API: Create user did not handle exception of duplicate user

2025-05-31 23:10:01 +02:00 · 2024-01-24 10:57:30 +00:00 · 2024-01-24 10:57:30 +00:00 · 6627dd2924
commit 6627dd2924
parent 8f86ffc6fd
5 changed files with 6 additions and 10 deletions
--- a/.github/workflows/build_test_deploy.yml
+++ b/.github/workflows/build_test_deploy.yml
@ -418,7 +418,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        target: ["core", "fetchmail", "filters", "webmail", "webdav"]
+        target: ["api", "core", "fetchmail", "filters", "webmail", "webdav"]
        time: ["2"]
        include:
          - target: "filters"
--- a/core/admin/mailu/api/v1/relay.py
+++ b/core/admin/mailu/api/v1/relay.py
@ -78,7 +78,6 @@ class Relay(Resource):
    @relay.response(200, 'Success', response_fields)
    @relay.response(400, 'Input validation exception', response_fields)
    @relay.response(404, 'Relay not found', response_fields)
-    @relay.response(409, 'Duplicate relay', response_fields)
    @relay.doc(security='Bearer')
    @common.api_token_authorization
    def patch(self, name):
--- a/core/admin/mailu/api/v1/token.py
+++ b/core/admin/mailu/api/v1/token.py
@ -54,7 +54,6 @@ class Tokens(Resource):
    @token.expect(token_user_fields_post)
    @token.marshal_with(token_user_post_response, code=200, description='Success', as_list=False, skip_none=True, mask=None)
    @token.response(400, 'Input validation exception', response_fields)
-    @token.response(409, 'Duplicate relay', response_fields)
    @token.doc(security='Bearer')
    @common.api_token_authorization
    def post(self):
@ -111,7 +110,6 @@ class Token(Resource):
    @token.expect(token_user_fields_post2)
    @token.response(200, 'Success', token_user_post_response)
    @token.response(400, 'Input validation exception', response_fields)
-    @token.response(409, 'Duplicate relay', response_fields)
    @token.doc(security='Bearer')
    @common.api_token_authorization
    def post(self, email):
--- a/core/admin/mailu/api/v1/user.py
+++ b/core/admin/mailu/api/v1/user.py
@ -111,6 +111,10 @@ class Users(Resource):
        domain_found = models.Domain.query.get(domain_name)
        if not domain_found:
            return { 'code': 404, 'message': f'Domain {domain_name} does not exist'}, 404
+        email_found = models.User.query.filter_by(email=data['email']).first()
+        if email_found:
+            return { 'code': 409, 'message': f'User {data["email"]} already exists'}, 409
+

        user_new = models.User(email=data['email'])
        if 'raw_password' in data:
@ -188,7 +192,6 @@ class User(Resource):
    @user.response(200, 'Success', response_fields)
    @user.response(400, 'Input validation exception', response_fields)
    @user.response(404, 'User not found', response_fields)
-    @user.response(409, 'Duplicate user', response_fields)
    @user.doc(security='Bearer')
    @common.api_token_authorization
    def patch(self, email):
--- a/tests/compose/core/mailu.env
+++ b/tests/compose/core/mailu.env
@ -41,7 +41,7 @@ POSTMASTER=admin
 TLS_FLAVOR=cert

 # Authentication rate limit (per source IP address)
-AUTH_RATELIMIT=10/minute;1000/hour 
+AUTH_RATELIMIT=10/minute;1000/hour

 # Opt-out of statistics, replace with "True" to opt out
 DISABLE_STATISTICS=False
@ -143,7 +143,3 @@ REAL_IP_FROM=
 # choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
 REJECT_UNLISTED_RECIPIENT=

-# Test for initial admin create
-INITIAL_ADMIN_ACCOUNT=admin
-INITIAL_ADMIN_DOMAIN=mailu.io
-INITIAL_ADMIN_PW=FooBar