From 7bfada9792bc4d29d47d3895643543cbe15191cd Mon Sep 17 00:00:00 2001
From: syuilo <4439005+syuilo@users.noreply.github.com>
Date: Sun, 16 Mar 2025 13:03:02 +0900
Subject: [PATCH] enhance: remove bull-board support

---
 .github/dependabot.yml                        |  3 -
 CHANGELOG.md                                  |  3 +-
 packages/backend/package.json                 |  3 -
 .../src/server/api/ApiServerService.ts        |  3 -
 .../src/server/web/ClientServerService.ts     | 62 ----------------
 packages/backend/test/e2e/fetch-resource.ts   | 32 ++-------
 packages/backend/test/utils.ts                |  6 +-
 packages/frontend/src/pages/admin/queue.vue   | 13 +---
 pnpm-lock.yaml                                | 72 -------------------
 9 files changed, 13 insertions(+), 184 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b1c256225d..b93080278d 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -24,9 +24,6 @@ updates:
     aws-sdk:
       patterns:
         - "@aws-sdk/*"
-    bull-board:
-      patterns:
-        - "@bull-board/*"
     nestjs:
       patterns:
         - "@nestjs/*"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 812e0b5d34..b6fcbba1b5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,8 @@
 ## 2025.3.2
 
 ### General
--
+- セキュリティを強化するため、ジョブキューのダッシュボード(bull-board)統合が削除されました。
+  - Misskeyネイティブでダッシュボードを実装予定です
 
 ### Client
 - Feat: 設定の管理が強化されました
diff --git a/packages/backend/package.json b/packages/backend/package.json
index cee5c7205b..502323bf61 100644
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@@ -69,9 +69,6 @@
 	"dependencies": {
 		"@aws-sdk/client-s3": "3.749.0",
 		"@aws-sdk/lib-storage": "3.749.0",
-		"@bull-board/api": "6.7.7",
-		"@bull-board/fastify": "6.7.7",
-		"@bull-board/ui": "6.7.7",
 		"@discordapp/twemoji": "15.1.0",
 		"@fastify/accepts": "5.0.2",
 		"@fastify/cookie": "11.0.2",
diff --git a/packages/backend/src/server/api/ApiServerService.ts b/packages/backend/src/server/api/ApiServerService.ts
index 3a8cb19f01..32818003ad 100644
--- a/packages/backend/src/server/api/ApiServerService.ts
+++ b/packages/backend/src/server/api/ApiServerService.ts
@@ -6,7 +6,6 @@
 import { Inject, Injectable } from '@nestjs/common';
 import cors from '@fastify/cors';
 import multipart from '@fastify/multipart';
-import fastifyCookie from '@fastify/cookie';
 import { ModuleRef } from '@nestjs/core';
 import { AuthenticationResponseJSON } from '@simplewebauthn/types';
 import type { Config } from '@/config.js';
@@ -57,8 +56,6 @@ export class ApiServerService {
 			},
 		});
 
-		fastify.register(fastifyCookie, {});
-
 		// Prevent cache
 		fastify.addHook('onRequest', (request, reply, done) => {
 			reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts
index f8b3843cac..927970e2e2 100644
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@@ -7,16 +7,12 @@ import { randomUUID } from 'node:crypto';
 import { dirname } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { Inject, Injectable } from '@nestjs/common';
-import { createBullBoard } from '@bull-board/api';
-import { BullMQAdapter } from '@bull-board/api/bullMQAdapter.js';
-import { FastifyAdapter as BullBoardFastifyAdapter } from '@bull-board/fastify';
 import ms from 'ms';
 import sharp from 'sharp';
 import pug from 'pug';
 import { In, IsNull } from 'typeorm';
 import fastifyStatic from '@fastify/static';
 import fastifyView from '@fastify/view';
-import fastifyCookie from '@fastify/cookie';
 import fastifyProxy from '@fastify/http-proxy';
 import vary from 'vary';
 import htmlSafeJsonStringify from 'htmlescape';
@@ -221,64 +217,6 @@ export class ClientServerService {
 
 	@bindThis
 	public createServer(fastify: FastifyInstance, options: FastifyPluginOptions, done: (err?: Error) => void) {
-		fastify.register(fastifyCookie, {});
-
-		//#region Bull Dashboard
-		const bullBoardPath = '/queue';
-
-		// Authenticate
-		fastify.addHook('onRequest', async (request, reply) => {
-			if (request.routeOptions.url == null) {
-				reply.code(404).send('Not found');
-				return;
-			}
-
-			// %71ueueとかでリクエストされたら困るため
-			const url = decodeURI(request.routeOptions.url);
-			if (url === bullBoardPath || url.startsWith(bullBoardPath + '/')) {
-				if (!url.startsWith(bullBoardPath + '/static/')) {
-					reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
-				}
-
-				const token = request.cookies.token;
-				if (token == null) {
-					reply.code(401).send('Login required');
-					return;
-				}
-				const user = await this.usersRepository.findOneBy({ token });
-				if (user == null) {
-					reply.code(403).send('No such user');
-					return;
-				}
-				const isAdministrator = await this.roleService.isAdministrator(user);
-				if (!isAdministrator) {
-					reply.code(403).send('Access denied');
-					return;
-				}
-			}
-		});
-
-		const bullBoardServerAdapter = new BullBoardFastifyAdapter();
-
-		createBullBoard({
-			queues: [
-				this.systemQueue,
-				this.endedPollNotificationQueue,
-				this.deliverQueue,
-				this.inboxQueue,
-				this.dbQueue,
-				this.relationshipQueue,
-				this.objectStorageQueue,
-				this.userWebhookDeliverQueue,
-				this.systemWebhookDeliverQueue,
-			].map(q => new BullMQAdapter(q)),
-			serverAdapter: bullBoardServerAdapter,
-		});
-
-		bullBoardServerAdapter.setBasePath(bullBoardPath);
-		(fastify.register as any)(bullBoardServerAdapter.registerPlugin(), { prefix: bullBoardPath });
-		//#endregion
-
 		fastify.register(fastifyView, {
 			root: _dirname + '/views',
 			engine: {
diff --git a/packages/backend/test/e2e/fetch-resource.ts b/packages/backend/test/e2e/fetch-resource.ts
index b85cebf724..740295bda8 100644
--- a/packages/backend/test/e2e/fetch-resource.ts
+++ b/packages/backend/test/e2e/fetch-resource.ts
@@ -6,7 +6,7 @@
 process.env.NODE_ENV = 'test';
 
 import * as assert from 'assert';
-import { channel, clip, cookie, galleryPost, page, play, post, signup, simpleGet, uploadFile } from '../utils.js';
+import { channel, clip, galleryPost, page, play, post, signup, simpleGet, uploadFile } from '../utils.js';
 import type { SimpleGetResponse } from '../utils.js';
 import type * as misskey from 'misskey-js';
 
@@ -156,20 +156,20 @@ describe('Webリソース', () => {
 
 		describe(' has entry such ', () => {
 			beforeEach(() => {
-				post(alice, { text: "**a**" })
+				post(alice, { text: '**a**' });
 			});
 
 			test('MFMを含まない。', async () => {
-				const content = await simpleGet(path(alice.username), "*/*", undefined, res => res.text());
+				const content = await simpleGet(path(alice.username), '*/*', undefined, res => res.text());
 				const _body: unknown = content.body;
 				// JSONフィードのときは改めて文字列化する
-				const body: string = typeof (_body) === "object" ? JSON.stringify(_body) : _body as string;
+				const body: string = typeof (_body) === 'object' ? JSON.stringify(_body) : _body as string;
 
-				if (body.includes("**a**")) {
-					throw new Error("MFM shouldn't be included");
+				if (body.includes('**a**')) {
+					throw new Error('MFM shouldn\'t be included');
 				}
 			});
-		})
+		});
 	});
 
 	describe.each([{ path: '/api/foo' }])('$path', ({ path }) => {
@@ -180,24 +180,6 @@ describe('Webリソース', () => {
 		}));
 	});
 
-	describe.each([{ path: '/queue' }])('$path', ({ path }) => {
-		test('はログインしないとGETできない。', async () => await notOk({
-			path,
-			status: 401,
-		}));
-
-		test('はadminでなければGETできない。', async () => await notOk({
-			path,
-			cookie: cookie(bob),
-			status: 403,
-		}));
-
-		test('はadminならGETできる。', async () => await ok({
-			path,
-			cookie: cookie(alice),
-		}));
-	});
-
 	describe.each([{ path: '/streaming' }])('$path', ({ path }) => {
 		test('はGETできない。', async () => await notOk({
 			path,
diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts
index 26de19eaf1..7eecf8bb0d 100644
--- a/packages/backend/test/utils.ts
+++ b/packages/backend/test/utils.ts
@@ -35,7 +35,7 @@ export type SystemWebhookPayload = {
 	createdAt: string;
 	type: string;
 	body: any;
-}
+};
 
 const config = loadConfig();
 export const port = config.port;
@@ -45,10 +45,6 @@ export const host = new URL(config.url).host;
 export const WEBHOOK_HOST = 'http://localhost:15080';
 export const WEBHOOK_PORT = 15080;
 
-export const cookie = (me: UserToken): string => {
-	return `token=${me.token};`;
-};
-
 export type ApiRequest<E extends keyof misskey.Endpoints, P extends misskey.Endpoints[E]['req'] = misskey.Endpoints[E]['req']> = {
 	endpoint: E,
 	parameters: P,
diff --git a/packages/frontend/src/pages/admin/queue.vue b/packages/frontend/src/pages/admin/queue.vue
index 65d728e776..b5aee1e51e 100644
--- a/packages/frontend/src/pages/admin/queue.vue
+++ b/packages/frontend/src/pages/admin/queue.vue
@@ -17,11 +17,11 @@ SPDX-License-Identifier: AGPL-3.0-only
 
 <script lang="ts" setup>
 import { ref, computed } from 'vue';
-import type { Ref } from 'vue';
+import * as config from '@@/js/config.js';
 import XQueue from './queue.chart.vue';
 import XHeader from './_header_.vue';
+import type { Ref } from 'vue';
 import * as os from '@/os.js';
-import * as config from '@@/js/config.js';
 import { i18n } from '@/i18n.js';
 import { definePage } from '@/page.js';
 import MkButton from '@/components/MkButton.vue';
@@ -54,14 +54,7 @@ function promoteAllQueues() {
 	});
 }
 
-const headerActions = computed(() => [{
-	asFullButton: true,
-	icon: 'ti ti-external-link',
-	text: i18n.ts.dashboard,
-	handler: () => {
-		window.open(config.url + '/queue', '_blank', 'noopener');
-	},
-}]);
+const headerActions = computed(() => []);
 
 const headerTabs = computed(() => [{
 	key: 'deliver',
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 681cf6fb18..40596d43ed 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -98,15 +98,6 @@ importers:
       '@aws-sdk/lib-storage':
         specifier: 3.749.0
         version: 3.749.0(@aws-sdk/client-s3@3.749.0)
-      '@bull-board/api':
-        specifier: 6.7.7
-        version: 6.7.7(@bull-board/ui@6.7.7)
-      '@bull-board/fastify':
-        specifier: 6.7.7
-        version: 6.7.7
-      '@bull-board/ui':
-        specifier: 6.7.7
-        version: 6.7.7
       '@discordapp/twemoji':
         specifier: 15.1.0
         version: 15.1.0
@@ -1868,17 +1859,6 @@ packages:
     resolution: {integrity: sha512-6zABk/ECA/QYSCQ1NGiVwwbQerUCZ+TQbp64Q3AgmfNvurHH0j8TtXa1qbShXA6qqkpAj4V5W8pP6mLe1mcMqA==}
     engines: {node: '>=18'}
 
-  '@bull-board/api@6.7.7':
-    resolution: {integrity: sha512-jSBe+aeNs41T/BUJNutKSM17hJigDLoOaAzUZyFwT63/Yt00hiqQo90THXmDi3vGdXtTruGlkrC9OhVxBKo1eQ==}
-    peerDependencies:
-      '@bull-board/ui': 6.7.7
-
-  '@bull-board/fastify@6.7.7':
-    resolution: {integrity: sha512-EVxpRW0ag/tVPqfHm6s/3P6X5DnzKTr0J5lI1EgOvpe+OXavaPWkU0iLPepyyC6ls+k0djdkd1ix1PP/caqufw==}
-
-  '@bull-board/ui@6.7.7':
-    resolution: {integrity: sha512-QU3OkaJVIUt1SpRRV/XxPSTD9tmJcwBWi1oa4ND+qGWQigQ2H1PYfpQCNFOlyW8qCkBwkSDn8pLwlyGbppWqJg==}
-
   '@bundled-es-modules/cookie@2.0.1':
     resolution: {integrity: sha512-8o+5fRPLNbjbdGRRmJj3h6Hh1AQJf2dk3qQ/5ZFb+PXkRNiSoMGGUKlsgLfrxneb72axVJyIYji64E2+nNfYyw==}
 
@@ -5911,11 +5891,6 @@ packages:
   ee-first@1.1.1:
     resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==}
 
-  ejs@3.1.10:
-    resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==}
-    engines: {node: '>=0.10.0'}
-    hasBin: true
-
   electron-to-chromium@1.5.83:
     resolution: {integrity: sha512-LcUDPqSt+V0QmI47XLzZrz5OqILSMGsPFkDYus22rIbgorSvBYEFqq854ltTmUdHkY92FSdAAvsh4jWEULMdfQ==}
 
@@ -6366,9 +6341,6 @@ packages:
     resolution: {integrity: sha512-VZR5I7k5wkD0HgFnMsq5hOsSc710MJMu5Nc5QYsbe38NN5iPV/XTObYLc/cpttRTf6lX538+5uO1ZQRhYibiZQ==}
     engines: {node: '>=18'}
 
-  filelist@1.0.4:
-    resolution: {integrity: sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==}
-
   filename-reserved-regex@3.0.0:
     resolution: {integrity: sha512-hn4cQfU6GOT/7cFHXBqeBg2TbrMBgdD0kcjLhvSQYYwm3s4B6cjvBfb7nBALJLAXqmU5xajSa7X2NnUud/VCdw==}
     engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0}
@@ -7238,11 +7210,6 @@ packages:
     resolution: {integrity: sha512-cub8rahkh0Q/bw1+GxP7aeSe29hHHn2V4m29nnDlvCdlgU+3UGxkZp7Z53jLUdpX3jdTO0nJZUDl3xvbWc2Xog==}
     engines: {node: 20 || >=22}
 
-  jake@10.8.5:
-    resolution: {integrity: sha512-sVpxYeuAhWt0OTWITwT98oyV0GsXyMlXCF+3L1SuafBVUIr/uILGRB+NqwkzhgXKvoJpDIpQvqkUALgdmQsQxw==}
-    engines: {node: '>=10'}
-    hasBin: true
-
   jest-changed-files@29.7.0:
     resolution: {integrity: sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==}
     engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0}
@@ -9151,9 +9118,6 @@ packages:
     resolution: {integrity: sha512-1qny3OExCf0UvUV/5wpYKf2YwPcOqXzkwKKSmKHiE6ZMQs5heeE/c8eXK+PNllPvmjgAbfnsbpkGZWy8cBpn9w==}
     engines: {node: '>=4'}
 
-  redis-info@3.1.0:
-    resolution: {integrity: sha512-ER4L9Sh/vm63DkIE0bkSjxluQlioBiBgf5w1UuldaW/3vPcecdljVDisZhmnCMvsxHNiARTTDDHGg9cGwTfrKg==}
-
   redis-lock@0.1.4:
     resolution: {integrity: sha512-7/+zu86XVQfJVx1nHTzux5reglDiyUCDwmW7TSlvVezfhH2YLc/Rc8NE0ejQG+8/0lwKzm29/u/4+ogKeLosiA==}
     engines: {node: '>=0.6'}
@@ -11618,23 +11582,6 @@ snapshots:
 
   '@bcoe/v8-coverage@1.0.2': {}
 
-  '@bull-board/api@6.7.7(@bull-board/ui@6.7.7)':
-    dependencies:
-      '@bull-board/ui': 6.7.7
-      redis-info: 3.1.0
-
-  '@bull-board/fastify@6.7.7':
-    dependencies:
-      '@bull-board/api': 6.7.7(@bull-board/ui@6.7.7)
-      '@bull-board/ui': 6.7.7
-      '@fastify/static': 8.1.0
-      '@fastify/view': 10.0.2
-      ejs: 3.1.10
-
-  '@bull-board/ui@6.7.7':
-    dependencies:
-      '@bull-board/api': 6.7.7(@bull-board/ui@6.7.7)
-
   '@bundled-es-modules/cookie@2.0.1':
     dependencies:
       cookie: 0.7.2
@@ -16450,10 +16397,6 @@ snapshots:
 
   ee-first@1.1.1: {}
 
-  ejs@3.1.10:
-    dependencies:
-      jake: 10.8.5
-
   electron-to-chromium@1.5.83: {}
 
   emittery@0.13.1: {}
@@ -17214,10 +17157,6 @@ snapshots:
       token-types: 6.0.0
       uint8array-extras: 1.4.0
 
-  filelist@1.0.4:
-    dependencies:
-      minimatch: 5.1.2
-
   filename-reserved-regex@3.0.0: {}
 
   filenamify@6.0.0:
@@ -18134,13 +18073,6 @@ snapshots:
     optionalDependencies:
       '@pkgjs/parseargs': 0.11.0
 
-  jake@10.8.5:
-    dependencies:
-      async: 3.2.4
-      chalk: 4.1.2
-      filelist: 1.0.4
-      minimatch: 3.1.2
-
   jest-changed-files@29.7.0:
     dependencies:
       execa: 5.1.1
@@ -20546,10 +20478,6 @@ snapshots:
 
   redis-errors@1.2.0: {}
 
-  redis-info@3.1.0:
-    dependencies:
-      lodash: 4.17.21
-
   redis-lock@0.1.4: {}
 
   redis-parser@3.0.0: