { ...baseCorrectParams, ...source }
125
126 await check(fields)
127 })
128
129 it('Should fail with an existing channel', async function () {
130 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
131 await server.channels.create({ attributes })
132
133 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
134
135 await check(fields, HttpStatusCode.CONFLICT_409)
136 })
137
138 it('Should fail on a server with registration disabled', async function () {
139 this.timeout(60000)
140
141 await server.config.updateCustomSubConfig({
142 newConfig: {
143 signup: {
144 enabled: false
145 }
146 }
147 })
148
149 await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
150 await server.registrations.requestRegistration({
151 username: 'user4',
152 registrationReason: 'reason',
153 expectedStatus: HttpStatusCode.FORBIDDEN_403
154 })
155 })
156
157 it('Should fail if the user limit is reached', async function () {
158 this.timeout(60000)
159
160 const { total } = await server.users.list()
161
162 await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } })
163
164 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
165 await server.registrations.requestRegistration({
166 username: 'user42',
167 registrationReason: 'reason',
168 expectedStatus: HttpStatusCode.FORBIDDEN_403
169 })
170 })
171 })
172
173 describe('On direct registration', function () {
174
175 it('Should succeed with the correct params', async function () {
176 await server.config.enableSignup(false)
177
178 const fields = {
179 username: 'user_direct_1',
180 displayName: 'super user direct 1',
181 email: 'user_direct_1@example.com',
182 password: 'my super password',
183 channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' }
184 }
185
186 await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
187 })
188
189 it('Should fail if the instance requires approval', async function () {
190 this.timeout(60000)
191
192 await server.config.enableSignup(true)
193 await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
194 })
195 })
196
197 describe('On registration request', function () {
198
199 before(async function () {
200 this.timeout(60000)
201
202 await server.config.enableSignup(true)
203 })
204
205 it('Should fail with an invalid registration reason', async function () {
206 for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) {
207 await server.registrations.requestRegistration({
208 username: 'user_request_1',
209 registrationReason,
210 expectedStatus: HttpStatusCode.BAD_REQUEST_400
211 })
212 }
213 })
214
215 it('Should succeed with the correct params', async function () {
216 await server.registrations.requestRegistration({
217 username: 'user_request_2',
218 registrationReason: 'tt',
219 channel: {
220 displayName: 'my user request 2 channel',
221 name: 'user_request_2_channel'
222 }
223 })
224 })
225
226 it('Should fail if the user is already awaiting registration approval', async function () {
227 await server.registrations.requestRegistration({
228 username: 'user_request_2',
229 registrationReason: 'tt',
230 channel: {
231 displayName: 'my user request 42 channel',
232 name: 'user_request_42_channel'
233 },
234 expectedStatus: HttpStatusCode.CONFLICT_409
235 })
236 })
237
238 it('Should fail if the channel is already awaiting registration approval', async function () {
239 await server.registrations.requestRegistration({
240 username: 'user42',
241 registrationReason: 'tt',
242 channel: {
243 displayName: 'my user request 2 channel',
244 name: 'user_request_2_channel'
245 },
246 expectedStatus: HttpStatusCode.CONFLICT_409
247 })
248 })
249
250 it('Should fail if the instance does not require approval', async function () {
251 this.timeout(60000)
252
253 await server.config.enableSignup(false)
254
255 await server.registrations.requestRegistration({
256 username: 'user42',
257 registrationReason: 'toto',
258 expectedStatus: HttpStatusCode.BAD_REQUEST_400
259 })
260 })
261 })
262 })
263
264 describe('Registrations accept/reject', function () {
265 let id1: number
266 let id2: number
267
268 before(async function () {
269 this.timeout(60000)
270
271 await server.config.enableSignup(true);
272
273 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' }));
274 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' }))
275 })
276
277 it('Should fail to accept/reject registration without token', async function () {
278 const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }
279 await server.registrations.accept(options)
