Merge branch 'fix/signup-without-email' into 'develop'

Allow account registration without an email

See merge request pleroma/pleroma!2246
This commit is contained in:
feld 2020-03-11 16:53:05 +00:00
commit 2019f3b3ff
5 changed files with 90 additions and 5 deletions

View file

@ -38,6 +38,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Rate limiter is now disabled for localhost/socket (unless remoteip plug is enabled) - Rate limiter is now disabled for localhost/socket (unless remoteip plug is enabled)
- Logger: default log level changed from `warn` to `info`. - Logger: default log level changed from `warn` to `info`.
- Config mix task `migrate_to_db` truncates `config` table before migrating the config file. - Config mix task `migrate_to_db` truncates `config` table before migrating the config file.
- Allow account registration without an email
- Default to `prepare: :unnamed` in the database configuration. - Default to `prepare: :unnamed` in the database configuration.
- Instance stats are now loaded on startup instead of being empty until next hourly job. - Instance stats are now loaded on startup instead of being empty until next hourly job.
<details> <details>

View file

@ -530,7 +530,14 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
end end
def maybe_validate_required_email(changeset, true), do: changeset def maybe_validate_required_email(changeset, true), do: changeset
def maybe_validate_required_email(changeset, _), do: validate_required(changeset, [:email])
def maybe_validate_required_email(changeset, _) do
if Pleroma.Config.get([:instance, :account_activation_required]) do
validate_required(changeset, [:email])
else
changeset
end
end
defp put_ap_id(changeset) do defp put_ap_id(changeset) do
ap_id = ap_id(%User{nickname: get_field(changeset, :nickname)}) ap_id = ap_id(%User{nickname: get_field(changeset, :nickname)})

View file

@ -76,7 +76,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountController do
@doc "POST /api/v1/accounts" @doc "POST /api/v1/accounts"
def create( def create(
%{assigns: %{app: app}} = conn, %{assigns: %{app: app}} = conn,
%{"username" => nickname, "email" => _, "password" => _, "agreement" => true} = params %{"username" => nickname, "password" => _, "agreement" => true} = params
) do ) do
params = params =
params params
@ -93,7 +93,8 @@ def create(
|> Map.put("bio", params["bio"] || "") |> Map.put("bio", params["bio"] || "")
|> Map.put("confirm", params["password"]) |> Map.put("confirm", params["password"])
with {:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true), with :ok <- validate_email_param(params),
{:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true),
{:ok, token} <- Token.create_token(app, user, %{scopes: app.scopes}) do {:ok, token} <- Token.create_token(app, user, %{scopes: app.scopes}) do
json(conn, %{ json(conn, %{
token_type: "Bearer", token_type: "Bearer",
@ -114,6 +115,15 @@ def create(conn, _) do
render_error(conn, :forbidden, "Invalid credentials") render_error(conn, :forbidden, "Invalid credentials")
end end
defp validate_email_param(%{"email" => _}), do: :ok
defp validate_email_param(_) do
case Pleroma.Config.get([:instance, :account_activation_required]) do
true -> {:error, %{"error" => "Missing parameters"}}
_ -> :ok
end
end
@doc "GET /api/v1/accounts/verify_credentials" @doc "GET /api/v1/accounts/verify_credentials"
def verify_credentials(%{assigns: %{user: user}} = conn, _) do def verify_credentials(%{assigns: %{user: user}} = conn, _) do
chat_token = Phoenix.Token.sign(conn, "user socket", user.id) chat_token = Phoenix.Token.sign(conn, "user socket", user.id)

View file

@ -412,7 +412,11 @@ test "it sends a welcome message if it is set" do
assert activity.actor == welcome_user.ap_id assert activity.actor == welcome_user.ap_id
end end
test "it requires an email, name, nickname and password, bio is optional" do clear_config([:instance, :account_activation_required])
test "it requires an email, name, nickname and password, bio is optional when account_activation_required is enabled" do
Pleroma.Config.put([:instance, :account_activation_required], true)
@full_user_data @full_user_data
|> Map.keys() |> Map.keys()
|> Enum.each(fn key -> |> Enum.each(fn key ->
@ -423,6 +427,19 @@ test "it requires an email, name, nickname and password, bio is optional" do
end) end)
end end
test "it requires an name, nickname and password, bio and email are optional when account_activation_required is disabled" do
Pleroma.Config.put([:instance, :account_activation_required], false)
@full_user_data
|> Map.keys()
|> Enum.each(fn key ->
params = Map.delete(@full_user_data, key)
changeset = User.register_changeset(%User{}, params)
assert if key in [:bio, :email], do: changeset.valid?, else: not changeset.valid?
end)
end
test "it restricts certain nicknames" do test "it restricts certain nicknames" do
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])

View file

@ -601,6 +601,8 @@ test "blocking / unblocking a user" do
[valid_params: valid_params] [valid_params: valid_params]
end end
clear_config([:instance, :account_activation_required])
test "Account registration via Application", %{conn: conn} do test "Account registration via Application", %{conn: conn} do
conn = conn =
post(conn, "/api/v1/apps", %{ post(conn, "/api/v1/apps", %{
@ -685,7 +687,7 @@ test "returns bad_request if missing required params", %{
assert json_response(res, 200) assert json_response(res, 200)
[{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}] [{127, 0, 0, 1}, {127, 0, 0, 2}, {127, 0, 0, 3}, {127, 0, 0, 4}]
|> Stream.zip(valid_params) |> Stream.zip(Map.delete(valid_params, :email))
|> Enum.each(fn {ip, {attr, _}} -> |> Enum.each(fn {ip, {attr, _}} ->
res = res =
conn conn
@ -697,6 +699,54 @@ test "returns bad_request if missing required params", %{
end) end)
end end
clear_config([:instance, :account_activation_required])
test "returns bad_request if missing email params when :account_activation_required is enabled",
%{conn: conn, valid_params: valid_params} do
Pleroma.Config.put([:instance, :account_activation_required], true)
app_token = insert(:oauth_token, user: nil)
conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token)
res =
conn
|> Map.put(:remote_ip, {127, 0, 0, 5})
|> post("/api/v1/accounts", Map.delete(valid_params, :email))
assert json_response(res, 400) == %{"error" => "Missing parameters"}
res =
conn
|> Map.put(:remote_ip, {127, 0, 0, 6})
|> post("/api/v1/accounts", Map.put(valid_params, :email, ""))
assert json_response(res, 400) == %{"error" => "{\"email\":[\"can't be blank\"]}"}
end
test "allow registration without an email", %{conn: conn, valid_params: valid_params} do
app_token = insert(:oauth_token, user: nil)
conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token)
res =
conn
|> Map.put(:remote_ip, {127, 0, 0, 7})
|> post("/api/v1/accounts", Map.delete(valid_params, :email))
assert json_response(res, 200)
end
test "allow registration with an empty email", %{conn: conn, valid_params: valid_params} do
app_token = insert(:oauth_token, user: nil)
conn = put_req_header(conn, "authorization", "Bearer " <> app_token.token)
res =
conn
|> Map.put(:remote_ip, {127, 0, 0, 8})
|> post("/api/v1/accounts", Map.put(valid_params, :email, ""))
assert json_response(res, 200)
end
test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_params} do
conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token") conn = put_req_header(conn, "authorization", "Bearer " <> "invalid-token")