diff options
author | Chocobozzz <me@florianbigard.com> | 2023-01-19 09:28:29 +0100 |
---|---|---|
committer | Chocobozzz <chocobozzz@cpy.re> | 2023-01-19 13:53:40 +0100 |
commit | b379759f55a35837b803a3b988674972db2903d1 (patch) | |
tree | 895d556973fea9be21492fb60aec2ff7767f5b18 /server/tests/api/check-params | |
parent | 3e5716dd3a5b0db4a1db327714247da687419f92 (diff) | |
download | PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.gz PeerTube-b379759f55a35837b803a3b988674972db2903d1.tar.zst PeerTube-b379759f55a35837b803a3b988674972db2903d1.zip |
Add signup approval API tests
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r-- | server/tests/api/check-params/config.ts | 2 | ||||
-rw-r--r-- | server/tests/api/check-params/contact-form.ts | 13 | ||||
-rw-r--r-- | server/tests/api/check-params/index.ts | 3 | ||||
-rw-r--r-- | server/tests/api/check-params/registrations.ts | 402 | ||||
-rw-r--r-- | server/tests/api/check-params/upload-quota.ts | 4 | ||||
-rw-r--r-- | server/tests/api/check-params/users-admin.ts | 9 | ||||
-rw-r--r-- | server/tests/api/check-params/users-emails.ts | 119 | ||||
-rw-r--r-- | server/tests/api/check-params/users.ts | 255 |
8 files changed, 539 insertions, 268 deletions
diff --git a/server/tests/api/check-params/config.ts b/server/tests/api/check-params/config.ts index 3415625ca..93a3f3eb9 100644 --- a/server/tests/api/check-params/config.ts +++ b/server/tests/api/check-params/config.ts | |||
@@ -79,6 +79,7 @@ describe('Test config API validators', function () { | |||
79 | signup: { | 79 | signup: { |
80 | enabled: false, | 80 | enabled: false, |
81 | limit: 5, | 81 | limit: 5, |
82 | requiresApproval: false, | ||
82 | requiresEmailVerification: false, | 83 | requiresEmailVerification: false, |
83 | minimumAge: 16 | 84 | minimumAge: 16 |
84 | }, | 85 | }, |
@@ -313,6 +314,7 @@ describe('Test config API validators', function () { | |||
313 | signup: { | 314 | signup: { |
314 | enabled: true, | 315 | enabled: true, |
315 | limit: 5, | 316 | limit: 5, |
317 | requiresApproval: true, | ||
316 | requiresEmailVerification: true | 318 | requiresEmailVerification: true |
317 | } | 319 | } |
318 | } | 320 | } |
diff --git a/server/tests/api/check-params/contact-form.ts b/server/tests/api/check-params/contact-form.ts index 7968ef802..f0f8819b9 100644 --- a/server/tests/api/check-params/contact-form.ts +++ b/server/tests/api/check-params/contact-form.ts | |||
@@ -2,7 +2,14 @@ | |||
2 | 2 | ||
3 | import { MockSmtpServer } from '@server/tests/shared' | 3 | import { MockSmtpServer } from '@server/tests/shared' |
4 | import { HttpStatusCode } from '@shared/models' | 4 | import { HttpStatusCode } from '@shared/models' |
5 | import { cleanupTests, ContactFormCommand, createSingleServer, killallServers, PeerTubeServer } from '@shared/server-commands' | 5 | import { |
6 | cleanupTests, | ||
7 | ConfigCommand, | ||
8 | ContactFormCommand, | ||
9 | createSingleServer, | ||
10 | killallServers, | ||
11 | PeerTubeServer | ||
12 | } from '@shared/server-commands' | ||
6 | 13 | ||
7 | describe('Test contact form API validators', function () { | 14 | describe('Test contact form API validators', function () { |
8 | let server: PeerTubeServer | 15 | let server: PeerTubeServer |
@@ -38,7 +45,7 @@ describe('Test contact form API validators', function () { | |||
38 | await killallServers([ server ]) | 45 | await killallServers([ server ]) |
39 | 46 | ||
40 | // Contact form is disabled | 47 | // Contact form is disabled |
41 | await server.run({ smtp: { hostname: '127.0.0.1', port: emailPort }, contact_form: { enabled: false } }) | 48 | await server.run({ ...ConfigCommand.getEmailOverrideConfig(emailPort), contact_form: { enabled: false } }) |
42 | await command.send({ ...defaultBody, expectedStatus: HttpStatusCode.CONFLICT_409 }) | 49 | await command.send({ ...defaultBody, expectedStatus: HttpStatusCode.CONFLICT_409 }) |
43 | }) | 50 | }) |
44 | 51 | ||
@@ -48,7 +55,7 @@ describe('Test contact form API validators', function () { | |||
48 | await killallServers([ server ]) | 55 | await killallServers([ server ]) |
49 | 56 | ||
50 | // Email & contact form enabled | 57 | // Email & contact form enabled |
51 | await server.run({ smtp: { hostname: '127.0.0.1', port: emailPort } }) | 58 | await server.run(ConfigCommand.getEmailOverrideConfig(emailPort)) |
52 | 59 | ||
53 | await command.send({ ...defaultBody, fromEmail: 'badEmail', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | 60 | await command.send({ ...defaultBody, fromEmail: 'badEmail', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
54 | await command.send({ ...defaultBody, fromEmail: 'badEmail@', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | 61 | await command.send({ ...defaultBody, fromEmail: 'badEmail@', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) |
diff --git a/server/tests/api/check-params/index.ts b/server/tests/api/check-params/index.ts index 961093bb5..ddbcb42f8 100644 --- a/server/tests/api/check-params/index.ts +++ b/server/tests/api/check-params/index.ts | |||
@@ -15,6 +15,7 @@ import './metrics' | |||
15 | import './my-user' | 15 | import './my-user' |
16 | import './plugins' | 16 | import './plugins' |
17 | import './redundancy' | 17 | import './redundancy' |
18 | import './registrations' | ||
18 | import './search' | 19 | import './search' |
19 | import './services' | 20 | import './services' |
20 | import './transcoding' | 21 | import './transcoding' |
@@ -23,7 +24,7 @@ import './upload-quota' | |||
23 | import './user-notifications' | 24 | import './user-notifications' |
24 | import './user-subscriptions' | 25 | import './user-subscriptions' |
25 | import './users-admin' | 26 | import './users-admin' |
26 | import './users' | 27 | import './users-emails' |
27 | import './video-blacklist' | 28 | import './video-blacklist' |
28 | import './video-captions' | 29 | import './video-captions' |
29 | import './video-channel-syncs' | 30 | import './video-channel-syncs' |
diff --git a/server/tests/api/check-params/registrations.ts b/server/tests/api/check-params/registrations.ts new file mode 100644 index 000000000..9f0462378 --- /dev/null +++ b/server/tests/api/check-params/registrations.ts | |||
@@ -0,0 +1,402 @@ | |||
1 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' | ||
2 | import { omit } from '@shared/core-utils' | ||
3 | import { HttpStatusCode, UserRole } from '@shared/models' | ||
4 | import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands' | ||
5 | |||
6 | describe('Test registrations API validators', function () { | ||
7 | let server: PeerTubeServer | ||
8 | let userToken: string | ||
9 | let moderatorToken: string | ||
10 | |||
11 | // --------------------------------------------------------------- | ||
12 | |||
13 | before(async function () { | ||
14 | this.timeout(30000) | ||
15 | |||
16 | server = await createSingleServer(1) | ||
17 | |||
18 | await setAccessTokensToServers([ server ]) | ||
19 | await server.config.enableSignup(false); | ||
20 | |||
21 | ({ token: moderatorToken } = await server.users.generate('moderator', UserRole.MODERATOR)); | ||
22 | ({ token: userToken } = await server.users.generate('user', UserRole.USER)) | ||
23 | }) | ||
24 | |||
25 | describe('Register', function () { | ||
26 | const registrationPath = '/api/v1/users/register' | ||
27 | const registrationRequestPath = '/api/v1/users/registrations/request' | ||
28 | |||
29 | const baseCorrectParams = { | ||
30 | username: 'user3', | ||
31 | displayName: 'super user', | ||
32 | email: 'test3@example.com', | ||
33 | password: 'my super password', | ||
34 | registrationReason: 'my super registration reason' | ||
35 | } | ||
36 | |||
37 | describe('When registering a new user or requesting user registration', function () { | ||
38 | |||
39 | async function check (fields: any, expectedStatus = HttpStatusCode.BAD_REQUEST_400) { | ||
40 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus }) | ||
41 | await makePostBodyRequest({ url: server.url, path: registrationRequestPath, fields, expectedStatus }) | ||
42 | } | ||
43 | |||
44 | it('Should fail with a too small username', async function () { | ||
45 | const fields = { ...baseCorrectParams, username: '' } | ||
46 | |||
47 | await check(fields) | ||
48 | }) | ||
49 | |||
50 | it('Should fail with a too long username', async function () { | ||
51 | const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } | ||
52 | |||
53 | await check(fields) | ||
54 | }) | ||
55 | |||
56 | it('Should fail with an incorrect username', async function () { | ||
57 | const fields = { ...baseCorrectParams, username: 'my username' } | ||
58 | |||
59 | await check(fields) | ||
60 | }) | ||
61 | |||
62 | it('Should fail with a missing email', async function () { | ||
63 | const fields = omit(baseCorrectParams, [ 'email' ]) | ||
64 | |||
65 | await check(fields) | ||
66 | }) | ||
67 | |||
68 | it('Should fail with an invalid email', async function () { | ||
69 | const fields = { ...baseCorrectParams, email: 'test_example.com' } | ||
70 | |||
71 | await check(fields) | ||
72 | }) | ||
73 | |||
74 | it('Should fail with a too small password', async function () { | ||
75 | const fields = { ...baseCorrectParams, password: 'bla' } | ||
76 | |||
77 | await check(fields) | ||
78 | }) | ||
79 | |||
80 | it('Should fail with a too long password', async function () { | ||
81 | const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } | ||
82 | |||
83 | await check(fields) | ||
84 | }) | ||
85 | |||
86 | it('Should fail if we register a user with the same username', async function () { | ||
87 | const fields = { ...baseCorrectParams, username: 'root' } | ||
88 | |||
89 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
90 | }) | ||
91 | |||
92 | it('Should fail with a "peertube" username', async function () { | ||
93 | const fields = { ...baseCorrectParams, username: 'peertube' } | ||
94 | |||
95 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
96 | }) | ||
97 | |||
98 | it('Should fail if we register a user with the same email', async function () { | ||
99 | const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } | ||
100 | |||
101 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
102 | }) | ||
103 | |||
104 | it('Should fail with a bad display name', async function () { | ||
105 | const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } | ||
106 | |||
107 | await check(fields) | ||
108 | }) | ||
109 | |||
110 | it('Should fail with a bad channel name', async function () { | ||
111 | const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } | ||
112 | |||
113 | await check(fields) | ||
114 | }) | ||
115 | |||
116 | it('Should fail with a bad channel display name', async function () { | ||
117 | const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } | ||
118 | |||
119 | await check(fields) | ||
120 | }) | ||
121 | |||
122 | it('Should fail with a channel name that is the same as username', async function () { | ||
123 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | ||
124 | const fields = { ...baseCorrectParams, ...source } | ||
125 | |||
126 | await check(fields) | ||
127 | }) | ||
128 | |||
129 | it('Should fail with an existing channel', async function () { | ||
130 | const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | ||
131 | await server.channels.create({ attributes }) | ||
132 | |||
133 | const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } | ||
134 | |||
135 | await check(fields, HttpStatusCode.CONFLICT_409) | ||
136 | }) | ||
137 | |||
138 | it('Should fail on a server with registration disabled', async function () { | ||
139 | this.timeout(60000) | ||
140 | |||
141 | await server.config.updateCustomSubConfig({ | ||
142 | newConfig: { | ||
143 | signup: { | ||
144 | enabled: false | ||
145 | } | ||
146 | } | ||
147 | }) | ||
148 | |||
149 | await server.registrations.register({ username: 'user4', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
150 | await server.registrations.requestRegistration({ | ||
151 | username: 'user4', | ||
152 | registrationReason: 'reason', | ||
153 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
154 | }) | ||
155 | }) | ||
156 | |||
157 | it('Should fail if the user limit is reached', async function () { | ||
158 | this.timeout(60000) | ||
159 | |||
160 | const { total } = await server.users.list() | ||
161 | |||
162 | await server.config.updateCustomSubConfig({ newConfig: { signup: { limit: total } } }) | ||
163 | |||
164 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
165 | await server.registrations.requestRegistration({ | ||
166 | username: 'user42', | ||
167 | registrationReason: 'reason', | ||
168 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
169 | }) | ||
170 | }) | ||
171 | }) | ||
172 | |||
173 | describe('On direct registration', function () { | ||
174 | |||
175 | it('Should succeed with the correct params', async function () { | ||
176 | await server.config.enableSignup(false) | ||
177 | |||
178 | const fields = { | ||
179 | username: 'user_direct_1', | ||
180 | displayName: 'super user direct 1', | ||
181 | email: 'user_direct_1@example.com', | ||
182 | password: 'my super password', | ||
183 | channel: { name: 'super_user_direct_1_channel', displayName: 'super user direct 1 channel' } | ||
184 | } | ||
185 | |||
186 | await makePostBodyRequest({ url: server.url, path: registrationPath, fields, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) | ||
187 | }) | ||
188 | |||
189 | it('Should fail if the instance requires approval', async function () { | ||
190 | this.timeout(60000) | ||
191 | |||
192 | await server.config.enableSignup(true) | ||
193 | await server.registrations.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
194 | }) | ||
195 | }) | ||
196 | |||
197 | describe('On registration request', function () { | ||
198 | |||
199 | before(async function () { | ||
200 | this.timeout(60000) | ||
201 | |||
202 | await server.config.enableSignup(true) | ||
203 | }) | ||
204 | |||
205 | it('Should fail with an invalid registration reason', async function () { | ||
206 | for (const registrationReason of [ '', 't', 't'.repeat(5000) ]) { | ||
207 | await server.registrations.requestRegistration({ | ||
208 | username: 'user_request_1', | ||
209 | registrationReason, | ||
210 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | ||
211 | }) | ||
212 | } | ||
213 | }) | ||
214 | |||
215 | it('Should succeed with the correct params', async function () { | ||
216 | await server.registrations.requestRegistration({ | ||
217 | username: 'user_request_2', | ||
218 | registrationReason: 'tt', | ||
219 | channel: { | ||
220 | displayName: 'my user request 2 channel', | ||
221 | name: 'user_request_2_channel' | ||
222 | } | ||
223 | }) | ||
224 | }) | ||
225 | |||
226 | it('Should fail if the user is already awaiting registration approval', async function () { | ||
227 | await server.registrations.requestRegistration({ | ||
228 | username: 'user_request_2', | ||
229 | registrationReason: 'tt', | ||
230 | channel: { | ||
231 | displayName: 'my user request 42 channel', | ||
232 | name: 'user_request_42_channel' | ||
233 | }, | ||
234 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
235 | }) | ||
236 | }) | ||
237 | |||
238 | it('Should fail if the channel is already awaiting registration approval', async function () { | ||
239 | await server.registrations.requestRegistration({ | ||
240 | username: 'user42', | ||
241 | registrationReason: 'tt', | ||
242 | channel: { | ||
243 | displayName: 'my user request 2 channel', | ||
244 | name: 'user_request_2_channel' | ||
245 | }, | ||
246 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
247 | }) | ||
248 | }) | ||
249 | |||
250 | it('Should fail if the instance does not require approval', async function () { | ||
251 | this.timeout(60000) | ||
252 | |||
253 | await server.config.enableSignup(false) | ||
254 | |||
255 | await server.registrations.requestRegistration({ | ||
256 | username: 'user42', | ||
257 | registrationReason: 'toto', | ||
258 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | ||
259 | }) | ||
260 | }) | ||
261 | }) | ||
262 | }) | ||
263 | |||
264 | describe('Registrations accept/reject', function () { | ||
265 | let id1: number | ||
266 | let id2: number | ||
267 | |||
268 | before(async function () { | ||
269 | this.timeout(60000) | ||
270 | |||
271 | await server.config.enableSignup(true); | ||
272 | |||
273 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_2', registrationReason: 'toto' })); | ||
274 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_3', registrationReason: 'toto' })) | ||
275 | }) | ||
276 | |||
277 | it('Should fail to accept/reject registration without token', async function () { | ||
278 | const options = { id: id1, moderationResponse: 'tt', token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 } | ||
279 | await server.registrations.accept(options) | ||
280 | await server.registrations.reject(options) | ||
281 | }) | ||
282 | |||
283 | it('Should fail to accept/reject registration with a non moderator user', async function () { | ||
284 | const options = { id: id1, moderationResponse: 'tt', token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | ||
285 | await server.registrations.accept(options) | ||
286 | await server.registrations.reject(options) | ||
287 | }) | ||
288 | |||
289 | it('Should fail to accept/reject registration with a bad registration id', async function () { | ||
290 | { | ||
291 | const options = { id: 't' as any, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | ||
292 | await server.registrations.accept(options) | ||
293 | await server.registrations.reject(options) | ||
294 | } | ||
295 | |||
296 | { | ||
297 | const options = { id: 42, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 } | ||
298 | await server.registrations.accept(options) | ||
299 | await server.registrations.reject(options) | ||
300 | } | ||
301 | }) | ||
302 | |||
303 | it('Should fail to accept/reject registration with a bad moderation resposne', async function () { | ||
304 | for (const moderationResponse of [ '', 't', 't'.repeat(5000) ]) { | ||
305 | const options = { id: id1, moderationResponse, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | ||
306 | await server.registrations.accept(options) | ||
307 | await server.registrations.reject(options) | ||
308 | } | ||
309 | }) | ||
310 | |||
311 | it('Should succeed to accept a registration', async function () { | ||
312 | await server.registrations.accept({ id: id1, moderationResponse: 'tt', token: moderatorToken }) | ||
313 | }) | ||
314 | |||
315 | it('Should succeed to reject a registration', async function () { | ||
316 | await server.registrations.reject({ id: id2, moderationResponse: 'tt', token: moderatorToken }) | ||
317 | }) | ||
318 | |||
319 | it('Should fail to accept/reject a registration that was already accepted/rejected', async function () { | ||
320 | for (const id of [ id1, id2 ]) { | ||
321 | const options = { id, moderationResponse: 'tt', token: moderatorToken, expectedStatus: HttpStatusCode.CONFLICT_409 } | ||
322 | await server.registrations.accept(options) | ||
323 | await server.registrations.reject(options) | ||
324 | } | ||
325 | }) | ||
326 | }) | ||
327 | |||
328 | describe('Registrations deletion', function () { | ||
329 | let id1: number | ||
330 | let id2: number | ||
331 | let id3: number | ||
332 | |||
333 | before(async function () { | ||
334 | ({ id: id1 } = await server.registrations.requestRegistration({ username: 'request_4', registrationReason: 'toto' })); | ||
