Merge branch 'develop' into pr/12690

.vscode/settings.json

@@ -1,11 +1,15 @@
 {
-    "search.exclude": {
+	"search.exclude": {
-        "**/node_modules": true
+		"**/node_modules": true
-    },
+	},
-    "typescript.tsdk": "node_modules/typescript/lib",
+	"typescript.tsdk": "node_modules/typescript/lib",
-    "files.associations": {
+	"files.associations": {
-        "*.test.ts": "typescript"
+		"*.test.ts": "typescript"
-    },
+	},
-    "jest.jestCommandLine": "pnpm run jest",
+	"jest.jestCommandLine": "pnpm run jest",
-    "jest.autoRun": "off"
+	"jest.autoRun": "off",
+	"editor.codeActionsOnSave": {
+		"source.fixAll": "explicit"
+	},
+	"editor.formatOnSave": false
 }

CHANGELOG.md

@@ -33,6 +33,7 @@
 - Feat: TL上からノートが見えなくなるワードミュートであるハードミュートを追加
 - Enhance: アイコンデコレーションを複数設定できるように
 - Enhance: アイコンデコレーションの位置を微調整できるように
+- Enhance: つながりの公開範囲をフォロー/フォロワーで個別に設定可能に #12072
 - Fix: MFM `$[unixtime ]` に不正な値を入力した際に発生する各種エラーを修正
 
 ### Client
@@ -58,10 +59,12 @@
 - Enhance: ユーザー名、プロフィール、お知らせ、ページの編集画面でMFMや絵文字のオートコンプリートが使用できるように
 - Enhance: プロフィール、お知らせの編集画面でMFMのプレビューを表示できるように
 - Enhance: 絵文字の詳細ページに記載される情報を追加
+- Enhance: Unicode 15.0のサポート
 - Enhance: コードブロックのハイライト機能を利用するには言語を明示的に指定させるように
 	- MFMでコードブロックを利用する際に意図しないハイライトが起こらないようになりました
 	- 逆に、MFMでコードハイライトを利用したい際は言語を明示的に指定する必要があります  
 	（例: ` ```js ` → Javascript, ` ```ais ` → AiScript）
+-	Enhance: 絵文字などのオートコンプリートでShift+Tabを押すと前の候補を選択できるように
 - Fix: 「設定のバックアップ」で一部の項目がバックアップに含まれていなかった問題を修正
 - Fix: ウィジェットのジョブキューにて音声の発音方法変更に追従できていなかったのを修正 #12367
 - Fix: コードエディタが正しく表示されない問題を修正
@@ -74,6 +77,8 @@
 - Fix: ノート中の絵文字をタップして「リアクションする」からリアクションした際にリアクションサウンドが鳴らない不具合を修正
 - Fix: ノート中のリアクションの表示を微調整 #12650
 - Fix: AiScriptの`readline`が不正な値を返すことがある問題を修正
+- Fix: 投票のみ/画像のみの引用RNが、通知欄でただのRNとして判定されるバグを修正
+- Fix: CWをつけて引用RNしても、普通のRNとして扱われてしまうバグを修正しました。
 
 ### Server
 - Enhance: MFM `$[ruby ]` が他ソフトウェアと連合されるように
@@ -93,6 +98,7 @@
 - Fix: アカウントをブロックした際に、自身のユーザーのページでノートが相手に表示される問題を修正
 - Fix: モデレーションログがモデレーターは閲覧できないように修正
 - Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない
+- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正
 
 ## 2023.11.1
 

locales/index.d.ts

@@ -884,8 +884,8 @@ export interface Locale {
     "classic": string;
     "muteThread": string;
     "unmuteThread": string;
-    "ffVisibility": string;
+    "followingVisibility": string;
-    "ffVisibilityDescription": string;
+    "followersVisibility": string;
     "continueThread": string;
     "deleteAccountConfirm": string;
     "incorrectPassword": string;

locales/ja-JP.yml

@@ -881,8 +881,8 @@ makeReactionsPublicDescription: "あなたがしたリアクション一覧を
 classic: "クラシック"
 muteThread: "スレッドをミュート"
 unmuteThread: "スレッドのミュートを解除"
-ffVisibility: "つながりの公開範囲"
+followingVisibility: "フォローの公開範囲"
-ffVisibilityDescription: "自分のフォロー/フォロワー情報の公開範囲を設定できます。"
+followersVisibility: "フォロワーの公開範囲"
 continueThread: "さらにスレッドを見る"
 deleteAccountConfirm: "アカウントが削除されます。よろしいですか？"
 incorrectPassword: "パスワードが間違っています。"

packages/backend/migration/1702718871541-ffVisibility.js

@@ -0,0 +1,35 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and other misskey contributors
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+export class ffVisibility1702718871541 {
+	constructor() {
+			this.name = 'ffVisibility1702718871541';
+	}
+	async up(queryRunner) {
+		await queryRunner.query(`CREATE TYPE "public"."user_profile_followingvisibility_enum" AS ENUM('public', 'followers', 'private')`);
+		await queryRunner.query(`CREATE CAST ("public"."user_profile_ffvisibility_enum" AS "public"."user_profile_followingvisibility_enum") WITH INOUT AS ASSIGNMENT`);
+		await queryRunner.query(`CREATE TYPE "public"."user_profile_followersVisibility_enum" AS ENUM('public', 'followers', 'private')`);
+		await queryRunner.query(`CREATE CAST ("public"."user_profile_ffvisibility_enum" AS "public"."user_profile_followersVisibility_enum") WITH INOUT AS ASSIGNMENT`);
+		await queryRunner.query(`ALTER TABLE "user_profile" ADD "followingVisibility" "public"."user_profile_followingvisibility_enum" NOT NULL DEFAULT 'public'`);
+		await queryRunner.query(`ALTER TABLE "user_profile" ADD "followersVisibility" "public"."user_profile_followersVisibility_enum" NOT NULL DEFAULT 'public'`);
+		await queryRunner.query(`UPDATE "user_profile" SET "followingVisibility" = "ffVisibility"`);
+		await queryRunner.query(`UPDATE "user_profile" SET "followersVisibility" = "ffVisibility"`);
+		await queryRunner.query(`DROP CAST ("public"."user_profile_ffvisibility_enum" AS "public"."user_profile_followersVisibility_enum")`);
+		await queryRunner.query(`DROP CAST ("public"."user_profile_ffvisibility_enum" AS "public"."user_profile_followingvisibility_enum")`);
+		await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "ffVisibility"`);
+		await queryRunner.query(`DROP TYPE "public"."user_profile_ffvisibility_enum"`);
+	}
+	async down(queryRunner) {
+		await queryRunner.query(`CREATE TYPE "public"."user_profile_ffvisibility_enum" AS ENUM('public', 'followers', 'private')`);
+		await queryRunner.query(`ALTER TABLE "user_profile" ADD "ffVisibility" "public"."user_profile_ffvisibility_enum" NOT NULL DEFAULT 'public'`);
+		await queryRunner.query(`CREATE CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum") WITH INOUT AS ASSIGNMENT`);
+		await queryRunner.query(`UPDATE "user_profile" SET ffVisibility = "user_profile"."followingVisibility"`);
+		await queryRunner.query(`DROP CAST ("public"."user_profile_followingvisibility_enum" AS "public"."user_profile_ffvisibility_enum")`);
+		await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followersVisibility"`);
+		await queryRunner.query(`ALTER TABLE "user_profile" DROP COLUMN "followingVisibility"`);
+		await queryRunner.query(`DROP TYPE "public"."user_profile_followersVisibility_enum"`);
+		await queryRunner.query(`DROP TYPE "public"."user_profile_followingvisibility_enum"`);
+	}
+}

packages/backend/package.json

@@ -65,7 +65,7 @@
 		"@bull-board/api": "5.10.2",
 		"@bull-board/fastify": "5.10.2",
 		"@bull-board/ui": "5.10.2",
-		"@discordapp/twemoji": "14.1.2",
+		"@discordapp/twemoji": "15.0.2",
 		"@fastify/accepts": "4.3.0",
 		"@fastify/cookie": "9.2.0",
 		"@fastify/cors": "8.4.2",
@@ -83,6 +83,7 @@
 		"@smithy/node-http-handler": "2.1.10",
 		"@swc/cli": "0.1.63",
 		"@swc/core": "1.3.100",
+		"@twemoji/parser": "15.0.0",
 		"accepts": "1.3.8",
 		"ajv": "8.12.0",
 		"archiver": "6.0.1",
@@ -121,8 +122,8 @@
 		"jsonld": "8.3.2",
 		"jsrsasign": "10.9.0",
 		"meilisearch": "0.36.0",
-		"mfm-js": "0.23.3",
+		"mfm-js": "0.24.0",
-		"microformats-parser": "1.5.2",
+		"microformats-parser": "2.0.2",
 		"mime-types": "2.1.35",
 		"misskey-js": "workspace:*",
 		"ms": "3.0.0-canary.1",
@@ -166,7 +167,6 @@
 		"tmp": "0.2.1",
 		"tsc-alias": "1.8.8",
 		"tsconfig-paths": "4.2.0",
-		"twemoji-parser": "14.0.0",
 		"typeorm": "0.3.17",
 		"typescript": "5.3.3",
 		"ulid": "2.3.0",
@@ -195,7 +195,7 @@
 		"@types/jsrsasign": "10.5.12",
 		"@types/mime-types": "2.1.4",
 		"@types/ms": "0.7.34",
-		"@types/node": "20.10.4",
+		"@types/node": "20.10.5",
 		"@types/node-fetch": "3.0.3",
 		"@types/nodemailer": "6.4.14",
 		"@types/oauth": "0.9.4",

packages/backend/src/core/NoteCreateService.ts

@@ -293,7 +293,7 @@ export class NoteCreateService implements OnApplicationShutdown {
 		}
 
 		// Check blocking
-		if (data.renote && data.text == null && data.poll == null && (data.files == null || data.files.length === 0)) {
+		if (data.renote && this.isQuote(data)) {
 			if (data.renote.userHost === null) {
 				if (data.renote.userId !== user.id) {
 					const blocked = await this.userBlockingService.checkBlocked(data.renote.userId, user.id);
@@ -622,7 +622,7 @@ export class NoteCreateService implements OnApplicationShutdown {
 
 			// If it is renote
 			if (data.renote) {
-				const type = data.text ? 'quote' : 'renote';
+				const type = this.isQuote(data) ? 'quote' : 'renote';
 
 				// Notify
 				if (data.renote.userHost === null) {
@@ -729,6 +729,11 @@ export class NoteCreateService implements OnApplicationShutdown {
 		return false;
 	}
 
+	@bindThis
+	private isQuote(note: Option): boolean {
+		return !!note.text || !!note.cw || !!note.files || !!note.poll;
+	}
+
 	@bindThis
 	private incRenoteCount(renote: MiNote) {
 		this.notesRepository.createQueryBuilder().update()
@@ -794,7 +799,7 @@ export class NoteCreateService implements OnApplicationShutdown {
 	private async renderNoteOrRenoteActivity(data: Option, note: MiNote) {
 		if (data.localOnly) return null;
 
-		const content = data.renote && data.text == null && data.poll == null && (data.files == null || data.files.length === 0)
+		const content = data.renote && this.isQuote(data)
 			? this.apRendererService.renderAnnounce(data.renote.uri ? data.renote.uri : `${this.config.url}/notes/${data.renote.id}`, note)
 			: this.apRendererService.renderCreate(await this.apRendererService.renderNote(note, false), note);
 

packages/backend/src/core/entities/UserEntityService.ts

@@ -332,13 +332,13 @@ export class UserEntityService implements OnModuleInit {
 		const profile = opts.detail ? (opts.userProfile ?? await this.userProfilesRepository.findOneByOrFail({ userId: user.id })) : null;
 
 		const followingCount = profile == null ? null :
-			(profile.ffVisibility === 'public') || isMe ? user.followingCount :
+			(profile.followingVisibility === 'public') || isMe ? user.followingCount :
-			(profile.ffVisibility === 'followers') && (relation && relation.isFollowing) ? user.followingCount :
+			(profile.followingVisibility === 'followers') && (relation && relation.isFollowing) ? user.followingCount :
 			null;
 
 		const followersCount = profile == null ? null :
-			(profile.ffVisibility === 'public') || isMe ? user.followersCount :
+			(profile.followersVisibility === 'public') || isMe ? user.followersCount :
-			(profile.ffVisibility === 'followers') && (relation && relation.isFollowing) ? user.followersCount :
+			(profile.followersVisibility === 'followers') && (relation && relation.isFollowing) ? user.followersCount :
 			null;
 
 		const isModerator = isMe && opts.detail ? this.roleService.isModerator(user) : null;
@@ -417,7 +417,8 @@ export class UserEntityService implements OnModuleInit {
 				pinnedPageId: profile!.pinnedPageId,
 				pinnedPage: profile!.pinnedPageId ? this.pageEntityService.pack(profile!.pinnedPageId, me) : null,
 				publicReactions: profile!.publicReactions,
-				ffVisibility: profile!.ffVisibility,
+				followersVisibility: profile!.followersVisibility,
+				followingVisibility: profile!.followingVisibility,
 				twoFactorEnabled: profile!.twoFactorEnabled,
 				usePasswordLessLogin: profile!.usePasswordLessLogin,
 				securityKeys: profile!.twoFactorEnabled

packages/backend/src/models/UserProfile.ts

@@ -4,7 +4,7 @@
  */
 
 import { Entity, Column, Index, OneToOne, JoinColumn, PrimaryColumn } from 'typeorm';
-import { obsoleteNotificationTypes, ffVisibility, notificationTypes } from '@/types.js';
+import { obsoleteNotificationTypes, followingVisibilities, followersVisibilities, notificationTypes } from '@/types.js';
 import { id } from './util/id.js';
 import { MiUser } from './User.js';
 import { MiPage } from './Page.js';
@@ -94,10 +94,16 @@ export class MiUserProfile {
 	public publicReactions: boolean;
 
 	@Column('enum', {
-		enum: ffVisibility,
+		enum: followingVisibilities,
 		default: 'public',
 	})
-	public ffVisibility: typeof ffVisibility[number];
+	public followingVisibility: typeof followingVisibilities[number];
+
+	@Column('enum', {
+		enum: followersVisibilities,
+		default: 'public',
+	})
+	public followersVisibility: typeof followersVisibilities[number];
 
 	@Column('varchar', {
 		length: 128, nullable: true,

packages/backend/src/models/json-schema/user.ts

@@ -311,7 +311,12 @@ export const packedUserDetailedNotMeOnlySchema = {
 			type: 'boolean',
 			nullable: false, optional: false,
 		},
-		ffVisibility: {
+		followingVisibility: {
+			type: 'string',
+			nullable: false, optional: false,
+			enum: ['public', 'followers', 'private'],
+		},
+		followersVisibility: {
 			type: 'string',
 			nullable: false, optional: false,
 			enum: ['public', 'followers', 'private'],

packages/backend/src/server/ActivityPubServerService.ts

@@ -195,11 +195,11 @@ export class ActivityPubServerService {
 		//#region Check ff visibility
 		const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
 
-		if (profile.ffVisibility === 'private') {
+		if (profile.followersVisibility === 'private') {
 			reply.code(403);
 			reply.header('Cache-Control', 'public, max-age=30');
 			return;
-		} else if (profile.ffVisibility === 'followers') {
+		} else if (profile.followersVisibility === 'followers') {
 			reply.code(403);
 			reply.header('Cache-Control', 'public, max-age=30');
 			return;
@@ -287,11 +287,11 @@ export class ActivityPubServerService {
 		//#region Check ff visibility
 		const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
 
-		if (profile.ffVisibility === 'private') {
+		if (profile.followingVisibility === 'private') {
 			reply.code(403);
 			reply.header('Cache-Control', 'public, max-age=30');
 			return;
-		} else if (profile.ffVisibility === 'followers') {
+		} else if (profile.followingVisibility === 'followers') {
 			reply.code(403);
 			reply.header('Cache-Control', 'public, max-age=30');
 			return;

packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts

@@ -13,6 +13,8 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/accounts/create.ts

@@ -15,6 +15,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	res: {
 		type: 'object',
 		optional: false, nullable: false,

packages/backend/src/server/api/endpoints/admin/accounts/delete.ts

@@ -14,6 +14,8 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts

@@ -13,6 +13,8 @@ import { ApiError } from '@/server/api/error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/ad/create.ts

@@ -13,6 +13,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/ad/delete.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/ad/list.ts

@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/ad/update.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/announcements/create.ts

@@ -10,6 +10,8 @@ import { AnnouncementService } from '@/core/AnnouncementService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/announcements/delete.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/announcements/list.ts

@@ -14,6 +14,8 @@ import { IdService } from '@/core/IdService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/announcements/update.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts

@@ -10,6 +10,8 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
 } as const;

packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts

@@ -12,6 +12,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
 	errors: {

packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts

@@ -15,6 +15,8 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
 

packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts

@@ -12,6 +12,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
 

packages/backend/src/server/api/endpoints/admin/delete-account.ts

@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts

@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts

@@ -10,6 +10,8 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts

@@ -13,6 +13,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/drive/files.ts

@@ -13,6 +13,8 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/drive/show-file.ts

@@ -14,6 +14,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/add.ts

@@ -14,6 +14,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/emoji/copy.ts

@@ -16,6 +16,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/delete.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts

@@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
 import { QueueService } from '@/core/QueueService.js';
 
 export const meta = {
-	secure: true,
+	kind: 'write:admin',
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts

@@ -15,6 +15,8 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/emoji/list.ts

@@ -15,6 +15,8 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts

@@ -10,6 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;

packages/backend/src/server/api/endpoints/admin/emoji/update.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 

packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts

@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts

@@ -13,6 +13,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts

@@ -12,6 +12,8 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts

@@ -14,6 +14,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/get-index-stats.ts

@@ -12,6 +12,8 @@ export const meta = {
 	requireCredential: true,
 	requireAdmin: true,
 
+	kind: 'read:admin',
+
 	tags: ['admin'],
 } as const;
 

packages/backend/src/server/api/endpoints/admin/get-table-stats.ts

@@ -12,6 +12,8 @@ export const meta = {
 	requireCredential: true,
 	requireAdmin: true,
 
+	kind: 'read:admin',
+
 	tags: ['admin'],
 
 	res: {

packages/backend/src/server/api/endpoints/admin/get-user-ips.ts

@@ -12,6 +12,8 @@ import { IdService } from '@/core/IdService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/invite/create.ts

@@ -16,6 +16,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/invite/list.ts

@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/meta.ts

@@ -13,6 +13,8 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['meta'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/promo/create.ts

@@ -13,6 +13,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/queue/clear.ts

@@ -11,6 +11,8 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts

@@ -11,6 +11,8 @@ import type { DeliverQueue } from '@/core/QueueModule.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts

@@ -11,6 +11,8 @@ import type { InboxQueue } from '@/core/QueueModule.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/queue/promote.ts

@@ -11,6 +11,8 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/queue/stats.ts

@@ -10,6 +10,8 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/relays/add.ts

@@ -12,6 +12,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/relays/list.ts

@@ -10,6 +10,8 @@ import { RelayService } from '@/core/RelayService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/relays/remove.ts

@@ -10,6 +10,8 @@ import { RelayService } from '@/core/RelayService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/reset-password.ts

@@ -14,6 +14,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts

@@ -15,6 +15,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/roles/assign.ts

@@ -13,6 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/roles/create.ts

@@ -11,6 +11,8 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/roles/delete.ts

@@ -13,6 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/roles/list.ts

@@ -12,6 +12,8 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/roles/show.ts

@@ -13,6 +13,8 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'read:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/roles/unassign.ts

@@ -13,6 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 

packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts

@@ -11,6 +11,8 @@ import { MetaService } from '@/core/MetaService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/roles/update.ts

@@ -14,6 +14,8 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/roles/users.ts

@@ -16,6 +16,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin', 'role', 'users'],
 
+	kind: 'read:admin',
+
 	requireCredential: false,
 	requireAdmin: true,
 

packages/backend/src/server/api/endpoints/admin/send-email.ts

@@ -10,6 +10,8 @@ import { EmailService } from '@/core/EmailService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/server-info.ts

@@ -17,6 +17,8 @@ export const meta = {
 
 	tags: ['admin', 'meta'],
 
+	kind: 'read:admin',
+
 	res: {
 		type: 'object',
 		optional: false, nullable: false,

packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts

@@ -16,6 +16,8 @@ export const meta = {
 	requireCredential: true,
 	requireAdmin: true,
 
+	kind: 'read:admin',
+
 	res: {
 		type: 'array',
 		optional: false, nullable: false,

packages/backend/src/server/api/endpoints/admin/show-user.ts

@@ -17,6 +17,8 @@ export const meta = {
 	requireCredential: true,
 	requireModerator: true,
 
+	kind: 'read:admin',
+
 	res: {
 		type: 'object',
 		nullable: false, optional: false,

packages/backend/src/server/api/endpoints/admin/show-users.ts

@@ -17,6 +17,8 @@ export const meta = {
 	requireCredential: true,
 	requireModerator: true,
 
+	kind: 'read:admin',
+
 	res: {
 		type: 'array',
 		nullable: false, optional: false,

packages/backend/src/server/api/endpoints/admin/suspend-user.ts

@@ -19,6 +19,8 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts

@@ -12,6 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts

@@ -12,6 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts

@@ -13,6 +13,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/update-meta.ts

@@ -12,6 +12,8 @@ import { MetaService } from '@/core/MetaService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireAdmin: true,
 } as const;

packages/backend/src/server/api/endpoints/admin/update-user-note.ts

@@ -12,6 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,
 } as const;

packages/backend/src/server/api/endpoints/i/update.ts

@@ -176,7 +176,8 @@ export const paramDef = {
 		receiveAnnouncementEmail: { type: 'boolean' },
 		alwaysMarkNsfw: { type: 'boolean' },
 		autoSensitive: { type: 'boolean' },
-		ffVisibility: { type: 'string', enum: ['public', 'followers', 'private'] },
+		followingVisibility: { type: 'string', enum: ['public', 'followers', 'private'] },
+		followersVisibility: { type: 'string', enum: ['public', 'followers', 'private'] },
 		pinnedPageId: { type: 'string', format: 'misskey:id', nullable: true },
 		mutedWords: muteWords,
 		hardMutedWords: muteWords,
@@ -241,7 +242,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 			if (ps.lang !== undefined) profileUpdates.lang = ps.lang;
 			if (ps.location !== undefined) profileUpdates.location = ps.location;
 			if (ps.birthday !== undefined) profileUpdates.birthday = ps.birthday;
-			if (ps.ffVisibility !== undefined) profileUpdates.ffVisibility = ps.ffVisibility;
+			if (ps.followingVisibility !== undefined) profileUpdates.followingVisibility = ps.followingVisibility;
+			if (ps.followersVisibility !== undefined) profileUpdates.followersVisibility = ps.followersVisibility;
 
 			function checkMuteWordCount(mutedWords: (string[] | string)[], limit: number) {
 				// TODO: ちゃんと数える

packages/backend/src/server/api/endpoints/users/followers.ts

@@ -93,11 +93,11 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 
 			const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
 
-			if (profile.ffVisibility === 'private') {
+			if (profile.followersVisibility === 'private') {
 				if (me == null || (me.id !== user.id)) {
 					throw new ApiError(meta.errors.forbidden);
 				}
-			} else if (profile.ffVisibility === 'followers') {
+			} else if (profile.followersVisibility === 'followers') {
 				if (me == null) {
 					throw new ApiError(meta.errors.forbidden);
 				} else if (me.id !== user.id) {

packages/backend/src/server/api/endpoints/users/following.ts

@@ -101,11 +101,11 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 
 			const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
 
-			if (profile.ffVisibility === 'private') {
+			if (profile.followingVisibility === 'private') {
 				if (me == null || (me.id !== user.id)) {
 					throw new ApiError(meta.errors.forbidden);
 				}
-			} else if (profile.ffVisibility === 'followers') {
+			} else if (profile.followingVisibility === 'followers') {
 				if (me == null) {
 					throw new ApiError(meta.errors.forbidden);
 				} else if (me.id !== user.id) {

packages/backend/src/server/web/FeedService.ts

@@ -60,7 +60,7 @@ export class FeedService {
 			title: `${author.name} (@${user.username}@${this.config.host})`,
 			updated: notes.length !== 0 ? this.idService.parse(notes[0].id).date : undefined,
 			generator: 'Misskey',
-			description: `${user.notesCount} Notes, ${profile.ffVisibility === 'public' ? user.followingCount : '?'} Following, ${profile.ffVisibility === 'public' ? user.followersCount : '?'} Followers${profile.description ? ` · ${profile.description}` : ''}`,
+			description: `${user.notesCount} Notes, ${profile.followingVisibility === 'public' ? user.followingCount : '?'} Following, ${profile.followersVisibility === 'public' ? user.followersCount : '?'} Followers${profile.description ? ` · ${profile.description}` : ''}`,
 			link: author.link,
 			image: user.avatarUrl ?? this.userEntityService.getIdenticonUrl(user),
 			feedLinks: {

packages/backend/src/types.ts

@@ -25,7 +25,8 @@ export const noteVisibilities = ['public', 'home', 'followers', 'specified'] as
 
 export const mutedNoteReasons = ['word', 'manual', 'spam', 'other'] as const;
 
-export const ffVisibility = ['public', 'followers', 'private'] as const;
+export const followingVisibilities = ['public', 'followers', 'private'] as const;
+export const followersVisibilities = ['public', 'followers', 'private'] as const;
 
 export const moderationLogTypes = [
 	'updateServerSettings',

packages/backend/test/e2e/ff-visibility.ts

@@ -26,9 +26,10 @@ describe('FF visibility', () => {
 		await app.close();
 	});
 
-	test('ffVisibility が public なユーザーのフォロー/フォロワーを誰でも見れる', async () => {
+	test('followingVisibility, followersVisibility がともに public なユーザーのフォロー/フォロワーを誰でも見れる', async () => {
 		await api('/i/update', {
-			ffVisibility: 'public',
+			followingVisibility: 'public',
+			followersVisibility: 'public',
 		}, alice);
 
 		const followingRes = await api('/users/following', {
@@ -44,9 +45,88 @@ describe('FF visibility', () => {
 		assert.strictEqual(Array.isArray(followersRes.body), true);
 	});
 
-	test('ffVisibility が followers なユーザーのフォロー/フォロワーを自分で見れる', async () => {
+	test('followingVisibility が public であれば followersVisibility の設定に関わらずユーザーのフォローを誰でも見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+	});
+
+	test('followersVisibility が public であれば followingVisibility の設定に関わらずユーザーのフォロワーを誰でも見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+	});
+
+	test('followingVisibility, followersVisibility がともに followers なユーザーのフォロー/フォロワーを自分で見れる', async () => {
 		await api('/i/update', {
-			ffVisibility: 'followers',
+			followingVisibility: 'followers',
+			followersVisibility: 'followers',
 		}, alice);
 
 		const followingRes = await api('/users/following', {
@@ -62,9 +142,88 @@ describe('FF visibility', () => {
 		assert.strictEqual(Array.isArray(followersRes.body), true);
 	});
 
-	test('ffVisibility が followers なユーザーのフォロー/フォロワーを非フォロワーが見れない', async () => {
+	test('followingVisibility が followers なユーザーのフォローを followersVisibility の設定に関わらず自分で見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+	});
+
+	test('followersVisibility が followers なユーザーのフォロワーを followingVisibility の設定に関わらず自分で見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+	});
+
+	test('followingVisibility, followersVisibility がともに followers なユーザーのフォロー/フォロワーを非フォロワーが見れない', async () => {
 		await api('/i/update', {
-			ffVisibility: 'followers',
+			followingVisibility: 'followers',
+			followersVisibility: 'followers',
 		}, alice);
 
 		const followingRes = await api('/users/following', {
@@ -78,9 +237,82 @@ describe('FF visibility', () => {
 		assert.strictEqual(followersRes.status, 400);
 	});
 
-	test('ffVisibility が followers なユーザーのフォロー/フォロワーをフォロワーが見れる', async () => {
+	test('followingVisibility が followers なユーザーのフォローを followersVisibility の設定に関わらず非フォロワーが見れない', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+	});
+
+	test('followersVisibility が followers なユーザーのフォロワーを followingVisibility の設定に関わらず非フォロワーが見れない', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+	});
+
+	test('followingVisibility, followersVisibility がともに followers なユーザーのフォロー/フォロワーをフォロワーが見れる', async () => {
 		await api('/i/update', {
-			ffVisibility: 'followers',
+			followingVisibility: 'followers',
+			followersVisibility: 'followers',
 		}, alice);
 
 		await api('/following/create', {
@@ -100,9 +332,106 @@ describe('FF visibility', () => {
 		assert.strictEqual(Array.isArray(followersRes.body), true);
 	});
 
-	test('ffVisibility が private なユーザーのフォロー/フォロワーを自分で見れる', async () => {
+	test('followingVisibility が followers なユーザーのフォローを followersVisibility の設定に関わらずフォロワーが見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'public',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'private',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+	});
+
+	test('followersVisibility が followers なユーザーのフォロワーを followingVisibility の設定に関わらずフォロワーが見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'followers',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'followers',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'followers',
+			}, alice);
+			await api('/following/create', {
+				userId: alice.id,
+			}, bob);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+	});
+
+	test('followingVisibility, followersVisibility がともに private なユーザーのフォロー/フォロワーを自分で見れる', async () => {
 		await api('/i/update', {
-			ffVisibility: 'private',
+			followingVisibility: 'private',
+			followersVisibility: 'private',
 		}, alice);
 
 		const followingRes = await api('/users/following', {
@@ -118,9 +447,88 @@ describe('FF visibility', () => {
 		assert.strictEqual(Array.isArray(followersRes.body), true);
 	});
 
-	test('ffVisibility が private なユーザーのフォロー/フォロワーを他人が見れない', async () => {
+	test('followingVisibility が private なユーザーのフォローを followersVisibility の設定に関わらず自分で見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followingRes.status, 200);
+			assert.strictEqual(Array.isArray(followingRes.body), true);
+		}
+	});
+
+	test('followersVisibility が private なユーザーのフォロワーを followingVisibility の設定に関わらず自分で見れる', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, alice);
+			assert.strictEqual(followersRes.status, 200);
+			assert.strictEqual(Array.isArray(followersRes.body), true);
+		}
+	});
+
+	test('followingVisibility, followersVisibility がともに private なユーザーのフォロー/フォロワーを他人が見れない', async () => {
 		await api('/i/update', {
-			ffVisibility: 'private',
+			followingVisibility: 'private',
+			followersVisibility: 'private',
 		}, alice);
 
 		const followingRes = await api('/users/following', {
@@ -134,36 +542,129 @@ describe('FF visibility', () => {
 		assert.strictEqual(followersRes.status, 400);
 	});
 
+	test('followingVisibility が private なユーザーのフォローを followersVisibility の設定に関わらず他人が見れない', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'public',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'followers',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followingRes = await api('/users/following', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followingRes.status, 400);
+		}
+	});
+
+	test('followersVisibility が private なユーザーのフォロワーを followingVisibility の設定に関わらず他人が見れない', async () => {
+		{
+			await api('/i/update', {
+				followingVisibility: 'public',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'followers',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+		{
+			await api('/i/update', {
+				followingVisibility: 'private',
+				followersVisibility: 'private',
+			}, alice);
+
+			const followersRes = await api('/users/followers', {
+				userId: alice.id,
+			}, bob);
+			assert.strictEqual(followersRes.status, 400);
+		}
+	});
+
 	describe('AP', () => {
-		test('ffVisibility が public 以外ならばAPからは取得できない', async () => {
+		test('followingVisibility が public 以外ならばAPからはフォローを取得できない', async () => {
 			{
 				await api('/i/update', {
-					ffVisibility: 'public',
+					followingVisibility: 'public',
 				}, alice);
 
 				const followingRes = await simpleGet(`/users/${alice.id}/following`, 'application/activity+json');
-				const followersRes = await simpleGet(`/users/${alice.id}/followers`, 'application/activity+json');
 				assert.strictEqual(followingRes.status, 200);
+			}
+			{
+				await api('/i/update', {
+					followingVisibility: 'followers',
+				}, alice);
+
+				const followingRes = await simpleGet(`/users/${alice.id}/following`, 'application/activity+json');
+				assert.strictEqual(followingRes.status, 403);
+			}
+			{
+				await api('/i/update', {
+					followingVisibility: 'private',
+				}, alice);
+
+				const followingRes = await simpleGet(`/users/${alice.id}/following`, 'application/activity+json');
+				assert.strictEqual(followingRes.status, 403);
+			}
+		});
+
+		test('followersVisibility が public 以外ならばAPからはフォロワーを取得できない', async () => {
+			{
+				await api('/i/update', {
+					followersVisibility: 'public',
+				}, alice);
+
+				const followersRes = await simpleGet(`/users/${alice.id}/followers`, 'application/activity+json');
 				assert.strictEqual(followersRes.status, 200);
 			}
 			{
 				await api('/i/update', {
-					ffVisibility: 'followers',
+					followersVisibility: 'followers',
 				}, alice);
 
-				const followingRes = await simpleGet(`/users/${alice.id}/following`, 'application/activity+json');
 				const followersRes = await simpleGet(`/users/${alice.id}/followers`, 'application/activity+json');
-				assert.strictEqual(followingRes.status, 403);
 				assert.strictEqual(followersRes.status, 403);
 			}
 			{
 				await api('/i/update', {
-					ffVisibility: 'private',
+					followersVisibility: 'private',
 				}, alice);
 
-				const followingRes = await simpleGet(`/users/${alice.id}/following`, 'application/activity+json');
 				const followersRes = await simpleGet(`/users/${alice.id}/followers`, 'application/activity+json');
-				assert.strictEqual(followingRes.status, 403);
 				assert.strictEqual(followersRes.status, 403);
 			}
 		});

packages/backend/test/e2e/users.ts

@@ -112,7 +112,8 @@ describe('ユーザー', () => {
 			pinnedPageId: user.pinnedPageId,
 			pinnedPage: user.pinnedPage,
 			publicReactions: user.publicReactions,
-			ffVisibility: user.ffVisibility,
+			followingVisibility: user.followingVisibility,
+			followersVisibility: user.followersVisibility,
 			twoFactorEnabled: user.twoFactorEnabled,
 			usePasswordLessLogin: user.usePasswordLessLogin,
 			securityKeys: user.securityKeys,
@@ -386,7 +387,8 @@ describe('ユーザー', () => {
 		assert.strictEqual(response.pinnedPageId, null);
 		assert.strictEqual(response.pinnedPage, null);
 		assert.strictEqual(response.publicReactions, true);
-		assert.strictEqual(response.ffVisibility, 'public');
+		assert.strictEqual(response.followingVisibility, 'public');
+		assert.strictEqual(response.followersVisibility, 'public');
 		assert.strictEqual(response.twoFactorEnabled, false);
 		assert.strictEqual(response.usePasswordLessLogin, false);
 		assert.strictEqual(response.securityKeys, false);
@@ -495,9 +497,12 @@ describe('ユーザー', () => {
 		{ parameters: (): object => ({ alwaysMarkNsfw: false }) },
 		{ parameters: (): object => ({ autoSensitive: true }) },
 		{ parameters: (): object => ({ autoSensitive: false }) },
-		{ parameters: (): object => ({ ffVisibility: 'private' }) },
+		{ parameters: (): object => ({ followingVisibility: 'private' }) },
-		{ parameters: (): object => ({ ffVisibility: 'followers' }) },
+		{ parameters: (): object => ({ followingVisibility: 'followers' }) },
-		{ parameters: (): object => ({ ffVisibility: 'public' }) },
+		{ parameters: (): object => ({ followingVisibility: 'public' }) },
+		{ parameters: (): object => ({ followersVisibility: 'private' }) },
+		{ parameters: (): object => ({ followersVisibility: 'followers' }) },
+		{ parameters: (): object => ({ followersVisibility: 'public' }) },
 		{ parameters: (): object => ({ mutedWords: Array(19).fill(['xxxxx']) }) },
 		{ parameters: (): object => ({ mutedWords: [['x'.repeat(194)]] }) },
 		{ parameters: (): object => ({ mutedWords: [] }) },

packages/frontend/.storybook/fakes.ts

@@ -82,7 +82,8 @@ export function userDetailed(id = 'someuserid', username = 'miskist', host = 'mi
 		birthday: '2014-06-20',
 		createdAt: '2016-12-28T22:49:51.000Z',
 		description: 'I am a cool user!',
-		ffVisibility: 'public',
+		followingVisibility: 'public',
+		followersVisibility: 'public',
 		roles: [],
 		fields: [
 			{

packages/frontend/.storybook/mocks.ts

@@ -25,7 +25,7 @@ export const commonHandlers = [
 	}),
 	rest.get('/twemoji/:codepoints.svg', async (req, res, ctx) => {
 		const { codepoints } = req.params;
-		const value = await fetch(`https://unpkg.com/@discordapp/twemoji@14.1.2/dist/svg/${codepoints}.svg`).then((response) => response.blob());
+		const value = await fetch(`https://unpkg.com/@discordapp/twemoji@15.0.2/dist/svg/${codepoints}.svg`).then((response) => response.blob());
 		return res(ctx.set('Content-Type', 'image/svg+xml'), ctx.body(value));
 	}),
 ];

packages/frontend/package.json

@@ -17,18 +17,19 @@
 		"lint": "pnpm typecheck && pnpm eslint"
 	},
 	"dependencies": {
-		"@discordapp/twemoji": "14.1.2",
+		"@discordapp/twemoji": "15.0.2",
 		"@github/webauthn-json": "2.1.1",
 		"@rollup/plugin-json": "6.1.0",
 		"@rollup/plugin-replace": "5.0.5",
 		"@rollup/pluginutils": "5.1.0",
 		"@syuilo/aiscript": "0.16.0",
 		"@tabler/icons-webfont": "2.44.0",
+		"@twemoji/parser": "15.0.0",
 		"@vitejs/plugin-vue": "4.5.2",
-		"@vue/compiler-sfc": "3.3.11",
+		"@vue/compiler-sfc": "3.3.12",
 		"aiscript-vscode": "github:aiscript-dev/aiscript-vscode#v0.0.6",
 		"astring": "1.8.6",
-		"broadcast-channel": "6.0.0",
+		"broadcast-channel": "7.0.0",
 		"browser-image-resizer": "github:misskey-dev/browser-image-resizer#v2.2.1-misskey.3",
 		"buraha": "0.0.1",
 		"canvas-confetti": "1.6.1",
@@ -50,11 +51,11 @@
 		"is-file-animated": "1.0.2",
 		"json5": "2.2.3",
 		"matter-js": "0.19.0",
-		"mfm-js": "0.23.3",
+		"mfm-js": "0.24.0",
 		"misskey-js": "workspace:*",
 		"photoswipe": "5.4.3",
 		"punycode": "2.3.1",
-		"rollup": "4.9.0",
+		"rollup": "4.9.1",
 		"sanitize-html": "2.11.0",
 		"sass": "1.69.5",
 		"shiki": "0.14.7",
@@ -65,12 +66,11 @@
 		"tinycolor2": "1.6.0",
 		"tsc-alias": "1.8.8",
 		"tsconfig-paths": "4.2.0",
-		"twemoji-parser": "14.0.0",
 		"typescript": "5.3.3",
 		"uuid": "9.0.1",
 		"v-code-diff": "1.7.2",
 		"vite": "5.0.10",
-		"vue": "3.3.11",
+		"vue": "3.3.12",
 		"vuedraggable": "next"
 	},
 	"devDependencies": {
@@ -97,7 +97,7 @@
 		"@types/estree": "1.0.5",
 		"@types/matter-js": "0.19.5",
 		"@types/micromatch": "4.0.6",
-		"@types/node": "20.10.4",
+		"@types/node": "20.10.5",
 		"@types/punycode": "2.1.3",
 		"@types/sanitize-html": "2.9.5",
 		"@types/throttle-debounce": "5.0.2",
@@ -107,7 +107,7 @@
 		"@typescript-eslint/eslint-plugin": "6.14.0",
 		"@typescript-eslint/parser": "6.14.0",
 		"@vitest/coverage-v8": "0.34.6",
-		"@vue/runtime-core": "3.3.11",
+		"@vue/runtime-core": "3.3.12",
 		"acorn": "8.11.2",
 		"cross-env": "7.0.3",
 		"cypress": "13.6.1",

packages/frontend/src/components/MkAutocomplete.vue

@@ -359,12 +359,25 @@ function onKeydown(event: KeyboardEvent) {
 			}
 			break;
 
-		case 'Tab':
 		case 'ArrowDown':
 			cancel();
 			selectNext();
 			break;
 
+		case 'Tab':
+			if (event.shiftKey) {
+				if (select.value !== -1) {
+					cancel();
+					selectPrev();
+				} else {
+					props.close();
+				}
+			} else {
+				cancel();
+				selectNext();
+			}
+			break;
+
 		default:
 			event.stopPropagation();
 			props.textarea.focus();

packages/frontend/src/components/MkCwButton.vue

@@ -17,6 +17,7 @@ import MkButton from '@/components/MkButton.vue';
 const props = defineProps<{
 	modelValue: boolean;
 	text: string | null;
+	renote: Misskey.entities.Note | null;
 	files: Misskey.entities.DriveFile[];
 	poll?: {
 		expiresAt: string | null;
@@ -41,6 +42,7 @@ const emit = defineEmits<{
 const label = computed(() => {
 	return concat([
 		props.text ? [i18n.t('_cw.chars', { count: props.text.length })] : [],
+		props.renote != null ? [i18n.ts.quote] : [],
 		props.files.length !== 0 ? [i18n.t('_cw.files', { count: props.files.length })] : [],
 		props.poll != null ? [i18n.ts.poll] : [],
 	] as string[][]).join(' / ');