castAsErrorで安全ではないキャストを隠蔽
This commit is contained in:
Kisaragi Marine
parent
b3464e0cb7
commit
67718a5dec
|
|
@ -12,7 +12,7 @@ import { loadConfig } from '@/config.js';
|
|||
import { MiRepository, MiUser, UsersRepository, miRepository } from '@/models/_.js';
|
||||
import { secureRndstr } from '@/misc/secure-rndstr.js';
|
||||
import { jobQueue } from '@/boot/common.js';
|
||||
import { api, initTestDb, signup, sleep, successfulApiCall, uploadFile } from '../utils.js';
|
||||
import { api, castAsError, initTestDb, signup, sleep, successfulApiCall, uploadFile } from '../utils.js';
|
||||
import type * as misskey from 'misskey-js';
|
||||
|
||||
describe('Account Move', () => {
|
||||
|
|
@ -92,8 +92,8 @@ describe('Account Move', () => {
|
|||
}, bob);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(res.body.error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(castAsError(res.body).error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
});
|
||||
|
||||
test('Unable to add duplicated aliases to alsoKnownAs', async () => {
|
||||
|
|
@ -102,8 +102,8 @@ describe('Account Move', () => {
|
|||
}, bob);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'INVALID_PARAM');
|
||||
assert.strictEqual(res.body.error.id, '3d81ceae-475f-4600-b2a8-2bc116157532');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'INVALID_PARAM');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '3d81ceae-475f-4600-b2a8-2bc116157532');
|
||||
});
|
||||
|
||||
test('Unable to add itself', async () => {
|
||||
|
|
@ -112,8 +112,8 @@ describe('Account Move', () => {
|
|||
}, bob);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'FORBIDDEN_TO_SET_YOURSELF');
|
||||
assert.strictEqual(res.body.error.id, '25c90186-4ab0-49c8-9bba-a1fa6c202ba4');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'FORBIDDEN_TO_SET_YOURSELF');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '25c90186-4ab0-49c8-9bba-a1fa6c202ba4');
|
||||
});
|
||||
|
||||
test('Unable to add a nonexisting local account to alsoKnownAs', async () => {
|
||||
|
|
@ -122,16 +122,16 @@ describe('Account Move', () => {
|
|||
}, bob);
|
||||
|
||||
assert.strictEqual(res1.status, 400);
|
||||
assert.strictEqual(res1.body.error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(res1.body.error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
assert.strictEqual(castAsError(res1.body).error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(castAsError(res1.body).error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
|
||||
const res2 = await api('i/update', {
|
||||
alsoKnownAs: ['@alice', 'nonexist'],
|
||||
}, bob);
|
||||
|
||||
assert.strictEqual(res2.status, 400);
|
||||
assert.strictEqual(res2.body.error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(res2.body.error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
assert.strictEqual(castAsError(res2.body).error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(castAsError(res2.body).error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
});
|
||||
|
||||
test('Able to add two existing local account to alsoKnownAs', async () => {
|
||||
|
|
@ -240,8 +240,8 @@ describe('Account Move', () => {
|
|||
}, root);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'NOT_ROOT_FORBIDDEN');
|
||||
assert.strictEqual(res.body.error.id, '4362e8dc-731f-4ad8-a694-be2a88922a24');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'NOT_ROOT_FORBIDDEN');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '4362e8dc-731f-4ad8-a694-be2a88922a24');
|
||||
});
|
||||
|
||||
test('Unable to move to a nonexisting local account', async () => {
|
||||
|
|
@ -250,8 +250,8 @@ describe('Account Move', () => {
|
|||
}, alice);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(res.body.error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'NO_SUCH_USER');
|
||||
assert.strictEqual(castAsError(res.body).error.id, 'fcd2eef9-a9b2-4c4f-8624-038099e90aa5');
|
||||
});
|
||||
|
||||
test('Unable to move if alsoKnownAs is invalid', async () => {
|
||||
|
|
@ -260,8 +260,8 @@ describe('Account Move', () => {
|
|||
}, alice);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'DESTINATION_ACCOUNT_FORBIDS');
|
||||
assert.strictEqual(res.body.error.id, 'b5c90186-4ab0-49c8-9bba-a1f766282ba4');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'DESTINATION_ACCOUNT_FORBIDS');
|
||||
assert.strictEqual(castAsError(res.body).error.id, 'b5c90186-4ab0-49c8-9bba-a1f766282ba4');