335 | ({ id: id2 } = await server.registrations.requestRegistration({ username: 'request_5', registrationReason: 'toto' })); | ||
336 | ({ id: id3 } = await server.registrations.requestRegistration({ username: 'request_6', registrationReason: 'toto' })) | ||
337 | |||
338 | await server.registrations.accept({ id: id2, moderationResponse: 'tt' }) | ||
339 | await server.registrations.reject({ id: id3, moderationResponse: 'tt' }) | ||
340 | }) | ||
341 | |||
342 | it('Should fail to delete registration without token', async function () { | ||
343 | await server.registrations.delete({ id: id1, token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | ||
344 | }) | ||
345 | |||
346 | it('Should fail to delete registration with a non moderator user', async function () { | ||
347 | await server.registrations.delete({ id: id1, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
348 | }) | ||
349 | |||
350 | it('Should fail to delete registration with a bad registration id', async function () { | ||
351 | await server.registrations.delete({ id: 't' as any, token: moderatorToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | ||
352 | await server.registrations.delete({ id: 42, token: moderatorToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) | ||
353 | }) | ||
354 | |||
355 | it('Should succeed with the correct params', async function () { | ||
356 | await server.registrations.delete({ id: id1, token: moderatorToken }) | ||
357 | await server.registrations.delete({ id: id2, token: moderatorToken }) | ||
358 | await server.registrations.delete({ id: id3, token: moderatorToken }) | ||
359 | }) | ||
360 | }) | ||
361 | |||
362 | describe('Listing registrations', function () { | ||
363 | const path = '/api/v1/users/registrations' | ||
364 | |||
365 | it('Should fail with a bad start pagination', async function () { | ||
366 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
367 | }) | ||
368 | |||
369 | it('Should fail with a bad count pagination', async function () { | ||
370 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
371 | }) | ||
372 | |||
373 | it('Should fail with an incorrect sort', async function () { | ||
374 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
375 | }) | ||
376 | |||
377 | it('Should fail with a non authenticated user', async function () { | ||
378 | await server.registrations.list({ | ||
379 | token: null, | ||
380 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | ||
381 | }) | ||
382 | }) | ||
383 | |||
384 | it('Should fail with a non admin user', async function () { | ||
385 | await server.registrations.list({ | ||
386 | token: userToken, | ||
387 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
388 | }) | ||
389 | }) | ||
390 | |||
391 | it('Should succeed with the correct params', async function () { | ||
392 | await server.registrations.list({ | ||
393 | token: moderatorToken, | ||
394 | search: 'toto' | ||
395 | }) | ||
396 | }) | ||
397 | }) | ||
398 | |||
399 | after(async function () { | ||
400 | await cleanupTests([ server ]) | ||
401 | }) | ||
402 | }) | ||
diff --git a/server/tests/api/check-params/upload-quota.ts b/server/tests/api/check-params/upload-quota.ts index 70e6f4af9..fdc711bd5 100644 --- a/server/tests/api/check-params/upload-quota.ts +++ b/server/tests/api/check-params/upload-quota.ts | |||
@@ -42,7 +42,7 @@ describe('Test upload quota', function () { | |||
42 | this.timeout(30000) | 42 | this.timeout(30000) |
43 | 43 | ||
44 | const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } | 44 | const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } |
45 | await server.users.register(user) | 45 | await server.registrations.register(user) |
46 | const userToken = await server.login.getAccessToken(user) | 46 | const userToken = await server.login.getAccessToken(user) |
47 | 47 | ||
48 | const attributes = { fixture: 'video_short2.webm' } | 48 | const attributes = { fixture: 'video_short2.webm' } |
@@ -57,7 +57,7 @@ describe('Test upload quota', function () { | |||
57 | this.timeout(30000) | 57 | this.timeout(30000) |
58 | 58 | ||
59 | const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } | 59 | const user = { username: 'registered' + randomInt(1, 1500), password: 'password' } |
60 | await server.users.register(user) | 60 | await server.registrations.register(user) |
61 | const userToken = await server.login.getAccessToken(user) | 61 | const userToken = await server.login.getAccessToken(user) |
62 | 62 | ||
63 | const attributes = { fixture: 'video_short2.webm' } | 63 | const attributes = { fixture: 'video_short2.webm' } |
diff --git a/server/tests/api/check-params/users-admin.ts b/server/tests/api/check-params/users-admin.ts index 7ba709c4a..be2496bb4 100644 --- a/server/tests/api/check-params/users-admin.ts +++ b/server/tests/api/check-params/users-admin.ts | |||
@@ -5,6 +5,7 @@ import { omit } from '@shared/core-utils' | |||
5 | import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models' | 5 | import { HttpStatusCode, UserAdminFlag, UserRole } from '@shared/models' |
6 | import { | 6 | import { |
7 | cleanupTests, | 7 | cleanupTests, |
8 | ConfigCommand, | ||
8 | createSingleServer, | 9 | createSingleServer, |
9 | killallServers, | 10 | killallServers, |
10 | makeGetRequest, | 11 | makeGetRequest, |
@@ -156,13 +157,7 @@ describe('Test users admin API validators', function () { | |||
156 | 157 | ||
157 | await killallServers([ server ]) | 158 | await killallServers([ server ]) |
158 | 159 | ||
159 | const config = { | 160 | await server.run(ConfigCommand.getEmailOverrideConfig(emailPort)) |
160 | smtp: { | ||
161 | hostname: '127.0.0.1', | ||
162 | port: emailPort | ||
163 | } | ||
164 | } | ||
165 | await server.run(config) | ||
166 | 161 | ||
167 | const fields = { | 162 | const fields = { |
168 | ...baseCorrectParams, | 163 | ...baseCorrectParams, |
diff --git a/server/tests/api/check-params/users-emails.ts b/server/tests/api/check-params/users-emails.ts new file mode 100644 index 000000000..8cfb1d15f --- /dev/null +++ b/server/tests/api/check-params/users-emails.ts | |||
@@ -0,0 +1,119 @@ | |||
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | ||
2 | import { MockSmtpServer } from '@server/tests/shared' | ||
3 | import { HttpStatusCode, UserRole } from '@shared/models' | ||
4 | import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands' | ||
5 | |||
6 | describe('Test users API validators', function () { | ||
7 | let server: PeerTubeServer | ||
8 | |||
9 | // --------------------------------------------------------------- | ||
10 | |||
11 | before(async function () { | ||
12 | this.timeout(30000) | ||
13 | |||
14 | server = await createSingleServer(1, { | ||
15 | rates_limit: { | ||
16 | ask_send_email: { | ||
17 | max: 10 | ||
18 | } | ||
19 | } | ||
20 | }) | ||
21 | |||
22 | await setAccessTokensToServers([ server ]) | ||
23 | await server.config.enableSignup(true) | ||
24 | |||
25 | await server.users.generate('moderator2', UserRole.MODERATOR) | ||
26 | |||
27 | await server.registrations.requestRegistration({ | ||
28 | username: 'request1', | ||
29 | registrationReason: 'tt' | ||
30 | }) | ||
31 | }) | ||
32 | |||
33 | describe('When asking a password reset', function () { | ||
34 | const path = '/api/v1/users/ask-reset-password' | ||
35 | |||
36 | it('Should fail with a missing email', async function () { | ||
37 | const fields = {} | ||
38 | |||
39 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
40 | }) | ||
41 | |||
42 | it('Should fail with an invalid email', async function () { | ||
43 | const fields = { email: 'hello' } | ||
44 | |||
45 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
46 | }) | ||
47 | |||
48 | it('Should success with the correct params', async function () { | ||
49 | const fields = { email: 'admin@example.com' } | ||
50 | |||
51 | await makePostBodyRequest({ | ||
52 | url: server.url, | ||
53 | path, | ||
54 | fields, | ||
55 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
56 | }) | ||
57 | }) | ||
58 | }) | ||
59 | |||
60 | describe('When asking for an account verification email', function () { | ||
61 | const path = '/api/v1/users/ask-send-verify-email' | ||
62 | |||
63 | it('Should fail with a missing email', async function () { | ||
64 | const fields = {} | ||
65 | |||
66 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
67 | }) | ||
68 | |||
69 | it('Should fail with an invalid email', async function () { | ||
70 | const fields = { email: 'hello' } | ||
71 | |||
72 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
73 | }) | ||
74 | |||
75 | it('Should succeed with the correct params', async function () { | ||
76 | const fields = { email: 'admin@example.com' } | ||
77 | |||
78 | await makePostBodyRequest({ | ||
79 | url: server.url, | ||
80 | path, | ||
81 | fields, | ||
82 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
83 | }) | ||
84 | }) | ||
85 | }) | ||
86 | |||
87 | describe('When asking for a registration verification email', function () { | ||
88 | const path = '/api/v1/users/registrations/ask-send-verify-email' | ||
89 | |||
90 | it('Should fail with a missing email', async function () { | ||
91 | const fields = {} | ||
92 | |||
93 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
94 | }) | ||
95 | |||
96 | it('Should fail with an invalid email', async function () { | ||
97 | const fields = { email: 'hello' } | ||
98 | |||
99 | await makePostBodyRequest({ url: server.url, path, fields }) | ||
100 | }) | ||
101 | |||
102 | it('Should succeed with the correct params', async function () { | ||
103 | const fields = { email: 'request1@example.com' } | ||
104 | |||
105 | await makePostBodyRequest({ | ||
106 | url: server.url, | ||
107 | path, | ||
108 | fields, | ||
109 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
110 | }) | ||
111 | }) | ||
112 | }) | ||
113 | |||
114 | after(async function () { | ||
115 | MockSmtpServer.Instance.kill() | ||
116 | |||
117 | await cleanupTests([ server ]) | ||
118 | }) | ||
119 | }) | ||
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts deleted file mode 100644 index 7acfd8c2c..000000000 --- a/server/tests/api/check-params/users.ts +++ /dev/null | |||
@@ -1,255 +0,0 @@ | |||
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | ||
2 | import { MockSmtpServer } from '@server/tests/shared' | ||
3 | import { omit } from '@shared/core-utils' | ||
4 | import { HttpStatusCode, UserRole } from '@shared/models' | ||
5 | import { cleanupTests, createSingleServer, makePostBodyRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands' | ||
6 | |||
7 | describe('Test users API validators', function () { | ||
8 | const path = '/api/v1/users/' | ||
9 | let server: PeerTubeServer | ||
10 | let serverWithRegistrationDisabled: PeerTubeServer | ||
11 | |||
12 | // --------------------------------------------------------------- | ||
13 | |||
14 | before(async function () { | ||
15 | this.timeout(30000) | ||
16 | |||
17 | const res = await Promise.all([ | ||
18 | createSingleServer(1, { signup: { limit: 3 } }), | ||
19 | createSingleServer(2) | ||
20 | ]) | ||
21 | |||
22 | server = res[0] | ||
23 | serverWithRegistrationDisabled = res[1] | ||
24 | |||
25 | await setAccessTokensToServers([ server ]) | ||
26 | |||
27 | await server.users.generate('moderator2', UserRole.MODERATOR) | ||
28 | }) | ||
29 | |||
30 | describe('When registering a new user', function () { | ||
31 | const registrationPath = path + '/register' | ||
32 | const baseCorrectParams = { | ||
33 | username: 'user3', | ||
34 | displayName: 'super user', | ||
35 | email: 'test3@example.com', | ||
36 | password: 'my super password' | ||
37 | } | ||
38 | |||
39 | it('Should fail with a too small username', async function () { | ||
40 | const fields = { ...baseCorrectParams, username: '' } | ||
41 | |||
42 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
43 | }) | ||
44 | |||
45 | it('Should fail with a too long username', async function () { | ||
46 | const fields = { ...baseCorrectParams, username: 'super'.repeat(50) } | ||
47 | |||
48 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
49 | }) | ||
50 | |||
51 | it('Should fail with an incorrect username', async function () { | ||
52 | const fields = { ...baseCorrectParams, username: 'my username' } | ||
53 | |||
54 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
55 | }) | ||
56 | |||
57 | it('Should fail with a missing email', async function () { | ||
58 | const fields = omit(baseCorrectParams, [ 'email' ]) | ||
59 | |||
60 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
61 | }) | ||
62 | |||
63 | it('Should fail with an invalid email', async function () { | ||
64 | const fields = { ...baseCorrectParams, email: 'test_example.com' } | ||
65 | |||
66 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
67 | }) | ||
68 | |||
69 | it('Should fail with a too small password', async function () { | ||
70 | const fields = { ...baseCorrectParams, password: 'bla' } | ||
71 | |||
72 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
73 | }) | ||
74 | |||
75 | it('Should fail with a too long password', async function () { | ||
76 | const fields = { ...baseCorrectParams, password: 'super'.repeat(61) } | ||
77 | |||
78 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
79 | }) | ||
80 | |||
81 | it('Should fail if we register a user with the same username', async function () { | ||
82 | const fields = { ...baseCorrectParams, username: 'root' } | ||
83 | |||
84 | await makePostBodyRequest({ | ||
85 | url: server.url, | ||
86 | path: registrationPath, | ||
87 | token: server.accessToken, | ||
88 | fields, | ||
89 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
90 | }) | ||
91 | }) | ||
92 | |||
93 | it('Should fail with a "peertube" username', async function () { | ||
94 | const fields = { ...baseCorrectParams, username: 'peertube' } | ||
95 | |||
96 | await makePostBodyRequest({ | ||
97 | url: server.url, | ||
98 | path: registrationPath, | ||
99 | token: server.accessToken, | ||
100 | fields, | ||
101 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
102 | }) | ||
103 | }) | ||
104 | |||
105 | it('Should fail if we register a user with the same email', async function () { | ||
106 | const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' } | ||
107 | |||
108 | await makePostBodyRequest({ | ||
109 | url: server.url, | ||
110 | path: registrationPath, | ||
111 | token: server.accessToken, | ||
112 | fields, | ||
113 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
114 | }) | ||
115 | }) | ||
116 | |||
117 | it('Should fail with a bad display name', async function () { | ||
118 | const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) } | ||
119 | |||
120 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
121 | }) | ||
122 | |||
123 | it('Should fail with a bad channel name', async function () { | ||
124 | const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } } | ||
125 | |||
126 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
127 | }) | ||
128 | |||
129 | it('Should fail with a bad channel display name', async function () { | ||
130 | const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } } | ||
131 | |||
132 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
133 | }) | ||
134 | |||
135 | it('Should fail with a channel name that is the same as username', async function () { | ||
136 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | ||
137 | const fields = { ...baseCorrectParams, ...source } | ||
138 | |||
139 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | ||
140 | }) | ||
141 | |||
142 | it('Should fail with an existing channel', async function () { | ||
143 | const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | ||
144 | await server.channels.create({ attributes }) | ||
145 | |||
146 | const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } } | ||
147 | |||
148 | await makePostBodyRequest({ | ||
149 | url: server.url, | ||
150 | path: registrationPath, | ||
151 | token: server.accessToken, | ||
152 | fields, | ||
153 | expectedStatus: HttpStatusCode.CONFLICT_409 | ||
154 | }) | ||
155 | }) | ||
156 | |||
157 | it('Should succeed with the correct params', async function () { | ||
158 | const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } } | ||
159 | |||
160 | await makePostBodyRequest({ | ||
161 | url: server.url, | ||
162 | path: registrationPath, | ||
163 | token: server.accessToken, | ||
164 | fields, | ||
165 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
166 | }) | ||
167 | }) | ||
168 | |||
169 | it('Should fail on a server with registration disabled', async function () { | ||
170 | const fields = { | ||
171 | username: 'user4', | ||
172 | email: 'test4@example.com', | ||
173 | password: 'my super password 4' | ||
174 | } | ||
175 | |||
176 | await makePostBodyRequest({ | ||
177 | url: serverWithRegistrationDisabled.url, | ||
178 | path: registrationPath, | ||
179 | token: serverWithRegistrationDisabled.accessToken, | ||
180 | fields, | ||
181 | expectedStatus: HttpStatusCode.FORBIDDEN_403 | ||
182 | }) | ||
183 | }) | ||
184 | }) | ||
185 | |||
186 | describe('When registering multiple users on a server with users limit', function () { | ||
187 | |||
188 | it('Should fail when after 3 registrations', async function () { | ||
189 | await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | ||
190 | }) | ||
191 | |||
192 | }) | ||
193 | |||
194 | describe('When asking a password reset', function () { | ||
195 | const path = '/api/v1/users/ask-reset-password' | ||
196 | |||
197 | it('Should fail with a missing email', async function () { | ||
198 | const fields = {} | ||
199 | |||
200 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
201 | }) | ||
202 | |||
203 | it('Should fail with an invalid email', async function () { | ||
204 | const fields = { email: 'hello' } | ||
205 | |||
206 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
207 | }) | ||
208 | |||
209 | it('Should success with the correct params', async function () { | ||
210 | const fields = { email: 'admin@example.com' } | ||
211 | |||
212 | await makePostBodyRequest({ | ||
213 | url: server.url, | ||
214 | path, | ||
215 | token: server.accessToken, | ||
216 | fields, | ||
217 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
218 | }) | ||
219 | }) | ||
220 | }) | ||
221 | |||
222 | describe('When asking for an account verification email', function () { | ||
223 | const path = '/api/v1/users/ask-send-verify-email' | ||
224 | |||
225 | it('Should fail with a missing email', async function () { | ||
226 | const fields = {} | ||
227 | |||
228 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
229 | }) | ||
230 | |||
231 | it('Should fail with an invalid email', async function () { | ||
232 | const fields = { email: 'hello' } | ||
233 | |||
234 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | ||
235 | }) | ||
236 | |||
237 | it('Should succeed with the correct params', async function () { | ||
238 | const fields = { email: 'admin@example.com' } | ||
239 | |||
240 | await makePostBodyRequest({ | ||
241 | url: server.url, | ||
242 | path, | ||
243 | token: server.accessToken, | ||
244 | fields, | ||
245 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | ||
246 | }) | ||
247 | }) | ||
248 | }) | ||
249 | |||
250 | after(async function () { | ||
251 | MockSmtpServer.Instance.kill() | ||
252 | |||
253 | await cleanupTests([ server, serverWithRegistrationDisabled ]) | ||
254 | }) | ||
255 | }) | ||