Users registered by admin are automatically verified

Author: zonia3000

playwright.config.js

@@ -38,7 +38,7 @@ export default defineConfig({
 
 	webServer: [
 		{
-			command: './tests/start-test-server.sh 1.4.1a2',
+			command: './tests/start-test-server.sh 1.4.2a0',
 			port: 8000,
 			waitForPort: true,
 			stdout: 'pipe',

src/routes/admin/users/register/+page.svelte

@@ -1,33 +1,68 @@
 <script>
 	import UserEditor from '$lib/components/admin/UserEditor.svelte';
+	import { onMount } from 'svelte';
 
 	/** @type {import('$lib/types').User} */
 	let user = {
 		email: '',
 		is_active: true,
 		is_superuser: false,
-		is_verified: true,
+		is_verified: false,
 		username: '',
 		slurm_user: '',
 		cache_dir: '',
 		password: ''
 	};
 
+	/** @type {undefined|boolean} */
+	let created = undefined;
+	let verified = undefined;
+
 	/**
 	 * @param {import('$lib/types').User} user
 	 * @returns {Promise<Response>}
 	 */
 	async function save(user) {
+		created = undefined;
+		verified = undefined;
+
 		const headers = new Headers();
 		headers.set('Content-Type', 'application/json');
 
-		return await fetch(`/api/auth/register`, {
+		const createResponse = await fetch(`/api/auth/register`, {
 			method: 'POST',
 			credentials: 'include',
 			headers,
 			body: JSON.stringify(user)
 		});
+
+		if (!createResponse.ok) {
+			return createResponse;
+		}
+
+		created = true;
+		const createdUser = await createResponse.json();
+
+		const verifiedResponse = await fetch(`/api/auth/users/${createdUser.id}`, {
+			method: 'PATCH',
+			credentials: 'include',
+			headers,
+			body: JSON.stringify({
+				is_verified: true
+			})
+		});
+
+		if (!verifiedResponse.ok) {
+			verified = false;
+		}
+
+		return verifiedResponse;
 	}
+
+	onMount(() => {
+		created = undefined;
+		verified = undefined;
+	});
 </script>
 
 <nav aria-label="breadcrumb">
@@ -42,4 +77,11 @@
 	</ol>
 </nav>
 
+{#if created === true && verified === false}
+	<div class="alert alert-warning">
+		<strong>Warning</strong>: The user was created but an error happened while setting the
+		<code>is_verified</code> flag on it.
+	</div>
+{/if}
+
 <UserEditor {user} {save} />

tests/users_crud.spec.js

@@ -53,7 +53,7 @@ test('Create, update and delete a user', async ({ page }) => {
 		expect(await userRowCells[2].innerText()).toEqual(randomUserName);
 		verifyChecked(userRowCells, 3, true);
 		verifyChecked(userRowCells, 4, false);
-		verifyChecked(userRowCells, 5, false);
+		verifyChecked(userRowCells, 5, true);
 		expect(await userRowCells[6].innerText()).toEqual(randomUserName + '_slurm');
 	});
 
@@ -70,7 +70,7 @@ test('Create, update and delete a user', async ({ page }) => {
 		expect(await cells[2].innerText()).toEqual(randomUserName);
 		verifyChecked(cells, 3, true);
 		verifyChecked(cells, 4, false);
-		verifyChecked(cells, 5, false);
+		verifyChecked(cells, 5, true);
 		expect(await cells[6].innerText()).toEqual(randomUserName + '_slurm');
 		expect(await cells[7].innerText()).toEqual('/tmp/test');
 	});
@@ -102,8 +102,8 @@ test('Create, update and delete a user', async ({ page }) => {
 		});
 	});
 
-	await test.step('Rename username and set verified checkbox', async () => {
-		await page.getByLabel('Verified').check();
+	await test.step('Rename username and unset verified checkbox', async () => {
+		await page.getByLabel('Verified').uncheck();
 		await page.getByLabel('Cache dir').fill('/tmp/test');
 		await page.getByLabel('Username').fill(randomUserName + '-renamed');
 		await page.getByLabel('SLURM user').fill(randomUserName + '_slurm-renamed');
@@ -116,7 +116,7 @@ test('Create, update and delete a user', async ({ page }) => {
 		expect(await userRowCells[2].innerText()).toEqual(randomUserName + '-renamed');
 		verifyChecked(userRowCells, 3, true);
 		verifyChecked(userRowCells, 4, false);
-		verifyChecked(userRowCells, 5, true);
+		verifyChecked(userRowCells, 5, false);
 		expect(await userRowCells[6].innerText()).toEqual(randomUserName + '_slurm-renamed');
 	});
 
@@ -142,7 +142,7 @@ test('Create, update and delete a user', async ({ page }) => {
 		const userRowCells = await getUserRowCells(page, randomUserName + '-renamed');
 		verifyChecked(userRowCells, 3, true);
 		verifyChecked(userRowCells, 4, true);
-		verifyChecked(userRowCells, 5, true);
+		verifyChecked(userRowCells, 5, false);
 	});
 
 	await test.step('Revoke superuser privilege', async () => {
@@ -167,7 +167,7 @@ test('Create, update and delete a user', async ({ page }) => {
 		const userRowCells = await getUserRowCells(page, randomUserName + '-renamed');
 		verifyChecked(userRowCells, 3, true);
 		verifyChecked(userRowCells, 4, false);
-		verifyChecked(userRowCells, 5, true);
+		verifyChecked(userRowCells, 5, false);
 	});
 
 	await test.step("Verify that the admin can't edit his/her superuser status", async () => {