fix(server): avoid server error for invalid email data type (#10978)

* fix(server): avoid server error for invalid email data type * add e2e test * fix e2e
2024-07-10 13:58:06 +02:00
parent 27b13b82f5
commit bd88b079ea
5 changed files with 36 additions and 4 deletions
@@ -5,6 +5,7 @@ import { APIKeyEntity } from 'src/entities/api-key.entity';
 import { SessionEntity } from 'src/entities/session.entity';
 import { SharedLinkEntity } from 'src/entities/shared-link.entity';
 import { UserEntity } from 'src/entities/user.entity';
+import { toEmail } from 'src/validation';

 export enum ImmichCookie {
  ACCESS_TOKEN = 'immich_access_token',
@@ -41,7 +42,7 @@ export class AuthDto {

 export class LoginCredentialDto {
  @IsEmail({ require_tld: false })
-  @Transform(({ value }) => value?.toLowerCase())
+  @Transform(toEmail)
  @IsNotEmpty()
  @ApiProperty({ example: 'testuser@email.com' })
  email!: string;
@@ -38,6 +38,22 @@ describe('create user DTO', () => {
    expect(errors).toHaveLength(0);
  });

+  it('validates invalid email type', async () => {
+    let dto = plainToInstance(UserAdminCreateDto, {
+      email: [],
+      password: 'some password',
+      name: 'some name',
+    });
+    expect(await validate(dto)).toHaveLength(1);
+
+    dto = plainToInstance(UserAdminCreateDto, {
+      email: {},
+      password: 'some password',
+      name: 'some name',
+    });
+    expect(await validate(dto)).toHaveLength(1);
+  });
+
  it('should allow emails without a tld', async () => {
    const someEmail = 'test@test';