diff --git a/.github/ISSUE_TEMPLATE/01_bug-report.yml b/.github/ISSUE_TEMPLATE/01_bug-report.yml index f74719989f..ac2b39cc12 100644 --- a/.github/ISSUE_TEMPLATE/01_bug-report.yml +++ b/.github/ISSUE_TEMPLATE/01_bug-report.yml @@ -89,3 +89,9 @@ body: render: markdown validations: required: false + + - type: checkboxes + attributes: + label: Do you want to address this bug yourself? + options: + - label: Yes, I will patch the bug myself and send a pull request diff --git a/.github/ISSUE_TEMPLATE/02_feature-request.yml b/.github/ISSUE_TEMPLATE/02_feature-request.yml index 8420475b3e..8d7b0b2539 100644 --- a/.github/ISSUE_TEMPLATE/02_feature-request.yml +++ b/.github/ISSUE_TEMPLATE/02_feature-request.yml @@ -14,4 +14,9 @@ body: label: Purpose description: Describe the specific problem or need you think this feature will solve, and who it will help. validations: - required: true \ No newline at end of file + required: true + - type: checkboxes + attributes: + label: Do you want to implement this feature yourself? + options: + - label: Yes, I will implement this by myself and send a pull request diff --git a/.github/workflows/get-api-diff.yml b/.github/workflows/get-api-diff.yml index d604f9b16d..bf92e701b2 100644 --- a/.github/workflows/get-api-diff.yml +++ b/.github/workflows/get-api-diff.yml @@ -56,7 +56,7 @@ jobs: - name: Upload Artifact uses: actions/upload-artifact@v4 with: - name: api-artifact + name: api-artifact-${{ matrix.api-json-name }} path: ${{ matrix.api-json-name }} save-pr-number: @@ -69,5 +69,5 @@ jobs: echo "$PR_NUMBER" > ./pr_number - uses: actions/upload-artifact@v4 with: - name: api-artifact + name: api-artifact-pr-number path: pr_number diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d6832278e8..f3074ab0a4 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -78,4 +78,6 @@ jobs: cache: 'pnpm' - run: corepack enable - run: pnpm i --frozen-lockfile + - run: pnpm --filter misskey-js run build + if: ${{ matrix.workspace == 'backend' }} - run: pnpm --filter ${{ matrix.workspace }} run typecheck diff --git a/.github/workflows/report-api-diff.yml b/.github/workflows/report-api-diff.yml index 309516772f..54da8b4a83 100644 --- a/.github/workflows/report-api-diff.yml +++ b/.github/workflows/report-api-diff.yml @@ -19,24 +19,28 @@ jobs: uses: actions/github-script@v7 with: script: | + const fs = require('fs'); let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ owner: context.repo.owner, repo: context.repo.repo, run_id: context.payload.workflow_run.id, }); - let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { - return artifact.name == "api-artifact" - })[0]; - let download = await github.rest.actions.downloadArtifact({ - owner: context.repo.owner, - repo: context.repo.repo, - artifact_id: matchArtifact.id, - archive_format: 'zip', + let matchArtifacts = allArtifacts.data.artifacts.filter((artifact) => { + return artifact.name.startsWith("api-artifact-") || artifact.name == "api-artifact" }); - let fs = require('fs'); - fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/api-artifact.zip`, Buffer.from(download.data)); - - name: Extract artifact - run: unzip api-artifact.zip -d artifacts + await Promise.all(matchArtifacts.map(async (artifact) => { + let download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: artifact.id, + archive_format: 'zip', + }); + await fs.promises.writeFile(`${process.env.GITHUB_WORKSPACE}/${artifact.name}.zip`, Buffer.from(download.data)); + })); + - name: Extract all artifacts + run: | + find . -mindepth 1 -maxdepth 1 -type f -name '*.zip' -exec unzip {} -d artifacts ';' + ls -la - name: Load PR Number id: load-pr-num run: echo "pr-number=$(cat artifacts/pr_number)" >> "$GITHUB_OUTPUT" @@ -83,3 +87,11 @@ jobs: pr_number: ${{ steps.load-pr-num.outputs.pr-number }} comment_tag: show_diff filePath: ./output.md + - name: Tell error to PR + uses: thollander/actions-comment-pull-request@v2 + if: failure() && steps.load-pr-num.outputs.pr-number + with: + pr_number: ${{ steps.load-pr-num.outputs.pr-number }} + comment_tag: show_diff_error + message: | + api.jsonの差分作成中にエラーが発生しました。詳細は[Workflowのログ](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})を確認してください。 diff --git a/CHANGELOG.md b/CHANGELOG.md index ac31bc0d28..199a420f7b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,27 @@ --> +## 2023.12.1 + +### General +- Enhance: ローカリゼーションの更新 +- Fix: 自分のdirect noteがuser list timelineに追加されない + +### Client +- Feat: AiScript専用のMFM構文`$[clickable.ev=EVENTNAME ...]`を追加。`Mk:C:mfm`のオプション`onClickEv`に関数を渡すと、クリック時に`EVENTNAME`を引数にして呼び出す +- Enhance: MFM入力補助ボタンを投稿フォームに表示できるように #12787 +- Fix: 一部のモデログ(logYellowでの表示対象)について、表示の色が変わらない問題を修正 +- Fix: `fg`/`bg`MFMに長い単語を指定すると、オーバーフローされずはみ出る問題を修正 + +### Server +- Enhance: センシティブワードの設定がハッシュタグトレンドにも適用されるようになりました +- Enhance: `oauth/token`エンドポイントのCORS対応 +- Fix: 1702718871541-ffVisibility.jsのdownが壊れている +- Fix:「非センシティブのみ(リモートはいいねのみ)」を設定していても、センシティブに設定されたカスタム絵文字をリアクションできる問題を修正 +- Fix: ロールアサイン時の通知で,ロールアイコンが縮小されずに表示される問題を修正 +- Fix: サードパーティアプリケーションがWebsocket APIに無条件にアクセスできる問題を修正 +- Fix: サードパーティアプリケーションがユーザーの許可なしに非公開の情報を見ることができる問題を修正 + ## 2023.12.0 ### Note @@ -99,6 +120,7 @@ - Enhance: MFM `$[ruby ]` が他ソフトウェアと連合されるように - Enhance: Meilisearchを有効にした検索で、ユーザーのミュートやブロックを考慮するように - Enhance: カスタム絵文字のインポート時の動作を改善 +- Enhance: json-schema(OpenAPIの戻り値として使用されるスキーマ定義)を出来る限り最新化 #12311 - Fix: 時間経過により無効化されたアンテナを再有効化したとき、サーバ再起動までその状況が反映されないのを修正 #12303 - Fix: ロールタイムラインが保存されない問題を修正 - Fix: api.jsonの生成ロジックを改善 #12402 @@ -115,7 +137,6 @@ - Fix: モデレーションログがモデレーターは閲覧できないように修正 - Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正 - Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない -- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正 ## 2023.11.1 @@ -126,7 +147,6 @@ - Feat: 管理者がコントロールパネルからメールアドレスの照会を行えるようになりました - Enhance: ローカリゼーションの更新 - Enhance: 依存関係の更新 -- Enhance: json-schema(OpenAPIの戻り値として使用されるスキーマ定義)を出来る限り最新化 #12311 ### Client - Enhance: MFMでルビを振れるように diff --git a/SECURITY.md b/SECURITY.md index 2c026a5f33..fc5dec5de4 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,7 +1,6 @@ # Reporting Security Issues -If you discover a security issue in Misskey, please report it by sending an -email to [syuilotan@yahoo.co.jp](mailto:syuilotan@yahoo.co.jp). +If you discover a security issue in Misskey, please report it by **[this form](https://github.com/misskey-dev/misskey/security/advisories/new)**. This will allow us to assess the risk, and make a fix available before we add a bug report to the GitHub repository. diff --git a/locales/en-US.yml b/locales/en-US.yml index 0701bc3710..ed71b5a190 100644 --- a/locales/en-US.yml +++ b/locales/en-US.yml @@ -121,6 +121,8 @@ sensitive: "Sensitive" add: "Add" reaction: "Reactions" reactions: "Reactions" +emojiPicker: "Emoji picker" +emojiPickerDisplay: "Emoji picker display" reactionSettingDescription2: "Drag to reorder, click to delete, press \"+\" to add." rememberNoteVisibility: "Remember note visibility settings" attachCancel: "Remove attachment" @@ -260,6 +262,7 @@ removed: "Successfully deleted" removeAreYouSure: "Are you sure that you want to remove \"{x}\"?" deleteAreYouSure: "Are you sure that you want to delete \"{x}\"?" resetAreYouSure: "Really reset?" +areYouSure: "Are you sure?" saved: "Saved" messaging: "Chat" upload: "Upload" @@ -874,6 +877,8 @@ makeReactionsPublicDescription: "This will make the list of all your past reacti classic: "Classic" muteThread: "Mute thread" unmuteThread: "Unmute thread" +followingVisibility: "Visibility of follows" +followersVisibility: "Visibility of followers" continueThread: "View thread continuation" deleteAccountConfirm: "This will irreversibly delete your account. Proceed?" incorrectPassword: "Incorrect password." @@ -1972,6 +1977,7 @@ _widgets: _userList: chooseList: "Select a list" clicker: "Clicker" + birthdayFollowings: "Users who celebrate their birthday today" _cw: hide: "Hide" show: "Show content" @@ -2329,6 +2335,8 @@ _dataSaver: _avatar: title: "Avatar image" description: "Stop avatar image animation. Animated images can be larger in file size than normal images, potentially leading to further reductions in data traffic." + _urlPreview: + title: "URL preview thumbnails" _code: title: "Code highlighting" description: "If code highlighting notations are used in MFM, etc., they will not load until tapped. Syntax highlighting requires downloading the highlight definition files for each programming language. Therefore, disabling the automatic loading of these files is expected to reduce the amount of communication data." diff --git a/locales/es-ES.yml b/locales/es-ES.yml index a079cf01f9..9aa7bc4e70 100644 --- a/locales/es-ES.yml +++ b/locales/es-ES.yml @@ -121,6 +121,12 @@ sensitive: "Marcado como sensible" add: "Agregar" reaction: "Reacción" reactions: "Reacción" +emojiPicker: "Selector de emojis" +pinnedEmojisForReactionSettingDescription: "Puedes seleccionar reacciones para fijarlos en el selector" +pinnedEmojisSettingDescription: "Puedes seleccionar emojis para fijarlos en el selector" +emojiPickerDisplay: "Mostrar el selector de emojis" +overwriteFromPinnedEmojisForReaction: "Sobreescribir las reacciones fijadas" +overwriteFromPinnedEmojis: "Sobreescribir los emojis fijados" reactionSettingDescription2: "Arrastre para reordenar, click para borrar, apriete la tecla + para añadir." rememberNoteVisibility: "Recordar visibilidad" attachCancel: "Quitar adjunto" @@ -260,6 +266,7 @@ removed: "Borrado" removeAreYouSure: "¿Desea borrar \"{x}\"?" deleteAreYouSure: "¿Desea borrar \"{x}\"?" resetAreYouSure: "¿Desea reestablecer?" +areYouSure: "¿Estás conforme?" saved: "Guardado" messaging: "Chat" upload: "Subir" @@ -640,6 +647,7 @@ smtpSecure: "Usar SSL/TLS implícito en la conexión SMTP" smtpSecureInfo: "Apagar cuando se use STARTTLS" testEmail: "Prueba de envío" wordMute: "Silenciar palabras" +hardWordMute: "Filtro de palabra fuerte" regexpError: "Error de la expresión regular" regexpErrorDescription: "Ocurrió un error en la expresión regular en la linea {line} de las palabras muteadas {tab}" instanceMute: "Instancias silenciadas" @@ -873,6 +881,8 @@ makeReactionsPublicDescription: "Todas las reacciones que hayas hecho serán pú classic: "Clásico" muteThread: "Silenciar hilo" unmuteThread: "Mostrar hilo" +followingVisibility: "Visibilidad de seguidos" +followersVisibility: "Visibilidad de seguidores" continueThread: "Ver la continuación del hilo" deleteAccountConfirm: "La cuenta será borrada. ¿Está seguro?" incorrectPassword: "La contraseña es incorrecta" @@ -1024,6 +1034,7 @@ sensitiveWords: "Palabras sensibles" sensitiveWordsDescription: "La visibilidad de todas las notas que contienen cualquiera de las palabras configuradas serán puestas en \"Inicio\" automáticamente. Puedes enumerás varias separándolas con saltos de línea" sensitiveWordsDescription2: "Si se usan espacios se crearán expresiones AND y las palabras subsecuentes con barras inclinadas se convertirán en expresiones regulares." hiddenTags: "Hashtags ocultos" +hiddenTagsDescription: "Selecciona las etiquetas que no se mostrarán en tendencias. Una etiqueta por línea." notesSearchNotAvailable: "No se puede buscar una nota" license: "Licencia" unfavoriteConfirm: "¿Desea quitar de favoritos?" @@ -1152,6 +1163,7 @@ tosAndPrivacyPolicy: "Condiciones de Uso y Política de Privacidad" avatarDecorations: "Decoraciones de avatar" attach: "Acoplar" detach: "Quitar" +detachAll: "Quitar todo" angle: "Ángulo" flip: "Echar de un capirotazo" showAvatarDecorations: "Mostrar decoraciones de avatar" @@ -1165,6 +1177,10 @@ cwNotationRequired: "Si se ha activado \"ocultar contenido\", es necesario propo doReaction: "Añadir reacción" code: "Código" reloadRequiredToApplySettings: "Es necesario recargar para que se aplique la configuración." +remainingN: "Faltan: {n}" +overwriteContentConfirm: "¿Quieres sustituir todo el contenido actual?" +seasonalScreenEffect: "Efectos de pantalla asociados a estaciones" +decorate: "Decorar" _announcement: forExistingUsers: "Solo para usuarios registrados" forExistingUsersDescription: "Este anuncio solo se mostrará a aquellos usuarios registrados en el momento de su publicación. Si se deshabilita esta opción, aquellos usuarios que se registren tras su publicación también lo verán." @@ -1222,6 +1238,45 @@ _initialTutorial: home: "Puedes ver los posts de las cuentas que sigues." local: "Puedes ver los posts de todos los usuarios de este servidor." social: "Se ven los posts de la línea de tiempo de inicio junto con los de la línea de tiempo local." + global: "Puedes ver notas de todos los servidores conectados." + description2: "Puedes cambiar la línea de tiempo en la parte superior de la pantalla cuando quieras." + description3: "Además, hay listas de líneas de tiempo y listas de canales. Para más detalle, por favor visita este enlace: {link}" + _postNote: + title: "Ajustes de publicación de nota" + description1: "Cuando publicas una nota en Misskey, hay varias opciones disponibles. El formulario tiene este aspecto." + _visibility: + description: "Puedes limitar quién puede ver tu nota." + public: "Tu nota será visible para todos los usuarios." + home: "Publicar solo en la línea de tiempo de Inicio. La nota se verá en tu perfil, la verán tus seguidores y también cuando sea renotada." + followers: "Visible solo para seguidores. Sólo tus seguidores podrán ver la nota, y no podrá ser renotada por otras personas." + direct: "Visible sólo para usuarios específicos, y el destinatario será notificado. Puede usarse como alternativa a la mensajería directa." + doNotSendConfidencialOnDirect1: "¡Ten cuidado cuando vayas a enviar información sensible!" + doNotSendConfidencialOnDirect2: "Los administradores del servidor pueden leer lo que escribes. Ten cuidado cuando envíes información sensible en notas directas en servidores no confiables." + localOnly: "Publicando con esta opción seleccionada, la nota no se federará hacia otros servidores. Los usuarios de otros servidores no podrán ver estas notas directamente, sin importar los ajustes seleccionados más arriba." + _cw: + title: "Alerta de contenido (CW)" + description: "En lugar de mostrarse el contenido de la nota, se mostrará lo que escribas en el campo \"comentarios\". Pulsando en \"leer más\" desplegará el contenido de la nota." + _exampleNote: + cw: "¡Esto te hará tener hambre!" + note: "Acabo de comerme un donut de chocolate glaseado 🍩😋" + useCases: "Esto se usa cuando las normas del servidor lo requieren, o para ocultar spoilers o contenido sensible." + _howToMakeAttachmentsSensitive: + title: "¿Cómo puedo marcar adjuntos como contenido sensible?" + description: "Cuando las normas del servidor lo requieran, o el contenido lo requiera, marca la opción de \"contenido sensible\" para el adjunto." + tryThisFile: "¡Prueba a marcar la imagen adjunta como contenido sensible!" + _exampleNote: + note: "Ups, la he liado al abrir la tapa del natto..." + method: "Para marcar un adjunto como sensible, haz clic en la miniatura, abre el menú, y haz clic en \"Marcar como sensible\"." + sensitiveSucceeded: "Cuando adjuntes archivos, por favor, ten en cuenta las normas del servidor para marcarlos como contenido sensible." + doItToContinue: "Marca el archivo adjunto como sensible para continuar." + _done: + title: "¡Has completado el tutorial! 🎉" + description: "Las funciones que mostramos aquí son sólo una pequeña parte. Para más detalles sobre el funcionamiento de Misskey, pulsa en este enlace: {link}" +_timelineDescription: + home: "En la línea de tiempo de Inicio puedes ver las notas de las cuentas a las que sigues." + local: "En la línea de tiempo Local puedes ver las notas de todos los usuarios del servidor." + social: "En la línea de tiempo Social verás las notas de Inicio y Local a la vez." + global: "En la línea de tiempo Global verás las notas de todos los servidores conectados." _serverRules: description: "Un conjunto de reglas que serán mostradas antes del registro. Configurar un sumario de términos de servicio es recomendado." _serverSettings: @@ -1233,6 +1288,9 @@ _serverSettings: manifestJsonOverride: "Sobreescribir manifest.json" shortName: "Nombre corto" shortNameDescription: "Forma corta del nombre de la instancia que puede mostrarse si el nombre completo es demasiado largo." + fanoutTimelineDescription: "Incrementa el rendimiento de forma significativa cuando se obtienen las líneas de tiempo y reduce la carga en la base de datos. A cambio, el uso de la memoria en Redis incrementará. Considera desactivar esta opción en caso de que tu servidor tenga poca memoria o detectes inestabilidad." + fanoutTimelineDbFallback: "Cargar desde la base de datos" + fanoutTimelineDbFallbackDescription: "Cuando esta opción está habilitada, la carga de peticiones adicionales de la línea de tiempo se hará desde la base de datos cuando éstas no se encuentren en la caché. Al deshabilitar esta opción se reduce la carga del servidor, pero limita el número de líneas de tiempo que pueden obtenerse." _accountMigration: moveFrom: "Trasladar de otra cuenta a ésta" moveFromSub: "Crear un alias para otra cuenta." @@ -1490,6 +1548,9 @@ _achievements: _smashTestNotificationButton: title: "Sobrecarga de pruebas" description: "Envía muchas notificaciones de prueba en un corto espacio de tiempo" + _tutorialCompleted: + title: "Diploma del Curso Básico de Misskey" + description: "Tutorial completado" _role: new: "Crear rol" edit: "Editar rol" @@ -1500,7 +1561,9 @@ _role: assignTarget: "Asignar objetivo" descriptionOfAssignTarget: "Manual Para cambiar manualmente lo que se incluye en este rol.\nCondicional configura una condición, y los usuarios que cumplan la condición serán incluídos automáticamente." manual: "manual" + manualRoles: "Roles manuales" conditional: "condicional" + conditionalRoles: "Roles condicionales" condition: "condición" isConditionalRole: "Esto es un rol condicional" isPublic: "Publicar rol" @@ -1549,6 +1612,7 @@ _role: canHideAds: "Puede ocultar anuncios" canSearchNotes: "Uso de la búsqueda de notas" canUseTranslator: "Uso de traductor" + avatarDecorationLimit: "Número máximo de decoraciones de avatar" _condition: isLocal: "Usuario local" isRemote: "Usuario remoto" @@ -1577,6 +1641,7 @@ _emailUnavailable: disposable: "No es un correo reutilizable" mx: "Servidor de correo inválido" smtp: "Servidor de correo no disponible" + banned: "Email no disponible" _ffVisibility: public: "Publicar" followers: "Visible solo para seguidores" @@ -1653,6 +1718,7 @@ _aboutMisskey: donate: "Donar a Misskey" morePatrons: "Muchas más personas nos apoyan. Muchas gracias🥰" patrons: "Patrocinadores" + projectMembers: "Miembros del proyecto" _displayOfSensitiveMedia: respect: "Esconder medios marcados como sensibles" ignore: "Mostrar medios marcados como sensibles" @@ -1677,6 +1743,7 @@ _channel: notesCount: "{n} notas" nameAndDescription: "Nombre y descripción" nameOnly: "Sólo nombre" + allowRenoteToExternal: "Permitir renotas y menciones fuera del canal" _menuDisplay: sideFull: "Horizontal" sideIcon: "Horizontal (ícono)" @@ -1768,6 +1835,14 @@ _sfx: notification: "Notificaciones" antenna: "Antena receptora" channel: "Notificaciones del canal" + reaction: "Al seleccionar una reacción" +_soundSettings: + driveFile: "Usar un archivo de audio en Drive" + driveFileWarn: "Selecciona un archivo de audio en Drive." + driveFileTypeWarn: "Este archivo es incompatible" + driveFileTypeWarnDescription: "Selecciona un archivo de audio" + driveFileDurationWarn: "La duración del audio es demasiado larga." + driveFileDurationWarnDescription: "Usar un audio de larga duración puede llegar a molestar mientras usas Misskey. ¿Quieres continuar?" _ago: future: "Futuro" justNow: "Justo ahora" @@ -1780,6 +1855,12 @@ _ago: yearsAgo: "Hace {n} años" invalid: "No hay nada que ver aqui" _timeIn: + seconds: "En {n} segundos" + minutes: "En {n}m" + hours: "En {n}h" + days: "En {n}d" + weeks: "En {n}sem." + months: "En {n}M" years: "En {n} años" _time: second: "Segundos" @@ -1906,6 +1987,7 @@ _widgets: _userList: chooseList: "Seleccione una lista" clicker: "Cliqueador" + birthdayFollowings: "Hoy cumplen años" _cw: hide: "Ocultar" show: "Ver más" @@ -1968,6 +2050,7 @@ _profile: changeAvatar: "Cambiar avatar" changeBanner: "Cambiar banner" verifiedLinkDescription: "Introduciendo una URL que contiene un enlace a tu perfil, se puede mostrar un icono de verificación de propiedad al lado del campo." + avatarDecorationMax: "Puedes añadir un máximo de {max} decoraciones de avatar." _exportOrImport: allNotes: "Todas las notas" favoritedNotes: "Notas favoritas" @@ -2089,6 +2172,7 @@ _notification: pollEnded: "Estan disponibles los resultados de la encuesta" newNote: "Nueva nota" unreadAntennaNote: "Antena {name}" + roleAssigned: "Rol asignado" emptyPushNotificationMessage: "Se han actualizado las notificaciones push" achievementEarned: "Logro desbloqueado" testNotification: "Notificación de prueba" @@ -2110,6 +2194,7 @@ _notification: pollEnded: "La encuesta terminó" receiveFollowRequest: "Recibió una solicitud de seguimiento" followRequestAccepted: "El seguimiento fue aceptado" + roleAssigned: "Rol asignado" achievementEarned: "Logro desbloqueado" app: "Notificaciones desde aplicaciones" _actions: @@ -2255,3 +2340,16 @@ _externalResourceInstaller: _themeInstallFailed: title: "Instalación de tema fallida" description: "Ha ocurrido un problema al instalar el tema. Por favor, inténtalo de nuevo. Se pueden ver más detalles del error en la consola de Javascript." +_dataSaver: + _media: + title: "Cargando Multimedia" + description: "Desactiva la carga automática de imágenes y vídeos. Tendrás que tocar en las imágenes y vídeos ocultos para cargarlos." + _avatar: + title: "Avatares animados" + description: "Desactiva la animación de los avatares. Las imágenes animadas pueden llegar a ser de mayor tamaño que las normales, por lo que al desactivarlas puedes reducir el consumo de datos." + _urlPreview: + title: "Vista previa de URLs" + description: "Desactiva la carga de vistas previas de las URLs." + _code: + title: "Resaltar código" + description: "Si se usa resaltado de código en MFM, etc., no se cargará hasta pulsar en ello. El resaltado de sintaxis requiere la descarga de archivos de definición para cada lenguaje de programación. Debido a esto, al deshabilitar la carga automática de estos archivos reducirás el consumo de datos." diff --git a/locales/fr-FR.yml b/locales/fr-FR.yml index 43cc1d45b6..26e756e96e 100644 --- a/locales/fr-FR.yml +++ b/locales/fr-FR.yml @@ -162,6 +162,7 @@ addEmoji: "Ajouter un émoji" settingGuide: "Configuration proposée" cacheRemoteFiles: "Mise en cache des fichiers distants" cacheRemoteFilesDescription: "Lorsque cette option est désactivée, les fichiers distants sont chargés directement depuis l’instance distante. La désactiver diminuera certes l’utilisation de l’espace de stockage local mais augmentera le trafic réseau puisque les miniatures ne seront plus générées." +youCanCleanRemoteFilesCache: "Vous pouvez supprimer tous les caches en cliquant le bouton 🗑️ dans la gestion des fichiers." cacheRemoteSensitiveFiles: "Mettre en cache les fichiers distants sensibles" cacheRemoteSensitiveFilesDescription: "Si vous désactivez ce paramètre, les fichiers sensibles distants ne seront pas mis en cache et un lien direct sera utilisé à la place" flagAsBot: "Ce compte est un robot" @@ -726,6 +727,7 @@ lockedAccountInfo: "À moins que vous ne définissiez la visibilité de votre no alwaysMarkSensitive: "Marquer les médias comme contenu sensible par défaut" loadRawImages: "Affichage complet des images jointes au lieu des vignettes" disableShowingAnimatedImages: "Désactiver l'animation des images" +highlightSensitiveMedia: "Mettre en évidence les médias sensibles" verificationEmailSent: "Un e-mail de vérification a été envoyé. Veuillez accéder au lien pour compléter la vérification." notSet: "Non défini" emailVerified: "Votre adresse e-mail a été vérifiée." @@ -979,6 +981,7 @@ show: "Affichage" neverShow: "Ne plus afficher" remindMeLater: "Peut-être plus tard" didYouLikeMisskey: "Avez-vous aimé Misskey ?" +pleaseDonate: "Misskey est le logiciel libre utilisé par {host}. Merci de faire un don pour que nous puissions continuer à le développer !" roles: "Rôles" role: "Rôles" noRole: "Aucun rôle" @@ -991,8 +994,10 @@ manageCustomEmojis: "Gestion des émojis personnalisés" manageAvatarDecorations: "Gérer les décorations d'avatar" youCannotCreateAnymore: "Vous avez atteint la limite de création." cannotPerformTemporary: "Temporairement indisponible" +cannotPerformTemporaryDescription: "Temporairement indisponible puisque le nombre d'opérations dépasse la limite. Veuillez patienter un peu, puis réessayer." invalidParamError: "Paramètres invalides" permissionDeniedError: "Opération refusée" +permissionDeniedErrorDescription: "Ce compte n'a pas la permission d'effectuer cette opération." preset: "Préréglage" selectFromPresets: "Sélectionner à partir des préréglages" achievements: "Accomplissements" @@ -1021,6 +1026,7 @@ likeOnlyForRemote: "Toutes (mentions j'aime seulement pour les instances distant nonSensitiveOnly: "Non sensibles seulement" nonSensitiveOnlyForLocalLikeOnlyForRemote: "Non sensibles seulement (mentions j'aime seulement pour les instances distantes)" rolesAssignedToMe: "Rôles attribués à moi" +resetPasswordConfirm: "Souhaitez-vous réinitialiser votre mot de passe ?" sensitiveWords: "Mots sensibles" hiddenTags: "Hashtags cachés" hiddenTagsDescription: "Les hashtags définis ne s'afficheront pas dans les tendances. Vous pouvez définir plusieurs hashtags en faisant un saut de ligne." @@ -1082,6 +1088,7 @@ installed: "Installé" branding: "Image de marque" expirationDate: "Date d’expiration" waitingForMailAuth: "En attente de la vérification de l'adresse courriel" +inviteCodeCreator: "Créateur·rice de ce code d'invitation" usedAt: "Utilisé le" unused: "Non-utilisé" used: "Utilisé" @@ -1765,6 +1772,7 @@ _visibility: followersDescription: "Publier à vos abonné·e·s uniquement" specified: "Direct" specifiedDescription: "Publier uniquement aux utilisateur·rice·s mentionné·e·s" + disableFederation: "Défédérer" _postForm: replyPlaceholder: "Répondre à cette note ..." quotePlaceholder: "Citez cette note ..." diff --git a/locales/index.d.ts b/locales/index.d.ts index b3589082e1..60e88a2192 100644 --- a/locales/index.d.ts +++ b/locales/index.d.ts @@ -1184,6 +1184,8 @@ export interface Locale { "overwriteContentConfirm": string; "seasonalScreenEffect": string; "decorate": string; + "addMfmFunction": string; + "enableQuickAddMfmFunction": string; "_announcement": { "forExistingUsers": string; "forExistingUsersDescription": string; @@ -2066,6 +2068,55 @@ export interface Locale { "write:flash": string; "read:flash-likes": string; "write:flash-likes": string; + "read:admin:abuse-user-reports": string; + "write:admin:delete-account": string; + "write:admin:delete-all-files-of-a-user": string; + "read:admin:index-stats": string; + "read:admin:table-stats": string; + "read:admin:user-ips": string; + "read:admin:meta": string; + "write:admin:reset-password": string; + "write:admin:resolve-abuse-user-report": string; + "write:admin:send-email": string; + "read:admin:server-info": string; + "read:admin:show-moderation-log": string; + "read:admin:show-user": string; + "read:admin:show-users": string; + "write:admin:suspend-user": string; + "write:admin:unset-user-avatar": string; + "write:admin:unset-user-banner": string; + "write:admin:unsuspend-user": string; + "write:admin:meta": string; + "write:admin:user-note": string; + "write:admin:roles": string; + "read:admin:roles": string; + "write:admin:relays": string; + "read:admin:relays": string; + "write:admin:invite-codes": string; + "read:admin:invite-codes": string; + "write:admin:announcements": string; + "read:admin:announcements": string; + "write:admin:avatar-decorations": string; + "read:admin:avatar-decorations": string; + "write:admin:federation": string; + "write:admin:account": string; + "read:admin:account": string; + "write:admin:emoji": string; + "read:admin:emoji": string; + "write:admin:queue": string; + "read:admin:queue": string; + "write:admin:promo": string; + "write:admin:drive": string; + "read:admin:drive": string; + "read:admin:stream": string; + "write:admin:ad": string; + "read:admin:ad": string; + "write:invite-codes": string; + "read:invite-codes": string; + "write:clip-favorite": string; + "read:clip-favorite": string; + "read:federation": string; + "write:report-abuse": string; }; "_auth": { "shareAccessTitle": string; diff --git a/locales/ja-JP.yml b/locales/ja-JP.yml index b59fb6e749..3d31dcef49 100644 --- a/locales/ja-JP.yml +++ b/locales/ja-JP.yml @@ -1181,6 +1181,8 @@ remainingN: "残り: {n}" overwriteContentConfirm: "現在の内容に上書きされますがよろしいですか?" seasonalScreenEffect: "季節に応じた画面の演出" decorate: "デコる" +addMfmFunction: "装飾を追加" +enableQuickAddMfmFunction: "高度なMFMのピッカーを表示する" _announcement: forExistingUsers: "既存ユーザーのみ" @@ -1971,6 +1973,55 @@ _permissions: "write:flash": "Playを操作する" "read:flash-likes": "Playのいいねを見る" "write:flash-likes": "Playのいいねを操作する" + "read:admin:abuse-user-reports": "ユーザーからの通報を見る" + "write:admin:delete-account": "ユーザーアカウントを削除する" + "write:admin:delete-all-files-of-a-user": "ユーザーのすべてのファイルを削除する" + "read:admin:index-stats": "データベースインデックスに関する情報を見る" + "read:admin:table-stats": "データベーステーブルに関する情報を見る" + "read:admin:user-ips": "ユーザーのIPアドレスを見る" + "read:admin:meta": "インスタンスのメタデータを見る" + "write:admin:reset-password": "ユーザーのパスワードをリセットする" + "write:admin:resolve-abuse-user-report": "ユーザーからの通報を解決する" + "write:admin:send-email": "メールを送る" + "read:admin:server-info": "サーバーの情報を見る" + "read:admin:show-moderation-log": "モデレーションログを見る" + "read:admin:show-user": "ユーザーのプライベートな情報を見る" + "read:admin:show-users": "ユーザーのプライベートな情報を見る" + "write:admin:suspend-user": "ユーザーを凍結する" + "write:admin:unset-user-avatar": "ユーザーのアバターを削除する" + "write:admin:unset-user-banner": "ユーザーのバーナーを削除する" + "write:admin:unsuspend-user": "ユーザーの凍結を解除する" + "write:admin:meta": "インスタンスのメタデータを操作する" + "write:admin:user-note": "モデレーションノートを操作する" + "write:admin:roles": "ロールを操作する" + "read:admin:roles": "ロールを見る" + "write:admin:relays": "リレーを操作する" + "read:admin:relays": "リレーを見る" + "write:admin:invite-codes": "招待コードを操作する" + "read:admin:invite-codes": "招待コードを見る" + "write:admin:announcements": "お知らせを操作する" + "read:admin:announcements": "お知らせを見る" + "write:admin:avatar-decorations": "アバターデコレーションを操作する" + "read:admin:avatar-decorations": "アバターデコレーションを見る" + "write:admin:federation": "連合に関する情報を操作する" + "write:admin:account": "ユーザーアカウントを操作する" + "read:admin:account": "ユーザーに関する情報を見る" + "write:admin:emoji": "絵文字を操作する" + "read:admin:emoji": "絵文字を見る" + "write:admin:queue": "ジョブキューを操作する" + "read:admin:queue": "ジョブキューに関する情報を見る" + "write:admin:promo": "プロモーションノートを操作する" + "write:admin:drive": "ユーザーのドライブを操作する" + "read:admin:drive": "ユーザーのドライブの関する情報を見る" + "read:admin:stream": "管理者用のWebsocket APIを使う" + "write:admin:ad": "広告を操作する" + "read:admin:ad": "広告を見る" + "write:invite-codes": "招待コードを作成する" + "read:invite-codes": "招待コードを取得する" + "write:clip-favorite": "クリップのいいねを操作する" + "read:clip-favorite": "クリップのいいねを見る" + "read:federation": "連合に関する情報を取得する" + "write:report-abuse": "違反を報告する" _auth: shareAccessTitle: "アプリへのアクセス許可" diff --git a/locales/ko-GS.yml b/locales/ko-GS.yml index 9b113ad1b9..37bdf1e577 100644 --- a/locales/ko-GS.yml +++ b/locales/ko-GS.yml @@ -298,7 +298,7 @@ light: "볽엄" dark: "어덥엄" lightThemes: "볽언 테마" darkThemes: "어덥언 테마" -syncDeviceDarkMode: "드라이브으 어덥엄 모드하고 같구로 마추기" +syncDeviceDarkMode: "디바이스 쪽 어덥엄 모드하고 같구로 마추기" drive: "드라이브" fileName: "파일 이럼" selectFile: "파일 개리기" @@ -425,20 +425,145 @@ moderationLogs: "중재 일지" nUsersMentioned: "{n}멩이 이바구하고 잇어예" securityKeyAndPasskey: "보안키·패스키" securityKey: "보안키" +lastUsed: "마지막 쓰임" +lastUsedAt: "마지막 쓰임: {t}" unregister: "맨걸기 무루기" +passwordLessLogin: "비밀번호 없시 로그인" +passwordLessLoginDescription: "비밀번호 말고 보안키나 패스키 같은 것만 써 가 로그인합니다." +resetPassword: "비밀번호 재설정" +newPasswordIs: "새 비밀번호는 \"{password}\" 입니다" +reduceUiAnimation: "화면 움직임 효과들을 수ᇚ후기" share: "노누기" notFound: "몬 찾앗십니다" +notFoundDescription: "고런 주소로 들어가는 하멘은 없십니다." +uploadFolder: "기본 업로드 위치" +markAsReadAllNotifications: "모든 알림 이럿다고 표시" +markAsReadAllUnreadNotes: "모든 글 이럿다고 표시" +markAsReadAllTalkMessages: "모든 대화 이럿다고 표시" help: "도움말" +inputMessageHere: "여따가 메시지를 입력해주이소" +close: "닫기" invites: "초대하기" +members: "멤버" +transfer: "양도" +title: "제목" +text: "글" +enable: "키기" +next: "다음" retype: "다시 서기" noteOf: "{user}님으 노트" +quoteAttached: "따옴" +quoteQuestion: "따와가 작성하겠십니까?" +noMessagesYet: "아직 대화가 없십니다" +newMessageExists: "새 메시지가 있십니다" +onlyOneFileCanBeAttached: "메시지엔 파일 하나까제밖에 몬 넣십니다" invitations: "초대하기" checking: "학인하고 잇십니다" passwordMatched: "맞십니다" passwordNotMatched: "안 맞십니다" +signinFailed: "로그인 몬 했십니다. 고 이름이랑 비밀번호 제대로 썼는가 확인해 주이소." +or: "아니면" language: "언어" +uiLanguage: "UI 표시 언어" +aboutX: "{x}에 대해서" +emojiStyle: "이모지 모양" +native: "기본" +disableDrawer: "드로어 메뉴 쓰지 않기" +showNoteActionsOnlyHover: "마우스 올맀을 때만 노트 액션 버턴 보이기" +noHistory: "기록이 없십니다" +signinHistory: "로그인 기록" +enableAdvancedMfm: "복잡한 MFM 키기" +enableAnimatedMfm: "정신사나운 MFM 키기" +doing: "잠만예" +category: "카테고리" +tags: "태그" +docSource: "요 문서의 원본" +createAccount: "게정 맨걸기" +existingAccount: "원래 게정" +regenerate: "엎고 다시 맨걸기" +fontSize: "글자 크기" +mediaListWithOneImageAppearance: "사진 하나짜리 미디어 목록의 높이" +limitTo: "{x}로 제한" +noFollowRequests: "지둘리는 팔로우 요청이 없십니다" +openImageInNewTab: "새 탭서 사진 열기" +dashboard: "대시보드" +local: "로컬" remote: "웬겍" +total: "합계" +weekOverWeekChanges: "저번주보다" +dayOverDayChanges: "어제보다" +appearance: "모냥" +clientSettings: "클라이언트 설정" +accountSettings: "게정 설정" +promotion: "선전" +promote: "선전하기" +numberOfDays: "며칠동안" +hideThisNote: "요 노트를 수ᇚ후기" +showFeaturedNotesInTimeline: "타임라인에다 추천 노트 보이기" +objectStorage: "오브젝트 스토리지" +useObjectStorage: "오브젝트 스토리지 키기" +objectStorageBaseUrl: "Base URL" +objectStorageBaseUrlDesc: "오브젝트 (미디어) 참조 링크 만들 때 쓰는 URL임다. CDN 내지 프락시를 쓴다 카멘은 그 URL을 갖다 늫고, 아이면 써먹을 서비스네 가이드를 봐봐가 공개적으로 접근할 수 있는 주소를 여 넣어 주이소. 그니께, 내가 AWS S3을 쓴다 카면은 'https://.s3.amazonaws.com', GCS를 쓴다 카면 'https://storage.googleapis.com/' 처럼 쓰믄 되입니더." +objectStorageBucket: "Bucket" +objectStorageBucketDesc: "써먹을 서비스의 바께쓰 이름을 여 써 주이소." +objectStoragePrefix: "Prefix" +objectStoragePrefixDesc: "요 Prefix 디렉토리 안에다가 파일이 들어감다." +objectStorageEndpoint: "Endpoint" +objectStorageEndpointDesc: "AWS S3을 쓸라멘 요는 비워두고, 아이멘은 그 서비스 가이드에 맞게 endpoint를 넣어 주이소. '' 내지 ':'처럼 넣십니다." +objectStorageRegion: "Region" +objectStorageRegionDesc: "'xx-east-1' 같은 region 이름을 옇어 주이소. 써먹을 서비스에 region 개념 같은 게 읎다! 카면은 대신에 'us-east-1'을 옇어 놓으이소. AWS 설정 파일이나 환경 변수를 갖다 끌어다 쓸 거면은 요는 비워 두이소." +objectStorageUseSSL: "SSL 쓰기" +objectStorageUseSSLDesc: "API 호출할 때 HTTPS 안 쓸거면은 꺼 두이소" +objectStorageUseProxy: "연결에 프락시 사용" +objectStorageUseProxyDesc: "오브젝트 스토리지 API 호출에 프락시 안 쓸 거면 꺼 두이소" +objectStorageSetPublicRead: "업로드할 때 'public-read' 설정하기" +s3ForcePathStyleDesc: "s3ForcePathStyle을 키면, 바께쓰 이름을 URL의 호스트명 말고 경로의 일부로써 취급합니다. 셀프 호스트 Minio 같은 걸 굴릴라믄 켜놔야 될 수도 있십니다." +serverLogs: "서버 로그" +deleteAll: "말캉 뭉캐기" +showFixedPostForm: "타임라인 우에 글 작성 칸 박기" +showFixedPostFormInChannel: "채널 타임라인 우에 글 작성 칸 박기" +withRepliesByDefaultForNewlyFollowed: "팔로우 할 때 기본적으로 답걸도 타임라인에 나오게 하기" +newNoteRecived: "새 노트 있어예" +sounds: "소리" +sound: "소리" +listen: "듣기" +none: "없음" +showInPage: "바닥서 보기" +popout: "새 창 열기" +volume: "음량" +masterVolume: "대빵 음량" +notUseSound: "음소거하기" +useSoundOnlyWhenActive: "Misskey가 활성화되어 있을 때만 소리 내기" +details: "좀 더" +chooseEmoji: "이모지 선택" +unableToProcess: "작업 다 몬 했십니다" +recentUsed: "최근 쓴 놈" +install: "설치" +uninstall: "삭제" +installedApps: "설치된 애플리케이션" +nothing: "뭣도 없어예" +installedDate: "설치한 날" +lastUsedDate: "마지막 사용" +state: "상태" +sort: "정렬하기" +ascendingOrder: "작은 순" +descendingOrder: "큰 순" +scratchpad: "스크래치 패드" +scratchpadDescription: "스크래치 패드는 AiScript를 끼적거리는 창입니더. Misskey랑 갖다 이리저리 상호작용하는 코드를 서가 굴리멘은 그 결과도 바로 확인할 수 있십니다." +output: "출력" script: "스크립트" +disablePagesScript: "온갖 바닥서 AiScript를 쓰지 않음" +updateRemoteUser: "원겍 사용자 근황 알아오기" +unsetUserAvatar: "아바타 치우기" +unsetUserAvatarConfirm: "아바타 갖다 치울까예?" +unsetUserBanner: "배너 치우기" +unsetUserBannerConfirm: "배너 갖다 치울까예?" +deleteAllFiles: "파일 말캉 뭉캐기" +deleteAllFilesConfirm: "파일을 싸그리 다 뭉캐삐릴까예?" +removeAllFollowing: "팔로잉 말캉 무루기" +removeAllFollowingDescription: "{host} 서버랑 걸어놓은 모든 팔로잉을 무룹니다. 고 서버가 아예 없어지삐맀든가, 그런 경우에 하이소." +userSuspended: "요 게정은... 얼어 있십니다." +userSilenced: "요 게정은... 수ᇚ혀 있십니다." manage: "간리" emailServer: "전자우펜 서버" email: "전자우펜" @@ -581,4 +706,5 @@ _moderationLogTypes: suspend: "얼우기" deleteNote: "노트 뭉캐기" deleteUserAnnouncement: "사용자 공지 걸 뭉캐기" + resetPassword: "비밀번호 재설정" resolveAbuseReport: "신고 해겔하기" diff --git a/locales/ko-KR.yml b/locales/ko-KR.yml index 6cdcc2c246..63d0812e93 100644 --- a/locales/ko-KR.yml +++ b/locales/ko-KR.yml @@ -114,7 +114,7 @@ quote: "인용" inChannelRenote: "채널 내 리노트" inChannelQuote: "채널 내 인용" pinnedNote: "고정된 노트" -pinned: "프로필에 고정" +pinned: "고정하기" you: "나" clickToShow: "클릭하여 보기" sensitive: "열람 주의" @@ -1179,7 +1179,7 @@ code: "문자열" reloadRequiredToApplySettings: "설정을 적용하려면 새로고침을 해야 합니다." remainingN: "나머지: {n}" overwriteContentConfirm: "현재 내용을 덮어쓰기 합니다. 계속 진행하시겠습니까?" -seasonalScreenEffect: "철에 맞는 화면으로 꾸미기" +seasonalScreenEffect: "계절에 따른 효과 보이기" decorate: "장식하기" _announcement: forExistingUsers: "기존 유저에게만 알림" @@ -1641,6 +1641,7 @@ _emailUnavailable: disposable: "임시 이메일 주소는 사용할 수 없습니다" mx: "메일 서버가 올바르지 않습니다" smtp: "메일 서버가 응답하지 않습니다" + banned: "이 메일 주소는 사용할 수 없습니다" _ffVisibility: public: "공개" followers: "팔로워에게만 공개" diff --git a/locales/ru-RU.yml b/locales/ru-RU.yml index b8095d7256..25f409df92 100644 --- a/locales/ru-RU.yml +++ b/locales/ru-RU.yml @@ -120,6 +120,12 @@ sensitive: "Содержимое не для всех" add: "Добавить" reaction: "Реакции" reactions: "Реакции" +emojiPicker: "Палитра эмодзи" +pinnedEmojisForReactionSettingDescription: "Здесь можно закрепить эмодзи для реакций" +pinnedEmojisSettingDescription: "Здесь можно закрепить эмодзи в общей палитре" +emojiPickerDisplay: "Внешний вид палитры" +overwriteFromPinnedEmojisForReaction: "Заменить на эмодзи из списка реакций" +overwriteFromPinnedEmojis: "Заменить на эмодзи из общего списка закреплённых" reactionSettingDescription2: "Расставляйте перетаскиванием, удаляйте нажатием, добавляйте кнопкой «+»." rememberNoteVisibility: "Запоминать видимость заметок" attachCancel: "Удалить вложение" @@ -1053,6 +1059,8 @@ options: "Настройки ролей" specifyUser: "Указанный пользователь" failedToPreviewUrl: "Предварительный просмотр недоступен" update: "Обновить" +rolesThatCanBeUsedThisEmojiAsReaction: "Роли тех, кому можно использовать эти эмодзи как реакцию" +rolesThatCanBeUsedThisEmojiAsReactionEmptyDescription: "Если здесь ничего не указать, в качестве реакции эту эмодзи сможет использовать каждый." later: "Позже" goToMisskey: "К Misskey" additionalEmojiDictionary: "Дополнительные словари эмодзи" diff --git a/locales/zh-TW.yml b/locales/zh-TW.yml index 51ba42e66c..782f871b1e 100644 --- a/locales/zh-TW.yml +++ b/locales/zh-TW.yml @@ -632,11 +632,11 @@ tokenRequested: "允許存取帳戶" pluginTokenRequestedDescription: "此外掛將擁有在此設定的權限。" notificationType: "通知形式" edit: "編輯" -emailServer: "電郵伺服器" -enableEmail: "啟用發送電郵功能" -emailConfigInfo: "用於確認電郵地址及密碼重置" +emailServer: "電子郵件伺服器" +enableEmail: "啟用發送電子郵件功能" +emailConfigInfo: "用於確認電子郵件地址及密碼重置" email: "電子郵件" -emailAddress: "電郵地址" +emailAddress: "電子郵件位址" smtpConfig: "SMTP 伺服器設定" smtpHost: "主機" smtpPort: "埠" @@ -731,7 +731,7 @@ disableShowingAnimatedImages: "不播放動態圖檔" highlightSensitiveMedia: "強調敏感標記" verificationEmailSent: "已發送驗證電子郵件。請點擊進入電子郵件中的鏈接完成驗證。" notSet: "未設定" -emailVerified: "已成功驗證您的電郵" +emailVerified: "已成功驗證您的電子郵件地址" noteFavoritesCount: "我的最愛貼文的數目" pageLikesCount: "頁面被按讚次數" pageLikedCount: "頁面被按讚次數" @@ -783,7 +783,7 @@ capacity: "容量" inUse: "已使用" editCode: "編輯代碼" apply: "套用" -receiveAnnouncementFromInstance: "接收由本實例發出的電郵通知" +receiveAnnouncementFromInstance: "接收來自伺服器的通知" emailNotification: "郵件通知" publish: "發布" inChannelSearch: "頻道内搜尋" @@ -955,7 +955,7 @@ cannotUploadBecauseExceedsFileSizeLimit: "由於超過了檔案大小的限制 beta: "測試版" enableAutoSensitive: "自動 NSFW 判定" enableAutoSensitiveDescription: "如果可用,它將使用機器學習技術判斷檔案是否需要標記為敏感。即使關閉此功能,也可能會依實例規則而自動啟用。" -activeEmailValidationDescription: "積極驗證使用者的電郵地址,以判斷它是否可以通訊。關閉此選項代表只會檢查地址是否符合格式。" +activeEmailValidationDescription: "主動地驗證使用者的電子郵件地址,以確定是否是一次性地址以及是否可以真正與其進行通訊。關閉時,僅檢查格式是否正確。" navbar: "導覽列" shuffle: "隨機" account: "帳戶" @@ -1641,6 +1641,7 @@ _emailUnavailable: disposable: "不是永久可用的地址" mx: "郵件伺服器不正確" smtp: "郵件伺服器沒有應答" + banned: "無法使用此電子郵件地址註冊" _ffVisibility: public: "公開" followers: "只有關注您的使用者能看到" diff --git a/package.json b/package.json index d39b800a18..f245d62bcb 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "misskey", - "version": "2023.12.0", + "version": "2023.12.1", "codename": "nasubi", "repository": { "type": "git", diff --git a/packages/backend/migration/1702718871541-ffVisibility.js b/packages/backend/migration/1702718871541-ffVisibility.js index 24b1873134..e9e820c897 100644 --- a/packages/backend/migration/1702718871541-ffVisibility.js +++ b/packages/backend/migration/1702718871541-ffVisibility.js @@ -24,9 +24,11 @@ export class ffVisibility1702718871541 { async down(queryRunner) { await queryRunner.query(`CREATE TYPE "public"."user_profile_ffvisibility_enum" AS ENUM('public', 'followers', 'private')`); await queryRunner.query(`ALTER TABLE "user_profile" ADD "ffVisibility" "public"."user_profile_ffvisibility_enum" NOT NULL DEFAULT 'public'`); + await queryRunner.query(`CREATE CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum") WITH INOUT AS ASSIGNMENT`); - await queryRunner.query(`UPDATE "user_profile" SET ffVisibility = "user_profile"."followingVisibility"`); + await queryRunner.query(`UPDATE "user_profile" SET "ffVisibility" = "followingVisibility"`); await queryRunner.query(`DROP CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum")`); + await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followersVisibility"`); await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followingVisibility"`); await queryRunner.query(`DROP TYPE "public"."user_profile_followersVisibility_enum"`); diff --git a/packages/backend/package.json b/packages/backend/package.json index 6848d88e03..4d1e9936aa 100644 --- a/packages/backend/package.json +++ b/packages/backend/package.json @@ -68,7 +68,7 @@ "@discordapp/twemoji": "15.0.2", "@fastify/accepts": "4.3.0", "@fastify/cookie": "9.2.0", - "@fastify/cors": "8.4.2", + "@fastify/cors": "8.5.0", "@fastify/express": "2.3.0", "@fastify/http-proxy": "9.3.0", "@fastify/multipart": "8.0.0", diff --git a/packages/backend/src/core/EmailService.ts b/packages/backend/src/core/EmailService.ts index 3a61e353f1..7fc7800783 100644 --- a/packages/backend/src/core/EmailService.ts +++ b/packages/backend/src/core/EmailService.ts @@ -7,7 +7,6 @@ import { URLSearchParams } from 'node:url'; import * as nodemailer from 'nodemailer'; import { Inject, Injectable } from '@nestjs/common'; import { validate as validateEmail } from 'deep-email-validator'; -import { SubOutputFormat } from 'deep-email-validator/dist/output/output.js'; import { MetaService } from '@/core/MetaService.js'; import { UtilityService } from '@/core/UtilityService.js'; import { DI } from '@/di-symbols.js'; @@ -166,7 +165,10 @@ export class EmailService { email: emailAddress, }); - let validated; + let validated: { + valid: boolean, + reason?: string | null, + }; if (meta.enableActiveEmailValidation) { if (meta.enableVerifymailApi && meta.verifymailAuthKey != null) { diff --git a/packages/backend/src/core/HashtagService.ts b/packages/backend/src/core/HashtagService.ts index d378999907..5a2417c9cd 100644 --- a/packages/backend/src/core/HashtagService.ts +++ b/packages/backend/src/core/HashtagService.ts @@ -15,6 +15,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { bindThis } from '@/decorators.js'; import { FeaturedService } from '@/core/FeaturedService.js'; import { MetaService } from '@/core/MetaService.js'; +import { UtilityService } from '@/core/UtilityService.js'; @Injectable() export class HashtagService { @@ -29,6 +30,7 @@ export class HashtagService { private featuredService: FeaturedService, private idService: IdService, private metaService: MetaService, + private utilityService: UtilityService, ) { } @@ -161,6 +163,7 @@ export class HashtagService { const instance = await this.metaService.fetch(); const hiddenTags = instance.hiddenTags.map(t => normalizeForSearch(t)); if (hiddenTags.includes(hashtag)) return; + if (this.utilityService.isSensitiveWordIncluded(hashtag, instance.sensitiveWords)) return; // YYYYMMDDHHmm (10分間隔) const now = new Date(); diff --git a/packages/backend/src/core/NoteCreateService.ts b/packages/backend/src/core/NoteCreateService.ts index 2bdff872ad..ed8d51df16 100644 --- a/packages/backend/src/core/NoteCreateService.ts +++ b/packages/backend/src/core/NoteCreateService.ts @@ -253,7 +253,7 @@ export class NoteCreateService implements OnApplicationShutdown { if (data.visibility === 'public' && data.channel == null) { const sensitiveWords = meta.sensitiveWords; - if (this.isSensitive(data, sensitiveWords)) { + if (this.utilityService.isSensitiveWordIncluded(data.cw ?? data.text ?? '', sensitiveWords)) { data.visibility = 'home'; } else if ((await this.roleService.getUserPolicies(user.id)).canPublicNote === false) { data.visibility = 'home'; @@ -704,31 +704,6 @@ export class NoteCreateService implements OnApplicationShutdown { this.index(note); } - @bindThis - private isSensitive(note: Option, sensitiveWord: string[]): boolean { - if (sensitiveWord.length > 0) { - const text = note.cw ?? note.text ?? ''; - if (text === '') return false; - const matched = sensitiveWord.some(filter => { - // represents RegExp - const regexp = filter.match(/^\/(.+)\/(.*)$/); - // This should never happen due to input sanitisation. - if (!regexp) { - const words = filter.split(' '); - return words.every(keyword => text.includes(keyword)); - } - try { - return new RE2(regexp[1], regexp[2]).test(text); - } catch (err) { - // This should never happen due to input sanitisation. - return false; - } - }); - if (matched) return true; - } - return false; - } - @bindThis private isQuote(note: Option): note is Option & { renote: MiNote } { // sync with misc/is-quote.ts @@ -912,6 +887,7 @@ export class NoteCreateService implements OnApplicationShutdown { // ダイレクトのとき、そのリストが対象外のユーザーの場合 if ( note.visibility === 'specified' && + note.userId !== userListMembership.userListUserId && !note.visibleUserIds.some(v => v === userListMembership.userListUserId) ) continue; diff --git a/packages/backend/src/core/ReactionService.ts b/packages/backend/src/core/ReactionService.ts index 4233b8d4c3..3ca12551b1 100644 --- a/packages/backend/src/core/ReactionService.ts +++ b/packages/backend/src/core/ReactionService.ts @@ -138,7 +138,7 @@ export class ReactionService { reaction = reacterHost ? `:${name}@${reacterHost}:` : `:${name}:`; // センシティブ - if ((note.reactionAcceptance === 'nonSensitiveOnly') && emoji.isSensitive) { + if ((note.reactionAcceptance === 'nonSensitiveOnly' || note.reactionAcceptance === 'nonSensitiveOnlyForLocalLikeOnlyForRemote') && emoji.isSensitive) { reaction = FALLBACK; } } else { diff --git a/packages/backend/src/core/UtilityService.ts b/packages/backend/src/core/UtilityService.ts index b95e41167b..5dec36c89e 100644 --- a/packages/backend/src/core/UtilityService.ts +++ b/packages/backend/src/core/UtilityService.ts @@ -6,6 +6,7 @@ import { URL } from 'node:url'; import { toASCII } from 'punycode'; import { Inject, Injectable } from '@nestjs/common'; +import RE2 from 're2'; import { DI } from '@/di-symbols.js'; import type { Config } from '@/config.js'; import { bindThis } from '@/decorators.js'; @@ -41,6 +42,33 @@ export class UtilityService { return silencedHosts.some(x => `.${host.toLowerCase()}`.endsWith(`.${x}`)); } + @bindThis + public isSensitiveWordIncluded(text: string, sensitiveWords: string[]): boolean { + if (sensitiveWords.length === 0) return false; + if (text === '') return false; + + const regexpregexp = /^\/(.+)\/(.*)$/; + + const matched = sensitiveWords.some(filter => { + // represents RegExp + const regexp = filter.match(regexpregexp); + // This should never happen due to input sanitisation. + if (!regexp) { + const words = filter.split(' '); + return words.every(keyword => text.includes(keyword)); + } + try { + // TODO: RE2インスタンスをキャッシュ + return new RE2(regexp[1], regexp[2]).test(text); + } catch (err) { + // This should never happen due to input sanitisation. + return false; + } + }); + + return matched; + } + @bindThis public extractDbHost(uri: string): string { const url = new URL(uri); diff --git a/packages/backend/src/misc/api-permissions.ts b/packages/backend/src/misc/api-permissions.ts deleted file mode 100644 index 57c9308844..0000000000 --- a/packages/backend/src/misc/api-permissions.ts +++ /dev/null @@ -1,40 +0,0 @@ -/* - * SPDX-FileCopyrightText: syuilo and other misskey contributors - * SPDX-License-Identifier: AGPL-3.0-only - */ - -export const kinds = [ - 'read:account', - 'write:account', - 'read:blocks', - 'write:blocks', - 'read:drive', - 'write:drive', - 'read:favorites', - 'write:favorites', - 'read:following', - 'write:following', - 'read:messaging', - 'write:messaging', - 'read:mutes', - 'write:mutes', - 'write:notes', - 'read:notifications', - 'write:notifications', - 'read:reactions', - 'write:reactions', - 'write:votes', - 'read:pages', - 'write:pages', - 'write:page-likes', - 'read:page-likes', - 'read:user-groups', - 'write:user-groups', - 'read:channels', - 'write:channels', - 'read:gallery', - 'write:gallery', - 'read:gallery-likes', - 'write:gallery-likes', -]; -// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions). diff --git a/packages/backend/src/server/ServerService.ts b/packages/backend/src/server/ServerService.ts index bb41ab0e42..632a7692cd 100644 --- a/packages/backend/src/server/ServerService.ts +++ b/packages/backend/src/server/ServerService.ts @@ -107,7 +107,8 @@ export class ServerService implements OnApplicationShutdown { fastify.register(this.activityPubServerService.createServer); fastify.register(this.nodeinfoServerService.createServer); fastify.register(this.wellKnownServerService.createServer); - fastify.register(this.oauth2ProviderService.createServer); + fastify.register(this.oauth2ProviderService.createServer, { prefix: '/oauth' }); + fastify.register(this.oauth2ProviderService.createTokenServer, { prefix: '/oauth/token' }); fastify.get<{ Params: { path: string }; Querystring: { static?: any; badge?: any; }; }>('/emoji/:path(.*)', async (request, reply) => { const path = request.params.path; diff --git a/packages/backend/src/server/WellKnownServerService.ts b/packages/backend/src/server/WellKnownServerService.ts index 8fc3c96de6..c3eaf53a14 100644 --- a/packages/backend/src/server/WellKnownServerService.ts +++ b/packages/backend/src/server/WellKnownServerService.ts @@ -16,6 +16,7 @@ import * as Acct from '@/misc/acct.js'; import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { bindThis } from '@/decorators.js'; import { NodeinfoServerService } from './NodeinfoServerService.js'; +import { OAuth2ProviderService } from './oauth/OAuth2ProviderService.js'; import type { FindOptionsWhere } from 'typeorm'; import type { FastifyInstance, FastifyPluginOptions } from 'fastify'; @@ -30,6 +31,7 @@ export class WellKnownServerService { private nodeinfoServerService: NodeinfoServerService, private userEntityService: UserEntityService, + private oauth2ProviderService: OAuth2ProviderService, ) { //this.createServer = this.createServer.bind(this); } @@ -87,6 +89,10 @@ export class WellKnownServerService { return { links: this.nodeinfoServerService.getLinks() }; }); + fastify.get('/.well-known/oauth-authorization-server', async () => { + return this.oauth2ProviderService.generateRFC8414(); + }); + /* TODO fastify.get('/.well-known/change-password', async (request, reply) => { }); diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts index 66f171a5d8..56f804dee8 100644 --- a/packages/backend/src/server/api/ApiCallService.ts +++ b/packages/backend/src/server/api/ApiCallService.ts @@ -330,7 +330,8 @@ export class ApiCallService implements OnApplicationShutdown { } } - if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) { + if (token && ((ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) + || (!ep.meta.kind && (ep.meta.requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin)))) { throw new ApiError({ message: 'Your app does not have the necessary permissions to use this endpoint.', code: 'PERMISSION_DENIED', diff --git a/packages/backend/src/server/api/StreamingApiServerService.ts b/packages/backend/src/server/api/StreamingApiServerService.ts index dc3a00617c..3b387d92ca 100644 --- a/packages/backend/src/server/api/StreamingApiServerService.ts +++ b/packages/backend/src/server/api/StreamingApiServerService.ts @@ -71,6 +71,10 @@ export class StreamingApiServerService { try { [user, app] = await this.authenticateService.authenticate(token); + + if (app !== null && !app.permission.some(p => p === 'read:account')) { + throw new AuthenticationError('Your app does not have necessary permissions to use websocket API.'); + } } catch (e) { if (e instanceof AuthenticationError) { socket.write([ diff --git a/packages/backend/src/server/api/endpoints.ts b/packages/backend/src/server/api/endpoints.ts index e458d720ab..41232091c6 100644 --- a/packages/backend/src/server/api/endpoints.ts +++ b/packages/backend/src/server/api/endpoints.ts @@ -4,6 +4,7 @@ */ import type { Schema } from '@/misc/json-schema.js'; +import { permissions } from 'misskey-js'; import { RolePolicies } from '@/core/RoleService.js'; import * as ep___admin_meta from './endpoints/admin/meta.js'; @@ -724,7 +725,7 @@ const eps = [ ['retention', ep___retention], ]; -export interface IEndpointMeta { +interface IEndpointMetaBase { readonly stability?: 'deprecated' | 'experimental' | 'stable'; readonly tags?: ReadonlyArray; @@ -823,6 +824,23 @@ export interface IEndpointMeta { readonly cacheSec?: number; } +export type IEndpointMeta = (Omit & { + requireCredential?: false, + requireAdmin?: false, + requireModerator?: false, +}) | (Omit & { + secure: true, +}) | (Omit & { + requireCredential: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireModerator: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireAdmin: true, + kind: (typeof permissions)[number], +}) + export interface IEndpoint { name: string; meta: IEndpointMeta; diff --git a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts index 484118cd46..3484d6707a 100644 --- a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts +++ b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts @@ -13,10 +13,9 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:abuse-user-reports', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts index 07f24d2995..f54d567fff 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts @@ -15,8 +15,6 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - res: { type: 'object', optional: false, nullable: false, @@ -48,12 +46,12 @@ export default class extends Endpoint { // eslint- private userEntityService: UserEntityService, private signupService: SignupService, ) { - super(meta, paramDef, async (ps, _me) => { + super(meta, paramDef, async (ps, _me, token) => { const me = _me ? await this.usersRepository.findOneByOrFail({ id: _me.id }) : null; const noUsers = (await this.usersRepository.countBy({ host: IsNull(), })) === 0; - if (!noUsers && !me?.isRoot) throw new Error('access denied'); + if ((!noUsers && !me?.isRoot) || token !== null) throw new Error('access denied'); const { account, secret } = await this.signupService.signup({ username: ps.username, diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts index 86f4b0709b..52d8c8ce18 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts @@ -14,10 +14,9 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts index bc292fd53a..93673453d6 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts @@ -13,10 +13,9 @@ import { ApiError } from '@/server/api/error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:account', errors: { userNotFound: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/create.ts b/packages/backend/src/server/api/endpoints/admin/ad/create.ts index 087ae4befc..041b10f9f7 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/create.ts @@ -13,10 +13,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', res: { type: 'object', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts index ba655a6aa3..5b18b347d3 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/list.ts b/packages/backend/src/server/api/endpoints/admin/ad/list.ts index 12528917dc..586c1f44db 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:ad', res: { type: 'array', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/update.ts b/packages/backend/src/server/api/endpoints/admin/ad/update.ts index b83c163004..bf96e44b0c 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts index fb432336e4..c9df70c76b 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts @@ -10,10 +10,9 @@ import { AnnouncementService } from '@/core/AnnouncementService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts index e84e63c666..939333345e 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts index e98ef0b169..429b138599 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts @@ -14,10 +14,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:announcements', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts index e2ec344899..db6db8356d 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts index 158435ed21..4ac74253cc 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts @@ -10,10 +10,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts index 06083cc180..88977f801a 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts index 49a8718bce..33122c3eef 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts @@ -15,10 +15,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'read:admin:avatar-decorations', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts index 3d8f3d63de..6211345f96 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-account.ts b/packages/backend/src/server/api/endpoints/admin/delete-account.ts index adc446d14b..2c82c2879d 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-account.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-account.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-account', res: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts index 1fdbbfb12e..7d33065f2e 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-all-files-of-a-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts index 3f23319a5f..af2bb6b1ca 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts @@ -10,10 +10,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts index fd8fa46a47..a3b221284b 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/files.ts b/packages/backend/src/server/api/endpoints/admin/drive/files.ts index 816bbfbc45..37fa439bcf 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/files.ts @@ -13,10 +13,9 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts index 61cb843558..3aeb3e45e3 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts index 5333adb624..1cd8125c52 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts index 76ff1c6b94..4a9418d051 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts index 87260faa43..476780b23f 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts index c483794a40..450695984a 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts index e15af7717b..e1e6e7c2c4 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts index b75616f3cc..208616c0ac 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts @@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; export const meta = { - kind: 'write:admin', + secure: true, requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts index a383e09338..f3e0c1ef1f 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts @@ -15,10 +15,9 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts index 210b3639c3..59e87253f6 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts @@ -15,10 +15,9 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts index 8e92db1daf..26dd43e926 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts index 5a06b5b32f..18961976f9 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts index b3e9c6df13..c680f2e2d4 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts index c59d13ad16..47c692b613 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts index 61d857b7b0..550bb0052b 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts index b81297413c..57612850b4 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts index 6cc4e3087f..0d061c685f 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts index 18884dfca6..c15fb83454 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts @@ -12,10 +12,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts index 4232d42ba5..f429949e16 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts @@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts index b81d9857d7..0b50212119 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:index-stats', tags: ['admin'], res: { diff --git a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts index c104f653ef..0d44b288cb 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:table-stats', tags: ['admin'], diff --git a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts index 76c32f2a9f..1b437f718b 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts @@ -12,10 +12,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:user-ips', res: { type: 'array', optional: false, @@ -34,7 +33,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/create.ts b/packages/backend/src/server/api/endpoints/admin/invite/create.ts index 96de772edc..396b84623f 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/create.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:invite-codes', errors: { invalidDateTime: { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/list.ts b/packages/backend/src/server/api/endpoints/admin/invite/list.ts index 3b7dc72e11..d293dcadc6 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts index 6f8494d1d0..febc4ab1b1 100644 --- a/packages/backend/src/server/api/endpoints/admin/meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/meta.ts @@ -13,10 +13,9 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js'; export const meta = { tags: ['meta'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:meta', res: { type: 'object', @@ -381,6 +380,10 @@ export const meta = { type: 'string', optional: false, nullable: true, }, + shortName: { + type: 'string', + optional: false, nullable: true, + }, objectStorageS3ForcePathStyle: { type: 'boolean', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/admin/promo/create.ts b/packages/backend/src/server/api/endpoints/admin/promo/create.ts index e2befec50f..ab69dfba96 100644 --- a/packages/backend/src/server/api/endpoints/admin/promo/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/promo/create.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:promo', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts index 1d565e8f24..9912043c8b 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts index 30005fc666..8473909103 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts @@ -11,10 +11,9 @@ import type { DeliverQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts index aa8b6edee5..19f7cb85c0 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts @@ -11,10 +11,9 @@ import type { InboxQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts index 8f46cd6375..d06780e044 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts index 1d92e2bf86..189690b703 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts @@ -10,10 +10,9 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:emoji', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/add.ts b/packages/backend/src/server/api/endpoints/admin/relays/add.ts index 53b83560cf..d55dff7b0c 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/add.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', errors: { invalidUrl: { diff --git a/packages/backend/src/server/api/endpoints/admin/relays/list.ts b/packages/backend/src/server/api/endpoints/admin/relays/list.ts index 35c8e05487..61ea287bff 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/list.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:relays', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts index fdc53cb708..8a6dd4e152 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/reset-password.ts b/packages/backend/src/server/api/endpoints/admin/reset-password.ts index 73bbd1f091..1a402b4a4a 100644 --- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts +++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts @@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:reset-password', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts index fb26c82a9d..26c4038b98 100644 --- a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts +++ b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts @@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:resolve-abuse-user-report', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts index bbd4cfabbe..8eb3d2bf59 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/create.ts b/packages/backend/src/server/api/endpoints/admin/roles/create.ts index ac6085d921..de23d2fb11 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/create.ts @@ -11,10 +11,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts index f60d6754a5..9e2968e317 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/list.ts b/packages/backend/src/server/api/endpoints/admin/roles/list.ts index 30917ce984..d3d1a10a69 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/list.ts @@ -12,10 +12,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/show.ts b/packages/backend/src/server/api/endpoints/admin/roles/show.ts index 91e32d95be..ad4345e5a5 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/show.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/show.ts @@ -13,10 +13,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts index 701fea1ed5..c11265252c 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts index 066fc73234..203f749a6e 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts @@ -11,10 +11,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update.ts b/packages/backend/src/server/api/endpoints/admin/roles/update.ts index 6cfcd8ca4a..74d5aae5d8 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update.ts @@ -14,10 +14,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/users.ts b/packages/backend/src/server/api/endpoints/admin/roles/users.ts index 6a0f7f9987..66f4d9d26b 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/users.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/users.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin', 'role', 'users'], - kind: 'read:admin', - requireCredential: false, requireAdmin: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/send-email.ts b/packages/backend/src/server/api/endpoints/admin/send-email.ts index d22066909e..d20aee656c 100644 --- a/packages/backend/src/server/api/endpoints/admin/send-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/send-email.ts @@ -10,10 +10,9 @@ import { EmailService } from '@/core/EmailService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:send-email', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/server-info.ts b/packages/backend/src/server/api/endpoints/admin/server-info.ts index d3c3bebff6..374712f57d 100644 --- a/packages/backend/src/server/api/endpoints/admin/server-info.ts +++ b/packages/backend/src/server/api/endpoints/admin/server-info.ts @@ -14,11 +14,10 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireModerator: true, + kind: 'read:admin:server-info', tags: ['admin', 'meta'], - kind: 'read:admin', - res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts index c82532ed67..f3601be9bb 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts @@ -15,8 +15,7 @@ export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:show-moderation-log', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts index f1e7b75a32..2b50354cef 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-user', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/show-users.ts b/packages/backend/src/server/api/endpoints/admin/show-users.ts index 5081383687..1d31e5e80f 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-users.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-users.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-users', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts index 35c3f37481..a26fa81c13 100644 --- a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts @@ -19,10 +19,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:suspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts index 2309493937..8b22fad1d4 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-avatar', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts index 468c634e5b..5ec359c0ef 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-banner', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts index 8cdd317eae..9c896f0e64 100644 --- a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unsuspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index 5f9de0523e..5a215696fb 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -12,10 +12,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:meta', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts index dd0b777373..e582147e72 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:user-note', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/ap/get.ts b/packages/backend/src/server/api/endpoints/ap/get.ts index a4a7fd2037..e0ef5d413a 100644 --- a/packages/backend/src/server/api/endpoints/ap/get.ts +++ b/packages/backend/src/server/api/endpoints/ap/get.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:federation', limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts index f442fbdd2f..7e5c7a917c 100644 --- a/packages/backend/src/server/api/endpoints/ap/show.ts +++ b/packages/backend/src/server/api/endpoints/ap/show.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:account', limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/federation/stats.ts b/packages/backend/src/server/api/endpoints/federation/stats.ts index 6548142d41..262aa68776 100644 --- a/packages/backend/src/server/api/endpoints/federation/stats.ts +++ b/packages/backend/src/server/api/endpoints/federation/stats.ts @@ -29,37 +29,10 @@ export const meta = { optional: false, nullable: false, items: { - properties: { - id: { type: 'string' }, - firstRetrievedAt: { type: 'string' }, - host: { type: 'string' }, - usersCount: { type: 'number' }, - notesCount: { type: 'number' }, - followingCount: { type: 'number' }, - followersCount: { type: 'number' }, - isNotResponding: { type: 'boolean' }, - isSuspended: { type: 'boolean' }, - isBlocked: { type: 'boolean' }, - softwareName: { type: 'string' }, - softwareVersion: { type: 'string' }, - openRegistrations: { type: 'boolean' }, - name: { type: 'string' }, - description: { type: 'string' }, - maintainerName: { type: 'string' }, - maintainerEmail: { type: 'string' }, - isSilenced: { type: 'boolean' }, - iconUrl: { type: 'string' }, - faviconUrl: { type: 'string' }, - themeColor: { type: 'string' }, - infoUpdatedAt: { - type: 'string', - nullable: true, - }, - latestRequestReceivedAt: { - type: 'string', - nullable: true, - }, - } + type: 'object', + optional: false, + nullable: false, + ref: 'FederationInstance', }, }, otherFollowersCount: { type: 'number' }, @@ -68,42 +41,15 @@ export const meta = { optional: false, nullable: false, items: { - properties: { - id: { type: 'string' }, - firstRetrievedAt: { type: 'string' }, - host: { type: 'string' }, - usersCount: { type: 'number' }, - notesCount: { type: 'number' }, - followingCount: { type: 'number' }, - followersCount: { type: 'number' }, - isNotResponding: { type: 'boolean' }, - isSuspended: { type: 'boolean' }, - isBlocked: { type: 'boolean' }, - softwareName: { type: 'string' }, - softwareVersion: { type: 'string' }, - openRegistrations: { type: 'boolean' }, - name: { type: 'string' }, - description: { type: 'string' }, - maintainerName: { type: 'string' }, - maintainerEmail: { type: 'string' }, - isSilenced: { type: 'boolean' }, - iconUrl: { type: 'string' }, - faviconUrl: { type: 'string' }, - themeColor: { type: 'string' }, - infoUpdatedAt: { - type: 'string', - nullable: true, - }, - latestRequestReceivedAt: { - type: 'string', - nullable: true, - }, - } + type: 'object', + optional: false, + nullable: false, + ref: 'FederationInstance', }, }, otherFollowingCount: { type: 'number' }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts index c0aa882088..e6198ff601 100644 --- a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts +++ b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts @@ -11,7 +11,7 @@ import { GetterService } from '@/server/api/GetterService.js'; export const meta = { tags: ['federation'], - requireCredential: true, + requireCredential: false, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts index 6391a2f580..cbe579eb6b 100644 --- a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts +++ b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['meta'], requireCredential: true, + secure: true, limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/i.ts b/packages/backend/src/server/api/endpoints/i.ts index c0530bf392..c24e049180 100644 --- a/packages/backend/src/server/api/endpoints/i.ts +++ b/packages/backend/src/server/api/endpoints/i.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + kind: "read:account", res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts index b24b3438dc..57f680bd7e 100644 --- a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts +++ b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts @@ -10,6 +10,7 @@ import { AchievementService, ACHIEVEMENT_TYPES } from '@/core/AchievementService export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts index bd6e85a074..79a81cb73f 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts index 2352beb130..d9b26cab2c 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get.ts b/packages/backend/src/server/api/endpoints/i/registry/get.ts index 4155a43e0d..c373410256 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts index b411cdd3d9..a91dcd9543 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys.ts b/packages/backend/src/server/api/endpoints/i/registry/keys.ts index 04e120d752..ad203d5203 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/remove.ts b/packages/backend/src/server/api/endpoints/i/registry/remove.ts index ba8100b547..9cbe271b91 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/remove.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/remove.ts @@ -12,6 +12,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/set.ts b/packages/backend/src/server/api/endpoints/i/registry/set.ts index 58bb450bce..c61d5b8727 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/set.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/set.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/invite/create.ts b/packages/backend/src/server/api/endpoints/invite/create.ts index d82fa50e4f..4f37f2f4bb 100644 --- a/packages/backend/src/server/api/endpoints/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/invite/create.ts @@ -19,6 +19,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { exceededCreateLimit: { diff --git a/packages/backend/src/server/api/endpoints/invite/delete.ts b/packages/backend/src/server/api/endpoints/invite/delete.ts index 3b57775739..d84430a49f 100644 --- a/packages/backend/src/server/api/endpoints/invite/delete.ts +++ b/packages/backend/src/server/api/endpoints/invite/delete.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { noSuchCode: { diff --git a/packages/backend/src/server/api/endpoints/invite/limit.ts b/packages/backend/src/server/api/endpoints/invite/limit.ts index 1f4190c948..fc3bb9bdc2 100644 --- a/packages/backend/src/server/api/endpoints/invite/limit.ts +++ b/packages/backend/src/server/api/endpoints/invite/limit.ts @@ -16,6 +16,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/invite/list.ts b/packages/backend/src/server/api/endpoints/invite/list.ts index 2107516ce4..6734f27e14 100644 --- a/packages/backend/src/server/api/endpoints/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/invite/list.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/meta.ts b/packages/backend/src/server/api/endpoints/meta.ts index 9dd4553152..f7c2962bc2 100644 --- a/packages/backend/src/server/api/endpoints/meta.ts +++ b/packages/backend/src/server/api/endpoints/meta.ts @@ -164,20 +164,34 @@ export const meta = { type: 'object', optional: false, nullable: false, properties: { - place: { + id: { type: 'string', optional: false, nullable: false, + format: 'id', + example: 'xxxxxxxxxx', }, url: { type: 'string', optional: false, nullable: false, format: 'url', }, + place: { + type: 'string', + optional: false, nullable: false, + }, + ratio: { + type: 'number', + optional: false, nullable: false, + }, imageUrl: { type: 'string', optional: false, nullable: false, format: 'url', }, + dayOfWeek: { + type: 'integer', + optional: false, nullable: false, + }, }, }, }, diff --git a/packages/backend/src/server/api/endpoints/my/apps.ts b/packages/backend/src/server/api/endpoints/my/apps.ts index 98c317346f..1b70b85b07 100644 --- a/packages/backend/src/server/api/endpoints/my/apps.ts +++ b/packages/backend/src/server/api/endpoints/my/apps.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account', 'app'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts index effcbaf2ee..01adfec7d3 100644 --- a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/mentions.ts b/packages/backend/src/server/api/endpoints/notes/mentions.ts index 6fab024d17..2317f8f7b2 100644 --- a/packages/backend/src/server/api/endpoints/notes/mentions.ts +++ b/packages/backend/src/server/api/endpoints/notes/mentions.ts @@ -16,6 +16,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts index af7ff8bdcd..90af29a695 100644 --- a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts +++ b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/state.ts b/packages/backend/src/server/api/endpoints/notes/state.ts index b5fd47723c..20faea566d 100644 --- a/packages/backend/src/server/api/endpoints/notes/state.ts +++ b/packages/backend/src/server/api/endpoints/notes/state.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/notes/timeline.ts b/packages/backend/src/server/api/endpoints/notes/timeline.ts index 790bcbe151..e90d6ec198 100644 --- a/packages/backend/src/server/api/endpoints/notes/timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/translate.ts b/packages/backend/src/server/api/endpoints/notes/translate.ts index a1561c944c..698c37b616 100644 --- a/packages/backend/src/server/api/endpoints/notes/translate.ts +++ b/packages/backend/src/server/api/endpoints/notes/translate.ts @@ -17,10 +17,15 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', optional: false, nullable: false, + properties: { + sourceLang: { type: 'string' }, + text: { type: 'string' }, + }, }, errors: { diff --git a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts index 10d3a7a697..71c2b8054e 100644 --- a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes', 'lists'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/promo/read.ts b/packages/backend/src/server/api/endpoints/promo/read.ts index 7d07c92178..f427939a7a 100644 --- a/packages/backend/src/server/api/endpoints/promo/read.ts +++ b/packages/backend/src/server/api/endpoints/promo/read.ts @@ -15,6 +15,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'write:account', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/roles/list.ts b/packages/backend/src/server/api/endpoints/roles/list.ts index dc2be8e11d..d40e937d4e 100644 --- a/packages/backend/src/server/api/endpoints/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/roles/list.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['role'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/roles/notes.ts b/packages/backend/src/server/api/endpoints/roles/notes.ts index 7010df22c9..4ce3fc8908 100644 --- a/packages/backend/src/server/api/endpoints/roles/notes.ts +++ b/packages/backend/src/server/api/endpoints/roles/notes.ts @@ -18,6 +18,7 @@ export const meta = { tags: ['role', 'notes'], requireCredential: true, + kind: 'read:account', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/sw/register.ts b/packages/backend/src/server/api/endpoints/sw/register.ts index 9ab062326d..bb50048d94 100644 --- a/packages/backend/src/server/api/endpoints/sw/register.ts +++ b/packages/backend/src/server/api/endpoints/sw/register.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Register to receive push notifications.', diff --git a/packages/backend/src/server/api/endpoints/sw/show-registration.ts b/packages/backend/src/server/api/endpoints/sw/show-registration.ts index 126299e3f7..15d3df8587 100644 --- a/packages/backend/src/server/api/endpoints/sw/show-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/show-registration.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Check push notification registration exists.', diff --git a/packages/backend/src/server/api/endpoints/sw/update-registration.ts b/packages/backend/src/server/api/endpoints/sw/update-registration.ts index a1a97df0be..7bf59784a2 100644 --- a/packages/backend/src/server/api/endpoints/sw/update-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/update-registration.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Update push notification registration.', diff --git a/packages/backend/src/server/api/endpoints/users/achievements.ts b/packages/backend/src/server/api/endpoints/users/achievements.ts index d6ad718dfa..3a584a819a 100644 --- a/packages/backend/src/server/api/endpoints/users/achievements.ts +++ b/packages/backend/src/server/api/endpoints/users/achievements.ts @@ -9,7 +9,7 @@ import type { UserProfilesRepository } from '@/models/_.js'; import { DI } from '@/di-symbols.js'; export const meta = { - requireCredential: true, + requireCredential: false, res: { type: 'array', @@ -24,7 +24,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts index 4eb37c3e43..fa2e3338b8 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts @@ -18,6 +18,7 @@ import { UserListService } from '@/core/UserListService.js'; export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts index 2ecf0a1256..864cdc2ee0 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts @@ -12,6 +12,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts index 23611ab8c4..d51d57343e 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts @@ -11,6 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/relation.ts b/packages/backend/src/server/api/endpoints/users/relation.ts index 326042ed3d..26b61c9fb2 100644 --- a/packages/backend/src/server/api/endpoints/users/relation.ts +++ b/packages/backend/src/server/api/endpoints/users/relation.ts @@ -11,6 +11,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'read:account', description: 'Show the different kinds of relations between the authenticated user and the specified user(s).', diff --git a/packages/backend/src/server/api/endpoints/users/report-abuse.ts b/packages/backend/src/server/api/endpoints/users/report-abuse.ts index 3bcf44cc42..508497ccfb 100644 --- a/packages/backend/src/server/api/endpoints/users/report-abuse.ts +++ b/packages/backend/src/server/api/endpoints/users/report-abuse.ts @@ -20,6 +20,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'write:report-abuse', description: 'File a report.', diff --git a/packages/backend/src/server/api/stream/ChannelsService.ts b/packages/backend/src/server/api/stream/ChannelsService.ts index 8fd106c10c..3bc5380132 100644 --- a/packages/backend/src/server/api/stream/ChannelsService.ts +++ b/packages/backend/src/server/api/stream/ChannelsService.ts @@ -19,6 +19,7 @@ import { AntennaChannelService } from './channels/antenna.js'; import { DriveChannelService } from './channels/drive.js'; import { HashtagChannelService } from './channels/hashtag.js'; import { RoleTimelineChannelService } from './channels/role-timeline.js'; +import { type MiChannelService } from './channel.js'; @Injectable() export class ChannelsService { @@ -41,7 +42,7 @@ export class ChannelsService { } @bindThis - public getChannelService(name: string) { + public getChannelService(name: string): MiChannelService { switch (name) { case 'main': return this.mainChannelService; case 'homeTimeline': return this.homeTimelineChannelService; diff --git a/packages/backend/src/server/api/stream/Connection.ts b/packages/backend/src/server/api/stream/Connection.ts index 4180ccc56a..a89fbcc5e5 100644 --- a/packages/backend/src/server/api/stream/Connection.ts +++ b/packages/backend/src/server/api/stream/Connection.ts @@ -248,6 +248,11 @@ export default class Connection { return; } + if (this.token && ((channelService.kind && !this.token.permission.some(p => p === channelService.kind)) + || (!channelService.kind && channelService.requireCredential))) { + return; + } + // 共有可能チャンネルに接続しようとしていて、かつそのチャンネルに既に接続していたら無意味なので無視 if (channelService.shouldShare && this.channels.some(c => c.chName === channel)) { return; diff --git a/packages/backend/src/server/api/stream/channel.ts b/packages/backend/src/server/api/stream/channel.ts index 46b0709773..80df3803eb 100644 --- a/packages/backend/src/server/api/stream/channel.ts +++ b/packages/backend/src/server/api/stream/channel.ts @@ -16,6 +16,7 @@ export default abstract class Channel { public abstract readonly chName: string; public static readonly shouldShare: boolean; public static readonly requireCredential: boolean; + public static readonly kind?: string | null; protected get user() { return this.connection.user; @@ -76,3 +77,10 @@ export default abstract class Channel { public onMessage?(type: string, body: any): void; } + +export type MiChannelService = { + shouldShare: boolean; + requireCredential: T; + kind: T extends true ? string : string | null | undefined; + create: (id: string, connection: Connection) => Channel; +} diff --git a/packages/backend/src/server/api/stream/channels/admin.ts b/packages/backend/src/server/api/stream/channels/admin.ts index bfb36d9cb8..b8f369ce84 100644 --- a/packages/backend/src/server/api/stream/channels/admin.ts +++ b/packages/backend/src/server/api/stream/channels/admin.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AdminChannel extends Channel { public readonly chName = 'admin'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:admin:stream'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class AdminChannel extends Channel { } @Injectable() -export class AdminChannelService { +export class AdminChannelService implements MiChannelService { public readonly shouldShare = AdminChannel.shouldShare; public readonly requireCredential = AdminChannel.requireCredential; + public readonly kind = AdminChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/antenna.ts b/packages/backend/src/server/api/stream/channels/antenna.ts index a48e6ba5c6..200db8eb0e 100644 --- a/packages/backend/src/server/api/stream/channels/antenna.ts +++ b/packages/backend/src/server/api/stream/channels/antenna.ts @@ -8,12 +8,13 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AntennaChannel extends Channel { public readonly chName = 'antenna'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = true as const; + public static kind = 'read:account'; private antennaId: string; constructor( @@ -62,9 +63,10 @@ class AntennaChannel extends Channel { } @Injectable() -export class AntennaChannelService { +export class AntennaChannelService implements MiChannelService { public readonly shouldShare = AntennaChannel.shouldShare; public readonly requireCredential = AntennaChannel.requireCredential; + public readonly kind = AntennaChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/channel.ts b/packages/backend/src/server/api/stream/channels/channel.ts index 57034231a3..20275249b8 100644 --- a/packages/backend/src/server/api/stream/channels/channel.ts +++ b/packages/backend/src/server/api/stream/channels/channel.ts @@ -8,12 +8,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class ChannelChannel extends Channel { public readonly chName = 'channel'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private channelId: string; constructor( @@ -65,9 +65,10 @@ class ChannelChannel extends Channel { } @Injectable() -export class ChannelChannelService { +export class ChannelChannelService implements MiChannelService { public readonly shouldShare = ChannelChannel.shouldShare; public readonly requireCredential = ChannelChannel.requireCredential; + public readonly kind = ChannelChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/drive.ts b/packages/backend/src/server/api/stream/channels/drive.ts index 83f53c1836..4bf34a72c9 100644 --- a/packages/backend/src/server/api/stream/channels/drive.ts +++ b/packages/backend/src/server/api/stream/channels/drive.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class DriveChannel extends Channel { public readonly chName = 'drive'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class DriveChannel extends Channel { } @Injectable() -export class DriveChannelService { +export class DriveChannelService implements MiChannelService { public readonly shouldShare = DriveChannel.shouldShare; public readonly requireCredential = DriveChannel.requireCredential; + public readonly kind = DriveChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/global-timeline.ts b/packages/backend/src/server/api/stream/channels/global-timeline.ts index 553c44071f..8df13da8a9 100644 --- a/packages/backend/src/server/api/stream/channels/global-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/global-timeline.ts @@ -12,12 +12,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class GlobalTimelineChannel extends Channel { public readonly chName = 'globalTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withFiles: boolean; @@ -91,9 +91,10 @@ class GlobalTimelineChannel extends Channel { } @Injectable() -export class GlobalTimelineChannelService { +export class GlobalTimelineChannelService implements MiChannelService { public readonly shouldShare = GlobalTimelineChannel.shouldShare; public readonly requireCredential = GlobalTimelineChannel.requireCredential; + public readonly kind = GlobalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/hashtag.ts b/packages/backend/src/server/api/stream/channels/hashtag.ts index f30b29cfd6..3d4f2fc528 100644 --- a/packages/backend/src/server/api/stream/channels/hashtag.ts +++ b/packages/backend/src/server/api/stream/channels/hashtag.ts @@ -9,12 +9,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HashtagChannel extends Channel { public readonly chName = 'hashtag'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private q: string[][]; constructor( @@ -70,9 +70,10 @@ class HashtagChannel extends Channel { } @Injectable() -export class HashtagChannelService { +export class HashtagChannelService implements MiChannelService { public readonly shouldShare = HashtagChannel.shouldShare; public readonly requireCredential = HashtagChannel.requireCredential; + public readonly kind = HashtagChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/home-timeline.ts b/packages/backend/src/server/api/stream/channels/home-timeline.ts index 80054d0881..6c9f52ba70 100644 --- a/packages/backend/src/server/api/stream/channels/home-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/home-timeline.ts @@ -10,12 +10,13 @@ import { isInstanceMuted } from '@/misc/is-instance-muted.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HomeTimelineChannel extends Channel { public readonly chName = 'homeTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withFiles: boolean; @@ -99,9 +100,10 @@ class HomeTimelineChannel extends Channel { } @Injectable() -export class HomeTimelineChannelService { +export class HomeTimelineChannelService implements MiChannelService { public readonly shouldShare = HomeTimelineChannel.shouldShare; public readonly requireCredential = HomeTimelineChannel.requireCredential; + public readonly kind = HomeTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts index 78645982bf..957d8b6d41 100644 --- a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts @@ -12,12 +12,13 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HybridTimelineChannel extends Channel { public readonly chName = 'hybridTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withReplies: boolean; private withFiles: boolean; @@ -114,9 +115,10 @@ class HybridTimelineChannel extends Channel { } @Injectable() -export class HybridTimelineChannelService { +export class HybridTimelineChannelService implements MiChannelService { public readonly shouldShare = HybridTimelineChannel.shouldShare; public readonly requireCredential = HybridTimelineChannel.requireCredential; + public readonly kind = HybridTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/local-timeline.ts b/packages/backend/src/server/api/stream/channels/local-timeline.ts index 1388f186ff..888d268d56 100644 --- a/packages/backend/src/server/api/stream/channels/local-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/local-timeline.ts @@ -11,12 +11,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class LocalTimelineChannel extends Channel { public readonly chName = 'localTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withReplies: boolean; private withFiles: boolean; @@ -90,9 +90,10 @@ class LocalTimelineChannel extends Channel { } @Injectable() -export class LocalTimelineChannelService { +export class LocalTimelineChannelService implements MiChannelService { public readonly shouldShare = LocalTimelineChannel.shouldShare; public readonly requireCredential = LocalTimelineChannel.requireCredential; + public readonly kind = LocalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/main.ts b/packages/backend/src/server/api/stream/channels/main.ts index f969d02337..ab605e3ec5 100644 --- a/packages/backend/src/server/api/stream/channels/main.ts +++ b/packages/backend/src/server/api/stream/channels/main.ts @@ -7,12 +7,13 @@ import { Injectable } from '@nestjs/common'; import { isInstanceMuted, isUserFromMutedInstance } from '@/misc/is-instance-muted.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class MainChannel extends Channel { public readonly chName = 'main'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; constructor( private noteEntityService: NoteEntityService, @@ -63,9 +64,10 @@ class MainChannel extends Channel { } @Injectable() -export class MainChannelService { +export class MainChannelService implements MiChannelService { public readonly shouldShare = MainChannel.shouldShare; public readonly requireCredential = MainChannel.requireCredential; + public readonly kind = MainChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/queue-stats.ts b/packages/backend/src/server/api/stream/channels/queue-stats.ts index f0dc472303..5ceb2c3bbc 100644 --- a/packages/backend/src/server/api/stream/channels/queue-stats.ts +++ b/packages/backend/src/server/api/stream/channels/queue-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class QueueStatsChannel extends Channel { public readonly chName = 'queueStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class QueueStatsChannel extends Channel { } @Injectable() -export class QueueStatsChannelService { +export class QueueStatsChannelService implements MiChannelService { public readonly shouldShare = QueueStatsChannel.shouldShare; public readonly requireCredential = QueueStatsChannel.requireCredential; + public readonly kind = QueueStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/role-timeline.ts b/packages/backend/src/server/api/stream/channels/role-timeline.ts index 38d3604cc5..b3bbb77dbf 100644 --- a/packages/backend/src/server/api/stream/channels/role-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/role-timeline.ts @@ -10,12 +10,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class RoleTimelineChannel extends Channel { public readonly chName = 'roleTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private roleId: string; constructor( @@ -67,9 +67,10 @@ class RoleTimelineChannel extends Channel { } @Injectable() -export class RoleTimelineChannelService { +export class RoleTimelineChannelService implements MiChannelService { public readonly shouldShare = RoleTimelineChannel.shouldShare; public readonly requireCredential = RoleTimelineChannel.requireCredential; + public readonly kind = RoleTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/server-stats.ts b/packages/backend/src/server/api/stream/channels/server-stats.ts index cacae275a8..615b6946cc 100644 --- a/packages/backend/src/server/api/stream/channels/server-stats.ts +++ b/packages/backend/src/server/api/stream/channels/server-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class ServerStatsChannel extends Channel { public readonly chName = 'serverStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class ServerStatsChannel extends Channel { } @Injectable() -export class ServerStatsChannelService { +export class ServerStatsChannelService implements MiChannelService { public readonly shouldShare = ServerStatsChannel.shouldShare; public readonly requireCredential = ServerStatsChannel.requireCredential; + public readonly kind = ServerStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/user-list.ts b/packages/backend/src/server/api/stream/channels/user-list.ts index fe293e2b4d..909b5a5e03 100644 --- a/packages/backend/src/server/api/stream/channels/user-list.ts +++ b/packages/backend/src/server/api/stream/channels/user-list.ts @@ -11,12 +11,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { DI } from '@/di-symbols.js'; import { bindThis } from '@/decorators.js'; import { isInstanceMuted } from '@/misc/is-instance-muted.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class UserListChannel extends Channel { public readonly chName = 'userList'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private listId: string; private membershipsMap: Record | undefined> = {}; private listUsersClock: NodeJS.Timeout; @@ -137,9 +137,10 @@ class UserListChannel extends Channel { } @Injectable() -export class UserListChannelService { +export class UserListChannelService implements MiChannelService { public readonly shouldShare = UserListChannel.shouldShare; public readonly requireCredential = UserListChannel.requireCredential; + public readonly kind = UserListChannel.kind; constructor( @Inject(DI.userListsRepository) diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts index 4fa7b800e8..2253078582 100644 --- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts +++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts @@ -11,15 +11,16 @@ import httpLinkHeader from 'http-link-header'; import ipaddr from 'ipaddr.js'; import oauth2orize, { type OAuth2, AuthorizationError, ValidateFunctionArity2, OAuth2Req, MiddlewareRequest } from 'oauth2orize'; import oauth2Pkce from 'oauth2orize-pkce'; +import fastifyCors from '@fastify/cors'; import fastifyView from '@fastify/view'; import pug from 'pug'; import bodyParser from 'body-parser'; import fastifyExpress from '@fastify/express'; import { verifyChallenge } from 'pkce-challenge'; import { mf2 } from 'microformats-parser'; +import { permissions as kinds } from 'misskey-js'; import { secureRndstr } from '@/misc/secure-rndstr.js'; import { HttpRequestService } from '@/core/HttpRequestService.js'; -import { kinds } from '@/misc/api-permissions.js'; import type { Config } from '@/config.js'; import { DI } from '@/di-symbols.js'; import { bindThis } from '@/decorators.js'; @@ -348,25 +349,25 @@ export class OAuth2ProviderService { })); } + // https://datatracker.ietf.org/doc/html/rfc8414.html + // https://indieauth.spec.indieweb.org/#indieauth-server-metadata + public generateRFC8414() { + return { + issuer: this.config.url, + authorization_endpoint: new URL('/oauth/authorize', this.config.url), + token_endpoint: new URL('/oauth/token', this.config.url), + scopes_supported: kinds, + response_types_supported: ['code'], + grant_types_supported: ['authorization_code'], + service_documentation: 'https://misskey-hub.net', + code_challenge_methods_supported: ['S256'], + authorization_response_iss_parameter_supported: true, + }; + } + @bindThis public async createServer(fastify: FastifyInstance): Promise { - // https://datatracker.ietf.org/doc/html/rfc8414.html - // https://indieauth.spec.indieweb.org/#indieauth-server-metadata - fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => { - reply.send({ - issuer: this.config.url, - authorization_endpoint: new URL('/oauth/authorize', this.config.url), - token_endpoint: new URL('/oauth/token', this.config.url), - scopes_supported: kinds, - response_types_supported: ['code'], - grant_types_supported: ['authorization_code'], - service_documentation: 'https://misskey-hub.net', - code_challenge_methods_supported: ['S256'], - authorization_response_iss_parameter_supported: true, - }); - }); - - fastify.get('/oauth/authorize', async (request, reply) => { + fastify.get('/authorize', async (request, reply) => { const oauth2 = (request.raw as MiddlewareRequest).oauth2; if (!oauth2) { throw new Error('Unexpected lack of authorization information'); @@ -381,8 +382,7 @@ export class OAuth2ProviderService { scope: oauth2.req.scope.join(' '), }); }); - fastify.post('/oauth/decision', async () => { }); - fastify.post('/oauth/token', async () => { }); + fastify.post('/decision', async () => { }); fastify.register(fastifyView, { root: fileURLToPath(new URL('../web/views', import.meta.url)), @@ -394,7 +394,7 @@ export class OAuth2ProviderService { }); await fastify.register(fastifyExpress); - fastify.use('/oauth/authorize', this.#server.authorize(((areq, done) => { + fastify.use('/authorize', this.#server.authorize(((areq, done) => { (async (): Promise> => { // This should return client/redirectURI AND the error, or // the handler can't send error to the redirection URI @@ -426,7 +426,7 @@ export class OAuth2ProviderService { } try { - const scopes = [...new Set(scope)].filter(s => kinds.includes(s)); + const scopes = [...new Set(scope)].filter(s => (kinds).includes(s)); if (!scopes.length) { throw new AuthorizationError('`scope` parameter has no known scope', 'invalid_scope'); } @@ -448,30 +448,24 @@ export class OAuth2ProviderService { return [null, clientInfo, redirectURI]; })().then(args => done(...args), err => done(err)); }) as ValidateFunctionArity2)); - fastify.use('/oauth/authorize', this.#server.errorHandler({ + fastify.use('/authorize', this.#server.errorHandler({ mode: 'indirect', modes: getQueryMode(this.config.url), })); - fastify.use('/oauth/authorize', this.#server.errorHandler()); + fastify.use('/authorize', this.#server.errorHandler()); - fastify.use('/oauth/decision', bodyParser.urlencoded({ extended: false })); - fastify.use('/oauth/decision', this.#server.decision((req, done) => { + fastify.use('/decision', bodyParser.urlencoded({ extended: false })); + fastify.use('/decision', this.#server.decision((req, done) => { const { body } = req as OAuth2DecisionRequest; this.#logger.info(`Received the decision. Cancel: ${!!body.cancel}`); req.user = body.login_token; done(null, undefined); })); - fastify.use('/oauth/decision', this.#server.errorHandler()); - - // Clients may use JSON or urlencoded - fastify.use('/oauth/token', bodyParser.urlencoded({ extended: false })); - fastify.use('/oauth/token', bodyParser.json({ strict: true })); - fastify.use('/oauth/token', this.#server.token()); - fastify.use('/oauth/token', this.#server.errorHandler()); + fastify.use('/decision', this.#server.errorHandler()); // Return 404 for any unknown paths under /oauth so that clients can know // whether a certain endpoint is supported or not. - fastify.all('/oauth/*', async (_request, reply) => { + fastify.all('/*', async (_request, reply) => { reply.code(404); reply.send({ error: { @@ -483,4 +477,17 @@ export class OAuth2ProviderService { }); }); } + + @bindThis + public async createTokenServer(fastify: FastifyInstance): Promise { + fastify.register(fastifyCors); + fastify.post('', async () => { }); + + await fastify.register(fastifyExpress); + // Clients may use JSON or urlencoded + fastify.use('', bodyParser.urlencoded({ extended: false })); + fastify.use('', bodyParser.json({ strict: true })); + fastify.use('', this.#server.token()); + fastify.use('', this.#server.errorHandler()); + } } diff --git a/packages/backend/src/server/web/boot.js b/packages/backend/src/server/web/boot.js index 48939ef7a0..c6b52a7a6b 100644 --- a/packages/backend/src/server/web/boot.js +++ b/packages/backend/src/server/web/boot.js @@ -173,6 +173,7 @@

Clear the browser cache / ブラウザのキャッシュをクリアする

Update your os and browser / ブラウザおよびOSを最新バージョンに更新する

Disable an adblocker / アドブロッカーを無効にする

+

(Tor Browser) Set dom.webaudio.enabled to true / dom.webaudio.enabledをtrueに設定する

Other options / その他のオプション diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts index 15da74931d..cf24228b83 100644 --- a/packages/backend/test/e2e/api.ts +++ b/packages/backend/test/e2e/api.ts @@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; import { IncomingMessage } from 'http'; -import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js'; +import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch, createAppToken } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -89,6 +89,11 @@ describe('API', () => { }); test('管理者専用のAPIのアクセス制限', async () => { + const application = await createAppToken(alice, ['read:account']); + const application2 = await createAppToken(alice, ['read:admin:index-stats']); + const application3 = await createAppToken(bob, []); + const application4 = await createAppToken(bob, ['read:admin:index-stats']); + // aliceは管理者、APIを使える await successfulApiCall({ endpoint: '/admin/get-index-stats', @@ -128,6 +133,42 @@ describe('API', () => { code: 'AUTHENTICATION_FAILED', id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14', }); + + await successfulApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application2 }, + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application }, + }, { + status: 403, + code: 'PERMISSION_DENIED', + id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application3 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application4 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); }); describe('Authentication header', () => { diff --git a/packages/backend/test/e2e/nodeinfo.ts b/packages/backend/test/e2e/nodeinfo.ts new file mode 100644 index 0000000000..7eed39c5ed --- /dev/null +++ b/packages/backend/test/e2e/nodeinfo.ts @@ -0,0 +1,40 @@ +/* + * SPDX-FileCopyrightText: syuilo and other misskey contributors + * SPDX-License-Identifier: AGPL-3.0-only + */ + +process.env.NODE_ENV = 'test'; + +import * as assert from 'assert'; +import { relativeFetch, startServer } from '../utils.js'; +import type { INestApplicationContext } from '@nestjs/common'; + +describe('nodeinfo', () => { + let app: INestApplicationContext; + + beforeAll(async () => { + app = await startServer(); + }, 1000 * 60 * 2); + + afterAll(async () => { + await app.close(); + }); + + test('nodeinfo 2.1', async () => { + const res = await relativeFetch('nodeinfo/2.1'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json() as any; + assert.strictEqual(nodeInfo.software.name, 'misskey'); + }); + + test('nodeinfo 2.0', async () => { + const res = await relativeFetch('nodeinfo/2.0'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json() as any; + assert.strictEqual(nodeInfo.software.name, 'misskey'); + }); +}); diff --git a/packages/backend/test/e2e/oauth.ts b/packages/backend/test/e2e/oauth.ts index a029a0d4be..3a5e4ebdae 100644 --- a/packages/backend/test/e2e/oauth.ts +++ b/packages/backend/test/e2e/oauth.ts @@ -941,4 +941,24 @@ describe('OAuth', () => { const response = await fetch(new URL('/oauth/foo', host)); assert.strictEqual(response.status, 404); }); + + describe('CORS', () => { + test('Token endpoint should support CORS', async () => { + const response = await fetch(new URL('/oauth/token', host), { method: 'POST' }); + assert.ok(!response.ok); + assert.strictEqual(response.headers.get('Access-Control-Allow-Origin'), '*'); + }); + + test('Authorize endpoint should not support CORS', async () => { + const response = await fetch(new URL('/oauth/authorize', host), { method: 'GET' }); + assert.ok(!response.ok); + assert.ok(!response.headers.has('Access-Control-Allow-Origin')); + }); + + test('Decision endpoint should not support CORS', async () => { + const response = await fetch(new URL('/oauth/decision', host), { method: 'POST' }); + assert.ok(!response.ok); + assert.ok(!response.headers.has('Access-Control-Allow-Origin')); + }); + }); }); diff --git a/packages/backend/test/e2e/streaming.ts b/packages/backend/test/e2e/streaming.ts index c4824f50ce..288c54bdbc 100644 --- a/packages/backend/test/e2e/streaming.ts +++ b/packages/backend/test/e2e/streaming.ts @@ -6,8 +6,9 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; +import { WebSocket } from 'ws'; import { MiFollowing } from '@/models/Following.js'; -import { signup, api, post, startServer, initTestDb, waitFire } from '../utils.js'; +import { signup, api, post, startServer, initTestDb, waitFire, createAppToken, port } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -560,6 +561,28 @@ describe('Streaming', () => { }); }); + test('Authentication', async () => { + const application = await createAppToken(ayano, []); + const application2 = await createAppToken(ayano, ['read:account']); + const socket = new WebSocket(`ws://127.0.0.1:${port}/streaming?i=${application}`); + const established = await new Promise((resolve, reject) => { + socket.on('error', () => resolve(false)); + socket.on('unexpected-response', () => resolve(false)); + setTimeout(() => resolve(true), 3000); + }); + + socket.close(); + assert.strictEqual(established, false); + + const fired = await waitFire( + { token: application2 }, 'hybridTimeline', + () => api('notes/create', { text: 'Hello, world!' }, ayano), + msg => msg.type === 'note' && msg.body.userId === ayano.id, + ); + + assert.strictEqual(fired, true); + }); + // XXX: QueryFailedError: duplicate key value violates unique constraint "IDX_347fec870eafea7b26c8a73bac" /* describe('Hashtag Timeline', () => { diff --git a/packages/backend/test/e2e/well-known.ts b/packages/backend/test/e2e/well-known.ts new file mode 100644 index 0000000000..14e32e1627 --- /dev/null +++ b/packages/backend/test/e2e/well-known.ts @@ -0,0 +1,111 @@ +/* + * SPDX-FileCopyrightText: syuilo and other misskey contributors + * SPDX-License-Identifier: AGPL-3.0-only + */ + +process.env.NODE_ENV = 'test'; + +import * as assert from 'assert'; +import { host, origin, relativeFetch, signup, startServer } from '../utils.js'; +import type { INestApplicationContext } from '@nestjs/common'; +import type * as misskey from 'misskey-js'; + +describe('.well-known', () => { + let app: INestApplicationContext; + let alice: misskey.entities.User; + + beforeAll(async () => { + app = await startServer(); + + alice = await signup({ username: 'alice' }); + }, 1000 * 60 * 2); + + afterAll(async () => { + await app.close(); + }); + + test('nodeinfo', async () => { + const res = await relativeFetch('.well-known/nodeinfo'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const nodeInfo = await res.json(); + assert.deepStrictEqual(nodeInfo, { + links: [{ + rel: 'http://nodeinfo.diaspora.software/ns/schema/2.1', + href: `${origin}/nodeinfo/2.1`, + }, { + rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0', + href: `${origin}/nodeinfo/2.0`, + }], + }); + }); + + test('webfinger', async () => { + const preflight = await relativeFetch(`.well-known/webfinger?resource=acct:alice@${host}`, { + method: 'options', + headers: { + 'Access-Control-Request-Method': 'GET', + Origin: 'http://example.com', + }, + }); + assert.ok(preflight.ok); + assert.strictEqual(preflight.headers.get('Access-Control-Allow-Headers'), 'Accept'); + + const res = await relativeFetch(`.well-known/webfinger?resource=acct:alice@${host}`); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + assert.strictEqual(res.headers.get('Access-Control-Expose-Headers'), 'Vary'); + assert.strictEqual(res.headers.get('Vary'), 'Accept'); + + const webfinger = await res.json(); + + assert.deepStrictEqual(webfinger, { + subject: `acct:alice@${host}`, + links: [{ + rel: 'self', + type: 'application/activity+json', + href: `${origin}/users/${alice.id}`, + }, { + rel: 'http://webfinger.net/rel/profile-page', + type: 'text/html', + href: `${origin}/@alice`, + }, { + rel: 'http://ostatus.org/schema/1.0/subscribe', + template: `${origin}/authorize-follow?acct={uri}`, + }], + }); + }); + + test('host-meta', async () => { + const res = await relativeFetch('.well-known/host-meta'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + }); + + test('host-meta.json', async () => { + const res = await relativeFetch('.well-known/host-meta.json'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const hostMeta = await res.json(); + assert.deepStrictEqual(hostMeta, { + links: [{ + rel: 'lrdd', + type: 'application/jrd+json', + template: `${origin}/.well-known/webfinger?resource={uri}`, + }], + }); + }); + + test('oauth-authorization-server', async () => { + const res = await relativeFetch('.well-known/oauth-authorization-server'); + assert.ok(res.ok); + assert.strictEqual(res.headers.get('Access-Control-Allow-Origin'), '*'); + + const serverInfo = await res.json() as any; + assert.strictEqual(serverInfo.issuer, origin); + assert.strictEqual(serverInfo.authorization_endpoint, `${origin}/oauth/authorize`); + assert.strictEqual(serverInfo.token_endpoint, `${origin}/oauth/token`); + }); +}); diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts index 97118d73c0..46b8ea9cdd 100644 --- a/packages/backend/test/utils.ts +++ b/packages/backend/test/utils.ts @@ -6,6 +6,7 @@ import * as assert from 'node:assert'; import { readFile } from 'node:fs/promises'; import { isAbsolute, basename } from 'node:path'; +import { randomUUID } from 'node:crypto'; import { inspect } from 'node:util'; import WebSocket, { ClientOptions } from 'ws'; import fetch, { File, RequestInit } from 'node-fetch'; @@ -25,6 +26,8 @@ interface UserToken { const config = loadConfig(); export const port = config.port; +export const origin = config.url; +export const host = new URL(config.url).host; export const cookie = (me: UserToken): string => { return `token=${me.token};`; @@ -126,6 +129,15 @@ export const post = async (user: UserToken, params?: misskey.Endpoints['notes/cr return res.body ? res.body.createdNote : null; }; +export const createAppToken = async (user: UserToken, permissions: (typeof misskey.permissions)[number][]) => { + const res = await api('miauth/gen-token', { + session: randomUUID(), + permission: permissions, + }, user); + + return (res.body as misskey.entities.MiauthGenTokenResponse).token; +}; + // 非公開ノートをAPI越しに見たときのノート NoteEntityService.ts export const hiddenNote = (note: any): any => { const temp = { diff --git a/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts b/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts index 550e08d7f7..535adc9c85 100644 --- a/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts +++ b/packages/frontend/lib/rollup-plugin-unwind-css-module-class-name.test.ts @@ -6,7 +6,7 @@ import { parse } from 'acorn'; import { generate } from 'astring'; import { describe, expect, it } from 'vitest'; -import { normalizeClass, unwindCssModuleClassName } from './rollup-plugin-unwind-css-module-class-name'; +import { normalizeClass, unwindCssModuleClassName } from './rollup-plugin-unwind-css-module-class-name.js'; import type * as estree from 'estree'; function parseExpression(code: string): estree.Expression { diff --git a/packages/frontend/src/components/MkAbuseReport.stories.impl.ts b/packages/frontend/src/components/MkAbuseReport.stories.impl.ts index 3b64529620..77e7c84d5c 100644 --- a/packages/frontend/src/components/MkAbuseReport.stories.impl.ts +++ b/packages/frontend/src/components/MkAbuseReport.stories.impl.ts @@ -7,8 +7,8 @@ import { action } from '@storybook/addon-actions'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { abuseUserReport } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { abuseUserReport } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAbuseReport from './MkAbuseReport.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts b/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts index b45d54679b..dc842b3d1b 100644 --- a/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts +++ b/packages/frontend/src/components/MkAbuseReportWindow.stories.impl.ts @@ -7,8 +7,8 @@ import { action } from '@storybook/addon-actions'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAbuseReportWindow from './MkAbuseReportWindow.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAccountMoved.stories.impl.ts b/packages/frontend/src/components/MkAccountMoved.stories.impl.ts index a6d4d18c1b..33c6c24631 100644 --- a/packages/frontend/src/components/MkAccountMoved.stories.impl.ts +++ b/packages/frontend/src/components/MkAccountMoved.stories.impl.ts @@ -5,7 +5,7 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; -import { userDetailed } from '../../.storybook/fakes'; +import { userDetailed } from '../../.storybook/fakes.js'; import MkAccountMoved from './MkAccountMoved.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkAchievements.stories.impl.ts b/packages/frontend/src/components/MkAchievements.stories.impl.ts index a67e1def13..6d972467b1 100644 --- a/packages/frontend/src/components/MkAchievements.stories.impl.ts +++ b/packages/frontend/src/components/MkAchievements.stories.impl.ts @@ -6,8 +6,8 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAchievements from './MkAchievements.vue'; import { ACHIEVEMENT_TYPES } from '@/scripts/achievements.js'; export const Empty = { diff --git a/packages/frontend/src/components/MkAchievements.vue b/packages/frontend/src/components/MkAchievements.vue index b067e94a6d..d49eeb0329 100644 --- a/packages/frontend/src/components/MkAchievements.vue +++ b/packages/frontend/src/components/MkAchievements.vue @@ -67,7 +67,7 @@ const props = withDefaults(defineProps<{ withDescription: true, }); -const achievements = ref(); +const achievements = ref(null); const lockedAchievements = computed(() => ACHIEVEMENT_TYPES.filter(x => !(achievements.value ?? []).some(a => a.name === x))); function fetch() { diff --git a/packages/frontend/src/components/MkAsUi.vue b/packages/frontend/src/components/MkAsUi.vue index 4239cc6091..0ff5bd7036 100644 --- a/packages/frontend/src/components/MkAsUi.vue +++ b/packages/frontend/src/components/MkAsUi.vue @@ -11,7 +11,7 @@ SPDX-License-Identifier: AGPL-3.0-only {{ c.text }} - + {{ c.text }}
{{ button.text }} diff --git a/packages/frontend/src/components/MkAutocomplete.stories.impl.ts b/packages/frontend/src/components/MkAutocomplete.stories.impl.ts index 8232759ba0..969519386f 100644 --- a/packages/frontend/src/components/MkAutocomplete.stories.impl.ts +++ b/packages/frontend/src/components/MkAutocomplete.stories.impl.ts @@ -9,8 +9,8 @@ import { expect } from '@storybook/jest'; import { userEvent, waitFor, within } from '@storybook/testing-library'; import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAutocomplete from './MkAutocomplete.vue'; import MkInput from './MkInput.vue'; import { tick } from '@/scripts/test-utils.js'; diff --git a/packages/frontend/src/components/MkAvatars.stories.impl.ts b/packages/frontend/src/components/MkAvatars.stories.impl.ts index 659c0eebdf..d41b64695f 100644 --- a/packages/frontend/src/components/MkAvatars.stories.impl.ts +++ b/packages/frontend/src/components/MkAvatars.stories.impl.ts @@ -6,8 +6,8 @@ /* eslint-disable @typescript-eslint/explicit-function-return-type */ import { StoryObj } from '@storybook/vue3'; import { rest } from 'msw'; -import { userDetailed } from '../../.storybook/fakes'; -import { commonHandlers } from '../../.storybook/mocks'; +import { userDetailed } from '../../.storybook/fakes.js'; +import { commonHandlers } from '../../.storybook/mocks.js'; import MkAvatars from './MkAvatars.vue'; export const Default = { render(args) { diff --git a/packages/frontend/src/components/MkCaptcha.vue b/packages/frontend/src/components/MkCaptcha.vue index 14e59acad2..40bca11e64 100644 --- a/packages/frontend/src/components/MkCaptcha.vue +++ b/packages/frontend/src/components/MkCaptcha.vue @@ -26,7 +26,7 @@ export type Captcha = { getResponse(id: string): string; }; -type CaptchaProvider = 'hcaptcha' | 'recaptcha' | 'turnstile'; +export type CaptchaProvider = 'hcaptcha' | 'recaptcha' | 'turnstile'; type CaptchaContainer = { readonly [_ in CaptchaProvider]?: Captcha; diff --git a/packages/frontend/src/components/MkContextMenu.vue b/packages/frontend/src/components/MkContextMenu.vue index b78252be89..e29cf472f7 100644 --- a/packages/frontend/src/components/MkContextMenu.vue +++ b/packages/frontend/src/components/MkContextMenu.vue @@ -20,7 +20,7 @@ SPDX-License-Identifier: AGPL-3.0-only