From 16f16e6b0879199a78f0f9ef2da7e1e44ee8d355 Mon Sep 17 00:00:00 2001 From: zyoshoka <107108195+zyoshoka@users.noreply.github.com> Date: Thu, 29 Feb 2024 20:42:02 +0900 Subject: [PATCH 1/3] =?UTF-8?q?fix(backend):=20=E3=83=80=E3=82=A4=E3=83=AC?= =?UTF-8?q?=E3=82=AF=E3=83=88=E3=81=AA=E3=83=8E=E3=83=BC=E3=83=88=E3=81=AB?= =?UTF-8?q?=E5=AF=BE=E3=81=97=E3=81=A6=E3=81=AF=E3=83=80=E3=82=A4=E3=83=AC?= =?UTF-8?q?=E3=82=AF=E3=83=88=E3=81=A7=E3=81=97=E3=81=8B=E8=BF=94=E4=BF=A1?= =?UTF-8?q?=E3=81=A7=E3=81=8D=E3=81=AA=E3=81=84=E3=82=88=E3=81=86=E3=81=AB?= =?UTF-8?q?=20(#13477)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(backend): ダイレクトなノートに対してはダイレクトでしか返信できないように * Update CHANGELOG.md * test(backend): `notes/create`とWebSocket関連のテストを追加 --- CHANGELOG.md | 1 + .../src/server/api/endpoints/notes/create.ts | 8 ++ packages/backend/test/e2e/note.ts | 81 +++++++++++++++++++ packages/backend/test/e2e/streaming.ts | 40 +++++++++ .../frontend/src/components/MkPostForm.vue | 3 +- .../src/components/MkVisibilityPicker.vue | 7 +- 6 files changed, 136 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ae611875dc..995b37f24a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ - Enhance: コンディショナルロールの条件に「マニュアルロールへのアサイン」を追加 - Enhance: 通知の受信設定に「フォロー中またはフォロワー」を追加 - Enhance: 通知の履歴をリセットできるように +- Fix: ダイレクトなノートに対してはダイレクトでしか返信できないように ### Client - Enhance: ノート作成画面のファイル添付メニューの区切り線の位置を調整 diff --git a/packages/backend/src/server/api/endpoints/notes/create.ts b/packages/backend/src/server/api/endpoints/notes/create.ts index 2fa0bd099f..27463577fe 100644 --- a/packages/backend/src/server/api/endpoints/notes/create.ts +++ b/packages/backend/src/server/api/endpoints/notes/create.ts @@ -85,6 +85,12 @@ export const meta = { id: '3ac74a84-8fd5-4bb0-870f-01804f82ce15', }, + cannotReplyToSpecifiedVisibilityNoteWithExtendedVisibility: { + message: 'You cannot reply to a specified visibility note with extended visibility.', + code: 'CANNOT_REPLY_TO_SPECIFIED_VISIBILITY_NOTE_WITH_EXTENDED_VISIBILITY', + id: 'ed940410-535c-4d5e-bfa3-af798671e93c', + }, + cannotCreateAlreadyExpiredPoll: { message: 'Poll is already expired.', code: 'CANNOT_CREATE_ALREADY_EXPIRED_POLL', @@ -313,6 +319,8 @@ export default class extends Endpoint { // eslint- throw new ApiError(meta.errors.cannotReplyToPureRenote); } else if (!await this.noteEntityService.isVisibleForMe(reply, me.id)) { throw new ApiError(meta.errors.cannotReplyToInvisibleNote); + } else if (reply.visibility === 'specified' && ps.visibility !== 'specified') { + throw new ApiError(meta.errors.cannotReplyToSpecifiedVisibilityNoteWithExtendedVisibility); } // Check blocking diff --git a/packages/backend/test/e2e/note.ts b/packages/backend/test/e2e/note.ts index a5742d6e77..23de94889d 100644 --- a/packages/backend/test/e2e/note.ts +++ b/packages/backend/test/e2e/note.ts @@ -176,6 +176,87 @@ describe('Note', () => { assert.strictEqual(deleteRes.status, 204); }); + test('visibility: followersなノートに対してフォロワーはリプライできる', async () => { + await api('/following/create', { + userId: alice.id, + }, bob); + + const aliceNote = await api('/notes/create', { + text: 'direct note to bob', + visibility: 'followers', + }, alice); + + assert.strictEqual(aliceNote.status, 200); + + const replyId = aliceNote.body.createdNote.id; + const bobReply = await api('/notes/create', { + text: 'reply to alice note', + replyId, + }, bob); + + assert.strictEqual(bobReply.status, 200); + assert.strictEqual(bobReply.body.createdNote.replyId, replyId); + + await api('/following/delete', { + userId: alice.id, + }, bob); + }); + + test('visibility: followersなノートに対してフォロワーでないユーザーがリプライしようとすると怒られる', async () => { + const aliceNote = await api('/notes/create', { + text: 'direct note to bob', + visibility: 'followers', + }, alice); + + assert.strictEqual(aliceNote.status, 200); + + const bobReply = await api('/notes/create', { + text: 'reply to alice note', + replyId: aliceNote.body.createdNote.id, + }, bob); + + assert.strictEqual(bobReply.status, 400); + assert.strictEqual(bobReply.body.error.code, 'CANNOT_REPLY_TO_AN_INVISIBLE_NOTE'); + }); + + test('visibility: specifiedなノートに対してvisibility: specifiedで返信できる', async () => { + const aliceNote = await api('/notes/create', { + text: 'direct note to bob', + visibility: 'specified', + visibleUserIds: [bob.id], + }, alice); + + assert.strictEqual(aliceNote.status, 200); + + const bobReply = await api('/notes/create', { + text: 'reply to alice note', + replyId: aliceNote.body.createdNote.id, + visibility: 'specified', + visibleUserIds: [alice.id], + }, bob); + + assert.strictEqual(bobReply.status, 200); + }); + + test('visibility: specifiedなノートに対してvisibility: follwersで返信しようとすると怒られる', async () => { + const aliceNote = await api('/notes/create', { + text: 'direct note to bob', + visibility: 'specified', + visibleUserIds: [bob.id], + }, alice); + + assert.strictEqual(aliceNote.status, 200); + + const bobReply = await api('/notes/create', { + text: 'reply to alice note with visibility: followers', + replyId: aliceNote.body.createdNote.id, + visibility: 'followers', + }, bob); + + assert.strictEqual(bobReply.status, 400); + assert.strictEqual(bobReply.body.error.code, 'CANNOT_REPLY_TO_SPECIFIED_VISIBILITY_NOTE_WITH_EXTENDED_VISIBILITY'); + }); + test('文字数ぎりぎりで怒られない', async () => { const post = { text: '!'.repeat(MAX_NOTE_TEXT_LENGTH), // 3000文字 diff --git a/packages/backend/test/e2e/streaming.ts b/packages/backend/test/e2e/streaming.ts index 13d5a683ba..57ce73ba60 100644 --- a/packages/backend/test/e2e/streaming.ts +++ b/packages/backend/test/e2e/streaming.ts @@ -227,6 +227,46 @@ describe('Streaming', () => { assert.strictEqual(fired, false); }); + /** + * TODO: 落ちる + * @see https://github.com/misskey-dev/misskey/issues/13474 + test('visibility: specified なノートで visibleUserIds に自分が含まれているときそのノートへのリプライが流れてくる', async () => { + const chitoseToKyokoAndAyano = await post(chitose, { text: 'direct note from chitose to kyoko and ayano', visibility: 'specified', visibleUserIds: [kyoko.id, ayano.id] }); + + const fired = await waitFire( + ayano, 'homeTimeline', // ayano:home + () => api('notes/create', { text: 'direct reply from kyoko to chitose and ayano', replyId: chitoseToKyokoAndAyano.id, visibility: 'specified', visibleUserIds: [chitose.id, ayano.id] }, kyoko), + msg => msg.type === 'note' && msg.body.userId === kyoko.id, + ); + + assert.strictEqual(fired, true); + }); + */ + + test('visibility: specified な投稿に対するリプライで visibleUserIds が拡張されたとき、その拡張されたユーザーの HTL にはそのリプライが流れない', async () => { + const chitoseToKyoko = await post(chitose, { text: 'direct note from chitose to kyoko', visibility: 'specified', visibleUserIds: [kyoko.id] }); + + const fired = await waitFire( + ayano, 'homeTimeline', // ayano:home + () => api('notes/create', { text: 'direct reply from kyoko to chitose and ayano', replyId: chitoseToKyoko.id, visibility: 'specified', visibleUserIds: [chitose.id, ayano.id] }, kyoko), + msg => msg.type === 'note' && msg.body.userId === kyoko.id, + ); + + assert.strictEqual(fired, false); + }); + + test('visibility: specified な投稿に対するリプライで visibleUserIds が収縮されたとき、その収縮されたユーザーの HTL にはそのリプライが流れない', async () => { + const chitoseToKyokoAndAyano = await post(chitose, { text: 'direct note from chitose to kyoko and ayano', visibility: 'specified', visibleUserIds: [kyoko.id, ayano.id] }); + + const fired = await waitFire( + ayano, 'homeTimeline', // ayano:home + () => api('notes/create', { text: 'direct reply from kyoko to chitose', replyId: chitoseToKyokoAndAyano.id, visibility: 'specified', visibleUserIds: [chitose.id] }, kyoko), + msg => msg.type === 'note' && msg.body.userId === kyoko.id, + ); + + assert.strictEqual(fired, false); + }); + test('withRenotes: false のときリノートが流れない', async () => { const fired = await waitFire( ayano, 'homeTimeline', // ayano:home diff --git a/packages/frontend/src/components/MkPostForm.vue b/packages/frontend/src/components/MkPostForm.vue index 819f0f692c..e03faeaf55 100644 --- a/packages/frontend/src/components/MkPostForm.vue +++ b/packages/frontend/src/components/MkPostForm.vue @@ -172,7 +172,7 @@ const emit = defineEmits<{ const textareaEl = shallowRef(null); const cwInputEl = shallowRef(null); const hashtagsInputEl = shallowRef(null); -const visibilityButton = shallowRef(null); +const visibilityButton = shallowRef(); const posting = ref(false); const posted = ref(false); @@ -461,6 +461,7 @@ function setVisibility() { isSilenced: $i.isSilenced, localOnly: localOnly.value, src: visibilityButton.value, + ...(props.reply ? { isReplyVisibilitySpecified: props.reply.visibility === 'specified' } : {}), }, { changeVisibility: v => { visibility.value = v; diff --git a/packages/frontend/src/components/MkVisibilityPicker.vue b/packages/frontend/src/components/MkVisibilityPicker.vue index 3439a751a0..5ecd41bfdf 100644 --- a/packages/frontend/src/components/MkVisibilityPicker.vue +++ b/packages/frontend/src/components/MkVisibilityPicker.vue @@ -9,21 +9,21 @@ SPDX-License-Identifier: AGPL-3.0-only
{{ i18n.ts.visibility }}
- - -