express validator

src/server/routes/admin.js

@@ -439,18 +439,20 @@ module.exports = function(crowi, app) {
     });
   };
   api.validators = {};
-  api.validators.inviteEmail = {};
 
   api.validators.inviteEmail = function() {
     const validator = [
-      check('email').notEmpty().isEmail().withMessage('Error. Valid email address is required'),
+      check('email').isEmail().withMessage('Error. Valid email address is required'),
     ];
     return validator;
   };
 
   actions.user.invite = async function(req, res) {
-    if (req.body.email === '') {
-      return res.json(ApiResponse.error('Email is required'));
+
+    const { validationResult } = require('express-validator');
+    const errors = validationResult(req);
+    if (!errors.isEmpty()) {
+      return res.json(ApiResponse.error('Valid email address is required'));
     }
 
     try {

src/server/routes/index.js

@@ -118,7 +118,7 @@ module.exports = function(crowi, app) {
   app.post('/admin/global-notification/:id/remove', loginRequired() , adminRequired , admin.globalNotification.remove);
 
   app.get('/admin/users'                , loginRequired() , adminRequired , admin.user.index);
-  app.post('/_api/admin/user/invite'         , form.admin.userInvite ,  loginRequired() , adminRequired , csrf, admin.user.invite);
+  app.post('/_api/admin/user/invite'         , form.admin.userInvite ,  loginRequired() , adminRequired , csrf, admin.importer.api.validators.inviteEmail(), admin.user.invite);
   app.post('/admin/user/:id/makeAdmin'  , loginRequired() , adminRequired , csrf, admin.user.makeAdmin);
   app.post('/admin/user/:id/removeFromAdmin', loginRequired() , adminRequired , admin.user.removeFromAdmin);
   app.post('/admin/user/:id/activate'   , loginRequired() , adminRequired , csrf, admin.user.activate);