280 await server.registrations.reject(options)
281 })
282
283 it('Should fail to accept/reject registration with a non moderator user', async function () {
284 const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
285 await server.registrations.accept(options)
286 await server.registrations.reject(options)
287 })
288
289 it('Should fail to accept/reject registration with a bad registration id', async function () {
290 {
291 const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
292 await server.registrations.accept(options)
293 await server.registrations.reject(options)
294 }
295
296 {
297 const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
298 await server.registrations.accept(options)
299 await server.registrations.reject(options)
300 }
301 })
302
303 it('Should fail to accept/reject registration with a bad moderation resposne', async function () {
304 for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) {
305 const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
306 await server.registrations.accept(options)
307 await server.registrations.reject(options)
308 }
309 })
310
311 it('Should succeed to accept a registration', async function () {
312 await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken })
313 })
314
315 it('Should succeed to reject a registration', async function () {
316 await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken })
317 })
318
319 it('Should fail to accept/reject a registration that was already accepted/rejected', async function () {
320 for (const id of [ id1, id2 ]) {
321 const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 }
322 await server.registrations.accept(options)
323 await server.registrations.reject(options)
324 }
325 })
326 })
327
328 describe('Registrations deletion', function () {
329 let id1: number
330 let id2: number
331 let id3: number
332
333 before(async function () {
334 ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' }));
335 ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' }));
336 ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' }))
337
338 await server.registrations.accept({ id: id2, moderationResponse: 'tt' })
339 await server.registrations.reject({ id: id3, moderationResponse: 'tt' })
340 })
341
342 it('Should fail to delete registration without token', async function () {
343 await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
344 })
345
346 it('Should fail to delete registration with a non moderator user', async function () {
347 await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
348 })
349
350 it('Should fail to delete registration with a bad registration id', async function () {
351 await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
352 await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
353 })
354
355 it('Should succeed with the correct params', async function () {
356 await server.registrations.delete({ id: id1, token: moderatorToken })
357 await server.registrations.delete({ id: id2, token: moderatorToken })
358 await server.registrations.delete({ id: id3, token: moderatorToken })
359 })
360 })
361
362 describe('Listing registrations', function () {
363 const path = '/api/v1/users/registrations'
364
365 it('Should fail with a bad start pagination', async function () {
366 await checkBadStartPagination(server.url, path, server.accessToken)
367 })
368
369 it('Should fail with a bad count pagination', async function () {
370 await checkBadCountPagination(server.url, path, server.accessToken)
371 })
372
373 it('Should fail with an incorrect sort', async function () {
374 await checkBadSortPagination(server.url, path, server.accessToken)
375 })
376
377 it('Should fail with a non authenticated user', async function () {
378 await server.registrations.list({
379 token: null,
380 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
381 })
382 })
383
384 it('Should fail with a non admin user', async function () {
385 await server.registrations.list({
386 token: userToken,
387 expectedStatus: HttpStatusCode.FORBIDDEN_403
388 })
389 })
390
391 it('Should succeed with the correct params', async function () {
392 await server.registrations.list({
393 token: moderatorToken,
394 search: 'toto'
395 })
396 })
397 })
398
399 after(async function () {
400 await cleanupTests([ server ])
401 })
402})
diff --git a/server/tests/api/check-params/upload-quota.ts b/server/tests/api/check-params/upload-quota.ts
index 70e6f4af9..fdc711bd5 100644
--- a/server/tests/api/check-params/upload-quota.ts
+++ b/server/tests/api/check-params/upload-quota.ts
@@ -42,7 +42,7 @@ describe('Test upload quota', function () {
42 this.timeout(30000) 42 this.timeout(30000)
43 43
44 const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } 44 const user = { username: 'registered' + randomInt(1, 1500), password: 'password' }
45 await server.users.register(user) 45 await server.registrations.register(user)
46 const userToken = await server.login.getAccessToken(user) 46 const userToken = await server.login.getAccessToken(user)
47 47
48 const attributes = { fixture: 'video_short2.webm' } 48 const attributes = { fixture: 'video_short2.webm' }
@@ -57,7 +57,7 @@ describe('Test upload quota', function () {
57 this.timeout(30000) 57 this.timeout(30000)
58 58
59 const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } 59 const user = { username: 'registered' + randomInt(1, 1500), password: 'password' }
60 await server.users.register(user) 60 await server.registrations.register(user)
61 const userToken = await server.login.getAccessToken(user) 61 const userToken = await server.login.getAccessToken(user)
62 62
63 const attributes = { fixture: 'video_short2.webm' } 63 const attributes = { fixture: 'video_short2.webm' }
diff --git a/server/tests/api/check-params/users-admin.ts b/server/tests/api/check-params/users-admin.ts
index 7ba709c4a..be2496bb4 100644
--- a/server/tests/api/check-params/users-admin.ts
+++ b/server/tests/api/check-params/users-admin.ts
@@ -5,6 +5,7 @@ import { omit } from '@shared/core-utils'
5import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models' 5import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models'
6import { 6import {
7 cleanupTests, 7 cleanupTests,
8 ConfigCommand,
8 createSingleServer, 9 createSingleServer,
9 killallServers, 10 killallServers,
10 makeGetRequest, 11 makeGetRequest,
@@ -156,13 +157,7 @@ describe('Test users admin API validators', function () {
156 157
157 await killallServers([ server ]) 158 await killallServers([ server ])
158 159
159 const config = { 160 await server.run(ConfigCommand.getEmailOverrideConfig(emailPort))
160 smtp: {
161 hostname: '127.0.0.1',
162 port: emailPort
163 }
164 }
165 await server.run(config)
166 161
167 const fields = { 162 const fields = {
168 ...baseCorrectParams, 163 ...baseCorrectParams,
diff --git a/server/tests/api/check-params/users-emails.ts b/server/tests/api/check-params/users-emails.ts
new file mode 100644
index 000000000..8cfb1d15f
--- /dev/null
+++ b/server/tests/api/check-params/users-emails.ts
@@ -0,0 +1,119 @@
1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2import { MockSmtpServer } from '@server/tests/shared'
3import { HttpStatusCode, UserRole } from '@shared/models'
4import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
5
6describe('Test users API validators', function () {
7 let server: PeerTubeServer
8
9 // ---------------------------------------------------------------
10
11 before(async function () {
12 this.timeout(30000)
13
14 server = await createSingleServer(1, {
15 rates_limit: {
16 ask_send_email: {
17 max: 10
18 }
19 }
20 })
21
22 await setAccessTokensToServers([ server ])
23 await server.config.enableSignup(true)
24
25 await server.users.generate('moderator2', UserRole.MODERATOR)
26
27 await server.registrations.requestRegistration({
28 username: 'request1',
29 registrationReason: 'tt'
30 })
31 })
32
33 describe('When asking a password reset', function () {
34 const path = '/api/v1/users/ask-reset-password'
35
36 it('Should fail with a missing email', async function () {
37 const fields = {}
38
39 await makePostBodyRequest({ url: server.url, path, fields })
40 })
41
42 it('Should fail with an invalid email', async function () {
43 const fields = { email: 'hello' }
44
45 await makePostBodyRequest({ url: server.url, path, fields })
46 })
47
48 it('Should success with the correct params', async function () {
49 const fields = { email: 'admin@example.com' }
50
51 await makePostBodyRequest({
52 url: server.url,
53 path,
54 fields,
55 expectedStatus: HttpStatusCode.NO_CONTENT_204
56 })
57 })
58 })
59
60 describe('When asking for an account verification email', function () {
61 const path = '/api/v1/users/ask-send-verify-email'
62
63 it('Should fail with a missing email', async function () {
64 const fields = {}
65
66 await makePostBodyRequest({ url: server.url, path, fields })
67 })
68
69 it('Should fail with an invalid email', async function () {
70 const fields = { email: 'hello' }
71
72 await makePostBodyRequest({ url: server.url, path, fields })
73 })
74
75 it('Should succeed with the correct params', async function () {
76 const fields = { email: 'admin@example.com' }
77
78 await makePostBodyRequest({
79 url: server.url,
80 path,
81 fields,
82 expectedStatus: HttpStatusCode.NO_CONTENT_204
83 })
84 })
85 })
86
87 describe('When asking for a registration verification email', function () {
88 const path = '/api/v1/users/registrations/ask-send-verify-email'
89
90 it('Should fail with a missing email', async function () {
91 const fields = {}
92
93 await makePostBodyRequest({ url: server.url, path, fields })
94 })
95
96 it('Should fail with an invalid email', async function () {
97 const fields = { email: 'hello' }
98
99 await makePostBodyRequest({ url: server.url, path, fields })
100 })
101
102 it('Should succeed with the correct params', async function () {
103 const fields = { email: 'request1@example.com' }
104
105 await makePostBodyRequest({
106 url: server.url,
107 path,
108 fields,
109 expectedStatus: HttpStatusCode.NO_CONTENT_204
110 })
111 })
112 })
113
114 after(async function () {
115 MockSmtpServer.Instance.kill()
116
117 await cleanupTests([ server ])
118 })
119})
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
deleted file mode 100644
index 7acfd8c2c..000000000
--- a/server/tests/api/check-params/users.ts
+++ /dev/null
@@ -1,255 +0,0 @@
1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2import { MockSmtpServer } from '@server/tests/shared'
3import { omit } from '@shared/core-utils'
4import { HttpStatusCode, UserRole } from '@shared/models'
5import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
6
7describe('Test users API validators', function () {
8 const path = '/api/v1/users/'
9 let server: PeerTubeServer
10 let serverWithRegistrationDisabled: PeerTubeServer
11
12 // ---------------------------------------------------------------
13
14 before(async function () {
15 this.timeout(30000)
16
17 const res = await Promise.all([
18 createSingleServer(1, { signup: { limit: 3 } }),
19 createSingleServer(2)
20 ])
21
22 server = res[0]
23 serverWithRegistrationDisabled = res[1]
24
25 await setAccessTokensToServers([ server ])
26
27 await server.users.generate('moderator2', UserRole.MODERATOR)
28 })
29
30 describe('When registering a new user', function () {
31 const registrationPath = path + '/register'
32 const baseCorrectParams = {
33 username: 'user3',
34 displayName: 'super user',
35 email: 'test3@example.com',
36 password: 'my super password'
37 }
38
39 it('Should fail with a too small username', async function () {
40 const fields = { ...baseCorrectParams, username: '' }
41
42 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
43 })
44
45 it('Should fail with a too long username', async function () {
46 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
47
48 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
49 })
50
51 it('Should fail with an incorrect username', async function () {
52 const fields = { ...baseCorrectParams, username: 'my username' }
53
54 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
55 })
56
57 it('Should fail with a missing email', async function () {
58 const fields = omit(baseCorrectParams, [ 'email' ])
59
60 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
61 })
62
63 it('Should fail with an invalid email', async function () {
64 const fields = { ...baseCorrectParams, email: 'test_example.com' }
65
66 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
67 })
68
69 it('Should fail with a too small password', async function () {
70 const fields = { ...baseCorrectParams, password: 'bla' }
71
72 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
73 })
74
75 it('Should fail with a too long password', async function () {
76 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
77
78 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
79 })
80
81 it('Should fail if we register a user with the same username', async function () {
82 const fields = { ...baseCorrectParams, username: 'root' }
83
84 await makePostBodyRequest({
85 url: server.url,
86 path: registrationPath,
87 token: server.accessToken,
88 fields,
89 expectedStatus: HttpStatusCode.CONFLICT_409
90 })
91 })
92
93 it('Should fail with a "peertube" username', async function () {
94 const fields = { ...baseCorrectParams, username: 'peertube' }
95
96 await makePostBodyRequest({
97 url: server.url,
98 path: registrationPath,
99 token: server.accessToken,
100 fields,
101 expectedStatus: HttpStatusCode.CONFLICT_409
102 })
103 })
104
105 it('Should fail if we register a user with the same email', async function () {
106 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
107
108 await makePostBodyRequest({
109 url: server.url,
110 path: registrationPath,
111 token: server.accessToken,
112 fields,
113 expectedStatus: HttpStatusCode.CONFLICT_409
114 })
115 })
116
117 it('Should fail with a bad display name', async function () {
118 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
119
120 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
121 })
122
123 it('Should fail with a bad channel name', async function () {
124 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
125
126 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
127 })
128
129 it('Should fail with a bad channel display name', async function () {
130 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
131
132 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
133 })
134
135 it('Should fail with a channel name that is the same as username', async function () {
136 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
137 const fields = { ...baseCorrectParams, ...source }
138
139 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
140 })
141
142 it('Should fail with an existing channel', async function () {
143 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
144 await server.channels.create({ attributes })
145
146 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
147
148 await makePostBodyRequest({
149 url: server.url,
150 path: registrationPath,
151 token: server.accessToken,
152 fields,
153 expectedStatus: HttpStatusCode.CONFLICT_409
154 })
155 })
156
157 it('Should succeed with the correct params', async function () {
158 const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } }
159
160 await makePostBodyRequest({
161 url: server.url,
162 path: registrationPath,
163 token: server.accessToken,
164 fields,
165 expectedStatus: HttpStatusCode.NO_CONTENT_204
166 })
167 })
168
169 it('Should fail on a server with registration disabled', async function () {
170 const fields = {
171 username: 'user4',
172 email: 'test4@example.com',
173 password: 'my super password 4'
174 }
175
176 await makePostBodyRequest({
177 url: serverWithRegistrationDisabled.url,
178 path: registrationPath,
179 token: serverWithRegistrationDisabled.accessToken,
180 fields,
181 expectedStatus: HttpStatusCode.FORBIDDEN_403
182 })
183 })
184 })
185
186 describe('When registering multiple users on a server with users limit', function () {
187
188 it('Should fail when after 3 registrations', async function () {
189 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
190 })
191
192 })
193
194 describe('When asking a password reset', function () {
195 const path = '/api/v1/users/ask-reset-password'
196
197 it('Should fail with a missing email', async function () {
198 const fields = {}
199
200 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
201 })
202
203 it('Should fail with an invalid email', async function () {
204 const fields = { email: 'hello' }
205
206 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
207 })
208
209 it('Should success with the correct params', async function () {
210 const fields = { email: 'admin@example.com' }
211
212 await makePostBodyRequest({
213 url: server.url,
214 path,
215 token: server.accessToken,
216 fields,
217 expectedStatus: HttpStatusCode.NO_CONTENT_204
218 })
219 })
220 })
221
222 describe('When asking for an account verification email', function () {
223 const path = '/api/v1/users/ask-send-verify-email'
224
225 it('Should fail with a missing email', async function () {
226 const fields = {}
227
228 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
229 })
230
231 it('Should fail with an invalid email', async function () {
232 const fields = { email: 'hello' }
233
234 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
235 })
236
237 it('Should succeed with the correct params', async function () {
238 const fields = { email: 'admin@example.com' }
239
240 await makePostBodyRequest({
241 url: server.url,
242 path,
243 token: server.accessToken,
244 fields,
245 expectedStatus: HttpStatusCode.NO_CONTENT_204
246 })
247 })
248 })
249
250 after(async function () {
251 MockSmtpServer.Instance.kill()
252
253 await cleanupTests([ server, serverWithRegistrationDisabled ])
254 })
255})