X-Git-Url: http://these/git/?a=blobdiff_plain;f=crates%2Fapi_crud%2Fsrc%2Fuser%2Fcreate.rs;h=f2af6940e05867d6c92f846876401fc58c5c06b5;hb=3471f3533cb724b2cf6953d563aadfcc9f66c1d2;hp=0521ffe0ced7274627e1b454f2d351a8cfc3010b;hpb=201fa97769882736b560f1c6e3564c70e5ce3f1f;p=lemmy.git

diff --git a/crates/api_crud/src/user/create.rs b/crates/api_crud/src/user/create.rs
index 0521ffe0..f2af6940 100644
--- a/crates/api_crud/src/user/create.rs
+++ b/crates/api_crud/src/user/create.rs
@@ -1,109 +1,119 @@
 use crate::PerformCrud;
-use activitypub_federation::core::signatures::generate_actor_keypair;
+use activitypub_federation::http_signatures::generate_actor_keypair;
 use actix_web::web::Data;
 use lemmy_api_common::{
-  generate_inbox_url,
-  generate_local_apub_endpoint,
-  generate_shared_inbox_url,
+  context::LemmyContext,
   person::{LoginResponse, Register},
   utils::{
+    generate_inbox_url,
+    generate_local_apub_endpoint,
+    generate_shared_inbox_url,
     honeypot_check,
     local_site_to_slur_regex,
     password_length_check,
+    sanitize_html,
     send_new_applicant_email_to_admins,
     send_verification_email,
+    EndpointType,
   },
-  websocket::messages::CheckCaptcha,
-  EndpointType,
-  LemmyContext,
 };
 use lemmy_db_schema::{
   aggregates::structs::PersonAggregates,
   source::{
+    captcha_answer::{CaptchaAnswer, CheckCaptchaAnswer},
     local_user::{LocalUser, LocalUserInsertForm},
     person::{Person, PersonInsertForm},
     registration_application::{RegistrationApplication, RegistrationApplicationInsertForm},
   },
   traits::Crud,
+  RegistrationMode,
 };
 use lemmy_db_views::structs::{LocalUserView, SiteView};
 use lemmy_utils::{
   claims::Claims,
-  error::LemmyError,
-  utils::{check_slurs, check_slurs_opt, is_valid_actor_name},
-  ConnectionId,
+  error::{LemmyError, LemmyErrorExt, LemmyErrorType},
+  utils::{
+    slurs::{check_slurs, check_slurs_opt},
+    validation::is_valid_actor_name,
+  },
 };
 
 #[async_trait::async_trait(?Send)]
 impl PerformCrud for Register {
   type Response = LoginResponse;
 
-  #[tracing::instrument(skip(self, context, _websocket_id))]
-  async fn perform(
-    &self,
-    context: &Data<LemmyContext>,
-    _websocket_id: Option<ConnectionId>,
-  ) -> Result<LoginResponse, LemmyError> {
+  #[tracing::instrument(skip(self, context))]
+  async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
     let data: &Register = self;
 
-    let site_view = SiteView::read_local(context.pool()).await?;
+    let site_view = SiteView::read_local(&mut context.pool()).await?;
     let local_site = site_view.local_site;
+    let require_registration_application =
+      local_site.registration_mode == RegistrationMode::RequireApplication;
 
-    if !local_site.open_registration {
-      return Err(LemmyError::from_message("registration_closed"));
+    if local_site.registration_mode == RegistrationMode::Closed {
+      return Err(LemmyErrorType::RegistrationClosed)?;
     }
 
     password_length_check(&data.password)?;
     honeypot_check(&data.honeypot)?;
 
     if local_site.require_email_verification && data.email.is_none() {
-      return Err(LemmyError::from_message("email_required"));
+      return Err(LemmyErrorType::EmailRequired)?;
     }
 
-    if local_site.site_setup && local_site.require_application && data.answer.is_none() {
-      return Err(LemmyError::from_message(
-        "registration_application_answer_required",
-      ));
+    if local_site.site_setup && require_registration_application && data.answer.is_none() {
+      return Err(LemmyErrorType::RegistrationApplicationAnswerRequired)?;
     }
 
     // Make sure passwords match
     if data.password != data.password_verify {
-      return Err(LemmyError::from_message("passwords_dont_match"));
+      return Err(LemmyErrorType::PasswordsDoNotMatch)?;
     }
 
-    // If the site is set up, check the captcha
     if local_site.site_setup && local_site.captcha_enabled {
-      let check = context
-        .chat_server()
-        .send(CheckCaptcha {
-          uuid: data.captcha_uuid.clone().unwrap_or_default(),
-          answer: data.captcha_answer.clone().unwrap_or_default(),
-        })
+      if let Some(captcha_uuid) = &data.captcha_uuid {
+        let uuid = uuid::Uuid::parse_str(captcha_uuid)?;
+        let check = CaptchaAnswer::check_captcha(
+          &mut context.pool(),
+          CheckCaptchaAnswer {
+            uuid,
+            answer: data.captcha_answer.clone().unwrap_or_default(),
+          },
+        )
         .await?;
-      if !check {
-        return Err(LemmyError::from_message("captcha_incorrect"));
+        if !check {
+          return Err(LemmyErrorType::CaptchaIncorrect)?;
+        }
+      } else {
+        return Err(LemmyErrorType::CaptchaIncorrect)?;
       }
     }
 
     let slur_regex = local_site_to_slur_regex(&local_site);
     check_slurs(&data.username, &slur_regex)?;
     check_slurs_opt(&data.answer, &slur_regex)?;
+    let username = sanitize_html(&data.username);
 
     let actor_keypair = generate_actor_keypair()?;
-    if !is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize) {
-      return Err(LemmyError::from_message("invalid_username"));
-    }
+    is_valid_actor_name(&data.username, local_site.actor_name_max_length as usize)?;
     let actor_id = generate_local_apub_endpoint(
       EndpointType::Person,
       &data.username,
       &context.settings().get_protocol_and_hostname(),
     )?;
 
+    if let Some(email) = &data.email {
+      if LocalUser::is_email_taken(&mut context.pool(), email).await? {
+        return Err(LemmyErrorType::EmailAlreadyExists)?;
+      }
+    }
+
     // We have to create both a person, and local_user
 
     // Register the new person
     let person_form = PersonInsertForm::builder()
-      .name(data.username.clone())
+      .name(username)
       .actor_id(Some(actor_id.clone()))
       .private_key(Some(actor_keypair.private_key))
       .public_key(actor_keypair.public_key)
@@ -115,9 +125,13 @@ impl PerformCrud for Register {
       .build();
 
     // insert the person
-    let inserted_person = Person::create(context.pool(), &person_form)
+    let inserted_person = Person::create(&mut context.pool(), &person_form)
       .await
-      .map_err(|e| LemmyError::from_error_message(e, "user_already_exists"))?;
+      .with_lemmy_type(LemmyErrorType::UserAlreadyExists)?;
+
+    // Automatically set their application as accepted, if they created this with open registration.
+    // Also fixes a bug which allows users to log in when registrations are changed to closed.
+    let accepted_application = Some(!require_registration_application);
 
     // Create the local user
     let local_user_form = LocalUserInsertForm::builder()
@@ -125,27 +139,13 @@ impl PerformCrud for Register {
       .email(data.email.as_deref().map(str::to_lowercase))
       .password_encrypted(data.password.to_string())
       .show_nsfw(Some(data.show_nsfw))
+      .accepted_application(accepted_application)
+      .default_listing_type(Some(local_site.default_post_listing_type))
       .build();
 
-    let inserted_local_user = match LocalUser::create(context.pool(), &local_user_form).await {
-      Ok(lu) => lu,
-      Err(e) => {
-        let err_type = if e.to_string()
-          == "duplicate key value violates unique constraint \"local_user_email_key\""
-        {
-          "email_already_exists"
-        } else {
-          "user_already_exists"
-        };
-
-        // If the local user creation errored, then delete that person
-        Person::delete(context.pool(), inserted_person.id).await?;
-
-        return Err(LemmyError::from_error_message(e, err_type));
-      }
-    };
+    let inserted_local_user = LocalUser::create(&mut context.pool(), &local_user_form).await?;
 
-    if local_site.site_setup && local_site.require_application {
+    if local_site.site_setup && require_registration_application {
       // Create the registration application
       let form = RegistrationApplicationInsertForm {
         local_user_id: inserted_local_user.id,
@@ -153,12 +153,12 @@ impl PerformCrud for Register {
         answer: data.answer.clone().expect("must have an answer"),
       };
 
-      RegistrationApplication::create(context.pool(), &form).await?;
+      RegistrationApplication::create(&mut context.pool(), &form).await?;
     }
 
     // Email the admins
     if local_site.application_email_admins {
-      send_new_applicant_email_to_admins(&data.username, context.pool(), context.settings())
+      send_new_applicant_email_to_admins(&data.username, &mut context.pool(), context.settings())
         .await?;
     }
 
@@ -170,7 +170,7 @@ impl PerformCrud for Register {
 
     // Log the user in directly if the site is not setup, or email verification and application aren't required
     if !local_site.site_setup
-      || (!local_site.require_application && !local_site.require_email_verification)
+      || (!require_registration_application && !local_site.require_email_verification)
     {
       login_response.jwt = Some(
         Claims::jwt(
@@ -194,12 +194,17 @@ impl PerformCrud for Register {
           .clone()
           .expect("email was provided");
 
-        send_verification_email(&local_user_view, &email, context.pool(), context.settings())
-          .await?;
+        send_verification_email(
+          &local_user_view,
+          &email,
+          &mut context.pool(),
+          context.settings(),
+        )
+        .await?;
         login_response.verify_email_sent = true;
       }
 
-      if local_site.require_application {
+      if require_registration_application {
         login_response.registration_created = true;
       }
     }