prevent the old account from calling some endpoints

2023-04-13 13:46:01 -04:00 · 2023-04-13 13:46:01 -04:00 · 5e845f1ad5
parent 91a59da055
commit 5e845f1ad5
38 changed files with 92 additions and 3 deletions
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@ -261,6 +261,17 @@ export class ApiCallService implements OnApplicationShutdown {
 			}
 		}

+		if (ep.meta.prohibitMoved) {
+			if (user?.movedToUri) {
+				throw new ApiError({
+					message: 'You have moved your account.',
+					code: 'YOUR_ACCOUNT_MOVED',
+					id: '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31',
+					httpStatusCode: 403,
+				});
+			}
+		}
+
 		if ((ep.meta.requireModerator || ep.meta.requireAdmin) && !user!.isRoot) {
 			const myRoles = await this.roleService.getUserRoles(user!.id);
 			if (ep.meta.requireModerator && !myRoles.some(r => r.isModerator || r.isAdministrator)) {
--- a/packages/backend/src/server/api/endpoints.ts
+++ b/packages/backend/src/server/api/endpoints.ts
@ -702,6 +702,12 @@ export interface IEndpointMeta {

 	readonly requireRolePolicy?: keyof RolePolicies;

+	/**
+	 * 引っ越し済みのユーザーによるリクエストを禁止するか
+	 * 省略した場合は false として解釈されます。
+	 */
+	readonly prohibitMoved?: boolean;
+
 	/**
 	 * エンドポイントのリミテーションに関するやつ
 	 * 省略した場合はリミテーションは無いものとして解釈されます。
--- a/packages/backend/src/server/api/endpoints/antennas/create.ts
+++ b/packages/backend/src/server/api/endpoints/antennas/create.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/antennas/update.ts
+++ b/packages/backend/src/server/api/endpoints/antennas/update.ts
@ -11,6 +11,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	errors: {
@ -71,7 +73,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {

 		@Inject(DI.userListsRepository)
 		private userListsRepository: UserListsRepository,
-		
+
 		private antennaEntityService: AntennaEntityService,
 		private globalEventService: GlobalEventService,
 	) {
--- a/packages/backend/src/server/api/endpoints/app/create.ts
+++ b/packages/backend/src/server/api/endpoints/app/create.ts
@ -12,6 +12,8 @@ export const meta = {

 	requireCredential: false,

+	prohibitMoved: true,
+
 	res: {
 		type: 'object',
 		optional: false, nullable: false,
--- a/packages/backend/src/server/api/endpoints/channels/create.ts
+++ b/packages/backend/src/server/api/endpoints/channels/create.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:channels',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/channels/favorite.ts
+++ b/packages/backend/src/server/api/endpoints/channels/favorite.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:channels',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/channels/follow.ts
+++ b/packages/backend/src/server/api/endpoints/channels/follow.ts
@ -11,6 +11,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:channels',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/channels/unfavorite.ts
+++ b/packages/backend/src/server/api/endpoints/channels/unfavorite.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:channels',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/channels/unfollow.ts
+++ b/packages/backend/src/server/api/endpoints/channels/unfollow.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:channels',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/clips/add-note.ts
+++ b/packages/backend/src/server/api/endpoints/clips/add-note.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/clips/create.ts
+++ b/packages/backend/src/server/api/endpoints/clips/create.ts
@ -12,6 +12,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	res: {
@ -57,7 +59,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
 			if (currentCount > (await this.roleService.getUserPolicies(me.id)).clipLimit) {
 				throw new ApiError(meta.errors.tooManyClips);
 			}
-	
+
 			const clip = await this.clipsRepository.insert({
 				id: this.idService.genId(),
 				createdAt: new Date(),
--- a/packages/backend/src/server/api/endpoints/clips/favorite.ts
+++ b/packages/backend/src/server/api/endpoints/clips/favorite.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:clip-favorite',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/clips/remove-note.ts
+++ b/packages/backend/src/server/api/endpoints/clips/remove-note.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/clips/unfavorite.ts
+++ b/packages/backend/src/server/api/endpoints/clips/unfavorite.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:clip-favorite',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/clips/update.ts
+++ b/packages/backend/src/server/api/endpoints/clips/update.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/drive/files/create.ts
+++ b/packages/backend/src/server/api/endpoints/drive/files/create.ts
@ -15,6 +15,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	limit: {
 		duration: ms('1hour'),
 		max: 120,
--- a/packages/backend/src/server/api/endpoints/drive/files/upload-from-url.ts
+++ b/packages/backend/src/server/api/endpoints/drive/files/upload-from-url.ts
@ -19,6 +19,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:drive',
 } as const;

--- a/packages/backend/src/server/api/endpoints/flash/create.ts
+++ b/packages/backend/src/server/api/endpoints/flash/create.ts
@ -11,6 +11,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:flash',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/flash/like.ts
+++ b/packages/backend/src/server/api/endpoints/flash/like.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:flash-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/flash/unlike.ts
+++ b/packages/backend/src/server/api/endpoints/flash/unlike.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:flash-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/flash/update.ts
+++ b/packages/backend/src/server/api/endpoints/flash/update.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:flash',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/following/create.ts
+++ b/packages/backend/src/server/api/endpoints/following/create.ts
@ -19,6 +19,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:following',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/gallery/posts/create.ts
+++ b/packages/backend/src/server/api/endpoints/gallery/posts/create.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:gallery',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/gallery/posts/like.ts
+++ b/packages/backend/src/server/api/endpoints/gallery/posts/like.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:gallery-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/gallery/posts/unlike.ts
+++ b/packages/backend/src/server/api/endpoints/gallery/posts/unlike.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:gallery-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/gallery/posts/update.ts
+++ b/packages/backend/src/server/api/endpoints/gallery/posts/update.ts
@ -11,6 +11,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:gallery',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/notes/create.ts
+++ b/packages/backend/src/server/api/endpoints/notes/create.ts
@ -18,6 +18,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	limit: {
 		duration: ms('1hour'),
 		max: 300,
--- a/packages/backend/src/server/api/endpoints/notes/polls/vote.ts
+++ b/packages/backend/src/server/api/endpoints/notes/polls/vote.ts
@ -17,6 +17,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:votes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/notes/reactions/create.ts
+++ b/packages/backend/src/server/api/endpoints/notes/reactions/create.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:reactions',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/pages/create.ts
+++ b/packages/backend/src/server/api/endpoints/pages/create.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:pages',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/pages/like.ts
+++ b/packages/backend/src/server/api/endpoints/pages/like.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:page-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/pages/unlike.ts
+++ b/packages/backend/src/server/api/endpoints/pages/unlike.ts
@ -9,6 +9,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:page-likes',

 	errors: {
--- a/packages/backend/src/server/api/endpoints/pages/update.ts
+++ b/packages/backend/src/server/api/endpoints/pages/update.ts
@ -11,6 +11,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:pages',

 	limit: {
--- a/packages/backend/src/server/api/endpoints/users/lists/create.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/create.ts
@ -13,6 +13,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	description: 'Create a new list of users.',
@ -58,7 +60,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
 			if (currentCount > (await this.roleService.getUserPolicies(me.id)).userListLimit) {
 				throw new ApiError(meta.errors.tooManyUserLists);
 			}
-	
+
 			const userList = await this.userListsRepository.insert({
 				id: this.idService.genId(),
 				createdAt: new Date(),
--- a/packages/backend/src/server/api/endpoints/users/lists/pull.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/pull.ts
@ -12,6 +12,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	description: 'Remove a user from a list.',
--- a/packages/backend/src/server/api/endpoints/users/lists/push.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/push.ts
@ -12,6 +12,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	description: 'Add a user to an existing list.',
--- a/packages/backend/src/server/api/endpoints/users/lists/update.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/update.ts
@ -10,6 +10,8 @@ export const meta = {

 	requireCredential: true,

+	prohibitMoved: true,
+
 	kind: 'write:account',

 	description: 'Update the properties of a list.',