diff options
-rw-r--r-- | server/controllers/api/users/index.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 14 | ||||
-rw-r--r-- | server/tests/external-plugins/auth-ldap.ts | 8 |
3 files changed, 23 insertions, 1 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 0b27d5277..07b9ae395 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
@@ -343,7 +343,7 @@ async function askResetUserPassword (req: express.Request, res: express.Response | |||
343 | 343 | ||
344 | const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) | 344 | const verificationString = await Redis.Instance.setResetPasswordVerificationString(user.id) |
345 | const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString | 345 | const url = WEBSERVER.URL + '/reset-password?userId=' + user.id + '&verificationString=' + verificationString |
346 | await Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url) | 346 | Emailer.Instance.addPasswordResetEmailJob(user.username, user.email, url) |
347 | 347 | ||
348 | return res.status(HttpStatusCode.NO_CONTENT_204).end() | 348 | return res.status(HttpStatusCode.NO_CONTENT_204).end() |
349 | } | 349 | } |
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 2de5265fb..eb693318f 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -411,6 +411,13 @@ const usersAskResetPasswordValidator = [ | |||
411 | return res.status(HttpStatusCode.NO_CONTENT_204).end() | 411 | return res.status(HttpStatusCode.NO_CONTENT_204).end() |
412 | } | 412 | } |
413 | 413 | ||
414 | if (res.locals.user.pluginAuth) { | ||
415 | return res.fail({ | ||
416 | status: HttpStatusCode.CONFLICT_409, | ||
417 | message: 'Cannot recover password of a user that uses a plugin authentication.' | ||
418 | }) | ||
419 | } | ||
420 | |||
414 | return next() | 421 | return next() |
415 | } | 422 | } |
416 | ] | 423 | ] |
@@ -454,6 +461,13 @@ const usersAskSendVerifyEmailValidator = [ | |||
454 | return res.status(HttpStatusCode.NO_CONTENT_204).end() | 461 | return res.status(HttpStatusCode.NO_CONTENT_204).end() |
455 | } | 462 | } |
456 | 463 | ||
464 | if (res.locals.user.pluginAuth) { | ||
465 | return res.fail({ | ||
466 | status: HttpStatusCode.CONFLICT_409, | ||
467 | message: 'Cannot ask verification email of a user that uses a plugin authentication.' | ||
468 | }) | ||
469 | } | ||
470 | |||
457 | return next() | 471 | return next() |
458 | } | 472 | } |
459 | ] | 473 | ] |
diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts index d7f155d2a..6f6a574a0 100644 --- a/server/tests/external-plugins/auth-ldap.ts +++ b/server/tests/external-plugins/auth-ldap.ts | |||
@@ -94,6 +94,14 @@ describe('Official plugin auth-ldap', function () { | |||
94 | await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } }) | 94 | await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } }) |
95 | }) | 95 | }) |
96 | 96 | ||
97 | it('Should not be able to ask password reset', async function () { | ||
98 | await server.users.askResetPassword({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 }) | ||
99 | }) | ||
100 | |||
101 | it('Should not be able to ask email verification', async function () { | ||
102 | await server.users.askSendVerifyEmail({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 }) | ||
103 | }) | ||
104 | |||
97 | it('Should not login if the plugin is uninstalled', async function () { | 105 | it('Should not login if the plugin is uninstalled', async function () { |
98 | await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' }) | 106 | await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' }) |
99 | 107 | ||