aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users/index.ts2
-rw-r--r--server/middlewares/validators/users.ts3
-rw-r--r--server/tests/api/check-params/users.ts12
3 files changed, 14 insertions, 3 deletions
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index 839431afb..fcd828ae3 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -86,7 +86,7 @@ usersRouter.get('/',
86 usersSortValidator, 86 usersSortValidator,
87 setDefaultSort, 87 setDefaultSort,
88 setDefaultPagination, 88 setDefaultPagination,
89 asyncMiddleware(usersListValidator), 89 usersListValidator,
90 asyncMiddleware(listUsers) 90 asyncMiddleware(listUsers)
91) 91)
92 92
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 6860a3bed..423da9bc0 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -41,10 +41,9 @@ import { Hooks } from '@server/lib/plugins/hooks'
41const usersListValidator = [ 41const usersListValidator = [
42 query('blocked') 42 query('blocked')
43 .optional() 43 .optional()
44 .customSanitizer(toBooleanOrNull)
45 .isBoolean().withMessage('Should be a valid boolean banned state'), 44 .isBoolean().withMessage('Should be a valid boolean banned state'),
46 45
47 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 46 (req: express.Request, res: express.Response, next: express.NextFunction) => {
48 logger.debug('Checking usersList parameters', { parameters: req.query }) 47 logger.debug('Checking usersList parameters', { parameters: req.query })
49 48
50 if (areValidationErrors(req, res)) return 49 if (areValidationErrors(req, res)) return
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 74f0a2d3f..2fea2cbd5 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -155,6 +155,18 @@ describe('Test users API validators', function () {
155 await checkBadSortPagination(server.url, path, server.accessToken) 155 await checkBadSortPagination(server.url, path, server.accessToken)
156 }) 156 })
157 157
158 it('Should fail with a bad blocked/banned user filter', async function () {
159 await makeGetRequest({
160 url: server.url,
161 path,
162 query: {
163 blocked: 42
164 },
165 token: server.accessToken,
166 statusCodeExpected: 400
167 })
168 })
169
158 it('Should fail with a non authenticated user', async function () { 170 it('Should fail with a non authenticated user', async function () {
159 await makeGetRequest({ 171 await makeGetRequest({
160 url: server.url, 172 url: server.url,