|
||||
});
|
||||
|
||||
test('Relationships have been properly migrated', async () => {
|
||||
|
|
@ -307,6 +307,7 @@ describe('Account Move', () => {
|
|||
const rootLists = await api('users/lists/list', {}, root);
|
||||
assert.strictEqual(rootLists.status, 200);
|
||||
assert.ok(rootLists);
|
||||
assert.ok(rootLists.body[0].userIds);
|
||||
assert.strictEqual(rootLists.body[0].userIds.length, 2);
|
||||
assert.ok(rootLists.body[0].userIds.find((id: string) => id === bob.id));
|
||||
assert.ok(rootLists.body[0].userIds.find((id: string) => id === alice.id));
|
||||
|
|
@ -314,6 +315,7 @@ describe('Account Move', () => {
|
|||
const eveLists = await api('users/lists/list', {}, eve);
|
||||
assert.strictEqual(eveLists.status, 200);
|
||||
assert.ok(eveLists);
|
||||
assert.ok(eveLists.body[0].userIds);
|
||||
assert.strictEqual(eveLists.body[0].userIds.length, 1);
|
||||
assert.ok(eveLists.body[0].userIds.find((id: string) => id === bob.id));
|
||||
});
|
||||
|
|
@ -352,8 +354,8 @@ describe('Account Move', () => {
|
|||
}, bob);
|
||||
|
||||
assert.strictEqual(res.status, 400);
|
||||
assert.strictEqual(res.body.error.code, 'DESTINATION_ACCOUNT_FORBIDS');
|
||||
assert.strictEqual(res.body.error.id, 'b5c90186-4ab0-49c8-9bba-a1f766282ba4');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'DESTINATION_ACCOUNT_FORBIDS');
|
||||
assert.strictEqual(castAsError(res.body).error.id, 'b5c90186-4ab0-49c8-9bba-a1f766282ba4');
|
||||
});
|
||||
|
||||
test('Follow and follower counts are properly adjusted', async () => {
|
||||
|
|
@ -424,8 +426,9 @@ describe('Account Move', () => {
|
|||
] as const)('Prohibit access after moving: %s', async (endpoint) => {
|
||||
const res = await api(endpoint, {}, alice);
|
||||
assert.strictEqual(res.status, 403);
|
||||
assert.strictEqual(res.body.error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(res.body.error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
assert.ok(res.body);
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
});
|
||||
|
||||
test('Prohibit access after moving: /antennas/update', async () => {
|
||||
|
|
@ -443,17 +446,19 @@ describe('Account Move', () => {
|
|||
}, alice);
|
||||
|
||||
assert.strictEqual(res.status, 403);
|
||||
assert.strictEqual(res.body.error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(res.body.error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
assert.ok(res.body);
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
});
|
||||
|
||||
test('Prohibit access after moving: /drive/files/create', async () => {
|
||||
// FIXME: 一旦逃げておく
|
||||
const res = await uploadFile(alice) as any;
|
||||
const res = await uploadFile(alice);
|
||||
|
||||
assert.strictEqual(res.status, 403);
|
||||
assert.strictEqual((res.body! as any as { error: misskey.api.APIError }).error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual((res.body! as any as { error: misskey.api.APIError }).error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
assert.ok(res.body);
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
});
|
||||
|
||||
test('Prohibit updating alsoKnownAs after moving', async () => {
|
||||
|
|
@ -462,8 +467,8 @@ describe('Account Move', () => {
|
|||
}, alice);
|
||||
|
||||
assert.strictEqual(res.status, 403);
|
||||
assert.strictEqual(res.body.error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(res.body.error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
assert.strictEqual(castAsError(res.body).error.code, 'YOUR_ACCOUNT_MOVED');
|
||||
assert.strictEqual(castAsError(res.body).error.id, '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/val
|
|||
import { entities } from '../src/postgres.js';
|
||||
import { loadConfig } from '../src/config.js';
|
||||
import type * as misskey from 'misskey-js';
|
||||
import { ApiError } from "@/server/api/error.js";
|
||||
|
||||
export { server as startServer, jobQueue as startJobQueue } from '@/boot/common.js';
|
||||
|
||||
|
|
@ -644,3 +645,9 @@ export async function sendEnvResetRequest() {
|
|||
throw new Error('server env update failed.');
|
||||
}
|
||||
}
|
||||
|
||||
// 与えられた値を強制的にエラーとみなす。この関数は型安全性を破壊するため、異常系のアサーション以外で用いられるべきではない。
|
||||
// FIXME(misskey-js): misskey-jsがエラー情報を公開するようになったらこの関数を廃止する
|
||||
export function castAsError(obj: Record<string, unknown>): { error: ApiError } {
|
||||
return obj as { error: ApiError };
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue