Merge branch 'develop' into fix-13735
This commit is contained in:
commit
2f55c80d2f
|
@ -1,5 +1,11 @@
|
||||||
|
# misskey settings
|
||||||
|
# MISSKEY_URL=https://example.tld/
|
||||||
|
|
||||||
# db settings
|
# db settings
|
||||||
POSTGRES_PASSWORD=example-misskey-pass
|
POSTGRES_PASSWORD=example-misskey-pass
|
||||||
|
# DATABASE_PASSWORD=${POSTGRES_PASSWORD}
|
||||||
POSTGRES_USER=example-misskey-user
|
POSTGRES_USER=example-misskey-user
|
||||||
|
# DATABASE_USER=${POSTGRES_USER}
|
||||||
POSTGRES_DB=misskey
|
POSTGRES_DB=misskey
|
||||||
|
# DATABASE_DB=${POSTGRES_DB}
|
||||||
DATABASE_URL="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}"
|
DATABASE_URL="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}"
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
#───┘ URL └─────────────────────────────────────────────────────
|
#───┘ URL └─────────────────────────────────────────────────────
|
||||||
|
|
||||||
# Final accessible URL seen by a user.
|
# Final accessible URL seen by a user.
|
||||||
|
# You can set url from an environment variable instead.
|
||||||
url: https://example.tld/
|
url: https://example.tld/
|
||||||
|
|
||||||
# ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE
|
# ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE
|
||||||
|
@ -38,9 +39,11 @@ db:
|
||||||
port: 5432
|
port: 5432
|
||||||
|
|
||||||
# Database name
|
# Database name
|
||||||
|
# You can set db from an environment variable instead.
|
||||||
db: misskey
|
db: misskey
|
||||||
|
|
||||||
# Auth
|
# Auth
|
||||||
|
# You can set user and pass from environment variables instead.
|
||||||
user: example-misskey-user
|
user: example-misskey-user
|
||||||
pass: example-misskey-pass
|
pass: example-misskey-pass
|
||||||
|
|
||||||
|
@ -161,12 +164,12 @@ id: 'aidx'
|
||||||
#clusterLimit: 1
|
#clusterLimit: 1
|
||||||
|
|
||||||
# Job concurrency per worker
|
# Job concurrency per worker
|
||||||
# deliverJobConcurrency: 128
|
# deliverJobConcurrency: 16
|
||||||
# inboxJobConcurrency: 16
|
# inboxJobConcurrency: 4
|
||||||
|
|
||||||
# Job rate limiter
|
# Job rate limiter
|
||||||
# deliverJobPerSec: 128
|
# deliverJobPerSec: 128
|
||||||
# inboxJobPerSec: 32
|
# inboxJobPerSec: 64
|
||||||
|
|
||||||
# Job attempts
|
# Job attempts
|
||||||
# deliverJobMaxAttempts: 12
|
# deliverJobMaxAttempts: 12
|
||||||
|
|
|
@ -230,15 +230,15 @@ id: 'aidx'
|
||||||
#clusterLimit: 1
|
#clusterLimit: 1
|
||||||
|
|
||||||
# Job concurrency per worker
|
# Job concurrency per worker
|
||||||
#deliverJobConcurrency: 128
|
#deliverJobConcurrency: 16
|
||||||
#inboxJobConcurrency: 16
|
#inboxJobConcurrency: 4
|
||||||
#relationshipJobConcurrency: 16
|
#relationshipJobConcurrency: 16
|
||||||
# What's relationshipJob?:
|
# What's relationshipJob?:
|
||||||
# Follow, unfollow, block and unblock(ings) while following-imports, etc. or account migrations.
|
# Follow, unfollow, block and unblock(ings) while following-imports, etc. or account migrations.
|
||||||
|
|
||||||
# Job rate limiter
|
# Job rate limiter
|
||||||
#deliverJobPerSec: 128
|
#deliverJobPerSec: 1024
|
||||||
#inboxJobPerSec: 32
|
#inboxJobPerSec: 64
|
||||||
#relationshipJobPerSec: 64
|
#relationshipJobPerSec: 64
|
||||||
|
|
||||||
# Job attempts
|
# Job attempts
|
||||||
|
|
|
@ -157,12 +157,12 @@ id: 'aidx'
|
||||||
#clusterLimit: 1
|
#clusterLimit: 1
|
||||||
|
|
||||||
# Job concurrency per worker
|
# Job concurrency per worker
|
||||||
# deliverJobConcurrency: 128
|
# deliverJobConcurrency: 16
|
||||||
# inboxJobConcurrency: 16
|
# inboxJobConcurrency: 4
|
||||||
|
|
||||||
# Job rate limiter
|
# Job rate limiter
|
||||||
# deliverJobPerSec: 128
|
# deliverJobPerSec: 1024
|
||||||
# inboxJobPerSec: 32
|
# inboxJobPerSec: 64
|
||||||
|
|
||||||
# Job attempts
|
# Job attempts
|
||||||
# deliverJobMaxAttempts: 12
|
# deliverJobMaxAttempts: 12
|
||||||
|
|
|
@ -12,7 +12,6 @@ node_modules/
|
||||||
packages/*/node_modules
|
packages/*/node_modules
|
||||||
redis/
|
redis/
|
||||||
files/
|
files/
|
||||||
misskey-assets/
|
|
||||||
fluent-emojis/
|
fluent-emojis/
|
||||||
.pnp.*
|
.pnp.*
|
||||||
|
|
||||||
|
|
|
@ -53,8 +53,8 @@ body:
|
||||||
Examples:
|
Examples:
|
||||||
* Model and OS of the device(s): MacBook Pro (14inch, 2021), macOS Ventura 13.4
|
* Model and OS of the device(s): MacBook Pro (14inch, 2021), macOS Ventura 13.4
|
||||||
* Browser: Chrome 113.0.5672.126
|
* Browser: Chrome 113.0.5672.126
|
||||||
* Server URL: misskey.io
|
* Server URL: misskey.example.com
|
||||||
* Misskey: 13.x.x
|
* Misskey: 2024.x.x
|
||||||
value: |
|
value: |
|
||||||
* Model and OS of the device(s):
|
* Model and OS of the device(s):
|
||||||
* Browser:
|
* Browser:
|
||||||
|
@ -74,11 +74,11 @@ body:
|
||||||
|
|
||||||
Examples:
|
Examples:
|
||||||
* Installation Method or Hosting Service: docker compose, k8s/docker, systemd, "Misskey install shell script", development environment
|
* Installation Method or Hosting Service: docker compose, k8s/docker, systemd, "Misskey install shell script", development environment
|
||||||
* Misskey: 13.x.x
|
* Misskey: 2024.x.x
|
||||||
* Node: 20.x.x
|
* Node: 20.x.x
|
||||||
* PostgreSQL: 15.x.x
|
* PostgreSQL: 15.x.x
|
||||||
* Redis: 7.x.x
|
* Redis: 7.x.x
|
||||||
* OS and Architecture: Ubuntu 22.04.2 LTS aarch64
|
* OS and Architecture: Ubuntu 24.04.2 LTS aarch64
|
||||||
value: |
|
value: |
|
||||||
* Installation Method or Hosting Service:
|
* Installation Method or Hosting Service:
|
||||||
* Misskey:
|
* Misskey:
|
||||||
|
|
|
@ -4,10 +4,11 @@ on:
|
||||||
push:
|
push:
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/api-misskey-js.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/api-misskey-js.yml
|
||||||
jobs:
|
jobs:
|
||||||
report:
|
report:
|
||||||
|
|
||||||
|
@ -20,7 +21,7 @@ jobs:
|
||||||
- run: corepack enable
|
- run: corepack enable
|
||||||
|
|
||||||
- name: Setup Node.js
|
- name: Setup Node.js
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -14,7 +14,7 @@ jobs:
|
||||||
- name: Checkout head
|
- name: Checkout head
|
||||||
uses: actions/checkout@v4.1.1
|
uses: actions/checkout@v4.1.1
|
||||||
- name: Setup Node.js
|
- name: Setup Node.js
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,7 @@ jobs:
|
||||||
|
|
||||||
- name: setup node
|
- name: setup node
|
||||||
id: setup-node
|
id: setup-node
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: pnpm
|
cache: pnpm
|
||||||
|
|
|
@ -6,12 +6,13 @@ on:
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/package.json
|
- packages/misskey-js/package.json
|
||||||
- package.json
|
- package.json
|
||||||
|
- .github/workflows/check-misskey-js-version.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [ develop ]
|
branches: [ develop ]
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/package.json
|
- packages/misskey-js/package.json
|
||||||
- package.json
|
- package.json
|
||||||
|
- .github/workflows/check-misskey-js-version.yml
|
||||||
jobs:
|
jobs:
|
||||||
check-version:
|
check-version:
|
||||||
# ルートの package.json と packages/misskey-js/package.json のバージョンが一致しているかを確認する
|
# ルートの package.json と packages/misskey-js/package.json のバージョンが一致しているかを確認する
|
||||||
|
|
|
@ -9,7 +9,7 @@ on:
|
||||||
paths:
|
paths:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
- .github/workflows/get-api-diff.yml
|
- .github/workflows/get-api-diff.yml
|
||||||
|
- .github/workflows/get-api-diff.yml
|
||||||
jobs:
|
jobs:
|
||||||
get-from-misskey:
|
get-from-misskey:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -34,7 +34,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -10,15 +10,16 @@ on:
|
||||||
- packages/frontend/**
|
- packages/frontend/**
|
||||||
- packages/sw/**
|
- packages/sw/**
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
- packages/shared/.eslintrc.js
|
- packages/shared/eslint.config.js
|
||||||
|
- .github/workflows/lint.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
- packages/frontend/**
|
- packages/frontend/**
|
||||||
- packages/sw/**
|
- packages/sw/**
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
- packages/shared/.eslintrc.js
|
- packages/shared/eslint.config.js
|
||||||
|
- .github/workflows/lint.yml
|
||||||
jobs:
|
jobs:
|
||||||
pnpm_install:
|
pnpm_install:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -28,7 +29,7 @@ jobs:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
submodules: true
|
submodules: true
|
||||||
- uses: pnpm/action-setup@v4
|
- uses: pnpm/action-setup@v4
|
||||||
- uses: actions/setup-node@v4.0.2
|
- uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
@ -39,6 +40,8 @@ jobs:
|
||||||
needs: [pnpm_install]
|
needs: [pnpm_install]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
|
env:
|
||||||
|
eslint-cache-version: v1
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
workspace:
|
workspace:
|
||||||
|
@ -52,13 +55,20 @@ jobs:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
submodules: true
|
submodules: true
|
||||||
- uses: pnpm/action-setup@v4
|
- uses: pnpm/action-setup@v4
|
||||||
- uses: actions/setup-node@v4.0.2
|
- uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
- run: corepack enable
|
- run: corepack enable
|
||||||
- run: pnpm i --frozen-lockfile
|
- run: pnpm i --frozen-lockfile
|
||||||
- run: pnpm --filter ${{ matrix.workspace }} run eslint
|
- name: Restore eslint cache
|
||||||
|
uses: actions/cache@v4.0.2
|
||||||
|
with:
|
||||||
|
path: node_modules/.cache/eslint
|
||||||
|
key: eslint-${{ env.eslint-cache-version }}-${{ hashFiles('/pnpm-lock.yaml') }}-${{ github.ref_name }}-${{ github.sha }}
|
||||||
|
restore-keys: |
|
||||||
|
eslint-${{ env.eslint-cache-version }}-${{ hashFiles('/pnpm-lock.yaml') }}-
|
||||||
|
- run: pnpm --filter ${{ matrix.workspace }} run eslint --cache --cache-location node_modules/.cache/eslint --cache-strategy content
|
||||||
|
|
||||||
typecheck:
|
typecheck:
|
||||||
needs: [pnpm_install]
|
needs: [pnpm_install]
|
||||||
|
@ -75,7 +85,7 @@ jobs:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
submodules: true
|
submodules: true
|
||||||
- uses: pnpm/action-setup@v4
|
- uses: pnpm/action-setup@v4
|
||||||
- uses: actions/setup-node@v4.0.2
|
- uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -4,10 +4,11 @@ on:
|
||||||
push:
|
push:
|
||||||
paths:
|
paths:
|
||||||
- locales/**
|
- locales/**
|
||||||
|
- .github/workflows/locale.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- locales/**
|
- locales/**
|
||||||
|
- .github/workflows/locale.yml
|
||||||
jobs:
|
jobs:
|
||||||
locale_verify:
|
locale_verify:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -18,7 +19,7 @@ jobs:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
submodules: true
|
submodules: true
|
||||||
- uses: pnpm/action-setup@v4
|
- uses: pnpm/action-setup@v4
|
||||||
- uses: actions/setup-node@v4.0.2
|
- uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -26,7 +26,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -3,10 +3,10 @@ name: "Release Manager: sync changelog with PR"
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- release/**
|
- develop
|
||||||
paths:
|
paths:
|
||||||
- 'CHANGELOG.md'
|
- 'CHANGELOG.md'
|
||||||
|
# - .github/workflows/release-edit-with-push.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
|
@ -20,24 +20,29 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
# headがrelease/かつopenのPRを1つ取得
|
# headが$GITHUB_REF_NAME, baseが$STABLE_BRANCHかつopenのPRを1つ取得
|
||||||
- name: Get PR
|
- name: Get PR
|
||||||
run: |
|
run: |
|
||||||
echo "pr_number=$(gh pr list --limit 1 --head "$GITHUB_REF_NAME" --json number --jq '.[] | .number')" >> $GITHUB_OUTPUT
|
echo "pr_number=$(gh pr list --limit 1 --search "head:$GITHUB_REF_NAME base:$STABLE_BRANCH is:open" --json number --jq '.[] | .number')" >> $GITHUB_OUTPUT
|
||||||
id: get_pr
|
id: get_pr
|
||||||
|
env:
|
||||||
|
STABLE_BRANCH: ${{ vars.STABLE_BRANCH }}
|
||||||
- name: Get target version
|
- name: Get target version
|
||||||
uses: misskey-dev/release-manager-actions/.github/actions/get-target-version@v1
|
if: steps.get_pr.outputs.pr_number != ''
|
||||||
|
uses: misskey-dev/release-manager-actions/.github/actions/get-target-version@v2
|
||||||
id: v
|
id: v
|
||||||
# CHANGELOG.mdの内容を取得
|
# CHANGELOG.mdの内容を取得
|
||||||
- name: Get changelog
|
- name: Get changelog
|
||||||
uses: misskey-dev/release-manager-actions/.github/actions/get-changelog@v1
|
if: steps.get_pr.outputs.pr_number != ''
|
||||||
|
uses: misskey-dev/release-manager-actions/.github/actions/get-changelog@v2
|
||||||
with:
|
with:
|
||||||
version: ${{ steps.v.outputs.target_version }}
|
version: ${{ steps.v.outputs.target_version }}
|
||||||
id: changelog
|
id: changelog
|
||||||
# PRのnotesを更新
|
# PRのnotesを更新
|
||||||
- name: Update PR
|
- name: Update PR
|
||||||
|
if: steps.get_pr.outputs.pr_number != ''
|
||||||
run: |
|
run: |
|
||||||
gh pr edit "$PR_NUMBER" --body "$CHANGELOG"
|
gh pr edit "$PR_NUMBER" --body "$CHANGELOG"
|
||||||
env:
|
env:
|
||||||
CHANGELOG: ${{ steps.changelog.outputs.changelog }}
|
|
||||||
PR_NUMBER: ${{ steps.get_pr.outputs.pr_number }}
|
PR_NUMBER: ${{ steps.get_pr.outputs.pr_number }}
|
||||||
|
CHANGELOG: ${{ steps.changelog.outputs.changelog }}
|
||||||
|
|
|
@ -33,18 +33,21 @@ jobs:
|
||||||
pr_number: ${{ steps.get_pr.outputs.pr_number }}
|
pr_number: ${{ steps.get_pr.outputs.pr_number }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
# headがrelease/かつopenのPRを1つ取得
|
# headが$GITHUB_REF_NAME, baseが$STABLE_BRANCHかつopenのPRを1つ取得
|
||||||
- name: Get PRs
|
- name: Get PRs
|
||||||
run: |
|
run: |
|
||||||
echo "pr_number=$(gh pr list --limit 1 --search "head:release/ is:open" --json number --jq '.[] | .number')" >> $GITHUB_OUTPUT
|
echo "pr_number=$(gh pr list --limit 1 --search "head:$GITHUB_REF_NAME base:$STABLE_BRANCH is:open" --json number --jq '.[] | .number')" >> $GITHUB_OUTPUT
|
||||||
id: get_pr
|
id: get_pr
|
||||||
|
env:
|
||||||
|
STABLE_BRANCH: ${{ vars.STABLE_BRANCH }}
|
||||||
|
|
||||||
merge:
|
merge:
|
||||||
uses: misskey-dev/release-manager-actions/.github/workflows/merge.yml@v1
|
uses: misskey-dev/release-manager-actions/.github/workflows/merge.yml@v2
|
||||||
needs: get-pr
|
needs: get-pr
|
||||||
if: ${{ needs.get-pr.outputs.pr_number != '' && inputs.merge == true }}
|
if: ${{ needs.get-pr.outputs.pr_number != '' && inputs.merge == true }}
|
||||||
with:
|
with:
|
||||||
pr_number: ${{ needs.get-pr.outputs.pr_number }}
|
pr_number: ${{ needs.get-pr.outputs.pr_number }}
|
||||||
|
user: 'github-actions[bot]'
|
||||||
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
||||||
# Text to prepend to the changelog
|
# Text to prepend to the changelog
|
||||||
# The first line must be `## Unreleased`
|
# The first line must be `## Unreleased`
|
||||||
|
@ -65,15 +68,14 @@ jobs:
|
||||||
secrets:
|
secrets:
|
||||||
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
|
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
|
||||||
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
||||||
RULESET_EDIT_APP_ID: ${{ secrets.RULESET_EDIT_APP_ID }}
|
|
||||||
RULESET_EDIT_APP_PRIVATE_KEY: ${{ secrets.RULESET_EDIT_APP_PRIVATE_KEY }}
|
|
||||||
|
|
||||||
create-prerelease:
|
create-prerelease:
|
||||||
uses: misskey-dev/release-manager-actions/.github/workflows/create-prerelease.yml@v1
|
uses: misskey-dev/release-manager-actions/.github/workflows/create-prerelease.yml@v2
|
||||||
needs: get-pr
|
needs: get-pr
|
||||||
if: ${{ needs.get-pr.outputs.pr_number != '' && inputs.merge != true }}
|
if: ${{ needs.get-pr.outputs.pr_number != '' && inputs.merge != true }}
|
||||||
with:
|
with:
|
||||||
pr_number: ${{ needs.get-pr.outputs.pr_number }}
|
pr_number: ${{ needs.get-pr.outputs.pr_number }}
|
||||||
|
user: 'github-actions[bot]'
|
||||||
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
||||||
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
||||||
indent: ${{ vars.INDENT }}
|
indent: ${{ vars.INDENT }}
|
||||||
|
@ -82,10 +84,11 @@ jobs:
|
||||||
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
||||||
|
|
||||||
create-target:
|
create-target:
|
||||||
uses: misskey-dev/release-manager-actions/.github/workflows/create-target.yml@v1
|
uses: misskey-dev/release-manager-actions/.github/workflows/create-target.yml@v2
|
||||||
needs: get-pr
|
needs: get-pr
|
||||||
if: ${{ needs.get-pr.outputs.pr_number == '' }}
|
if: ${{ needs.get-pr.outputs.pr_number == '' }}
|
||||||
with:
|
with:
|
||||||
|
user: 'github-actions[bot]'
|
||||||
# The script for version increment.
|
# The script for version increment.
|
||||||
# process.env.CURRENT_VERSION: The current version.
|
# process.env.CURRENT_VERSION: The current version.
|
||||||
#
|
#
|
||||||
|
@ -118,8 +121,7 @@ jobs:
|
||||||
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
||||||
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
||||||
indent: ${{ vars.INDENT }}
|
indent: ${{ vars.INDENT }}
|
||||||
|
stable_branch: ${{ vars.STABLE_BRANCH }}
|
||||||
secrets:
|
secrets:
|
||||||
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
|
RELEASE_APP_ID: ${{ secrets.RELEASE_APP_ID }}
|
||||||
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
RELEASE_APP_PRIVATE_KEY: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
|
||||||
RULESET_EDIT_APP_ID: ${{ secrets.RULESET_EDIT_APP_ID }}
|
|
||||||
RULESET_EDIT_APP_PRIVATE_KEY: ${{ secrets.RULESET_EDIT_APP_PRIVATE_KEY }}
|
|
||||||
|
|
|
@ -16,23 +16,26 @@ jobs:
|
||||||
check:
|
check:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
outputs:
|
outputs:
|
||||||
ref: ${{ steps.get_pr.outputs.ref }}
|
head: ${{ steps.get_pr.outputs.head }}
|
||||||
|
base: ${{ steps.get_pr.outputs.base }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
# PR情報を取得
|
# PR情報を取得
|
||||||
- name: Get PR
|
- name: Get PR
|
||||||
run: |
|
run: |
|
||||||
pr_json=$(gh pr view "$PR_NUMBER" --json isDraft,headRefName)
|
pr_json=$(gh pr view "$PR_NUMBER" --json isDraft,headRefName,baseRefName)
|
||||||
echo "ref=$(echo $pr_json | jq -r '.headRefName')" >> $GITHUB_OUTPUT
|
echo "head=$(echo $pr_json | jq -r '.headRefName')" >> $GITHUB_OUTPUT
|
||||||
|
echo "base=$(echo $pr_json | jq -r '.baseRefName')" >> $GITHUB_OUTPUT
|
||||||
id: get_pr
|
id: get_pr
|
||||||
env:
|
env:
|
||||||
PR_NUMBER: ${{ github.event.pull_request.number }}
|
PR_NUMBER: ${{ github.event.pull_request.number }}
|
||||||
release:
|
release:
|
||||||
uses: misskey-dev/release-manager-actions/.github/workflows/create-prerelease.yml@v1
|
uses: misskey-dev/release-manager-actions/.github/workflows/create-prerelease.yml@v2
|
||||||
needs: check
|
needs: check
|
||||||
if: startsWith(needs.check.outputs.ref, 'release/')
|
if: needs.check.outputs.head == github.event.repository.default_branch && needs.check.outputs.base == vars.STABLE_BRANCH
|
||||||
with:
|
with:
|
||||||
pr_number: ${{ github.event.pull_request.number }}
|
pr_number: ${{ github.event.pull_request.number }}
|
||||||
|
user: 'github-actions[bot]'
|
||||||
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
package_jsons_to_rewrite: ${{ vars.PACKAGE_JSONS_TO_REWRITE }}
|
||||||
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
use_external_app_to_release: ${{ vars.USE_RELEASE_APP == 'true' }}
|
||||||
indent: ${{ vars.INDENT }}
|
indent: ${{ vars.INDENT }}
|
||||||
|
|
|
@ -36,7 +36,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js 20.x
|
- name: Use Node.js 20.x
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version-file: '.node-version'
|
node-version-file: '.node-version'
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -9,12 +9,13 @@ on:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
# for permissions
|
# for permissions
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/test-backend.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
# for permissions
|
# for permissions
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/test-backend.yml
|
||||||
jobs:
|
jobs:
|
||||||
unit:
|
unit:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -45,7 +46,7 @@ jobs:
|
||||||
- name: Install FFmpeg
|
- name: Install FFmpeg
|
||||||
uses: FedericoCarboni/setup-ffmpeg@v3
|
uses: FedericoCarboni/setup-ffmpeg@v3
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
@ -92,7 +93,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -11,7 +11,7 @@ on:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
# for e2e
|
# for e2e
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
|
- .github/workflows/test-frontend.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- packages/frontend/**
|
- packages/frontend/**
|
||||||
|
@ -19,7 +19,7 @@ on:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
# for e2e
|
# for e2e
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
|
- .github/workflows/test-frontend.yml
|
||||||
jobs:
|
jobs:
|
||||||
vitest:
|
vitest:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -35,7 +35,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
@ -90,7 +90,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -8,11 +8,12 @@ on:
|
||||||
branches: [ develop ]
|
branches: [ develop ]
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/test-misskey-js.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [ develop ]
|
branches: [ develop ]
|
||||||
paths:
|
paths:
|
||||||
- packages/misskey-js/**
|
- packages/misskey-js/**
|
||||||
|
- .github/workflows/test-misskey-js.yml
|
||||||
jobs:
|
jobs:
|
||||||
test:
|
test:
|
||||||
|
|
||||||
|
@ -30,7 +31,7 @@ jobs:
|
||||||
- run: corepack enable
|
- run: corepack enable
|
||||||
|
|
||||||
- name: Setup Node.js ${{ matrix.node-version }}
|
- name: Setup Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -25,7 +25,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -7,10 +7,11 @@ on:
|
||||||
- develop
|
- develop
|
||||||
paths:
|
paths:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
|
- .github/workflows/validate-api-json.yml
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
- packages/backend/**
|
- packages/backend/**
|
||||||
|
- .github/workflows/validate-api-json.yml
|
||||||
jobs:
|
jobs:
|
||||||
validate-api-json:
|
validate-api-json:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -26,7 +27,7 @@ jobs:
|
||||||
- name: Install pnpm
|
- name: Install pnpm
|
||||||
uses: pnpm/action-setup@v4
|
uses: pnpm/action-setup@v4
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v4.0.2
|
uses: actions/setup-node@v4.0.3
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
cache: 'pnpm'
|
cache: 'pnpm'
|
||||||
|
|
|
@ -59,6 +59,7 @@ ormconfig.json
|
||||||
temp
|
temp
|
||||||
/packages/frontend/src/**/*.stories.ts
|
/packages/frontend/src/**/*.stories.ts
|
||||||
tsdoc-metadata.json
|
tsdoc-metadata.json
|
||||||
|
misskey-assets
|
||||||
|
|
||||||
# blender backups
|
# blender backups
|
||||||
*.blend1
|
*.blend1
|
||||||
|
|
|
@ -1,6 +1,3 @@
|
||||||
[submodule "misskey-assets"]
|
|
||||||
path = misskey-assets
|
|
||||||
url = https://github.com/misskey-dev/assets.git
|
|
||||||
[submodule "fluent-emojis"]
|
[submodule "fluent-emojis"]
|
||||||
path = fluent-emojis
|
path = fluent-emojis
|
||||||
url = https://github.com/misskey-dev/emojis.git
|
url = https://github.com/misskey-dev/emojis.git
|
||||||
|
|
64
CHANGELOG.md
64
CHANGELOG.md
|
@ -1,34 +1,90 @@
|
||||||
## Unreleased
|
## 2024.7.0
|
||||||
|
|
||||||
|
### Note
|
||||||
|
- デッキUIの新着ノートをサウンドで通知する機能の追加(v2024.5.0)に伴い、以前から動作しなくなっていたクライアント設定内の「アンテナ受信」「チャンネル通知」サウンドを削除しました。
|
||||||
|
- Streaming APIにて入力が不正な場合にはそのメッセージを無視するようになりました。 #14251
|
||||||
|
|
||||||
### General
|
### General
|
||||||
- Feat: 通報を受けた際、または解決した際に、予め登録した宛先に通知を飛ばせるように(mail or webhook) #13705
|
- Feat: 通報を受けた際、または解決した際に、予め登録した宛先に通知を飛ばせるように(mail or webhook) #13705
|
||||||
|
- Feat: ユーザーのアイコン/バナーの変更可否をロールで設定可能に
|
||||||
|
- 変更不可となっていても、設定済みのものを解除してデフォルト画像に戻すことは出来ます
|
||||||
|
- Feat: 連合に使うHTTP SignaturesがEd25519鍵に対応するように #13464
|
||||||
|
- Ed25519署名に対応するサーバーが増えると、deliverで要求されるサーバーリソースが削減されます
|
||||||
|
- ジョブキューのconfig設定のデフォルト値を変更しました。
|
||||||
|
default.ymlでジョブキューの並列度を設定している場合は、従前よりもconcurrencyの値をより下げるとパフォーマンスが改善する可能性があります。
|
||||||
|
* deliverJobConcurrency: 16 (←128)
|
||||||
|
* deliverJobPerSec: 1024 (←128)
|
||||||
|
* inboxJobConcurrency: 4 (←16)
|
||||||
|
* inboxJobPerSec: 64 (←32)
|
||||||
- Fix: 配信停止したインスタンス一覧が見れなくなる問題を修正
|
- Fix: 配信停止したインスタンス一覧が見れなくなる問題を修正
|
||||||
- Fix: Dockerコンテナの立ち上げ時に`pnpm`のインストールで固まることがある問題
|
- Fix: Dockerコンテナの立ち上げ時に`pnpm`のインストールで固まることがある問題
|
||||||
|
- Fix: デフォルトテーマに無効なテーマコードを入力するとUIが使用できなくなる問題を修正
|
||||||
|
|
||||||
### Client
|
### Client
|
||||||
|
- Enhance: 内蔵APIドキュメントのデザイン・パフォーマンスを改善
|
||||||
|
- Enhance: 非ログイン時に他サーバーに遷移するアクションを追加
|
||||||
|
- Enhance: 非ログイン時のハイライトTLのデザインを改善
|
||||||
|
- Enhance: フロントエンドのアクセシビリティ改善
|
||||||
|
(Based on https://github.com/taiyme/misskey/pull/226)
|
||||||
|
- Enhance: サーバー情報ページ・お問い合わせページを改善
|
||||||
|
(Cherry-picked from https://github.com/taiyme/misskey/pull/238)
|
||||||
|
- Enhance: AiScriptを0.19.0にアップデート
|
||||||
|
- Enhance: Allow negative delay for MFM animation elements (`tada`, `jelly`, `twitch`, `shake`, `spin`, `jump`, `bounce`, `rainbow`)
|
||||||
|
- Enhance: センシティブなメディアを開く際に確認ダイアログを出せるように
|
||||||
- Fix: `/about#federation` ページなどで各インスタンスのチャートが表示されなくなっていた問題を修正
|
- Fix: `/about#federation` ページなどで各インスタンスのチャートが表示されなくなっていた問題を修正
|
||||||
- Fix: ユーザーページの追加情報のラベルを投稿者のサーバーの絵文字で表示する (#13968)
|
- Fix: ユーザーページの追加情報のラベルを投稿者のサーバーの絵文字で表示する (#13968)
|
||||||
- Fix: リバーシの対局を正しく共有できないことがある問題を修正
|
- Fix: リバーシの対局を正しく共有できないことがある問題を修正
|
||||||
- Fix: コントロールパネルでベースロールのポリシーを編集してもUI上では変更が反映されない問題を修正
|
- Fix: コントロールパネルでベースロールのポリシーを編集してもUI上では変更が反映されない問題を修正
|
||||||
- Fix: アンテナの編集画面のボタンに隙間を追加
|
- Fix: アンテナの編集画面のボタンに隙間を追加
|
||||||
- Fix: テーマプレビューが見れない問題を修正
|
- Fix: テーマプレビューが見れない問題を修正
|
||||||
|
- Fix: ショートカットキーが連打できる問題を修正
|
||||||
|
(Cherry-picked from https://github.com/taiyme/misskey/pull/234)
|
||||||
|
- Fix: MkSignin.vueのcredentialRequestからReactivityを削除(ProxyがPasskey認証処理に渡ることを避けるため)
|
||||||
|
- Fix: 「アニメーション画像を再生しない」がオンのときでもサーバーのバナー画像・背景画像がアニメーションしてしまう問題を修正
|
||||||
|
(Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/574)
|
||||||
|
- Fix: Twitchの埋め込みが開けない問題を修正
|
||||||
|
- Fix: 子メニューの高さがウィンドウからはみ出ることがある問題を修正
|
||||||
|
- Fix: 個人宛てのダイアログ形式のお知らせが即時表示されない問題を修正
|
||||||
|
- Fix: 一部の画像がセンシティブ指定されているときに画面に何も表示されないことがあるのを修正
|
||||||
|
|
||||||
### Server
|
### Server
|
||||||
- チャート生成時にinstance.suspentionStateに置き換えられたinstance.isSuspendedが参照されてしまう問題を修正
|
|
||||||
- Feat: レートリミット制限に引っかかったときに`Retry-After`ヘッダーを返すように (#13949)
|
- Feat: レートリミット制限に引っかかったときに`Retry-After`ヘッダーを返すように (#13949)
|
||||||
- Fix: ユーザーのフィードページのMFMをHTMLに展開するように (#14006)
|
|
||||||
- Fix: アンテナ・クリップ・リスト・ウェブフックがロールポリシーの上限より一つ多く作れてしまうのを修正 (#14036)
|
|
||||||
- Enhance: エンドポイント`clips/update`の必須項目を`clipId`のみに
|
- Enhance: エンドポイント`clips/update`の必須項目を`clipId`のみに
|
||||||
- Enhance: エンドポイント`admin/roles/update`の必須項目を`roleId`のみに
|
- Enhance: エンドポイント`admin/roles/update`の必須項目を`roleId`のみに
|
||||||
- Enhance: エンドポイント`pages/update`の必須項目を`pageId`のみに
|
- Enhance: エンドポイント`pages/update`の必須項目を`pageId`のみに
|
||||||
- Enhance: エンドポイント`gallery/posts/update`の必須項目を`postId`のみに
|
- Enhance: エンドポイント`gallery/posts/update`の必須項目を`postId`のみに
|
||||||
- Enhance: エンドポイント`i/webhook/update`の必須項目を`webhookId`のみに
|
- Enhance: エンドポイント`i/webhook/update`の必須項目を`webhookId`のみに
|
||||||
- Enhance: エンドポイント`admin/ad/update`の必須項目を`id`のみに
|
- Enhance: エンドポイント`admin/ad/update`の必須項目を`id`のみに
|
||||||
|
- Enhance: `default.yml`内の`url`, `db.db`, `db.user`, `db.pass`を環境変数から読み込めるように
|
||||||
|
- Fix: チャート生成時にinstance.suspensionStateに置き換えられたinstance.isSuspendedが参照されてしまう問題を修正
|
||||||
|
- Fix: ユーザーのフィードページのMFMをHTMLに展開するように (#14006)
|
||||||
|
- Fix: アンテナ・クリップ・リスト・ウェブフックがロールポリシーの上限より一つ多く作れてしまうのを修正 (#14036)
|
||||||
- Fix: notRespondingSinceが実装される前に不通になったインスタンスが自動的に配信停止にならない (#14059)
|
- Fix: notRespondingSinceが実装される前に不通になったインスタンスが自動的に配信停止にならない (#14059)
|
||||||
- Fix: FTT有効時、タイムライン用エンドポイントで`sinceId`にキャッシュ内最古のものより古いものを指定した場合に正しく結果が返ってこない問題を修正
|
- Fix: FTT有効時、タイムライン用エンドポイントで`sinceId`にキャッシュ内最古のものより古いものを指定した場合に正しく結果が返ってこない問題を修正
|
||||||
- Fix: 自分以外のクリップ内のノート個数が見えることがあるのを修正
|
- Fix: 自分以外のクリップ内のノート個数が見えることがあるのを修正
|
||||||
- Fix: 空文字列のリアクションはフォールバックされるように
|
- Fix: 空文字列のリアクションはフォールバックされるように
|
||||||
- Fix: リノートにリアクションできないように
|
- Fix: リノートにリアクションできないように
|
||||||
|
- Fix: ユーザー名の前後に空白文字列がある場合は省略するように
|
||||||
|
- Fix: プロフィール編集時に名前を空白文字列のみにできる問題を修正
|
||||||
|
- Fix: ユーザ名のサジェスト時に表示される内容と順番を調整(以下の順番になります) #14149
|
||||||
|
1. フォロー中かつアクティブなユーザ
|
||||||
|
2. フォロー中かつ非アクティブなユーザ
|
||||||
|
3. フォローしていないアクティブなユーザ
|
||||||
|
4. フォローしていない非アクティブなユーザ
|
||||||
|
|
||||||
|
また、自分自身のアカウントもサジェストされるようになりました。
|
||||||
|
- Fix: 一般ユーザーから見たユーザーのバッジの一覧に公開されていないものが含まれることがある問題を修正
|
||||||
|
(Cherry-picked from https://github.com/MisskeyIO/misskey/pull/652)
|
||||||
|
- Fix: ユーザーのリアクション一覧でミュート/ブロックが機能していなかった問題を修正
|
||||||
|
- Fix: エラーメッセージの誤字を修正 (#14213)
|
||||||
|
- Fix: ソーシャルタイムラインにローカルタイムラインに表示される自分へのリプライが表示されない問題を修正
|
||||||
|
- Fix: リノートのミュートが適用されるまでに時間がかかることがある問題を修正
|
||||||
|
(Cherry-picked from https://github.com/Type4ny-Project/Type4ny/commit/e9601029b52e0ad43d9131b555b614e56c84ebc1)
|
||||||
|
- Fix: Steaming APIが不正なデータを受けた場合の動作が不安定である問題 #14251
|
||||||
|
|
||||||
|
### Misskey.js
|
||||||
|
- Feat: `/drive/files/create` のリクエストに対応(`multipart/form-data`に対応)
|
||||||
|
- Feat: `/admin/role/create` のロールポリシーの型を修正
|
||||||
|
|
||||||
## 2024.5.0
|
## 2024.5.0
|
||||||
|
|
||||||
|
|
|
@ -106,6 +106,38 @@ If your language is not listed in Crowdin, please open an issue.
|
||||||
![Crowdin](https://d322cqt584bo4o.cloudfront.net/misskey/localized.svg)
|
![Crowdin](https://d322cqt584bo4o.cloudfront.net/misskey/localized.svg)
|
||||||
|
|
||||||
## Development
|
## Development
|
||||||
|
### Setup
|
||||||
|
Before developing, you have to set up environment. Misskey requires Redis, PostgreSQL, and FFmpeg.
|
||||||
|
|
||||||
|
You would want to install Meilisearch to experiment related features. Technically, meilisearch is not strict requirement, but some features and tests require it.
|
||||||
|
|
||||||
|
There are a few ways to proceed.
|
||||||
|
|
||||||
|
#### Use system-wide software
|
||||||
|
You could install them in system-wide (such as from package manager).
|
||||||
|
|
||||||
|
#### Use `docker compose`
|
||||||
|
You could obtain middleware container by typing `docker compose -f $PROJECT_ROOT/compose.local-db.yml up -d`.
|
||||||
|
|
||||||
|
#### Use Devcontainer
|
||||||
|
Devcontainer also has necessary setting. This method can be done by connecting from VSCode.
|
||||||
|
|
||||||
|
Instead of running `pnpm` locally, you can use Dev Container to set up your development environment.
|
||||||
|
To use Dev Container, open the project directory on VSCode with Dev Containers installed.
|
||||||
|
**Note:** If you are using Windows, please clone the repository with WSL. Using Git for Windows will result in broken files due to the difference in how newlines are handled.
|
||||||
|
|
||||||
|
It will run the following command automatically inside the container.
|
||||||
|
``` bash
|
||||||
|
git submodule update --init
|
||||||
|
pnpm install --frozen-lockfile
|
||||||
|
cp .devcontainer/devcontainer.yml .config/default.yml
|
||||||
|
pnpm build
|
||||||
|
pnpm migrate
|
||||||
|
```
|
||||||
|
|
||||||
|
After finishing the migration, you can proceed.
|
||||||
|
|
||||||
|
### Start developing
|
||||||
During development, it is useful to use the
|
During development, it is useful to use the
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -135,26 +167,6 @@ MK_DEV_PREFER=backend pnpm dev
|
||||||
- To change the port of Vite, specify with `VITE_PORT` environment variable.
|
- To change the port of Vite, specify with `VITE_PORT` environment variable.
|
||||||
- HMR may not work in some environments such as Windows.
|
- HMR may not work in some environments such as Windows.
|
||||||
|
|
||||||
### Dev Container
|
|
||||||
Instead of running `pnpm` locally, you can use Dev Container to set up your development environment.
|
|
||||||
To use Dev Container, open the project directory on VSCode with Dev Containers installed.
|
|
||||||
**Note:** If you are using Windows, please clone the repository with WSL. Using Git for Windows will result in broken files due to the difference in how newlines are handled.
|
|
||||||
|
|
||||||
It will run the following command automatically inside the container.
|
|
||||||
``` bash
|
|
||||||
git submodule update --init
|
|
||||||
pnpm install --frozen-lockfile
|
|
||||||
cp .devcontainer/devcontainer.yml .config/default.yml
|
|
||||||
pnpm build
|
|
||||||
pnpm migrate
|
|
||||||
```
|
|
||||||
|
|
||||||
After finishing the migration, run the `pnpm dev` command to start the development server.
|
|
||||||
|
|
||||||
``` bash
|
|
||||||
pnpm dev
|
|
||||||
```
|
|
||||||
|
|
||||||
## Testing
|
## Testing
|
||||||
- Test codes are located in [`/packages/backend/test`](/packages/backend/test).
|
- Test codes are located in [`/packages/backend/test`](/packages/backend/test).
|
||||||
|
|
||||||
|
@ -165,7 +177,7 @@ cp .github/misskey/test.yml .config/
|
||||||
```
|
```
|
||||||
Prepare DB/Redis for testing.
|
Prepare DB/Redis for testing.
|
||||||
```
|
```
|
||||||
docker compose -f packages/backend/test/compose.yaml up
|
docker compose -f packages/backend/test/compose.yml up
|
||||||
```
|
```
|
||||||
Alternatively, prepare an empty (data can be erased) DB and edit `.config/test.yml`.
|
Alternatively, prepare an empty (data can be erased) DB and edit `.config/test.yml`.
|
||||||
|
|
||||||
|
@ -185,7 +197,7 @@ TODO
|
||||||
## Environment Variable
|
## Environment Variable
|
||||||
|
|
||||||
- `MISSKEY_CONFIG_YML`: Specify the file path of config.yml instead of default.yml (e.g. `2nd.yml`).
|
- `MISSKEY_CONFIG_YML`: Specify the file path of config.yml instead of default.yml (e.g. `2nd.yml`).
|
||||||
- `MISSKEY_WEBFINGER_USE_HTTP`: If it's set true, WebFinger requests will be http instead of https, useful for testing federation between servers in localhost. NEVER USE IN PRODUCTION.
|
- `MISSKEY_USE_HTTP`: If it's set true, federation requests (like nodeinfo and webfinger) will be http instead of https, useful for testing federation between servers in localhost. NEVER USE IN PRODUCTION. (was `MISSKEY_WEBFINGER_USE_HTTP`)
|
||||||
|
|
||||||
## Continuous integration
|
## Continuous integration
|
||||||
Misskey uses GitHub Actions for executing automated tests.
|
Misskey uses GitHub Actions for executing automated tests.
|
||||||
|
|
|
@ -178,12 +178,12 @@ id: "aidx"
|
||||||
#clusterLimit: 1
|
#clusterLimit: 1
|
||||||
|
|
||||||
# Job concurrency per worker
|
# Job concurrency per worker
|
||||||
# deliverJobConcurrency: 128
|
# deliverJobConcurrency: 16
|
||||||
# inboxJobConcurrency: 16
|
# inboxJobConcurrency: 4
|
||||||
|
|
||||||
# Job rate limiter
|
# Job rate limiter
|
||||||
# deliverJobPerSec: 128
|
# deliverJobPerSec: 1024
|
||||||
# inboxJobPerSec: 32
|
# inboxJobPerSec: 64
|
||||||
|
|
||||||
# Job attempts
|
# Job attempts
|
||||||
# deliverJobMaxAttempts: 12
|
# deliverJobMaxAttempts: 12
|
||||||
|
|
|
@ -17,6 +17,8 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- internal_network
|
- internal_network
|
||||||
- external_network
|
- external_network
|
||||||
|
# env_file:
|
||||||
|
# - .config/docker.env
|
||||||
volumes:
|
volumes:
|
||||||
- ./files:/misskey/files
|
- ./files:/misskey/files
|
||||||
- ./.config:/misskey/.config:ro
|
- ./.config:/misskey/.config:ro
|
||||||
|
|
|
@ -736,6 +736,22 @@ export interface Locale extends ILocale {
|
||||||
* リモートで表示
|
* リモートで表示
|
||||||
*/
|
*/
|
||||||
"showOnRemote": string;
|
"showOnRemote": string;
|
||||||
|
/**
|
||||||
|
* リモートで続行
|
||||||
|
*/
|
||||||
|
"continueOnRemote": string;
|
||||||
|
/**
|
||||||
|
* Misskey Hubからサーバーを選択
|
||||||
|
*/
|
||||||
|
"chooseServerOnMisskeyHub": string;
|
||||||
|
/**
|
||||||
|
* サーバーのドメインを直接指定
|
||||||
|
*/
|
||||||
|
"specifyServerHost": string;
|
||||||
|
/**
|
||||||
|
* ドメインを入力してください
|
||||||
|
*/
|
||||||
|
"inputHostName": string;
|
||||||
/**
|
/**
|
||||||
* 全般
|
* 全般
|
||||||
*/
|
*/
|
||||||
|
@ -1921,9 +1937,13 @@ export interface Locale extends ILocale {
|
||||||
*/
|
*/
|
||||||
"onlyOneFileCanBeAttached": string;
|
"onlyOneFileCanBeAttached": string;
|
||||||
/**
|
/**
|
||||||
* 続行する前に、サインアップまたはサインインが必要です
|
* 続行する前に、登録またはログインが必要です
|
||||||
*/
|
*/
|
||||||
"signinRequired": string;
|
"signinRequired": string;
|
||||||
|
/**
|
||||||
|
* 続行するには、お使いのサーバーに移動するか、このサーバーに登録・ログインする必要があります
|
||||||
|
*/
|
||||||
|
"signinOrContinueOnRemote": string;
|
||||||
/**
|
/**
|
||||||
* 招待
|
* 招待
|
||||||
*/
|
*/
|
||||||
|
@ -4984,6 +5004,18 @@ export interface Locale extends ILocale {
|
||||||
* お問い合わせ
|
* お問い合わせ
|
||||||
*/
|
*/
|
||||||
"inquiry": string;
|
"inquiry": string;
|
||||||
|
/**
|
||||||
|
* もう一度お試しください。
|
||||||
|
*/
|
||||||
|
"tryAgain": string;
|
||||||
|
/**
|
||||||
|
* センシティブなメディアを表示するとき確認する
|
||||||
|
*/
|
||||||
|
"confirmWhenRevealingSensitiveMedia": string;
|
||||||
|
/**
|
||||||
|
* センシティブなメディアです。表示しますか?
|
||||||
|
*/
|
||||||
|
"sensitiveMediaRevealConfirm": string;
|
||||||
"_delivery": {
|
"_delivery": {
|
||||||
/**
|
/**
|
||||||
* 配信状態
|
* 配信状態
|
||||||
|
@ -6594,6 +6626,10 @@ export interface Locale extends ILocale {
|
||||||
* ファイルにNSFWを常に付与
|
* ファイルにNSFWを常に付与
|
||||||
*/
|
*/
|
||||||
"alwaysMarkNsfw": string;
|
"alwaysMarkNsfw": string;
|
||||||
|
/**
|
||||||
|
* アイコンとバナーの更新を許可
|
||||||
|
*/
|
||||||
|
"canUpdateBioMedia": string;
|
||||||
/**
|
/**
|
||||||
* ノートのピン留めの最大数
|
* ノートのピン留めの最大数
|
||||||
*/
|
*/
|
||||||
|
@ -7515,14 +7551,6 @@ export interface Locale extends ILocale {
|
||||||
* 通知
|
* 通知
|
||||||
*/
|
*/
|
||||||
"notification": string;
|
"notification": string;
|
||||||
/**
|
|
||||||
* アンテナ受信
|
|
||||||
*/
|
|
||||||
"antenna": string;
|
|
||||||
/**
|
|
||||||
* チャンネル通知
|
|
||||||
*/
|
|
||||||
"channel": string;
|
|
||||||
/**
|
/**
|
||||||
* リアクション選択時
|
* リアクション選択時
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -52,7 +52,11 @@ const primaries = {
|
||||||
const clean = (text) => text.replace(new RegExp(String.fromCodePoint(0x08), 'g'), '');
|
const clean = (text) => text.replace(new RegExp(String.fromCodePoint(0x08), 'g'), '');
|
||||||
|
|
||||||
export function build() {
|
export function build() {
|
||||||
const locales = languages.reduce((a, c) => (a[c] = yaml.load(clean(fs.readFileSync(new URL(`${c}.yml`, import.meta.url), 'utf-8'))) || {}, a), {});
|
// vitestの挙動を調整するため、一度ローカル変数化する必要がある
|
||||||
|
// https://github.com/vitest-dev/vitest/issues/3988#issuecomment-1686599577
|
||||||
|
// https://github.com/misskey-dev/misskey/pull/14057#issuecomment-2192833785
|
||||||
|
const metaUrl = import.meta.url;
|
||||||
|
const locales = languages.reduce((a, c) => (a[c] = yaml.load(clean(fs.readFileSync(new URL(`${c}.yml`, metaUrl), 'utf-8'))) || {}, a), {});
|
||||||
|
|
||||||
// 空文字列が入ることがあり、フォールバックが動作しなくなるのでプロパティごと消す
|
// 空文字列が入ることがあり、フォールバックが動作しなくなるのでプロパティごと消す
|
||||||
const removeEmpty = (obj) => {
|
const removeEmpty = (obj) => {
|
||||||
|
|
|
@ -180,6 +180,10 @@ addAccount: "アカウントを追加"
|
||||||
reloadAccountsList: "アカウントリストの情報を更新"
|
reloadAccountsList: "アカウントリストの情報を更新"
|
||||||
loginFailed: "ログインに失敗しました"
|
loginFailed: "ログインに失敗しました"
|
||||||
showOnRemote: "リモートで表示"
|
showOnRemote: "リモートで表示"
|
||||||
|
continueOnRemote: "リモートで続行"
|
||||||
|
chooseServerOnMisskeyHub: "Misskey Hubからサーバーを選択"
|
||||||
|
specifyServerHost: "サーバーのドメインを直接指定"
|
||||||
|
inputHostName: "ドメインを入力してください"
|
||||||
general: "全般"
|
general: "全般"
|
||||||
wallpaper: "壁紙"
|
wallpaper: "壁紙"
|
||||||
setWallpaper: "壁紙を設定"
|
setWallpaper: "壁紙を設定"
|
||||||
|
@ -476,7 +480,8 @@ attachAsFileQuestion: "クリップボードのテキストが長いです。テ
|
||||||
noMessagesYet: "まだチャットはありません"
|
noMessagesYet: "まだチャットはありません"
|
||||||
newMessageExists: "新しいメッセージがあります"
|
newMessageExists: "新しいメッセージがあります"
|
||||||
onlyOneFileCanBeAttached: "メッセージに添付できるファイルはひとつです"
|
onlyOneFileCanBeAttached: "メッセージに添付できるファイルはひとつです"
|
||||||
signinRequired: "続行する前に、サインアップまたはサインインが必要です"
|
signinRequired: "続行する前に、登録またはログインが必要です"
|
||||||
|
signinOrContinueOnRemote: "続行するには、お使いのサーバーに移動するか、このサーバーに登録・ログインする必要があります"
|
||||||
invitations: "招待"
|
invitations: "招待"
|
||||||
invitationCode: "招待コード"
|
invitationCode: "招待コード"
|
||||||
checking: "確認しています"
|
checking: "確認しています"
|
||||||
|
@ -1242,6 +1247,9 @@ keepOriginalFilenameDescription: "この設定をオフにすると、アップ
|
||||||
noDescription: "説明文はありません"
|
noDescription: "説明文はありません"
|
||||||
alwaysConfirmFollow: "フォローの際常に確認する"
|
alwaysConfirmFollow: "フォローの際常に確認する"
|
||||||
inquiry: "お問い合わせ"
|
inquiry: "お問い合わせ"
|
||||||
|
tryAgain: "もう一度お試しください。"
|
||||||
|
confirmWhenRevealingSensitiveMedia: "センシティブなメディアを表示するとき確認する"
|
||||||
|
sensitiveMediaRevealConfirm: "センシティブなメディアです。表示しますか?"
|
||||||
|
|
||||||
_delivery:
|
_delivery:
|
||||||
status: "配信状態"
|
status: "配信状態"
|
||||||
|
@ -1705,6 +1713,7 @@ _role:
|
||||||
canManageAvatarDecorations: "アバターデコレーションの管理"
|
canManageAvatarDecorations: "アバターデコレーションの管理"
|
||||||
driveCapacity: "ドライブ容量"
|
driveCapacity: "ドライブ容量"
|
||||||
alwaysMarkNsfw: "ファイルにNSFWを常に付与"
|
alwaysMarkNsfw: "ファイルにNSFWを常に付与"
|
||||||
|
canUpdateBioMedia: "アイコンとバナーの更新を許可"
|
||||||
pinMax: "ノートのピン留めの最大数"
|
pinMax: "ノートのピン留めの最大数"
|
||||||
antennaMax: "アンテナの作成可能数"
|
antennaMax: "アンテナの作成可能数"
|
||||||
wordMuteMax: "ワードミュートの最大文字数"
|
wordMuteMax: "ワードミュートの最大文字数"
|
||||||
|
@ -1971,8 +1980,6 @@ _sfx:
|
||||||
note: "ノート"
|
note: "ノート"
|
||||||
noteMy: "ノート(自分)"
|
noteMy: "ノート(自分)"
|
||||||
notification: "通知"
|
notification: "通知"
|
||||||
antenna: "アンテナ受信"
|
|
||||||
channel: "チャンネル通知"
|
|
||||||
reaction: "リアクション選択時"
|
reaction: "リアクション選択時"
|
||||||
|
|
||||||
_soundSettings:
|
_soundSettings:
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
Subproject commit 0179793ec891856d6f37a3be16ba4c22f67a81b5
|
|
24
package.json
24
package.json
|
@ -1,12 +1,12 @@
|
||||||
{
|
{
|
||||||
"name": "misskey",
|
"name": "misskey",
|
||||||
"version": "2024.5.0",
|
"version": "2024.7.0-beta.1",
|
||||||
"codename": "nasubi",
|
"codename": "nasubi",
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/misskey-dev/misskey.git"
|
"url": "https://github.com/misskey-dev/misskey.git"
|
||||||
},
|
},
|
||||||
"packageManager": "pnpm@9.0.6",
|
"packageManager": "pnpm@9.5.0",
|
||||||
"workspaces": [
|
"workspaces": [
|
||||||
"packages/frontend",
|
"packages/frontend",
|
||||||
"packages/backend",
|
"packages/backend",
|
||||||
|
@ -55,20 +55,22 @@
|
||||||
"js-yaml": "4.1.0",
|
"js-yaml": "4.1.0",
|
||||||
"postcss": "8.4.38",
|
"postcss": "8.4.38",
|
||||||
"tar": "6.2.1",
|
"tar": "6.2.1",
|
||||||
"terser": "5.30.3",
|
"terser": "5.31.1",
|
||||||
"typescript": "5.5.2",
|
"typescript": "5.5.3",
|
||||||
"esbuild": "0.20.2",
|
"esbuild": "0.22.0",
|
||||||
"glob": "10.3.12"
|
"glob": "10.3.12"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@types/node": "20.12.7",
|
"@misskey-dev/eslint-plugin": "2.0.2",
|
||||||
"@typescript-eslint/eslint-plugin": "7.7.1",
|
"@types/node": "20.14.9",
|
||||||
"@typescript-eslint/parser": "7.7.1",
|
"@typescript-eslint/eslint-plugin": "7.15.0",
|
||||||
|
"@typescript-eslint/parser": "7.15.0",
|
||||||
"cross-env": "7.0.3",
|
"cross-env": "7.0.3",
|
||||||
"cypress": "13.7.3",
|
"cypress": "13.13.0",
|
||||||
"eslint": "8.57.0",
|
"eslint": "9.6.0",
|
||||||
|
"globals": "15.7.0",
|
||||||
"ncp": "2.0.0",
|
"ncp": "2.0.0",
|
||||||
"start-server-and-test": "2.0.3"
|
"start-server-and-test": "2.0.4"
|
||||||
},
|
},
|
||||||
"optionalDependencies": {
|
"optionalDependencies": {
|
||||||
"@tensorflow/tfjs-core": "4.4.0"
|
"@tensorflow/tfjs-core": "4.4.0"
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
node_modules
|
|
||||||
/built
|
|
||||||
/.eslintrc.js
|
|
||||||
/@types/**/*
|
|
|
@ -1,32 +0,0 @@
|
||||||
module.exports = {
|
|
||||||
parserOptions: {
|
|
||||||
tsconfigRootDir: __dirname,
|
|
||||||
project: ['./tsconfig.json', './test/tsconfig.json'],
|
|
||||||
},
|
|
||||||
extends: [
|
|
||||||
'../shared/.eslintrc.js',
|
|
||||||
],
|
|
||||||
rules: {
|
|
||||||
'import/order': ['warn', {
|
|
||||||
'groups': ['builtin', 'external', 'internal', 'parent', 'sibling', 'index', 'object', 'type'],
|
|
||||||
'pathGroups': [
|
|
||||||
{
|
|
||||||
'pattern': '@/**',
|
|
||||||
'group': 'external',
|
|
||||||
'position': 'after'
|
|
||||||
}
|
|
||||||
],
|
|
||||||
}],
|
|
||||||
'no-restricted-globals': [
|
|
||||||
'error',
|
|
||||||
{
|
|
||||||
'name': '__dirname',
|
|
||||||
'message': 'Not in ESModule. Use `import.meta.url` instead.'
|
|
||||||
},
|
|
||||||
{
|
|
||||||
'name': '__filename',
|
|
||||||
'message': 'Not in ESModule. Use `import.meta.url` instead.'
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
};
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>Misskey API</title>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
margin: 0;
|
||||||
|
padding: 0;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<script
|
||||||
|
id="api-reference"
|
||||||
|
data-url="/api.json"></script>
|
||||||
|
<script src="https://cdn.jsdelivr.net/npm/@scalar/api-reference"></script>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -1,24 +0,0 @@
|
||||||
<!DOCTYPE html>
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<title>Misskey API</title>
|
|
||||||
<!-- needed for adaptive design -->
|
|
||||||
<meta charset="utf-8"/>
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
||||||
<link href="https://fonts.googleapis.com/css?family=Montserrat:300,400,700|Roboto:300,400,700" rel="stylesheet">
|
|
||||||
|
|
||||||
<!--
|
|
||||||
ReDoc doesn't change outer page styles
|
|
||||||
-->
|
|
||||||
<style>
|
|
||||||
body {
|
|
||||||
margin: 0;
|
|
||||||
padding: 0;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<redoc spec-url="/api.json" expand-responses="200" expand-single-schema-field="true"></redoc>
|
|
||||||
<script src="https://cdn.redoc.ly/redoc/v2.1.3/bundles/redoc.standalone.js" integrity="sha256-u4DgqzYXoArvNF/Ymw3puKexfOC6lYfw0sfmeliBJ1I=" crossorigin="anonymous"></script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
import tsParser from '@typescript-eslint/parser';
|
||||||
|
import sharedConfig from '../shared/eslint.config.js';
|
||||||
|
|
||||||
|
export default [
|
||||||
|
...sharedConfig,
|
||||||
|
{
|
||||||
|
ignores: ['**/node_modules', 'built', '@types/**/*', 'migration'],
|
||||||
|
},
|
||||||
|
{
|
||||||
|
files: ['**/*.ts', '**/*.tsx'],
|
||||||
|
languageOptions: {
|
||||||
|
parserOptions: {
|
||||||
|
parser: tsParser,
|
||||||
|
project: ['./tsconfig.json', './test/tsconfig.json'],
|
||||||
|
sourceType: 'module',
|
||||||
|
tsconfigRootDir: import.meta.dirname,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
rules: {
|
||||||
|
'import/order': ['warn', {
|
||||||
|
groups: [
|
||||||
|
'builtin',
|
||||||
|
'external',
|
||||||
|
'internal',
|
||||||
|
'parent',
|
||||||
|
'sibling',
|
||||||
|
'index',
|
||||||
|
'object',
|
||||||
|
'type',
|
||||||
|
],
|
||||||
|
pathGroups: [{
|
||||||
|
pattern: '@/**',
|
||||||
|
group: 'external',
|
||||||
|
position: 'after',
|
||||||
|
}],
|
||||||
|
}],
|
||||||
|
'no-restricted-globals': ['error', {
|
||||||
|
name: '__dirname',
|
||||||
|
message: 'Not in ESModule. Use `import.meta.url` instead.',
|
||||||
|
}, {
|
||||||
|
name: '__filename',
|
||||||
|
message: 'Not in ESModule. Use `import.meta.url` instead.',
|
||||||
|
}],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
];
|
|
@ -0,0 +1,39 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
export class APMultipleKeys1708980134301 {
|
||||||
|
name = 'APMultipleKeys1708980134301'
|
||||||
|
|
||||||
|
async up(queryRunner) {
|
||||||
|
await queryRunner.query(`DROP INDEX "public"."IDX_171e64971c780ebd23fae140bb"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_keypair" ADD "ed25519PublicKey" character varying(128)`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_keypair" ADD "ed25519PrivateKey" character varying(128)`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "FK_10c146e4b39b443ede016f6736d"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "PK_10c146e4b39b443ede016f6736d"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "PK_0db6a5fdb992323449edc8ee421" PRIMARY KEY ("userId", "keyId")`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "PK_0db6a5fdb992323449edc8ee421"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "PK_171e64971c780ebd23fae140bba" PRIMARY KEY ("keyId")`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "UQ_10c146e4b39b443ede016f6736d" UNIQUE ("userId")`);
|
||||||
|
await queryRunner.query(`CREATE INDEX "IDX_10c146e4b39b443ede016f6736" ON "user_publickey" ("userId") `);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "FK_10c146e4b39b443ede016f6736d" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
||||||
|
}
|
||||||
|
|
||||||
|
async down(queryRunner) {
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "FK_10c146e4b39b443ede016f6736d"`);
|
||||||
|
await queryRunner.query(`DROP INDEX "public"."IDX_10c146e4b39b443ede016f6736"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "UQ_10c146e4b39b443ede016f6736d"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "PK_171e64971c780ebd23fae140bba"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "PK_0db6a5fdb992323449edc8ee421" PRIMARY KEY ("userId", "keyId")`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "PK_0db6a5fdb992323449edc8ee421"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "PK_10c146e4b39b443ede016f6736d" PRIMARY KEY ("userId")`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "FK_10c146e4b39b443ede016f6736d" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_profile" ALTER COLUMN "followersVisibility" DROP DEFAULT`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_profile" ALTER COLUMN "followersVisibility" TYPE "public"."user_profile_followersVisibility_enum_old" USING "followersVisibility"::"text"::"public"."user_profile_followersVisibility_enum_old"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_profile" ALTER COLUMN "followersVisibility" SET DEFAULT 'public'`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_keypair" DROP COLUMN "ed25519PrivateKey"`);
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_keypair" DROP COLUMN "ed25519PublicKey"`);
|
||||||
|
await queryRunner.query(`CREATE UNIQUE INDEX "IDX_171e64971c780ebd23fae140bb" ON "user_publickey" ("keyId") `);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,16 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
export class HttpSignImplLv1709242519122 {
|
||||||
|
name = 'HttpSignImplLv1709242519122'
|
||||||
|
|
||||||
|
async up(queryRunner) {
|
||||||
|
await queryRunner.query(`ALTER TABLE "instance" ADD "httpMessageSignaturesImplementationLevel" character varying(16) NOT NULL DEFAULT '00'`);
|
||||||
|
}
|
||||||
|
|
||||||
|
async down(queryRunner) {
|
||||||
|
await queryRunner.query(`ALTER TABLE "instance" DROP COLUMN "httpMessageSignaturesImplementationLevel"`);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,16 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
export class APMultipleKeys1709269211718 {
|
||||||
|
name = 'APMultipleKeys1709269211718'
|
||||||
|
|
||||||
|
async up(queryRunner) {
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" DROP CONSTRAINT "UQ_10c146e4b39b443ede016f6736d"`);
|
||||||
|
}
|
||||||
|
|
||||||
|
async down(queryRunner) {
|
||||||
|
await queryRunner.query(`ALTER TABLE "user_publickey" ADD CONSTRAINT "UQ_10c146e4b39b443ede016f6736d" UNIQUE ("userId")`);
|
||||||
|
}
|
||||||
|
}
|
|
@ -65,43 +65,43 @@
|
||||||
"utf-8-validate": "6.0.3"
|
"utf-8-validate": "6.0.3"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@aws-sdk/client-s3": "3.412.0",
|
"@aws-sdk/client-s3": "3.600.0",
|
||||||
"@aws-sdk/lib-storage": "3.412.0",
|
"@aws-sdk/lib-storage": "3.600.0",
|
||||||
"@bull-board/api": "5.17.0",
|
"@bull-board/api": "5.20.5",
|
||||||
"@bull-board/fastify": "5.17.0",
|
"@bull-board/fastify": "5.20.5",
|
||||||
"@bull-board/ui": "5.17.0",
|
"@bull-board/ui": "5.20.5",
|
||||||
"@discordapp/twemoji": "15.0.3",
|
"@discordapp/twemoji": "15.0.3",
|
||||||
"@fastify/accepts": "4.3.0",
|
"@fastify/accepts": "4.3.0",
|
||||||
"@fastify/cookie": "9.3.1",
|
"@fastify/cookie": "9.3.1",
|
||||||
"@fastify/cors": "9.0.1",
|
"@fastify/cors": "9.0.1",
|
||||||
"@fastify/express": "3.0.0",
|
"@fastify/express": "3.0.0",
|
||||||
"@fastify/http-proxy": "9.5.0",
|
"@fastify/http-proxy": "9.5.0",
|
||||||
"@fastify/multipart": "8.2.0",
|
"@fastify/multipart": "8.3.0",
|
||||||
"@fastify/static": "7.0.3",
|
"@fastify/static": "7.0.4",
|
||||||
"@fastify/view": "9.1.0",
|
"@fastify/view": "9.1.0",
|
||||||
|
"@misskey-dev/node-http-message-signatures": "0.0.10",
|
||||||
"@misskey-dev/sharp-read-bmp": "1.2.0",
|
"@misskey-dev/sharp-read-bmp": "1.2.0",
|
||||||
"@misskey-dev/summaly": "5.1.0",
|
"@misskey-dev/summaly": "5.1.0",
|
||||||
"@napi-rs/canvas": "^0.1.52",
|
"@napi-rs/canvas": "^0.1.53",
|
||||||
"@nestjs/common": "10.3.8",
|
"@nestjs/common": "10.3.10",
|
||||||
"@nestjs/core": "10.3.8",
|
"@nestjs/core": "10.3.10",
|
||||||
"@nestjs/testing": "10.3.8",
|
"@nestjs/testing": "10.3.10",
|
||||||
"@peertube/http-signature": "1.7.0",
|
"@sentry/node": "8.13.0",
|
||||||
"@sentry/node": "^8.5.0",
|
"@sentry/profiling-node": "8.13.0",
|
||||||
"@sentry/profiling-node": "^8.5.0",
|
|
||||||
"@simplewebauthn/server": "10.0.0",
|
"@simplewebauthn/server": "10.0.0",
|
||||||
"@sinonjs/fake-timers": "11.2.2",
|
"@sinonjs/fake-timers": "11.2.2",
|
||||||
"@smithy/node-http-handler": "2.5.0",
|
"@smithy/node-http-handler": "2.5.0",
|
||||||
"@swc/cli": "0.3.12",
|
"@swc/cli": "0.3.12",
|
||||||
"@swc/core": "1.4.17",
|
"@swc/core": "1.6.6",
|
||||||
"@twemoji/parser": "15.1.1",
|
"@twemoji/parser": "15.1.1",
|
||||||
"accepts": "1.3.8",
|
"accepts": "1.3.8",
|
||||||
"ajv": "8.13.0",
|
"ajv": "8.16.0",
|
||||||
"archiver": "7.0.1",
|
"archiver": "7.0.1",
|
||||||
"async-mutex": "0.5.0",
|
"async-mutex": "0.5.0",
|
||||||
"bcryptjs": "2.4.3",
|
"bcryptjs": "2.4.3",
|
||||||
"blurhash": "2.0.5",
|
"blurhash": "2.0.5",
|
||||||
"body-parser": "1.20.2",
|
"body-parser": "1.20.2",
|
||||||
"bullmq": "5.7.8",
|
"bullmq": "5.8.3",
|
||||||
"cacheable-lookup": "7.0.0",
|
"cacheable-lookup": "7.0.0",
|
||||||
"cbor": "9.0.2",
|
"cbor": "9.0.2",
|
||||||
"chalk": "5.3.0",
|
"chalk": "5.3.0",
|
||||||
|
@ -112,27 +112,27 @@
|
||||||
"content-disposition": "0.5.4",
|
"content-disposition": "0.5.4",
|
||||||
"date-fns": "2.30.0",
|
"date-fns": "2.30.0",
|
||||||
"deep-email-validator": "0.1.21",
|
"deep-email-validator": "0.1.21",
|
||||||
"fastify": "4.26.2",
|
"fastify": "4.28.1",
|
||||||
"fastify-raw-body": "4.3.0",
|
"fastify-raw-body": "4.3.0",
|
||||||
"feed": "4.2.2",
|
"feed": "4.2.2",
|
||||||
"file-type": "19.0.0",
|
"file-type": "19.0.0",
|
||||||
"fluent-ffmpeg": "2.1.2",
|
"fluent-ffmpeg": "2.1.3",
|
||||||
"form-data": "4.0.0",
|
"form-data": "4.0.0",
|
||||||
"got": "14.2.1",
|
"got": "14.4.1",
|
||||||
"happy-dom": "10.0.3",
|
"happy-dom": "10.0.3",
|
||||||
"hpagent": "1.2.0",
|
"hpagent": "1.2.0",
|
||||||
"htmlescape": "1.1.1",
|
"htmlescape": "1.1.1",
|
||||||
"http-link-header": "1.1.3",
|
"http-link-header": "1.1.3",
|
||||||
"ioredis": "5.4.1",
|
"ioredis": "5.4.1",
|
||||||
"ip-cidr": "3.1.0",
|
"ip-cidr": "4.0.1",
|
||||||
"ipaddr.js": "2.2.0",
|
"ipaddr.js": "2.2.0",
|
||||||
"is-svg": "5.0.0",
|
"is-svg": "5.0.1",
|
||||||
"js-yaml": "4.1.0",
|
"js-yaml": "4.1.0",
|
||||||
"jsdom": "24.0.0",
|
"jsdom": "24.1.0",
|
||||||
"json5": "2.2.3",
|
"json5": "2.2.3",
|
||||||
"jsonld": "8.3.2",
|
"jsonld": "8.3.2",
|
||||||
"jsrsasign": "11.1.0",
|
"jsrsasign": "11.1.0",
|
||||||
"meilisearch": "0.38.0",
|
"meilisearch": "0.41.0",
|
||||||
"mfm-js": "0.24.0",
|
"mfm-js": "0.24.0",
|
||||||
"microformats-parser": "2.0.2",
|
"microformats-parser": "2.0.2",
|
||||||
"mime-types": "2.1.35",
|
"mime-types": "2.1.35",
|
||||||
|
@ -142,24 +142,24 @@
|
||||||
"nanoid": "5.0.7",
|
"nanoid": "5.0.7",
|
||||||
"nested-property": "4.0.0",
|
"nested-property": "4.0.0",
|
||||||
"node-fetch": "3.3.2",
|
"node-fetch": "3.3.2",
|
||||||
"nodemailer": "6.9.13",
|
"nodemailer": "6.9.14",
|
||||||
"nsfwjs": "2.4.2",
|
"nsfwjs": "2.4.2",
|
||||||
"oauth": "0.10.0",
|
"oauth": "0.10.0",
|
||||||
"oauth2orize": "1.12.0",
|
"oauth2orize": "1.12.0",
|
||||||
"oauth2orize-pkce": "0.1.2",
|
"oauth2orize-pkce": "0.1.2",
|
||||||
"os-utils": "0.0.14",
|
"os-utils": "0.0.14",
|
||||||
"otpauth": "9.2.3",
|
"otpauth": "9.3.1",
|
||||||
"parse5": "7.1.2",
|
"parse5": "7.1.2",
|
||||||
"pg": "8.11.5",
|
"pg": "8.12.0",
|
||||||
"pkce-challenge": "4.1.0",
|
"pkce-challenge": "4.1.0",
|
||||||
"probe-image-size": "7.2.3",
|
"probe-image-size": "7.2.3",
|
||||||
"promise-limit": "2.7.0",
|
"promise-limit": "2.7.0",
|
||||||
"pug": "3.0.2",
|
"pug": "3.0.3",
|
||||||
"punycode": "2.3.1",
|
"punycode": "2.3.1",
|
||||||
"qrcode": "1.5.3",
|
"qrcode": "1.5.3",
|
||||||
"random-seed": "0.3.0",
|
"random-seed": "0.3.0",
|
||||||
"ratelimiter": "3.4.1",
|
"ratelimiter": "3.4.1",
|
||||||
"re2": "1.21.2",
|
"re2": "1.21.3",
|
||||||
"redis-lock": "0.1.4",
|
"redis-lock": "0.1.4",
|
||||||
"reflect-metadata": "0.2.2",
|
"reflect-metadata": "0.2.2",
|
||||||
"rename": "1.0.4",
|
"rename": "1.0.4",
|
||||||
|
@ -167,27 +167,26 @@
|
||||||
"rxjs": "7.8.1",
|
"rxjs": "7.8.1",
|
||||||
"sanitize-html": "2.13.0",
|
"sanitize-html": "2.13.0",
|
||||||
"secure-json-parse": "2.7.0",
|
"secure-json-parse": "2.7.0",
|
||||||
"sharp": "0.33.3",
|
"sharp": "0.33.4",
|
||||||
"slacc": "0.0.10",
|
"slacc": "0.0.10",
|
||||||
"strict-event-emitter-types": "2.0.0",
|
"strict-event-emitter-types": "2.0.0",
|
||||||
"stringz": "2.1.0",
|
"stringz": "2.1.0",
|
||||||
"systeminformation": "5.22.7",
|
"systeminformation": "5.22.11",
|
||||||
"tinycolor2": "1.6.0",
|
"tinycolor2": "1.6.0",
|
||||||
"tmp": "0.2.3",
|
"tmp": "0.2.3",
|
||||||
"tsc-alias": "1.8.8",
|
"tsc-alias": "1.8.10",
|
||||||
"tsconfig-paths": "4.2.0",
|
"tsconfig-paths": "4.2.0",
|
||||||
"typeorm": "0.3.20",
|
"typeorm": "0.3.20",
|
||||||
"typescript": "5.5.2",
|
"typescript": "5.5.3",
|
||||||
"ulid": "2.3.0",
|
"ulid": "2.3.0",
|
||||||
"vary": "1.1.2",
|
"vary": "1.1.2",
|
||||||
"web-push": "3.6.7",
|
"web-push": "3.6.7",
|
||||||
"ws": "8.17.0",
|
"ws": "8.17.1",
|
||||||
"xev": "3.0.2"
|
"xev": "3.0.2"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@jest/globals": "29.7.0",
|
"@jest/globals": "29.7.0",
|
||||||
"@misskey-dev/eslint-plugin": "1.0.0",
|
"@nestjs/platform-express": "10.3.10",
|
||||||
"@nestjs/platform-express": "10.3.8",
|
|
||||||
"@simplewebauthn/types": "10.0.0",
|
"@simplewebauthn/types": "10.0.0",
|
||||||
"@swc/jest": "0.2.36",
|
"@swc/jest": "0.2.36",
|
||||||
"@types/accepts": "1.3.7",
|
"@types/accepts": "1.3.7",
|
||||||
|
@ -197,21 +196,21 @@
|
||||||
"@types/color-convert": "2.0.3",
|
"@types/color-convert": "2.0.3",
|
||||||
"@types/content-disposition": "0.5.8",
|
"@types/content-disposition": "0.5.8",
|
||||||
"@types/fluent-ffmpeg": "2.1.24",
|
"@types/fluent-ffmpeg": "2.1.24",
|
||||||
"@types/htmlescape": "^1.1.3",
|
"@types/htmlescape": "1.1.3",
|
||||||
"@types/http-link-header": "1.0.5",
|
"@types/http-link-header": "1.0.7",
|
||||||
"@types/jest": "29.5.12",
|
"@types/jest": "29.5.12",
|
||||||
"@types/js-yaml": "4.0.9",
|
"@types/js-yaml": "4.0.9",
|
||||||
"@types/jsdom": "21.1.6",
|
"@types/jsdom": "21.1.7",
|
||||||
"@types/jsonld": "1.5.13",
|
"@types/jsonld": "1.5.14",
|
||||||
"@types/jsrsasign": "10.5.14",
|
"@types/jsrsasign": "10.5.14",
|
||||||
"@types/mime-types": "2.1.4",
|
"@types/mime-types": "2.1.4",
|
||||||
"@types/ms": "0.7.34",
|
"@types/ms": "0.7.34",
|
||||||
"@types/node": "20.12.7",
|
"@types/node": "20.14.9",
|
||||||
"@types/nodemailer": "6.4.15",
|
"@types/nodemailer": "6.4.15",
|
||||||
"@types/oauth": "0.9.4",
|
"@types/oauth": "0.9.5",
|
||||||
"@types/oauth2orize": "1.11.5",
|
"@types/oauth2orize": "1.11.5",
|
||||||
"@types/oauth2orize-pkce": "0.1.2",
|
"@types/oauth2orize-pkce": "0.1.2",
|
||||||
"@types/pg": "8.11.5",
|
"@types/pg": "8.11.6",
|
||||||
"@types/pug": "2.0.10",
|
"@types/pug": "2.0.10",
|
||||||
"@types/punycode": "2.1.4",
|
"@types/punycode": "2.1.4",
|
||||||
"@types/qrcode": "1.5.5",
|
"@types/qrcode": "1.5.5",
|
||||||
|
@ -227,18 +226,17 @@
|
||||||
"@types/vary": "1.1.3",
|
"@types/vary": "1.1.3",
|
||||||
"@types/web-push": "3.6.3",
|
"@types/web-push": "3.6.3",
|
||||||
"@types/ws": "8.5.10",
|
"@types/ws": "8.5.10",
|
||||||
"@typescript-eslint/eslint-plugin": "7.7.1",
|
"@typescript-eslint/eslint-plugin": "7.15.0",
|
||||||
"@typescript-eslint/parser": "7.7.1",
|
"@typescript-eslint/parser": "7.15.0",
|
||||||
"aws-sdk-client-mock": "3.0.1",
|
"aws-sdk-client-mock": "4.0.1",
|
||||||
"cross-env": "7.0.3",
|
"cross-env": "7.0.3",
|
||||||
"eslint": "8.57.0",
|
|
||||||
"eslint-plugin-import": "2.29.1",
|
"eslint-plugin-import": "2.29.1",
|
||||||
"execa": "8.0.1",
|
"execa": "9.2.0",
|
||||||
"fkill": "^9.0.0",
|
"fkill": "9.0.0",
|
||||||
"jest": "29.7.0",
|
"jest": "29.7.0",
|
||||||
"jest-mock": "29.7.0",
|
"jest-mock": "29.7.0",
|
||||||
"nodemon": "3.1.0",
|
"nodemon": "3.1.4",
|
||||||
"pid-port": "1.0.0",
|
"pid-port": "1.0.0",
|
||||||
"simple-oauth2": "5.0.0"
|
"simple-oauth2": "5.0.1"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,6 +30,7 @@ function execStart() {
|
||||||
|
|
||||||
async function killProc() {
|
async function killProc() {
|
||||||
if (backendProcess) {
|
if (backendProcess) {
|
||||||
|
backendProcess.catch(() => {}); // backendProcess.kill()によって発生する例外を無視するためにcatch()を呼び出す
|
||||||
backendProcess.kill();
|
backendProcess.kill();
|
||||||
await new Promise(resolve => backendProcess.on('exit', resolve));
|
await new Promise(resolve => backendProcess.on('exit', resolve));
|
||||||
backendProcess = undefined;
|
backendProcess = undefined;
|
||||||
|
@ -46,6 +47,7 @@ async function killProc() {
|
||||||
],
|
],
|
||||||
{
|
{
|
||||||
stdio: [process.stdin, process.stdout, process.stderr, 'ipc'],
|
stdio: [process.stdin, process.stdout, process.stderr, 'ipc'],
|
||||||
|
serialization: "json",
|
||||||
})
|
})
|
||||||
.on('message', async (message) => {
|
.on('message', async (message) => {
|
||||||
if (message.type === 'exit') {
|
if (message.type === 'exit') {
|
||||||
|
|
|
@ -1,82 +0,0 @@
|
||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: syuilo and misskey-project
|
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
|
||||||
*/
|
|
||||||
|
|
||||||
declare module '@peertube/http-signature' {
|
|
||||||
import type { IncomingMessage, ClientRequest } from 'node:http';
|
|
||||||
|
|
||||||
interface ISignature {
|
|
||||||
keyId: string;
|
|
||||||
algorithm: string;
|
|
||||||
headers: string[];
|
|
||||||
signature: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IOptions {
|
|
||||||
headers?: string[];
|
|
||||||
algorithm?: string;
|
|
||||||
strict?: boolean;
|
|
||||||
authorizationHeaderName?: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IParseRequestOptions extends IOptions {
|
|
||||||
clockSkew?: number;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IParsedSignature {
|
|
||||||
scheme: string;
|
|
||||||
params: ISignature;
|
|
||||||
signingString: string;
|
|
||||||
algorithm: string;
|
|
||||||
keyId: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
type RequestSignerConstructorOptions =
|
|
||||||
IRequestSignerConstructorOptionsFromProperties |
|
|
||||||
IRequestSignerConstructorOptionsFromFunction;
|
|
||||||
|
|
||||||
interface IRequestSignerConstructorOptionsFromProperties {
|
|
||||||
keyId: string;
|
|
||||||
key: string | Buffer;
|
|
||||||
algorithm?: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface IRequestSignerConstructorOptionsFromFunction {
|
|
||||||
sign?: (data: string, cb: (err: any, sig: ISignature) => void) => void;
|
|
||||||
}
|
|
||||||
|
|
||||||
class RequestSigner {
|
|
||||||
constructor(options: RequestSignerConstructorOptions);
|
|
||||||
|
|
||||||
public writeHeader(header: string, value: string): string;
|
|
||||||
|
|
||||||
public writeDateHeader(): string;
|
|
||||||
|
|
||||||
public writeTarget(method: string, path: string): void;
|
|
||||||
|
|
||||||
public sign(cb: (err: any, authz: string) => void): void;
|
|
||||||
}
|
|
||||||
|
|
||||||
interface ISignRequestOptions extends IOptions {
|
|
||||||
keyId: string;
|
|
||||||
key: string;
|
|
||||||
httpVersion?: string;
|
|
||||||
}
|
|
||||||
|
|
||||||
export function parse(request: IncomingMessage, options?: IParseRequestOptions): IParsedSignature;
|
|
||||||
export function parseRequest(request: IncomingMessage, options?: IParseRequestOptions): IParsedSignature;
|
|
||||||
|
|
||||||
export function sign(request: ClientRequest, options: ISignRequestOptions): boolean;
|
|
||||||
export function signRequest(request: ClientRequest, options: ISignRequestOptions): boolean;
|
|
||||||
export function createSigner(): RequestSigner;
|
|
||||||
export function isSigner(obj: any): obj is RequestSigner;
|
|
||||||
|
|
||||||
export function sshKeyToPEM(key: string): string;
|
|
||||||
export function sshKeyFingerprint(key: string): string;
|
|
||||||
export function pemToRsaSSHKey(pem: string, comment: string): string;
|
|
||||||
|
|
||||||
export function verify(parsedSignature: IParsedSignature, pubkey: string | Buffer): boolean;
|
|
||||||
export function verifySignature(parsedSignature: IParsedSignature, pubkey: string | Buffer): boolean;
|
|
||||||
export function verifyHMAC(parsedSignature: IParsedSignature, secret: string): boolean;
|
|
||||||
}
|
|
|
@ -23,7 +23,7 @@ type RedisOptionsSource = Partial<RedisOptions> & {
|
||||||
* 設定ファイルの型
|
* 設定ファイルの型
|
||||||
*/
|
*/
|
||||||
type Source = {
|
type Source = {
|
||||||
url: string;
|
url?: string;
|
||||||
port?: number;
|
port?: number;
|
||||||
socket?: string;
|
socket?: string;
|
||||||
chmodSocket?: string;
|
chmodSocket?: string;
|
||||||
|
@ -31,9 +31,9 @@ type Source = {
|
||||||
db: {
|
db: {
|
||||||
host: string;
|
host: string;
|
||||||
port: number;
|
port: number;
|
||||||
db: string;
|
db?: string;
|
||||||
user: string;
|
user?: string;
|
||||||
pass: string;
|
pass?: string;
|
||||||
disableCache?: boolean;
|
disableCache?: boolean;
|
||||||
extra?: { [x: string]: string };
|
extra?: { [x: string]: string };
|
||||||
};
|
};
|
||||||
|
@ -202,13 +202,17 @@ export function loadConfig(): Config {
|
||||||
: { 'src/_boot_.ts': { file: 'src/_boot_.ts' } };
|
: { 'src/_boot_.ts': { file: 'src/_boot_.ts' } };
|
||||||
const config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
|
const config = yaml.load(fs.readFileSync(path, 'utf-8')) as Source;
|
||||||
|
|
||||||
const url = tryCreateUrl(config.url);
|
const url = tryCreateUrl(config.url ?? process.env.MISSKEY_URL ?? '');
|
||||||
const version = meta.version;
|
const version = meta.version;
|
||||||
const host = url.host;
|
const host = url.host;
|
||||||
const hostname = url.hostname;
|
const hostname = url.hostname;
|
||||||
const scheme = url.protocol.replace(/:$/, '');
|
const scheme = url.protocol.replace(/:$/, '');
|
||||||
const wsScheme = scheme.replace('http', 'ws');
|
const wsScheme = scheme.replace('http', 'ws');
|
||||||
|
|
||||||
|
const dbDb = config.db.db ?? process.env.DATABASE_DB ?? '';
|
||||||
|
const dbUser = config.db.user ?? process.env.DATABASE_USER ?? '';
|
||||||
|
const dbPass = config.db.pass ?? process.env.DATABASE_PASSWORD ?? '';
|
||||||
|
|
||||||
const externalMediaProxy = config.mediaProxy ?
|
const externalMediaProxy = config.mediaProxy ?
|
||||||
config.mediaProxy.endsWith('/') ? config.mediaProxy.substring(0, config.mediaProxy.length - 1) : config.mediaProxy
|
config.mediaProxy.endsWith('/') ? config.mediaProxy.substring(0, config.mediaProxy.length - 1) : config.mediaProxy
|
||||||
: null;
|
: null;
|
||||||
|
@ -231,7 +235,7 @@ export function loadConfig(): Config {
|
||||||
apiUrl: `${scheme}://${host}/api`,
|
apiUrl: `${scheme}://${host}/api`,
|
||||||
authUrl: `${scheme}://${host}/auth`,
|
authUrl: `${scheme}://${host}/auth`,
|
||||||
driveUrl: `${scheme}://${host}/files`,
|
driveUrl: `${scheme}://${host}/files`,
|
||||||
db: config.db,
|
db: { ...config.db, db: dbDb, user: dbUser, pass: dbPass },
|
||||||
dbReplications: config.dbReplications,
|
dbReplications: config.dbReplications,
|
||||||
dbSlaves: config.dbSlaves,
|
dbSlaves: config.dbSlaves,
|
||||||
meilisearch: config.meilisearch,
|
meilisearch: config.meilisearch,
|
||||||
|
@ -259,7 +263,7 @@ export function loadConfig(): Config {
|
||||||
deliverJobMaxAttempts: config.deliverJobMaxAttempts,
|
deliverJobMaxAttempts: config.deliverJobMaxAttempts,
|
||||||
inboxJobMaxAttempts: config.inboxJobMaxAttempts,
|
inboxJobMaxAttempts: config.inboxJobMaxAttempts,
|
||||||
proxyRemoteFiles: config.proxyRemoteFiles,
|
proxyRemoteFiles: config.proxyRemoteFiles,
|
||||||
signToActivityPubGet: config.signToActivityPubGet,
|
signToActivityPubGet: config.signToActivityPubGet ?? true,
|
||||||
mediaProxy: externalMediaProxy ?? internalMediaProxy,
|
mediaProxy: externalMediaProxy ?? internalMediaProxy,
|
||||||
externalMediaProxyEnabled: externalMediaProxy !== null && externalMediaProxy !== internalMediaProxy,
|
externalMediaProxyEnabled: externalMediaProxy !== null && externalMediaProxy !== internalMediaProxy,
|
||||||
videoThumbnailGenerator: config.videoThumbnailGenerator ?
|
videoThumbnailGenerator: config.videoThumbnailGenerator ?
|
||||||
|
|
|
@ -3,11 +3,17 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
// dummy
|
||||||
export const MAX_NOTE_TEXT_LENGTH = 3000;
|
export const MAX_NOTE_TEXT_LENGTH = 3000;
|
||||||
|
|
||||||
export const USER_ONLINE_THRESHOLD = 1000 * 60 * 10; // 10min
|
export const USER_ONLINE_THRESHOLD = 1000 * 60 * 10; // 10min
|
||||||
export const USER_ACTIVE_THRESHOLD = 1000 * 60 * 60 * 24 * 3; // 3days
|
export const USER_ACTIVE_THRESHOLD = 1000 * 60 * 60 * 24 * 3; // 3days
|
||||||
|
|
||||||
|
export const REMOTE_USER_CACHE_TTL = 1000 * 60 * 60 * 3; // 3hours
|
||||||
|
export const REMOTE_USER_MOVE_COOLDOWN = 1000 * 60 * 60 * 24 * 14; // 14days
|
||||||
|
|
||||||
|
export const REMOTE_SERVER_CACHE_TTL = 1000 * 60 * 60 * 3; // 3hours
|
||||||
|
|
||||||
//#region hard limits
|
//#region hard limits
|
||||||
// If you change DB_* values, you must also change the DB schema.
|
// If you change DB_* values, you must also change the DB schema.
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable, OnModuleInit } from '@nestjs/common';
|
||||||
|
import { ModuleRef } from '@nestjs/core';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import type { UsersRepository } from '@/models/_.js';
|
import type { UsersRepository } from '@/models/_.js';
|
||||||
import type { MiUser } from '@/models/User.js';
|
import type { MiUser } from '@/models/User.js';
|
||||||
|
@ -12,30 +13,44 @@ import { RelayService } from '@/core/RelayService.js';
|
||||||
import { ApDeliverManagerService } from '@/core/activitypub/ApDeliverManagerService.js';
|
import { ApDeliverManagerService } from '@/core/activitypub/ApDeliverManagerService.js';
|
||||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import type { PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class AccountUpdateService {
|
export class AccountUpdateService implements OnModuleInit {
|
||||||
|
private apDeliverManagerService: ApDeliverManagerService;
|
||||||
constructor(
|
constructor(
|
||||||
|
private moduleRef: ModuleRef,
|
||||||
|
|
||||||
@Inject(DI.usersRepository)
|
@Inject(DI.usersRepository)
|
||||||
private usersRepository: UsersRepository,
|
private usersRepository: UsersRepository,
|
||||||
|
|
||||||
private userEntityService: UserEntityService,
|
private userEntityService: UserEntityService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
private apDeliverManagerService: ApDeliverManagerService,
|
|
||||||
private relayService: RelayService,
|
private relayService: RelayService,
|
||||||
) {
|
) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async onModuleInit() {
|
||||||
|
this.apDeliverManagerService = this.moduleRef.get(ApDeliverManagerService.name);
|
||||||
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async publishToFollowers(userId: MiUser['id']) {
|
/**
|
||||||
|
* Deliver account update to followers
|
||||||
|
* @param userId user id
|
||||||
|
* @param deliverKey optional. Private key to sign the deliver.
|
||||||
|
*/
|
||||||
|
public async publishToFollowers(userId: MiUser['id'], deliverKey?: PrivateKeyWithPem) {
|
||||||
const user = await this.usersRepository.findOneBy({ id: userId });
|
const user = await this.usersRepository.findOneBy({ id: userId });
|
||||||
if (user == null) throw new Error('user not found');
|
if (user == null) throw new Error('user not found');
|
||||||
|
|
||||||
// フォロワーがリモートユーザーかつ投稿者がローカルユーザーならUpdateを配信
|
// フォロワーがリモートユーザーかつ投稿者がローカルユーザーならUpdateを配信
|
||||||
if (this.userEntityService.isLocalUser(user)) {
|
if (this.userEntityService.isLocalUser(user)) {
|
||||||
const content = this.apRendererService.addContext(this.apRendererService.renderUpdate(await this.apRendererService.renderPerson(user), user));
|
const content = this.apRendererService.addContext(this.apRendererService.renderUpdate(await this.apRendererService.renderPerson(user), user));
|
||||||
this.apDeliverManagerService.deliverToFollowers(user, content);
|
await Promise.allSettled([
|
||||||
this.relayService.deliverToRelays(user, content);
|
this.apDeliverManagerService.deliverToFollowers(user, content, deliverKey),
|
||||||
|
this.relayService.deliverToRelays(user, content, deliverKey),
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,6 +12,7 @@ import {
|
||||||
} from '@/core/entities/AbuseReportNotificationRecipientEntityService.js';
|
} from '@/core/entities/AbuseReportNotificationRecipientEntityService.js';
|
||||||
import { AbuseReportNotificationService } from '@/core/AbuseReportNotificationService.js';
|
import { AbuseReportNotificationService } from '@/core/AbuseReportNotificationService.js';
|
||||||
import { SystemWebhookService } from '@/core/SystemWebhookService.js';
|
import { SystemWebhookService } from '@/core/SystemWebhookService.js';
|
||||||
|
import { UserSearchService } from '@/core/UserSearchService.js';
|
||||||
import { AccountMoveService } from './AccountMoveService.js';
|
import { AccountMoveService } from './AccountMoveService.js';
|
||||||
import { AccountUpdateService } from './AccountUpdateService.js';
|
import { AccountUpdateService } from './AccountUpdateService.js';
|
||||||
import { AiService } from './AiService.js';
|
import { AiService } from './AiService.js';
|
||||||
|
@ -60,6 +61,7 @@ import { UserFollowingService } from './UserFollowingService.js';
|
||||||
import { UserKeypairService } from './UserKeypairService.js';
|
import { UserKeypairService } from './UserKeypairService.js';
|
||||||
import { UserListService } from './UserListService.js';
|
import { UserListService } from './UserListService.js';
|
||||||
import { UserMutingService } from './UserMutingService.js';
|
import { UserMutingService } from './UserMutingService.js';
|
||||||
|
import { UserRenoteMutingService } from './UserRenoteMutingService.js';
|
||||||
import { UserSuspendService } from './UserSuspendService.js';
|
import { UserSuspendService } from './UserSuspendService.js';
|
||||||
import { UserAuthService } from './UserAuthService.js';
|
import { UserAuthService } from './UserAuthService.js';
|
||||||
import { VideoProcessingService } from './VideoProcessingService.js';
|
import { VideoProcessingService } from './VideoProcessingService.js';
|
||||||
|
@ -202,6 +204,8 @@ const $UserFollowingService: Provider = { provide: 'UserFollowingService', useEx
|
||||||
const $UserKeypairService: Provider = { provide: 'UserKeypairService', useExisting: UserKeypairService };
|
const $UserKeypairService: Provider = { provide: 'UserKeypairService', useExisting: UserKeypairService };
|
||||||
const $UserListService: Provider = { provide: 'UserListService', useExisting: UserListService };
|
const $UserListService: Provider = { provide: 'UserListService', useExisting: UserListService };
|
||||||
const $UserMutingService: Provider = { provide: 'UserMutingService', useExisting: UserMutingService };
|
const $UserMutingService: Provider = { provide: 'UserMutingService', useExisting: UserMutingService };
|
||||||
|
const $UserRenoteMutingService: Provider = { provide: 'UserRenoteMutingService', useExisting: UserRenoteMutingService };
|
||||||
|
const $UserSearchService: Provider = { provide: 'UserSearchService', useExisting: UserSearchService };
|
||||||
const $UserSuspendService: Provider = { provide: 'UserSuspendService', useExisting: UserSuspendService };
|
const $UserSuspendService: Provider = { provide: 'UserSuspendService', useExisting: UserSuspendService };
|
||||||
const $UserAuthService: Provider = { provide: 'UserAuthService', useExisting: UserAuthService };
|
const $UserAuthService: Provider = { provide: 'UserAuthService', useExisting: UserAuthService };
|
||||||
const $VideoProcessingService: Provider = { provide: 'VideoProcessingService', useExisting: VideoProcessingService };
|
const $VideoProcessingService: Provider = { provide: 'VideoProcessingService', useExisting: VideoProcessingService };
|
||||||
|
@ -348,6 +352,8 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
|
||||||
UserKeypairService,
|
UserKeypairService,
|
||||||
UserListService,
|
UserListService,
|
||||||
UserMutingService,
|
UserMutingService,
|
||||||
|
UserRenoteMutingService,
|
||||||
|
UserSearchService,
|
||||||
UserSuspendService,
|
UserSuspendService,
|
||||||
UserAuthService,
|
UserAuthService,
|
||||||
VideoProcessingService,
|
VideoProcessingService,
|
||||||
|
@ -490,6 +496,8 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
|
||||||
$UserKeypairService,
|
$UserKeypairService,
|
||||||
$UserListService,
|
$UserListService,
|
||||||
$UserMutingService,
|
$UserMutingService,
|
||||||
|
$UserRenoteMutingService,
|
||||||
|
$UserSearchService,
|
||||||
$UserSuspendService,
|
$UserSuspendService,
|
||||||
$UserAuthService,
|
$UserAuthService,
|
||||||
$VideoProcessingService,
|
$VideoProcessingService,
|
||||||
|
@ -633,6 +641,8 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
|
||||||
UserKeypairService,
|
UserKeypairService,
|
||||||
UserListService,
|
UserListService,
|
||||||
UserMutingService,
|
UserMutingService,
|
||||||
|
UserRenoteMutingService,
|
||||||
|
UserSearchService,
|
||||||
UserSuspendService,
|
UserSuspendService,
|
||||||
UserAuthService,
|
UserAuthService,
|
||||||
VideoProcessingService,
|
VideoProcessingService,
|
||||||
|
@ -774,6 +784,8 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
|
||||||
$UserKeypairService,
|
$UserKeypairService,
|
||||||
$UserListService,
|
$UserListService,
|
||||||
$UserMutingService,
|
$UserMutingService,
|
||||||
|
$UserRenoteMutingService,
|
||||||
|
$UserSearchService,
|
||||||
$UserSuspendService,
|
$UserSuspendService,
|
||||||
$UserAuthService,
|
$UserAuthService,
|
||||||
$VideoProcessingService,
|
$VideoProcessingService,
|
||||||
|
|
|
@ -7,7 +7,7 @@ import { randomUUID } from 'node:crypto';
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import bcrypt from 'bcryptjs';
|
import bcrypt from 'bcryptjs';
|
||||||
import { IsNull, DataSource } from 'typeorm';
|
import { IsNull, DataSource } from 'typeorm';
|
||||||
import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
|
import { genRSAAndEd25519KeyPair } from '@/misc/gen-key-pair.js';
|
||||||
import { MiUser } from '@/models/User.js';
|
import { MiUser } from '@/models/User.js';
|
||||||
import { MiUserProfile } from '@/models/UserProfile.js';
|
import { MiUserProfile } from '@/models/UserProfile.js';
|
||||||
import { IdService } from '@/core/IdService.js';
|
import { IdService } from '@/core/IdService.js';
|
||||||
|
@ -38,7 +38,7 @@ export class CreateSystemUserService {
|
||||||
// Generate secret
|
// Generate secret
|
||||||
const secret = generateNativeUserToken();
|
const secret = generateNativeUserToken();
|
||||||
|
|
||||||
const keyPair = await genRsaKeyPair();
|
const keyPair = await genRSAAndEd25519KeyPair();
|
||||||
|
|
||||||
let account!: MiUser;
|
let account!: MiUser;
|
||||||
|
|
||||||
|
@ -64,9 +64,8 @@ export class CreateSystemUserService {
|
||||||
}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));
|
}).then(x => transactionalEntityManager.findOneByOrFail(MiUser, x.identifiers[0]));
|
||||||
|
|
||||||
await transactionalEntityManager.insert(MiUserKeypair, {
|
await transactionalEntityManager.insert(MiUserKeypair, {
|
||||||
publicKey: keyPair.publicKey,
|
|
||||||
privateKey: keyPair.privateKey,
|
|
||||||
userId: account.id,
|
userId: account.id,
|
||||||
|
...keyPair,
|
||||||
});
|
});
|
||||||
|
|
||||||
await transactionalEntityManager.insert(MiUserProfile, {
|
await transactionalEntityManager.insert(MiUserProfile, {
|
||||||
|
|
|
@ -40,6 +40,7 @@ export class FederatedInstanceService implements OnApplicationShutdown {
|
||||||
firstRetrievedAt: new Date(parsed.firstRetrievedAt),
|
firstRetrievedAt: new Date(parsed.firstRetrievedAt),
|
||||||
latestRequestReceivedAt: parsed.latestRequestReceivedAt ? new Date(parsed.latestRequestReceivedAt) : null,
|
latestRequestReceivedAt: parsed.latestRequestReceivedAt ? new Date(parsed.latestRequestReceivedAt) : null,
|
||||||
infoUpdatedAt: parsed.infoUpdatedAt ? new Date(parsed.infoUpdatedAt) : null,
|
infoUpdatedAt: parsed.infoUpdatedAt ? new Date(parsed.infoUpdatedAt) : null,
|
||||||
|
notRespondingSince: parsed.notRespondingSince ? new Date(parsed.notRespondingSince) : null,
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
|
@ -15,6 +15,7 @@ import { LoggerService } from '@/core/LoggerService.js';
|
||||||
import { HttpRequestService } from '@/core/HttpRequestService.js';
|
import { HttpRequestService } from '@/core/HttpRequestService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
||||||
|
import { REMOTE_SERVER_CACHE_TTL } from '@/const.js';
|
||||||
import type { DOMWindow } from 'jsdom';
|
import type { DOMWindow } from 'jsdom';
|
||||||
|
|
||||||
type NodeInfo = {
|
type NodeInfo = {
|
||||||
|
@ -24,6 +25,7 @@ type NodeInfo = {
|
||||||
version?: unknown;
|
version?: unknown;
|
||||||
};
|
};
|
||||||
metadata?: {
|
metadata?: {
|
||||||
|
httpMessageSignaturesImplementationLevel?: unknown,
|
||||||
name?: unknown;
|
name?: unknown;
|
||||||
nodeName?: unknown;
|
nodeName?: unknown;
|
||||||
nodeDescription?: unknown;
|
nodeDescription?: unknown;
|
||||||
|
@ -39,6 +41,7 @@ type NodeInfo = {
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class FetchInstanceMetadataService {
|
export class FetchInstanceMetadataService {
|
||||||
private logger: Logger;
|
private logger: Logger;
|
||||||
|
private httpColon = 'https://';
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
private httpRequestService: HttpRequestService,
|
private httpRequestService: HttpRequestService,
|
||||||
|
@ -48,6 +51,7 @@ export class FetchInstanceMetadataService {
|
||||||
private redisClient: Redis.Redis,
|
private redisClient: Redis.Redis,
|
||||||
) {
|
) {
|
||||||
this.logger = this.loggerService.getLogger('metadata', 'cyan');
|
this.logger = this.loggerService.getLogger('metadata', 'cyan');
|
||||||
|
this.httpColon = process.env.MISSKEY_USE_HTTP?.toLowerCase() === 'true' ? 'http://' : 'https://';
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
|
@ -59,7 +63,7 @@ export class FetchInstanceMetadataService {
|
||||||
return await this.redisClient.set(
|
return await this.redisClient.set(
|
||||||
`fetchInstanceMetadata:mutex:v2:${host}`, '1',
|
`fetchInstanceMetadata:mutex:v2:${host}`, '1',
|
||||||
'EX', 30, // 30秒したら自動でロック解除 https://github.com/misskey-dev/misskey/issues/13506#issuecomment-1975375395
|
'EX', 30, // 30秒したら自動でロック解除 https://github.com/misskey-dev/misskey/issues/13506#issuecomment-1975375395
|
||||||
'GET' // 古い値を返す(なかったらnull)
|
'GET', // 古い値を返す(なかったらnull)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -73,23 +77,24 @@ export class FetchInstanceMetadataService {
|
||||||
public async fetchInstanceMetadata(instance: MiInstance, force = false): Promise<void> {
|
public async fetchInstanceMetadata(instance: MiInstance, force = false): Promise<void> {
|
||||||
const host = instance.host;
|
const host = instance.host;
|
||||||
|
|
||||||
// finallyでunlockされてしまうのでtry内でロックチェックをしない
|
if (!force) {
|
||||||
// (returnであってもfinallyは実行される)
|
// キャッシュ有効チェックはロック取得前に行う
|
||||||
if (!force && await this.tryLock(host) === '1') {
|
const _instance = await this.federatedInstanceService.fetch(host);
|
||||||
// 1が返ってきていたらロックされているという意味なので、何もしない
|
const now = Date.now();
|
||||||
return;
|
if (_instance && _instance.infoUpdatedAt != null && (now - _instance.infoUpdatedAt.getTime() < REMOTE_SERVER_CACHE_TTL)) {
|
||||||
|
this.logger.debug(`Skip because updated recently ${_instance.infoUpdatedAt.toJSON()}`);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// finallyでunlockされてしまうのでtry内でロックチェックをしない
|
||||||
|
// (returnであってもfinallyは実行される)
|
||||||
|
if (await this.tryLock(host) === '1') {
|
||||||
|
// 1が返ってきていたら他にロックされているという意味なので、何もしない
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if (!force) {
|
|
||||||
const _instance = await this.federatedInstanceService.fetch(host);
|
|
||||||
const now = Date.now();
|
|
||||||
if (_instance && _instance.infoUpdatedAt && (now - _instance.infoUpdatedAt.getTime() < 1000 * 60 * 60 * 24)) {
|
|
||||||
// unlock at the finally caluse
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
this.logger.info(`Fetching metadata of ${instance.host} ...`);
|
this.logger.info(`Fetching metadata of ${instance.host} ...`);
|
||||||
|
|
||||||
const [info, dom, manifest] = await Promise.all([
|
const [info, dom, manifest] = await Promise.all([
|
||||||
|
@ -118,6 +123,14 @@ export class FetchInstanceMetadataService {
|
||||||
updates.openRegistrations = info.openRegistrations;
|
updates.openRegistrations = info.openRegistrations;
|
||||||
updates.maintainerName = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.name ?? null) : null : null;
|
updates.maintainerName = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.name ?? null) : null : null;
|
||||||
updates.maintainerEmail = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.email ?? null) : null : null;
|
updates.maintainerEmail = info.metadata ? info.metadata.maintainer ? (info.metadata.maintainer.email ?? null) : null : null;
|
||||||
|
if (info.metadata && info.metadata.httpMessageSignaturesImplementationLevel && (
|
||||||
|
info.metadata.httpMessageSignaturesImplementationLevel === '01' ||
|
||||||
|
info.metadata.httpMessageSignaturesImplementationLevel === '11'
|
||||||
|
)) {
|
||||||
|
updates.httpMessageSignaturesImplementationLevel = info.metadata.httpMessageSignaturesImplementationLevel;
|
||||||
|
} else {
|
||||||
|
updates.httpMessageSignaturesImplementationLevel = '00';
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (name) updates.name = name;
|
if (name) updates.name = name;
|
||||||
|
@ -129,6 +142,12 @@ export class FetchInstanceMetadataService {
|
||||||
await this.federatedInstanceService.update(instance.id, updates);
|
await this.federatedInstanceService.update(instance.id, updates);
|
||||||
|
|
||||||
this.logger.succ(`Successfuly updated metadata of ${instance.host}`);
|
this.logger.succ(`Successfuly updated metadata of ${instance.host}`);
|
||||||
|
this.logger.debug('Updated metadata:', {
|
||||||
|
info: !!info,
|
||||||
|
dom: !!dom,
|
||||||
|
manifest: !!manifest,
|
||||||
|
updates,
|
||||||
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
this.logger.error(`Failed to update metadata of ${instance.host}: ${e}`);
|
this.logger.error(`Failed to update metadata of ${instance.host}: ${e}`);
|
||||||
} finally {
|
} finally {
|
||||||
|
@ -141,7 +160,7 @@ export class FetchInstanceMetadataService {
|
||||||
this.logger.info(`Fetching nodeinfo of ${instance.host} ...`);
|
this.logger.info(`Fetching nodeinfo of ${instance.host} ...`);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const wellknown = await this.httpRequestService.getJson('https://' + instance.host + '/.well-known/nodeinfo')
|
const wellknown = await this.httpRequestService.getJson(this.httpColon + instance.host + '/.well-known/nodeinfo')
|
||||||
.catch(err => {
|
.catch(err => {
|
||||||
if (err.statusCode === 404) {
|
if (err.statusCode === 404) {
|
||||||
throw new Error('No nodeinfo provided');
|
throw new Error('No nodeinfo provided');
|
||||||
|
@ -184,7 +203,7 @@ export class FetchInstanceMetadataService {
|
||||||
private async fetchDom(instance: MiInstance): Promise<DOMWindow['document']> {
|
private async fetchDom(instance: MiInstance): Promise<DOMWindow['document']> {
|
||||||
this.logger.info(`Fetching HTML of ${instance.host} ...`);
|
this.logger.info(`Fetching HTML of ${instance.host} ...`);
|
||||||
|
|
||||||
const url = 'https://' + instance.host;
|
const url = this.httpColon + instance.host;
|
||||||
|
|
||||||
const html = await this.httpRequestService.getHtml(url);
|
const html = await this.httpRequestService.getHtml(url);
|
||||||
|
|
||||||
|
@ -196,7 +215,7 @@ export class FetchInstanceMetadataService {
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
private async fetchManifest(instance: MiInstance): Promise<Record<string, unknown> | null> {
|
private async fetchManifest(instance: MiInstance): Promise<Record<string, unknown> | null> {
|
||||||
const url = 'https://' + instance.host;
|
const url = this.httpColon + instance.host;
|
||||||
|
|
||||||
const manifestUrl = url + '/manifest.json';
|
const manifestUrl = url + '/manifest.json';
|
||||||
|
|
||||||
|
@ -207,7 +226,7 @@ export class FetchInstanceMetadataService {
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
private async fetchFaviconUrl(instance: MiInstance, doc: DOMWindow['document'] | null): Promise<string | null> {
|
private async fetchFaviconUrl(instance: MiInstance, doc: DOMWindow['document'] | null): Promise<string | null> {
|
||||||
const url = 'https://' + instance.host;
|
const url = this.httpColon + instance.host;
|
||||||
|
|
||||||
if (doc) {
|
if (doc) {
|
||||||
// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
|
// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
|
||||||
|
@ -234,12 +253,12 @@ export class FetchInstanceMetadataService {
|
||||||
@bindThis
|
@bindThis
|
||||||
private async fetchIconUrl(instance: MiInstance, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
|
private async fetchIconUrl(instance: MiInstance, doc: DOMWindow['document'] | null, manifest: Record<string, any> | null): Promise<string | null> {
|
||||||
if (manifest && manifest.icons && manifest.icons.length > 0 && manifest.icons[0].src) {
|
if (manifest && manifest.icons && manifest.icons.length > 0 && manifest.icons[0].src) {
|
||||||
const url = 'https://' + instance.host;
|
const url = this.httpColon + instance.host;
|
||||||
return (new URL(manifest.icons[0].src, url)).href;
|
return (new URL(manifest.icons[0].src, url)).href;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (doc) {
|
if (doc) {
|
||||||
const url = 'https://' + instance.host;
|
const url = this.httpColon + instance.host;
|
||||||
|
|
||||||
// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
|
// https://github.com/misskey-dev/misskey/pull/8220#issuecomment-1025104043
|
||||||
const links = Array.from(doc.getElementsByTagName('link')).reverse();
|
const links = Array.from(doc.getElementsByTagName('link')).reverse();
|
||||||
|
|
|
@ -209,6 +209,10 @@ type SerializedAll<T> = {
|
||||||
[K in keyof T]: Serialized<T[K]>;
|
[K in keyof T]: Serialized<T[K]>;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
type UndefinedAsNullAll<T> = {
|
||||||
|
[K in keyof T]: T[K] extends undefined ? null : T[K];
|
||||||
|
}
|
||||||
|
|
||||||
export interface InternalEventTypes {
|
export interface InternalEventTypes {
|
||||||
userChangeSuspendedState: { id: MiUser['id']; isSuspended: MiUser['isSuspended']; };
|
userChangeSuspendedState: { id: MiUser['id']; isSuspended: MiUser['isSuspended']; };
|
||||||
userChangeDeletedState: { id: MiUser['id']; isDeleted: MiUser['isDeleted']; };
|
userChangeDeletedState: { id: MiUser['id']; isDeleted: MiUser['isDeleted']; };
|
||||||
|
@ -245,45 +249,48 @@ export interface InternalEventTypes {
|
||||||
unmute: { muterId: MiUser['id']; muteeId: MiUser['id']; };
|
unmute: { muterId: MiUser['id']; muteeId: MiUser['id']; };
|
||||||
userListMemberAdded: { userListId: MiUserList['id']; memberId: MiUser['id']; };
|
userListMemberAdded: { userListId: MiUserList['id']; memberId: MiUser['id']; };
|
||||||
userListMemberRemoved: { userListId: MiUserList['id']; memberId: MiUser['id']; };
|
userListMemberRemoved: { userListId: MiUserList['id']; memberId: MiUser['id']; };
|
||||||
|
userKeypairUpdated: { userId: MiUser['id']; };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type EventTypesToEventPayload<T> = EventUnionFromDictionary<UndefinedAsNullAll<SerializedAll<T>>>;
|
||||||
|
|
||||||
// name/messages(spec) pairs dictionary
|
// name/messages(spec) pairs dictionary
|
||||||
export type GlobalEvents = {
|
export type GlobalEvents = {
|
||||||
internal: {
|
internal: {
|
||||||
name: 'internal';
|
name: 'internal';
|
||||||
payload: EventUnionFromDictionary<SerializedAll<InternalEventTypes>>;
|
payload: EventTypesToEventPayload<InternalEventTypes>;
|
||||||
};
|
};
|
||||||
broadcast: {
|
broadcast: {
|
||||||
name: 'broadcast';
|
name: 'broadcast';
|
||||||
payload: EventUnionFromDictionary<SerializedAll<BroadcastTypes>>;
|
payload: EventTypesToEventPayload<BroadcastTypes>;
|
||||||
};
|
};
|
||||||
main: {
|
main: {
|
||||||
name: `mainStream:${MiUser['id']}`;
|
name: `mainStream:${MiUser['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<MainEventTypes>>;
|
payload: EventTypesToEventPayload<MainEventTypes>;
|
||||||
};
|
};
|
||||||
drive: {
|
drive: {
|
||||||
name: `driveStream:${MiUser['id']}`;
|
name: `driveStream:${MiUser['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<DriveEventTypes>>;
|
payload: EventTypesToEventPayload<DriveEventTypes>;
|
||||||
};
|
};
|
||||||
note: {
|
note: {
|
||||||
name: `noteStream:${MiNote['id']}`;
|
name: `noteStream:${MiNote['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<NoteStreamEventTypes>>;
|
payload: EventTypesToEventPayload<NoteStreamEventTypes>;
|
||||||
};
|
};
|
||||||
userList: {
|
userList: {
|
||||||
name: `userListStream:${MiUserList['id']}`;
|
name: `userListStream:${MiUserList['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<UserListEventTypes>>;
|
payload: EventTypesToEventPayload<UserListEventTypes>;
|
||||||
};
|
};
|
||||||
roleTimeline: {
|
roleTimeline: {
|
||||||
name: `roleTimelineStream:${MiRole['id']}`;
|
name: `roleTimelineStream:${MiRole['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<RoleTimelineEventTypes>>;
|
payload: EventTypesToEventPayload<RoleTimelineEventTypes>;
|
||||||
};
|
};
|
||||||
antenna: {
|
antenna: {
|
||||||
name: `antennaStream:${MiAntenna['id']}`;
|
name: `antennaStream:${MiAntenna['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<AntennaEventTypes>>;
|
payload: EventTypesToEventPayload<AntennaEventTypes>;
|
||||||
};
|
};
|
||||||
admin: {
|
admin: {
|
||||||
name: `adminStream:${MiUser['id']}`;
|
name: `adminStream:${MiUser['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<AdminEventTypes>>;
|
payload: EventTypesToEventPayload<AdminEventTypes>;
|
||||||
};
|
};
|
||||||
notes: {
|
notes: {
|
||||||
name: 'notesStream';
|
name: 'notesStream';
|
||||||
|
@ -291,11 +298,11 @@ export type GlobalEvents = {
|
||||||
};
|
};
|
||||||
reversi: {
|
reversi: {
|
||||||
name: `reversiStream:${MiUser['id']}`;
|
name: `reversiStream:${MiUser['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<ReversiEventTypes>>;
|
payload: EventTypesToEventPayload<ReversiEventTypes>;
|
||||||
};
|
};
|
||||||
reversiGame: {
|
reversiGame: {
|
||||||
name: `reversiGameStream:${MiReversiGame['id']}`;
|
name: `reversiGameStream:${MiReversiGame['id']}`;
|
||||||
payload: EventUnionFromDictionary<SerializedAll<ReversiGameEventTypes>>;
|
payload: EventTypesToEventPayload<ReversiGameEventTypes>;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -70,7 +70,7 @@ export class HttpRequestService {
|
||||||
localAddress: config.outgoingAddress,
|
localAddress: config.outgoingAddress,
|
||||||
});
|
});
|
||||||
|
|
||||||
const maxSockets = Math.max(256, config.deliverJobConcurrency ?? 128);
|
const maxSockets = Math.max(256, config.deliverJobConcurrency ?? 16);
|
||||||
|
|
||||||
this.httpAgent = config.proxy
|
this.httpAgent = config.proxy
|
||||||
? new HttpProxyAgent({
|
? new HttpProxyAgent({
|
||||||
|
|
|
@ -13,10 +13,12 @@ import { intersperse } from '@/misc/prelude/array.js';
|
||||||
import { normalizeForSearch } from '@/misc/normalize-for-search.js';
|
import { normalizeForSearch } from '@/misc/normalize-for-search.js';
|
||||||
import type { IMentionedRemoteUsers } from '@/models/Note.js';
|
import type { IMentionedRemoteUsers } from '@/models/Note.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import * as TreeAdapter from '../../node_modules/parse5/dist/tree-adapters/default.js';
|
import type { DefaultTreeAdapterMap } from 'parse5';
|
||||||
import type * as mfm from 'mfm-js';
|
import type * as mfm from 'mfm-js';
|
||||||
|
|
||||||
const treeAdapter = TreeAdapter.defaultTreeAdapter;
|
const treeAdapter = parse5.defaultTreeAdapter;
|
||||||
|
type Node = DefaultTreeAdapterMap['node'];
|
||||||
|
type ChildNode = DefaultTreeAdapterMap['childNode'];
|
||||||
|
|
||||||
const urlRegex = /^https?:\/\/[\w\/:%#@$&?!()\[\]~.,=+\-]+/;
|
const urlRegex = /^https?:\/\/[\w\/:%#@$&?!()\[\]~.,=+\-]+/;
|
||||||
const urlRegexFull = /^https?:\/\/[\w\/:%#@$&?!()\[\]~.,=+\-]+$/;
|
const urlRegexFull = /^https?:\/\/[\w\/:%#@$&?!()\[\]~.,=+\-]+$/;
|
||||||
|
@ -46,7 +48,7 @@ export class MfmService {
|
||||||
|
|
||||||
return text.trim();
|
return text.trim();
|
||||||
|
|
||||||
function getText(node: TreeAdapter.Node): string {
|
function getText(node: Node): string {
|
||||||
if (treeAdapter.isTextNode(node)) return node.value;
|
if (treeAdapter.isTextNode(node)) return node.value;
|
||||||
if (!treeAdapter.isElementNode(node)) return '';
|
if (!treeAdapter.isElementNode(node)) return '';
|
||||||
if (node.nodeName === 'br') return '\n';
|
if (node.nodeName === 'br') return '\n';
|
||||||
|
@ -58,7 +60,7 @@ export class MfmService {
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
function appendChildren(childNodes: TreeAdapter.ChildNode[]): void {
|
function appendChildren(childNodes: ChildNode[]): void {
|
||||||
if (childNodes) {
|
if (childNodes) {
|
||||||
for (const n of childNodes) {
|
for (const n of childNodes) {
|
||||||
analyze(n);
|
analyze(n);
|
||||||
|
@ -66,14 +68,16 @@ export class MfmService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function analyze(node: TreeAdapter.Node) {
|
function analyze(node: Node) {
|
||||||
if (treeAdapter.isTextNode(node)) {
|
if (treeAdapter.isTextNode(node)) {
|
||||||
text += node.value;
|
text += node.value;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Skip comment or document type node
|
// Skip comment or document type node
|
||||||
if (!treeAdapter.isElementNode(node)) return;
|
if (!treeAdapter.isElementNode(node)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
switch (node.nodeName) {
|
switch (node.nodeName) {
|
||||||
case 'br': {
|
case 'br': {
|
||||||
|
@ -81,8 +85,7 @@ export class MfmService {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case 'a':
|
case 'a': {
|
||||||
{
|
|
||||||
const txt = getText(node);
|
const txt = getText(node);
|
||||||
const rel = node.attrs.find(x => x.name === 'rel');
|
const rel = node.attrs.find(x => x.name === 'rel');
|
||||||
const href = node.attrs.find(x => x.name === 'href');
|
const href = node.attrs.find(x => x.name === 'href');
|
||||||
|
@ -90,7 +93,7 @@ export class MfmService {
|
||||||
// ハッシュタグ
|
// ハッシュタグ
|
||||||
if (normalizedHashtagNames && href && normalizedHashtagNames.has(normalizeForSearch(txt))) {
|
if (normalizedHashtagNames && href && normalizedHashtagNames.has(normalizeForSearch(txt))) {
|
||||||
text += txt;
|
text += txt;
|
||||||
// メンション
|
// メンション
|
||||||
} else if (txt.startsWith('@') && !(rel && rel.value.startsWith('me '))) {
|
} else if (txt.startsWith('@') && !(rel && rel.value.startsWith('me '))) {
|
||||||
const part = txt.split('@');
|
const part = txt.split('@');
|
||||||
|
|
||||||
|
@ -102,7 +105,7 @@ export class MfmService {
|
||||||
} else if (part.length === 3) {
|
} else if (part.length === 3) {
|
||||||
text += txt;
|
text += txt;
|
||||||
}
|
}
|
||||||
// その他
|
// その他
|
||||||
} else {
|
} else {
|
||||||
const generateLink = () => {
|
const generateLink = () => {
|
||||||
if (!href && !txt) {
|
if (!href && !txt) {
|
||||||
|
@ -130,8 +133,7 @@ export class MfmService {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case 'h1':
|
case 'h1': {
|
||||||
{
|
|
||||||
text += '【';
|
text += '【';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
text += '】\n';
|
text += '】\n';
|
||||||
|
@ -139,16 +141,14 @@ export class MfmService {
|
||||||
}
|
}
|
||||||
|
|
||||||
case 'b':
|
case 'b':
|
||||||
case 'strong':
|
case 'strong': {
|
||||||
{
|
|
||||||
text += '**';
|
text += '**';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
text += '**';
|
text += '**';
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case 'small':
|
case 'small': {
|
||||||
{
|
|
||||||
text += '<small>';
|
text += '<small>';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
text += '</small>';
|
text += '</small>';
|
||||||
|
@ -156,8 +156,7 @@ export class MfmService {
|
||||||
}
|
}
|
||||||
|
|
||||||
case 's':
|
case 's':
|
||||||
case 'del':
|
case 'del': {
|
||||||
{
|
|
||||||
text += '~~';
|
text += '~~';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
text += '~~';
|
text += '~~';
|
||||||
|
@ -165,8 +164,7 @@ export class MfmService {
|
||||||
}
|
}
|
||||||
|
|
||||||
case 'i':
|
case 'i':
|
||||||
case 'em':
|
case 'em': {
|
||||||
{
|
|
||||||
text += '<i>';
|
text += '<i>';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
text += '</i>';
|
text += '</i>';
|
||||||
|
@ -207,8 +205,7 @@ export class MfmService {
|
||||||
case 'h3':
|
case 'h3':
|
||||||
case 'h4':
|
case 'h4':
|
||||||
case 'h5':
|
case 'h5':
|
||||||
case 'h6':
|
case 'h6': {
|
||||||
{
|
|
||||||
text += '\n\n';
|
text += '\n\n';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
break;
|
break;
|
||||||
|
@ -221,8 +218,7 @@ export class MfmService {
|
||||||
case 'article':
|
case 'article':
|
||||||
case 'li':
|
case 'li':
|
||||||
case 'dt':
|
case 'dt':
|
||||||
case 'dd':
|
case 'dd': {
|
||||||
{
|
|
||||||
text += '\n';
|
text += '\n';
|
||||||
appendChildren(node.childNodes);
|
appendChildren(node.childNodes);
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -13,7 +13,6 @@ import type { Config } from '@/config.js';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import type { Antenna } from '@/server/api/endpoints/i/import-antennas.js';
|
import type { Antenna } from '@/server/api/endpoints/i/import-antennas.js';
|
||||||
import { ApRequestCreator } from '@/core/activitypub/ApRequestService.js';
|
|
||||||
import type {
|
import type {
|
||||||
DbJobData,
|
DbJobData,
|
||||||
DeliverJobData,
|
DeliverJobData,
|
||||||
|
@ -33,7 +32,7 @@ import type {
|
||||||
UserWebhookDeliverQueue,
|
UserWebhookDeliverQueue,
|
||||||
SystemWebhookDeliverQueue,
|
SystemWebhookDeliverQueue,
|
||||||
} from './QueueModule.js';
|
} from './QueueModule.js';
|
||||||
import type httpSignature from '@peertube/http-signature';
|
import { genRFC3230DigestHeader, type PrivateKeyWithPem, type ParsedSignature } from '@misskey-dev/node-http-message-signatures';
|
||||||
import type * as Bull from 'bullmq';
|
import type * as Bull from 'bullmq';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
|
@ -90,21 +89,21 @@ export class QueueService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public deliver(user: ThinUser, content: IActivity | null, to: string | null, isSharedInbox: boolean) {
|
public async deliver(user: ThinUser, content: IActivity | null, to: string | null, isSharedInbox: boolean, privateKey?: PrivateKeyWithPem) {
|
||||||
if (content == null) return null;
|
if (content == null) return null;
|
||||||
if (to == null) return null;
|
if (to == null) return null;
|
||||||
|
|
||||||
const contentBody = JSON.stringify(content);
|
const contentBody = JSON.stringify(content);
|
||||||
const digest = ApRequestCreator.createDigest(contentBody);
|
|
||||||
|
|
||||||
const data: DeliverJobData = {
|
const data: DeliverJobData = {
|
||||||
user: {
|
user: {
|
||||||
id: user.id,
|
id: user.id,
|
||||||
},
|
},
|
||||||
content: contentBody,
|
content: contentBody,
|
||||||
digest,
|
digest: await genRFC3230DigestHeader(contentBody, 'SHA-256'),
|
||||||
to,
|
to,
|
||||||
isSharedInbox,
|
isSharedInbox,
|
||||||
|
privateKey: privateKey && { keyId: privateKey.keyId, privateKeyPem: privateKey.privateKeyPem },
|
||||||
};
|
};
|
||||||
|
|
||||||
return this.deliverQueue.add(to, data, {
|
return this.deliverQueue.add(to, data, {
|
||||||
|
@ -122,13 +121,13 @@ export class QueueService {
|
||||||
* @param user `{ id: string; }` この関数ではThinUserに変換しないので前もって変換してください
|
* @param user `{ id: string; }` この関数ではThinUserに変換しないので前もって変換してください
|
||||||
* @param content IActivity | null
|
* @param content IActivity | null
|
||||||
* @param inboxes `Map<string, boolean>` / key: to (inbox url), value: isSharedInbox (whether it is sharedInbox)
|
* @param inboxes `Map<string, boolean>` / key: to (inbox url), value: isSharedInbox (whether it is sharedInbox)
|
||||||
|
* @param forceMainKey boolean | undefined, force to use main (rsa) key
|
||||||
* @returns void
|
* @returns void
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async deliverMany(user: ThinUser, content: IActivity | null, inboxes: Map<string, boolean>) {
|
public async deliverMany(user: ThinUser, content: IActivity | null, inboxes: Map<string, boolean>, privateKey?: PrivateKeyWithPem) {
|
||||||
if (content == null) return null;
|
if (content == null) return null;
|
||||||
const contentBody = JSON.stringify(content);
|
const contentBody = JSON.stringify(content);
|
||||||
const digest = ApRequestCreator.createDigest(contentBody);
|
|
||||||
|
|
||||||
const opts = {
|
const opts = {
|
||||||
attempts: this.config.deliverJobMaxAttempts ?? 12,
|
attempts: this.config.deliverJobMaxAttempts ?? 12,
|
||||||
|
@ -144,9 +143,9 @@ export class QueueService {
|
||||||
data: {
|
data: {
|
||||||
user,
|
user,
|
||||||
content: contentBody,
|
content: contentBody,
|
||||||
digest,
|
|
||||||
to: d[0],
|
to: d[0],
|
||||||
isSharedInbox: d[1],
|
isSharedInbox: d[1],
|
||||||
|
privateKey: privateKey && { keyId: privateKey.keyId, privateKeyPem: privateKey.privateKeyPem },
|
||||||
} as DeliverJobData,
|
} as DeliverJobData,
|
||||||
opts,
|
opts,
|
||||||
})));
|
})));
|
||||||
|
@ -155,7 +154,7 @@ export class QueueService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public inbox(activity: IActivity, signature: httpSignature.IParsedSignature) {
|
public inbox(activity: IActivity, signature: ParsedSignature | null) {
|
||||||
const data = {
|
const data = {
|
||||||
activity: activity,
|
activity: activity,
|
||||||
signature,
|
signature,
|
||||||
|
|
|
@ -16,6 +16,8 @@ import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { deepClone } from '@/misc/clone.js';
|
import { deepClone } from '@/misc/clone.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { UserKeypairService } from './UserKeypairService.js';
|
||||||
|
import type { PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
const ACTOR_USERNAME = 'relay.actor' as const;
|
const ACTOR_USERNAME = 'relay.actor' as const;
|
||||||
|
|
||||||
|
@ -34,6 +36,7 @@ export class RelayService {
|
||||||
private queueService: QueueService,
|
private queueService: QueueService,
|
||||||
private createSystemUserService: CreateSystemUserService,
|
private createSystemUserService: CreateSystemUserService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
|
private userKeypairService: UserKeypairService,
|
||||||
) {
|
) {
|
||||||
this.relaysCache = new MemorySingleCache<MiRelay[]>(1000 * 60 * 10);
|
this.relaysCache = new MemorySingleCache<MiRelay[]>(1000 * 60 * 10);
|
||||||
}
|
}
|
||||||
|
@ -111,7 +114,7 @@ export class RelayService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async deliverToRelays(user: { id: MiUser['id']; host: null; }, activity: any): Promise<void> {
|
public async deliverToRelays(user: { id: MiUser['id']; host: null; }, activity: any, privateKey?: PrivateKeyWithPem): Promise<void> {
|
||||||
if (activity == null) return;
|
if (activity == null) return;
|
||||||
|
|
||||||
const relays = await this.relaysCache.fetch(() => this.relaysRepository.findBy({
|
const relays = await this.relaysCache.fetch(() => this.relaysRepository.findBy({
|
||||||
|
@ -121,11 +124,9 @@ export class RelayService {
|
||||||
|
|
||||||
const copy = deepClone(activity);
|
const copy = deepClone(activity);
|
||||||
if (!copy.to) copy.to = ['https://www.w3.org/ns/activitystreams#Public'];
|
if (!copy.to) copy.to = ['https://www.w3.org/ns/activitystreams#Public'];
|
||||||
|
privateKey = privateKey ?? await this.userKeypairService.getLocalUserPrivateKeyPem(user.id);
|
||||||
|
const signed = await this.apRendererService.attachLdSignature(copy, privateKey);
|
||||||
|
|
||||||
const signed = await this.apRendererService.attachLdSignature(copy, user);
|
this.queueService.deliverMany(user, signed, new Map(relays.map(({ inbox }) => [inbox, false])), privateKey);
|
||||||
|
|
||||||
for (const relay of relays) {
|
|
||||||
this.queueService.deliver(user, signed, relay.inbox, false);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,6 +47,7 @@ export type RolePolicies = {
|
||||||
canHideAds: boolean;
|
canHideAds: boolean;
|
||||||
driveCapacityMb: number;
|
driveCapacityMb: number;
|
||||||
alwaysMarkNsfw: boolean;
|
alwaysMarkNsfw: boolean;
|
||||||
|
canUpdateBioMedia: boolean;
|
||||||
pinLimit: number;
|
pinLimit: number;
|
||||||
antennaLimit: number;
|
antennaLimit: number;
|
||||||
wordMuteLimit: number;
|
wordMuteLimit: number;
|
||||||
|
@ -75,6 +76,7 @@ export const DEFAULT_POLICIES: RolePolicies = {
|
||||||
canHideAds: false,
|
canHideAds: false,
|
||||||
driveCapacityMb: 100,
|
driveCapacityMb: 100,
|
||||||
alwaysMarkNsfw: false,
|
alwaysMarkNsfw: false,
|
||||||
|
canUpdateBioMedia: true,
|
||||||
pinLimit: 5,
|
pinLimit: 5,
|
||||||
antennaLimit: 5,
|
antennaLimit: 5,
|
||||||
wordMuteLimit: 200,
|
wordMuteLimit: 200,
|
||||||
|
@ -376,6 +378,7 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
|
||||||
canHideAds: calc('canHideAds', vs => vs.some(v => v === true)),
|
canHideAds: calc('canHideAds', vs => vs.some(v => v === true)),
|
||||||
driveCapacityMb: calc('driveCapacityMb', vs => Math.max(...vs)),
|
driveCapacityMb: calc('driveCapacityMb', vs => Math.max(...vs)),
|
||||||
alwaysMarkNsfw: calc('alwaysMarkNsfw', vs => vs.some(v => v === true)),
|
alwaysMarkNsfw: calc('alwaysMarkNsfw', vs => vs.some(v => v === true)),
|
||||||
|
canUpdateBioMedia: calc('canUpdateBioMedia', vs => vs.some(v => v === true)),
|
||||||
pinLimit: calc('pinLimit', vs => Math.max(...vs)),
|
pinLimit: calc('pinLimit', vs => Math.max(...vs)),
|
||||||
antennaLimit: calc('antennaLimit', vs => Math.max(...vs)),
|
antennaLimit: calc('antennaLimit', vs => Math.max(...vs)),
|
||||||
wordMuteLimit: calc('wordMuteLimit', vs => Math.max(...vs)),
|
wordMuteLimit: calc('wordMuteLimit', vs => Math.max(...vs)),
|
||||||
|
|
|
@ -3,7 +3,6 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import { generateKeyPair } from 'node:crypto';
|
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import bcrypt from 'bcryptjs';
|
import bcrypt from 'bcryptjs';
|
||||||
import { DataSource, IsNull } from 'typeorm';
|
import { DataSource, IsNull } from 'typeorm';
|
||||||
|
@ -21,6 +20,7 @@ import { bindThis } from '@/decorators.js';
|
||||||
import UsersChart from '@/core/chart/charts/users.js';
|
import UsersChart from '@/core/chart/charts/users.js';
|
||||||
import { UtilityService } from '@/core/UtilityService.js';
|
import { UtilityService } from '@/core/UtilityService.js';
|
||||||
import { MetaService } from '@/core/MetaService.js';
|
import { MetaService } from '@/core/MetaService.js';
|
||||||
|
import { genRSAAndEd25519KeyPair } from '@/misc/gen-key-pair.js';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class SignupService {
|
export class SignupService {
|
||||||
|
@ -93,22 +93,7 @@ export class SignupService {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const keyPair = await new Promise<string[]>((res, rej) =>
|
const keyPair = await genRSAAndEd25519KeyPair();
|
||||||
generateKeyPair('rsa', {
|
|
||||||
modulusLength: 2048,
|
|
||||||
publicKeyEncoding: {
|
|
||||||
type: 'spki',
|
|
||||||
format: 'pem',
|
|
||||||
},
|
|
||||||
privateKeyEncoding: {
|
|
||||||
type: 'pkcs8',
|
|
||||||
format: 'pem',
|
|
||||||
cipher: undefined,
|
|
||||||
passphrase: undefined,
|
|
||||||
},
|
|
||||||
}, (err, publicKey, privateKey) =>
|
|
||||||
err ? rej(err) : res([publicKey, privateKey]),
|
|
||||||
));
|
|
||||||
|
|
||||||
let account!: MiUser;
|
let account!: MiUser;
|
||||||
|
|
||||||
|
@ -131,9 +116,8 @@ export class SignupService {
|
||||||
}));
|
}));
|
||||||
|
|
||||||
await transactionalEntityManager.save(new MiUserKeypair({
|
await transactionalEntityManager.save(new MiUserKeypair({
|
||||||
publicKey: keyPair[0],
|
|
||||||
privateKey: keyPair[1],
|
|
||||||
userId: account.id,
|
userId: account.id,
|
||||||
|
...keyPair,
|
||||||
}));
|
}));
|
||||||
|
|
||||||
await transactionalEntityManager.save(new MiUserProfile({
|
await transactionalEntityManager.save(new MiUserProfile({
|
||||||
|
|
|
@ -5,41 +5,184 @@
|
||||||
|
|
||||||
import { Inject, Injectable, OnApplicationShutdown } from '@nestjs/common';
|
import { Inject, Injectable, OnApplicationShutdown } from '@nestjs/common';
|
||||||
import * as Redis from 'ioredis';
|
import * as Redis from 'ioredis';
|
||||||
|
import { genEd25519KeyPair, importPrivateKey, PrivateKey, PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
import type { MiUser } from '@/models/User.js';
|
import type { MiUser } from '@/models/User.js';
|
||||||
import type { UserKeypairsRepository } from '@/models/_.js';
|
import type { UserKeypairsRepository } from '@/models/_.js';
|
||||||
import { RedisKVCache } from '@/misc/cache.js';
|
import { RedisKVCache, MemoryKVCache } from '@/misc/cache.js';
|
||||||
import type { MiUserKeypair } from '@/models/UserKeypair.js';
|
import type { MiUserKeypair } from '@/models/UserKeypair.js';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { GlobalEventService, GlobalEvents } from '@/core/GlobalEventService.js';
|
||||||
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
|
import type { webcrypto } from 'node:crypto';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class UserKeypairService implements OnApplicationShutdown {
|
export class UserKeypairService implements OnApplicationShutdown {
|
||||||
private cache: RedisKVCache<MiUserKeypair>;
|
private keypairEntityCache: RedisKVCache<MiUserKeypair>;
|
||||||
|
private privateKeyObjectCache: MemoryKVCache<webcrypto.CryptoKey>;
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
@Inject(DI.redis)
|
@Inject(DI.redis)
|
||||||
private redisClient: Redis.Redis,
|
private redisClient: Redis.Redis,
|
||||||
|
@Inject(DI.redisForSub)
|
||||||
|
private redisForSub: Redis.Redis,
|
||||||
@Inject(DI.userKeypairsRepository)
|
@Inject(DI.userKeypairsRepository)
|
||||||
private userKeypairsRepository: UserKeypairsRepository,
|
private userKeypairsRepository: UserKeypairsRepository,
|
||||||
|
|
||||||
|
private globalEventService: GlobalEventService,
|
||||||
|
private userEntityService: UserEntityService,
|
||||||
) {
|
) {
|
||||||
this.cache = new RedisKVCache<MiUserKeypair>(this.redisClient, 'userKeypair', {
|
this.keypairEntityCache = new RedisKVCache<MiUserKeypair>(this.redisClient, 'userKeypair', {
|
||||||
lifetime: 1000 * 60 * 60 * 24, // 24h
|
lifetime: 1000 * 60 * 60 * 24, // 24h
|
||||||
memoryCacheLifetime: Infinity,
|
memoryCacheLifetime: Infinity,
|
||||||
fetcher: (key) => this.userKeypairsRepository.findOneByOrFail({ userId: key }),
|
fetcher: (key) => this.userKeypairsRepository.findOneByOrFail({ userId: key }),
|
||||||
toRedisConverter: (value) => JSON.stringify(value),
|
toRedisConverter: (value) => JSON.stringify(value),
|
||||||
fromRedisConverter: (value) => JSON.parse(value),
|
fromRedisConverter: (value) => JSON.parse(value),
|
||||||
});
|
});
|
||||||
|
this.privateKeyObjectCache = new MemoryKVCache<webcrypto.CryptoKey>(1000 * 60 * 60 * 1);
|
||||||
|
|
||||||
|
this.redisForSub.on('message', this.onMessage);
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async getUserKeypair(userId: MiUser['id']): Promise<MiUserKeypair> {
|
public async getUserKeypair(userId: MiUser['id']): Promise<MiUserKeypair> {
|
||||||
return await this.cache.fetch(userId);
|
return await this.keypairEntityCache.fetch(userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get private key [Only PrivateKeyWithPem for queue data etc.]
|
||||||
|
* @param userIdOrHint user id or MiUserKeypair
|
||||||
|
* @param preferType
|
||||||
|
* If ed25519-like(`ed25519`, `01`, `11`) is specified, ed25519 keypair will be returned if exists.
|
||||||
|
* Otherwise, main keypair will be returned.
|
||||||
|
* @returns
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
public async getLocalUserPrivateKeyPem(
|
||||||
|
userIdOrHint: MiUser['id'] | MiUserKeypair,
|
||||||
|
preferType?: string,
|
||||||
|
): Promise<PrivateKeyWithPem> {
|
||||||
|
const keypair = typeof userIdOrHint === 'string' ? await this.getUserKeypair(userIdOrHint) : userIdOrHint;
|
||||||
|
if (
|
||||||
|
preferType && ['01', '11', 'ed25519'].includes(preferType.toLowerCase()) &&
|
||||||
|
keypair.ed25519PublicKey != null && keypair.ed25519PrivateKey != null
|
||||||
|
) {
|
||||||
|
return {
|
||||||
|
keyId: `${this.userEntityService.genLocalUserUri(keypair.userId)}#ed25519-key`,
|
||||||
|
privateKeyPem: keypair.ed25519PrivateKey,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
return {
|
||||||
|
keyId: `${this.userEntityService.genLocalUserUri(keypair.userId)}#main-key`,
|
||||||
|
privateKeyPem: keypair.privateKey,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get private key [Only PrivateKey for ap request]
|
||||||
|
* Using cache due to performance reasons of `crypto.subtle.importKey`
|
||||||
|
* @param userIdOrHint user id, MiUserKeypair, or PrivateKeyWithPem
|
||||||
|
* @param preferType
|
||||||
|
* If ed25519-like(`ed25519`, `01`, `11`) is specified, ed25519 keypair will be returned if exists.
|
||||||
|
* Otherwise, main keypair will be returned. (ignored if userIdOrHint is PrivateKeyWithPem)
|
||||||
|
* @returns
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
public async getLocalUserPrivateKey(
|
||||||
|
userIdOrHint: MiUser['id'] | MiUserKeypair | PrivateKeyWithPem,
|
||||||
|
preferType?: string,
|
||||||
|
): Promise<PrivateKey> {
|
||||||
|
if (typeof userIdOrHint === 'object' && 'privateKeyPem' in userIdOrHint) {
|
||||||
|
// userIdOrHint is PrivateKeyWithPem
|
||||||
|
return {
|
||||||
|
keyId: userIdOrHint.keyId,
|
||||||
|
privateKey: await this.privateKeyObjectCache.fetch(userIdOrHint.keyId, async () => {
|
||||||
|
return await importPrivateKey(userIdOrHint.privateKeyPem);
|
||||||
|
}),
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
const userId = typeof userIdOrHint === 'string' ? userIdOrHint : userIdOrHint.userId;
|
||||||
|
const getKeypair = () => typeof userIdOrHint === 'string' ? this.getUserKeypair(userId) : userIdOrHint;
|
||||||
|
|
||||||
|
if (preferType && ['01', '11', 'ed25519'].includes(preferType.toLowerCase())) {
|
||||||
|
const keyId = `${this.userEntityService.genLocalUserUri(userId)}#ed25519-key`;
|
||||||
|
const fetched = await this.privateKeyObjectCache.fetchMaybe(keyId, async () => {
|
||||||
|
const keypair = await getKeypair();
|
||||||
|
if (keypair.ed25519PublicKey != null && keypair.ed25519PrivateKey != null) {
|
||||||
|
return await importPrivateKey(keypair.ed25519PrivateKey);
|
||||||
|
}
|
||||||
|
return;
|
||||||
|
});
|
||||||
|
if (fetched) {
|
||||||
|
return {
|
||||||
|
keyId,
|
||||||
|
privateKey: fetched,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const keyId = `${this.userEntityService.genLocalUserUri(userId)}#main-key`;
|
||||||
|
return {
|
||||||
|
keyId,
|
||||||
|
privateKey: await this.privateKeyObjectCache.fetch(keyId, async () => {
|
||||||
|
const keypair = await getKeypair();
|
||||||
|
return await importPrivateKey(keypair.privateKey);
|
||||||
|
}),
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@bindThis
|
||||||
|
public async refresh(userId: MiUser['id']): Promise<void> {
|
||||||
|
return await this.keypairEntityCache.refresh(userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* If DB has ed25519 keypair, refresh cache and return it.
|
||||||
|
* If not, create, save and return ed25519 keypair.
|
||||||
|
* @param userId user id
|
||||||
|
* @returns MiUserKeypair if keypair is created, void if keypair is already exists
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
public async refreshAndPrepareEd25519KeyPair(userId: MiUser['id']): Promise<MiUserKeypair | void> {
|
||||||
|
await this.refresh(userId);
|
||||||
|
const keypair = await this.keypairEntityCache.fetch(userId);
|
||||||
|
if (keypair.ed25519PublicKey != null) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const ed25519 = await genEd25519KeyPair();
|
||||||
|
await this.userKeypairsRepository.update({ userId }, {
|
||||||
|
ed25519PublicKey: ed25519.publicKey,
|
||||||
|
ed25519PrivateKey: ed25519.privateKey,
|
||||||
|
});
|
||||||
|
this.globalEventService.publishInternalEvent('userKeypairUpdated', { userId });
|
||||||
|
const result = {
|
||||||
|
...keypair,
|
||||||
|
ed25519PublicKey: ed25519.publicKey,
|
||||||
|
ed25519PrivateKey: ed25519.privateKey,
|
||||||
|
};
|
||||||
|
this.keypairEntityCache.set(userId, result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
@bindThis
|
||||||
|
private async onMessage(_: string, data: string): Promise<void> {
|
||||||
|
const obj = JSON.parse(data);
|
||||||
|
|
||||||
|
if (obj.channel === 'internal') {
|
||||||
|
const { type, body } = obj.message as GlobalEvents['internal']['payload'];
|
||||||
|
switch (type) {
|
||||||
|
case 'userKeypairUpdated': {
|
||||||
|
this.refresh(body.userId);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@bindThis
|
@bindThis
|
||||||
public dispose(): void {
|
public dispose(): void {
|
||||||
this.cache.dispose();
|
this.keypairEntityCache.dispose();
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project , Type4ny-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
|
import { In } from 'typeorm';
|
||||||
|
import type { RenoteMutingsRepository } from '@/models/_.js';
|
||||||
|
import type { MiRenoteMuting } from '@/models/RenoteMuting.js';
|
||||||
|
|
||||||
|
import { IdService } from '@/core/IdService.js';
|
||||||
|
import type { MiUser } from '@/models/User.js';
|
||||||
|
import { DI } from '@/di-symbols.js';
|
||||||
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { CacheService } from '@/core/CacheService.js';
|
||||||
|
|
||||||
|
@Injectable()
|
||||||
|
export class UserRenoteMutingService {
|
||||||
|
constructor(
|
||||||
|
@Inject(DI.renoteMutingsRepository)
|
||||||
|
private renoteMutingsRepository: RenoteMutingsRepository,
|
||||||
|
|
||||||
|
private idService: IdService,
|
||||||
|
private cacheService: CacheService,
|
||||||
|
) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@bindThis
|
||||||
|
public async mute(user: MiUser, target: MiUser, expiresAt: Date | null = null): Promise<void> {
|
||||||
|
await this.renoteMutingsRepository.insert({
|
||||||
|
id: this.idService.gen(),
|
||||||
|
muterId: user.id,
|
||||||
|
muteeId: target.id,
|
||||||
|
});
|
||||||
|
|
||||||
|
await this.cacheService.renoteMutingsCache.refresh(user.id);
|
||||||
|
}
|
||||||
|
|
||||||
|
@bindThis
|
||||||
|
public async unmute(mutings: MiRenoteMuting[]): Promise<void> {
|
||||||
|
if (mutings.length === 0) return;
|
||||||
|
|
||||||
|
await this.renoteMutingsRepository.delete({
|
||||||
|
id: In(mutings.map(m => m.id)),
|
||||||
|
});
|
||||||
|
|
||||||
|
const muterIds = [...new Set(mutings.map(m => m.muterId))];
|
||||||
|
for (const muterId of muterIds) {
|
||||||
|
await this.cacheService.renoteMutingsCache.refresh(muterId);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,205 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
|
import { Brackets, SelectQueryBuilder } from 'typeorm';
|
||||||
|
import { DI } from '@/di-symbols.js';
|
||||||
|
import { type FollowingsRepository, MiUser, type UsersRepository } from '@/models/_.js';
|
||||||
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { sqlLikeEscape } from '@/misc/sql-like-escape.js';
|
||||||
|
import type { Config } from '@/config.js';
|
||||||
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
|
import { Packed } from '@/misc/json-schema.js';
|
||||||
|
|
||||||
|
function defaultActiveThreshold() {
|
||||||
|
return new Date(Date.now() - 1000 * 60 * 60 * 24 * 30);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Injectable()
|
||||||
|
export class UserSearchService {
|
||||||
|
constructor(
|
||||||
|
@Inject(DI.config)
|
||||||
|
private config: Config,
|
||||||
|
@Inject(DI.usersRepository)
|
||||||
|
private usersRepository: UsersRepository,
|
||||||
|
@Inject(DI.followingsRepository)
|
||||||
|
private followingsRepository: FollowingsRepository,
|
||||||
|
private userEntityService: UserEntityService,
|
||||||
|
) {
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ユーザ名とホスト名によるユーザ検索を行う.
|
||||||
|
*
|
||||||
|
* - 検索結果には優先順位がつけられており、以下の順序で検索が行われる.
|
||||||
|
* 1. フォローしているユーザのうち、一定期間以内(※)に更新されたユーザ
|
||||||
|
* 2. フォローしているユーザのうち、一定期間以内に更新されていないユーザ
|
||||||
|
* 3. フォローしていないユーザのうち、一定期間以内に更新されたユーザ
|
||||||
|
* 4. フォローしていないユーザのうち、一定期間以内に更新されていないユーザ
|
||||||
|
* - ログインしていない場合は、以下の順序で検索が行われる.
|
||||||
|
* 1. 一定期間以内に更新されたユーザ
|
||||||
|
* 2. 一定期間以内に更新されていないユーザ
|
||||||
|
* - それぞれの検索結果はユーザ名の昇順でソートされる.
|
||||||
|
* - 動作的には先に登場した検索結果の登場位置が優先される(条件的にユーザIDが重複することはないが).
|
||||||
|
* (1で既にヒットしていた場合、2, 3, 4でヒットしても無視される)
|
||||||
|
* - ユーザ名とホスト名の検索条件はそれぞれ前方一致で検索される.
|
||||||
|
* - ユーザ名の検索は大文字小文字を区別しない.
|
||||||
|
* - ホスト名の検索は大文字小文字を区別しない.
|
||||||
|
* - 検索結果は最大で {@link opts.limit} 件までとなる.
|
||||||
|
*
|
||||||
|
* ※一定期間とは {@link params.activeThreshold} で指定された日時から現在までの期間を指す.
|
||||||
|
*
|
||||||
|
* @param params 検索条件.
|
||||||
|
* @param opts 関数の動作を制御するオプション.
|
||||||
|
* @param me 検索を実行するユーザの情報. 未ログインの場合は指定しない.
|
||||||
|
* @see {@link UserSearchService#buildSearchUserQueries}
|
||||||
|
* @see {@link UserSearchService#buildSearchUserNoLoginQueries}
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
public async search(
|
||||||
|
params: {
|
||||||
|
username?: string | null,
|
||||||
|
host?: string | null,
|
||||||
|
activeThreshold?: Date,
|
||||||
|
},
|
||||||
|
opts?: {
|
||||||
|
limit?: number,
|
||||||
|
detail?: boolean,
|
||||||
|
},
|
||||||
|
me?: MiUser | null,
|
||||||
|
): Promise<Packed<'User'>[]> {
|
||||||
|
const queries = me ? this.buildSearchUserQueries(me, params) : this.buildSearchUserNoLoginQueries(params);
|
||||||
|
|
||||||
|
let resultSet = new Set<MiUser['id']>();
|
||||||
|
const limit = opts?.limit ?? 10;
|
||||||
|
for (const query of queries) {
|
||||||
|
const ids = await query
|
||||||
|
.select('user.id')
|
||||||
|
.limit(limit - resultSet.size)
|
||||||
|
.orderBy('user.usernameLower', 'ASC')
|
||||||
|
.getRawMany<{ user_id: MiUser['id'] }>()
|
||||||
|
.then(res => res.map(x => x.user_id));
|
||||||
|
|
||||||
|
resultSet = new Set([...resultSet, ...ids]);
|
||||||
|
if (resultSet.size >= limit) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return this.userEntityService.packMany<'UserLite' | 'UserDetailed'>(
|
||||||
|
[...resultSet].slice(0, limit),
|
||||||
|
me,
|
||||||
|
{ schema: opts?.detail ? 'UserDetailed' : 'UserLite' },
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ログイン済みユーザによる検索実行時のクエリ一覧を構築する.
|
||||||
|
* @param me
|
||||||
|
* @param params
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
private buildSearchUserQueries(
|
||||||
|
me: MiUser,
|
||||||
|
params: {
|
||||||
|
username?: string | null,
|
||||||
|
host?: string | null,
|
||||||
|
activeThreshold?: Date,
|
||||||
|
},
|
||||||
|
) {
|
||||||
|
// デフォルト30日以内に更新されたユーザーをアクティブユーザーとする
|
||||||
|
const activeThreshold = params.activeThreshold ?? defaultActiveThreshold();
|
||||||
|
|
||||||
|
const followingUserQuery = this.followingsRepository.createQueryBuilder('following')
|
||||||
|
.select('following.followeeId')
|
||||||
|
.where('following.followerId = :followerId', { followerId: me.id });
|
||||||
|
|
||||||
|
const activeFollowingUsersQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere(`user.id IN (${followingUserQuery.getQuery()})`)
|
||||||
|
.andWhere('user.updatedAt > :activeThreshold', { activeThreshold });
|
||||||
|
activeFollowingUsersQuery.setParameters(followingUserQuery.getParameters());
|
||||||
|
|
||||||
|
const inactiveFollowingUsersQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere(`user.id IN (${followingUserQuery.getQuery()})`)
|
||||||
|
.andWhere(new Brackets(qb => {
|
||||||
|
qb
|
||||||
|
.where('user.updatedAt IS NULL')
|
||||||
|
.orWhere('user.updatedAt <= :activeThreshold', { activeThreshold });
|
||||||
|
}));
|
||||||
|
inactiveFollowingUsersQuery.setParameters(followingUserQuery.getParameters());
|
||||||
|
|
||||||
|
// 自分自身がヒットするとしたらここ
|
||||||
|
const activeUserQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere(`user.id NOT IN (${followingUserQuery.getQuery()})`)
|
||||||
|
.andWhere('user.updatedAt > :activeThreshold', { activeThreshold });
|
||||||
|
activeUserQuery.setParameters(followingUserQuery.getParameters());
|
||||||
|
|
||||||
|
const inactiveUserQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere(`user.id NOT IN (${followingUserQuery.getQuery()})`)
|
||||||
|
.andWhere('user.updatedAt <= :activeThreshold', { activeThreshold });
|
||||||
|
inactiveUserQuery.setParameters(followingUserQuery.getParameters());
|
||||||
|
|
||||||
|
return [activeFollowingUsersQuery, inactiveFollowingUsersQuery, activeUserQuery, inactiveUserQuery];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ログインしていないユーザによる検索実行時のクエリ一覧を構築する.
|
||||||
|
* @param params
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
private buildSearchUserNoLoginQueries(params: {
|
||||||
|
username?: string | null,
|
||||||
|
host?: string | null,
|
||||||
|
activeThreshold?: Date,
|
||||||
|
}) {
|
||||||
|
// デフォルト30日以内に更新されたユーザーをアクティブユーザーとする
|
||||||
|
const activeThreshold = params.activeThreshold ?? defaultActiveThreshold();
|
||||||
|
|
||||||
|
const activeUserQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere(new Brackets(qb => {
|
||||||
|
qb
|
||||||
|
.where('user.updatedAt IS NULL')
|
||||||
|
.orWhere('user.updatedAt > :activeThreshold', { activeThreshold });
|
||||||
|
}));
|
||||||
|
|
||||||
|
const inactiveUserQuery = this.generateUserQueryBuilder(params)
|
||||||
|
.andWhere('user.updatedAt <= :activeThreshold', { activeThreshold });
|
||||||
|
|
||||||
|
return [activeUserQuery, inactiveUserQuery];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* ユーザ検索クエリで共通する抽出条件をあらかじめ設定したクエリビルダを生成する.
|
||||||
|
* @param params
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
private generateUserQueryBuilder(params: {
|
||||||
|
username?: string | null,
|
||||||
|
host?: string | null,
|
||||||
|
}): SelectQueryBuilder<MiUser> {
|
||||||
|
const userQuery = this.usersRepository.createQueryBuilder('user');
|
||||||
|
|
||||||
|
if (params.username) {
|
||||||
|
userQuery.andWhere('user.usernameLower LIKE :username', { username: sqlLikeEscape(params.username.toLowerCase()) + '%' });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (params.host) {
|
||||||
|
if (params.host === this.config.hostname || params.host === '.') {
|
||||||
|
userQuery.andWhere('user.host IS NULL');
|
||||||
|
} else {
|
||||||
|
userQuery.andWhere('user.host LIKE :host', {
|
||||||
|
host: sqlLikeEscape(params.host.toLowerCase()) + '%',
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
userQuery.andWhere('user.isSuspended = FALSE');
|
||||||
|
|
||||||
|
return userQuery;
|
||||||
|
}
|
||||||
|
}
|
|
@ -3,27 +3,23 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Injectable } from '@nestjs/common';
|
||||||
import { Not, IsNull } from 'typeorm';
|
|
||||||
import type { FollowingsRepository } from '@/models/_.js';
|
|
||||||
import type { MiUser } from '@/models/User.js';
|
import type { MiUser } from '@/models/User.js';
|
||||||
import { QueueService } from '@/core/QueueService.js';
|
|
||||||
import { GlobalEventService } from '@/core/GlobalEventService.js';
|
import { GlobalEventService } from '@/core/GlobalEventService.js';
|
||||||
import { DI } from '@/di-symbols.js';
|
|
||||||
import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
|
import { ApRendererService } from '@/core/activitypub/ApRendererService.js';
|
||||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { UserKeypairService } from './UserKeypairService.js';
|
||||||
|
import { ApDeliverManagerService } from './activitypub/ApDeliverManagerService.js';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class UserSuspendService {
|
export class UserSuspendService {
|
||||||
constructor(
|
constructor(
|
||||||
@Inject(DI.followingsRepository)
|
|
||||||
private followingsRepository: FollowingsRepository,
|
|
||||||
|
|
||||||
private userEntityService: UserEntityService,
|
private userEntityService: UserEntityService,
|
||||||
private queueService: QueueService,
|
|
||||||
private globalEventService: GlobalEventService,
|
private globalEventService: GlobalEventService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
|
private userKeypairService: UserKeypairService,
|
||||||
|
private apDeliverManagerService: ApDeliverManagerService,
|
||||||
) {
|
) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -32,28 +28,12 @@ export class UserSuspendService {
|
||||||
this.globalEventService.publishInternalEvent('userChangeSuspendedState', { id: user.id, isSuspended: true });
|
this.globalEventService.publishInternalEvent('userChangeSuspendedState', { id: user.id, isSuspended: true });
|
||||||
|
|
||||||
if (this.userEntityService.isLocalUser(user)) {
|
if (this.userEntityService.isLocalUser(user)) {
|
||||||
// 知り得る全SharedInboxにDelete配信
|
|
||||||
const content = this.apRendererService.addContext(this.apRendererService.renderDelete(this.userEntityService.genLocalUserUri(user.id), user));
|
const content = this.apRendererService.addContext(this.apRendererService.renderDelete(this.userEntityService.genLocalUserUri(user.id), user));
|
||||||
|
const manager = this.apDeliverManagerService.createDeliverManager(user, content);
|
||||||
const queue: string[] = [];
|
manager.addAllKnowingSharedInboxRecipe();
|
||||||
|
// process deliver時にはキーペアが消去されているはずなので、ここで挿入する
|
||||||
const followings = await this.followingsRepository.find({
|
const privateKey = await this.userKeypairService.getLocalUserPrivateKeyPem(user.id, 'main');
|
||||||
where: [
|
manager.execute({ privateKey });
|
||||||
{ followerSharedInbox: Not(IsNull()) },
|
|
||||||
{ followeeSharedInbox: Not(IsNull()) },
|
|
||||||
],
|
|
||||||
select: ['followerSharedInbox', 'followeeSharedInbox'],
|
|
||||||
});
|
|
||||||
|
|
||||||
const inboxes = followings.map(x => x.followerSharedInbox ?? x.followeeSharedInbox);
|
|
||||||
|
|
||||||
for (const inbox of inboxes) {
|
|
||||||
if (inbox != null && !queue.includes(inbox)) queue.push(inbox);
|
|
||||||
}
|
|
||||||
|
|
||||||
for (const inbox of queue) {
|
|
||||||
this.queueService.deliver(user, content, inbox, true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -62,28 +42,12 @@ export class UserSuspendService {
|
||||||
this.globalEventService.publishInternalEvent('userChangeSuspendedState', { id: user.id, isSuspended: false });
|
this.globalEventService.publishInternalEvent('userChangeSuspendedState', { id: user.id, isSuspended: false });
|
||||||
|
|
||||||
if (this.userEntityService.isLocalUser(user)) {
|
if (this.userEntityService.isLocalUser(user)) {
|
||||||
// 知り得る全SharedInboxにUndo Delete配信
|
|
||||||
const content = this.apRendererService.addContext(this.apRendererService.renderUndo(this.apRendererService.renderDelete(this.userEntityService.genLocalUserUri(user.id), user), user));
|
const content = this.apRendererService.addContext(this.apRendererService.renderUndo(this.apRendererService.renderDelete(this.userEntityService.genLocalUserUri(user.id), user), user));
|
||||||
|
const manager = this.apDeliverManagerService.createDeliverManager(user, content);
|
||||||
const queue: string[] = [];
|
manager.addAllKnowingSharedInboxRecipe();
|
||||||
|
// process deliver時にはキーペアが消去されているはずなので、ここで挿入する
|
||||||
const followings = await this.followingsRepository.find({
|
const privateKey = await this.userKeypairService.getLocalUserPrivateKeyPem(user.id, 'main');
|
||||||
where: [
|
manager.execute({ privateKey });
|
||||||
{ followerSharedInbox: Not(IsNull()) },
|
|
||||||
{ followeeSharedInbox: Not(IsNull()) },
|
|
||||||
],
|
|
||||||
select: ['followerSharedInbox', 'followeeSharedInbox'],
|
|
||||||
});
|
|
||||||
|
|
||||||
const inboxes = followings.map(x => x.followerSharedInbox ?? x.followeeSharedInbox);
|
|
||||||
|
|
||||||
for (const inbox of inboxes) {
|
|
||||||
if (inbox != null && !queue.includes(inbox)) queue.push(inbox);
|
|
||||||
}
|
|
||||||
|
|
||||||
for (const inbox of queue) {
|
|
||||||
this.queueService.deliver(user as any, content, inbox, true);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,7 +46,7 @@ export class WebfingerService {
|
||||||
const m = query.match(mRegex);
|
const m = query.match(mRegex);
|
||||||
if (m) {
|
if (m) {
|
||||||
const hostname = m[2];
|
const hostname = m[2];
|
||||||
const useHttp = process.env.MISSKEY_WEBFINGER_USE_HTTP && process.env.MISSKEY_WEBFINGER_USE_HTTP.toLowerCase() === 'true';
|
const useHttp = process.env.MISSKEY_USE_HTTP && process.env.MISSKEY_USE_HTTP.toLowerCase() === 'true';
|
||||||
return `http${useHttp ? '' : 's'}://${hostname}/.well-known/webfinger?${urlQuery({ resource: `acct:${query}` })}`;
|
return `http${useHttp ? '' : 's'}://${hostname}/.well-known/webfinger?${urlQuery({ resource: `acct:${query}` })}`;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
import { Inject, Injectable, OnApplicationShutdown } from '@nestjs/common';
|
import { Inject, Injectable, OnApplicationShutdown } from '@nestjs/common';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import type { NotesRepository, UserPublickeysRepository, UsersRepository } from '@/models/_.js';
|
import type { MiUser, NotesRepository, UserPublickeysRepository, UsersRepository } from '@/models/_.js';
|
||||||
import type { Config } from '@/config.js';
|
import type { Config } from '@/config.js';
|
||||||
import { MemoryKVCache } from '@/misc/cache.js';
|
import { MemoryKVCache } from '@/misc/cache.js';
|
||||||
import type { MiUserPublickey } from '@/models/UserPublickey.js';
|
import type { MiUserPublickey } from '@/models/UserPublickey.js';
|
||||||
|
@ -13,9 +13,12 @@ import { CacheService } from '@/core/CacheService.js';
|
||||||
import type { MiNote } from '@/models/Note.js';
|
import type { MiNote } from '@/models/Note.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { MiLocalUser, MiRemoteUser } from '@/models/User.js';
|
import { MiLocalUser, MiRemoteUser } from '@/models/User.js';
|
||||||
|
import Logger from '@/logger.js';
|
||||||
import { getApId } from './type.js';
|
import { getApId } from './type.js';
|
||||||
import { ApPersonService } from './models/ApPersonService.js';
|
import { ApPersonService } from './models/ApPersonService.js';
|
||||||
|
import { ApLoggerService } from './ApLoggerService.js';
|
||||||
import type { IObject } from './type.js';
|
import type { IObject } from './type.js';
|
||||||
|
import { UtilityService } from '../UtilityService.js';
|
||||||
|
|
||||||
export type UriParseResult = {
|
export type UriParseResult = {
|
||||||
/** wether the URI was generated by us */
|
/** wether the URI was generated by us */
|
||||||
|
@ -35,8 +38,8 @@ export type UriParseResult = {
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class ApDbResolverService implements OnApplicationShutdown {
|
export class ApDbResolverService implements OnApplicationShutdown {
|
||||||
private publicKeyCache: MemoryKVCache<MiUserPublickey | null>;
|
private publicKeyByUserIdCache: MemoryKVCache<MiUserPublickey[] | null>;
|
||||||
private publicKeyByUserIdCache: MemoryKVCache<MiUserPublickey | null>;
|
private logger: Logger;
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
@Inject(DI.config)
|
@Inject(DI.config)
|
||||||
|
@ -53,9 +56,17 @@ export class ApDbResolverService implements OnApplicationShutdown {
|
||||||
|
|
||||||
private cacheService: CacheService,
|
private cacheService: CacheService,
|
||||||
private apPersonService: ApPersonService,
|
private apPersonService: ApPersonService,
|
||||||
|
private apLoggerService: ApLoggerService,
|
||||||
|
private utilityService: UtilityService,
|
||||||
) {
|
) {
|
||||||
this.publicKeyCache = new MemoryKVCache<MiUserPublickey | null>(Infinity);
|
this.publicKeyByUserIdCache = new MemoryKVCache<MiUserPublickey[] | null>(Infinity);
|
||||||
this.publicKeyByUserIdCache = new MemoryKVCache<MiUserPublickey | null>(Infinity);
|
this.logger = this.apLoggerService.logger.createSubLogger('db-resolver');
|
||||||
|
}
|
||||||
|
|
||||||
|
private punyHost(url: string): string {
|
||||||
|
const urlObj = new URL(url);
|
||||||
|
const host = `${this.utilityService.toPuny(urlObj.hostname)}${urlObj.port.length > 0 ? ':' + urlObj.port : ''}`;
|
||||||
|
return host;
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
|
@ -116,62 +127,141 @@ export class ApDbResolverService implements OnApplicationShutdown {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* AP KeyId => Misskey User and Key
|
|
||||||
*/
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async getAuthUserFromKeyId(keyId: string): Promise<{
|
private async refreshAndFindKey(userId: MiUser['id'], keyId: string): Promise<MiUserPublickey | null> {
|
||||||
user: MiRemoteUser;
|
this.refreshCacheByUserId(userId);
|
||||||
key: MiUserPublickey;
|
const keys = await this.getPublicKeyByUserId(userId);
|
||||||
} | null> {
|
if (keys == null || !Array.isArray(keys) || keys.length === 0) {
|
||||||
const key = await this.publicKeyCache.fetch(keyId, async () => {
|
this.logger.warn(`No key found (refreshAndFindKey) userId=${userId} keyId=${keyId} keys=${JSON.stringify(keys)}`);
|
||||||
const key = await this.userPublickeysRepository.findOneBy({
|
return null;
|
||||||
keyId,
|
}
|
||||||
});
|
const exactKey = keys.find(x => x.keyId === keyId);
|
||||||
|
if (exactKey) return exactKey;
|
||||||
if (key == null) return null;
|
this.logger.warn(`No exact key found (refreshAndFindKey) userId=${userId} keyId=${keyId} keys=${JSON.stringify(keys)}`);
|
||||||
|
return null;
|
||||||
return key;
|
|
||||||
}, key => key != null);
|
|
||||||
|
|
||||||
if (key == null) return null;
|
|
||||||
|
|
||||||
const user = await this.cacheService.findUserById(key.userId).catch(() => null) as MiRemoteUser | null;
|
|
||||||
if (user == null) return null;
|
|
||||||
if (user.isDeleted) return null;
|
|
||||||
|
|
||||||
return {
|
|
||||||
user,
|
|
||||||
key,
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* AP Actor id => Misskey User and Key
|
* AP Actor id => Misskey User and Key
|
||||||
|
* @param uri AP Actor id
|
||||||
|
* @param keyId Key id to find. If not specified, main key will be selected.
|
||||||
|
* @returns
|
||||||
|
* 1. `null` if the user and key host do not match
|
||||||
|
* 2. `{ user: null, key: null }` if the user is not found
|
||||||
|
* 3. `{ user: MiRemoteUser, key: null }` if key is not found
|
||||||
|
* 4. `{ user: MiRemoteUser, key: MiUserPublickey }` if both are found
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async getAuthUserFromApId(uri: string): Promise<{
|
public async getAuthUserFromApId(uri: string, keyId?: string): Promise<{
|
||||||
user: MiRemoteUser;
|
user: MiRemoteUser;
|
||||||
key: MiUserPublickey | null;
|
key: MiUserPublickey | null;
|
||||||
} | null> {
|
} | {
|
||||||
const user = await this.apPersonService.resolvePerson(uri) as MiRemoteUser;
|
user: null;
|
||||||
if (user.isDeleted) return null;
|
key: null;
|
||||||
|
} |
|
||||||
|
null> {
|
||||||
|
if (keyId) {
|
||||||
|
if (this.punyHost(uri) !== this.punyHost(keyId)) {
|
||||||
|
/**
|
||||||
|
* keyIdはURL形式かつkeyIdのホストはuriのホストと一致するはず
|
||||||
|
* (ApPersonService.validateActorに由来)
|
||||||
|
*
|
||||||
|
* ただ、Mastodonはリプライ関連で他人のトゥートをHTTP Signature署名して送ってくることがある
|
||||||
|
* そのような署名は有効性に疑問があるので無視することにする
|
||||||
|
* ここではuriとkeyIdのホストが一致しない場合は無視する
|
||||||
|
* ハッシュをなくしたkeyIdとuriの同一性を比べてみてもいいが、`uri#*-key`というkeyIdを設定するのが
|
||||||
|
* 決まりごとというわけでもないため幅を持たせることにする
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* The keyId should be in URL format and its host should match the host of the uri
|
||||||
|
* (derived from ApPersonService.validateActor)
|
||||||
|
*
|
||||||
|
* However, Mastodon sometimes sends toots from other users with HTTP Signature signing for reply-related purposes
|
||||||
|
* Such signatures are of questionable validity, so we choose to ignore them
|
||||||
|
* Here, we ignore cases where the hosts of uri and keyId do not match
|
||||||
|
* We could also compare the equality of keyId without the hash and uri, but since setting a keyId like `uri#*-key`
|
||||||
|
* is not a strict rule, we decide to allow for some flexibility
|
||||||
|
*/
|
||||||
|
this.logger.warn(`actor uri and keyId are not matched uri=${uri} keyId=${keyId}`);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const key = await this.publicKeyByUserIdCache.fetch(
|
const user = await this.apPersonService.resolvePerson(uri, undefined, true) as MiRemoteUser;
|
||||||
user.id,
|
if (user.isDeleted) return { user: null, key: null };
|
||||||
() => this.userPublickeysRepository.findOneBy({ userId: user.id }),
|
|
||||||
|
const keys = await this.getPublicKeyByUserId(user.id);
|
||||||
|
|
||||||
|
if (keys == null || !Array.isArray(keys) || keys.length === 0) {
|
||||||
|
this.logger.warn(`No key found uri=${uri} userId=${user.id} keys=${JSON.stringify(keys)}`);
|
||||||
|
return { user, key: null };
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!keyId) {
|
||||||
|
// Choose the main-like
|
||||||
|
const mainKey = keys.find(x => {
|
||||||
|
try {
|
||||||
|
const url = new URL(x.keyId);
|
||||||
|
const path = url.pathname.split('/').pop()?.toLowerCase();
|
||||||
|
if (url.hash) {
|
||||||
|
if (url.hash.toLowerCase().includes('main')) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} else if (path?.includes('main') || path === 'publickey') {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} catch { /* noop */ }
|
||||||
|
|
||||||
|
return false;
|
||||||
|
});
|
||||||
|
return { user, key: mainKey ?? keys[0] };
|
||||||
|
}
|
||||||
|
|
||||||
|
const exactKey = keys.find(x => x.keyId === keyId);
|
||||||
|
if (exactKey) return { user, key: exactKey };
|
||||||
|
|
||||||
|
/**
|
||||||
|
* keyIdで見つからない場合、まずはキャッシュを更新して再取得
|
||||||
|
* If not found with keyId, update cache and reacquire
|
||||||
|
*/
|
||||||
|
const cacheRaw = this.publicKeyByUserIdCache.cache.get(user.id);
|
||||||
|
if (cacheRaw && cacheRaw.date > Date.now() - 1000 * 60 * 12) {
|
||||||
|
const exactKey = await this.refreshAndFindKey(user.id, keyId);
|
||||||
|
if (exactKey) return { user, key: exactKey };
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* lastFetchedAtでの更新制限を弱めて再取得
|
||||||
|
* Reacquisition with weakened update limit at lastFetchedAt
|
||||||
|
*/
|
||||||
|
if (user.lastFetchedAt == null || user.lastFetchedAt < new Date(Date.now() - 1000 * 60 * 12)) {
|
||||||
|
this.logger.info(`Fetching user to find public key uri=${uri} userId=${user.id} keyId=${keyId}`);
|
||||||
|
const renewed = await this.apPersonService.fetchPersonWithRenewal(uri, 0);
|
||||||
|
if (renewed == null || renewed.isDeleted) return null;
|
||||||
|
|
||||||
|
return { user, key: await this.refreshAndFindKey(user.id, keyId) };
|
||||||
|
}
|
||||||
|
|
||||||
|
this.logger.warn(`No key found uri=${uri} userId=${user.id} keyId=${keyId}`);
|
||||||
|
return { user, key: null };
|
||||||
|
}
|
||||||
|
|
||||||
|
@bindThis
|
||||||
|
public async getPublicKeyByUserId(userId: MiUser['id']): Promise<MiUserPublickey[] | null> {
|
||||||
|
return await this.publicKeyByUserIdCache.fetch(
|
||||||
|
userId,
|
||||||
|
() => this.userPublickeysRepository.find({ where: { userId } }),
|
||||||
v => v != null,
|
v => v != null,
|
||||||
);
|
);
|
||||||
|
}
|
||||||
|
|
||||||
return {
|
@bindThis
|
||||||
user,
|
public refreshCacheByUserId(userId: MiUser['id']): void {
|
||||||
key,
|
this.publicKeyByUserIdCache.delete(userId);
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public dispose(): void {
|
public dispose(): void {
|
||||||
this.publicKeyCache.dispose();
|
|
||||||
this.publicKeyByUserIdCache.dispose();
|
this.publicKeyByUserIdCache.dispose();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,10 +9,14 @@ import { DI } from '@/di-symbols.js';
|
||||||
import type { FollowingsRepository } from '@/models/_.js';
|
import type { FollowingsRepository } from '@/models/_.js';
|
||||||
import type { MiLocalUser, MiRemoteUser, MiUser } from '@/models/User.js';
|
import type { MiLocalUser, MiRemoteUser, MiUser } from '@/models/User.js';
|
||||||
import { QueueService } from '@/core/QueueService.js';
|
import { QueueService } from '@/core/QueueService.js';
|
||||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import type { IActivity } from '@/core/activitypub/type.js';
|
import type { IActivity } from '@/core/activitypub/type.js';
|
||||||
import { ThinUser } from '@/queue/types.js';
|
import { ThinUser } from '@/queue/types.js';
|
||||||
|
import { AccountUpdateService } from '@/core/AccountUpdateService.js';
|
||||||
|
import type Logger from '@/logger.js';
|
||||||
|
import { UserKeypairService } from '../UserKeypairService.js';
|
||||||
|
import { ApLoggerService } from './ApLoggerService.js';
|
||||||
|
import type { PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
interface IRecipe {
|
interface IRecipe {
|
||||||
type: string;
|
type: string;
|
||||||
|
@ -27,12 +31,19 @@ interface IDirectRecipe extends IRecipe {
|
||||||
to: MiRemoteUser;
|
to: MiRemoteUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
interface IAllKnowingSharedInboxRecipe extends IRecipe {
|
||||||
|
type: 'AllKnowingSharedInbox';
|
||||||
|
}
|
||||||
|
|
||||||
const isFollowers = (recipe: IRecipe): recipe is IFollowersRecipe =>
|
const isFollowers = (recipe: IRecipe): recipe is IFollowersRecipe =>
|
||||||
recipe.type === 'Followers';
|
recipe.type === 'Followers';
|
||||||
|
|
||||||
const isDirect = (recipe: IRecipe): recipe is IDirectRecipe =>
|
const isDirect = (recipe: IRecipe): recipe is IDirectRecipe =>
|
||||||
recipe.type === 'Direct';
|
recipe.type === 'Direct';
|
||||||
|
|
||||||
|
const isAllKnowingSharedInbox = (recipe: IRecipe): recipe is IAllKnowingSharedInboxRecipe =>
|
||||||
|
recipe.type === 'AllKnowingSharedInbox';
|
||||||
|
|
||||||
class DeliverManager {
|
class DeliverManager {
|
||||||
private actor: ThinUser;
|
private actor: ThinUser;
|
||||||
private activity: IActivity | null;
|
private activity: IActivity | null;
|
||||||
|
@ -40,16 +51,18 @@ class DeliverManager {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
* @param userEntityService
|
* @param userKeypairService
|
||||||
* @param followingsRepository
|
* @param followingsRepository
|
||||||
* @param queueService
|
* @param queueService
|
||||||
* @param actor Actor
|
* @param actor Actor
|
||||||
* @param activity Activity to deliver
|
* @param activity Activity to deliver
|
||||||
*/
|
*/
|
||||||
constructor(
|
constructor(
|
||||||
private userEntityService: UserEntityService,
|
private userKeypairService: UserKeypairService,
|
||||||
private followingsRepository: FollowingsRepository,
|
private followingsRepository: FollowingsRepository,
|
||||||
private queueService: QueueService,
|
private queueService: QueueService,
|
||||||
|
private accountUpdateService: AccountUpdateService,
|
||||||
|
private logger: Logger,
|
||||||
|
|
||||||
actor: { id: MiUser['id']; host: null; },
|
actor: { id: MiUser['id']; host: null; },
|
||||||
activity: IActivity | null,
|
activity: IActivity | null,
|
||||||
|
@ -91,6 +104,18 @@ class DeliverManager {
|
||||||
this.addRecipe(recipe);
|
this.addRecipe(recipe);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add recipe for all-knowing shared inbox deliver
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
public addAllKnowingSharedInboxRecipe(): void {
|
||||||
|
const deliver: IAllKnowingSharedInboxRecipe = {
|
||||||
|
type: 'AllKnowingSharedInbox',
|
||||||
|
};
|
||||||
|
|
||||||
|
this.addRecipe(deliver);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add recipe
|
* Add recipe
|
||||||
* @param recipe Recipe
|
* @param recipe Recipe
|
||||||
|
@ -104,11 +129,44 @@ class DeliverManager {
|
||||||
* Execute delivers
|
* Execute delivers
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async execute(): Promise<void> {
|
public async execute(opts?: { privateKey?: PrivateKeyWithPem }): Promise<void> {
|
||||||
|
//#region MIGRATION
|
||||||
|
if (!opts?.privateKey) {
|
||||||
|
/**
|
||||||
|
* ed25519の署名がなければ追加する
|
||||||
|
*/
|
||||||
|
const created = await this.userKeypairService.refreshAndPrepareEd25519KeyPair(this.actor.id);
|
||||||
|
if (created) {
|
||||||
|
// createdが存在するということは新規作成されたということなので、フォロワーに配信する
|
||||||
|
this.logger.info(`ed25519 key pair created for user ${this.actor.id} and publishing to followers`);
|
||||||
|
// リモートに配信
|
||||||
|
const keyPair = await this.userKeypairService.getLocalUserPrivateKeyPem(created, 'main');
|
||||||
|
await this.accountUpdateService.publishToFollowers(this.actor.id, keyPair);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//#endregion
|
||||||
|
|
||||||
|
//#region collect inboxes by recipes
|
||||||
// The value flags whether it is shared or not.
|
// The value flags whether it is shared or not.
|
||||||
// key: inbox URL, value: whether it is sharedInbox
|
// key: inbox URL, value: whether it is sharedInbox
|
||||||
const inboxes = new Map<string, boolean>();
|
const inboxes = new Map<string, boolean>();
|
||||||
|
|
||||||
|
if (this.recipes.some(r => isAllKnowingSharedInbox(r))) {
|
||||||
|
// all-knowing shared inbox
|
||||||
|
const followings = await this.followingsRepository.find({
|
||||||
|
where: [
|
||||||
|
{ followerSharedInbox: Not(IsNull()) },
|
||||||
|
{ followeeSharedInbox: Not(IsNull()) },
|
||||||
|
],
|
||||||
|
select: ['followerSharedInbox', 'followeeSharedInbox'],
|
||||||
|
});
|
||||||
|
|
||||||
|
for (const following of followings) {
|
||||||
|
if (following.followeeSharedInbox) inboxes.set(following.followeeSharedInbox, true);
|
||||||
|
if (following.followerSharedInbox) inboxes.set(following.followerSharedInbox, true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// build inbox list
|
// build inbox list
|
||||||
// Process follower recipes first to avoid duplication when processing direct recipes later.
|
// Process follower recipes first to avoid duplication when processing direct recipes later.
|
||||||
if (this.recipes.some(r => isFollowers(r))) {
|
if (this.recipes.some(r => isFollowers(r))) {
|
||||||
|
@ -142,39 +200,49 @@ class DeliverManager {
|
||||||
|
|
||||||
inboxes.set(recipe.to.inbox, false);
|
inboxes.set(recipe.to.inbox, false);
|
||||||
}
|
}
|
||||||
|
//#endregion
|
||||||
|
|
||||||
// deliver
|
// deliver
|
||||||
await this.queueService.deliverMany(this.actor, this.activity, inboxes);
|
await this.queueService.deliverMany(this.actor, this.activity, inboxes, opts?.privateKey);
|
||||||
|
this.logger.info(`Deliver queues dispatched: inboxes=${inboxes.size} actorId=${this.actor.id} activityId=${this.activity?.id}`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class ApDeliverManagerService {
|
export class ApDeliverManagerService {
|
||||||
|
private logger: Logger;
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
@Inject(DI.followingsRepository)
|
@Inject(DI.followingsRepository)
|
||||||
private followingsRepository: FollowingsRepository,
|
private followingsRepository: FollowingsRepository,
|
||||||
|
|
||||||
private userEntityService: UserEntityService,
|
private userKeypairService: UserKeypairService,
|
||||||
private queueService: QueueService,
|
private queueService: QueueService,
|
||||||
|
private accountUpdateService: AccountUpdateService,
|
||||||
|
private apLoggerService: ApLoggerService,
|
||||||
) {
|
) {
|
||||||
|
this.logger = this.apLoggerService.logger.createSubLogger('deliver-manager');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Deliver activity to followers
|
* Deliver activity to followers
|
||||||
* @param actor
|
* @param actor
|
||||||
* @param activity Activity
|
* @param activity Activity
|
||||||
|
* @param forceMainKey Force to use main (rsa) key
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async deliverToFollowers(actor: { id: MiLocalUser['id']; host: null; }, activity: IActivity): Promise<void> {
|
public async deliverToFollowers(actor: { id: MiLocalUser['id']; host: null; }, activity: IActivity, privateKey?: PrivateKeyWithPem): Promise<void> {
|
||||||
const manager = new DeliverManager(
|
const manager = new DeliverManager(
|
||||||
this.userEntityService,
|
this.userKeypairService,
|
||||||
this.followingsRepository,
|
this.followingsRepository,
|
||||||
this.queueService,
|
this.queueService,
|
||||||
|
this.accountUpdateService,
|
||||||
|
this.logger,
|
||||||
actor,
|
actor,
|
||||||
activity,
|
activity,
|
||||||
);
|
);
|
||||||
manager.addFollowersRecipe();
|
manager.addFollowersRecipe();
|
||||||
await manager.execute();
|
await manager.execute({ privateKey });
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -186,9 +254,11 @@ export class ApDeliverManagerService {
|
||||||
@bindThis
|
@bindThis
|
||||||
public async deliverToUser(actor: { id: MiLocalUser['id']; host: null; }, activity: IActivity, to: MiRemoteUser): Promise<void> {
|
public async deliverToUser(actor: { id: MiLocalUser['id']; host: null; }, activity: IActivity, to: MiRemoteUser): Promise<void> {
|
||||||
const manager = new DeliverManager(
|
const manager = new DeliverManager(
|
||||||
this.userEntityService,
|
this.userKeypairService,
|
||||||
this.followingsRepository,
|
this.followingsRepository,
|
||||||
this.queueService,
|
this.queueService,
|
||||||
|
this.accountUpdateService,
|
||||||
|
this.logger,
|
||||||
actor,
|
actor,
|
||||||
activity,
|
activity,
|
||||||
);
|
);
|
||||||
|
@ -199,10 +269,11 @@ export class ApDeliverManagerService {
|
||||||
@bindThis
|
@bindThis
|
||||||
public createDeliverManager(actor: { id: MiUser['id']; host: null; }, activity: IActivity | null): DeliverManager {
|
public createDeliverManager(actor: { id: MiUser['id']; host: null; }, activity: IActivity | null): DeliverManager {
|
||||||
return new DeliverManager(
|
return new DeliverManager(
|
||||||
this.userEntityService,
|
this.userKeypairService,
|
||||||
this.followingsRepository,
|
this.followingsRepository,
|
||||||
this.queueService,
|
this.queueService,
|
||||||
|
this.accountUpdateService,
|
||||||
|
this.logger,
|
||||||
actor,
|
actor,
|
||||||
activity,
|
activity,
|
||||||
);
|
);
|
||||||
|
|
|
@ -114,15 +114,8 @@ export class ApInboxService {
|
||||||
result = await this.performOneActivity(actor, activity);
|
result = await this.performOneActivity(actor, activity);
|
||||||
}
|
}
|
||||||
|
|
||||||
// ついでにリモートユーザーの情報が古かったら更新しておく
|
// ついでにリモートユーザーの情報が古かったら更新しておく?
|
||||||
if (actor.uri) {
|
// → No, この関数が呼び出される前に署名検証で更新されているはず
|
||||||
if (actor.lastFetchedAt == null || Date.now() - actor.lastFetchedAt.getTime() > 1000 * 60 * 60 * 24) {
|
|
||||||
setImmediate(() => {
|
|
||||||
this.apPersonService.updatePerson(actor.uri);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return result;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
|
|
|
@ -25,7 +25,7 @@ export class ApMfmService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public getNoteHtml(note: MiNote, apAppend?: string) {
|
public getNoteHtml(note: Pick<MiNote, 'text' | 'mentionedRemoteUsers'>, apAppend?: string) {
|
||||||
let noMisskeyContent = false;
|
let noMisskeyContent = false;
|
||||||
const srcMfm = (note.text ?? '') + (apAppend ?? '');
|
const srcMfm = (note.text ?? '') + (apAppend ?? '');
|
||||||
|
|
||||||
|
|
|
@ -22,7 +22,6 @@ import { UserKeypairService } from '@/core/UserKeypairService.js';
|
||||||
import { MfmService } from '@/core/MfmService.js';
|
import { MfmService } from '@/core/MfmService.js';
|
||||||
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
||||||
import type { MiUserKeypair } from '@/models/UserKeypair.js';
|
|
||||||
import type { UsersRepository, UserProfilesRepository, NotesRepository, DriveFilesRepository, PollsRepository } from '@/models/_.js';
|
import type { UsersRepository, UserProfilesRepository, NotesRepository, DriveFilesRepository, PollsRepository } from '@/models/_.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
|
@ -31,6 +30,7 @@ import { JsonLdService } from './JsonLdService.js';
|
||||||
import { ApMfmService } from './ApMfmService.js';
|
import { ApMfmService } from './ApMfmService.js';
|
||||||
import { CONTEXT } from './misc/contexts.js';
|
import { CONTEXT } from './misc/contexts.js';
|
||||||
import type { IAccept, IActivity, IAdd, IAnnounce, IApDocument, IApEmoji, IApHashtag, IApImage, IApMention, IBlock, ICreate, IDelete, IFlag, IFollow, IKey, ILike, IMove, IObject, IPost, IQuestion, IReject, IRemove, ITombstone, IUndo, IUpdate } from './type.js';
|
import type { IAccept, IActivity, IAdd, IAnnounce, IApDocument, IApEmoji, IApHashtag, IApImage, IApMention, IBlock, ICreate, IDelete, IFlag, IFollow, IKey, ILike, IMove, IObject, IPost, IQuestion, IReject, IRemove, ITombstone, IUndo, IUpdate } from './type.js';
|
||||||
|
import type { PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class ApRendererService {
|
export class ApRendererService {
|
||||||
|
@ -251,15 +251,15 @@ export class ApRendererService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public renderKey(user: MiLocalUser, key: MiUserKeypair, postfix?: string): IKey {
|
public renderKey(user: MiLocalUser, publicKey: string, postfix?: string): IKey {
|
||||||
return {
|
return {
|
||||||
id: `${this.config.url}/users/${user.id}${postfix ?? '/publickey'}`,
|
id: `${this.userEntityService.genLocalUserUri(user.id)}${postfix ?? '/publickey'}`,
|
||||||
type: 'Key',
|
type: 'Key',
|
||||||
owner: this.userEntityService.genLocalUserUri(user.id),
|
owner: this.userEntityService.genLocalUserUri(user.id),
|
||||||
publicKeyPem: createPublicKey(key.publicKey).export({
|
publicKeyPem: createPublicKey(publicKey).export({
|
||||||
type: 'spki',
|
type: 'spki',
|
||||||
format: 'pem',
|
format: 'pem',
|
||||||
}),
|
}) as string,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -499,7 +499,10 @@ export class ApRendererService {
|
||||||
tag,
|
tag,
|
||||||
manuallyApprovesFollowers: user.isLocked,
|
manuallyApprovesFollowers: user.isLocked,
|
||||||
discoverable: user.isExplorable,
|
discoverable: user.isExplorable,
|
||||||
publicKey: this.renderKey(user, keypair, '#main-key'),
|
publicKey: this.renderKey(user, keypair.publicKey, '#main-key'),
|
||||||
|
additionalPublicKeys: [
|
||||||
|
...(keypair.ed25519PublicKey ? [this.renderKey(user, keypair.ed25519PublicKey, '#ed25519-key')] : []),
|
||||||
|
],
|
||||||
isCat: user.isCat,
|
isCat: user.isCat,
|
||||||
attachment: attachment.length ? attachment : undefined,
|
attachment: attachment.length ? attachment : undefined,
|
||||||
};
|
};
|
||||||
|
@ -622,12 +625,10 @@ export class ApRendererService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async attachLdSignature(activity: any, user: { id: MiUser['id']; host: null; }): Promise<IActivity> {
|
public async attachLdSignature(activity: any, key: PrivateKeyWithPem): Promise<IActivity> {
|
||||||
const keypair = await this.userKeypairService.getUserKeypair(user.id);
|
|
||||||
|
|
||||||
const jsonLd = this.jsonLdService.use();
|
const jsonLd = this.jsonLdService.use();
|
||||||
jsonLd.debug = false;
|
jsonLd.debug = false;
|
||||||
activity = await jsonLd.signRsaSignature2017(activity, keypair.privateKey, `${this.config.url}/users/${user.id}#main-key`);
|
activity = await jsonLd.signRsaSignature2017(activity, key.privateKeyPem, key.keyId);
|
||||||
|
|
||||||
return activity;
|
return activity;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,9 +3,9 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import * as crypto from 'node:crypto';
|
|
||||||
import { URL } from 'node:url';
|
import { URL } from 'node:url';
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
|
import { genRFC3230DigestHeader, signAsDraftToRequest } from '@misskey-dev/node-http-message-signatures';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import type { Config } from '@/config.js';
|
import type { Config } from '@/config.js';
|
||||||
import type { MiUser } from '@/models/User.js';
|
import type { MiUser } from '@/models/User.js';
|
||||||
|
@ -15,122 +15,61 @@ import { LoggerService } from '@/core/LoggerService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import type Logger from '@/logger.js';
|
import type Logger from '@/logger.js';
|
||||||
import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
|
import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js';
|
||||||
|
import type { PrivateKeyWithPem, PrivateKey } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
type Request = {
|
export async function createSignedPost(args: { level: string; key: PrivateKey; url: string; body: string; digest?: string, additionalHeaders: Record<string, string> }) {
|
||||||
url: string;
|
const u = new URL(args.url);
|
||||||
method: string;
|
const request = {
|
||||||
headers: Record<string, string>;
|
url: u.href,
|
||||||
};
|
method: 'POST',
|
||||||
|
headers: {
|
||||||
|
'Date': new Date().toUTCString(),
|
||||||
|
'Host': u.host,
|
||||||
|
'Content-Type': 'application/activity+json',
|
||||||
|
...args.additionalHeaders,
|
||||||
|
} as Record<string, string>,
|
||||||
|
};
|
||||||
|
|
||||||
type Signed = {
|
// TODO: httpMessageSignaturesImplementationLevelによって新規格で通信をするようにする
|
||||||
request: Request;
|
const digestHeader = args.digest ?? await genRFC3230DigestHeader(args.body, 'SHA-256');
|
||||||
signingString: string;
|
request.headers['Digest'] = digestHeader;
|
||||||
signature: string;
|
|
||||||
signatureHeader: string;
|
|
||||||
};
|
|
||||||
|
|
||||||
type PrivateKey = {
|
const result = await signAsDraftToRequest(
|
||||||
privateKeyPem: string;
|
request,
|
||||||
keyId: string;
|
args.key,
|
||||||
};
|
['(request-target)', 'date', 'host', 'digest'],
|
||||||
|
);
|
||||||
|
|
||||||
export class ApRequestCreator {
|
return {
|
||||||
static createSignedPost(args: { key: PrivateKey, url: string, body: string, digest?: string, additionalHeaders: Record<string, string> }): Signed {
|
request,
|
||||||
const u = new URL(args.url);
|
...result,
|
||||||
const digestHeader = args.digest ?? this.createDigest(args.body);
|
};
|
||||||
|
}
|
||||||
|
|
||||||
const request: Request = {
|
export async function createSignedGet(args: { level: string; key: PrivateKey; url: string; additionalHeaders: Record<string, string> }) {
|
||||||
url: u.href,
|
const u = new URL(args.url);
|
||||||
method: 'POST',
|
const request = {
|
||||||
headers: this.#objectAssignWithLcKey({
|
url: u.href,
|
||||||
'Date': new Date().toUTCString(),
|
method: 'GET',
|
||||||
'Host': u.host,
|
headers: {
|
||||||
'Content-Type': 'application/activity+json',
|
'Accept': 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
|
||||||
'Digest': digestHeader,
|
'Date': new Date().toUTCString(),
|
||||||
}, args.additionalHeaders),
|
'Host': new URL(args.url).host,
|
||||||
};
|
...args.additionalHeaders,
|
||||||
|
} as Record<string, string>,
|
||||||
|
};
|
||||||
|
|
||||||
const result = this.#signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'digest']);
|
// TODO: httpMessageSignaturesImplementationLevelによって新規格で通信をするようにする
|
||||||
|
const result = await signAsDraftToRequest(
|
||||||
|
request,
|
||||||
|
args.key,
|
||||||
|
['(request-target)', 'date', 'host', 'accept'],
|
||||||
|
);
|
||||||
|
|
||||||
return {
|
return {
|
||||||
request,
|
request,
|
||||||
signingString: result.signingString,
|
...result,
|
||||||
signature: result.signature,
|
};
|
||||||
signatureHeader: result.signatureHeader,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static createDigest(body: string) {
|
|
||||||
return `SHA-256=${crypto.createHash('sha256').update(body).digest('base64')}`;
|
|
||||||
}
|
|
||||||
|
|
||||||
static createSignedGet(args: { key: PrivateKey, url: string, additionalHeaders: Record<string, string> }): Signed {
|
|
||||||
const u = new URL(args.url);
|
|
||||||
|
|
||||||
const request: Request = {
|
|
||||||
url: u.href,
|
|
||||||
method: 'GET',
|
|
||||||
headers: this.#objectAssignWithLcKey({
|
|
||||||
'Accept': 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
|
|
||||||
'Date': new Date().toUTCString(),
|
|
||||||
'Host': new URL(args.url).host,
|
|
||||||
}, args.additionalHeaders),
|
|
||||||
};
|
|
||||||
|
|
||||||
const result = this.#signToRequest(request, args.key, ['(request-target)', 'date', 'host', 'accept']);
|
|
||||||
|
|
||||||
return {
|
|
||||||
request,
|
|
||||||
signingString: result.signingString,
|
|
||||||
signature: result.signature,
|
|
||||||
signatureHeader: result.signatureHeader,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static #signToRequest(request: Request, key: PrivateKey, includeHeaders: string[]): Signed {
|
|
||||||
const signingString = this.#genSigningString(request, includeHeaders);
|
|
||||||
const signature = crypto.sign('sha256', Buffer.from(signingString), key.privateKeyPem).toString('base64');
|
|
||||||
const signatureHeader = `keyId="${key.keyId}",algorithm="rsa-sha256",headers="${includeHeaders.join(' ')}",signature="${signature}"`;
|
|
||||||
|
|
||||||
request.headers = this.#objectAssignWithLcKey(request.headers, {
|
|
||||||
Signature: signatureHeader,
|
|
||||||
});
|
|
||||||
// node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
|
|
||||||
delete request.headers['host'];
|
|
||||||
|
|
||||||
return {
|
|
||||||
request,
|
|
||||||
signingString,
|
|
||||||
signature,
|
|
||||||
signatureHeader,
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
static #genSigningString(request: Request, includeHeaders: string[]): string {
|
|
||||||
request.headers = this.#lcObjectKey(request.headers);
|
|
||||||
|
|
||||||
const results: string[] = [];
|
|
||||||
|
|
||||||
for (const key of includeHeaders.map(x => x.toLowerCase())) {
|
|
||||||
if (key === '(request-target)') {
|
|
||||||
results.push(`(request-target): ${request.method.toLowerCase()} ${new URL(request.url).pathname}`);
|
|
||||||
} else {
|
|
||||||
results.push(`${key}: ${request.headers[key]}`);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return results.join('\n');
|
|
||||||
}
|
|
||||||
|
|
||||||
static #lcObjectKey(src: Record<string, string>): Record<string, string> {
|
|
||||||
const dst: Record<string, string> = {};
|
|
||||||
for (const key of Object.keys(src).filter(x => x !== '__proto__' && typeof src[x] === 'string')) dst[key.toLowerCase()] = src[key];
|
|
||||||
return dst;
|
|
||||||
}
|
|
||||||
|
|
||||||
static #objectAssignWithLcKey(a: Record<string, string>, b: Record<string, string>): Record<string, string> {
|
|
||||||
return Object.assign(this.#lcObjectKey(a), this.#lcObjectKey(b));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
|
@ -150,21 +89,28 @@ export class ApRequestService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async signedPost(user: { id: MiUser['id'] }, url: string, object: unknown, digest?: string): Promise<void> {
|
public async signedPost(user: { id: MiUser['id'] }, url: string, object: unknown, level: string, digest?: string, key?: PrivateKeyWithPem): Promise<void> {
|
||||||
const body = typeof object === 'string' ? object : JSON.stringify(object);
|
const body = typeof object === 'string' ? object : JSON.stringify(object);
|
||||||
|
const keyFetched = await this.userKeypairService.getLocalUserPrivateKey(key ?? user.id, level);
|
||||||
const keypair = await this.userKeypairService.getUserKeypair(user.id);
|
const req = await createSignedPost({
|
||||||
|
level,
|
||||||
const req = ApRequestCreator.createSignedPost({
|
key: keyFetched,
|
||||||
key: {
|
|
||||||
privateKeyPem: keypair.privateKey,
|
|
||||||
keyId: `${this.config.url}/users/${user.id}#main-key`,
|
|
||||||
},
|
|
||||||
url,
|
url,
|
||||||
body,
|
body,
|
||||||
digest,
|
|
||||||
additionalHeaders: {
|
additionalHeaders: {
|
||||||
|
'User-Agent': this.config.userAgent,
|
||||||
},
|
},
|
||||||
|
digest,
|
||||||
|
});
|
||||||
|
|
||||||
|
// node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
|
||||||
|
delete req.request.headers['Host'];
|
||||||
|
|
||||||
|
this.logger.debug('create signed post', {
|
||||||
|
version: 'draft',
|
||||||
|
level,
|
||||||
|
url,
|
||||||
|
keyId: keyFetched.keyId,
|
||||||
});
|
});
|
||||||
|
|
||||||
await this.httpRequestService.send(url, {
|
await this.httpRequestService.send(url, {
|
||||||
|
@ -180,19 +126,27 @@ export class ApRequestService {
|
||||||
* @param url URL to fetch
|
* @param url URL to fetch
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async signedGet(url: string, user: { id: MiUser['id'] }): Promise<unknown> {
|
public async signedGet(url: string, user: { id: MiUser['id'] }, level: string): Promise<unknown> {
|
||||||
const keypair = await this.userKeypairService.getUserKeypair(user.id);
|
const key = await this.userKeypairService.getLocalUserPrivateKey(user.id, level);
|
||||||
|
const req = await createSignedGet({
|
||||||
const req = ApRequestCreator.createSignedGet({
|
level,
|
||||||
key: {
|
key,
|
||||||
privateKeyPem: keypair.privateKey,
|
|
||||||
keyId: `${this.config.url}/users/${user.id}#main-key`,
|
|
||||||
},
|
|
||||||
url,
|
url,
|
||||||
additionalHeaders: {
|
additionalHeaders: {
|
||||||
|
'User-Agent': this.config.userAgent,
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// node-fetch will generate this for us. if we keep 'Host', it won't change with redirects!
|
||||||
|
delete req.request.headers['Host'];
|
||||||
|
|
||||||
|
this.logger.debug('create signed get', {
|
||||||
|
version: 'draft',
|
||||||
|
level,
|
||||||
|
url,
|
||||||
|
keyId: key.keyId,
|
||||||
|
});
|
||||||
|
|
||||||
const res = await this.httpRequestService.send(url, {
|
const res = await this.httpRequestService.send(url, {
|
||||||
method: req.request.method,
|
method: req.request.method,
|
||||||
headers: req.request.headers,
|
headers: req.request.headers,
|
||||||
|
|
|
@ -16,6 +16,7 @@ import { UtilityService } from '@/core/UtilityService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { LoggerService } from '@/core/LoggerService.js';
|
import { LoggerService } from '@/core/LoggerService.js';
|
||||||
import type Logger from '@/logger.js';
|
import type Logger from '@/logger.js';
|
||||||
|
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
||||||
import { isCollectionOrOrderedCollection } from './type.js';
|
import { isCollectionOrOrderedCollection } from './type.js';
|
||||||
import { ApDbResolverService } from './ApDbResolverService.js';
|
import { ApDbResolverService } from './ApDbResolverService.js';
|
||||||
import { ApRendererService } from './ApRendererService.js';
|
import { ApRendererService } from './ApRendererService.js';
|
||||||
|
@ -41,6 +42,7 @@ export class Resolver {
|
||||||
private httpRequestService: HttpRequestService,
|
private httpRequestService: HttpRequestService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
private apDbResolverService: ApDbResolverService,
|
private apDbResolverService: ApDbResolverService,
|
||||||
|
private federatedInstanceService: FederatedInstanceService,
|
||||||
private loggerService: LoggerService,
|
private loggerService: LoggerService,
|
||||||
private recursionLimit = 100,
|
private recursionLimit = 100,
|
||||||
) {
|
) {
|
||||||
|
@ -103,8 +105,10 @@ export class Resolver {
|
||||||
this.user = await this.instanceActorService.getInstanceActor();
|
this.user = await this.instanceActorService.getInstanceActor();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const server = await this.federatedInstanceService.fetch(host);
|
||||||
|
|
||||||
const object = (this.user
|
const object = (this.user
|
||||||
? await this.apRequestService.signedGet(value, this.user) as IObject
|
? await this.apRequestService.signedGet(value, this.user, server.httpMessageSignaturesImplementationLevel) as IObject
|
||||||
: await this.httpRequestService.getActivityJson(value)) as IObject;
|
: await this.httpRequestService.getActivityJson(value)) as IObject;
|
||||||
|
|
||||||
if (
|
if (
|
||||||
|
@ -200,6 +204,7 @@ export class ApResolverService {
|
||||||
private httpRequestService: HttpRequestService,
|
private httpRequestService: HttpRequestService,
|
||||||
private apRendererService: ApRendererService,
|
private apRendererService: ApRendererService,
|
||||||
private apDbResolverService: ApDbResolverService,
|
private apDbResolverService: ApDbResolverService,
|
||||||
|
private federatedInstanceService: FederatedInstanceService,
|
||||||
private loggerService: LoggerService,
|
private loggerService: LoggerService,
|
||||||
) {
|
) {
|
||||||
}
|
}
|
||||||
|
@ -220,6 +225,7 @@ export class ApResolverService {
|
||||||
this.httpRequestService,
|
this.httpRequestService,
|
||||||
this.apRendererService,
|
this.apRendererService,
|
||||||
this.apDbResolverService,
|
this.apDbResolverService,
|
||||||
|
this.federatedInstanceService,
|
||||||
this.loggerService,
|
this.loggerService,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -134,6 +134,7 @@ const security_v1 = {
|
||||||
'privateKey': { '@id': 'sec:privateKey', '@type': '@id' },
|
'privateKey': { '@id': 'sec:privateKey', '@type': '@id' },
|
||||||
'privateKeyPem': 'sec:privateKeyPem',
|
'privateKeyPem': 'sec:privateKeyPem',
|
||||||
'publicKey': { '@id': 'sec:publicKey', '@type': '@id' },
|
'publicKey': { '@id': 'sec:publicKey', '@type': '@id' },
|
||||||
|
'additionalPublicKeys': { '@id': 'sec:publicKey', '@type': '@id' },
|
||||||
'publicKeyBase58': 'sec:publicKeyBase58',
|
'publicKeyBase58': 'sec:publicKeyBase58',
|
||||||
'publicKeyPem': 'sec:publicKeyPem',
|
'publicKeyPem': 'sec:publicKeyPem',
|
||||||
'publicKeyWif': 'sec:publicKeyWif',
|
'publicKeyWif': 'sec:publicKeyWif',
|
||||||
|
|
|
@ -3,9 +3,10 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
import { verify } from 'crypto';
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import promiseLimit from 'promise-limit';
|
import promiseLimit from 'promise-limit';
|
||||||
import { DataSource } from 'typeorm';
|
import { DataSource, In, Not } from 'typeorm';
|
||||||
import { ModuleRef } from '@nestjs/core';
|
import { ModuleRef } from '@nestjs/core';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import type { FollowingsRepository, InstancesRepository, UserProfilesRepository, UserPublickeysRepository, UsersRepository } from '@/models/_.js';
|
import type { FollowingsRepository, InstancesRepository, UserProfilesRepository, UserPublickeysRepository, UsersRepository } from '@/models/_.js';
|
||||||
|
@ -34,10 +35,12 @@ import { StatusError } from '@/misc/status-error.js';
|
||||||
import type { UtilityService } from '@/core/UtilityService.js';
|
import type { UtilityService } from '@/core/UtilityService.js';
|
||||||
import type { UserEntityService } from '@/core/entities/UserEntityService.js';
|
import type { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
|
import { RoleService } from '@/core/RoleService.js';
|
||||||
import { MetaService } from '@/core/MetaService.js';
|
import { MetaService } from '@/core/MetaService.js';
|
||||||
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
||||||
import type { AccountMoveService } from '@/core/AccountMoveService.js';
|
import type { AccountMoveService } from '@/core/AccountMoveService.js';
|
||||||
import { checkHttps } from '@/misc/check-https.js';
|
import { checkHttps } from '@/misc/check-https.js';
|
||||||
|
import { REMOTE_USER_CACHE_TTL, REMOTE_USER_MOVE_COOLDOWN } from '@/const.js';
|
||||||
import { getApId, getApType, getOneApHrefNullable, isActor, isCollection, isCollectionOrOrderedCollection, isPropertyValue } from '../type.js';
|
import { getApId, getApType, getOneApHrefNullable, isActor, isCollection, isCollectionOrOrderedCollection, isPropertyValue } from '../type.js';
|
||||||
import { extractApHashtags } from './tag.js';
|
import { extractApHashtags } from './tag.js';
|
||||||
import type { OnModuleInit } from '@nestjs/common';
|
import type { OnModuleInit } from '@nestjs/common';
|
||||||
|
@ -47,7 +50,7 @@ import type { ApResolverService, Resolver } from '../ApResolverService.js';
|
||||||
import type { ApLoggerService } from '../ApLoggerService.js';
|
import type { ApLoggerService } from '../ApLoggerService.js';
|
||||||
// eslint-disable-next-line @typescript-eslint/consistent-type-imports
|
// eslint-disable-next-line @typescript-eslint/consistent-type-imports
|
||||||
import type { ApImageService } from './ApImageService.js';
|
import type { ApImageService } from './ApImageService.js';
|
||||||
import type { IActor, IObject } from '../type.js';
|
import type { IActor, IKey, IObject } from '../type.js';
|
||||||
|
|
||||||
const nameLength = 128;
|
const nameLength = 128;
|
||||||
const summaryLength = 2048;
|
const summaryLength = 2048;
|
||||||
|
@ -100,6 +103,8 @@ export class ApPersonService implements OnModuleInit {
|
||||||
|
|
||||||
@Inject(DI.followingsRepository)
|
@Inject(DI.followingsRepository)
|
||||||
private followingsRepository: FollowingsRepository,
|
private followingsRepository: FollowingsRepository,
|
||||||
|
|
||||||
|
private roleService: RoleService,
|
||||||
) {
|
) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -182,13 +187,38 @@ export class ApPersonService implements OnModuleInit {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (x.publicKey) {
|
if (x.publicKey) {
|
||||||
if (typeof x.publicKey.id !== 'string') {
|
const publicKeys = Array.isArray(x.publicKey) ? x.publicKey : [x.publicKey];
|
||||||
throw new Error('invalid Actor: publicKey.id is not a string');
|
|
||||||
|
for (const publicKey of publicKeys) {
|
||||||
|
if (typeof publicKey.id !== 'string') {
|
||||||
|
throw new Error('invalid Actor: publicKey.id is not a string');
|
||||||
|
}
|
||||||
|
|
||||||
|
const publicKeyIdHost = this.punyHost(publicKey.id);
|
||||||
|
if (publicKeyIdHost !== expectHost) {
|
||||||
|
throw new Error('invalid Actor: publicKey.id has different host');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (x.additionalPublicKeys) {
|
||||||
|
if (!x.publicKey) {
|
||||||
|
throw new Error('invalid Actor: additionalPublicKeys is set but publicKey is not');
|
||||||
}
|
}
|
||||||
|
|
||||||
const publicKeyIdHost = this.punyHost(x.publicKey.id);
|
if (!Array.isArray(x.additionalPublicKeys)) {
|
||||||
if (publicKeyIdHost !== expectHost) {
|
throw new Error('invalid Actor: additionalPublicKeys is not an array');
|
||||||
throw new Error('invalid Actor: publicKey.id has different host');
|
}
|
||||||
|
|
||||||
|
for (const key of x.additionalPublicKeys) {
|
||||||
|
if (typeof key.id !== 'string') {
|
||||||
|
throw new Error('invalid Actor: additionalPublicKeys.id is not a string');
|
||||||
|
}
|
||||||
|
|
||||||
|
const keyIdHost = this.punyHost(key.id);
|
||||||
|
if (keyIdHost !== expectHost) {
|
||||||
|
throw new Error('invalid Actor: additionalPublicKeys.id has different host');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -225,6 +255,33 @@ export class ApPersonService implements OnModuleInit {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* uriからUser(Person)をフェッチします。
|
||||||
|
*
|
||||||
|
* Misskeyに対象のPersonが登録されていればそれを返し、登録がなければnullを返します。
|
||||||
|
* また、TTLが0でない場合、TTLを過ぎていた場合はupdatePersonを実行します。
|
||||||
|
*/
|
||||||
|
@bindThis
|
||||||
|
async fetchPersonWithRenewal(uri: string, TTL = REMOTE_USER_CACHE_TTL): Promise<MiLocalUser | MiRemoteUser | null> {
|
||||||
|
const exist = await this.fetchPerson(uri);
|
||||||
|
if (exist == null) return null;
|
||||||
|
|
||||||
|
if (this.userEntityService.isRemoteUser(exist)) {
|
||||||
|
if (TTL === 0 || exist.lastFetchedAt == null || Date.now() - exist.lastFetchedAt.getTime() > TTL) {
|
||||||
|
this.logger.debug('fetchPersonWithRenewal: renew', { uri, TTL, lastFetchedAt: exist.lastFetchedAt });
|
||||||
|
try {
|
||||||
|
await this.updatePerson(exist.uri);
|
||||||
|
return await this.fetchPerson(uri);
|
||||||
|
} catch (err) {
|
||||||
|
this.logger.error('error occurred while renewing user', { err });
|
||||||
|
}
|
||||||
|
}
|
||||||
|
this.logger.debug('fetchPersonWithRenewal: use cache', { uri, TTL, lastFetchedAt: exist.lastFetchedAt });
|
||||||
|
}
|
||||||
|
|
||||||
|
return exist;
|
||||||
|
}
|
||||||
|
|
||||||
private async resolveAvatarAndBanner(user: MiRemoteUser, icon: any, image: any): Promise<Partial<Pick<MiRemoteUser, 'avatarId' | 'bannerId' | 'avatarUrl' | 'bannerUrl' | 'avatarBlurhash' | 'bannerBlurhash'>>> {
|
private async resolveAvatarAndBanner(user: MiRemoteUser, icon: any, image: any): Promise<Partial<Pick<MiRemoteUser, 'avatarId' | 'bannerId' | 'avatarUrl' | 'bannerUrl' | 'avatarBlurhash' | 'bannerBlurhash'>>> {
|
||||||
if (user == null) throw new Error('failed to create user: user is null');
|
if (user == null) throw new Error('failed to create user: user is null');
|
||||||
|
|
||||||
|
@ -238,6 +295,11 @@ export class ApPersonService implements OnModuleInit {
|
||||||
return this.apImageService.resolveImage(user, img).catch(() => null);
|
return this.apImageService.resolveImage(user, img).catch(() => null);
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
if (((avatar != null && avatar.id != null) || (banner != null && banner.id != null))
|
||||||
|
&& !(await this.roleService.getUserPolicies(user.id)).canUpdateBioMedia) {
|
||||||
|
return {};
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
we don't want to return nulls on errors! if the database fields
|
we don't want to return nulls on errors! if the database fields
|
||||||
are already null, nothing changes; if the database has old
|
are already null, nothing changes; if the database has old
|
||||||
|
@ -355,11 +417,15 @@ export class ApPersonService implements OnModuleInit {
|
||||||
}));
|
}));
|
||||||
|
|
||||||
if (person.publicKey) {
|
if (person.publicKey) {
|
||||||
await transactionalEntityManager.save(new MiUserPublickey({
|
const publicKeys = new Map<string, IKey>();
|
||||||
userId: user.id,
|
(person.additionalPublicKeys ?? []).forEach(key => publicKeys.set(key.id, key));
|
||||||
keyId: person.publicKey.id,
|
(Array.isArray(person.publicKey) ? person.publicKey : [person.publicKey]).forEach(key => publicKeys.set(key.id, key));
|
||||||
keyPem: person.publicKey.publicKeyPem,
|
|
||||||
}));
|
await transactionalEntityManager.save(Array.from(publicKeys.values(), key => new MiUserPublickey({
|
||||||
|
keyId: key.id,
|
||||||
|
userId: user!.id,
|
||||||
|
keyPem: key.publicKeyPem,
|
||||||
|
})));
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
@ -505,11 +571,29 @@ export class ApPersonService implements OnModuleInit {
|
||||||
// Update user
|
// Update user
|
||||||
await this.usersRepository.update(exist.id, updates);
|
await this.usersRepository.update(exist.id, updates);
|
||||||
|
|
||||||
if (person.publicKey) {
|
try {
|
||||||
await this.userPublickeysRepository.update({ userId: exist.id }, {
|
// Deleteアクティビティ受信時にもここが走ってsaveがuserforeign key制約エラーを吐くことがある
|
||||||
keyId: person.publicKey.id,
|
// とりあえずtry-catchで囲っておく
|
||||||
keyPem: person.publicKey.publicKeyPem,
|
const publicKeys = new Map<string, IKey>();
|
||||||
|
if (person.publicKey) {
|
||||||
|
(person.additionalPublicKeys ?? []).forEach(key => publicKeys.set(key.id, key));
|
||||||
|
(Array.isArray(person.publicKey) ? person.publicKey : [person.publicKey]).forEach(key => publicKeys.set(key.id, key));
|
||||||
|
|
||||||
|
await this.userPublickeysRepository.save(Array.from(publicKeys.values(), key => ({
|
||||||
|
keyId: key.id,
|
||||||
|
userId: exist.id,
|
||||||
|
keyPem: key.publicKeyPem,
|
||||||
|
})));
|
||||||
|
}
|
||||||
|
|
||||||
|
this.userPublickeysRepository.delete({
|
||||||
|
keyId: Not(In(Array.from(publicKeys.keys()))),
|
||||||
|
userId: exist.id,
|
||||||
|
}).catch(err => {
|
||||||
|
this.logger.error('something happened while deleting remote user public keys:', { userId: exist.id, err });
|
||||||
});
|
});
|
||||||
|
} catch (err) {
|
||||||
|
this.logger.error('something happened while updating remote user public keys:', { userId: exist.id, err });
|
||||||
}
|
}
|
||||||
|
|
||||||
let _description: string | null = null;
|
let _description: string | null = null;
|
||||||
|
@ -553,7 +637,7 @@ export class ApPersonService implements OnModuleInit {
|
||||||
exist.movedAt == null ||
|
exist.movedAt == null ||
|
||||||
// 以前のmovingから14日以上経過した場合のみ移行処理を許可
|
// 以前のmovingから14日以上経過した場合のみ移行処理を許可
|
||||||
// (Mastodonのクールダウン期間は30日だが若干緩めに設定しておく)
|
// (Mastodonのクールダウン期間は30日だが若干緩めに設定しておく)
|
||||||
exist.movedAt.getTime() + 1000 * 60 * 60 * 24 * 14 < updated.movedAt.getTime()
|
exist.movedAt.getTime() + REMOTE_USER_MOVE_COOLDOWN < updated.movedAt.getTime()
|
||||||
)) {
|
)) {
|
||||||
this.logger.info(`Start to process Move of @${updated.username}@${updated.host} (${uri})`);
|
this.logger.info(`Start to process Move of @${updated.username}@${updated.host} (${uri})`);
|
||||||
return this.processRemoteMove(updated, movePreventUris)
|
return this.processRemoteMove(updated, movePreventUris)
|
||||||
|
@ -576,9 +660,9 @@ export class ApPersonService implements OnModuleInit {
|
||||||
* リモートサーバーからフェッチしてMisskeyに登録しそれを返します。
|
* リモートサーバーからフェッチしてMisskeyに登録しそれを返します。
|
||||||
*/
|
*/
|
||||||
@bindThis
|
@bindThis
|
||||||
public async resolvePerson(uri: string, resolver?: Resolver): Promise<MiLocalUser | MiRemoteUser> {
|
public async resolvePerson(uri: string, resolver?: Resolver, withRenewal = false): Promise<MiLocalUser | MiRemoteUser> {
|
||||||
//#region このサーバーに既に登録されていたらそれを返す
|
//#region このサーバーに既に登録されていたらそれを返す
|
||||||
const exist = await this.fetchPerson(uri);
|
const exist = withRenewal ? await this.fetchPersonWithRenewal(uri) : await this.fetchPerson(uri);
|
||||||
if (exist) return exist;
|
if (exist) return exist;
|
||||||
//#endregion
|
//#endregion
|
||||||
|
|
||||||
|
|
|
@ -74,10 +74,10 @@ export class ApQuestionService {
|
||||||
|
|
||||||
//#region このサーバーに既に登録されているか
|
//#region このサーバーに既に登録されているか
|
||||||
const note = await this.notesRepository.findOneBy({ uri });
|
const note = await this.notesRepository.findOneBy({ uri });
|
||||||
if (note == null) throw new Error('Question is not registed');
|
if (note == null) throw new Error('Question is not registered');
|
||||||
|
|
||||||
const poll = await this.pollsRepository.findOneBy({ noteId: note.id });
|
const poll = await this.pollsRepository.findOneBy({ noteId: note.id });
|
||||||
if (poll == null) throw new Error('Question is not registed');
|
if (poll == null) throw new Error('Question is not registered');
|
||||||
//#endregion
|
//#endregion
|
||||||
|
|
||||||
// resolve new Question object
|
// resolve new Question object
|
||||||
|
|
|
@ -55,7 +55,7 @@ export function getOneApId(value: ApObject): string {
|
||||||
export function getApId(value: string | IObject): string {
|
export function getApId(value: string | IObject): string {
|
||||||
if (typeof value === 'string') return value;
|
if (typeof value === 'string') return value;
|
||||||
if (typeof value.id === 'string') return value.id;
|
if (typeof value.id === 'string') return value.id;
|
||||||
throw new Error('cannot detemine id');
|
throw new Error('cannot determine id');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -169,10 +169,8 @@ export interface IActor extends IObject {
|
||||||
discoverable?: boolean;
|
discoverable?: boolean;
|
||||||
inbox: string;
|
inbox: string;
|
||||||
sharedInbox?: string; // 後方互換性のため
|
sharedInbox?: string; // 後方互換性のため
|
||||||
publicKey?: {
|
publicKey?: IKey | IKey[];
|
||||||
id: string;
|
additionalPublicKeys?: IKey[];
|
||||||
publicKeyPem: string;
|
|
||||||
};
|
|
||||||
followers?: string | ICollection | IOrderedCollection;
|
followers?: string | ICollection | IOrderedCollection;
|
||||||
following?: string | ICollection | IOrderedCollection;
|
following?: string | ICollection | IOrderedCollection;
|
||||||
featured?: string | IOrderedCollection;
|
featured?: string | IOrderedCollection;
|
||||||
|
@ -236,8 +234,9 @@ export const isEmoji = (object: IObject): object is IApEmoji =>
|
||||||
|
|
||||||
export interface IKey extends IObject {
|
export interface IKey extends IObject {
|
||||||
type: 'Key';
|
type: 'Key';
|
||||||
|
id: string;
|
||||||
owner: string;
|
owner: string;
|
||||||
publicKeyPem: string | Buffer;
|
publicKeyPem: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface IApDocument extends IObject {
|
export interface IApDocument extends IObject {
|
||||||
|
|
|
@ -56,6 +56,7 @@ export class InstanceEntityService {
|
||||||
infoUpdatedAt: instance.infoUpdatedAt ? instance.infoUpdatedAt.toISOString() : null,
|
infoUpdatedAt: instance.infoUpdatedAt ? instance.infoUpdatedAt.toISOString() : null,
|
||||||
latestRequestReceivedAt: instance.latestRequestReceivedAt ? instance.latestRequestReceivedAt.toISOString() : null,
|
latestRequestReceivedAt: instance.latestRequestReceivedAt ? instance.latestRequestReceivedAt.toISOString() : null,
|
||||||
moderationNote: iAmModerator ? instance.moderationNote : null,
|
moderationNote: iAmModerator ? instance.moderationNote : null,
|
||||||
|
httpMessageSignaturesImplementationLevel: instance.httpMessageSignaturesImplementationLevel,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -50,6 +50,22 @@ export class MetaEntityService {
|
||||||
}))
|
}))
|
||||||
.getMany();
|
.getMany();
|
||||||
|
|
||||||
|
// クライアントの手間を減らすためあらかじめJSONに変換しておく
|
||||||
|
let defaultLightTheme = null;
|
||||||
|
let defaultDarkTheme = null;
|
||||||
|
if (instance.defaultLightTheme) {
|
||||||
|
try {
|
||||||
|
defaultLightTheme = JSON.stringify(JSON5.parse(instance.defaultLightTheme));
|
||||||
|
} catch (e) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (instance.defaultDarkTheme) {
|
||||||
|
try {
|
||||||
|
defaultDarkTheme = JSON.stringify(JSON5.parse(instance.defaultDarkTheme));
|
||||||
|
} catch (e) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const packed: Packed<'MetaLite'> = {
|
const packed: Packed<'MetaLite'> = {
|
||||||
maintainerName: instance.maintainerName,
|
maintainerName: instance.maintainerName,
|
||||||
maintainerEmail: instance.maintainerEmail,
|
maintainerEmail: instance.maintainerEmail,
|
||||||
|
@ -90,9 +106,8 @@ export class MetaEntityService {
|
||||||
backgroundImageUrl: instance.backgroundImageUrl,
|
backgroundImageUrl: instance.backgroundImageUrl,
|
||||||
logoImageUrl: instance.logoImageUrl,
|
logoImageUrl: instance.logoImageUrl,
|
||||||
maxNoteTextLength: MAX_NOTE_TEXT_LENGTH,
|
maxNoteTextLength: MAX_NOTE_TEXT_LENGTH,
|
||||||
// クライアントの手間を減らすためあらかじめJSONに変換しておく
|
defaultLightTheme,
|
||||||
defaultLightTheme: instance.defaultLightTheme ? JSON.stringify(JSON5.parse(instance.defaultLightTheme)) : null,
|
defaultDarkTheme,
|
||||||
defaultDarkTheme: instance.defaultDarkTheme ? JSON.stringify(JSON5.parse(instance.defaultDarkTheme)) : null,
|
|
||||||
ads: ads.map(ad => ({
|
ads: ads.map(ad => ({
|
||||||
id: ad.id,
|
id: ad.id,
|
||||||
url: ad.url,
|
url: ad.url,
|
||||||
|
|
|
@ -501,11 +501,15 @@ export class UserEntityService implements OnModuleInit {
|
||||||
emojis: this.customEmojiService.populateEmojis(user.emojis, user.host),
|
emojis: this.customEmojiService.populateEmojis(user.emojis, user.host),
|
||||||
onlineStatus: this.getOnlineStatus(user),
|
onlineStatus: this.getOnlineStatus(user),
|
||||||
// パフォーマンス上の理由でローカルユーザーのみ
|
// パフォーマンス上の理由でローカルユーザーのみ
|
||||||
badgeRoles: user.host == null ? this.roleService.getUserBadgeRoles(user.id).then(rs => rs.sort((a, b) => b.displayOrder - a.displayOrder).map(r => ({
|
badgeRoles: user.host == null ? this.roleService.getUserBadgeRoles(user.id).then((rs) => rs
|
||||||
name: r.name,
|
.filter((r) => r.isPublic || iAmModerator)
|
||||||
iconUrl: r.iconUrl,
|
.sort((a, b) => b.displayOrder - a.displayOrder)
|
||||||
displayOrder: r.displayOrder,
|
.map((r) => ({
|
||||||
}))) : undefined,
|
name: r.name,
|
||||||
|
iconUrl: r.iconUrl,
|
||||||
|
displayOrder: r.displayOrder,
|
||||||
|
}))
|
||||||
|
) : undefined,
|
||||||
|
|
||||||
...(isDetailed ? {
|
...(isDetailed ? {
|
||||||
url: profile!.url,
|
url: profile!.url,
|
||||||
|
|
|
@ -195,6 +195,9 @@ export class MemoryKVCache<T> {
|
||||||
private lifetime: number;
|
private lifetime: number;
|
||||||
private gcIntervalHandle: NodeJS.Timeout;
|
private gcIntervalHandle: NodeJS.Timeout;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param lifetime キャッシュの生存期間 (ms)
|
||||||
|
*/
|
||||||
constructor(lifetime: MemoryKVCache<never>['lifetime']) {
|
constructor(lifetime: MemoryKVCache<never>['lifetime']) {
|
||||||
this.cache = new Map();
|
this.cache = new Map();
|
||||||
this.lifetime = lifetime;
|
this.lifetime = lifetime;
|
||||||
|
|
|
@ -3,39 +3,14 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import * as crypto from 'node:crypto';
|
import { genEd25519KeyPair, genRsaKeyPair } from '@misskey-dev/node-http-message-signatures';
|
||||||
import * as util from 'node:util';
|
|
||||||
|
|
||||||
const generateKeyPair = util.promisify(crypto.generateKeyPair);
|
export async function genRSAAndEd25519KeyPair(rsaModulusLength = 4096) {
|
||||||
|
const [rsa, ed25519] = await Promise.all([genRsaKeyPair(rsaModulusLength), genEd25519KeyPair()]);
|
||||||
export async function genRsaKeyPair(modulusLength = 2048) {
|
return {
|
||||||
return await generateKeyPair('rsa', {
|
publicKey: rsa.publicKey,
|
||||||
modulusLength,
|
privateKey: rsa.privateKey,
|
||||||
publicKeyEncoding: {
|
ed25519PublicKey: ed25519.publicKey,
|
||||||
type: 'spki',
|
ed25519PrivateKey: ed25519.privateKey,
|
||||||
format: 'pem',
|
};
|
||||||
},
|
|
||||||
privateKeyEncoding: {
|
|
||||||
type: 'pkcs8',
|
|
||||||
format: 'pem',
|
|
||||||
cipher: undefined,
|
|
||||||
passphrase: undefined,
|
|
||||||
},
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
export async function genEcKeyPair(namedCurve: 'prime256v1' | 'secp384r1' | 'secp521r1' | 'curve25519' = 'prime256v1') {
|
|
||||||
return await generateKeyPair('ec', {
|
|
||||||
namedCurve,
|
|
||||||
publicKeyEncoding: {
|
|
||||||
type: 'spki',
|
|
||||||
format: 'pem',
|
|
||||||
},
|
|
||||||
privateKeyEncoding: {
|
|
||||||
type: 'pkcs8',
|
|
||||||
format: 'pem',
|
|
||||||
cipher: undefined,
|
|
||||||
passphrase: undefined,
|
|
||||||
},
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,6 +4,10 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
export function isUserRelated(note: any, userIds: Set<string>, ignoreAuthor = false): boolean {
|
export function isUserRelated(note: any, userIds: Set<string>, ignoreAuthor = false): boolean {
|
||||||
|
if (!note) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (userIds.has(note.userId) && !ignoreAuthor) {
|
if (userIds.has(note.userId) && !ignoreAuthor) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: syuilo and misskey-project
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
|
||||||
|
export type JsonValue = JsonArray | JsonObject | string | number | boolean | null;
|
||||||
|
export type JsonObject = {[K in string]?: JsonValue};
|
||||||
|
export type JsonArray = JsonValue[];
|
|
@ -158,4 +158,9 @@ export class MiInstance {
|
||||||
length: 16384, default: '',
|
length: 16384, default: '',
|
||||||
})
|
})
|
||||||
public moderationNote: string;
|
public moderationNote: string;
|
||||||
|
|
||||||
|
@Column('varchar', {
|
||||||
|
length: 16, default: '00', nullable: false,
|
||||||
|
})
|
||||||
|
public httpMessageSignaturesImplementationLevel: string;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import { PrimaryColumn, Entity, JoinColumn, Column, OneToOne } from 'typeorm';
|
import { PrimaryColumn, Entity, JoinColumn, Column, ManyToOne } from 'typeorm';
|
||||||
import { id } from './util/id.js';
|
import { id } from './util/id.js';
|
||||||
import { MiUser } from './User.js';
|
import { MiUser } from './User.js';
|
||||||
|
|
||||||
|
@ -12,22 +12,42 @@ export class MiUserKeypair {
|
||||||
@PrimaryColumn(id())
|
@PrimaryColumn(id())
|
||||||
public userId: MiUser['id'];
|
public userId: MiUser['id'];
|
||||||
|
|
||||||
@OneToOne(type => MiUser, {
|
@ManyToOne(type => MiUser, {
|
||||||
onDelete: 'CASCADE',
|
onDelete: 'CASCADE',
|
||||||
})
|
})
|
||||||
@JoinColumn()
|
@JoinColumn()
|
||||||
public user: MiUser | null;
|
public user: MiUser | null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* RSA public key
|
||||||
|
*/
|
||||||
@Column('varchar', {
|
@Column('varchar', {
|
||||||
length: 4096,
|
length: 4096,
|
||||||
})
|
})
|
||||||
public publicKey: string;
|
public publicKey: string;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* RSA private key
|
||||||
|
*/
|
||||||
@Column('varchar', {
|
@Column('varchar', {
|
||||||
length: 4096,
|
length: 4096,
|
||||||
})
|
})
|
||||||
public privateKey: string;
|
public privateKey: string;
|
||||||
|
|
||||||
|
@Column('varchar', {
|
||||||
|
length: 128,
|
||||||
|
nullable: true,
|
||||||
|
default: null,
|
||||||
|
})
|
||||||
|
public ed25519PublicKey: string | null;
|
||||||
|
|
||||||
|
@Column('varchar', {
|
||||||
|
length: 128,
|
||||||
|
nullable: true,
|
||||||
|
default: null,
|
||||||
|
})
|
||||||
|
public ed25519PrivateKey: string | null;
|
||||||
|
|
||||||
constructor(data: Partial<MiUserKeypair>) {
|
constructor(data: Partial<MiUserKeypair>) {
|
||||||
if (data == null) return;
|
if (data == null) return;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,13 @@ import { MiUser } from './User.js';
|
||||||
|
|
||||||
@Entity('user_publickey')
|
@Entity('user_publickey')
|
||||||
export class MiUserPublickey {
|
export class MiUserPublickey {
|
||||||
@PrimaryColumn(id())
|
@PrimaryColumn('varchar', {
|
||||||
|
length: 256,
|
||||||
|
})
|
||||||
|
public keyId: string;
|
||||||
|
|
||||||
|
@Index()
|
||||||
|
@Column(id())
|
||||||
public userId: MiUser['id'];
|
public userId: MiUser['id'];
|
||||||
|
|
||||||
@OneToOne(type => MiUser, {
|
@OneToOne(type => MiUser, {
|
||||||
|
@ -18,12 +24,6 @@ export class MiUserPublickey {
|
||||||
@JoinColumn()
|
@JoinColumn()
|
||||||
public user: MiUser | null;
|
public user: MiUser | null;
|
||||||
|
|
||||||
@Index({ unique: true })
|
|
||||||
@Column('varchar', {
|
|
||||||
length: 256,
|
|
||||||
})
|
|
||||||
public keyId: string;
|
|
||||||
|
|
||||||
@Column('varchar', {
|
@Column('varchar', {
|
||||||
length: 4096,
|
length: 4096,
|
||||||
})
|
})
|
||||||
|
|
|
@ -20,7 +20,7 @@ export const packedDriveFileSchema = {
|
||||||
name: {
|
name: {
|
||||||
type: 'string',
|
type: 'string',
|
||||||
optional: false, nullable: false,
|
optional: false, nullable: false,
|
||||||
example: 'lenna.jpg',
|
example: '192.jpg',
|
||||||
},
|
},
|
||||||
type: {
|
type: {
|
||||||
type: 'string',
|
type: 'string',
|
||||||
|
|
|
@ -116,5 +116,9 @@ export const packedFederationInstanceSchema = {
|
||||||
type: 'string',
|
type: 'string',
|
||||||
optional: true, nullable: true,
|
optional: true, nullable: true,
|
||||||
},
|
},
|
||||||
|
httpMessageSignaturesImplementationLevel: {
|
||||||
|
type: 'string',
|
||||||
|
optional: false, nullable: false,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
} as const;
|
} as const;
|
||||||
|
|
|
@ -228,6 +228,10 @@ export const packedRolePoliciesSchema = {
|
||||||
type: 'boolean',
|
type: 'boolean',
|
||||||
optional: false, nullable: false,
|
optional: false, nullable: false,
|
||||||
},
|
},
|
||||||
|
canUpdateBioMedia: {
|
||||||
|
type: 'boolean',
|
||||||
|
optional: false, nullable: false,
|
||||||
|
},
|
||||||
pinLimit: {
|
pinLimit: {
|
||||||
type: 'integer',
|
type: 'integer',
|
||||||
optional: false, nullable: false,
|
optional: false, nullable: false,
|
||||||
|
|
|
@ -250,9 +250,9 @@ export class QueueProcessorService implements OnApplicationShutdown {
|
||||||
}, {
|
}, {
|
||||||
...baseQueueOptions(this.config, QUEUE.DELIVER),
|
...baseQueueOptions(this.config, QUEUE.DELIVER),
|
||||||
autorun: false,
|
autorun: false,
|
||||||
concurrency: this.config.deliverJobConcurrency ?? 128,
|
concurrency: this.config.deliverJobConcurrency ?? 16,
|
||||||
limiter: {
|
limiter: {
|
||||||
max: this.config.deliverJobPerSec ?? 128,
|
max: this.config.deliverJobPerSec ?? 1024,
|
||||||
duration: 1000,
|
duration: 1000,
|
||||||
},
|
},
|
||||||
settings: {
|
settings: {
|
||||||
|
@ -290,9 +290,9 @@ export class QueueProcessorService implements OnApplicationShutdown {
|
||||||
}, {
|
}, {
|
||||||
...baseQueueOptions(this.config, QUEUE.INBOX),
|
...baseQueueOptions(this.config, QUEUE.INBOX),
|
||||||
autorun: false,
|
autorun: false,
|
||||||
concurrency: this.config.inboxJobConcurrency ?? 16,
|
concurrency: this.config.inboxJobConcurrency ?? 4,
|
||||||
limiter: {
|
limiter: {
|
||||||
max: this.config.inboxJobPerSec ?? 32,
|
max: this.config.inboxJobPerSec ?? 64,
|
||||||
duration: 1000,
|
duration: 1000,
|
||||||
},
|
},
|
||||||
settings: {
|
settings: {
|
||||||
|
|
|
@ -73,25 +73,33 @@ export class DeliverProcessorService {
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
await this.apRequestService.signedPost(job.data.user, job.data.to, job.data.content, job.data.digest);
|
const _server = await this.federatedInstanceService.fetch(host);
|
||||||
|
await this.fetchInstanceMetadataService.fetchInstanceMetadata(_server).then(() => {});
|
||||||
|
const server = await this.federatedInstanceService.fetch(host);
|
||||||
|
|
||||||
|
await this.apRequestService.signedPost(
|
||||||
|
job.data.user,
|
||||||
|
job.data.to,
|
||||||
|
job.data.content,
|
||||||
|
server.httpMessageSignaturesImplementationLevel,
|
||||||
|
job.data.digest,
|
||||||
|
job.data.privateKey,
|
||||||
|
);
|
||||||
|
|
||||||
// Update stats
|
// Update stats
|
||||||
this.federatedInstanceService.fetch(host).then(i => {
|
if (server.isNotResponding) {
|
||||||
if (i.isNotResponding) {
|
this.federatedInstanceService.update(server.id, {
|
||||||
this.federatedInstanceService.update(i.id, {
|
isNotResponding: false,
|
||||||
isNotResponding: false,
|
notRespondingSince: null,
|
||||||
notRespondingSince: null,
|
});
|
||||||
});
|
}
|
||||||
}
|
|
||||||
|
|
||||||
this.fetchInstanceMetadataService.fetchInstanceMetadata(i);
|
this.apRequestChart.deliverSucc();
|
||||||
this.apRequestChart.deliverSucc();
|
this.federationChart.deliverd(server.host, true);
|
||||||
this.federationChart.deliverd(i.host, true);
|
|
||||||
|
|
||||||
if (meta.enableChartsForFederatedInstances) {
|
if (meta.enableChartsForFederatedInstances) {
|
||||||
this.instanceChart.requestSent(i.host, true);
|
this.instanceChart.requestSent(server.host, true);
|
||||||
}
|
}
|
||||||
});
|
|
||||||
|
|
||||||
return 'Success';
|
return 'Success';
|
||||||
} catch (res) {
|
} catch (res) {
|
||||||
|
|
|
@ -5,8 +5,8 @@
|
||||||
|
|
||||||
import { URL } from 'node:url';
|
import { URL } from 'node:url';
|
||||||
import { Injectable } from '@nestjs/common';
|
import { Injectable } from '@nestjs/common';
|
||||||
import httpSignature from '@peertube/http-signature';
|
|
||||||
import * as Bull from 'bullmq';
|
import * as Bull from 'bullmq';
|
||||||
|
import { verifyDraftSignature } from '@misskey-dev/node-http-message-signatures';
|
||||||
import type Logger from '@/logger.js';
|
import type Logger from '@/logger.js';
|
||||||
import { MetaService } from '@/core/MetaService.js';
|
import { MetaService } from '@/core/MetaService.js';
|
||||||
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
|
||||||
|
@ -20,6 +20,7 @@ import type { MiRemoteUser } from '@/models/User.js';
|
||||||
import type { MiUserPublickey } from '@/models/UserPublickey.js';
|
import type { MiUserPublickey } from '@/models/UserPublickey.js';
|
||||||
import { ApDbResolverService } from '@/core/activitypub/ApDbResolverService.js';
|
import { ApDbResolverService } from '@/core/activitypub/ApDbResolverService.js';
|
||||||
import { StatusError } from '@/misc/status-error.js';
|
import { StatusError } from '@/misc/status-error.js';
|
||||||
|
import * as Acct from '@/misc/acct.js';
|
||||||
import { UtilityService } from '@/core/UtilityService.js';
|
import { UtilityService } from '@/core/UtilityService.js';
|
||||||
import { ApPersonService } from '@/core/activitypub/models/ApPersonService.js';
|
import { ApPersonService } from '@/core/activitypub/models/ApPersonService.js';
|
||||||
import { JsonLdService } from '@/core/activitypub/JsonLdService.js';
|
import { JsonLdService } from '@/core/activitypub/JsonLdService.js';
|
||||||
|
@ -52,8 +53,15 @@ export class InboxProcessorService {
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async process(job: Bull.Job<InboxJobData>): Promise<string> {
|
public async process(job: Bull.Job<InboxJobData>): Promise<string> {
|
||||||
const signature = job.data.signature; // HTTP-signature
|
const signature = job.data.signature ?
|
||||||
|
'version' in job.data.signature ? job.data.signature.value : job.data.signature
|
||||||
|
: null;
|
||||||
|
if (Array.isArray(signature)) {
|
||||||
|
// RFC 9401はsignatureが配列になるが、とりあえずエラーにする
|
||||||
|
throw new Error('signature is array');
|
||||||
|
}
|
||||||
let activity = job.data.activity;
|
let activity = job.data.activity;
|
||||||
|
let actorUri = getApId(activity.actor);
|
||||||
|
|
||||||
//#region Log
|
//#region Log
|
||||||
const info = Object.assign({}, activity);
|
const info = Object.assign({}, activity);
|
||||||
|
@ -61,7 +69,7 @@ export class InboxProcessorService {
|
||||||
this.logger.debug(JSON.stringify(info, null, 2));
|
this.logger.debug(JSON.stringify(info, null, 2));
|
||||||
//#endregion
|
//#endregion
|
||||||
|
|
||||||
const host = this.utilityService.toPuny(new URL(signature.keyId).hostname);
|
const host = this.utilityService.toPuny(new URL(actorUri).hostname);
|
||||||
|
|
||||||
// ブロックしてたら中断
|
// ブロックしてたら中断
|
||||||
const meta = await this.metaService.fetch();
|
const meta = await this.metaService.fetch();
|
||||||
|
@ -69,69 +77,76 @@ export class InboxProcessorService {
|
||||||
return `Blocked request: ${host}`;
|
return `Blocked request: ${host}`;
|
||||||
}
|
}
|
||||||
|
|
||||||
const keyIdLower = signature.keyId.toLowerCase();
|
|
||||||
if (keyIdLower.startsWith('acct:')) {
|
|
||||||
return `Old keyId is no longer supported. ${keyIdLower}`;
|
|
||||||
}
|
|
||||||
|
|
||||||
// HTTP-Signature keyIdを元にDBから取得
|
// HTTP-Signature keyIdを元にDBから取得
|
||||||
let authUser: {
|
let authUser: Awaited<ReturnType<typeof this.apDbResolverService.getAuthUserFromApId>> = null;
|
||||||
user: MiRemoteUser;
|
let httpSignatureIsValid = null as boolean | null;
|
||||||
key: MiUserPublickey | null;
|
|
||||||
} | null = await this.apDbResolverService.getAuthUserFromKeyId(signature.keyId);
|
|
||||||
|
|
||||||
// keyIdでわからなければ、activity.actorを元にDBから取得 || activity.actorを元にリモートから取得
|
try {
|
||||||
if (authUser == null) {
|
authUser = await this.apDbResolverService.getAuthUserFromApId(actorUri, signature?.keyId);
|
||||||
try {
|
} catch (err) {
|
||||||
authUser = await this.apDbResolverService.getAuthUserFromApId(getApId(activity.actor));
|
// 対象が4xxならスキップ
|
||||||
} catch (err) {
|
if (err instanceof StatusError) {
|
||||||
// 対象が4xxならスキップ
|
if (!err.isRetryable) {
|
||||||
if (err instanceof StatusError) {
|
throw new Bull.UnrecoverableError(`skip: Ignored deleted actors on both ends ${activity.actor} - ${err.statusCode}`);
|
||||||
if (!err.isRetryable) {
|
|
||||||
throw new Bull.UnrecoverableError(`skip: Ignored deleted actors on both ends ${activity.actor} - ${err.statusCode}`);
|
|
||||||
}
|
|
||||||
throw new Error(`Error in actor ${activity.actor} - ${err.statusCode}`);
|
|
||||||
}
|
}
|
||||||
|
throw new Error(`Error in actor ${activity.actor} - ${err.statusCode}`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// それでもわからなければ終了
|
// authUser.userがnullならスキップ
|
||||||
if (authUser == null) {
|
if (authUser != null && authUser.user == null) {
|
||||||
throw new Bull.UnrecoverableError('skip: failed to resolve user');
|
throw new Bull.UnrecoverableError('skip: failed to resolve user');
|
||||||
}
|
}
|
||||||
|
|
||||||
// publicKey がなくても終了
|
if (signature != null && authUser != null) {
|
||||||
if (authUser.key == null) {
|
if (signature.keyId.toLowerCase().startsWith('acct:')) {
|
||||||
throw new Bull.UnrecoverableError('skip: failed to resolve user publicKey');
|
this.logger.warn(`Old keyId is no longer supported. lowerKeyId=${signature.keyId.toLowerCase()}`);
|
||||||
|
} else if (authUser.key != null) {
|
||||||
|
// keyがなかったらLD Signatureで検証するべき
|
||||||
|
// HTTP-Signatureの検証
|
||||||
|
const errorLogger = (ms: any) => this.logger.error(ms);
|
||||||
|
httpSignatureIsValid = await verifyDraftSignature(signature, authUser.key.keyPem, errorLogger);
|
||||||
|
this.logger.debug('Inbox message validation: ', {
|
||||||
|
userId: authUser.user.id,
|
||||||
|
userAcct: Acct.toString(authUser.user),
|
||||||
|
parsedKeyId: signature.keyId,
|
||||||
|
foundKeyId: authUser.key.keyId,
|
||||||
|
httpSignatureValid: httpSignatureIsValid,
|
||||||
|
});
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// HTTP-Signatureの検証
|
if (
|
||||||
const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
authUser == null ||
|
||||||
|
httpSignatureIsValid !== true ||
|
||||||
// また、signatureのsignerは、activity.actorと一致する必要がある
|
authUser.user.uri !== actorUri // 一応チェック
|
||||||
if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
|
) {
|
||||||
// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
|
// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
|
||||||
const ldSignature = activity.signature;
|
const ldSignature = activity.signature;
|
||||||
if (ldSignature) {
|
|
||||||
|
if (ldSignature && ldSignature.creator) {
|
||||||
if (ldSignature.type !== 'RsaSignature2017') {
|
if (ldSignature.type !== 'RsaSignature2017') {
|
||||||
throw new Bull.UnrecoverableError(`skip: unsupported LD-signature type ${ldSignature.type}`);
|
throw new Bull.UnrecoverableError(`skip: unsupported LD-signature type ${ldSignature.type}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
// ldSignature.creator: https://example.oom/users/user#main-key
|
if (ldSignature.creator.toLowerCase().startsWith('acct:')) {
|
||||||
// みたいになっててUserを引っ張れば公開キーも入ることを期待する
|
throw new Bull.UnrecoverableError(`old key not supported ${ldSignature.creator}`);
|
||||||
if (ldSignature.creator) {
|
|
||||||
const candicate = ldSignature.creator.replace(/#.*/, '');
|
|
||||||
await this.apPersonService.resolvePerson(candicate).catch(() => null);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// keyIdからLD-Signatureのユーザーを取得
|
authUser = await this.apDbResolverService.getAuthUserFromApId(actorUri, ldSignature.creator);
|
||||||
authUser = await this.apDbResolverService.getAuthUserFromKeyId(ldSignature.creator);
|
|
||||||
if (authUser == null) {
|
if (authUser == null) {
|
||||||
throw new Bull.UnrecoverableError('skip: LD-Signatureのユーザーが取得できませんでした');
|
throw new Bull.UnrecoverableError(`skip: LD-Signatureのactorとcreatorが一致しませんでした uri=${actorUri} creator=${ldSignature.creator}`);
|
||||||
|
}
|
||||||
|
if (authUser.user == null) {
|
||||||
|
throw new Bull.UnrecoverableError(`skip: LD-Signatureのユーザーが取得できませんでした uri=${actorUri} creator=${ldSignature.creator}`);
|
||||||
|
}
|
||||||
|
// 一応actorチェック
|
||||||
|
if (authUser.user.uri !== actorUri) {
|
||||||
|
throw new Bull.UnrecoverableError(`skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${actorUri})`);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (authUser.key == null) {
|
if (authUser.key == null) {
|
||||||
throw new Bull.UnrecoverableError('skip: LD-SignatureのユーザーはpublicKeyを持っていませんでした');
|
throw new Bull.UnrecoverableError(`skip: LD-SignatureのユーザーはpublicKeyを持っていませんでした uri=${actorUri} creator=${ldSignature.creator}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
const jsonLd = this.jsonLdService.use();
|
const jsonLd = this.jsonLdService.use();
|
||||||
|
@ -142,13 +157,27 @@ export class InboxProcessorService {
|
||||||
throw new Bull.UnrecoverableError('skip: LD-Signatureの検証に失敗しました');
|
throw new Bull.UnrecoverableError('skip: LD-Signatureの検証に失敗しました');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ブロックしてたら中断
|
||||||
|
const ldHost = this.utilityService.extractDbHost(authUser.user.uri);
|
||||||
|
if (this.utilityService.isBlockedHost(meta.blockedHosts, ldHost)) {
|
||||||
|
throw new Bull.UnrecoverableError(`Blocked request: ${ldHost}`);
|
||||||
|
}
|
||||||
|
|
||||||
// アクティビティを正規化
|
// アクティビティを正規化
|
||||||
|
// GHSA-2vxv-pv3m-3wvj
|
||||||
delete activity.signature;
|
delete activity.signature;
|
||||||
try {
|
try {
|
||||||
activity = await jsonLd.compact(activity) as IActivity;
|
activity = await jsonLd.compact(activity) as IActivity;
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
throw new Bull.UnrecoverableError(`skip: failed to compact activity: ${e}`);
|
throw new Bull.UnrecoverableError(`skip: failed to compact activity: ${e}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// actorが正規化前後で一致しているか確認
|
||||||
|
actorUri = getApId(activity.actor);
|
||||||
|
if (authUser.user.uri !== actorUri) {
|
||||||
|
throw new Bull.UnrecoverableError(`skip: LD-Signature user(${authUser.user.uri}) !== activity(after normalization).actor(${actorUri})`);
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: 元のアクティビティと非互換な形に正規化される場合は転送をスキップする
|
// TODO: 元のアクティビティと非互換な形に正規化される場合は転送をスキップする
|
||||||
// https://github.com/mastodon/mastodon/blob/664b0ca/app/services/activitypub/process_collection_service.rb#L24-L29
|
// https://github.com/mastodon/mastodon/blob/664b0ca/app/services/activitypub/process_collection_service.rb#L24-L29
|
||||||
activity.signature = ldSignature;
|
activity.signature = ldSignature;
|
||||||
|
@ -158,19 +187,8 @@ export class InboxProcessorService {
|
||||||
delete compactedInfo['@context'];
|
delete compactedInfo['@context'];
|
||||||
this.logger.debug(`compacted: ${JSON.stringify(compactedInfo, null, 2)}`);
|
this.logger.debug(`compacted: ${JSON.stringify(compactedInfo, null, 2)}`);
|
||||||
//#endregion
|
//#endregion
|
||||||
|
|
||||||
// もう一度actorチェック
|
|
||||||
if (authUser.user.uri !== activity.actor) {
|
|
||||||
throw new Bull.UnrecoverableError(`skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`);
|
|
||||||
}
|
|
||||||
|
|
||||||
// ブロックしてたら中断
|
|
||||||
const ldHost = this.utilityService.extractDbHost(authUser.user.uri);
|
|
||||||
if (this.utilityService.isBlockedHost(meta.blockedHosts, ldHost)) {
|
|
||||||
throw new Bull.UnrecoverableError(`Blocked request: ${ldHost}`);
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
throw new Bull.UnrecoverableError(`skip: http-signature verification failed and no LD-Signature. keyId=${signature.keyId}`);
|
throw new Bull.UnrecoverableError(`skip: http-signature verification failed and no LD-Signature. http_signature_keyId=${signature?.keyId}`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,24 @@ import type { MiNote } from '@/models/Note.js';
|
||||||
import type { MiUser } from '@/models/User.js';
|
import type { MiUser } from '@/models/User.js';
|
||||||
import type { MiWebhook } from '@/models/Webhook.js';
|
import type { MiWebhook } from '@/models/Webhook.js';
|
||||||
import type { IActivity } from '@/core/activitypub/type.js';
|
import type { IActivity } from '@/core/activitypub/type.js';
|
||||||
import type httpSignature from '@peertube/http-signature';
|
import type { ParsedSignature, PrivateKeyWithPem } from '@misskey-dev/node-http-message-signatures';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @peertube/http-signature 時代の古いデータにも対応しておく
|
||||||
|
* TODO: 2026年ぐらいには消す
|
||||||
|
*/
|
||||||
|
export interface OldParsedSignature {
|
||||||
|
scheme: 'Signature';
|
||||||
|
params: {
|
||||||
|
keyId: string;
|
||||||
|
algorithm: string;
|
||||||
|
headers: string[];
|
||||||
|
signature: string;
|
||||||
|
};
|
||||||
|
signingString: string;
|
||||||
|
algorithm: string;
|
||||||
|
keyId: string;
|
||||||
|
}
|
||||||
|
|
||||||
export type DeliverJobData = {
|
export type DeliverJobData = {
|
||||||
/** Actor */
|
/** Actor */
|
||||||
|
@ -22,11 +39,13 @@ export type DeliverJobData = {
|
||||||
to: string;
|
to: string;
|
||||||
/** whether it is sharedInbox */
|
/** whether it is sharedInbox */
|
||||||
isSharedInbox: boolean;
|
isSharedInbox: boolean;
|
||||||
|
/** force to use main (rsa) key */
|
||||||
|
privateKey?: PrivateKeyWithPem;
|
||||||
};
|
};
|
||||||
|
|
||||||
export type InboxJobData = {
|
export type InboxJobData = {
|
||||||
activity: IActivity;
|
activity: IActivity;
|
||||||
signature: httpSignature.IParsedSignature;
|
signature: ParsedSignature | OldParsedSignature | null;
|
||||||
};
|
};
|
||||||
|
|
||||||
export type RelationshipJobData = {
|
export type RelationshipJobData = {
|
||||||
|
|
|
@ -3,11 +3,10 @@
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import * as crypto from 'node:crypto';
|
|
||||||
import { IncomingMessage } from 'node:http';
|
import { IncomingMessage } from 'node:http';
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import fastifyAccepts from '@fastify/accepts';
|
import fastifyAccepts from '@fastify/accepts';
|
||||||
import httpSignature from '@peertube/http-signature';
|
import { verifyDigestHeader, parseRequestSignature } from '@misskey-dev/node-http-message-signatures';
|
||||||
import { Brackets, In, IsNull, LessThan, Not } from 'typeorm';
|
import { Brackets, In, IsNull, LessThan, Not } from 'typeorm';
|
||||||
import accepts from 'accepts';
|
import accepts from 'accepts';
|
||||||
import vary from 'vary';
|
import vary from 'vary';
|
||||||
|
@ -31,12 +30,17 @@ import { IActivity } from '@/core/activitypub/type.js';
|
||||||
import { isQuote, isRenote } from '@/misc/is-renote.js';
|
import { isQuote, isRenote } from '@/misc/is-renote.js';
|
||||||
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
|
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
|
||||||
import type { FindOptionsWhere } from 'typeorm';
|
import type { FindOptionsWhere } from 'typeorm';
|
||||||
|
import { LoggerService } from '@/core/LoggerService.js';
|
||||||
|
import Logger from '@/logger.js';
|
||||||
|
|
||||||
const ACTIVITY_JSON = 'application/activity+json; charset=utf-8';
|
const ACTIVITY_JSON = 'application/activity+json; charset=utf-8';
|
||||||
const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
|
const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class ActivityPubServerService {
|
export class ActivityPubServerService {
|
||||||
|
private logger: Logger;
|
||||||
|
private inboxLogger: Logger;
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
@Inject(DI.config)
|
@Inject(DI.config)
|
||||||
private config: Config,
|
private config: Config,
|
||||||
|
@ -71,8 +75,11 @@ export class ActivityPubServerService {
|
||||||
private queueService: QueueService,
|
private queueService: QueueService,
|
||||||
private userKeypairService: UserKeypairService,
|
private userKeypairService: UserKeypairService,
|
||||||
private queryService: QueryService,
|
private queryService: QueryService,
|
||||||
|
private loggerService: LoggerService,
|
||||||
) {
|
) {
|
||||||
//this.createServer = this.createServer.bind(this);
|
//this.createServer = this.createServer.bind(this);
|
||||||
|
this.logger = this.loggerService.getLogger('server-ap', 'gray');
|
||||||
|
this.inboxLogger = this.logger.createSubLogger('inbox', 'gray');
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
|
@ -100,70 +107,44 @@ export class ActivityPubServerService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
private inbox(request: FastifyRequest, reply: FastifyReply) {
|
private async inbox(request: FastifyRequest, reply: FastifyReply) {
|
||||||
let signature;
|
if (request.body == null) {
|
||||||
|
this.inboxLogger.warn('request body is empty');
|
||||||
|
reply.code(400);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
let signature: ReturnType<typeof parseRequestSignature>;
|
||||||
|
|
||||||
|
const verifyDigest = await verifyDigestHeader(request.raw, request.rawBody || '', true);
|
||||||
|
if (verifyDigest !== true) {
|
||||||
|
this.inboxLogger.warn('digest verification failed');
|
||||||
|
reply.code(401);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
signature = httpSignature.parseRequest(request.raw, { 'headers': [] });
|
signature = parseRequestSignature(request.raw, {
|
||||||
} catch (e) {
|
requiredInputs: {
|
||||||
|
draft: ['(request-target)', 'digest', 'host', 'date'],
|
||||||
|
},
|
||||||
|
});
|
||||||
|
} catch (err) {
|
||||||
|
this.inboxLogger.warn('signature header parsing failed', { err });
|
||||||
|
|
||||||
|
if (typeof request.body === 'object' && 'signature' in request.body) {
|
||||||
|
// LD SignatureがあればOK
|
||||||
|
this.queueService.inbox(request.body as IActivity, null);
|
||||||
|
reply.code(202);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
this.inboxLogger.warn('signature header parsing failed and LD signature not found');
|
||||||
reply.code(401);
|
reply.code(401);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (signature.params.headers.indexOf('host') === -1
|
|
||||||
|| request.headers.host !== this.config.host) {
|
|
||||||
// Host not specified or not match.
|
|
||||||
reply.code(401);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (signature.params.headers.indexOf('digest') === -1) {
|
|
||||||
// Digest not found.
|
|
||||||
reply.code(401);
|
|
||||||
} else {
|
|
||||||
const digest = request.headers.digest;
|
|
||||||
|
|
||||||
if (typeof digest !== 'string') {
|
|
||||||
// Huh?
|
|
||||||
reply.code(401);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const re = /^([a-zA-Z0-9\-]+)=(.+)$/;
|
|
||||||
const match = digest.match(re);
|
|
||||||
|
|
||||||
if (match == null) {
|
|
||||||
// Invalid digest
|
|
||||||
reply.code(401);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const algo = match[1].toUpperCase();
|
|
||||||
const digestValue = match[2];
|
|
||||||
|
|
||||||
if (algo !== 'SHA-256') {
|
|
||||||
// Unsupported digest algorithm
|
|
||||||
reply.code(401);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (request.rawBody == null) {
|
|
||||||
// Bad request
|
|
||||||
reply.code(400);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const hash = crypto.createHash('sha256').update(request.rawBody).digest('base64');
|
|
||||||
|
|
||||||
if (hash !== digestValue) {
|
|
||||||
// Invalid digest
|
|
||||||
reply.code(401);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
this.queueService.inbox(request.body as IActivity, signature);
|
this.queueService.inbox(request.body as IActivity, signature);
|
||||||
|
|
||||||
reply.code(202);
|
reply.code(202);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -640,7 +621,7 @@ export class ActivityPubServerService {
|
||||||
if (this.userEntityService.isLocalUser(user)) {
|
if (this.userEntityService.isLocalUser(user)) {
|
||||||
reply.header('Cache-Control', 'public, max-age=180');
|
reply.header('Cache-Control', 'public, max-age=180');
|
||||||
this.setResponseType(request, reply);
|
this.setResponseType(request, reply);
|
||||||
return (this.apRendererService.addContext(this.apRendererService.renderKey(user, keypair)));
|
return (this.apRendererService.addContext(this.apRendererService.renderKey(user, keypair.publicKey)));
|
||||||
} else {
|
} else {
|
||||||
reply.code(400);
|
reply.code(400);
|
||||||
return;
|
return;
|
||||||
|
|
|
@ -94,6 +94,13 @@ export class NodeinfoServerService {
|
||||||
localComments: 0,
|
localComments: 0,
|
||||||
},
|
},
|
||||||
metadata: {
|
metadata: {
|
||||||
|
/**
|
||||||
|
* '00': Draft, RSA only
|
||||||
|
* '01': Draft, Ed25519 suported
|
||||||
|
* '11': RFC 9421, Ed25519 supported
|
||||||
|
*/
|
||||||
|
httpMessageSignaturesImplementationLevel: '01',
|
||||||
|
|
||||||
nodeName: meta.name,
|
nodeName: meta.name,
|
||||||
nodeDescription: meta.description,
|
nodeDescription: meta.description,
|
||||||
nodeAdmins: [{
|
nodeAdmins: [{
|
||||||
|
|
|
@ -61,7 +61,7 @@ export const meta = {
|
||||||
name: {
|
name: {
|
||||||
type: 'string',
|
type: 'string',
|
||||||
optional: false, nullable: false,
|
optional: false, nullable: false,
|
||||||
example: 'lenna.jpg',
|
example: '192.jpg',
|
||||||
},
|
},
|
||||||
type: {
|
type: {
|
||||||
type: 'string',
|
type: 'string',
|
||||||
|
|
|
@ -56,7 +56,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
const res = [] as [string, number][];
|
const res = [] as [string, number][];
|
||||||
|
|
||||||
for (const job of jobs) {
|
for (const job of jobs) {
|
||||||
const host = new URL(job.data.signature.keyId).host;
|
const signature = job.data.signature ? 'version' in job.data.signature ? job.data.signature.value : job.data.signature : null;
|
||||||
|
const host = signature ? Array.isArray(signature) ? 'TODO' : new URL(signature.keyId).host : new URL(job.data.activity.actor).host;
|
||||||
if (res.find(x => x[0] === host)) {
|
if (res.find(x => x[0] === host)) {
|
||||||
res.find(x => x[0] === host)![1]++;
|
res.find(x => x[0] === host)![1]++;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -25,7 +25,7 @@ import { UserFollowingService } from '@/core/UserFollowingService.js';
|
||||||
import { AccountUpdateService } from '@/core/AccountUpdateService.js';
|
import { AccountUpdateService } from '@/core/AccountUpdateService.js';
|
||||||
import { HashtagService } from '@/core/HashtagService.js';
|
import { HashtagService } from '@/core/HashtagService.js';
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { RoleService } from '@/core/RoleService.js';
|
import { RolePolicies, RoleService } from '@/core/RoleService.js';
|
||||||
import { CacheService } from '@/core/CacheService.js';
|
import { CacheService } from '@/core/CacheService.js';
|
||||||
import { RemoteUserResolveService } from '@/core/RemoteUserResolveService.js';
|
import { RemoteUserResolveService } from '@/core/RemoteUserResolveService.js';
|
||||||
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
||||||
|
@ -256,8 +256,16 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
const profileUpdates = {} as Partial<MiUserProfile>;
|
const profileUpdates = {} as Partial<MiUserProfile>;
|
||||||
|
|
||||||
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
|
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
|
||||||
|
let policies: RolePolicies | null = null;
|
||||||
|
|
||||||
if (ps.name !== undefined) updates.name = ps.name;
|
if (ps.name !== undefined) {
|
||||||
|
if (ps.name === null) {
|
||||||
|
updates.name = null;
|
||||||
|
} else {
|
||||||
|
const trimmedName = ps.name.trim();
|
||||||
|
updates.name = trimmedName === '' ? null : trimmedName;
|
||||||
|
}
|
||||||
|
}
|
||||||
if (ps.description !== undefined) profileUpdates.description = ps.description;
|
if (ps.description !== undefined) profileUpdates.description = ps.description;
|
||||||
if (ps.lang !== undefined) profileUpdates.lang = ps.lang;
|
if (ps.lang !== undefined) profileUpdates.lang = ps.lang;
|
||||||
if (ps.location !== undefined) profileUpdates.location = ps.location;
|
if (ps.location !== undefined) profileUpdates.location = ps.location;
|
||||||
|
@ -289,14 +297,16 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ps.mutedWords !== undefined) {
|
if (ps.mutedWords !== undefined) {
|
||||||
checkMuteWordCount(ps.mutedWords, (await this.roleService.getUserPolicies(user.id)).wordMuteLimit);
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
|
checkMuteWordCount(ps.mutedWords, policies.wordMuteLimit);
|
||||||
validateMuteWordRegex(ps.mutedWords);
|
validateMuteWordRegex(ps.mutedWords);
|
||||||
|
|
||||||
profileUpdates.mutedWords = ps.mutedWords;
|
profileUpdates.mutedWords = ps.mutedWords;
|
||||||
profileUpdates.enableWordMute = ps.mutedWords.length > 0;
|
profileUpdates.enableWordMute = ps.mutedWords.length > 0;
|
||||||
}
|
}
|
||||||
if (ps.hardMutedWords !== undefined) {
|
if (ps.hardMutedWords !== undefined) {
|
||||||
checkMuteWordCount(ps.hardMutedWords, (await this.roleService.getUserPolicies(user.id)).wordMuteLimit);
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
|
checkMuteWordCount(ps.hardMutedWords, policies.wordMuteLimit);
|
||||||
validateMuteWordRegex(ps.hardMutedWords);
|
validateMuteWordRegex(ps.hardMutedWords);
|
||||||
profileUpdates.hardMutedWords = ps.hardMutedWords;
|
profileUpdates.hardMutedWords = ps.hardMutedWords;
|
||||||
}
|
}
|
||||||
|
@ -315,13 +325,17 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
if (typeof ps.injectFeaturedNote === 'boolean') profileUpdates.injectFeaturedNote = ps.injectFeaturedNote;
|
if (typeof ps.injectFeaturedNote === 'boolean') profileUpdates.injectFeaturedNote = ps.injectFeaturedNote;
|
||||||
if (typeof ps.receiveAnnouncementEmail === 'boolean') profileUpdates.receiveAnnouncementEmail = ps.receiveAnnouncementEmail;
|
if (typeof ps.receiveAnnouncementEmail === 'boolean') profileUpdates.receiveAnnouncementEmail = ps.receiveAnnouncementEmail;
|
||||||
if (typeof ps.alwaysMarkNsfw === 'boolean') {
|
if (typeof ps.alwaysMarkNsfw === 'boolean') {
|
||||||
if ((await roleService.getUserPolicies(user.id)).alwaysMarkNsfw) throw new ApiError(meta.errors.restrictedByRole);
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
|
if (policies.alwaysMarkNsfw) throw new ApiError(meta.errors.restrictedByRole);
|
||||||
profileUpdates.alwaysMarkNsfw = ps.alwaysMarkNsfw;
|
profileUpdates.alwaysMarkNsfw = ps.alwaysMarkNsfw;
|
||||||
}
|
}
|
||||||
if (typeof ps.autoSensitive === 'boolean') profileUpdates.autoSensitive = ps.autoSensitive;
|
if (typeof ps.autoSensitive === 'boolean') profileUpdates.autoSensitive = ps.autoSensitive;
|
||||||
if (ps.emailNotificationTypes !== undefined) profileUpdates.emailNotificationTypes = ps.emailNotificationTypes;
|
if (ps.emailNotificationTypes !== undefined) profileUpdates.emailNotificationTypes = ps.emailNotificationTypes;
|
||||||
|
|
||||||
if (ps.avatarId) {
|
if (ps.avatarId) {
|
||||||
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
|
if (!policies.canUpdateBioMedia) throw new ApiError(meta.errors.restrictedByRole);
|
||||||
|
|
||||||
const avatar = await this.driveFilesRepository.findOneBy({ id: ps.avatarId });
|
const avatar = await this.driveFilesRepository.findOneBy({ id: ps.avatarId });
|
||||||
|
|
||||||
if (avatar == null || avatar.userId !== user.id) throw new ApiError(meta.errors.noSuchAvatar);
|
if (avatar == null || avatar.userId !== user.id) throw new ApiError(meta.errors.noSuchAvatar);
|
||||||
|
@ -337,6 +351,9 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ps.bannerId) {
|
if (ps.bannerId) {
|
||||||
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
|
if (!policies.canUpdateBioMedia) throw new ApiError(meta.errors.restrictedByRole);
|
||||||
|
|
||||||
const banner = await this.driveFilesRepository.findOneBy({ id: ps.bannerId });
|
const banner = await this.driveFilesRepository.findOneBy({ id: ps.bannerId });
|
||||||
|
|
||||||
if (banner == null || banner.userId !== user.id) throw new ApiError(meta.errors.noSuchBanner);
|
if (banner == null || banner.userId !== user.id) throw new ApiError(meta.errors.noSuchBanner);
|
||||||
|
@ -352,14 +369,15 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ps.avatarDecorations) {
|
if (ps.avatarDecorations) {
|
||||||
|
policies ??= await this.roleService.getUserPolicies(user.id);
|
||||||
const decorations = await this.avatarDecorationService.getAll(true);
|
const decorations = await this.avatarDecorationService.getAll(true);
|
||||||
const [myRoles, myPolicies] = await Promise.all([this.roleService.getUserRoles(user.id), this.roleService.getUserPolicies(user.id)]);
|
const myRoles = await this.roleService.getUserRoles(user.id);
|
||||||
const allRoles = await this.roleService.getRoles();
|
const allRoles = await this.roleService.getRoles();
|
||||||
const decorationIds = decorations
|
const decorationIds = decorations
|
||||||
.filter(d => d.roleIdsThatCanBeUsedThisDecoration.filter(roleId => allRoles.some(r => r.id === roleId)).length === 0 || myRoles.some(r => d.roleIdsThatCanBeUsedThisDecoration.includes(r.id)))
|
.filter(d => d.roleIdsThatCanBeUsedThisDecoration.filter(roleId => allRoles.some(r => r.id === roleId)).length === 0 || myRoles.some(r => d.roleIdsThatCanBeUsedThisDecoration.includes(r.id)))
|
||||||
.map(d => d.id);
|
.map(d => d.id);
|
||||||
|
|
||||||
if (ps.avatarDecorations.length > myPolicies.avatarDecorationLimit) throw new ApiError(meta.errors.restrictedByRole);
|
if (ps.avatarDecorations.length > policies.avatarDecorationLimit) throw new ApiError(meta.errors.restrictedByRole);
|
||||||
|
|
||||||
updates.avatarDecorations = ps.avatarDecorations.filter(d => decorationIds.includes(d.id)).map(d => ({
|
updates.avatarDecorations = ps.avatarDecorations.filter(d => decorationIds.includes(d.id)).map(d => ({
|
||||||
id: d.id,
|
id: d.id,
|
||||||
|
|
|
@ -139,6 +139,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
timelineConfig = [
|
timelineConfig = [
|
||||||
`homeTimeline:${me.id}`,
|
`homeTimeline:${me.id}`,
|
||||||
'localTimeline',
|
'localTimeline',
|
||||||
|
`localTimelineWithReplyTo:${me.id}`,
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,12 +6,11 @@
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import ms from 'ms';
|
import ms from 'ms';
|
||||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||||
import { IdService } from '@/core/IdService.js';
|
|
||||||
import type { RenoteMutingsRepository } from '@/models/_.js';
|
|
||||||
import type { MiRenoteMuting } from '@/models/RenoteMuting.js';
|
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { GetterService } from '@/server/api/GetterService.js';
|
import { GetterService } from '@/server/api/GetterService.js';
|
||||||
import { ApiError } from '../../error.js';
|
import { ApiError } from '../../error.js';
|
||||||
|
import { UserRenoteMutingService } from "@/core/UserRenoteMutingService.js";
|
||||||
|
import type { RenoteMutingsRepository } from '@/models/_.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['account'],
|
tags: ['account'],
|
||||||
|
@ -62,7 +61,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
private renoteMutingsRepository: RenoteMutingsRepository,
|
private renoteMutingsRepository: RenoteMutingsRepository,
|
||||||
|
|
||||||
private getterService: GetterService,
|
private getterService: GetterService,
|
||||||
private idService: IdService,
|
private userRenoteMutingService: UserRenoteMutingService,
|
||||||
) {
|
) {
|
||||||
super(meta, paramDef, async (ps, me) => {
|
super(meta, paramDef, async (ps, me) => {
|
||||||
const muter = me;
|
const muter = me;
|
||||||
|
@ -79,21 +78,19 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
});
|
});
|
||||||
|
|
||||||
// Check if already muting
|
// Check if already muting
|
||||||
const exist = await this.renoteMutingsRepository.findOneBy({
|
const exist = await this.renoteMutingsRepository.exists({
|
||||||
muterId: muter.id,
|
where: {
|
||||||
muteeId: mutee.id,
|
muterId: muter.id,
|
||||||
|
muteeId: mutee.id,
|
||||||
|
},
|
||||||
});
|
});
|
||||||
|
|
||||||
if (exist != null) {
|
if (exist === true) {
|
||||||
throw new ApiError(meta.errors.alreadyMuting);
|
throw new ApiError(meta.errors.alreadyMuting);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create mute
|
// Create mute
|
||||||
await this.renoteMutingsRepository.insert({
|
await this.userRenoteMutingService.mute(muter, mutee);
|
||||||
id: this.idService.gen(),
|
|
||||||
muterId: muter.id,
|
|
||||||
muteeId: mutee.id,
|
|
||||||
} as MiRenoteMuting);
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,10 +5,11 @@
|
||||||
|
|
||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||||
import type { RenoteMutingsRepository } from '@/models/_.js';
|
|
||||||
import { DI } from '@/di-symbols.js';
|
import { DI } from '@/di-symbols.js';
|
||||||
import { GetterService } from '@/server/api/GetterService.js';
|
import { GetterService } from '@/server/api/GetterService.js';
|
||||||
import { ApiError } from '../../error.js';
|
import { ApiError } from '../../error.js';
|
||||||
|
import { UserRenoteMutingService } from "@/core/UserRenoteMutingService.js";
|
||||||
|
import type { RenoteMutingsRepository } from '@/models/_.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['account'],
|
tags: ['account'],
|
||||||
|
@ -53,6 +54,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
private renoteMutingsRepository: RenoteMutingsRepository,
|
private renoteMutingsRepository: RenoteMutingsRepository,
|
||||||
|
|
||||||
private getterService: GetterService,
|
private getterService: GetterService,
|
||||||
|
private userRenoteMutingService: UserRenoteMutingService,
|
||||||
) {
|
) {
|
||||||
super(meta, paramDef, async (ps, me) => {
|
super(meta, paramDef, async (ps, me) => {
|
||||||
const muter = me;
|
const muter = me;
|
||||||
|
@ -79,9 +81,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
}
|
}
|
||||||
|
|
||||||
// Delete mute
|
// Delete mute
|
||||||
await this.renoteMutingsRepository.delete({
|
await this.userRenoteMutingService.unmute([exist]);
|
||||||
id: exist.id,
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue