diff --git a/.github/ISSUE_TEMPLATE/01_bug-report.yml b/.github/ISSUE_TEMPLATE/01_bug-report.yml index f74719989f80..ac2b39cc12c6 100644 --- a/.github/ISSUE_TEMPLATE/01_bug-report.yml +++ b/.github/ISSUE_TEMPLATE/01_bug-report.yml @@ -89,3 +89,9 @@ body: render: markdown validations: required: false + + - type: checkboxes + attributes: + label: Do you want to address this bug yourself? + options: + - label: Yes, I will patch the bug myself and send a pull request diff --git a/.github/ISSUE_TEMPLATE/02_feature-request.yml b/.github/ISSUE_TEMPLATE/02_feature-request.yml index 8420475b3e00..8d7b0b2539e9 100644 --- a/.github/ISSUE_TEMPLATE/02_feature-request.yml +++ b/.github/ISSUE_TEMPLATE/02_feature-request.yml @@ -14,4 +14,9 @@ body: label: Purpose description: Describe the specific problem or need you think this feature will solve, and who it will help. validations: - required: true \ No newline at end of file + required: true + - type: checkboxes + attributes: + label: Do you want to implement this feature yourself? + options: + - label: Yes, I will implement this by myself and send a pull request diff --git a/.github/workflows/get-api-diff.yml b/.github/workflows/get-api-diff.yml index d604f9b16d39..bf92e701b2a9 100644 --- a/.github/workflows/get-api-diff.yml +++ b/.github/workflows/get-api-diff.yml @@ -56,7 +56,7 @@ jobs: - name: Upload Artifact uses: actions/upload-artifact@v4 with: - name: api-artifact + name: api-artifact-${{ matrix.api-json-name }} path: ${{ matrix.api-json-name }} save-pr-number: @@ -69,5 +69,5 @@ jobs: echo "$PR_NUMBER" > ./pr_number - uses: actions/upload-artifact@v4 with: - name: api-artifact + name: api-artifact-pr-number path: pr_number diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d6832278e83f..f3074ab0a4cc 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -78,4 +78,6 @@ jobs: cache: 'pnpm' - run: corepack enable - run: pnpm i --frozen-lockfile + - run: pnpm --filter misskey-js run build + if: ${{ matrix.workspace == 'backend' }} - run: pnpm --filter ${{ matrix.workspace }} run typecheck diff --git a/.github/workflows/report-api-diff.yml b/.github/workflows/report-api-diff.yml index 309516772f5e..54da8b4a8393 100644 --- a/.github/workflows/report-api-diff.yml +++ b/.github/workflows/report-api-diff.yml @@ -19,24 +19,28 @@ jobs: uses: actions/github-script@v7 with: script: | + const fs = require('fs'); let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ owner: context.repo.owner, repo: context.repo.repo, run_id: context.payload.workflow_run.id, }); - let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { - return artifact.name == "api-artifact" - })[0]; - let download = await github.rest.actions.downloadArtifact({ - owner: context.repo.owner, - repo: context.repo.repo, - artifact_id: matchArtifact.id, - archive_format: 'zip', + let matchArtifacts = allArtifacts.data.artifacts.filter((artifact) => { + return artifact.name.startsWith("api-artifact-") || artifact.name == "api-artifact" }); - let fs = require('fs'); - fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/api-artifact.zip`, Buffer.from(download.data)); - - name: Extract artifact - run: unzip api-artifact.zip -d artifacts + await Promise.all(matchArtifacts.map(async (artifact) => { + let download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: artifact.id, + archive_format: 'zip', + }); + await fs.promises.writeFile(`${process.env.GITHUB_WORKSPACE}/${artifact.name}.zip`, Buffer.from(download.data)); + })); + - name: Extract all artifacts + run: | + find . -mindepth 1 -maxdepth 1 -type f -name '*.zip' -exec unzip {} -d artifacts ';' + ls -la - name: Load PR Number id: load-pr-num run: echo "pr-number=$(cat artifacts/pr_number)" >> "$GITHUB_OUTPUT" @@ -83,3 +87,11 @@ jobs: pr_number: ${{ steps.load-pr-num.outputs.pr-number }} comment_tag: show_diff filePath: ./output.md + - name: Tell error to PR + uses: thollander/actions-comment-pull-request@v2 + if: failure() && steps.load-pr-num.outputs.pr-number + with: + pr_number: ${{ steps.load-pr-num.outputs.pr-number }} + comment_tag: show_diff_error + message: | + api.jsonの差分作成中にエラーが発生しました。詳細は[Workflowのログ](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})を確認してください。 diff --git a/CHANGELOG.md b/CHANGELOG.md index ac31bc0d28cc..199a420f7bff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,27 @@ --> +## 2023.12.1 + +### General +- Enhance: ローカリゼーションの更新 +- Fix: 自分のdirect noteがuser list timelineに追加されない + +### Client +- Feat: AiScript専用のMFM構文`$[clickable.ev=EVENTNAME ...]`を追加。`Mk:C:mfm`のオプション`onClickEv`に関数を渡すと、クリック時に`EVENTNAME`を引数にして呼び出す +- Enhance: MFM入力補助ボタンを投稿フォームに表示できるように #12787 +- Fix: 一部のモデログ(logYellowでの表示対象)について、表示の色が変わらない問題を修正 +- Fix: `fg`/`bg`MFMに長い単語を指定すると、オーバーフローされずはみ出る問題を修正 + +### Server +- Enhance: センシティブワードの設定がハッシュタグトレンドにも適用されるようになりました +- Enhance: `oauth/token`エンドポイントのCORS対応 +- Fix: 1702718871541-ffVisibility.jsのdownが壊れている +- Fix:「非センシティブのみ(リモートはいいねのみ)」を設定していても、センシティブに設定されたカスタム絵文字をリアクションできる問題を修正 +- Fix: ロールアサイン時の通知で,ロールアイコンが縮小されずに表示される問題を修正 +- Fix: サードパーティアプリケーションがWebsocket APIに無条件にアクセスできる問題を修正 +- Fix: サードパーティアプリケーションがユーザーの許可なしに非公開の情報を見ることができる問題を修正 + ## 2023.12.0 ### Note @@ -99,6 +120,7 @@ - Enhance: MFM `$[ruby ]` が他ソフトウェアと連合されるように - Enhance: Meilisearchを有効にした検索で、ユーザーのミュートやブロックを考慮するように - Enhance: カスタム絵文字のインポート時の動作を改善 +- Enhance: json-schema(OpenAPIの戻り値として使用されるスキーマ定義)を出来る限り最新化 #12311 - Fix: 時間経過により無効化されたアンテナを再有効化したとき、サーバ再起動までその状況が反映されないのを修正 #12303 - Fix: ロールタイムラインが保存されない問題を修正 - Fix: api.jsonの生成ロジックを改善 #12402 @@ -115,7 +137,6 @@ - Fix: モデレーションログがモデレーターは閲覧できないように修正 - Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正 - Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない -- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正 ## 2023.11.1 @@ -126,7 +147,6 @@ - Feat: 管理者がコントロールパネルからメールアドレスの照会を行えるようになりました - Enhance: ローカリゼーションの更新 - Enhance: 依存関係の更新 -- Enhance: json-schema(OpenAPIの戻り値として使用されるスキーマ定義)を出来る限り最新化 #12311 ### Client - Enhance: MFMでルビを振れるように diff --git a/SECURITY.md b/SECURITY.md index 2c026a5f3305..fc5dec5de4e5 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,7 +1,6 @@ # Reporting Security Issues -If you discover a security issue in Misskey, please report it by sending an -email to [syuilotan@yahoo.co.jp](mailto:syuilotan@yahoo.co.jp). +If you discover a security issue in Misskey, please report it by **[this form](https://github.com/misskey-dev/misskey/security/advisories/new)**. This will allow us to assess the risk, and make a fix available before we add a bug report to the GitHub repository. diff --git a/locales/en-US.yml b/locales/en-US.yml index 0701bc37106e..ed71b5a190db 100644 --- a/locales/en-US.yml +++ b/locales/en-US.yml @@ -121,6 +121,8 @@ sensitive: "Sensitive" add: "Add" reaction: "Reactions" reactions: "Reactions" +emojiPicker: "Emoji picker" +emojiPickerDisplay: "Emoji picker display" reactionSettingDescription2: "Drag to reorder, click to delete, press \"+\" to add." rememberNoteVisibility: "Remember note visibility settings" attachCancel: "Remove attachment" @@ -260,6 +262,7 @@ removed: "Successfully deleted" removeAreYouSure: "Are you sure that you want to remove \"{x}\"?" deleteAreYouSure: "Are you sure that you want to delete \"{x}\"?" resetAreYouSure: "Really reset?" +areYouSure: "Are you sure?" saved: "Saved" messaging: "Chat" upload: "Upload" @@ -874,6 +877,8 @@ makeReactionsPublicDescription: "This will make the list of all your past reacti classic: "Classic" muteThread: "Mute thread" unmuteThread: "Unmute thread" +followingVisibility: "Visibility of follows" +followersVisibility: "Visibility of followers" continueThread: "View thread continuation" deleteAccountConfirm: "This will irreversibly delete your account. Proceed?" incorrectPassword: "Incorrect password." @@ -1972,6 +1977,7 @@ _widgets: _userList: chooseList: "Select a list" clicker: "Clicker" + birthdayFollowings: "Users who celebrate their birthday today" _cw: hide: "Hide" show: "Show content" @@ -2329,6 +2335,8 @@ _dataSaver: _avatar: title: "Avatar image" description: "Stop avatar image animation. Animated images can be larger in file size than normal images, potentially leading to further reductions in data traffic." + _urlPreview: + title: "URL preview thumbnails" _code: title: "Code highlighting" description: "If code highlighting notations are used in MFM, etc., they will not load until tapped. Syntax highlighting requires downloading the highlight definition files for each programming language. Therefore, disabling the automatic loading of these files is expected to reduce the amount of communication data." diff --git a/locales/es-ES.yml b/locales/es-ES.yml index a079cf01f9e9..9aa7bc4e70fa 100644 --- a/locales/es-ES.yml +++ b/locales/es-ES.yml @@ -121,6 +121,12 @@ sensitive: "Marcado como sensible" add: "Agregar" reaction: "Reacción" reactions: "Reacción" +emojiPicker: "Selector de emojis" +pinnedEmojisForReactionSettingDescription: "Puedes seleccionar reacciones para fijarlos en el selector" +pinnedEmojisSettingDescription: "Puedes seleccionar emojis para fijarlos en el selector" +emojiPickerDisplay: "Mostrar el selector de emojis" +overwriteFromPinnedEmojisForReaction: "Sobreescribir las reacciones fijadas" +overwriteFromPinnedEmojis: "Sobreescribir los emojis fijados" reactionSettingDescription2: "Arrastre para reordenar, click para borrar, apriete la tecla + para añadir." rememberNoteVisibility: "Recordar visibilidad" attachCancel: "Quitar adjunto" @@ -260,6 +266,7 @@ removed: "Borrado" removeAreYouSure: "¿Desea borrar \"{x}\"?" deleteAreYouSure: "¿Desea borrar \"{x}\"?" resetAreYouSure: "¿Desea reestablecer?" +areYouSure: "¿Estás conforme?" saved: "Guardado" messaging: "Chat" upload: "Subir" @@ -640,6 +647,7 @@ smtpSecure: "Usar SSL/TLS implícito en la conexión SMTP" smtpSecureInfo: "Apagar cuando se use STARTTLS" testEmail: "Prueba de envío" wordMute: "Silenciar palabras" +hardWordMute: "Filtro de palabra fuerte" regexpError: "Error de la expresión regular" regexpErrorDescription: "Ocurrió un error en la expresión regular en la linea {line} de las palabras muteadas {tab}" instanceMute: "Instancias silenciadas" @@ -873,6 +881,8 @@ makeReactionsPublicDescription: "Todas las reacciones que hayas hecho serán pú classic: "Clásico" muteThread: "Silenciar hilo" unmuteThread: "Mostrar hilo" +followingVisibility: "Visibilidad de seguidos" +followersVisibility: "Visibilidad de seguidores" continueThread: "Ver la continuación del hilo" deleteAccountConfirm: "La cuenta será borrada. ¿Está seguro?" incorrectPassword: "La contraseña es incorrecta" @@ -1024,6 +1034,7 @@ sensitiveWords: "Palabras sensibles" sensitiveWordsDescription: "La visibilidad de todas las notas que contienen cualquiera de las palabras configuradas serán puestas en \"Inicio\" automáticamente. Puedes enumerás varias separándolas con saltos de línea" sensitiveWordsDescription2: "Si se usan espacios se crearán expresiones AND y las palabras subsecuentes con barras inclinadas se convertirán en expresiones regulares." hiddenTags: "Hashtags ocultos" +hiddenTagsDescription: "Selecciona las etiquetas que no se mostrarán en tendencias. Una etiqueta por línea." notesSearchNotAvailable: "No se puede buscar una nota" license: "Licencia" unfavoriteConfirm: "¿Desea quitar de favoritos?" @@ -1152,6 +1163,7 @@ tosAndPrivacyPolicy: "Condiciones de Uso y Política de Privacidad" avatarDecorations: "Decoraciones de avatar" attach: "Acoplar" detach: "Quitar" +detachAll: "Quitar todo" angle: "Ángulo" flip: "Echar de un capirotazo" showAvatarDecorations: "Mostrar decoraciones de avatar" @@ -1165,6 +1177,10 @@ cwNotationRequired: "Si se ha activado \"ocultar contenido\", es necesario propo doReaction: "Añadir reacción" code: "Código" reloadRequiredToApplySettings: "Es necesario recargar para que se aplique la configuración." +remainingN: "Faltan: {n}" +overwriteContentConfirm: "¿Quieres sustituir todo el contenido actual?" +seasonalScreenEffect: "Efectos de pantalla asociados a estaciones" +decorate: "Decorar" _announcement: forExistingUsers: "Solo para usuarios registrados" forExistingUsersDescription: "Este anuncio solo se mostrará a aquellos usuarios registrados en el momento de su publicación. Si se deshabilita esta opción, aquellos usuarios que se registren tras su publicación también lo verán." @@ -1222,6 +1238,45 @@ _initialTutorial: home: "Puedes ver los posts de las cuentas que sigues." local: "Puedes ver los posts de todos los usuarios de este servidor." social: "Se ven los posts de la línea de tiempo de inicio junto con los de la línea de tiempo local." + global: "Puedes ver notas de todos los servidores conectados." + description2: "Puedes cambiar la línea de tiempo en la parte superior de la pantalla cuando quieras." + description3: "Además, hay listas de líneas de tiempo y listas de canales. Para más detalle, por favor visita este enlace: {link}" + _postNote: + title: "Ajustes de publicación de nota" + description1: "Cuando publicas una nota en Misskey, hay varias opciones disponibles. El formulario tiene este aspecto." + _visibility: + description: "Puedes limitar quién puede ver tu nota." + public: "Tu nota será visible para todos los usuarios." + home: "Publicar solo en la línea de tiempo de Inicio. La nota se verá en tu perfil, la verán tus seguidores y también cuando sea renotada." + followers: "Visible solo para seguidores. Sólo tus seguidores podrán ver la nota, y no podrá ser renotada por otras personas." + direct: "Visible sólo para usuarios específicos, y el destinatario será notificado. Puede usarse como alternativa a la mensajería directa." + doNotSendConfidencialOnDirect1: "¡Ten cuidado cuando vayas a enviar información sensible!" + doNotSendConfidencialOnDirect2: "Los administradores del servidor pueden leer lo que escribes. Ten cuidado cuando envíes información sensible en notas directas en servidores no confiables." + localOnly: "Publicando con esta opción seleccionada, la nota no se federará hacia otros servidores. Los usuarios de otros servidores no podrán ver estas notas directamente, sin importar los ajustes seleccionados más arriba." + _cw: + title: "Alerta de contenido (CW)" + description: "En lugar de mostrarse el contenido de la nota, se mostrará lo que escribas en el campo \"comentarios\". Pulsando en \"leer más\" desplegará el contenido de la nota." + _exampleNote: + cw: "¡Esto te hará tener hambre!" + note: "Acabo de comerme un donut de chocolate glaseado 🍩😋" + useCases: "Esto se usa cuando las normas del servidor lo requieren, o para ocultar spoilers o contenido sensible." + _howToMakeAttachmentsSensitive: + title: "¿Cómo puedo marcar adjuntos como contenido sensible?" + description: "Cuando las normas del servidor lo requieran, o el contenido lo requiera, marca la opción de \"contenido sensible\" para el adjunto." + tryThisFile: "¡Prueba a marcar la imagen adjunta como contenido sensible!" + _exampleNote: + note: "Ups, la he liado al abrir la tapa del natto..." + method: "Para marcar un adjunto como sensible, haz clic en la miniatura, abre el menú, y haz clic en \"Marcar como sensible\"." + sensitiveSucceeded: "Cuando adjuntes archivos, por favor, ten en cuenta las normas del servidor para marcarlos como contenido sensible." + doItToContinue: "Marca el archivo adjunto como sensible para continuar." + _done: + title: "¡Has completado el tutorial! 🎉" + description: "Las funciones que mostramos aquí son sólo una pequeña parte. Para más detalles sobre el funcionamiento de Misskey, pulsa en este enlace: {link}" +_timelineDescription: + home: "En la línea de tiempo de Inicio puedes ver las notas de las cuentas a las que sigues." + local: "En la línea de tiempo Local puedes ver las notas de todos los usuarios del servidor." + social: "En la línea de tiempo Social verás las notas de Inicio y Local a la vez." + global: "En la línea de tiempo Global verás las notas de todos los servidores conectados." _serverRules: description: "Un conjunto de reglas que serán mostradas antes del registro. Configurar un sumario de términos de servicio es recomendado." _serverSettings: @@ -1233,6 +1288,9 @@ _serverSettings: manifestJsonOverride: "Sobreescribir manifest.json" shortName: "Nombre corto" shortNameDescription: "Forma corta del nombre de la instancia que puede mostrarse si el nombre completo es demasiado largo." + fanoutTimelineDescription: "Incrementa el rendimiento de forma significativa cuando se obtienen las líneas de tiempo y reduce la carga en la base de datos. A cambio, el uso de la memoria en Redis incrementará. Considera desactivar esta opción en caso de que tu servidor tenga poca memoria o detectes inestabilidad." + fanoutTimelineDbFallback: "Cargar desde la base de datos" + fanoutTimelineDbFallbackDescription: "Cuando esta opción está habilitada, la carga de peticiones adicionales de la línea de tiempo se hará desde la base de datos cuando éstas no se encuentren en la caché. Al deshabilitar esta opción se reduce la carga del servidor, pero limita el número de líneas de tiempo que pueden obtenerse." _accountMigration: moveFrom: "Trasladar de otra cuenta a ésta" moveFromSub: "Crear un alias para otra cuenta." @@ -1490,6 +1548,9 @@ _achievements: _smashTestNotificationButton: title: "Sobrecarga de pruebas" description: "Envía muchas notificaciones de prueba en un corto espacio de tiempo" + _tutorialCompleted: + title: "Diploma del Curso Básico de Misskey" + description: "Tutorial completado" _role: new: "Crear rol" edit: "Editar rol" @@ -1500,7 +1561,9 @@ _role: assignTarget: "Asignar objetivo" descriptionOfAssignTarget: "Manual Para cambiar manualmente lo que se incluye en este rol.\nCondicional configura una condición, y los usuarios que cumplan la condición serán incluídos automáticamente." manual: "manual" + manualRoles: "Roles manuales" conditional: "condicional" + conditionalRoles: "Roles condicionales" condition: "condición" isConditionalRole: "Esto es un rol condicional" isPublic: "Publicar rol" @@ -1549,6 +1612,7 @@ _role: canHideAds: "Puede ocultar anuncios" canSearchNotes: "Uso de la búsqueda de notas" canUseTranslator: "Uso de traductor" + avatarDecorationLimit: "Número máximo de decoraciones de avatar" _condition: isLocal: "Usuario local" isRemote: "Usuario remoto" @@ -1577,6 +1641,7 @@ _emailUnavailable: disposable: "No es un correo reutilizable" mx: "Servidor de correo inválido" smtp: "Servidor de correo no disponible" + banned: "Email no disponible" _ffVisibility: public: "Publicar" followers: "Visible solo para seguidores" @@ -1653,6 +1718,7 @@ _aboutMisskey: donate: "Donar a Misskey" morePatrons: "Muchas más personas nos apoyan. Muchas gracias🥰" patrons: "Patrocinadores" + projectMembers: "Miembros del proyecto" _displayOfSensitiveMedia: respect: "Esconder medios marcados como sensibles" ignore: "Mostrar medios marcados como sensibles" @@ -1677,6 +1743,7 @@ _channel: notesCount: "{n} notas" nameAndDescription: "Nombre y descripción" nameOnly: "Sólo nombre" + allowRenoteToExternal: "Permitir renotas y menciones fuera del canal" _menuDisplay: sideFull: "Horizontal" sideIcon: "Horizontal (ícono)" @@ -1768,6 +1835,14 @@ _sfx: notification: "Notificaciones" antenna: "Antena receptora" channel: "Notificaciones del canal" + reaction: "Al seleccionar una reacción" +_soundSettings: + driveFile: "Usar un archivo de audio en Drive" + driveFileWarn: "Selecciona un archivo de audio en Drive." + driveFileTypeWarn: "Este archivo es incompatible" + driveFileTypeWarnDescription: "Selecciona un archivo de audio" + driveFileDurationWarn: "La duración del audio es demasiado larga." + driveFileDurationWarnDescription: "Usar un audio de larga duración puede llegar a molestar mientras usas Misskey. ¿Quieres continuar?" _ago: future: "Futuro" justNow: "Justo ahora" @@ -1780,6 +1855,12 @@ _ago: yearsAgo: "Hace {n} años" invalid: "No hay nada que ver aqui" _timeIn: + seconds: "En {n} segundos" + minutes: "En {n}m" + hours: "En {n}h" + days: "En {n}d" + weeks: "En {n}sem." + months: "En {n}M" years: "En {n} años" _time: second: "Segundos" @@ -1906,6 +1987,7 @@ _widgets: _userList: chooseList: "Seleccione una lista" clicker: "Cliqueador" + birthdayFollowings: "Hoy cumplen años" _cw: hide: "Ocultar" show: "Ver más" @@ -1968,6 +2050,7 @@ _profile: changeAvatar: "Cambiar avatar" changeBanner: "Cambiar banner" verifiedLinkDescription: "Introduciendo una URL que contiene un enlace a tu perfil, se puede mostrar un icono de verificación de propiedad al lado del campo." + avatarDecorationMax: "Puedes añadir un máximo de {max} decoraciones de avatar." _exportOrImport: allNotes: "Todas las notas" favoritedNotes: "Notas favoritas" @@ -2089,6 +2172,7 @@ _notification: pollEnded: "Estan disponibles los resultados de la encuesta" newNote: "Nueva nota" unreadAntennaNote: "Antena {name}" + roleAssigned: "Rol asignado" emptyPushNotificationMessage: "Se han actualizado las notificaciones push" achievementEarned: "Logro desbloqueado" testNotification: "Notificación de prueba" @@ -2110,6 +2194,7 @@ _notification: pollEnded: "La encuesta terminó" receiveFollowRequest: "Recibió una solicitud de seguimiento" followRequestAccepted: "El seguimiento fue aceptado" + roleAssigned: "Rol asignado" achievementEarned: "Logro desbloqueado" app: "Notificaciones desde aplicaciones" _actions: @@ -2255,3 +2340,16 @@ _externalResourceInstaller: _themeInstallFailed: title: "Instalación de tema fallida" description: "Ha ocurrido un problema al instalar el tema. Por favor, inténtalo de nuevo. Se pueden ver más detalles del error en la consola de Javascript." +_dataSaver: + _media: + title: "Cargando Multimedia" + description: "Desactiva la carga automática de imágenes y vídeos. Tendrás que tocar en las imágenes y vídeos ocultos para cargarlos." + _avatar: + title: "Avatares animados" + description: "Desactiva la animación de los avatares. Las imágenes animadas pueden llegar a ser de mayor tamaño que las normales, por lo que al desactivarlas puedes reducir el consumo de datos." + _urlPreview: + title: "Vista previa de URLs" + description: "Desactiva la carga de vistas previas de las URLs." + _code: + title: "Resaltar código" + description: "Si se usa resaltado de código en MFM, etc., no se cargará hasta pulsar en ello. El resaltado de sintaxis requiere la descarga de archivos de definición para cada lenguaje de programación. Debido a esto, al deshabilitar la carga automática de estos archivos reducirás el consumo de datos." diff --git a/locales/fr-FR.yml b/locales/fr-FR.yml index 43cc1d45b687..26e756e96e6c 100644 --- a/locales/fr-FR.yml +++ b/locales/fr-FR.yml @@ -162,6 +162,7 @@ addEmoji: "Ajouter un émoji" settingGuide: "Configuration proposée" cacheRemoteFiles: "Mise en cache des fichiers distants" cacheRemoteFilesDescription: "Lorsque cette option est désactivée, les fichiers distants sont chargés directement depuis l’instance distante. La désactiver diminuera certes l’utilisation de l’espace de stockage local mais augmentera le trafic réseau puisque les miniatures ne seront plus générées." +youCanCleanRemoteFilesCache: "Vous pouvez supprimer tous les caches en cliquant le bouton 🗑️ dans la gestion des fichiers." cacheRemoteSensitiveFiles: "Mettre en cache les fichiers distants sensibles" cacheRemoteSensitiveFilesDescription: "Si vous désactivez ce paramètre, les fichiers sensibles distants ne seront pas mis en cache et un lien direct sera utilisé à la place" flagAsBot: "Ce compte est un robot" @@ -726,6 +727,7 @@ lockedAccountInfo: "À moins que vous ne définissiez la visibilité de votre no alwaysMarkSensitive: "Marquer les médias comme contenu sensible par défaut" loadRawImages: "Affichage complet des images jointes au lieu des vignettes" disableShowingAnimatedImages: "Désactiver l'animation des images" +highlightSensitiveMedia: "Mettre en évidence les médias sensibles" verificationEmailSent: "Un e-mail de vérification a été envoyé. Veuillez accéder au lien pour compléter la vérification." notSet: "Non défini" emailVerified: "Votre adresse e-mail a été vérifiée." @@ -979,6 +981,7 @@ show: "Affichage" neverShow: "Ne plus afficher" remindMeLater: "Peut-être plus tard" didYouLikeMisskey: "Avez-vous aimé Misskey ?" +pleaseDonate: "Misskey est le logiciel libre utilisé par {host}. Merci de faire un don pour que nous puissions continuer à le développer !" roles: "Rôles" role: "Rôles" noRole: "Aucun rôle" @@ -991,8 +994,10 @@ manageCustomEmojis: "Gestion des émojis personnalisés" manageAvatarDecorations: "Gérer les décorations d'avatar" youCannotCreateAnymore: "Vous avez atteint la limite de création." cannotPerformTemporary: "Temporairement indisponible" +cannotPerformTemporaryDescription: "Temporairement indisponible puisque le nombre d'opérations dépasse la limite. Veuillez patienter un peu, puis réessayer." invalidParamError: "Paramètres invalides" permissionDeniedError: "Opération refusée" +permissionDeniedErrorDescription: "Ce compte n'a pas la permission d'effectuer cette opération." preset: "Préréglage" selectFromPresets: "Sélectionner à partir des préréglages" achievements: "Accomplissements" @@ -1021,6 +1026,7 @@ likeOnlyForRemote: "Toutes (mentions j'aime seulement pour les instances distant nonSensitiveOnly: "Non sensibles seulement" nonSensitiveOnlyForLocalLikeOnlyForRemote: "Non sensibles seulement (mentions j'aime seulement pour les instances distantes)" rolesAssignedToMe: "Rôles attribués à moi" +resetPasswordConfirm: "Souhaitez-vous réinitialiser votre mot de passe ?" sensitiveWords: "Mots sensibles" hiddenTags: "Hashtags cachés" hiddenTagsDescription: "Les hashtags définis ne s'afficheront pas dans les tendances. Vous pouvez définir plusieurs hashtags en faisant un saut de ligne." @@ -1082,6 +1088,7 @@ installed: "Installé" branding: "Image de marque" expirationDate: "Date d’expiration" waitingForMailAuth: "En attente de la vérification de l'adresse courriel" +inviteCodeCreator: "Créateur·rice de ce code d'invitation" usedAt: "Utilisé le" unused: "Non-utilisé" used: "Utilisé" @@ -1765,6 +1772,7 @@ _visibility: followersDescription: "Publier à vos abonné·e·s uniquement" specified: "Direct" specifiedDescription: "Publier uniquement aux utilisateur·rice·s mentionné·e·s" + disableFederation: "Défédérer" _postForm: replyPlaceholder: "Répondre à cette note ..." quotePlaceholder: "Citez cette note ..." diff --git a/locales/index.d.ts b/locales/index.d.ts index b3589082e1cb..60e88a219240 100644 --- a/locales/index.d.ts +++ b/locales/index.d.ts @@ -1184,6 +1184,8 @@ export interface Locale { "overwriteContentConfirm": string; "seasonalScreenEffect": string; "decorate": string; + "addMfmFunction": string; + "enableQuickAddMfmFunction": string; "_announcement": { "forExistingUsers": string; "forExistingUsersDescription": string; @@ -2066,6 +2068,55 @@ export interface Locale { "write:flash": string; "read:flash-likes": string; "write:flash-likes": string; + "read:admin:abuse-user-reports": string; + "write:admin:delete-account": string; + "write:admin:delete-all-files-of-a-user": string; + "read:admin:index-stats": string; + "read:admin:table-stats": string; + "read:admin:user-ips": string; + "read:admin:meta": string; + "write:admin:reset-password": string; + "write:admin:resolve-abuse-user-report": string; + "write:admin:send-email": string; + "read:admin:server-info": string; + "read:admin:show-moderation-log": string; + "read:admin:show-user": string; + "read:admin:show-users": string; + "write:admin:suspend-user": string; + "write:admin:unset-user-avatar": string; + "write:admin:unset-user-banner": string; + "write:admin:unsuspend-user": string; + "write:admin:meta": string; + "write:admin:user-note": string; + "write:admin:roles": string; + "read:admin:roles": string; + "write:admin:relays": string; + "read:admin:relays": string; + "write:admin:invite-codes": string; + "read:admin:invite-codes": string; + "write:admin:announcements": string; + "read:admin:announcements": string; + "write:admin:avatar-decorations": string; + "read:admin:avatar-decorations": string; + "write:admin:federation": string; + "write:admin:account": string; + "read:admin:account": string; + "write:admin:emoji": string; + "read:admin:emoji": string; + "write:admin:queue": string; + "read:admin:queue": string; + "write:admin:promo": string; + "write:admin:drive": string; + "read:admin:drive": string; + "read:admin:stream": string; + "write:admin:ad": string; + "read:admin:ad": string; + "write:invite-codes": string; + "read:invite-codes": string; + "write:clip-favorite": string; + "read:clip-favorite": string; + "read:federation": string; + "write:report-abuse": string; }; "_auth": { "shareAccessTitle": string; diff --git a/locales/ja-JP.yml b/locales/ja-JP.yml index b59fb6e74911..3d31dcef4954 100644 --- a/locales/ja-JP.yml +++ b/locales/ja-JP.yml @@ -1181,6 +1181,8 @@ remainingN: "残り: {n}" overwriteContentConfirm: "現在の内容に上書きされますがよろしいですか?" seasonalScreenEffect: "季節に応じた画面の演出" decorate: "デコる" +addMfmFunction: "装飾を追加" +enableQuickAddMfmFunction: "高度なMFMのピッカーを表示する" _announcement: forExistingUsers: "既存ユーザーのみ" @@ -1971,6 +1973,55 @@ _permissions: "write:flash": "Playを操作する" "read:flash-likes": "Playのいいねを見る" "write:flash-likes": "Playのいいねを操作する" + "read:admin:abuse-user-reports": "ユーザーからの通報を見る" + "write:admin:delete-account": "ユーザーアカウントを削除する" + "write:admin:delete-all-files-of-a-user": "ユーザーのすべてのファイルを削除する" + "read:admin:index-stats": "データベースインデックスに関する情報を見る" + "read:admin:table-stats": "データベーステーブルに関する情報を見る" + "read:admin:user-ips": "ユーザーのIPアドレスを見る" + "read:admin:meta": "インスタンスのメタデータを見る" + "write:admin:reset-password": "ユーザーのパスワードをリセットする" + "write:admin:resolve-abuse-user-report": "ユーザーからの通報を解決する" + "write:admin:send-email": "メールを送る" + "read:admin:server-info": "サーバーの情報を見る" + "read:admin:show-moderation-log": "モデレーションログを見る" + "read:admin:show-user": "ユーザーのプライベートな情報を見る" + "read:admin:show-users": "ユーザーのプライベートな情報を見る" + "write:admin:suspend-user": "ユーザーを凍結する" + "write:admin:unset-user-avatar": "ユーザーのアバターを削除する" + "write:admin:unset-user-banner": "ユーザーのバーナーを削除する" + "write:admin:unsuspend-user": "ユーザーの凍結を解除する" + "write:admin:meta": "インスタンスのメタデータを操作する" + "write:admin:user-note": "モデレーションノートを操作する" + "write:admin:roles": "ロールを操作する" + "read:admin:roles": "ロールを見る" + "write:admin:relays": "リレーを操作する" + "read:admin:relays": "リレーを見る" + "write:admin:invite-codes": "招待コードを操作する" + "read:admin:invite-codes": "招待コードを見る" + "write:admin:announcements": "お知らせを操作する" + "read:admin:announcements": "お知らせを見る" + "write:admin:avatar-decorations": "アバターデコレーションを操作する" + "read:admin:avatar-decorations": "アバターデコレーションを見る" + "write:admin:federation": "連合に関する情報を操作する" + "write:admin:account": "ユーザーアカウントを操作する" + "read:admin:account": "ユーザーに関する情報を見る" + "write:admin:emoji": "絵文字を操作する" + "read:admin:emoji": "絵文字を見る" + "write:admin:queue": "ジョブキューを操作する" + "read:admin:queue": "ジョブキューに関する情報を見る" + "write:admin:promo": "プロモーションノートを操作する" + "write:admin:drive": "ユーザーのドライブを操作する" + "read:admin:drive": "ユーザーのドライブの関する情報を見る" + "read:admin:stream": "管理者用のWebsocket APIを使う" + "write:admin:ad": "広告を操作する" + "read:admin:ad": "広告を見る" + "write:invite-codes": "招待コードを作成する" + "read:invite-codes": "招待コードを取得する" + "write:clip-favorite": "クリップのいいねを操作する" + "read:clip-favorite": "クリップのいいねを見る" + "read:federation": "連合に関する情報を取得する" + "write:report-abuse": "違反を報告する" _auth: shareAccessTitle: "アプリへのアクセス許可" diff --git a/locales/ko-GS.yml b/locales/ko-GS.yml index 9b113ad1b954..37bdf1e57708 100644 --- a/locales/ko-GS.yml +++ b/locales/ko-GS.yml @@ -298,7 +298,7 @@ light: "볽엄" dark: "어덥엄" lightThemes: "볽언 테마" darkThemes: "어덥언 테마" -syncDeviceDarkMode: "드라이브으 어덥엄 모드하고 같구로 마추기" +syncDeviceDarkMode: "디바이스 쪽 어덥엄 모드하고 같구로 마추기" drive: "드라이브" fileName: "파일 이럼" selectFile: "파일 개리기" @@ -425,20 +425,145 @@ moderationLogs: "중재 일지" nUsersMentioned: "{n}멩이 이바구하고 잇어예" securityKeyAndPasskey: "보안키·패스키" securityKey: "보안키" +lastUsed: "마지막 쓰임" +lastUsedAt: "마지막 쓰임: {t}" unregister: "맨걸기 무루기" +passwordLessLogin: "비밀번호 없시 로그인" +passwordLessLoginDescription: "비밀번호 말고 보안키나 패스키 같은 것만 써 가 로그인합니다." +resetPassword: "비밀번호 재설정" +newPasswordIs: "새 비밀번호는 \"{password}\" 입니다" +reduceUiAnimation: "화면 움직임 효과들을 수ᇚ후기" share: "노누기" notFound: "몬 찾앗십니다" +notFoundDescription: "고런 주소로 들어가는 하멘은 없십니다." +uploadFolder: "기본 업로드 위치" +markAsReadAllNotifications: "모든 알림 이럿다고 표시" +markAsReadAllUnreadNotes: "모든 글 이럿다고 표시" +markAsReadAllTalkMessages: "모든 대화 이럿다고 표시" help: "도움말" +inputMessageHere: "여따가 메시지를 입력해주이소" +close: "닫기" invites: "초대하기" +members: "멤버" +transfer: "양도" +title: "제목" +text: "글" +enable: "키기" +next: "다음" retype: "다시 서기" noteOf: "{user}님으 노트" +quoteAttached: "따옴" +quoteQuestion: "따와가 작성하겠십니까?" +noMessagesYet: "아직 대화가 없십니다" +newMessageExists: "새 메시지가 있십니다" +onlyOneFileCanBeAttached: "메시지엔 파일 하나까제밖에 몬 넣십니다" invitations: "초대하기" checking: "학인하고 잇십니다" passwordMatched: "맞십니다" passwordNotMatched: "안 맞십니다" +signinFailed: "로그인 몬 했십니다. 고 이름이랑 비밀번호 제대로 썼는가 확인해 주이소." +or: "아니면" language: "언어" +uiLanguage: "UI 표시 언어" +aboutX: "{x}에 대해서" +emojiStyle: "이모지 모양" +native: "기본" +disableDrawer: "드로어 메뉴 쓰지 않기" +showNoteActionsOnlyHover: "마우스 올맀을 때만 노트 액션 버턴 보이기" +noHistory: "기록이 없십니다" +signinHistory: "로그인 기록" +enableAdvancedMfm: "복잡한 MFM 키기" +enableAnimatedMfm: "정신사나운 MFM 키기" +doing: "잠만예" +category: "카테고리" +tags: "태그" +docSource: "요 문서의 원본" +createAccount: "게정 맨걸기" +existingAccount: "원래 게정" +regenerate: "엎고 다시 맨걸기" +fontSize: "글자 크기" +mediaListWithOneImageAppearance: "사진 하나짜리 미디어 목록의 높이" +limitTo: "{x}로 제한" +noFollowRequests: "지둘리는 팔로우 요청이 없십니다" +openImageInNewTab: "새 탭서 사진 열기" +dashboard: "대시보드" +local: "로컬" remote: "웬겍" +total: "합계" +weekOverWeekChanges: "저번주보다" +dayOverDayChanges: "어제보다" +appearance: "모냥" +clientSettings: "클라이언트 설정" +accountSettings: "게정 설정" +promotion: "선전" +promote: "선전하기" +numberOfDays: "며칠동안" +hideThisNote: "요 노트를 수ᇚ후기" +showFeaturedNotesInTimeline: "타임라인에다 추천 노트 보이기" +objectStorage: "오브젝트 스토리지" +useObjectStorage: "오브젝트 스토리지 키기" +objectStorageBaseUrl: "Base URL" +objectStorageBaseUrlDesc: "오브젝트 (미디어) 참조 링크 만들 때 쓰는 URL임다. CDN 내지 프락시를 쓴다 카멘은 그 URL을 갖다 늫고, 아이면 써먹을 서비스네 가이드를 봐봐가 공개적으로 접근할 수 있는 주소를 여 넣어 주이소. 그니께, 내가 AWS S3을 쓴다 카면은 'https://.s3.amazonaws.com', GCS를 쓴다 카면 'https://storage.googleapis.com/' 처럼 쓰믄 되입니더." +objectStorageBucket: "Bucket" +objectStorageBucketDesc: "써먹을 서비스의 바께쓰 이름을 여 써 주이소." +objectStoragePrefix: "Prefix" +objectStoragePrefixDesc: "요 Prefix 디렉토리 안에다가 파일이 들어감다." +objectStorageEndpoint: "Endpoint" +objectStorageEndpointDesc: "AWS S3을 쓸라멘 요는 비워두고, 아이멘은 그 서비스 가이드에 맞게 endpoint를 넣어 주이소. '' 내지 ':'처럼 넣십니다." +objectStorageRegion: "Region" +objectStorageRegionDesc: "'xx-east-1' 같은 region 이름을 옇어 주이소. 써먹을 서비스에 region 개념 같은 게 읎다! 카면은 대신에 'us-east-1'을 옇어 놓으이소. AWS 설정 파일이나 환경 변수를 갖다 끌어다 쓸 거면은 요는 비워 두이소." +objectStorageUseSSL: "SSL 쓰기" +objectStorageUseSSLDesc: "API 호출할 때 HTTPS 안 쓸거면은 꺼 두이소" +objectStorageUseProxy: "연결에 프락시 사용" +objectStorageUseProxyDesc: "오브젝트 스토리지 API 호출에 프락시 안 쓸 거면 꺼 두이소" +objectStorageSetPublicRead: "업로드할 때 'public-read' 설정하기" +s3ForcePathStyleDesc: "s3ForcePathStyle을 키면, 바께쓰 이름을 URL의 호스트명 말고 경로의 일부로써 취급합니다. 셀프 호스트 Minio 같은 걸 굴릴라믄 켜놔야 될 수도 있십니다." +serverLogs: "서버 로그" +deleteAll: "말캉 뭉캐기" +showFixedPostForm: "타임라인 우에 글 작성 칸 박기" +showFixedPostFormInChannel: "채널 타임라인 우에 글 작성 칸 박기" +withRepliesByDefaultForNewlyFollowed: "팔로우 할 때 기본적으로 답걸도 타임라인에 나오게 하기" +newNoteRecived: "새 노트 있어예" +sounds: "소리" +sound: "소리" +listen: "듣기" +none: "없음" +showInPage: "바닥서 보기" +popout: "새 창 열기" +volume: "음량" +masterVolume: "대빵 음량" +notUseSound: "음소거하기" +useSoundOnlyWhenActive: "Misskey가 활성화되어 있을 때만 소리 내기" +details: "좀 더" +chooseEmoji: "이모지 선택" +unableToProcess: "작업 다 몬 했십니다" +recentUsed: "최근 쓴 놈" +install: "설치" +uninstall: "삭제" +installedApps: "설치된 애플리케이션" +nothing: "뭣도 없어예" +installedDate: "설치한 날" +lastUsedDate: "마지막 사용" +state: "상태" +sort: "정렬하기" +ascendingOrder: "작은 순" +descendingOrder: "큰 순" +scratchpad: "스크래치 패드" +scratchpadDescription: "스크래치 패드는 AiScript를 끼적거리는 창입니더. Misskey랑 갖다 이리저리 상호작용하는 코드를 서가 굴리멘은 그 결과도 바로 확인할 수 있십니다." +output: "출력" script: "스크립트" +disablePagesScript: "온갖 바닥서 AiScript를 쓰지 않음" +updateRemoteUser: "원겍 사용자 근황 알아오기" +unsetUserAvatar: "아바타 치우기" +unsetUserAvatarConfirm: "아바타 갖다 치울까예?" +unsetUserBanner: "배너 치우기" +unsetUserBannerConfirm: "배너 갖다 치울까예?" +deleteAllFiles: "파일 말캉 뭉캐기" +deleteAllFilesConfirm: "파일을 싸그리 다 뭉캐삐릴까예?" +removeAllFollowing: "팔로잉 말캉 무루기" +removeAllFollowingDescription: "{host} 서버랑 걸어놓은 모든 팔로잉을 무룹니다. 고 서버가 아예 없어지삐맀든가, 그런 경우에 하이소." +userSuspended: "요 게정은... 얼어 있십니다." +userSilenced: "요 게정은... 수ᇚ혀 있십니다." manage: "간리" emailServer: "전자우펜 서버" email: "전자우펜" @@ -581,4 +706,5 @@ _moderationLogTypes: suspend: "얼우기" deleteNote: "노트 뭉캐기" deleteUserAnnouncement: "사용자 공지 걸 뭉캐기" + resetPassword: "비밀번호 재설정" resolveAbuseReport: "신고 해겔하기" diff --git a/locales/ko-KR.yml b/locales/ko-KR.yml index 6cdcc2c24618..63d0812e9329 100644 --- a/locales/ko-KR.yml +++ b/locales/ko-KR.yml @@ -114,7 +114,7 @@ quote: "인용" inChannelRenote: "채널 내 리노트" inChannelQuote: "채널 내 인용" pinnedNote: "고정된 노트" -pinned: "프로필에 고정" +pinned: "고정하기" you: "나" clickToShow: "클릭하여 보기" sensitive: "열람 주의" @@ -1179,7 +1179,7 @@ code: "문자열" reloadRequiredToApplySettings: "설정을 적용하려면 새로고침을 해야 합니다." remainingN: "나머지: {n}" overwriteContentConfirm: "현재 내용을 덮어쓰기 합니다. 계속 진행하시겠습니까?" -seasonalScreenEffect: "철에 맞는 화면으로 꾸미기" +seasonalScreenEffect: "계절에 따른 효과 보이기" decorate: "장식하기" _announcement: forExistingUsers: "기존 유저에게만 알림" @@ -1641,6 +1641,7 @@ _emailUnavailable: disposable: "임시 이메일 주소는 사용할 수 없습니다" mx: "메일 서버가 올바르지 않습니다" smtp: "메일 서버가 응답하지 않습니다" + banned: "이 메일 주소는 사용할 수 없습니다" _ffVisibility: public: "공개" followers: "팔로워에게만 공개" diff --git a/locales/ru-RU.yml b/locales/ru-RU.yml index b8095d72566d..25f409df922e 100644 --- a/locales/ru-RU.yml +++ b/locales/ru-RU.yml @@ -120,6 +120,12 @@ sensitive: "Содержимое не для всех" add: "Добавить" reaction: "Реакции" reactions: "Реакции" +emojiPicker: "Палитра эмодзи" +pinnedEmojisForReactionSettingDescription: "Здесь можно закрепить эмодзи для реакций" +pinnedEmojisSettingDescription: "Здесь можно закрепить эмодзи в общей палитре" +emojiPickerDisplay: "Внешний вид палитры" +overwriteFromPinnedEmojisForReaction: "Заменить на эмодзи из списка реакций" +overwriteFromPinnedEmojis: "Заменить на эмодзи из общего списка закреплённых" reactionSettingDescription2: "Расставляйте перетаскиванием, удаляйте нажатием, добавляйте кнопкой «+»." rememberNoteVisibility: "Запоминать видимость заметок" attachCancel: "Удалить вложение" @@ -1053,6 +1059,8 @@ options: "Настройки ролей" specifyUser: "Указанный пользователь" failedToPreviewUrl: "Предварительный просмотр недоступен" update: "Обновить" +rolesThatCanBeUsedThisEmojiAsReaction: "Роли тех, кому можно использовать эти эмодзи как реакцию" +rolesThatCanBeUsedThisEmojiAsReactionEmptyDescription: "Если здесь ничего не указать, в качестве реакции эту эмодзи сможет использовать каждый." later: "Позже" goToMisskey: "К Misskey" additionalEmojiDictionary: "Дополнительные словари эмодзи" diff --git a/locales/zh-TW.yml b/locales/zh-TW.yml index 51ba42e66c08..782f871b1e85 100644 --- a/locales/zh-TW.yml +++ b/locales/zh-TW.yml @@ -632,11 +632,11 @@ tokenRequested: "允許存取帳戶" pluginTokenRequestedDescription: "此外掛將擁有在此設定的權限。" notificationType: "通知形式" edit: "編輯" -emailServer: "電郵伺服器" -enableEmail: "啟用發送電郵功能" -emailConfigInfo: "用於確認電郵地址及密碼重置" +emailServer: "電子郵件伺服器" +enableEmail: "啟用發送電子郵件功能" +emailConfigInfo: "用於確認電子郵件地址及密碼重置" email: "電子郵件" -emailAddress: "電郵地址" +emailAddress: "電子郵件位址" smtpConfig: "SMTP 伺服器設定" smtpHost: "主機" smtpPort: "埠" @@ -731,7 +731,7 @@ disableShowingAnimatedImages: "不播放動態圖檔" highlightSensitiveMedia: "強調敏感標記" verificationEmailSent: "已發送驗證電子郵件。請點擊進入電子郵件中的鏈接完成驗證。" notSet: "未設定" -emailVerified: "已成功驗證您的電郵" +emailVerified: "已成功驗證您的電子郵件地址" noteFavoritesCount: "我的最愛貼文的數目" pageLikesCount: "頁面被按讚次數" pageLikedCount: "頁面被按讚次數" @@ -783,7 +783,7 @@ capacity: "容量" inUse: "已使用" editCode: "編輯代碼" apply: "套用" -receiveAnnouncementFromInstance: "接收由本實例發出的電郵通知" +receiveAnnouncementFromInstance: "接收來自伺服器的通知" emailNotification: "郵件通知" publish: "發布" inChannelSearch: "頻道内搜尋" @@ -955,7 +955,7 @@ cannotUploadBecauseExceedsFileSizeLimit: "由於超過了檔案大小的限制 beta: "測試版" enableAutoSensitive: "自動 NSFW 判定" enableAutoSensitiveDescription: "如果可用,它將使用機器學習技術判斷檔案是否需要標記為敏感。即使關閉此功能,也可能會依實例規則而自動啟用。" -activeEmailValidationDescription: "積極驗證使用者的電郵地址,以判斷它是否可以通訊。關閉此選項代表只會檢查地址是否符合格式。" +activeEmailValidationDescription: "主動地驗證使用者的電子郵件地址,以確定是否是一次性地址以及是否可以真正與其進行通訊。關閉時,僅檢查格式是否正確。" navbar: "導覽列" shuffle: "隨機" account: "帳戶" @@ -1641,6 +1641,7 @@ _emailUnavailable: disposable: "不是永久可用的地址" mx: "郵件伺服器不正確" smtp: "郵件伺服器沒有應答" + banned: "無法使用此電子郵件地址註冊" _ffVisibility: public: "公開" followers: "只有關注您的使用者能看到" diff --git a/package.json b/package.json index d39b800a188c..f245d62bcbb2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "misskey", - "version": "2023.12.0", + "version": "2023.12.1", "codename": "nasubi", "repository": { "type": "git", diff --git a/packages/backend/migration/1702718871541-ffVisibility.js b/packages/backend/migration/1702718871541-ffVisibility.js index 24b1873134f5..e9e820c89769 100644 --- a/packages/backend/migration/1702718871541-ffVisibility.js +++ b/packages/backend/migration/1702718871541-ffVisibility.js @@ -24,9 +24,11 @@ export class ffVisibility1702718871541 { async down(queryRunner) { await queryRunner.query(`CREATE TYPE "public"."user_profile_ffvisibility_enum" AS ENUM('public', 'followers', 'private')`); await queryRunner.query(`ALTER TABLE "user_profile" ADD "ffVisibility" "public"."user_profile_ffvisibility_enum" NOT NULL DEFAULT 'public'`); + await queryRunner.query(`CREATE CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum") WITH INOUT AS ASSIGNMENT`); - await queryRunner.query(`UPDATE "user_profile" SET ffVisibility = "user_profile"."followingVisibility"`); + await queryRunner.query(`UPDATE "user_profile" SET "ffVisibility" = "followingVisibility"`); await queryRunner.query(`DROP CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum")`); + await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followersVisibility"`); await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followingVisibility"`); await queryRunner.query(`DROP TYPE "public"."user_profile_followersVisibility_enum"`); diff --git a/packages/backend/package.json b/packages/backend/package.json index 6848d88e0374..4d1e9936aa32 100644 --- a/packages/backend/package.json +++ b/packages/backend/package.json @@ -68,7 +68,7 @@ "@discordapp/twemoji": "15.0.2", "@fastify/accepts": "4.3.0", "@fastify/cookie": "9.2.0", - "@fastify/cors": "8.4.2", + "@fastify/cors": "8.5.0", "@fastify/express": "2.3.0", "@fastify/http-proxy": "9.3.0", "@fastify/multipart": "8.0.0", diff --git a/packages/backend/src/core/EmailService.ts b/packages/backend/src/core/EmailService.ts index 3a61e353f145..7fc7800783e0 100644 --- a/packages/backend/src/core/EmailService.ts +++ b/packages/backend/src/core/EmailService.ts @@ -7,7 +7,6 @@ import { URLSearchParams } from 'node:url'; import * as nodemailer from 'nodemailer'; import { Inject, Injectable } from '@nestjs/common'; import { validate as validateEmail } from 'deep-email-validator'; -import { SubOutputFormat } from 'deep-email-validator/dist/output/output.js'; import { MetaService } from '@/core/MetaService.js'; import { UtilityService } from '@/core/UtilityService.js'; import { DI } from '@/di-symbols.js'; @@ -166,7 +165,10 @@ export class EmailService { email: emailAddress, }); - let validated; + let validated: { + valid: boolean, + reason?: string | null, + }; if (meta.enableActiveEmailValidation) { if (meta.enableVerifymailApi && meta.verifymailAuthKey != null) { diff --git a/packages/backend/src/core/HashtagService.ts b/packages/backend/src/core/HashtagService.ts index d37899990738..5a2417c9cdb4 100644 --- a/packages/backend/src/core/HashtagService.ts +++ b/packages/backend/src/core/HashtagService.ts @@ -15,6 +15,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { bindThis } from '@/decorators.js'; import { FeaturedService } from '@/core/FeaturedService.js'; import { MetaService } from '@/core/MetaService.js'; +import { UtilityService } from '@/core/UtilityService.js'; @Injectable() export class HashtagService { @@ -29,6 +30,7 @@ export class HashtagService { private featuredService: FeaturedService, private idService: IdService, private metaService: MetaService, + private utilityService: UtilityService, ) { } @@ -161,6 +163,7 @@ export class HashtagService { const instance = await this.metaService.fetch(); const hiddenTags = instance.hiddenTags.map(t => normalizeForSearch(t)); if (hiddenTags.includes(hashtag)) return; + if (this.utilityService.isSensitiveWordIncluded(hashtag, instance.sensitiveWords)) return; // YYYYMMDDHHmm (10分間隔) const now = new Date(); diff --git a/packages/backend/src/core/NoteCreateService.ts b/packages/backend/src/core/NoteCreateService.ts index 2bdff872add4..ed8d51df16cb 100644 --- a/packages/backend/src/core/NoteCreateService.ts +++ b/packages/backend/src/core/NoteCreateService.ts @@ -253,7 +253,7 @@ export class NoteCreateService implements OnApplicationShutdown { if (data.visibility === 'public' && data.channel == null) { const sensitiveWords = meta.sensitiveWords; - if (this.isSensitive(data, sensitiveWords)) { + if (this.utilityService.isSensitiveWordIncluded(data.cw ?? data.text ?? '', sensitiveWords)) { data.visibility = 'home'; } else if ((await this.roleService.getUserPolicies(user.id)).canPublicNote === false) { data.visibility = 'home'; @@ -704,31 +704,6 @@ export class NoteCreateService implements OnApplicationShutdown { this.index(note); } - @bindThis - private isSensitive(note: Option, sensitiveWord: string[]): boolean { - if (sensitiveWord.length > 0) { - const text = note.cw ?? note.text ?? ''; - if (text === '') return false; - const matched = sensitiveWord.some(filter => { - // represents RegExp - const regexp = filter.match(/^\/(.+)\/(.*)$/); - // This should never happen due to input sanitisation. - if (!regexp) { - const words = filter.split(' '); - return words.every(keyword => text.includes(keyword)); - } - try { - return new RE2(regexp[1], regexp[2]).test(text); - } catch (err) { - // This should never happen due to input sanitisation. - return false; - } - }); - if (matched) return true; - } - return false; - } - @bindThis private isQuote(note: Option): note is Option & { renote: MiNote } { // sync with misc/is-quote.ts @@ -912,6 +887,7 @@ export class NoteCreateService implements OnApplicationShutdown { // ダイレクトのとき、そのリストが対象外のユーザーの場合 if ( note.visibility === 'specified' && + note.userId !== userListMembership.userListUserId && !note.visibleUserIds.some(v => v === userListMembership.userListUserId) ) continue; diff --git a/packages/backend/src/core/ReactionService.ts b/packages/backend/src/core/ReactionService.ts index 4233b8d4c348..3ca12551b1db 100644 --- a/packages/backend/src/core/ReactionService.ts +++ b/packages/backend/src/core/ReactionService.ts @@ -138,7 +138,7 @@ export class ReactionService { reaction = reacterHost ? `:${name}@${reacterHost}:` : `:${name}:`; // センシティブ - if ((note.reactionAcceptance === 'nonSensitiveOnly') && emoji.isSensitive) { + if ((note.reactionAcceptance === 'nonSensitiveOnly' || note.reactionAcceptance === 'nonSensitiveOnlyForLocalLikeOnlyForRemote') && emoji.isSensitive) { reaction = FALLBACK; } } else { diff --git a/packages/backend/src/core/UtilityService.ts b/packages/backend/src/core/UtilityService.ts index b95e41167bba..5dec36c89e31 100644 --- a/packages/backend/src/core/UtilityService.ts +++ b/packages/backend/src/core/UtilityService.ts @@ -6,6 +6,7 @@ import { URL } from 'node:url'; import { toASCII } from 'punycode'; import { Inject, Injectable } from '@nestjs/common'; +import RE2 from 're2'; import { DI } from '@/di-symbols.js'; import type { Config } from '@/config.js'; import { bindThis } from '@/decorators.js'; @@ -41,6 +42,33 @@ export class UtilityService { return silencedHosts.some(x => `.${host.toLowerCase()}`.endsWith(`.${x}`)); } + @bindThis + public isSensitiveWordIncluded(text: string, sensitiveWords: string[]): boolean { + if (sensitiveWords.length === 0) return false; + if (text === '') return false; + + const regexpregexp = /^\/(.+)\/(.*)$/; + + const matched = sensitiveWords.some(filter => { + // represents RegExp + const regexp = filter.match(regexpregexp); + // This should never happen due to input sanitisation. + if (!regexp) { + const words = filter.split(' '); + return words.every(keyword => text.includes(keyword)); + } + try { + // TODO: RE2インスタンスをキャッシュ + return new RE2(regexp[1], regexp[2]).test(text); + } catch (err) { + // This should never happen due to input sanitisation. + return false; + } + }); + + return matched; + } + @bindThis public extractDbHost(uri: string): string { const url = new URL(uri); diff --git a/packages/backend/src/misc/api-permissions.ts b/packages/backend/src/misc/api-permissions.ts deleted file mode 100644 index 57c93088445c..000000000000 --- a/packages/backend/src/misc/api-permissions.ts +++ /dev/null @@ -1,40 +0,0 @@ -/* - * SPDX-FileCopyrightText: syuilo and other misskey contributors - * SPDX-License-Identifier: AGPL-3.0-only - */ - -export const kinds = [ - 'read:account', - 'write:account', - 'read:blocks', - 'write:blocks', - 'read:drive', - 'write:drive', - 'read:favorites', - 'write:favorites', - 'read:following', - 'write:following', - 'read:messaging', - 'write:messaging', - 'read:mutes', - 'write:mutes', - 'write:notes', - 'read:notifications', - 'write:notifications', - 'read:reactions', - 'write:reactions', - 'write:votes', - 'read:pages', - 'write:pages', - 'write:page-likes', - 'read:page-likes', - 'read:user-groups', - 'write:user-groups', - 'read:channels', - 'write:channels', - 'read:gallery', - 'write:gallery', - 'read:gallery-likes', - 'write:gallery-likes', -]; -// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions). diff --git a/packages/backend/src/server/ServerService.ts b/packages/backend/src/server/ServerService.ts index bb41ab0e4200..632a7692cdba 100644 --- a/packages/backend/src/server/ServerService.ts +++ b/packages/backend/src/server/ServerService.ts @@ -107,7 +107,8 @@ export class ServerService implements OnApplicationShutdown { fastify.register(this.activityPubServerService.createServer); fastify.register(this.nodeinfoServerService.createServer); fastify.register(this.wellKnownServerService.createServer); - fastify.register(this.oauth2ProviderService.createServer); + fastify.register(this.oauth2ProviderService.createServer, { prefix: '/oauth' }); + fastify.register(this.oauth2ProviderService.createTokenServer, { prefix: '/oauth/token' }); fastify.get<{ Params: { path: string }; Querystring: { static?: any; badge?: any; }; }>('/emoji/:path(.*)', async (request, reply) => { const path = request.params.path; diff --git a/packages/backend/src/server/WellKnownServerService.ts b/packages/backend/src/server/WellKnownServerService.ts index 8fc3c96de65c..c3eaf53a142e 100644 --- a/packages/backend/src/server/WellKnownServerService.ts +++ b/packages/backend/src/server/WellKnownServerService.ts @@ -16,6 +16,7 @@ import * as Acct from '@/misc/acct.js'; import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { bindThis } from '@/decorators.js'; import { NodeinfoServerService } from './NodeinfoServerService.js'; +import { OAuth2ProviderService } from './oauth/OAuth2ProviderService.js'; import type { FindOptionsWhere } from 'typeorm'; import type { FastifyInstance, FastifyPluginOptions } from 'fastify'; @@ -30,6 +31,7 @@ export class WellKnownServerService { private nodeinfoServerService: NodeinfoServerService, private userEntityService: UserEntityService, + private oauth2ProviderService: OAuth2ProviderService, ) { //this.createServer = this.createServer.bind(this); } @@ -87,6 +89,10 @@ export class WellKnownServerService { return { links: this.nodeinfoServerService.getLinks() }; }); + fastify.get('/.well-known/oauth-authorization-server', async () => { + return this.oauth2ProviderService.generateRFC8414(); + }); + /* TODO fastify.get('/.well-known/change-password', async (request, reply) => { }); diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts index 66f171a5d8f0..56f804dee8ce 100644 --- a/packages/backend/src/server/api/ApiCallService.ts +++ b/packages/backend/src/server/api/ApiCallService.ts @@ -330,7 +330,8 @@ export class ApiCallService implements OnApplicationShutdown { } } - if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) { + if (token && ((ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) + || (!ep.meta.kind && (ep.meta.requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin)))) { throw new ApiError({ message: 'Your app does not have the necessary permissions to use this endpoint.', code: 'PERMISSION_DENIED', diff --git a/packages/backend/src/server/api/StreamingApiServerService.ts b/packages/backend/src/server/api/StreamingApiServerService.ts index dc3a00617cc3..3b387d92ca1c 100644 --- a/packages/backend/src/server/api/StreamingApiServerService.ts +++ b/packages/backend/src/server/api/StreamingApiServerService.ts @@ -71,6 +71,10 @@ export class StreamingApiServerService { try { [user, app] = await this.authenticateService.authenticate(token); + + if (app !== null && !app.permission.some(p => p === 'read:account')) { + throw new AuthenticationError('Your app does not have necessary permissions to use websocket API.'); + } } catch (e) { if (e instanceof AuthenticationError) { socket.write([ diff --git a/packages/backend/src/server/api/endpoints.ts b/packages/backend/src/server/api/endpoints.ts index e458d720abe4..41232091c614 100644 --- a/packages/backend/src/server/api/endpoints.ts +++ b/packages/backend/src/server/api/endpoints.ts @@ -4,6 +4,7 @@ */ import type { Schema } from '@/misc/json-schema.js'; +import { permissions } from 'misskey-js'; import { RolePolicies } from '@/core/RoleService.js'; import * as ep___admin_meta from './endpoints/admin/meta.js'; @@ -724,7 +725,7 @@ const eps = [ ['retention', ep___retention], ]; -export interface IEndpointMeta { +interface IEndpointMetaBase { readonly stability?: 'deprecated' | 'experimental' | 'stable'; readonly tags?: ReadonlyArray; @@ -823,6 +824,23 @@ export interface IEndpointMeta { readonly cacheSec?: number; } +export type IEndpointMeta = (Omit & { + requireCredential?: false, + requireAdmin?: false, + requireModerator?: false, +}) | (Omit & { + secure: true, +}) | (Omit & { + requireCredential: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireModerator: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireAdmin: true, + kind: (typeof permissions)[number], +}) + export interface IEndpoint { name: string; meta: IEndpointMeta; diff --git a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts index 484118cd4635..3484d6707a36 100644 --- a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts +++ b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts @@ -13,10 +13,9 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:abuse-user-reports', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts index 07f24d2995cc..f54d567fff9c 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts @@ -15,8 +15,6 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - res: { type: 'object', optional: false, nullable: false, @@ -48,12 +46,12 @@ export default class extends Endpoint { // eslint- private userEntityService: UserEntityService, private signupService: SignupService, ) { - super(meta, paramDef, async (ps, _me) => { + super(meta, paramDef, async (ps, _me, token) => { const me = _me ? await this.usersRepository.findOneByOrFail({ id: _me.id }) : null; const noUsers = (await this.usersRepository.countBy({ host: IsNull(), })) === 0; - if (!noUsers && !me?.isRoot) throw new Error('access denied'); + if ((!noUsers && !me?.isRoot) || token !== null) throw new Error('access denied'); const { account, secret } = await this.signupService.signup({ username: ps.username, diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts index 86f4b0709b9f..52d8c8ce18f4 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts @@ -14,10 +14,9 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts index bc292fd53a40..93673453d620 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts @@ -13,10 +13,9 @@ import { ApiError } from '@/server/api/error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:account', errors: { userNotFound: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/create.ts b/packages/backend/src/server/api/endpoints/admin/ad/create.ts index 087ae4befc06..041b10f9f79c 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/create.ts @@ -13,10 +13,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', res: { type: 'object', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts index ba655a6aa35c..5b18b347d330 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/list.ts b/packages/backend/src/server/api/endpoints/admin/ad/list.ts index 12528917dc3a..586c1f44db4c 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:ad', res: { type: 'array', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/update.ts b/packages/backend/src/server/api/endpoints/admin/ad/update.ts index b83c163004d0..bf96e44b0c74 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts index fb432336e455..c9df70c76b7c 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts @@ -10,10 +10,9 @@ import { AnnouncementService } from '@/core/AnnouncementService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts index e84e63c666da..939333345ea4 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts index e98ef0b16927..429b1385991a 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts @@ -14,10 +14,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:announcements', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts index e2ec344899aa..db6db8356df4 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts index 158435ed21a7..4ac74253ccfe 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts @@ -10,10 +10,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts index 06083cc1802c..88977f801afe 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts index 49a8718bce0c..33122c3eef01 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts @@ -15,10 +15,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'read:admin:avatar-decorations', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts index 3d8f3d63de00..6211345f9635 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-account.ts b/packages/backend/src/server/api/endpoints/admin/delete-account.ts index adc446d14b0f..2c82c2879d58 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-account.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-account.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-account', res: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts index 1fdbbfb12e65..7d33065f2e5d 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-all-files-of-a-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts index 3f23319a5f80..af2bb6b1caef 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts @@ -10,10 +10,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts index fd8fa46a4755..a3b221284b7a 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/files.ts b/packages/backend/src/server/api/endpoints/admin/drive/files.ts index 816bbfbc45b4..37fa439bcf0a 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/files.ts @@ -13,10 +13,9 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts index 61cb84355867..3aeb3e45e336 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts index 5333adb62453..1cd8125c5262 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts index 76ff1c6b942f..4a9418d0513f 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts index 87260faa43f9..476780b23f44 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts index c483794a40bd..450695984a7b 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts index e15af7717bd5..e1e6e7c2c4a7 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts index b75616f3cc0a..208616c0ac35 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts @@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; export const meta = { - kind: 'write:admin', + secure: true, requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts index a383e0933891..f3e0c1ef1f27 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts @@ -15,10 +15,9 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts index 210b3639c35e..59e87253f6fe 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts @@ -15,10 +15,9 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts index 8e92db1dafe6..26dd43e92629 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts index 5a06b5b32fe2..18961976f9c6 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts index b3e9c6df13f8..c680f2e2d493 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts index c59d13ad16d6..47c692b6137f 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts index 61d857b7b0e4..550bb0052bba 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts index b81297413c07..57612850b4da 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts index 6cc4e3087fa8..0d061c685f74 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts index 18884dfca663..c15fb83454e7 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts @@ -12,10 +12,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts index 4232d42ba54c..f429949e16a1 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts @@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts index b81d9857d707..0b50212119d7 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:index-stats', tags: ['admin'], res: { diff --git a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts index c104f653efb4..0d44b288cb82 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:table-stats', tags: ['admin'], diff --git a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts index 76c32f2a9f3c..1b437f718baa 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts @@ -12,10 +12,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:user-ips', res: { type: 'array', optional: false, @@ -34,7 +33,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/create.ts b/packages/backend/src/server/api/endpoints/admin/invite/create.ts index 96de772edc1a..396b84623f21 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/create.