Check banned status for external auths
This commit is contained in:
Chocobozzz
parent
e01146559a
commit
33c7131be5
|
|
@ -119,6 +119,8 @@ async function getUser (usernameOrEmail?: string, password?: string) {
|
|||
// This user does not belong to this plugin, skip it
|
||||
if (user.pluginAuth !== obj.pluginName) return null
|
||||
|
||||
checkUserValidityOrThrow(user)
|
||||
|
||||
return user
|
||||
}
|
||||
}
|
||||
|
|
@ -132,7 +134,7 @@ async function getUser (usernameOrEmail?: string, password?: string) {
|
|||
const passwordMatch = await user.isPasswordMatch(password)
|
||||
if (passwordMatch !== true) return null
|
||||
|
||||
if (user.blocked) throw new AccessDeniedError('User is blocked.')
|
||||
checkUserValidityOrThrow(user)
|
||||
|
||||
if (CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION && user.emailVerified === false) {
|
||||
throw new AccessDeniedError('User email is not verified.')
|
||||
|
|
@ -238,3 +240,7 @@ async function createUserFromExternal (pluginAuth: string, options: {
|
|||
|
||||
return user
|
||||
}
|
||||
|
||||
function checkUserValidityOrThrow (user: MUser) {
|
||||
if (user.blocked) throw new AccessDeniedError('User is blocked.')
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,9 +4,11 @@ import 'mocha'
|
|||
import { expect } from 'chai'
|
||||
import { User } from '@shared/models/users/user.model'
|
||||
import {
|
||||
blockUser,
|
||||
getMyUserInformation,
|
||||
installPlugin,
|
||||
setAccessTokensToServers,
|
||||
unblockUser,
|
||||
uninstallPlugin,
|
||||
updatePluginSettings,
|
||||
uploadVideo,
|
||||
|
|
@ -17,6 +19,7 @@ import { cleanupTests, flushAndRunServer, ServerInfo } from '../../../shared/ext
|
|||
describe('Official plugin auth-ldap', function () {
|
||||
let server: ServerInfo
|
||||
let accessToken: string
|
||||
let userId: number
|
||||
|
||||
before(async function () {
|
||||
this.timeout(30000)
|
||||
|
|
@ -90,12 +93,26 @@ describe('Official plugin auth-ldap', function () {
|
|||
|
||||
expect(body.username).to.equal('fry')
|
||||
expect(body.email).to.equal('fry@planetexpress.com')
|
||||
|
||||
userId = body.id
|
||||
})
|
||||
|
||||
it('Should upload a video', async function () {
|
||||
await uploadVideo(server.url, accessToken, { name: 'my super video' })
|
||||
})
|
||||
|
||||
it('Should not be able to login if the user is banned', async function () {
|
||||
await blockUser(server.url, userId, server.accessToken)
|
||||
|
||||
await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' }, 400)
|
||||
})
|
||||
|
||||
it('Should be able to login if the user is unbanned', async function () {
|
||||
await unblockUser(server.url, userId, server.accessToken)
|
||||
|
||||
await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' })
|
||||
})
|
||||
|
||||
it('Should not login if the plugin is uninstalled', async function () {
|
||||
await uninstallPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-plugin-auth-ldap' })
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue