meedan · jayjay-w · Jan 28, 2025 · Jan 20, 2025 · Jan 20, 2025 · Jan 20, 2025
@@ -31,7 +31,7 @@ def create
     rescue ActiveRecord::RecordInvalid => e
       clean_up_passwords resource
       set_minimum_password_length
-      render_error e.message.gsub(/^Validation failed: Email /, ''), 'INVALID_VALUE'
+      render_error e.message.gsub(/^Email /, ''), 'INVALID_VALUE', 401
     end
   end
 

@@ -162,6 +162,10 @@ en:
           attributes:
             slug:
               slug_format: accepts only letters, numbers and hyphens
+        user:
+          attributes:
+            email:
+              taken: Please check your email.
       messages:
         record_invalid: "%{errors}"
         improbable_phone: is an invalid number
@@ -308,7 +312,7 @@ en:
   account_exists: This account already exists
   media_exists: This item already exists
   source_exists: This source already exists
-  email_exists: has already been taken
+  email_exists: Please check your email.
   error_password_not_strong: "Complexity requirement not met. Length should be 8-70 characters and include at least: 1 uppercase, 1 lowercase, 1 digit and 1 special character"
   banned_user: Sorry, your account has been banned from %{app_name}. Please contact
     the support team if you think this is an error.
@@ -335,7 +339,7 @@ en:
         ignore: If you don't want to accept the invitation, please ignore this email.
         app_team: "%{app} Workspace"
     failure:
-      unconfirmed: Please check your email to verify your account.
+      unconfirmed: Please check your email.
   user_invitation:
     invited: "%{email} was already invited to this workspace."
     member: "%{email} is already a member."

@@ -365,7 +365,7 @@ Use this method in order to create a new user account
 {
   "errors": [
     {
-      "message": "Please check your email to verify your account.",
+      "message": "Please check your email.",
       "code": 1,
       "data": {
       }

@@ -54,31 +54,31 @@ def teardown
     p1 = random_complex_password
     assert_no_difference 'User.count' do
       post :create, params: { api_user: { password_confirmation: p1, email: '[email protected]', login: 'test', name: 'Test' } }
-      assert_response 400
+      assert_response 401
     end
   end
 
   test "should not create user if password is too short" do
     p1 = '1234'
     assert_no_difference 'User.count' do
       post :create, params: { api_user: { password: p1, password_confirmation: p1, email: '[email protected]', login: 'test', name: 'Test' } }
-      assert_response 400
+      assert_response 401
     end
   end
 
   test "should not create user if password don't match" do
     p1 = random_complex_password
     assert_no_difference 'User.count' do
       post :create, params: { api_user: { password: random_complex_password, password_confirmation: random_complex_password, email: '[email protected]', login: 'test', name: 'Test' } }
-      assert_response 400
+      assert_response 401
     end
   end
 
   test "should not create user if email is not present" do
     p1 = random_complex_password
     assert_no_difference 'User.count' do
       post :create, params: { api_user: { password: p1, password_confirmation: p1, email: '', login: 'test', name: 'Test' } }
-      assert_response 400
+      assert_response 401
     end
   end
 
@@ -94,7 +94,7 @@ def teardown
     p1 = random_complex_password
     assert_no_difference 'User.count' do
       post :create, params: { api_user: { password: p1, password_confirmation: p1, email: '[email protected]', login: 'test', name: '' } }
-      assert_response 400
+      assert_response 401
     end
   end
 
@@ -143,4 +143,25 @@ def teardown
     end
     assert_response 401
   end
+
+  test "should return generic response in case of error when registering using an existing email" do
+    existing_user = create_user(email: '[email protected]')
+    p1 = random_complex_password
+
+    assert_no_difference 'User.count' do
+      post :create, params: { api_user: { password: p1, password_confirmation: p1, email: existing_user.email, login: 'test', name: 'Test' } }
+      assert_response 401
+      assert_equal 'Please check your email.', response.parsed_body.dig("errors", 0, "message")
+    end
+  end
+
+  test "should return generic response when registering with non-existing email" do
+    p1 = random_complex_password
+
+    assert_difference 'User.count', 1 do
+      post :create, params: { api_user: { password: p1, password_confirmation: p1, email: '[email protected]', login: 'test', name: 'Test' } }
+      assert_response 401
+      assert_equal 'Please check your email.', JSON.parse(response.parsed_body).dig("errors", 0, "message")
+    end
+  end
 end