HoovesSocial/hippofish
2
0
Fork 0
Code Issues 3 Pull requests 1 Projects Releases Packages Wiki Activity Actions

merge: Respect user privacy settings in federation endpoints (resolves #712) (!652)

Browse source 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/652

Closes #712

Approved-by: Marie <github@yuugi.dev>
Approved-by: dakkar <dakkar@thenautilus.net>
This commit is contained in:
dakkar 2024-11-02 22:02:54 +00:00
commit fa03c4cebe
6 changed files with 96 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

67
packages/backend/src/core/entities/FollowingEntityService.ts
View file

@ -8,11 +8,14 @@ import { DI } from '@/di-symbols.js';
import type { FollowingsRepository } from '@/models/_.js'; import type { FollowingsRepository } from '@/models/_.js';
import { awaitAll } from '@/misc/prelude/await-all.js'; import { awaitAll } from '@/misc/prelude/await-all.js';
import type { Packed } from '@/misc/json-schema.js'; import type { Packed } from '@/misc/json-schema.js';
import type { } from '@/models/Blocking.js'; import { MiBlocking } from '@/models/Blocking.js';
import type { MiUser } from '@/models/User.js'; import { MiUserProfile } from '@/models/UserProfile.js';
import type { MiFollowing } from '@/models/Following.js'; import type { MiLocalUser, MiUser } from '@/models/User.js';
import { MiFollowing } from '@/models/Following.js';
import { bindThis } from '@/decorators.js'; import { bindThis } from '@/decorators.js';
import { IdService } from '@/core/IdService.js'; import { IdService } from '@/core/IdService.js';
import { QueryService } from '@/core/QueryService.js';
import { RoleService } from '@/core/RoleService.js';
import { UserEntityService } from './UserEntityService.js'; import { UserEntityService } from './UserEntityService.js';
type LocalFollowerFollowing = MiFollowing & { type LocalFollowerFollowing = MiFollowing & {
@ -47,6 +50,8 @@ export class FollowingEntityService {
private userEntityService: UserEntityService, private userEntityService: UserEntityService,
private idService: IdService, private idService: IdService,
private queryService: QueryService,
private roleService: RoleService,
) { ) {
} }
@ -70,6 +75,53 @@ export class FollowingEntityService {
return following.followeeHost != null; return following.followeeHost != null;
} }
@bindThis
public async getFollowing(me: MiLocalUser, params: FollowsQueryParams) {
return await this.getFollows(me, params, 'following.followerHost = :host');
}
@bindThis
public async getFollowers(me: MiLocalUser, params: FollowsQueryParams) {
return await this.getFollows(me, params, 'following.followeeHost = :host');
}
private async getFollows(me: MiLocalUser, params: FollowsQueryParams, condition: string) {
const builder = this.followingsRepository.createQueryBuilder('following');
const query = this.queryService
.makePaginationQuery(builder, params.sinceId, params.untilId)
.andWhere(condition, { host: params.host })
.limit(params.limit);
if (!await this.roleService.isModerator(me)) {
query.setParameter('me', me.id);
// Make sure that the followee doesn't block us, if their profile will be included.
if (params.includeFollowee) {
query.leftJoin(MiBlocking, 'followee_blocking', 'followee_blocking."blockerId" = following."followeeId" AND followee_blocking."blockeeId" = :me');
query.andWhere('followee_blocking.id IS NULL');
}
// Make sure that the follower doesn't block us, if their profile will be included.
if (params.includeFollower) {
query.leftJoin(MiBlocking, 'follower_blocking', 'follower_blocking."blockerId" = following."followerId" AND follower_blocking."blockeeId" = :me');
query.andWhere('follower_blocking.id IS NULL');
}
// Make sure that the followee hasn't hidden this connection.
query.leftJoin(MiUserProfile, 'followee', 'followee."userId" = following."followeeId"');
query.leftJoin(MiFollowing, 'me_following_followee', 'me_following_followee."followerId" = :me AND me_following_followee."followeeId" = following."followerId"');
query.andWhere('(followee."userId" = :me OR followee."followersVisibility" = \'public\' OR (followee."followersVisibility" = \'followers\' AND me_following_followee.id IS NOT NULL))');
// Make sure that the follower hasn't hidden this connection.
query.leftJoin(MiUserProfile, 'follower', 'follower."userId" = following."followerId"');
query.leftJoin(MiFollowing, 'me_following_follower', 'me_following_follower."followerId" = :me AND me_following_follower."followeeId" = following."followerId"');
query.andWhere('(follower."userId" = :me OR follower."followingVisibility" = \'public\' OR (follower."followingVisibility" = \'followers\' AND me_following_follower.id IS NOT NULL))');
}
const followings = await query.getMany();
return await this.packMany(followings, me, { populateFollowee: params.includeFollowee, populateFollower: params.includeFollower });
}
@bindThis @bindThis
public async pack( public async pack(
src: MiFollowing['id'] | MiFollowing, src: MiFollowing['id'] | MiFollowing,
@ -124,3 +176,12 @@ export class FollowingEntityService {
} }
} }
interface FollowsQueryParams {
readonly host: string;
readonly limit: number;
readonly includeFollower: boolean;
readonly includeFollowee: boolean;
readonly sinceId?: string;
readonly untilId?: string;
}

21
packages/backend/src/server/api/endpoints/federation/followers.ts
View file

@ -3,17 +3,15 @@
* SPDX-License-Identifier: AGPL-3.0-only * SPDX-License-Identifier: AGPL-3.0-only
*/ */
import { Inject, Injectable } from '@nestjs/common'; import { Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import type { FollowingsRepository } from '@/models/_.js';
import { QueryService } from '@/core/QueryService.js';
import { FollowingEntityService } from '@/core/entities/FollowingEntityService.js'; import { FollowingEntityService } from '@/core/entities/FollowingEntityService.js';
import { DI } from '@/di-symbols.js';
export const meta = { export const meta = {
tags: ['federation'], tags: ['federation'],
requireCredential: false, requireCredential: true,
kind: 'read:account',
res: { res: {
type: 'array', type: 'array',
@ -42,21 +40,10 @@ export const paramDef = {
@Injectable() @Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor( constructor(
@Inject(DI.followingsRepository)
private followingsRepository: FollowingsRepository,
private followingEntityService: FollowingEntityService, private followingEntityService: FollowingEntityService,
private queryService: QueryService,
) { ) {
super(meta, paramDef, async (ps, me) => { super(meta, paramDef, async (ps, me) => {
const query = this.queryService.makePaginationQuery(this.followingsRepository.createQueryBuilder('following'), ps.sinceId, ps.untilId) return this.followingEntityService.getFollowers(me, ps);
.andWhere('following.followeeHost = :host', { host: ps.host });
const followings = await query
.limit(ps.limit)
.getMany();
return await this.followingEntityService.packMany(followings, me, { populateFollowee: ps.includeFollowee, populateFollower: ps.includeFollower });
}); });
} }
} }

21
packages/backend/src/server/api/endpoints/federation/following.ts
View file

@ -3,17 +3,15 @@
* SPDX-License-Identifier: AGPL-3.0-only * SPDX-License-Identifier: AGPL-3.0-only
*/ */
import { Inject, Injectable } from '@nestjs/common'; import { Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js'; import { Endpoint } from '@/server/api/endpoint-base.js';
import type { FollowingsRepository } from '@/models/_.js';
import { QueryService } from '@/core/QueryService.js';
import { FollowingEntityService } from '@/core/entities/FollowingEntityService.js'; import { FollowingEntityService } from '@/core/entities/FollowingEntityService.js';
import { DI } from '@/di-symbols.js';
export const meta = { export const meta = {
tags: ['federation'], tags: ['federation'],
requireCredential: false, requireCredential: true,
kind: 'read:account',
res: { res: {
type: 'array', type: 'array',
@ -42,21 +40,10 @@ export const paramDef = {
@Injectable() @Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor( constructor(
@Inject(DI.followingsRepository)
private followingsRepository: FollowingsRepository,
private followingEntityService: FollowingEntityService, private followingEntityService: FollowingEntityService,
private queryService: QueryService,
) { ) {
super(meta, paramDef, async (ps, me) => { super(meta, paramDef, async (ps, me) => {
const query = this.queryService.makePaginationQuery(this.followingsRepository.createQueryBuilder('following'), ps.sinceId, ps.untilId) return this.followingEntityService.getFollowing(me, ps);
.andWhere('following.followerHost = :host', { host: ps.host });
const followings = await query
.limit(ps.limit)
.getMany();
return await this.followingEntityService.packMany(followings, me, { populateFollowee: ps.includeFollowee, populateFollower: ps.includeFollower });
}); });
} }
} }

27
packages/frontend/src/pages/instance-info.vue
View file

@ -194,6 +194,7 @@ import { getProxiedImageUrlNullable } from '@/scripts/media-proxy.js';
import { dateString } from '@/filters/date.js'; import { dateString } from '@/filters/date.js';
import MkTextarea from '@/components/MkTextarea.vue'; import MkTextarea from '@/components/MkTextarea.vue';
import MkInfo from '@/components/MkInfo.vue'; import MkInfo from '@/components/MkInfo.vue';
import { $i } from '@/account.js';
const props = defineProps<{ const props = defineProps<{
host: string; host: string;
@ -422,20 +423,28 @@ const headerTabs = computed(() => [{
key: 'users', key: 'users',
title: i18n.ts.users, title: i18n.ts.users,
icon: 'ti ti-users', icon: 'ti ti-users',
}, { }, ...getFollowingTabs(), {
key: 'following',
title: i18n.ts.following,
icon: 'ti ti-arrow-right',
}, {
key: 'followers',
title: i18n.ts.followers,
icon: 'ti ti-arrow-left',
}, {
key: 'raw', key: 'raw',
title: 'Raw', title: 'Raw',
icon: 'ti ti-code', icon: 'ti ti-code',
}]); }]);
function getFollowingTabs() {
if (!$i) return [];
return [
{
key: 'following',
title: i18n.ts.following,
icon: 'ti ti-arrow-right',
},
{
key: 'followers',
title: i18n.ts.followers,
icon: 'ti ti-arrow-left',
},
];
}
definePageMetadata(() => ({ definePageMetadata(() => ({
title: props.host, title: props.host,
icon: 'ti ti-server', icon: 'ti ti-server',

4
packages/misskey-js/src/autogen/apiClientJSDoc.ts
View file

@ -1890,7 +1890,7 @@ declare module '../api.js' {
/** /**
* No description provided. * No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
request<E extends 'federation/followers', P extends Endpoints[E]['req']>( request<E extends 'federation/followers', P extends Endpoints[E]['req']>(
endpoint: E, endpoint: E,
@ -1901,7 +1901,7 @@ declare module '../api.js' {
/** /**
* No description provided. * No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
request<E extends 'federation/following', P extends Endpoints[E]['req']>( request<E extends 'federation/following', P extends Endpoints[E]['req']>(
endpoint: E, endpoint: E,

8
packages/misskey-js/src/autogen/types.ts
View file

@ -1645,7 +1645,7 @@ export type paths = {
* federation/followers * federation/followers
* @description No description provided. * @description No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
post: operations['federation___followers']; post: operations['federation___followers'];
}; };
@ -1654,7 +1654,7 @@ export type paths = {
* federation/following * federation/following
* @description No description provided. * @description No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
post: operations['federation___following']; post: operations['federation___following'];
}; };
@ -15563,7 +15563,7 @@ export type operations = {
* federation/followers * federation/followers
* @description No description provided. * @description No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
federation___followers: { federation___followers: {
requestBody: { requestBody: {
@ -15626,7 +15626,7 @@ export type operations = {
* federation/following * federation/following
* @description No description provided. * @description No description provided.
* *
* **Credential required**: *No* * **Credential required**: *Yes* / **Permission**: *read:account*
*/ */
federation___following: { federation___following: {
requestBody: { requestBody: {