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:invite-codes', errors: { invalidDateTime: { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/list.ts b/packages/backend/src/server/api/endpoints/admin/invite/list.ts index 3b7dc72e1110..d293dcadc621 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts index 6f8494d1d067..febc4ab1b172 100644 --- a/packages/backend/src/server/api/endpoints/admin/meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/meta.ts @@ -13,10 +13,9 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js'; export const meta = { tags: ['meta'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:meta', res: { type: 'object', @@ -381,6 +380,10 @@ export const meta = { type: 'string', optional: false, nullable: true, }, + shortName: { + type: 'string', + optional: false, nullable: true, + }, objectStorageS3ForcePathStyle: { type: 'boolean', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/admin/promo/create.ts b/packages/backend/src/server/api/endpoints/admin/promo/create.ts index e2befec50fe2..ab69dfba9635 100644 --- a/packages/backend/src/server/api/endpoints/admin/promo/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/promo/create.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:promo', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts index 1d565e8f244c..9912043c8b9f 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts index 30005fc66668..84739091038f 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts @@ -11,10 +11,9 @@ import type { DeliverQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts index aa8b6edee583..19f7cb85c058 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts @@ -11,10 +11,9 @@ import type { InboxQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts index 8f46cd63752c..d06780e04425 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts index 1d92e2bf8630..189690b70356 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts @@ -10,10 +10,9 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:emoji', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/add.ts b/packages/backend/src/server/api/endpoints/admin/relays/add.ts index 53b83560cfcc..d55dff7b0c0c 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/add.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', errors: { invalidUrl: { diff --git a/packages/backend/src/server/api/endpoints/admin/relays/list.ts b/packages/backend/src/server/api/endpoints/admin/relays/list.ts index 35c8e0548764..61ea287bff27 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/list.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:relays', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts index fdc53cb7089e..8a6dd4e1529f 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/reset-password.ts b/packages/backend/src/server/api/endpoints/admin/reset-password.ts index 73bbd1f0919b..1a402b4a4a03 100644 --- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts +++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts @@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:reset-password', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts index fb26c82a9d26..26c4038b9802 100644 --- a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts +++ b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts @@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:resolve-abuse-user-report', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts index bbd4cfabbe58..8eb3d2bf59ba 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/create.ts b/packages/backend/src/server/api/endpoints/admin/roles/create.ts index ac6085d92176..de23d2fb1169 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/create.ts @@ -11,10 +11,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts index f60d6754a570..9e2968e317ef 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/list.ts b/packages/backend/src/server/api/endpoints/admin/roles/list.ts index 30917ce984c4..d3d1a10a6933 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/list.ts @@ -12,10 +12,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/show.ts b/packages/backend/src/server/api/endpoints/admin/roles/show.ts index 91e32d95bee1..ad4345e5a530 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/show.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/show.ts @@ -13,10 +13,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts index 701fea1ed56a..c11265252c02 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts index 066fc73234d0..203f749a6e7b 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts @@ -11,10 +11,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update.ts b/packages/backend/src/server/api/endpoints/admin/roles/update.ts index 6cfcd8ca4afd..74d5aae5d83c 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update.ts @@ -14,10 +14,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/users.ts b/packages/backend/src/server/api/endpoints/admin/roles/users.ts index 6a0f7f9987bd..66f4d9d26b45 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/users.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/users.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin', 'role', 'users'], - kind: 'read:admin', - requireCredential: false, requireAdmin: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/send-email.ts b/packages/backend/src/server/api/endpoints/admin/send-email.ts index d22066909ea0..d20aee656ca2 100644 --- a/packages/backend/src/server/api/endpoints/admin/send-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/send-email.ts @@ -10,10 +10,9 @@ import { EmailService } from '@/core/EmailService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:send-email', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/server-info.ts b/packages/backend/src/server/api/endpoints/admin/server-info.ts index d3c3bebff666..374712f57d16 100644 --- a/packages/backend/src/server/api/endpoints/admin/server-info.ts +++ b/packages/backend/src/server/api/endpoints/admin/server-info.ts @@ -14,11 +14,10 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireModerator: true, + kind: 'read:admin:server-info', tags: ['admin', 'meta'], - kind: 'read:admin', - res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts index c82532ed672c..f3601be9bbbd 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts @@ -15,8 +15,7 @@ export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:show-moderation-log', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts index f1e7b75a329e..2b50354cef18 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-user', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/show-users.ts b/packages/backend/src/server/api/endpoints/admin/show-users.ts index 508138368714..1d31e5e80f31 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-users.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-users.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-users', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts index 35c3f3748119..a26fa81c1329 100644 --- a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts @@ -19,10 +19,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:suspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts index 23094939371a..8b22fad1d474 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-avatar', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts index 468c634e5bc7..5ec359c0ef93 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-banner', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts index 8cdd317eae43..9c896f0e6478 100644 --- a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unsuspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index 5f9de0523e27..5a215696fb11 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -12,10 +12,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:meta', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts index dd0b777373a6..e582147e721f 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:user-note', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/ap/get.ts b/packages/backend/src/server/api/endpoints/ap/get.ts index a4a7fd20373f..e0ef5d413a99 100644 --- a/packages/backend/src/server/api/endpoints/ap/get.ts +++ b/packages/backend/src/server/api/endpoints/ap/get.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:federation', limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts index f442fbdd2f46..7e5c7a917ccd 100644 --- a/packages/backend/src/server/api/endpoints/ap/show.ts +++ b/packages/backend/src/server/api/endpoints/ap/show.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:account', limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/federation/stats.ts b/packages/backend/src/server/api/endpoints/federation/stats.ts index 6548142d419b..262aa6877604 100644 --- a/packages/backend/src/server/api/endpoints/federation/stats.ts +++ b/packages/backend/src/server/api/endpoints/federation/stats.ts @@ -29,37 +29,10 @@ export const meta = { optional: false, nullable: false, items: { - properties: { - id: { type: 'string' }, - firstRetrievedAt: { type: 'string' }, - host: { type: 'string' }, - usersCount: { type: 'number' }, - notesCount: { type: 'number' }, - followingCount: { type: 'number' }, - followersCount: { type: 'number' }, - isNotResponding: { type: 'boolean' }, - isSuspended: { type: 'boolean' }, - isBlocked: { type: 'boolean' }, - softwareName: { type: 'string' }, - softwareVersion: { type: 'string' }, - openRegistrations: { type: 'boolean' }, - name: { type: 'string' }, - description: { type: 'string' }, - maintainerName: { type: 'string' }, - maintainerEmail: { type: 'string' }, - isSilenced: { type: 'boolean' }, - iconUrl: { type: 'string' }, - faviconUrl: { type: 'string' }, - themeColor: { type: 'string' }, - infoUpdatedAt: { - type: 'string', - nullable: true, - }, - latestRequestReceivedAt: { - type: 'string', - nullable: true, - }, - } + type: 'object', + optional: false, + nullable: false, + ref: 'FederationInstance', }, }, otherFollowersCount: { type: 'number' }, @@ -68,42 +41,15 @@ export const meta = { optional: false, nullable: false, items: { - properties: { - id: { type: 'string' }, - firstRetrievedAt: { type: 'string' }, - host: { type: 'string' }, - usersCount: { type: 'number' }, - notesCount: { type: 'number' }, - followingCount: { type: 'number' }, - followersCount: { type: 'number' }, - isNotResponding: { type: 'boolean' }, - isSuspended: { type: 'boolean' }, - isBlocked: { type: 'boolean' }, - softwareName: { type: 'string' }, - softwareVersion: { type: 'string' }, - openRegistrations: { type: 'boolean' }, - name: { type: 'string' }, - description: { type: 'string' }, - maintainerName: { type: 'string' }, - maintainerEmail: { type: 'string' }, - isSilenced: { type: 'boolean' }, - iconUrl: { type: 'string' }, - faviconUrl: { type: 'string' }, - themeColor: { type: 'string' }, - infoUpdatedAt: { - type: 'string', - nullable: true, - }, - latestRequestReceivedAt: { - type: 'string', - nullable: true, - }, - } + type: 'object', + optional: false, + nullable: false, + ref: 'FederationInstance', }, }, otherFollowingCount: { type: 'number' }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts index c0aa882088d0..e6198ff60144 100644 --- a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts +++ b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts @@ -11,7 +11,7 @@ import { GetterService } from '@/server/api/GetterService.js'; export const meta = { tags: ['federation'], - requireCredential: true, + requireCredential: false, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts index 6391a2f5807f..cbe579eb6b75 100644 --- a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts +++ b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['meta'], requireCredential: true, + secure: true, limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/i.ts b/packages/backend/src/server/api/endpoints/i.ts index c0530bf392f4..c24e049180e2 100644 --- a/packages/backend/src/server/api/endpoints/i.ts +++ b/packages/backend/src/server/api/endpoints/i.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + kind: "read:account", res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts index b24b3438dce0..57f680bd7e0a 100644 --- a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts +++ b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts @@ -10,6 +10,7 @@ import { AchievementService, ACHIEVEMENT_TYPES } from '@/core/AchievementService export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts index bd6e85a074a6..79a81cb73fbd 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts index 2352beb1302e..d9b26cab2c89 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get.ts b/packages/backend/src/server/api/endpoints/i/registry/get.ts index 4155a43e0d36..c373410256f2 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts index b411cdd3d971..a91dcd954381 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys.ts b/packages/backend/src/server/api/endpoints/i/registry/keys.ts index 04e120d7524a..ad203d5203f0 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/remove.ts b/packages/backend/src/server/api/endpoints/i/registry/remove.ts index ba8100b54703..9cbe271b91a2 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/remove.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/remove.ts @@ -12,6 +12,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/set.ts b/packages/backend/src/server/api/endpoints/i/registry/set.ts index 58bb450bce8f..c61d5b8727af 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/set.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/set.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/invite/create.ts b/packages/backend/src/server/api/endpoints/invite/create.ts index d82fa50e4ffa..4f37f2f4bbf7 100644 --- a/packages/backend/src/server/api/endpoints/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/invite/create.ts @@ -19,6 +19,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { exceededCreateLimit: { diff --git a/packages/backend/src/server/api/endpoints/invite/delete.ts b/packages/backend/src/server/api/endpoints/invite/delete.ts index 3b57775739a8..d84430a49f47 100644 --- a/packages/backend/src/server/api/endpoints/invite/delete.ts +++ b/packages/backend/src/server/api/endpoints/invite/delete.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { noSuchCode: { diff --git a/packages/backend/src/server/api/endpoints/invite/limit.ts b/packages/backend/src/server/api/endpoints/invite/limit.ts index 1f4190c9488a..fc3bb9bdc246 100644 --- a/packages/backend/src/server/api/endpoints/invite/limit.ts +++ b/packages/backend/src/server/api/endpoints/invite/limit.ts @@ -16,6 +16,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/invite/list.ts b/packages/backend/src/server/api/endpoints/invite/list.ts index 2107516ce491..6734f27e1400 100644 --- a/packages/backend/src/server/api/endpoints/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/invite/list.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/meta.ts b/packages/backend/src/server/api/endpoints/meta.ts index 9dd4553152ba..f7c2962bc2ff 100644 --- a/packages/backend/src/server/api/endpoints/meta.ts +++ b/packages/backend/src/server/api/endpoints/meta.ts @@ -164,20 +164,34 @@ export const meta = { type: 'object', optional: false, nullable: false, properties: { - place: { + id: { type: 'string', optional: false, nullable: false, + format: 'id', + example: 'xxxxxxxxxx', }, url: { type: 'string', optional: false, nullable: false, format: 'url', }, + place: { + type: 'string', + optional: false, nullable: false, + }, + ratio: { + type: 'number', + optional: false, nullable: false, + }, imageUrl: { type: 'string', optional: false, nullable: false, format: 'url', }, + dayOfWeek: { + type: 'integer', + optional: false, nullable: false, + }, }, }, }, diff --git a/packages/backend/src/server/api/endpoints/my/apps.ts b/packages/backend/src/server/api/endpoints/my/apps.ts index 98c317346f1e..1b70b85b07dc 100644 --- a/packages/backend/src/server/api/endpoints/my/apps.ts +++ b/packages/backend/src/server/api/endpoints/my/apps.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account', 'app'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts index effcbaf2ee49..01adfec7d371 100644 --- a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/mentions.ts b/packages/backend/src/server/api/endpoints/notes/mentions.ts index 6fab024d17a0..2317f8f7b2a7 100644 --- a/packages/backend/src/server/api/endpoints/notes/mentions.ts +++ b/packages/backend/src/server/api/endpoints/notes/mentions.ts @@ -16,6 +16,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts index af7ff8bdcdd9..90af29a695f0 100644 --- a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts +++ b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/state.ts b/packages/backend/src/server/api/endpoints/notes/state.ts index b5fd47723cd7..20faea566d34 100644 --- a/packages/backend/src/server/api/endpoints/notes/state.ts +++ b/packages/backend/src/server/api/endpoints/notes/state.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/notes/timeline.ts b/packages/backend/src/server/api/endpoints/notes/timeline.ts index 790bcbe1512d..e90d6ec1984b 100644 --- a/packages/backend/src/server/api/endpoints/notes/timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/translate.ts b/packages/backend/src/server/api/endpoints/notes/translate.ts index a1561c944cf8..698c37b616c3 100644 --- a/packages/backend/src/server/api/endpoints/notes/translate.ts +++ b/packages/backend/src/server/api/endpoints/notes/translate.ts @@ -17,10 +17,15 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', optional: false, nullable: false, + properties: { + sourceLang: { type: 'string' }, + text: { type: 'string' }, + }, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts index 10d3a7a69796..71c2b8054e99 100644 --- a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes', 'lists'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/promo/read.ts b/packages/backend/src/server/api/endpoints/promo/read.ts index 7d07c92178a4..f427939a7a2d 100644 --- a/packages/backend/src/server/api/endpoints/promo/read.ts +++ b/packages/backend/src/server/api/endpoints/promo/read.ts @@ -15,6 +15,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'write:account', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/roles/list.ts b/packages/backend/src/server/api/endpoints/roles/list.ts index dc2be8e11d98..d40e937d4e79 100644 --- a/packages/backend/src/server/api/endpoints/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/roles/list.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['role'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/roles/notes.ts b/packages/backend/src/server/api/endpoints/roles/notes.ts index 7010df22c9aa..4ce3fc8908da 100644 --- a/packages/backend/src/server/api/endpoints/roles/notes.ts +++ b/packages/backend/src/server/api/endpoints/roles/notes.ts @@ -18,6 +18,7 @@ export const meta = { tags: ['role', 'notes'], requireCredential: true, + kind: 'read:account', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/sw/register.ts b/packages/backend/src/server/api/endpoints/sw/register.ts index 9ab062326df0..bb50048d94c1 100644 --- a/packages/backend/src/server/api/endpoints/sw/register.ts +++ b/packages/backend/src/server/api/endpoints/sw/register.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Register to receive push notifications.', diff --git a/packages/backend/src/server/api/endpoints/sw/show-registration.ts b/packages/backend/src/server/api/endpoints/sw/show-registration.ts index 126299e3f749..15d3df8587d7 100644 --- a/packages/backend/src/server/api/endpoints/sw/show-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/show-registration.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Check push notification registration exists.', diff --git a/packages/backend/src/server/api/endpoints/sw/update-registration.ts b/packages/backend/src/server/api/endpoints/sw/update-registration.ts index a1a97df0bea6..7bf59784a2cb 100644 --- a/packages/backend/src/server/api/endpoints/sw/update-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/update-registration.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Update push notification registration.', diff --git a/packages/backend/src/server/api/endpoints/users/achievements.ts b/packages/backend/src/server/api/endpoints/users/achievements.ts index d6ad718dfab5..3a584a819a0b 100644 --- a/packages/backend/src/server/api/endpoints/users/achievements.ts +++ b/packages/backend/src/server/api/endpoints/users/achievements.ts @@ -9,7 +9,7 @@ import type { UserProfilesRepository } from '@/models/_.js'; import { DI } from '@/di-symbols.js'; export const meta = { - requireCredential: true, + requireCredential: false, res: { type: 'array', @@ -24,7 +24,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts index 4eb37c3e4329..fa2e3338b88e 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts @@ -18,6 +18,7 @@ import { UserListService } from '@/core/UserListService.js'; export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts index 2ecf0a12564f..864cdc2ee010 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts @@ -12,6 +12,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts index 23611ab8c4a2..d51d57343e29 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts @@ -11,6 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/relation.ts b/packages/backend/src/server/api/endpoints/users/relation.ts index 326042ed3d34..26b61c9fb2ce 100644 --- a/packages/backend/src/server/api/endpoints/users/relation.ts +++ b/packages/backend/src/server/api/endpoints/users/relation.ts @@ -11,6 +11,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'read:account', description: 'Show the different kinds of relations between the authenticated user and the specified user(s).', diff --git a/packages/backend/src/server/api/endpoints/users/report-abuse.ts b/packages/backend/src/server/api/endpoints/users/report-abuse.ts index 3bcf44cc4228..508497ccfb85 100644 --- a/packages/backend/src/server/api/endpoints/users/report-abuse.ts +++ b/packages/backend/src/server/api/endpoints/users/report-abuse.ts @@ -20,6 +20,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'write:report-abuse', description: 'File a report.', diff --git a/packages/backend/src/server/api/stream/ChannelsService.ts b/packages/backend/src/server/api/stream/ChannelsService.ts index 8fd106c10cf1..3bc5380132a9 100644 --- a/packages/backend/src/server/api/stream/ChannelsService.ts +++ b/packages/backend/src/server/api/stream/ChannelsService.ts @@ -19,6 +19,7 @@ import { AntennaChannelService } from './channels/antenna.js'; import { DriveChannelService } from './channels/drive.js'; import { HashtagChannelService } from './channels/hashtag.js'; import { RoleTimelineChannelService } from './channels/role-timeline.js'; +import { type MiChannelService } from './channel.js'; @Injectable() export class ChannelsService { @@ -41,7 +42,7 @@ export class ChannelsService { } @bindThis - public getChannelService(name: string) { + public getChannelService(name: string): MiChannelService { switch (name) { case 'main': return this.mainChannelService; case 'homeTimeline': return this.homeTimelineChannelService; diff --git a/packages/backend/src/server/api/stream/Connection.ts b/packages/backend/src/server/api/stream/Connection.ts index 4180ccc56a6c..a89fbcc5e542 100644 --- a/packages/backend/src/server/api/stream/Connection.ts +++ b/packages/backend/src/server/api/stream/Connection.ts @@ -248,6 +248,11 @@ export default class Connection { return; } + if (this.token && ((channelService.kind && !this.token.permission.some(p => p === channelService.kind)) + || (!channelService.kind && channelService.requireCredential))) { + return; + } + // 共有可能チャンネルに接続しようとしていて、かつそのチャンネルに既に接続していたら無意味なので無視 if (channelService.shouldShare && this.channels.some(c => c.chName === channel)) { return; diff --git a/packages/backend/src/server/api/stream/channel.ts b/packages/backend/src/server/api/stream/channel.ts index 46b0709773aa..80df3803ebbf 100644 --- a/packages/backend/src/server/api/stream/channel.ts +++ b/packages/backend/src/server/api/stream/channel.ts @@ -16,6 +16,7 @@ export default abstract class Channel { public abstract readonly chName: string; public static readonly shouldShare: boolean; public static readonly requireCredential: boolean; + public static readonly kind?: string | null; protected get user() { return this.connection.user; @@ -76,3 +77,10 @@ export default abstract class Channel { public onMessage?(type: string, body: any): void; } + +export type MiChannelService = { + shouldShare: boolean; + requireCredential: T; + kind: T extends true ? string : string | null | undefined; + create: (id: string, connection: Connection) => Channel; +} diff --git a/packages/backend/src/server/api/stream/channels/admin.ts b/packages/backend/src/server/api/stream/channels/admin.ts index bfb36d9cb821..b8f369ce84f9 100644 --- a/packages/backend/src/server/api/stream/channels/admin.ts +++ b/packages/backend/src/server/api/stream/channels/admin.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AdminChannel extends Channel { public readonly chName = 'admin'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:admin:stream'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class AdminChannel extends Channel { } @Injectable() -export class AdminChannelService { +export class AdminChannelService implements MiChannelService { public readonly shouldShare = AdminChannel.shouldShare; public readonly requireCredential = AdminChannel.requireCredential; + public readonly kind = AdminChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/antenna.ts b/packages/backend/src/server/api/stream/channels/antenna.ts index a48e6ba5c6d8..200db8eb0eb3 100644 --- a/packages/backend/src/server/api/stream/channels/antenna.ts +++ b/packages/backend/src/server/api/stream/channels/antenna.ts @@ -8,12 +8,13 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AntennaChannel extends Channel { public readonly chName = 'antenna'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = true as const; + public static kind = 'read:account'; private antennaId: string; constructor( @@ -62,9 +63,10 @@ class AntennaChannel extends Channel { } @Injectable() -export class AntennaChannelService { +export class AntennaChannelService implements MiChannelService { public readonly shouldShare = AntennaChannel.shouldShare; public readonly requireCredential = AntennaChannel.requireCredential; + public readonly kind = AntennaChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/channel.ts b/packages/backend/src/server/api/stream/channels/channel.ts index 57034231a376..20275249b81e 100644 --- a/packages/backend/src/server/api/stream/channels/channel.ts +++ b/packages/backend/src/server/api/stream/channels/channel.ts @@ -8,12 +8,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class ChannelChannel extends Channel { public readonly chName = 'channel'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private channelId: string; constructor( @@ -65,9 +65,10 @@ class ChannelChannel extends Channel { } @Injectable() -export class ChannelChannelService { +export class ChannelChannelService implements MiChannelService { public readonly shouldShare = ChannelChannel.shouldShare; public readonly requireCredential = ChannelChannel.requireCredential; + public readonly kind = ChannelChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/drive.ts b/packages/backend/src/server/api/stream/channels/drive.ts index 83f53c1836ec..4bf34a72c977 100644 --- a/packages/backend/src/server/api/stream/channels/drive.ts +++ b/packages/backend/src/server/api/stream/channels/drive.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class DriveChannel extends Channel { public readonly chName = 'drive'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class DriveChannel extends Channel { } @Injectable() -export class DriveChannelService { +export class DriveChannelService implements MiChannelService { public readonly shouldShare = DriveChannel.shouldShare; public readonly requireCredential = DriveChannel.requireCredential; + public readonly kind = DriveChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/global-timeline.ts b/packages/backend/src/server/api/stream/channels/global-timeline.ts index 553c44071f16..8df13da8a9c1 100644 --- a/packages/backend/src/server/api/stream/channels/global-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/global-timeline.ts @@ -12,12 +12,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class GlobalTimelineChannel extends Channel { public readonly chName = 'globalTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withFiles: boolean; @@ -91,9 +91,10 @@ class GlobalTimelineChannel extends Channel { } @Injectable() -export class GlobalTimelineChannelService { +export class GlobalTimelineChannelService implements MiChannelService { public readonly shouldShare = GlobalTimelineChannel.shouldShare; public readonly requireCredential = GlobalTimelineChannel.requireCredential; + public readonly kind = GlobalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/hashtag.ts b/packages/backend/src/server/api/stream/channels/hashtag.ts index f30b29cfd625..3d4f2fc528f9 100644 --- a/packages/backend/src/server/api/stream/channels/hashtag.ts +++ b/packages/backend/src/server/api/stream/channels/hashtag.ts @@ -9,12 +9,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HashtagChannel extends Channel { public readonly chName = 'hashtag'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private q: string[][]; constructor( @@ -70,9 +70,10 @@ class HashtagChannel extends Channel { } @Injectable() -export class HashtagChannelService { +export class HashtagChannelService implements MiChannelService { public readonly shouldShare = HashtagChannel.shouldShare; public readonly requireCredential = HashtagChannel.requireCredential; + public readonly kind = HashtagChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/home-timeline.ts b/packages/backend/src/server/api/stream/channels/home-timeline.ts index 80054d0881ad..6c9f52ba705f 100644 --- a/packages/backend/src/server/api/stream/channels/home-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/home-timeline.ts @@ -10,12 +10,13 @@ import { isInstanceMuted } from '@/misc/is-instance-muted.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HomeTimelineChannel extends Channel { public readonly chName = 'homeTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withFiles: boolean; @@ -99,9 +100,10 @@ class HomeTimelineChannel extends Channel { } @Injectable() -export class HomeTimelineChannelService { +export class HomeTimelineChannelService implements MiChannelService { public readonly shouldShare = HomeTimelineChannel.shouldShare; public readonly requireCredential = HomeTimelineChannel.requireCredential; + public readonly kind = HomeTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts index 78645982bffc..957d8b6d4190 100644 --- a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts @@ -12,12 +12,13 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HybridTimelineChannel extends Channel { public readonly chName = 'hybridTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withReplies: boolean; private withFiles: boolean; @@ -114,9 +115,10 @@ class HybridTimelineChannel extends Channel { } @Injectable() -export class HybridTimelineChannelService { +export class HybridTimelineChannelService implements MiChannelService { public readonly shouldShare = HybridTimelineChannel.shouldShare; public readonly requireCredential = HybridTimelineChannel.requireCredential; + public readonly kind = HybridTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/local-timeline.ts b/packages/backend/src/server/api/stream/channels/local-timeline.ts index 1388f186ffdb..888d268d56e8 100644 --- a/packages/backend/src/server/api/stream/channels/local-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/local-timeline.ts @@ -11,12 +11,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class LocalTimelineChannel extends Channel { public readonly chName = 'localTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withReplies: boolean; private withFiles: boolean; @@ -90,9 +90,10 @@ class LocalTimelineChannel extends Channel { } @Injectable() -export class LocalTimelineChannelService { +export class LocalTimelineChannelService implements MiChannelService { public readonly shouldShare = LocalTimelineChannel.shouldShare; public readonly requireCredential = LocalTimelineChannel.requireCredential; + public readonly kind = LocalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/main.ts b/packages/backend/src/server/api/stream/channels/main.ts index f969d0233780..ab605e3ec5c0 100644 --- a/packages/backend/src/server/api/stream/channels/main.ts +++ b/packages/backend/src/server/api/stream/channels/main.ts @@ -7,12 +7,13 @@ import { Injectable } from '@nestjs/common'; import { isInstanceMuted, isUserFromMutedInstance } from '@/misc/is-instance-muted.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class MainChannel extends Channel { public readonly chName = 'main'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; constructor( private noteEntityService: NoteEntityService, @@ -63,9 +64,10 @@ class MainChannel extends Channel { } @Injectable() -export class MainChannelService { +export class MainChannelService implements MiChannelService { public readonly shouldShare = MainChannel.shouldShare; public readonly requireCredential = MainChannel.requireCredential; + public readonly kind = MainChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/queue-stats.ts b/packages/backend/src/server/api/stream/channels/queue-stats.ts index f0dc47230355..5ceb2c3bbc4f 100644 --- a/packages/backend/src/server/api/stream/channels/queue-stats.ts +++ b/packages/backend/src/server/api/stream/channels/queue-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class QueueStatsChannel extends Channel { public readonly chName = 'queueStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class QueueStatsChannel extends Channel { } @Injectable() -export class QueueStatsChannelService { +export class QueueStatsChannelService implements MiChannelService { public readonly shouldShare = QueueStatsChannel.shouldShare; public readonly requireCredential = QueueStatsChannel.requireCredential; + public readonly kind = QueueStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/role-timeline.ts b/packages/backend/src/server/api/stream/channels/role-timeline.ts index 38d3604cc57f..b3bbb77dbf20 100644 --- a/packages/backend/src/server/api/stream/channels/role-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/role-timeline.ts @@ -10,12 +10,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class RoleTimelineChannel extends Channel { public readonly chName = 'roleTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private roleId: string; constructor( @@ -67,9 +67,10 @@ class RoleTimelineChannel extends Channel { } @Injectable() -export class RoleTimelineChannelService { +export class RoleTimelineChannelService implements MiChannelService { public readonly shouldShare = RoleTimelineChannel.shouldShare; public readonly requireCredential = RoleTimelineChannel.requireCredential; + public readonly kind = RoleTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/server-stats.ts b/packages/backend/src/server/api/stream/channels/server-stats.ts index cacae275a849..615b6946ccba 100644 --- a/packages/backend/src/server/api/stream/channels/server-stats.ts +++ b/packages/backend/src/server/api/stream/channels/server-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class ServerStatsChannel extends Channel { public readonly chName = 'serverStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class ServerStatsChannel extends Channel { } @Injectable() -export class ServerStatsChannelService { +export class ServerStatsChannelService implements MiChannelService { public readonly shouldShare = ServerStatsChannel.shouldShare; public readonly requireCredential = ServerStatsChannel.requireCredential; + public readonly kind = ServerStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/user-list.ts b/packages/backend/src/server/api/stream/channels/user-list.ts index fe293e2b4de9..909b5a5e031f 100644 --- a/packages/backend/src/server/api/stream/channels/user-list.ts +++ b/packages/backend/src/server/api/stream/channels/user-list.ts @@ -11,12 +11,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { DI } from '@/di-symbols.js'; import { bindThis } from '@/decorators.js'; import { isInstanceMuted } from '@/misc/is-instance-muted.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class UserListChannel extends Channel { public readonly chName = 'userList'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private listId: string; private membershipsMap: Record | undefined> = {}; private listUsersClock: NodeJS.Timeout; @@ -137,9 +137,10 @@ class UserListChannel extends Channel { } @Injectable() -export class UserListChannelService { +export class UserListChannelService implements MiChannelService { public readonly shouldShare = UserListChannel.shouldShare; public readonly requireCredential = UserListChannel.requireCredential; + public readonly kind = UserListChannel.kind; constructor( @Inject(DI.userListsRepository) diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts index 4fa7b800e81c..225307858225 100644 --- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts +++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts @@ -11,15 +11,16 @@ import httpLinkHeader from 'http-link-header'; import ipaddr from 'ipaddr.js'; import oauth2orize, { type OAuth2, AuthorizationError, ValidateFunctionArity2, OAuth2Req, MiddlewareRequest } from 'oauth2orize'; import oauth2Pkce from 'oauth2orize-pkce'; +import fastifyCors from '@fastify/cors'; import fastifyView from '@fastify/view'; import pug from 'pug'; import bodyParser from 'body-parser'; import fastifyExpress from '@fastify/express'; import { verifyChallenge } from 'pkce-challenge'; import { mf2 } from 'microformats-parser'; +import { permissions as kinds } from 'misskey-js'; import { secureRndstr } from '@/misc/secure-rndstr.js'; import { HttpRequestService } from '@/core/HttpRequestService.js'; -import { kinds } from '@/misc/api-permissions.js'; import type { Config } from '@/config.js'; import { DI } from '@/di-symbols.js'; import { bindThis } from '@/decorators.js'; @@ -348,25 +349,25 @@ export class OAuth2ProviderService { })); } + // https://datatracker.ietf.org/doc/html/rfc8414.html + // https://indieauth.spec.indieweb.org/#indieauth-server-metadata + public generateRFC8414() { + return { + issuer: this.config.url, + authorization_endpoint: new URL('/oauth/authorize', this.config.url), + token_endpoint: new URL('/oauth/token', this.config.url), + scopes_supported: kinds, + response_types_supported: ['code'], + grant_types_supported: ['authorization_code'], + service_documentation: 'https://misskey-hub.net', + code_challenge_methods_supported: ['S256'], + authorization_response_iss_parameter_supported: true, + }; + } + @bindThis public async createServer(fastify: FastifyInstance): Promise { - // https://datatracker.ietf.org/doc/html/rfc8414.html - // https://indieauth.spec.indieweb.org/#indieauth-server-metadata - fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => { - reply.send({ - issuer: this.config.url, - authorization_endpoint: new URL('/oauth/authorize', this.config.url), - token_endpoint: new URL('/oauth/token', this.config.url), - scopes_supported: kinds, - response_types_supported: ['code'], - grant_types_supported: ['authorization_code'], - service_documentation: 'https://misskey-hub.net', - code_challenge_methods_supported: ['S256'], - authorization_response_iss_parameter_supported: true, - }); - }); - - fastify.get('/oauth/authorize', async (request, reply) => { + fastify.get('/authorize', async (request, reply) => { const oauth2 = (request.raw as MiddlewareRequest).oauth2; if (!oauth2) { throw new Error('Unexpected lack of authorization information'); @@ -381,8 +382,7 @@ export class OAuth2ProviderService { scope: oauth2.req.scope.join(' '), }); }); - fastify.post('/oauth/decision', async () => { }); - fastify.post('/oauth/token', async () => { }); + fastify.post('/decision', async () => { }); fastify.register(fastifyView, { root: fileURLToPath(new URL('../web/views', import.meta.url)), @@ -394,7 +394,7 @@ export class OAuth2ProviderService { }); await fastify.register(fastifyExpress); - fastify.use('/oauth/authorize', this.#server.authorize(((areq, done) => { + fastify.use('/authorize', this.#server.authorize(((areq, done) => { (async (): Promise> => { // This should return client/redirectURI AND the error, or // the handler can't send error to the redirection URI @@ -426,7 +426,7 @@ export class OAuth2ProviderService { } try { - const scopes = [...new Set(scope)].filter(s => kinds.includes(s)); + const scopes = [...new Set(scope)].filter(s => (kinds).includes(s)); if (!scopes.length) { throw new AuthorizationError('`scope` parameter has no known scope', 'invalid_scope'); } @@ -448,30 +448,24 @@ export class OAuth2ProviderService { return [null, clientInfo, redirectURI]; })().then(args => done(...args), err => done(err)); }) as ValidateFunctionArity2)); - fastify.use('/oauth/authorize', this.#server.errorHandler({ + fastify.use('/authorize', this.#server.errorHandler({ mode: 'indirect', modes: getQueryMode(this.config.url), })); - fastify.use('/oauth/authorize', this.#server.errorHandler()); + fastify.use('/authorize', this.#server.errorHandler()); - fastify.use('/oauth/decision', bodyParser.urlencoded({ extended: false })); - fastify.use('/oauth/decision', this.#server.decision((req, done) => { + fastify.use('/decision', bodyParser.urlencoded({ extended: false })); + fastify.use('/decision', this.#server.decision((req, done) => { const { body } = req as OAuth2DecisionRequest; this.#logger.info(`Received the decision. Cancel: ${!!body.cancel}`); req.user = body.login_token; done(null, undefined); })); - fastify.use('/oauth/decision', this.#server.errorHandler()); - - // Clients may use JSON or urlencoded - fastify.use('/oauth/token', bodyParser.urlencoded({ extended: false })); - fastify.use('/oauth/token', bodyParser.json({ strict: true })); - fastify.use('/oauth/token', this.#server.token()); - fastify.use('/oauth/token', this.#server.errorHandler()); + fastify.use('/decision', this.#server.errorHandler()); // Return 404 for any unknown paths under /oauth so that clients can know // whether a certain endpoint is supported or not. - fastify.all('/oauth/*', async (_request, reply) => { + fastify.all('/*', async (_request, reply) => { reply.code(404); reply.send({ error: { @@ -483,4 +477,17 @@ export class OAuth2ProviderService { }); }); } + + @bindThis + public async createTokenServer(fastify: FastifyInstance): Promise { + fastify.register(fastifyCors); + fastify.post('', async () => { }); + + await fastify.register(fastifyExpress); + // Clients may use JSON or urlencoded + fastify.use('', bodyParser.urlencoded({ extended: false })); + fastify.use('', bodyParser.json({ strict: true })); + fastify.use('', this.#server.token()); + fastify.use('', this.#server.errorHandler()); + } } diff --git a/packages/backend/src/server/web/boot.js b/packages/backend/src/server/web/boot.js index 48939ef7a019..c6b52a7a6bd7 100644 --- a/packages/backend/src/server/web/boot.js +++ b/packages/backend/src/server/web/boot.js @@ -173,6 +173,7 @@

Clear the browser cache / ブラウザのキャッシュをクリアする

Update your os and browser / ブラウザおよびOSを最新バージョンに更新する

Disable an adblocker / アドブロッカーを無効にする

+

(Tor Browser) Set dom.webaudio.enabled to true / dom.webaudio.enabledをtrueに設定する

Other options / その他のオプション diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts index 15da74931d4b..cf24228b8393 100644 --- a/packages/backend/test/e2e/api.ts +++ b/packages/backend/test/e2e/api.ts @@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; import { IncomingMessage } from 'http'; -import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js'; +import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch, createAppToken } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -89,6 +89,11 @@ describe('API', () => { }); test('管理者専用のAPIのアクセス制限', async () => { + const application = await createAppToken(alice, ['read:account']); + const application2 = await createAppToken(alice, ['read:admin:index-stats']); + const application3 = await createAppToken(bob, []); + const application4 = await createAppToken(bob, ['read:admin:index-stats']); + // aliceは管理者、APIを使える await successfulApiCall({ endpoint: '/admin/get-index-stats', @@ -128,6 +133,42 @@ describe('API', () => { code: 'AUTHENTICATION_FAILED', id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14', }); + + await successfulApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application2 }, + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application }, + }, { + status: 403, + code: 'PERMISSION_DENIED', + id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application3 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application4 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); }); describe('Authentication header', () => { diff --git a/packages/backend/test/e2e/nodeinfo.ts b/packages/backend/test/e2e/nodeinfo.ts new file mode 100644 index 000000000000..7eed39c5ed95 --- /dev/null +++ b/packages/backend/test/e2e/nodeinfo.ts @@ -0,0 +1,40 @@ +/* + * SPDX-FileCopyrightText: syuilo and other misskey contributors + * SPDX-License-Identifier: AGPL-3.0-only + */ + +process.env.NODE_ENV = 'test'; + +import * as assert from 'assert'; +import { relativeFetch, startServer } from '../utils.js'; +import type { INestApplicationContext } from '@nestjs/common'; + +describe('nodeinfo', () => { + let app: INestApplicationContext; + + beforeAll(async () => { + app = await startServer(); + }, 1000 * 60 * 2); + + afterAll(async () => { + await app.close(); + }); + + test('nodeinfo 2.1', async () => { + const res = await relativeFetch('nodeinfo/2.1'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json() as any; + assert.strictEqual(nodeInfo.software.name, 'misskey'); + }); + + test('nodeinfo 2.0', async () => { + const res = await relativeFetch('nodeinfo/2.0'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json() as any; + assert.strictEqual(nodeInfo.software.name, 'misskey'); + }); +}); diff --git a/packages/backend/test/e2e/oauth.ts b/packages/backend/test/e2e/oauth.ts index a029a0d4be85..3a5e4ebdae05 100644 --- a/packages/backend/test/e2e/oauth.ts +++ b/packages/backend/test/e2e/oauth.ts @@ -941,4 +941,24 @@ describe('OAuth', () => { const response = await fetch(new URL('/oauth/foo', host)); assert.strictEqual(response.status, 404); }); + + describe('CORS', () => { + test('Token endpoint should support CORS', async () => { + const response = await fetch(new URL('/oauth/token', host), { method: 'POST' }); + assert.ok(!response.ok); + assert.strictEqual(response.headers.get('Access-Control-Allow-Origin'), '*'); + }); + + test('Authorize endpoint should not support CORS', async () => { + const response = await fetch(new URL('/oauth/authorize', host), { method: 'GET' }); + assert.ok(!response.ok); + assert.ok(!response.headers.has('Access-Control-Allow-Origin')); + }); + + test('Decision endpoint should not support CORS', async () => { + const response = await fetch(new URL('/oauth/decision', host), { method: 'POST' }); + assert.ok(!response.ok); + assert.ok(!response.headers.has('Access-Control-Allow-Origin')); + }); + }); }); diff --git a/packages/backend/test/e2e/streaming.ts b/packages/backend/test/e2e/streaming.ts index c4824f50ceeb..288c54bdbc91 100644 --- a/packages/backend/test/e2e/streaming.ts +++ b/packages/backend/test/e2e/streaming.ts @@ -6,8 +6,9 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; +import { WebSocket } from 'ws'; import { MiFollowing } from '@/models/Following.js'; -import { signup, api, post, startServer, initTestDb, waitFire } from '../utils.js'; +import { signup, api, post, startServer, initTestDb, waitFire, createAppToken, port } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -560,6 +561,28 @@ describe('Streaming', () => { }); }); + test('Authentication', async () => { + const application = await createAppToken(ayano, []); + const application2 = await createAppToken(ayano, ['read:account']); + const socket = new WebSocket(`ws://127.0.0.1:${port}/streaming?i=${application}`); + const established = await new Promise((resolve, reject) => { + socket.on('error', () => resolve(false)); + socket.on('unexpected-response', () => resolve(false)); + setTimeout(() => resolve(true), 3000); + }); + + socket.close(); + assert.strictEqual(established, false); + + const fired = await waitFire( + { token: application2 }, 'hybridTimeline', + () => api('notes/create', { text: 'Hello, world!' }, ayano), + msg => msg.type === 'note' && msg.body.userId === ayano.id, + ); + + assert.strictEqual(fired, true); + }); + // XXX: QueryFailedError: duplicate key value violates unique constraint "IDX_347fec870eafea7b26c8a73bac" /* describe('Hashtag Timeline', () => { diff --git a/packages/backend/test/e2e/well-known.ts b/packages/backend/test/e2e/well-known.ts new file mode 100644 index 000000000000..14e32e16271c --- /dev/null +++ b/packages/backend/test/e2e/well-known.ts @@ -0,0 +1,111 @@ +/* + * SPDX-FileCopyrightText: syuilo and other misskey contributors + * SPDX-License-Identifier: AGPL-3.0-only + */ + +process.env.NODE_ENV = 'test'; + +import * as assert from 'assert'; +import { host, origin, relativeFetch, signup, startServer } from '../utils.js'; +import type { INestApplicationContext } from '@nestjs/common'; +import type * as misskey from 'misskey-js'; + +describe('.well-known', () => { + let app: INestApplicationContext; + let alice: misskey.entities.User; + + beforeAll(async () => { + app = await startServer(); + + alice = await signup({ username: 'alice' }); + }, 1000 * 60 * 2); + + afterAll(async () => { + await app.close(); + }); + + test('nodeinfo', async () => { + const res = await relativeFetch('.well-known/nodeinfo'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json(); + assert.deepStrictEqual(nodeInfo, { + links: [{ + rel: 'http://nodeinfo.diaspora.software/ns/schema/2.1', + href: `${origin}/nodeinfo/2.1`, + }, { + rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0', + href: `${origin}/nodeinfo/2.0`, + }], + }); + }); + + test('webfinger', async () => { + const preflight = await relativeFetch(`.well-known/webfinger?resource=acct:alice@${host}`, { + method: 'options', + headers: { + 'Access-Control-Request-Method': 'GET', + Origin: 'http://example.com', + }, + }); + assert.ok(preflight.ok); + assert.strictEqual(preflight.headers.get('Access-Control-Allow-Headers'), 'Accept'); + + const res = await relativeFetch(`.well-known/webfinger?resource=acct:alice@${host}`); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + assert.strictEqual(res.headers.get('Access-Control-Expose-Headers'), 'Vary'); + assert.strictEqual(res.headers.get('Vary'), 'Accept'); + + const webfinger = await res.json(); + + assert.deepStrictEqual(webfinger, { + subject: `acct:alice@${host}`, + links: [{ + rel: 'self', + type: 'application/activity+json', + href: `${origin}/users/${alice.id}`, + }, { + rel: 'http://webfinger.net/rel/profile-page', + type: 'text/html', + href: `${origin}/@alice`, + }, { + rel: 'http://ostatus.org/schema/1.0/subscribe', + template: `${origin}/authorize-follow?acct={uri}`, + }], + }); + }); + + test('host-meta', async () => { + const res = await relativeFetch('.well-known/host-meta'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + }); + + test('host-meta.json', async () => { + const res = await relativeFetch('.well-known/host-meta.json'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const hostMeta = await res.json(); + assert.deepStrictEqual(hostMeta, { + links: [{ + rel: 'lrdd', + type: 'application/jrd+json', + template: `${origin}/.well-known/webfinger?resource={uri}`, + }], + }); + }); + + test('oauth-authorization-server', async () => { + const res = await relativeFetch('.well-known/oauth-authorization-server'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const serverInfo = await res.json() as any; + assert.strictEqual(serverInfo.issuer, origin); + assert.strictEqual(serverInfo.authorization_endpoint, `${origin}/oauth/authorize`); + assert.strictEqual(serverInfo.token_endpoint, `${origin}/oauth/token`); + }); +}); diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts index 97118d73c0e1..46b8ea9cdd1c 100644 --- a/packages/backend/test/utils.ts +++ b/packages/backend/test/utils.ts @@ -6,6 +6,7 @@ import * as assert from 'node:assert'; import { readFile } from 'node:fs/promises'; import { isAbsolute, basename } from 'node:path'; +import { randomUUID } from 'node:crypto'; import { inspect } from 'node:util'; import WebSocket, { ClientOptions } from 'ws'; import fetch, { File, RequestInit } from 'node-fetch'; @@ -25,6 +26,8 @@ interface UserToken { const config = loadConfig(); export const port = config.port; +export const origin = config.url; +export const host = new URL(config.url).host; export const cookie = (me: UserToken): string => { return `token=${me.token};`; @@ -126,6 +129,15 @@ export const post = async (user: UserToken, params?: misskey.Endpoints['notes/cr return res.body ? res.body.createdNote : null; }; +export const createAppToken = async (user: UserToken, permissions: (typeof misskey.permissions)[number][]) => { + const res = await api('miauth/gen-token', { + session: randomUUID(), + permission: permissions, + }, user); + + return (res.body as misskey.entities.MiauthGenTokenResponse).token; +}; + // 非公開ノートをAPI越しに見たときのノート NoteEntityService.ts export const hiddenNote = (note: any): any => { const temp = { diff --git a/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts b/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts index 550e08d7f75b..535adc9c853c 100644 --- a/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts +++ b/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts @@ -6,7 +6,7 @@ import { parse } from 'acorn'; import { generate } from 'astring'; import { describe, expect, it } from 'vitest'; -import { normalizeClass, unwindCssModuleClassName } from './rollup-plugin-unwind-css-module-class-name'; +import { normalizeClass, unwindCssModuleClassName } from './rollup-plugin-unwind-css-module-class-name.js'; import type * as estree from 'estree'; function parseExpression(code: string): estree.Expression { diff --git a/packages/frontend/src/components/MkAbuseReport.stories.impl.ts b/packages/frontend/src/components/MkAbuseReport.stories.impl.ts index 3b6452962031..77e7c84d5c9c 100644 --- a/packages/frontend/src/components/MkAbuseReport.stories.impl.ts +++ b/packages/frontend/src/components/MkAbuseReport.stories.impl.ts @@ -7,8 +7,8 @@ import { action } from '@storybook/addon-actions'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { abuseUserReport } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { abuseUserReport } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAbuseReport from './MkAbuseReport.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts b/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts index b45d54679be0..dc842b3d1bd2 100644 --- a/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts +++ b/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts @@ -7,8 +7,8 @@ import { action } from '@storybook/addon-actions'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAbuseReportWindow from './MkAbuseReportWindow.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAccountMoved.stories.impl.ts b/packages/frontend/src/components/MkAccountMoved.stories.impl.ts index a6d4d18c1b6e..33c6c24631c8 100644 --- a/packages/frontend/src/components/MkAccountMoved.stories.impl.ts +++ b/packages/frontend/src/components/MkAccountMoved.stories.impl.ts @@ -5,7 +5,7 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; -import { userDetailed } from '../../.storybook/fakes'; +import { userDetailed } from '../../.storybook/fakes.js'; import MkAccountMoved from './MkAccountMoved.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAchievements.stories.impl.ts b/packages/frontend/src/components/MkAchievements.stories.impl.ts index a67e1def13f3..6d972467b153 100644 --- a/packages/frontend/src/components/MkAchievements.stories.impl.ts +++ b/packages/frontend/src/components/MkAchievements.stories.impl.ts @@ -6,8 +6,8 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAchievements from './MkAchievements.vue'; import { ACHIEVEMENT_TYPES } from '@/scripts/achievements.js'; export const Empty = { diff --git a/packages/frontend/src/components/MkAchievements.vue b/packages/frontend/src/components/MkAchievements.vue index b067e94a6dbc..d49eeb0329bf 100644 --- a/packages/frontend/src/components/MkAchievements.vue +++ b/packages/frontend/src/components/MkAchievements.vue @@ -67,7 +67,7 @@ const props = withDefaults(defineProps<{ withDescription: true, }); -const achievements = ref(); +const achievements = ref(null); const lockedAchievements = computed(() => ACHIEVEMENT_TYPES.filter(x => !(achievements.value ?? []).some(a => a.name === x))); function fetch() { diff --git a/packages/frontend/src/components/MkAsUi.vue b/packages/frontend/src/components/MkAsUi.vue index 4239cc6091ce..0ff5bd703685 100644 --- a/packages/frontend/src/components/MkAsUi.vue +++ b/packages/frontend/src/components/MkAsUi.vue @@ -11,7 +11,7 @@ SPDX-License-Identifier: AGPL-3.0-only {{ c.text }} - + {{ c.text }}
{{ button.text }} diff --git a/packages/frontend/src/components/MkAutocomplete.stories.impl.ts b/packages/frontend/src/components/MkAutocomplete.stories.impl.ts index 8232759ba045..969519386fc9 100644 --- a/packages/frontend/src/components/MkAutocomplete.stories.impl.ts +++ b/packages/frontend/src/components/MkAutocomplete.stories.impl.ts @@ -9,8 +9,8 @@ import { expect } from '@storybook/jest'; import { userEvent, waitFor, within } from '@storybook/testing-library'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAutocomplete from './MkAutocomplete.vue'; import MkInput from './MkInput.vue'; import { tick } from '@/scripts/test-utils.js'; diff --git a/packages/frontend/src/components/MkAvatars.stories.impl.ts b/packages/frontend/src/components/MkAvatars.stories.impl.ts index 659c0eebdf40..d41b64695fdc 100644 --- a/packages/frontend/src/components/MkAvatars.stories.impl.ts +++ b/packages/frontend/src/components/MkAvatars.stories.impl.ts @@ -6,8 +6,8 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAvatars from './MkAvatars.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkCaptcha.vue b/packages/frontend/src/components/MkCaptcha.vue index 14e59acad20d..40bca11e647f 100644 --- a/packages/frontend/src/components/MkCaptcha.vue +++ b/packages/frontend/src/components/MkCaptcha.vue @@ -26,7 +26,7 @@ export type Captcha = { getResponse(id: string): string; }; -type CaptchaProvider = 'hcaptcha' | 'recaptcha' | 'turnstile'; +export type CaptchaProvider = 'hcaptcha' | 'recaptcha' | 'turnstile'; type CaptchaContainer = { readonly [_ in CaptchaProvider]?: Captcha; diff --git a/packages/frontend/src/components/MkContextMenu.vue b/packages/frontend/src/components/MkContextMenu.vue index b78252be895c..e29cf472f7df 100644 --- a/packages/frontend/src/components/MkContextMenu.vue +++ b/packages/frontend/src/components/MkContextMenu.vue @@ -20,7 +20,7 @@ SPDX-License-Identifier: AGPL-3.0-only