worldcone/cherrypick
2
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge remote-branch 'misskey/develop'

Browse source
This commit is contained in:
NoriDev 2023-06-26 16:52:07 +09:00
parent 8f549acb61 58a898dfe0
commit b6979b0437
74 changed files with 1616 additions and 2163 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
package.json
View file

@ -56,11 +56,11 @@
"devDependencies": {
"@types/gulp": "4.0.10",
"@types/gulp-rename": "2.0.1",
"@typescript-eslint/eslint-plugin": "5.59.8",
"@typescript-eslint/parser": "5.59.8",
"@typescript-eslint/eslint-plugin": "5.60.0",
"@typescript-eslint/parser": "5.60.0",
"cross-env": "7.0.3",
"cypress": "12.13.0",
"eslint": "8.41.0",
"cypress": "12.15.0",
"eslint": "8.43.0",
"start-server-and-test": "2.0.0"
},
"optionalDependencies": {

2
packages/backend/.swcrc
View file

@ -17,7 +17,7 @@
"paths": {
"@/*": ["*"]
},
"target": "es2021"
"target": "es2022"
},
"minify": false
}

67
packages/backend/package.json
View file

@ -54,26 +54,26 @@
"@aws-sdk/client-s3": "3.321.1",
"@aws-sdk/lib-storage": "3.321.1",
"@aws-sdk/node-http-handler": "3.321.1",
"@bull-board/api": "5.2.0",
"@bull-board/fastify": "5.2.0",
"@bull-board/ui": "5.2.0",
"@bull-board/api": "5.5.3",
"@bull-board/fastify": "5.5.3",
"@bull-board/ui": "5.5.3",
"@discordapp/twemoji": "14.1.2",
"@fastify/accepts": "4.1.0",
"@fastify/accepts": "4.2.0",
"@fastify/cookie": "8.3.0",
"@fastify/cors": "8.3.0",
"@fastify/http-proxy": "9.1.0",
"@fastify/multipart": "7.6.0",
"@fastify/http-proxy": "9.2.1",
"@fastify/multipart": "7.7.0",
"@fastify/static": "6.10.2",
"@fastify/view": "7.4.1",
"@google-cloud/logging": "^10.5.0",
"@google-cloud/translate": "^7.2.1",
"@nestjs/common": "9.4.2",
"@nestjs/core": "9.4.2",
"@nestjs/testing": "9.4.2",
"@nestjs/common": "10.0.3",
"@nestjs/core": "10.0.3",
"@nestjs/testing": "10.0.3",
"@peertube/http-signature": "1.7.0",
"@sinonjs/fake-timers": "10.2.0",
"@sinonjs/fake-timers": "10.3.0",
"@swc/cli": "0.1.62",
"@swc/core": "1.3.61",
"@swc/core": "1.3.66",
"@vitalets/google-translate-api": "9.2.0",
"accepts": "1.3.8",
"ajv": "8.12.0",
@ -81,8 +81,8 @@
"autwh": "0.1.0",
"bcryptjs": "2.4.3",
"blurhash": "2.0.5",
"bullmq": "3.15.0",
"cacheable-lookup": "6.1.0",
"bullmq": "4.1.0",
"cacheable-lookup": "7.0.0",
"cbor": "9.0.0",
"chalk": "5.2.0",
"chalk-template": "0.4.0",
@ -95,23 +95,24 @@
"date-fns": "2.30.0",
"deep-email-validator": "0.1.21",
"escape-regexp": "0.0.1",
"fastify": "4.17.0",
"fastify": "4.18.0",
"feed": "4.2.2",
"file-type": "18.4.0",
"file-type": "18.5.0",
"fluent-ffmpeg": "2.1.2",
"form-data": "4.0.0",
"got": "12.6.0",
"got": "13.0.0",
"happy-dom": "9.20.3",
"hpagent": "1.2.0",
"ioredis": "5.3.2",
"ip-cidr": "3.1.0",
"ipaddr.js": "2.1.0",
"is-svg": "4.3.2",
"js-yaml": "4.1.0",
"jsdom": "22.1.0",
"json5": "2.2.3",
"jsonld": "8.2.0",
"jsrsasign": "10.8.6",
"meilisearch": "0.32.5",
"meilisearch": "0.33.0",
"mime-types": "2.1.35",
"ms": "3.0.0-canary.1",
"nested-property": "4.0.0",
@ -123,7 +124,6 @@
"otpauth": "9.1.2",
"parse5": "7.1.2",
"pg": "8.11.0",
"private-ip": "3.0.0",
"probe-image-size": "7.2.3",
"promise-limit": "2.7.0",
"pug": "3.0.2",
@ -132,17 +132,15 @@
"qrcode": "1.5.3",
"random-seed": "0.3.0",
"ratelimiter": "3.4.1",
"re2": "1.19.0",
"re2": "1.19.1",
"redis-lock": "0.1.4",
"reflect-metadata": "0.1.13",
"rename": "1.0.4",
"rndstr": "1.0.0",
"rss-parser": "3.13.0",
"rxjs": "7.8.1",
"s-age": "1.1.2",
"sanitize-html": "2.10.0",
"seedrandom": "3.0.5",
"semver": "7.5.1",
"sanitize-html": "2.11.0",
"semver": "7.5.3",
"sharp": "0.32.1",
"sharp-read-bmp": "github:misskey-dev/sharp-read-bmp",
"slacc": "0.0.9",
@ -150,19 +148,19 @@
"stringz": "2.1.0",
"strip-ansi": "^7.1.0",
"summaly": "github:misskey-dev/summaly",
"systeminformation": "5.17.16",
"systeminformation": "5.18.4",
"tinycolor2": "1.6.0",
"tmp": "0.2.1",
"tsc-alias": "1.8.6",
"tsconfig-paths": "4.2.0",
"twemoji-parser": "14.0.0",
"typeorm": "0.3.16",
"typeorm": "0.3.17",
"typescript": "5.1.3",
"ulid": "2.3.0",
"unzipper": "0.10.14",
"uuid": "9.0.0",
"vary": "1.1.2",
"web-push": "3.6.1",
"web-push": "3.6.3",
"ws": "8.13.0",
"xev": "3.0.2"
},
@ -180,14 +178,15 @@
"@types/jest": "29.5.2",
"@types/js-yaml": "4.0.5",
"@types/jsdom": "21.1.1",
"@types/jsonld": "1.5.8",
"@types/jsonld": "1.5.9",
"@types/jsrsasign": "10.5.8",
"@types/mime-types": "2.1.1",
"@types/node": "20.2.5",
"@types/ms": "^0.7.31",
"@types/node": "20.3.1",
"@types/node-fetch": "3.0.3",
"@types/nodemailer": "6.4.8",
"@types/oauth": "0.9.1",
"@types/pg": "8.10.1",
"@types/pg": "8.10.2",
"@types/pug": "2.0.6",
"@types/punycode": "2.1.0",
"@types/qrcode": "1.5.0",
@ -202,16 +201,16 @@
"@types/tinycolor2": "1.4.3",
"@types/tmp": "0.2.3",
"@types/unzipper": "0.10.6",
"@types/uuid": "9.0.1",
"@types/uuid": "9.0.2",
"@types/vary": "1.1.0",
"@types/web-push": "3.3.2",
"@types/websocket": "1.0.5",
"@types/ws": "8.5.4",
"@typescript-eslint/eslint-plugin": "5.59.8",
"@typescript-eslint/parser": "5.59.8",
"@types/ws": "8.5.5",
"@typescript-eslint/eslint-plugin": "5.60.0",
"@typescript-eslint/parser": "5.60.0",
"aws-sdk-client-mock": "2.1.1",
"cross-env": "7.0.3",
"eslint": "8.41.0",
"eslint": "8.43.0",
"eslint-plugin-import": "2.27.5",
"execa": "6.1.0",
"jest": "29.5.0",

18
packages/backend/src/core/DownloadService.ts
View file

@ -2,8 +2,7 @@ import * as fs from 'node:fs';
import * as stream from 'node:stream';
import * as util from 'node:util';
import { Inject, Injectable } from '@nestjs/common';
import IPCIDR from 'ip-cidr';
import PrivateIp from 'private-ip';
import ipaddr from 'ipaddr.js';
import chalk from 'chalk';
import got, * as Got from 'got';
import { parse } from 'content-disposition';
@ -123,15 +122,15 @@ export class DownloadService {
public async downloadTextFile(url: string): Promise<string> {
// Create temp file
const [path, cleanup] = await createTemp();
this.logger.info(`text file: Temp file is ${path}`);
try {
// write content at URL to temp file
await this.downloadUrl(url, path);
const text = await util.promisify(fs.readFile)(path, 'utf8');
return text;
} finally {
cleanup();
@ -140,13 +139,14 @@ export class DownloadService {
@bindThis
private isPrivateIp(ip: string): boolean {
const parsedIp = ipaddr.parse(ip);
for (const net of this.config.allowedPrivateNetworks ?? []) {
const cidr = new IPCIDR(net);
if (cidr.contains(ip)) {
if (parsedIp.match(ipaddr.parseCIDR(net))) {
return false;
}
}
return PrivateIp(ip) ?? false;
return parsedIp.range() !== 'unicast';
}
}

2
packages/backend/src/core/GlobalEventService.ts
View file

@ -24,7 +24,7 @@ import type { Packed } from '@/misc/json-schema.js';
import { DI } from '@/di-symbols.js';
import type { Config } from '@/config.js';
import { bindThis } from '@/decorators.js';
import { Role } from '@/models';
import { Role } from '@/models/index.js';
@Injectable()
export class GlobalEventService {

2
packages/backend/src/core/LoggerService.ts
View file

@ -3,7 +3,7 @@ import { DI } from '@/di-symbols.js';
import type { Config } from '@/config.js';
import Logger from '@/logger.js';
import { bindThis } from '@/decorators.js';
import type { KEYWORD } from 'color-convert/conversions';
import type { KEYWORD } from 'color-convert/conversions.js';
@Injectable()
export class LoggerService {

2
packages/backend/src/core/PushNotificationService.ts
View file

@ -3,7 +3,7 @@ import push from 'web-push';
import * as Redis from 'ioredis';
import { DI } from '@/di-symbols.js';
import type { Config } from '@/config.js';
import type { Packed } from '@/misc/json-schema';
import type { Packed } from '@/misc/json-schema.js';
import { getNoteSummary } from '@/misc/get-note-summary.js';
import type { SwSubscription, SwSubscriptionsRepository } from '@/models/index.js';
import { MetaService } from '@/core/MetaService.js';

2
packages/backend/src/core/RoleService.ts
View file

@ -13,7 +13,7 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
import { StreamMessages } from '@/server/api/stream/types.js';
import { IdService } from '@/core/IdService.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import type { Packed } from '@/misc/json-schema';
import type { Packed } from '@/misc/json-schema.js';
import type { OnApplicationShutdown } from '@nestjs/common';
export type RolePolicies = {

3
packages/backend/src/core/entities/UserEntityService.ts
View file

@ -1,7 +1,7 @@
import { Inject, Injectable } from '@nestjs/common';
import { In, Not } from 'typeorm';
import * as Redis from 'ioredis';
import Ajv from 'ajv';
import _Ajv from 'ajv';
import { ModuleRef } from '@nestjs/core';
import { DI } from '@/di-symbols.js';
import type { Config } from '@/config.js';
@ -31,6 +31,7 @@ type IsMeAndIsUserDetailed<ExpectsMe extends boolean | null, Detailed extends bo
Packed<'UserDetailed'> :
Packed<'UserLite'>;
const Ajv = _Ajv.default;
const ajv = new Ajv();
function isLocalUser(user: User): user is LocalUser;

2
packages/backend/src/logger.ts
View file

@ -7,7 +7,7 @@ import { Logging } from '@google-cloud/logging';
import stripAnsi from 'strip-ansi';
import { bindThis } from '@/decorators.js';
import { envOption } from './env.js';
import type { KEYWORD } from 'color-convert/conversions';
import type { KEYWORD } from 'color-convert/conversions.js';
type Context = {
name: string;

2
packages/backend/src/misc/generate-native-user-token.ts
View file

@ -1,3 +1,3 @@
import { secureRndstr } from '@/misc/secure-rndstr.js';
export default () => secureRndstr(16, true);
export default () => secureRndstr(16);

2
packages/backend/src/misc/get-ip-hash.ts
View file

@ -1,6 +1,6 @@
import IPCIDR from 'ip-cidr';
export function getIpHash(ip: string) {
export function getIpHash(ip: string): string {
try {
// because a single person may control many IPv6 addresses,
// only a /64 subnet prefix of any IP will be taken into account.

5
packages/backend/src/misc/secure-rndstr.ts
View file

@ -1,10 +1,9 @@
import * as crypto from 'node:crypto';
const L_CHARS = '0123456789abcdefghijklmnopqrstuvwxyz';
export const L_CHARS = '0123456789abcdefghijklmnopqrstuvwxyz';
const LU_CHARS = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
export function secureRndstr(length = 32, useLU = true): string {
const chars = useLU ? LU_CHARS : L_CHARS;
export function secureRndstr(length = 32, { chars = LU_CHARS } = {}): string {
const chars_len = chars.length;
let str = '';

4
packages/backend/src/queue/processors/ImportAntennasProcessorService.ts
View file

@ -1,5 +1,5 @@
import { Injectable, Inject } from '@nestjs/common';
import Ajv from 'ajv';
import _Ajv from 'ajv';
import { IdService } from '@/core/IdService.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import Logger from '@/logger.js';
@ -10,6 +10,8 @@ import { QueueLoggerService } from '../QueueLoggerService.js';
import { DBAntennaImportJobData } from '../types.js';
import type * as Bull from 'bullmq';
const Ajv = _Ajv.default;
const validate = new Ajv().compile({
type: 'object',
properties: {

8
packages/backend/src/server/api/ApiCallService.ts
View file

@ -84,7 +84,7 @@ export class ApiCallService implements OnApplicationShutdown {
}
}).catch(err => {
if (err instanceof AuthenticationError) {
this.send(reply, 403, new ApiError({
this.send(reply, 401, new ApiError({
message: 'Authentication failed. Please ensure your token is correct.',
code: 'AUTHENTICATION_FAILED',
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
@ -138,7 +138,7 @@ export class ApiCallService implements OnApplicationShutdown {
}
}).catch(err => {
if (err instanceof AuthenticationError) {
this.send(reply, 403, new ApiError({
this.send(reply, 401, new ApiError({
message: 'Authentication failed. Please ensure your token is correct.',
code: 'AUTHENTICATION_FAILED',
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
@ -280,6 +280,7 @@ export class ApiCallService implements OnApplicationShutdown {
throw new ApiError({
message: 'You are not assigned to a moderator role.',
code: 'ROLE_PERMISSION_DENIED',
kind: 'permission',
id: 'd33d5333-db36-423d-a8f9-1a2b9549da41',
});
}
@ -287,6 +288,7 @@ export class ApiCallService implements OnApplicationShutdown {
throw new ApiError({
message: 'You are not assigned to an administrator role.',
code: 'ROLE_PERMISSION_DENIED',
kind: 'permission',
id: 'c3d38592-54c0-429d-be96-5636b0431a61',
});
}
@ -298,6 +300,7 @@ export class ApiCallService implements OnApplicationShutdown {
throw new ApiError({
message: 'You are not assigned to a required role.',
code: 'ROLE_PERMISSION_DENIED',
kind: 'permission',
id: '7f86f06f-7e15-4057-8561-f4b6d4ac755a',
});
}
@ -307,6 +310,7 @@ export class ApiCallService implements OnApplicationShutdown {
throw new ApiError({
message: 'Your app does not have the necessary permissions to use this endpoint.',
code: 'PERMISSION_DENIED',
kind: 'permission',
id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',
});
}

28
packages/backend/src/server/api/SignupApiService.ts
View file

@ -1,5 +1,4 @@
import { Inject, Injectable } from '@nestjs/common';
import rndstr from 'rndstr';
import bcrypt from 'bcryptjs';
import { IsNull } from 'typeorm';
import { DI } from '@/di-symbols.js';
@ -16,6 +15,7 @@ import { FastifyReplyError } from '@/misc/fastify-reply-error.js';
import { bindThis } from '@/decorators.js';
import { SigninService } from './SigninService.js';
import type { FastifyRequest, FastifyReply } from 'fastify';
import { L_CHARS, secureRndstr } from '@/misc/secure-rndstr.js';
@Injectable()
export class SignupApiService {
@ -67,7 +67,7 @@ export class SignupApiService {
const body = request.body;
const instance = await this.metaService.fetch(true);
// Verify *Captcha
// ただしテスト時はこの機構は障害となるため無効にする
if (process.env.NODE_ENV !== 'test') {
@ -76,7 +76,7 @@ export class SignupApiService {
throw new FastifyReplyError(400, err);
});
}
if (instance.enableRecaptcha && instance.recaptchaSecretKey) {
await this.captchaService.verifyRecaptcha(instance.recaptchaSecretKey, body['g-recaptcha-response']).catch(err => {
throw new FastifyReplyError(400, err);
@ -89,44 +89,44 @@ export class SignupApiService {
});
}
}
const username = body['username'];
const password = body['password'];
const host: string | null = process.env.NODE_ENV === 'test' ? (body['host'] ?? null) : null;
const invitationCode = body['invitationCode'];
const emailAddress = body['emailAddress'];
if (instance.emailRequiredForSignup) {
if (emailAddress == null || typeof emailAddress !== 'string') {
reply.code(400);
return;
}
const res = await this.emailService.validateEmailForAccount(emailAddress);
if (!res.available) {
reply.code(400);
return;
}
}
if (instance.disableRegistration) {
if (invitationCode == null || typeof invitationCode !== 'string') {
reply.code(400);
return;
}
const ticket = await this.registrationTicketsRepository.findOneBy({
code: invitationCode,
});
if (ticket == null) {
reply.code(400);
return;
}
this.registrationTicketsRepository.delete(ticket.id);
}
if (instance.emailRequiredForSignup) {
if (await this.usersRepository.findOneBy({ usernameLower: username.toLowerCase(), host: IsNull() })) {
throw new FastifyReplyError(400, 'DUPLICATED_USERNAME');
@ -142,7 +142,7 @@ export class SignupApiService {
throw new FastifyReplyError(400, 'DENIED_USERNAME');
}
const code = rndstr('a-z0-9', 16);
const code = secureRndstr(16, { chars: L_CHARS });
// Generate hash of password
const salt = await bcrypt.genSalt(8);
@ -170,12 +170,12 @@ export class SignupApiService {
const { account, secret } = await this.signupService.signup({
username, password, host,
});
const res = await this.userEntityService.pack(account, account, {
detail: true,
includeSecrets: true,
});
return {
...res,
token: secret,

2
packages/backend/src/server/api/StreamingApiServerService.ts
View file

@ -10,7 +10,7 @@ import { GlobalEventService } from '@/core/GlobalEventService.js';
import { NotificationService } from '@/core/NotificationService.js';
import { bindThis } from '@/decorators.js';
import { CacheService } from '@/core/CacheService.js';
import { LocalUser } from '@/models/entities/User';
import { LocalUser } from '@/models/entities/User.js';
import { AuthenticateService, AuthenticationError } from './AuthenticateService.js';
import MainStreamConnection from './stream/index.js';
import { ChannelsService } from './stream/ChannelsService.js';

4
packages/backend/src/server/api/endpoint-base.ts
View file

@ -1,5 +1,5 @@
import * as fs from 'node:fs';
import Ajv from 'ajv';
import _Ajv from 'ajv';
import type { Schema, SchemaType } from '@/misc/json-schema.js';
import type { LocalUser } from '@/models/entities/User.js';
import type { AccessToken } from '@/models/entities/AccessToken.js';
@ -7,6 +7,8 @@ import type { FlashToken } from '@/misc/flash-token.js';
import { ApiError } from './error.js';
import type { IEndpointMeta } from './endpoints.js';
const Ajv = _Ajv.default;
const ajv = new Ajv({
useDefaults: true,
});

1
packages/backend/src/server/api/endpoints/admin/emoji/add.ts
View file

@ -1,5 +1,4 @@
import { Inject, Injectable } from '@nestjs/common';
import rndstr from 'rndstr';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { DriveFilesRepository } from '@/models/index.js';
import { DI } from '@/di-symbols.js';

4
packages/backend/src/server/api/endpoints/admin/reset-password.ts
View file

@ -1,9 +1,9 @@
import { Inject, Injectable } from '@nestjs/common';
import bcrypt from 'bcryptjs';
import rndstr from 'rndstr';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { UsersRepository, UserProfilesRepository } from '@/models/index.js';
import { DI } from '@/di-symbols.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
export const meta = {
tags: ['admin'],
@ -54,7 +54,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
throw new Error('cannot reset password of root');
}
const passwd = rndstr('a-zA-Z0-9', 8);
const passwd = secureRndstr(8);
// Generate hash of password
const hash = bcrypt.hashSync(passwd);

2
packages/backend/src/server/api/endpoints/app/create.ts
View file

@ -44,7 +44,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
) {
super(meta, paramDef, async (ps, me) => {
// Generate secret
const secret = secureRndstr(32, true);
const secret = secureRndstr(32);
// for backward compatibility
const permission = unique(ps.permission.map(v => v.replace(/^(.+)(\/|-)(read|write)$/, '$3:$1')));

2
packages/backend/src/server/api/endpoints/auth/accept.ts
View file

@ -55,7 +55,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
throw new ApiError(meta.errors.noSuchSession);
}
const accessToken = secureRndstr(32, true);
const accessToken = secureRndstr(32);
// Fetch exist access token
const exist = await this.accessTokensRepository.findOneBy({

4
packages/backend/src/server/api/endpoints/i/import-antennas.ts
View file

@ -54,7 +54,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
constructor (
@Inject(DI.driveFilesRepository)
private driveFilesRepository: DriveFilesRepository,
@Inject(DI.antennasRepository)
private antennasRepository: AntennasRepository,
@ -79,6 +79,6 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
this.queueService.createImportAntennasJob(me, antennas);
});
}
}
}
export type Antenna = (_Antenna & { userListAccts: string[] | null })[];

2
packages/backend/src/server/api/endpoints/i/import-blocking.ts
View file

@ -72,7 +72,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
const checkMoving = await this.accountMoveService.validateAlsoKnownAs(
me,
(old, src) => !!src.movedAt && src.movedAt.getTime() + 1000 * 60 * 60 * 2 > (new Date()).getTime(),
true
true,
);
if (checkMoving ? file.size > 32 * 1024 * 1024 : file.size > 64 * 1024) throw new ApiError(meta.errors.tooBigFile);

2
packages/backend/src/server/api/endpoints/i/import-following.ts
View file

@ -71,7 +71,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
const checkMoving = await this.accountMoveService.validateAlsoKnownAs(
me,
(old, src) => !!src.movedAt && src.movedAt.getTime() + 1000 * 60 * 60 * 2 > (new Date()).getTime(),
true
true,
);
if (checkMoving ? file.size > 32 * 1024 * 1024 : file.size > 64 * 1024) throw new ApiError(meta.errors.tooBigFile);

2
packages/backend/src/server/api/endpoints/i/import-muting.ts
View file

@ -72,7 +72,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
const checkMoving = await this.accountMoveService.validateAlsoKnownAs(
me,
(old, src) => !!src.movedAt && src.movedAt.getTime() + 1000 * 60 * 60 * 2 > (new Date()).getTime(),
true
true,
);
if (checkMoving ? file.size > 32 * 1024 * 1024 : file.size > 64 * 1024) throw new ApiError(meta.errors.tooBigFile);

2
packages/backend/src/server/api/endpoints/i/import-user-lists.ts
View file

@ -71,7 +71,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
const checkMoving = await this.accountMoveService.validateAlsoKnownAs(
me,
(old, src) => !!src.movedAt && src.movedAt.getTime() + 1000 * 60 * 60 * 2 > (new Date()).getTime(),
true
true,
);
if (checkMoving ? file.size > 32 * 1024 * 1024 : file.size > 64 * 1024) throw new ApiError(meta.errors.tooBigFile);

4
packages/backend/src/server/api/endpoints/i/update-email.ts
View file

@ -1,5 +1,4 @@
import { Inject, Injectable } from '@nestjs/common';
import rndstr from 'rndstr';
import ms from 'ms';
import bcrypt from 'bcryptjs';
import { Endpoint } from '@/server/api/endpoint-base.js';
@ -9,6 +8,7 @@ import { EmailService } from '@/core/EmailService.js';
import type { Config } from '@/config.js';
import { DI } from '@/di-symbols.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import { L_CHARS, secureRndstr } from '@/misc/secure-rndstr.js';
import { ApiError } from '../../error.js';
export const meta = {
@ -94,7 +94,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
this.globalEventService.publishMainStream(me.id, 'meUpdated', iObj);
if (ps.email != null) {
const code = rndstr('a-z0-9', 16);
const code = secureRndstr(16, { chars: L_CHARS });
await this.userProfilesRepository.update(me.id, {
emailVerifyCode: code,

7
packages/backend/src/server/api/endpoints/invite.ts
View file

@ -1,9 +1,9 @@
import rndstr from 'rndstr';
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { RegistrationTicketsRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js';
import { DI } from '@/di-symbols.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
export const meta = {
tags: ['meta'],
@ -42,9 +42,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
private idService: IdService,
) {
super(meta, paramDef, async (ps, me) => {
const code = rndstr({
length: 8,
chars: '2-9A-HJ-NP-Z', // [0-9A-Z] w/o [01IO] (32 patterns)
const code = secureRndstr(8, {
chars: '23456789ABCDEFGHJKLMNPQRSTUVWXYZ', // [0-9A-Z] w/o [01IO] (32 patterns)
});
await this.registrationTicketsRepository.insert({

2
packages/backend/src/server/api/endpoints/miauth/gen-token.ts
View file

@ -49,7 +49,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
) {
super(meta, paramDef, async (ps, me) => {
// Generate access token
const accessToken = secureRndstr(32, true);
const accessToken = secureRndstr(32);
const now = new Date();

2
packages/backend/src/server/api/endpoints/notes/unrenote.ts
View file

@ -4,8 +4,8 @@ import type { UsersRepository, NotesRepository } from '@/models/index.js';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { NoteDeleteService } from '@/core/NoteDeleteService.js';
import { DI } from '@/di-symbols.js';
import { ApiError } from '../../error.js';
import { GetterService } from '@/server/api/GetterService.js';
import { ApiError } from '../../error.js';
export const meta = {
tags: ['notes'],

6
packages/backend/src/server/api/endpoints/request-reset-password.ts
View file

@ -1,4 +1,3 @@
import rndstr from 'rndstr';
import ms from 'ms';
import { IsNull } from 'typeorm';
import { Inject, Injectable } from '@nestjs/common';
@ -8,6 +7,7 @@ import { IdService } from '@/core/IdService.js';
import type { Config } from '@/config.js';
import { DI } from '@/di-symbols.js';
import { EmailService } from '@/core/EmailService.js';
import { L_CHARS, secureRndstr } from '@/misc/secure-rndstr.js';
export const meta = {
tags: ['reset password'],
@ -41,7 +41,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
constructor(
@Inject(DI.config)
private config: Config,
@Inject(DI.usersRepository)
private usersRepository: UsersRepository,
@ -77,7 +77,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
return;
}
const token = rndstr('a-z0-9', 64);
const token = secureRndstr(64, { chars: L_CHARS });
await this.passwordResetRequestsRepository.insert({
id: this.idService.genId(),

2
packages/backend/src/server/api/endpoints/users/recommendation.ts
View file

@ -44,7 +44,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
@Inject(DI.followingsRepository)
private followingsRepository: FollowingsRepository,
private userEntityService: UserEntityService,
private queryService: QueryService,
) {

2
packages/backend/src/server/api/endpoints/users/report-abuse.ts
View file

@ -1,4 +1,4 @@
import * as sanitizeHtml from 'sanitize-html';
import sanitizeHtml from 'sanitize-html';
import { Inject, Injectable } from '@nestjs/common';
import type { UsersRepository, AbuseUserReportsRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js';

2
packages/backend/src/server/api/stream/channel.ts
View file

@ -1,5 +1,5 @@
import { bindThis } from '@/decorators.js';
import type Connection from '.';
import type Connection from './index.js';
/**
* Stream channel

4
packages/backend/src/server/api/stream/types.ts
View file

@ -14,7 +14,7 @@ import type { Page } from '@/models/entities/Page.js';
import type { Packed } from '@/misc/json-schema.js';
import type { Webhook } from '@/models/entities/Webhook.js';
import type { Meta } from '@/models/entities/Meta.js';
import { Role, RoleAssignment } from '@/models';
import { Role, RoleAssignment } from '@/models/index.js';
import type Emitter from 'strict-event-emitter-types';
import type { EventEmitter } from 'events';
@ -280,7 +280,7 @@ export type StreamMessages = {
// API event definitions
// ストリームごとのEmitterの辞書を用意
type EventEmitterDictionary = { [x in keyof StreamMessages]: Emitter<EventEmitter, { [y in StreamMessages[x]['name']]: (e: StreamMessages[x]['payload']) => void }> };
type EventEmitterDictionary = { [x in keyof StreamMessages]: Emitter.default<EventEmitter, { [y in StreamMessages[x]['name']]: (e: StreamMessages[x]['payload']) => void }> };
// 共用体型を交差型にする型 https://stackoverflow.com/questions/54938141/typescript-convert-union-to-intersection
type UnionToIntersection<U> = (U extends any ? (k: U) => void : never) extends ((k: infer I) => void) ? I : never;
// Emitter辞書から共用体型を作り、UnionToIntersectionで交差型にする

2
packages/backend/src/server/web/views/base.pug
View file

@ -35,7 +35,7 @@ html
link(rel='prefetch' href=infoImageUrl)
link(rel='prefetch' href=notFoundImageUrl)
//- https://github.com/misskey-dev/misskey/issues/9842
link(rel='stylesheet' href='/assets/tabler-icons/tabler-icons.min.css?v2.21.0')
link(rel='stylesheet' href='/assets/tabler-icons/tabler-icons.min.css?v2.22.0')
link(rel='modulepreload' href=`/vite/${clientEntry.file}`)
if !config.clientManifestExists

45
packages/backend/test/e2e/2fa.ts
View file

@ -7,10 +7,11 @@ import * as OTPAuth from 'otpauth';
import { loadConfig } from '../../src/config.js';
import { signup, api, post, react, startServer, waitFire } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('2要素認証', () => {
let app: INestApplicationContext;
let alice: unknown;
let alice: misskey.entities.MeSignup;
const config = loadConfig();
const password = 'test';
@ -68,7 +69,7 @@ describe('2要素認証', () => {
]));
// AuthenticatorAssertionResponse.authenticatorData
// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse/authenticatorData
// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse/authenticatorData
const credentialIdLength = Buffer.allocUnsafe(2);
credentialIdLength.writeUInt16BE(param.credentialId.length);
const authData = Buffer.concat([
@ -80,7 +81,7 @@ describe('2要素認証', () => {
param.credentialId,
credentialPublicKey,
]);
return {
attestationObject: cbor.encode({
fmt: 'none',
@ -98,7 +99,7 @@ describe('2要素認証', () => {
name: param.keyName,
};
};
const signinParam = (): {
username: string,
password: string,
@ -130,7 +131,7 @@ describe('2要素認証', () => {
'hcaptcha-response'?: string | null,
} => {
// AuthenticatorAssertionResponse.authenticatorData
// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse/authenticatorData
// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse/authenticatorData
const authenticatorData = Buffer.concat([
rpIdHash(),
Buffer.from([0x05]), // flags(1)
@ -146,7 +147,7 @@ describe('2要素認証', () => {
.update(clientDataJSONBuffer)
.digest();
const privateKey = crypto.createPrivateKey(pemToSign);
const signature = crypto.createSign('SHA256')
const signature = crypto.createSign('SHA256')
.update(Buffer.concat([authenticatorData, hashedclientDataJSON]))
.sign(privateKey);
return {
@ -186,14 +187,14 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const usersShowResponse = await api('/users/show', {
username,
}, alice);
assert.strictEqual(usersShowResponse.status, 200);
assert.strictEqual(usersShowResponse.body.twoFactorEnabled, true);
const signinResponse = await api('/signin', {
const signinResponse = await api('/signin', {
...signinParam(),
token: otpToken(registerResponse.body.secret),
});
@ -211,7 +212,7 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const registerKeyResponse = await api('/i/2fa/register-key', {
password,
}, alice);
@ -230,7 +231,7 @@ describe('2要素認証', () => {
assert.strictEqual(keyDoneResponse.status, 200);
assert.strictEqual(keyDoneResponse.body.id, credentialId.toString('hex'));
assert.strictEqual(keyDoneResponse.body.name, keyName);
const usersShowResponse = await api('/users/show', {
username,
});
@ -267,7 +268,7 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const registerKeyResponse = await api('/i/2fa/register-key', {
password,
}, alice);
@ -282,7 +283,7 @@ describe('2要素認証', () => {
credentialId,
}), alice);
assert.strictEqual(keyDoneResponse.status, 200);
const passwordLessResponse = await api('/i/2fa/password-less', {
value: true,
}, alice);
@ -301,7 +302,7 @@ describe('2要素認証', () => {
assert.strictEqual(signinResponse.status, 200);
assert.strictEqual(signinResponse.body.i, undefined);
const signinResponse2 = await api('/signin', {
const signinResponse2 = await api('/signin', {
...signinWithSecurityKeyParam({
keyName,
challengeId: signinResponse.body.challengeId,
@ -324,7 +325,7 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const registerKeyResponse = await api('/i/2fa/register-key', {
password,
}, alice);
@ -339,14 +340,14 @@ describe('2要素認証', () => {
credentialId,
}), alice);
assert.strictEqual(keyDoneResponse.status, 200);
const renamedKey = 'other-key';
const updateKeyResponse = await api('/i/2fa/update-key', {
name: renamedKey,
credentialId: credentialId.toString('hex'),
}, alice);
assert.strictEqual(updateKeyResponse.status, 200);
const iResponse = await api('/i', {
}, alice);
assert.strictEqual(iResponse.status, 200);
@ -366,7 +367,7 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const registerKeyResponse = await api('/i/2fa/register-key', {
password,
}, alice);
@ -381,7 +382,7 @@ describe('2要素認証', () => {
credentialId,
}), alice);
assert.strictEqual(keyDoneResponse.status, 200);
// テストの実行順によっては複数残ってるので全部消す
const iResponse = await api('/i', {
}, alice);
@ -400,14 +401,14 @@ describe('2要素認証', () => {
assert.strictEqual(usersShowResponse.status, 200);
assert.strictEqual(usersShowResponse.body.securityKeys, false);
const signinResponse = await api('/signin', {
const signinResponse = await api('/signin', {
...signinParam(),
token: otpToken(registerResponse.body.secret),
});
assert.strictEqual(signinResponse.status, 200);
assert.notEqual(signinResponse.body.i, undefined);
});
test('が設定でき、設定解除できる。(パスワードのみでログインできる。)', async () => {
const registerResponse = await api('/i/2fa/register', {
password,
@ -418,7 +419,7 @@ describe('2要素認証', () => {
token: otpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 204);
const usersShowResponse = await api('/users/show', {
username,
});

2
packages/backend/test/e2e/antennas.ts
View file

@ -32,7 +32,7 @@ describe('アンテナ', () => {
// - srcのenumにgroupが残っている
// - userGroupIdが残っている, isActiveがない
type Antenna = misskey.entities.Antenna | Packed<'Antenna'>;
type User = misskey.entities.MeDetailed & { token: string };
type User = misskey.entities.MeSignup;
type Note = misskey.entities.Note;
// アンテナを作成できる最小のパラメタ

11
packages/backend/test/e2e/api-visibility.ts
View file

@ -3,6 +3,7 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, startServer } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('API visibility', () => {
let app: INestApplicationContext;
@ -18,15 +19,15 @@ describe('API visibility', () => {
describe('Note visibility', () => {
//#region vars
/** ヒロイン */
let alice: any;
let alice: misskey.entities.MeSignup;
/** フォロワー */
let follower: any;
let follower: misskey.entities.MeSignup;
/** 非フォロワー */
let other: any;
let other: misskey.entities.MeSignup;
/** 非フォロワーでもリプライやメンションをされた人 */
let target: any;
let target: misskey.entities.MeSignup;
/** specified mentionでmentionを飛ばされる人 */
let target2: any;
let target2: misskey.entities.MeSignup;
/** public-post */
let pub: any;

51
packages/backend/test/e2e/api.ts
View file

@ -1,14 +1,15 @@
process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, startServer } from '../utils.js';
import { signup, api, startServer, successfulApiCall, failedApiCall } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('API', () => {
let app: INestApplicationContext;
let alice: any;
let bob: any;
let carol: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();
@ -80,4 +81,46 @@ describe('API', () => {
assert.strictEqual(res.body.nullableDefault, 'hello');
});
});
test('管理者専用のAPIのアクセス制限', async () => {
// aliceは管理者、APIを使える
await successfulApiCall({
endpoint: '/admin/get-index-stats',
parameters: {},
user: alice,
});
// bobは一般ユーザーだからダメ
await failedApiCall({
endpoint: '/admin/get-index-stats',
parameters: {},
user: bob,
}, {
status: 403,
code: 'ROLE_PERMISSION_DENIED',
id: 'c3d38592-54c0-429d-be96-5636b0431a61',
});
// publicアクセスももちろんダメ
await failedApiCall({
endpoint: '/admin/get-index-stats',
parameters: {},
user: undefined,
}, {
status: 401,
code: 'CREDENTIAL_REQUIRED',
id: '1384574d-a912-4b81-8601-c7b1c4085df1',
});
// ごまがしもダメ
await failedApiCall({
endpoint: '/admin/get-index-stats',
parameters: {},
user: { token: 'tsukawasete' },
}, {
status: 401,
code: 'AUTHENTICATION_FAILED',
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
});
});
});

7
packages/backend/test/e2e/block.ts
View file

@ -3,14 +3,15 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, startServer } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Block', () => {
let app: INestApplicationContext;
// alice blocks bob
let alice: any;
let bob: any;
let carol: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

130
packages/backend/test/e2e/clips.ts
View file

@ -13,12 +13,12 @@ import { paramDef as UnfavoriteParamDef } from '@/server/api/endpoints/clips/unf
import { paramDef as AddNoteParamDef } from '@/server/api/endpoints/clips/add-note.js';
import { paramDef as RemoveNoteParamDef } from '@/server/api/endpoints/clips/remove-note.js';
import { paramDef as NotesParamDef } from '@/server/api/endpoints/clips/notes.js';
import {
signup,
post,
startServer,
import {
signup,
post,
startServer,
api,
successfulApiCall,
successfulApiCall,
failedApiCall,
ApiRequest,
hiddenNote,
@ -82,14 +82,14 @@ describe('クリップ', () => {
const update = async (parameters: Partial<UpdateParam>, request: Partial<ApiRequest> = {}): Promise<Clip> => {
const clip = await successfulApiCall<Clip>({
endpoint: '/clips/update',
parameters: {
parameters: {
name: 'updated',
...parameters,
},
user: alice,
...request,
});
// 入力が結果として入っていること。clipIdはidになるので消しておく
delete (parameters as { clipId?: string }).clipId;
assert.deepStrictEqual(clip, {
@ -98,7 +98,7 @@ describe('クリップ', () => {
});
return clip;
};
type DeleteParam = JTDDataType<typeof DeleteParamDef>;
const deleteClip = async (parameters: DeleteParam, request: Partial<ApiRequest> = {}): Promise<void> => {
return await successfulApiCall<void>({
@ -129,7 +129,7 @@ describe('クリップ', () => {
...request,
});
};
const usersClips = async (request: Partial<ApiRequest>): Promise<Clip[]> => {
return await successfulApiCall<Clip[]>({
endpoint: '/users/clips',
@ -145,14 +145,14 @@ describe('クリップ', () => {
bob = await signup({ username: 'bob' });
// FIXME: cherrypick-jsのNoteはoutdatedなので直接変換できない
aliceNote = await post(alice, { text: 'test' }) as any;
aliceHomeNote = await post(alice, { text: 'home only', visibility: 'home' }) as any;
aliceFollowersNote = await post(alice, { text: 'followers only', visibility: 'followers' }) as any;
aliceSpecifiedNote = await post(alice, { text: 'specified only', visibility: 'specified' }) as any;
bobNote = await post(bob, { text: 'test' }) as any;
bobHomeNote = await post(bob, { text: 'home only', visibility: 'home' }) as any;
bobFollowersNote = await post(bob, { text: 'followers only', visibility: 'followers' }) as any;
bobSpecifiedNote = await post(bob, { text: 'specified only', visibility: 'specified' }) as any;
aliceNote = await post(alice, { text: 'test' }) as any;
aliceHomeNote = await post(alice, { text: 'home only', visibility: 'home' }) as any;
aliceFollowersNote = await post(alice, { text: 'followers only', visibility: 'followers' }) as any;
aliceSpecifiedNote = await post(alice, { text: 'specified only', visibility: 'specified' }) as any;
bobNote = await post(bob, { text: 'test' }) as any;
bobHomeNote = await post(bob, { text: 'home only', visibility: 'home' }) as any;
bobFollowersNote = await post(bob, { text: 'followers only', visibility: 'followers' }) as any;
bobSpecifiedNote = await post(bob, { text: 'specified only', visibility: 'specified' }) as any;
}, 1000 * 60 * 2);
afterAll(async () => {
@ -172,7 +172,7 @@ describe('クリップ', () => {
test('の作成ができる', async () => {
const res = await create();
// ISO 8601で日付が返ってくること
assert.strictEqual(res.createdAt, new Date(res.createdAt).toISOString());
assert.strictEqual(res.createdAt, new Date(res.createdAt).toISOString());
assert.strictEqual(res.lastClippedAt, null);
assert.strictEqual(res.name, 'test');
assert.strictEqual(res.description, null);
@ -217,7 +217,7 @@ describe('クリップ', () => {
];
test.each(createClipDenyPattern)('の作成は$labelならできない', async ({ parameters }) => failedApiCall({
endpoint: '/clips/create',
parameters: {
parameters: {
...defaultCreate(),
...parameters,
},
@ -229,7 +229,7 @@ describe('クリップ', () => {
}));
test('の更新ができる', async () => {
const res = await update({
const res = await update({
clipId: (await create()).id,
name: 'updated',
description: 'new description',
@ -237,7 +237,7 @@ describe('クリップ', () => {
});
// ISO 8601で日付が返ってくること
assert.strictEqual(res.createdAt, new Date(res.createdAt).toISOString());
assert.strictEqual(res.createdAt, new Date(res.createdAt).toISOString());
assert.strictEqual(res.lastClippedAt, null);
assert.strictEqual(res.name, 'updated');
assert.strictEqual(res.description, 'new description');
@ -251,7 +251,7 @@ describe('クリップ', () => {
name: 'updated',
...parameters,
}));
test.each([
{ label: 'clipIdがnull', parameters: { clipId: null } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assertion: {
@ -265,7 +265,7 @@ describe('クリップ', () => {
...createClipDenyPattern as any,
])('の更新は$labelならできない', async ({ parameters, user, assertion }) => failedApiCall({
endpoint: '/clips/update',
parameters: {
parameters: {
clipId: (await create({}, { user: (user ?? ((): User => alice))() })).id,
name: 'updated',
...parameters,
@ -279,7 +279,7 @@ describe('クリップ', () => {
}));
test('の削除ができる', async () => {
await deleteClip({
await deleteClip({
clipId: (await create()).id,
});
assert.deepStrictEqual(await list({}), []);
@ -297,7 +297,7 @@ describe('クリップ', () => {
} },
])('の削除は$labelならできない', async ({ parameters, user, assertion }) => failedApiCall({
endpoint: '/clips/delete',
parameters: {
parameters: {
clipId: (await create({}, { user: (user ?? ((): User => alice))() })).id,
...parameters,
},
@ -329,14 +329,14 @@ describe('クリップ', () => {
});
test.each([
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
code: 'NO_SUCH_CLIP',
id: 'c3c5fe33-d62c-44d2-9ea5-d997703f5c20',
} },
])('のID指定取得は$labelならできない', async ({ parameters, assetion }) => failedApiCall({
endpoint: '/clips/show',
parameters: {
parameters: {
...parameters,
},
user: alice,
@ -361,14 +361,14 @@ describe('クリップ', () => {
// 返ってくる配列には順序保障がないのでidでソートして厳密比較
assert.deepStrictEqual(
res.sort(compareBy(s => s.id)),
res.sort(compareBy(s => s.id)),
clips.sort(compareBy(s => s.id)),
);
});
test('の一覧が取得できる(空)', async () => {
const res = await usersClips({
parameters: {
parameters: {
userId: alice.id,
},
});
@ -381,14 +381,14 @@ describe('クリップ', () => {
])('の一覧が$label取得できる', async () => {
const clips = await createMany({ isPublic: true });
const res = await usersClips({
parameters: {
parameters: {
userId: alice.id,
},
});
// 返ってくる配列には順序保障がないのでidでソートして厳密比較
assert.deepStrictEqual(
res.sort(compareBy<Clip>(s => s.id)),
res.sort(compareBy<Clip>(s => s.id)),
clips.sort(compareBy(s => s.id)));
// 認証状態で見たときだけisFavoritedが入っている
@ -421,7 +421,7 @@ describe('クリップ', () => {
await create({ isPublic: false });
const aliceClip = await create({ isPublic: true });
const res = await usersClips({
parameters: {
parameters: {
userId: alice.id,
limit: 2,
},
@ -433,7 +433,7 @@ describe('クリップ', () => {
const clips = await createMany({ isPublic: true }, 7);
clips.sort(compareBy(s => s.id));
const res = await usersClips({
parameters: {
parameters: {
userId: alice.id,
sinceId: clips[1].id,
untilId: clips[5].id,
@ -443,7 +443,7 @@ describe('クリップ', () => {
// Promise.allで返ってくる配列には順序保障がないのでidでソートして厳密比較
assert.deepStrictEqual(
res.sort(compareBy<Clip>(s => s.id)),
res.sort(compareBy<Clip>(s => s.id)),
[clips[2], clips[3], clips[4]], // sinceIdとuntilId自体は結果に含まれない
clips[1].id + ' ... ' + clips[3].id + ' with ' + clips.map(s => s.id) + ' vs. ' + res.map(s => s.id));
});
@ -454,7 +454,7 @@ describe('クリップ', () => {
{ label: 'limit最大+1', parameters: { limit: 101 } },
])('の一覧は$labelだと取得できない', async ({ parameters }) => failedApiCall({
endpoint: '/users/clips',
parameters: {
parameters: {
userId: alice.id,
...parameters,
},
@ -520,7 +520,7 @@ describe('クリップ', () => {
...request,
});
};
beforeEach(async () => {
aliceClip = await create();
});
@ -544,7 +544,7 @@ describe('クリップ', () => {
assert.strictEqual(clip2.favoritedCount, 1);
assert.strictEqual(clip2.isFavorited, false);
});
test('は1つのクリップに対して複数人が設定できる。', async () => {
const publicClip = await create({ isPublic: true });
await favorite({ clipId: publicClip.id }, { user: bob });
@ -552,7 +552,7 @@ describe('クリップ', () => {
const clip = await show({ clipId: publicClip.id }, { user: bob });
assert.strictEqual(clip.favoritedCount, 2);
assert.strictEqual(clip.isFavorited, true);
const clip2 = await show({ clipId: publicClip.id });
assert.strictEqual(clip2.favoritedCount, 2);
assert.strictEqual(clip2.isFavorited, true);
@ -581,7 +581,7 @@ describe('クリップ', () => {
await favorite({ clipId: aliceClip.id });
await failedApiCall({
endpoint: '/clips/favorite',
parameters: {
parameters: {
clipId: aliceClip.id,
},
user: alice,
@ -604,7 +604,7 @@ describe('クリップ', () => {
} },
])('の設定は$labelならできない', async ({ parameters, user, assertion }) => failedApiCall({
endpoint: '/clips/favorite',
parameters: {
parameters: {
clipId: (await create({}, { user: (user ?? ((): User => alice))() })).id,
...parameters,
},
@ -615,7 +615,7 @@ describe('クリップ', () => {
id: '3d81ceae-475f-4600-b2a8-2bc116157532',
...assertion,
}));
test('を設定解除できる。', async () => {
await favorite({ clipId: aliceClip.id });
await unfavorite({ clipId: aliceClip.id });
@ -641,7 +641,7 @@ describe('クリップ', () => {
} },
])('の設定解除は$labelならできない', async ({ parameters, user, assertion }) => failedApiCall({
endpoint: '/clips/unfavorite',
parameters: {
parameters: {
clipId: (await create({}, { user: (user ?? ((): User => alice))() })).id,
...parameters,
},
@ -652,7 +652,7 @@ describe('クリップ', () => {
id: '3d81ceae-475f-4600-b2a8-2bc116157532',
...assertion,
}));
test('を取得できる。', async () => {
await favorite({ clipId: aliceClip.id });
const favorited = await myFavorites();
@ -717,7 +717,7 @@ describe('クリップ', () => {
const res = await show({ clipId: aliceClip.id });
assert.strictEqual(res.lastClippedAt, new Date(res.lastClippedAt ?? '').toISOString());
assert.deepStrictEqual(await notes({ clipId: aliceClip.id }), [aliceNote]);
// 他人の非公開ノートも突っ込める
await addNote({ clipId: aliceClip.id, noteId: bobHomeNote.id });
await addNote({ clipId: aliceClip.id, noteId: bobFollowersNote.id });
@ -728,7 +728,7 @@ describe('クリップ', () => {
await addNote({ clipId: aliceClip.id, noteId: aliceNote.id });
await failedApiCall({
endpoint: '/clips/add-note',
parameters: {
parameters: {
clipId: aliceClip.id,
noteId: aliceNote.id,
},
@ -747,10 +747,10 @@ describe('クリップ', () => {
text: `test ${i}`,
}) as unknown)) as Note[];
await Promise.all(noteList.map(s => addNote({ clipId: aliceClip.id, noteId: s.id })));
await failedApiCall({
endpoint: '/clips/add-note',
parameters: {
parameters: {
clipId: aliceClip.id,
noteId: aliceNote.id,
},
@ -764,7 +764,7 @@ describe('クリップ', () => {
test('は他人のクリップへ追加できない。', async () => await failedApiCall({
endpoint: '/clips/add-note',
parameters: {
parameters: {
clipId: aliceClip.id,
noteId: aliceNote.id,
},
@ -776,9 +776,9 @@ describe('クリップ', () => {
}));
test.each([
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: 'noteId未指定', parameters: { noteId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: 'noteId未指定', parameters: { noteId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
code: 'NO_SUCH_CLIP',
id: 'd6e76cc0-a1b5-4c7c-a287-73fa9c716dcf',
} },
@ -792,7 +792,7 @@ describe('クリップ', () => {
} },
])('の追加は$labelだとできない', async ({ parameters, user, assetion }) => failedApiCall({
endpoint: '/clips/add-note',
parameters: {
parameters: {
clipId: aliceClip.id,
noteId: aliceNote.id,
...parameters,
@ -810,11 +810,11 @@ describe('クリップ', () => {
await removeNote({ clipId: aliceClip.id, noteId: aliceNote.id });
assert.deepStrictEqual(await notes({ clipId: aliceClip.id }), []);
});
test.each([
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: 'noteId未指定', parameters: { noteId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
{ label: 'clipId未指定', parameters: { clipId: undefined } },
{ label: 'noteId未指定', parameters: { noteId: undefined } },
{ label: '存在しないクリップ', parameters: { clipId: 'xxxxxx' }, assetion: {
code: 'NO_SUCH_CLIP',
id: 'b80525c6-97f7-49d7-a42d-ebccd49cfd52', // add-noteと異なる
} },
@ -828,7 +828,7 @@ describe('クリップ', () => {
} },
])('の削除は$labelだとできない', async ({ parameters, user, assetion }) => failedApiCall({
endpoint: '/clips/remove-note',
parameters: {
parameters: {
clipId: aliceClip.id,
noteId: aliceNote.id,
...parameters,
@ -848,12 +848,12 @@ describe('クリップ', () => {
}
const res = await notes({ clipId: aliceClip.id });
// 自分のノートは非公開でも入れられるし、見える
// 他人の非公開ノートは入れられるけど、除外される
const expects = [
aliceNote, aliceHomeNote, aliceFollowersNote, aliceSpecifiedNote,
bobNote, bobHomeNote,
bobNote, bobHomeNote,
];
assert.deepStrictEqual(
res.sort(compareBy(s => s.id)),
@ -867,7 +867,7 @@ describe('クリップ', () => {
await addNote({ clipId: aliceClip.id, noteId: note.id });
}
const res = await notes({
const res = await notes({
clipId: aliceClip.id,
sinceId: noteList[2].id,
limit: 3,
@ -892,7 +892,7 @@ describe('クリップ', () => {
sinceId: noteList[1].id,
untilId: noteList[4].id,
});
// Promise.allで返ってくる配列はID順で並んでないのでソートして厳密比較
const expects = [noteList[2], noteList[3]];
assert.deepStrictEqual(
@ -918,7 +918,7 @@ describe('クリップ', () => {
const res = await notes({ clipId: publicClip.id }, { user: undefined });
const expects = [
aliceNote, aliceHomeNote,
aliceNote, aliceHomeNote,
// 認証なしだと非公開ートは結果には含むけどhideされる。
hiddenNote(aliceFollowersNote), hiddenNote(aliceSpecifiedNote),
];
@ -926,7 +926,7 @@ describe('クリップ', () => {
res.sort(compareBy(s => s.id)),
expects.sort(compareBy(s => s.id)));
});
test.todo('ブロック、ミュートされたユーザーからの設定取得etc.');
test.each([
@ -947,7 +947,7 @@ describe('クリップ', () => {
} },
])('は$labelだと取得できない', async ({ parameters, user, assertion }) => failedApiCall({
endpoint: '/clips/notes',
parameters: {
parameters: {
clipId: aliceClip.id,
...parameters,
},

11
packages/backend/test/e2e/endpoints.ts
View file

@ -4,17 +4,18 @@ import * as assert from 'assert';
// node-fetch only supports it's own Blob yet
// https://github.com/node-fetch/node-fetch/pull/1664
import { Blob } from 'node-fetch';
import { User } from '@/models/index.js';
import { startServer, signup, post, api, uploadFile, simpleGet, initTestDb } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import { User } from '@/models/index.js';
import type * as misskey from 'cherrypick-js';
describe('Endpoints', () => {
let app: INestApplicationContext;
let alice: any;
let bob: any;
let carol: any;
let dave: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
let dave: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

209
packages/backend/test/e2e/fetch-resource.ts
View file

@ -4,6 +4,7 @@ import * as assert from 'assert';
import { startServer, channel, clip, cookie, galleryPost, signup, page, play, post, simpleGet, uploadFile } from '../utils.js';
import type { SimpleGetResponse } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
// Request Accept
const ONLY_AP = 'application/activity+json';
@ -19,7 +20,7 @@ const JSON_UTF8 = 'application/json; charset=utf-8';
describe('Webリソース', () => {
let app: INestApplicationContext;
let alice: any;
let alice: misskey.entities.MeSignup;
let aliceUploadedFile: any;
let alicesPost: any;
let alicePage: any;
@ -28,8 +29,8 @@ describe('Webリソース', () => {
let aliceGalleryPost: any;
let aliceChannel: any;
type Request = {
path: string,
type Request = {
path: string,
accept?: string,
cookie?: string,
};
@ -46,7 +47,7 @@ describe('Webリソース', () => {
const notOk = async (param: Request & {
status?: number,
code?: string,
}): Promise<SimpleGetResponse> => {
}): Promise<SimpleGetResponse> => {
const { path, accept, cookie, status, code } = param;
const res = await simpleGet(path, accept, cookie);
assert.notStrictEqual(res.status, 200);
@ -58,8 +59,8 @@ describe('Webリソース', () => {
}
return res;
};
const notFound = async (param: Request): Promise<SimpleGetResponse> => {
const notFound = async (param: Request): Promise<SimpleGetResponse> => {
return await notOk({
...param,
status: 404,
@ -94,23 +95,23 @@ describe('Webリソース', () => {
{ path: '/', type: HTML },
{ path: '/docs/ja-JP/about', type: HTML }, // "指定されたURLに該当するページはありませんでした。"
// fastify-static gives charset=UTF-8 instead of utf-8 and that's okay
{ path: '/api-doc', type: 'text/html; charset=UTF-8' },
{ path: '/api.json', type: JSON_UTF8 },
{ path: '/api-console', type: HTML },
{ path: '/_info_card_', type: HTML },
{ path: '/bios', type: HTML },
{ path: '/cli', type: HTML },
{ path: '/flush', type: HTML },
{ path: '/api-doc', type: 'text/html; charset=UTF-8' },
{ path: '/api.json', type: JSON_UTF8 },
{ path: '/api-console', type: HTML },
{ path: '/_info_card_', type: HTML },
{ path: '/bios', type: HTML },
{ path: '/cli', type: HTML },
{ path: '/flush', type: HTML },
{ path: '/robots.txt', type: 'text/plain; charset=UTF-8' },
{ path: '/favicon.ico', type: 'image/vnd.microsoft.icon' },
{ path: '/favicon.ico', type: 'image/vnd.microsoft.icon' },
{ path: '/opensearch.xml', type: 'application/opensearchdescription+xml' },
{ path: '/apple-touch-icon.png', type: 'image/png' },
{ path: '/twemoji/2764.svg', type: 'image/svg+xml' },
{ path: '/twemoji/2764-fe0f-200d-1f525.svg', type: 'image/svg+xml' },
{ path: '/twemoji-badge/2764.png', type: 'image/png' },
{ path: '/apple-touch-icon.png', type: 'image/png' },
{ path: '/twemoji/2764.svg', type: 'image/svg+xml' },
{ path: '/twemoji/2764-fe0f-200d-1f525.svg', type: 'image/svg+xml' },
{ path: '/twemoji-badge/2764.png', type: 'image/png' },
{ path: '/twemoji-badge/2764-fe0f-200d-1f525.png', type: 'image/png' },
{ path: '/fluent-emoji/2764.png', type: 'image/png' },
{ path: '/fluent-emoji/2764-fe0f-200d-1f525.png', type: 'image/png' },
{ path: '/fluent-emoji/2764.png', type: 'image/png' },
{ path: '/fluent-emoji/2764-fe0f-200d-1f525.png', type: 'image/png' },
])('$path', (p) => {
test('がGETできる。', async () => await ok({ ...p }));
@ -120,58 +121,58 @@ describe('Webリソース', () => {
});
describe.each([
{ path: '/twemoji/2764.png' },
{ path: '/twemoji/2764-fe0f-200d-1f525.png' },
{ path: '/twemoji-badge/2764.svg' },
{ path: '/twemoji/2764.png' },
{ path: '/twemoji/2764-fe0f-200d-1f525.png' },
{ path: '/twemoji-badge/2764.svg' },
{ path: '/twemoji-badge/2764-fe0f-200d-1f525.svg' },
{ path: '/fluent-emoji/2764.svg' },
{ path: '/fluent-emoji/2764-fe0f-200d-1f525.svg' },
{ path: '/fluent-emoji/2764.svg' },
{ path: '/fluent-emoji/2764-fe0f-200d-1f525.svg' },
])('$path', ({ path }) => {
test('はGETできない。', async () => await notFound({ path }));
});
describe.each([
{ ext: 'rss', type: 'application/rss+xml; charset=utf-8' },
{ ext: 'atom', type: 'application/atom+xml; charset=utf-8' },
{ ext: 'json', type: 'application/json; charset=utf-8' },
{ ext: 'rss', type: 'application/rss+xml; charset=utf-8' },
{ ext: 'atom', type: 'application/atom+xml; charset=utf-8' },
{ ext: 'json', type: 'application/json; charset=utf-8' },
])('/@:username.$ext', ({ ext, type }) => {
const path = (username: string): string => `/@${username}.${ext}`;
test('がGETできる。', async () => await ok({
test('がGETできる。', async () => await ok({
path: path(alice.username),
type,
}));
test('は存在しないユーザーはGETできない。', async () => await notOk({
test('は存在しないユーザーはGETできない。', async () => await notOk({
path: path('nonexisting'),
status: 404,
status: 404,
}));
});
describe.each([{ path: '/api/foo' }])('$path', ({ path }) => {
test('はGETできない。', async () => await notOk({
test('はGETできない。', async () => await notOk({
path,
status: 404,
status: 404,
code: 'UNKNOWN_API_ENDPOINT',
}));
});
describe.each([{ path: '/queue' }])('$path', ({ path }) => {
test('はadminでなければGETできない。', async () => await notOk({
test('はadminでなければGETできない。', async () => await notOk({
path,
status: 500, // FIXME? 403ではない。
}));
test('はadminならGETできる。', async () => await ok({
test('はadminならGETできる。', async () => await ok({
path,
cookie: cookie(alice),
}));
}));
});
describe.each([{ path: '/streaming' }])('$path', ({ path }) => {
test('はGETできない。', async () => await notOk({
test('はGETできない。', async () => await notOk({
path,
status: 503,
status: 503,
}));
});
@ -183,21 +184,21 @@ describe('Webリソース', () => {
{ accept: UNSPECIFIED },
])('(Acceptヘッダ: $accept)', ({ accept }) => {
test('はHTMLとしてGETできる。', async () => {
const res = await ok({
path: path(alice.username),
accept,
const res = await ok({
path: path(alice.username),
accept,
type: HTML,
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
// TODO ogタグの検証
// TODO profile.noCrawleの検証
// TODO twitter:creatorの検証
// TODO <link rel="me" ...>の検証
});
test('はHTMLとしてGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('はHTMLとしてGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
type: HTML,
}));
});
@ -207,22 +208,22 @@ describe('Webリソース', () => {
{ accept: PREFER_AP },
])('(Acceptヘッダ: $accept)', ({ accept }) => {
test('はActivityPubとしてGETできる。', async () => {
const res = await ok({
path: path(alice.username),
accept,
const res = await ok({
path: path(alice.username),
accept,
type: AP,
});
assert.strictEqual(res.body.type, 'Person');
});
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notFound({
path: path('xxxxxxxxxx'),
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notFound({
path: path('xxxxxxxxxx'),
accept,
}));
});
});
describe.each([
describe.each([
// 実際のハンドルはフロントエンド(index.vue)で行われる
{ sub: 'home' },
{ sub: 'notes' },
@ -236,32 +237,32 @@ describe('Webリソース', () => {
const path = (username: string): string => `/@${username}/${sub}`;
test('はHTMLとしてGETできる。', async () => {
const res = await ok({
path: path(alice.username),
const res = await ok({
path: path(alice.username),
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
});
});
describe('/@:user/pages/:page', () => {
const path = (username: string, pagename: string): string => `/@${username}/pages/${pagename}`;
test('はHTMLとしてGETできる。', async () => {
const res = await ok({
path: path(alice.username, alicePage.name),
const res = await ok({
path: path(alice.username, alicePage.name),
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
assert.strictEqual(metaTag(res, 'misskey:page-id'), alicePage.id);
// TODO ogタグの検証
// TODO profile.noCrawleの検証
// TODO twitter:creatorの検証
});
test('はGETできる。(存在しないIDでも。)', async () => await ok({
path: path(alice.username, 'xxxxxxxxxx'),
test('はGETできる。(存在しないIDでも。)', async () => await ok({
path: path(alice.username, 'xxxxxxxxxx'),
}));
});
@ -278,7 +279,7 @@ describe('Webリソース', () => {
assert.strictEqual(res.location, `/@${alice.username}`);
});
test('は存在しないユーザーはGETできない。', async () => await notFound({
test('は存在しないユーザーはGETできない。', async () => await notFound({
path: path('xxxxxxxx'),
}));
});
@ -288,24 +289,24 @@ describe('Webリソース', () => {
{ accept: PREFER_AP },
])('(Acceptヘッダ: $accept)', ({ accept }) => {
test('はActivityPubとしてGETできる。', async () => {
const res = await ok({
path: path(alice.id),
accept,
const res = await ok({
path: path(alice.id),
accept,
type: AP,
});
assert.strictEqual(res.body.type, 'Person');
});
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notOk({
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notOk({
path: path('xxxxxxxx'),
accept,
status: 404,
}));
});
});
describe('/users/inbox', () => {
test('がGETできる。(POST専用だけど4xx/5xxにならずHTMLが返ってくる)', async () => await ok({
test('がGETできる。(POST専用だけど4xx/5xxにならずHTMLが返ってくる)', async () => await ok({
path: '/inbox',
}));
@ -315,7 +316,7 @@ describe('Webリソース', () => {
describe('/users/:id/inbox', () => {
const path = (id: string): string => `/users/${id}/inbox`;
test('がGETできる。(POST専用だけど4xx/5xxにならずHTMLが返ってくる)', async () => await ok({
test('がGETできる。(POST専用だけど4xx/5xxにならずHTMLが返ってくる)', async () => await ok({
path: path(alice.id),
}));
@ -326,14 +327,14 @@ describe('Webリソース', () => {
const path = (id: string): string => `/users/${id}/outbox`;
test('がGETできる。', async () => {
const res = await ok({
path: path(alice.id),
const res = await ok({
path: path(alice.id),
type: AP,
});
assert.strictEqual(res.body.type, 'OrderedCollection');
});
});
describe('/notes/:id', () => {
const path = (noteId: string): string => `/notes/${noteId}`;
@ -342,22 +343,22 @@ describe('Webリソース', () => {
{ accept: UNSPECIFIED },
])('(Acceptヘッダ: $accept)', ({ accept }) => {
test('はHTMLとしてGETできる。', async () => {
const res = await ok({
path: path(alicesPost.id),
accept,
const res = await ok({
path: path(alicesPost.id),
accept,
type: HTML,
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
assert.strictEqual(metaTag(res, 'misskey:note-id'), alicesPost.id);
assert.strictEqual(metaTag(res, 'misskey:note-id'), alicesPost.id);
// TODO ogタグの検証
// TODO profile.noCrawleの検証
// TODO twitter:creatorの検証
});
test('はHTMLとしてGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('はHTMLとしてGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
}));
});
@ -366,48 +367,48 @@ describe('Webリソース', () => {
{ accept: PREFER_AP },
])('(Acceptヘッダ: $accept)', ({ accept }) => {
test('はActivityPubとしてGETできる。', async () => {
const res = await ok({
path: path(alicesPost.id),
const res = await ok({
path: path(alicesPost.id),
accept,
type: AP,
});
assert.strictEqual(res.body.type, 'Note');
});
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notFound({
path: path('xxxxxxxxxx'),
test('は存在しないIDのときActivityPubとしてGETできない。', async () => await notFound({
path: path('xxxxxxxxxx'),
accept,
}));
});
});
describe('/play/:id', () => {
const path = (playid: string): string => `/play/${playid}`;
test('がGETできる。', async () => {
const res = await ok({
path: path(alicePlay.id),
const res = await ok({
path: path(alicePlay.id),
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
assert.strictEqual(metaTag(res, 'misskey:flash-id'), alicePlay.id);
// TODO ogタグの検証
// TODO profile.noCrawleの検証
// TODO twitter:creatorの検証
});
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
}));
});
describe('/clips/:clip', () => {
const path = (clip: string): string => `/clips/${clip}`;
test('がGETできる。', async () => {
const res = await ok({
path: path(aliceClip.id),
const res = await ok({
path: path(aliceClip.id),
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
@ -416,9 +417,9 @@ describe('Webリソース', () => {
// TODO ogタグの検証
// TODO profile.noCrawleの検証
});
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
}));
});
@ -426,8 +427,8 @@ describe('Webリソース', () => {
const path = (post: string): string => `/gallery/${post}`;
test('がGETできる。', async () => {
const res = await ok({
path: path(aliceGalleryPost.id),
const res = await ok({
path: path(aliceGalleryPost.id),
});
assert.strictEqual(metaTag(res, 'misskey:user-username'), alice.username);
assert.strictEqual(metaTag(res, 'misskey:user-id'), alice.id);
@ -436,26 +437,26 @@ describe('Webリソース', () => {
// TODO profile.noCrawleの検証
// TODO twitter:creatorの検証
});
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
}));
});
describe('/channels/:channel', () => {
const path = (channel: string): string => `/channels/${channel}`;
test('はGETできる。', async () => {
const res = await ok({
path: path(aliceChannel.id),
path: path(aliceChannel.id),
});
// FIXME: misskey関連のmetaタグの設定がない
// TODO ogタグの検証
});
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
test('がGETできる。(存在しないIDでも。)', async () => await ok({
path: path('xxxxxxxxxx'),
}));
});
});

5
packages/backend/test/e2e/ff-visibility.ts
View file

@ -3,12 +3,13 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, startServer, simpleGet } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('FF visibility', () => {
let app: INestApplicationContext;
let alice: any;
let bob: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

27
packages/backend/test/e2e/move.ts
View file

@ -1,12 +1,13 @@
process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import rndstr from 'rndstr';
import { loadConfig } from '@/config.js';
import { User, UsersRepository } from '@/models/index.js';
import { jobQueue } from '@/boot/common.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
import { uploadFile, signup, startServer, initTestDb, api, sleep, successfulApiCall } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Account Move', () => {
let app: INestApplicationContext;
@ -14,12 +15,12 @@ describe('Account Move', () => {
let url: URL;
let root: any;
let alice: any;
let bob: any;
let carol: any;
let dave: any;
let eve: any;
let frank: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
let dave: misskey.entities.MeSignup;
let eve: misskey.entities.MeSignup;
let frank: misskey.entities.MeSignup;
let Users: UsersRepository;
@ -162,7 +163,7 @@ describe('Account Move', () => {
alsoKnownAs: [`@alice@${url.hostname}`],
}, root);
const listRoot = await api('/users/lists/create', {
name: rndstr('0-9a-z', 8),
name: secureRndstr(8),
}, root);
await api('/users/lists/push', {
listId: listRoot.body.id,
@ -176,9 +177,9 @@ describe('Account Move', () => {
userId: eve.id,
}, alice);
const antenna = await api('/antennas/create', {
name: rndstr('0-9a-z', 8),
name: secureRndstr(8),
src: 'home',
keywords: [rndstr('0-9a-z', 8)],
keywords: [secureRndstr(8)],
excludeKeywords: [],
users: [],
caseSensitive: false,
@ -210,7 +211,7 @@ describe('Account Move', () => {
userId: dave.id,
}, eve);
const listEve = await api('/users/lists/create', {
name: rndstr('0-9a-z', 8),
name: secureRndstr(8),
}, eve);
await api('/users/lists/push', {
listId: listEve.body.id,
@ -419,9 +420,9 @@ describe('Account Move', () => {
test('Prohibit access after moving: /antennas/update', async () => {
const res = await api('/antennas/update', {
antennaId,
name: rndstr('0-9a-z', 8),
name: secureRndstr(8),
src: 'users',
keywords: [rndstr('0-9a-z', 8)],
keywords: [secureRndstr(8)],
excludeKeywords: [],
users: [eve.id],
caseSensitive: false,

7
packages/backend/test/e2e/mute.ts
View file

@ -3,14 +3,15 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, react, startServer, waitFire } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Mute', () => {
let app: INestApplicationContext;
// alice mutes carol
let alice: any;
let bob: any;
let carol: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

7
packages/backend/test/e2e/note.ts
View file

@ -4,13 +4,14 @@ import * as assert from 'assert';
import { Note } from '@/models/entities/Note.js';
import { signup, post, uploadUrl, startServer, initTestDb, api, uploadFile } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Note', () => {
let app: INestApplicationContext;
let Notes: any;
let alice: any;
let bob: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();
@ -378,7 +379,7 @@ describe('Note', () => {
},
},
}, alice);
assert.strictEqual(res.status, 200);
const assign = await api('admin/roles/assign', {

7
packages/backend/test/e2e/renote-mute.ts
View file

@ -3,14 +3,15 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, react, startServer, waitFire } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Renote Mute', () => {
let app: INestApplicationContext;
// alice mutes carol
let alice: any;
let bob: any;
let carol: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

11
packages/backend/test/e2e/streaming.ts
View file

@ -4,6 +4,7 @@ import * as assert from 'assert';
import { Following } from '@/models/entities/Following.js';
import { connectStream, signup, api, post, startServer, initTestDb, waitFire } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Streaming', () => {
let app: INestApplicationContext;
@ -26,13 +27,13 @@ describe('Streaming', () => {
describe('Streaming', () => {
// Local users
let ayano: any;
let kyoko: any;
let chitose: any;
let ayano: misskey.entities.MeSignup;
let kyoko: misskey.entities.MeSignup;
let chitose: misskey.entities.MeSignup;
// Remote users
let akari: any;
let chinatsu: any;
let akari: misskey.entities.MeSignup;
let chinatsu: misskey.entities.MeSignup;
let kyokoNote: any;
let list: any;

7
packages/backend/test/e2e/thread-mute.ts
View file

@ -3,13 +3,14 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, connectStream, startServer } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('Note thread mute', () => {
let app: INestApplicationContext;
let alice: any;
let bob: any;
let carol: any;
let alice: misskey.entities.MeSignup;
let bob: misskey.entities.MeSignup;
let carol: misskey.entities.MeSignup;
beforeAll(async () => {
app = await startServer();

3
packages/backend/test/e2e/user-notes.ts
View file

@ -3,11 +3,12 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { signup, api, post, uploadUrl, startServer } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'cherrypick-js';
describe('users/notes', () => {
let app: INestApplicationContext;
let alice: any;
let alice: misskey.entities.MeSignup;
let jpgNote: any;
let pngNote: any;
let jpgPngNote: any;

66
packages/backend/test/e2e/users.ts
View file

@ -4,14 +4,14 @@ import * as assert from 'assert';
import { inspect } from 'node:util';
import { DEFAULT_POLICIES } from '@/core/RoleService.js';
import type { Packed } from '@/misc/json-schema.js';
import {
signup,
post,
import {
signup,
post,
page,
role,
startServer,
startServer,
api,
successfulApiCall,
successfulApiCall,
failedApiCall,
uploadFile,
} from '../utils.js';
@ -36,19 +36,19 @@ describe('ユーザー', () => {
badgeRoles: any[],
};
type UserDetailedNotMe = UserLite &
type UserDetailedNotMe = UserLite &
misskey.entities.UserDetailed & {
roles: any[],
};
type MeDetailed = UserDetailedNotMe &
type MeDetailed = UserDetailedNotMe &
misskey.entities.MeDetailed & {
achievements: object[],
loggedInDays: number,
policies: object,
};
type User = MeDetailed & { token: string };
type User = MeDetailed & { token: string };
const show = async (id: string, me = root): Promise<MeDetailed | UserDetailedNotMe> => {
return successfulApiCall({ endpoint: 'users/show', parameters: { userId: id }, user: me }) as any;
@ -160,7 +160,7 @@ describe('ユーザー', () => {
mutedInstances: user.mutedInstances,
mutingNotificationTypes: user.mutingNotificationTypes,
emailNotificationTypes: user.emailNotificationTypes,
achievements: user.achievements,
achievements: user.achievements,
loggedInDays: user.loggedInDays,
policies: user.policies,
...(security ? {
@ -223,11 +223,11 @@ describe('ユーザー', () => {
beforeAll(async () => {
root = await signup({ username: 'root' });
alice = await signup({ username: 'alice' });
aliceNote = await post(alice, { text: 'test' }) as any;
aliceNote = await post(alice, { text: 'test' }) as any;
alicePage = await page(alice);
aliceList = (await api('users/list/create', { name: 'aliceList' }, alice)).body;
bob = await signup({ username: 'bob' });
bobNote = await post(bob, { text: 'test' }) as any;
bobNote = await post(bob, { text: 'test' }) as any;
carol = await signup({ username: 'carol' });
dave = await signup({ username: 'dave' });
ellen = await signup({ username: 'ellen' });
@ -237,10 +237,10 @@ describe('ユーザー', () => {
usersReplying = await [...Array(10)].map((_, i) => i).reduce(async (acc, i) => {
const u = await signup({ username: `replying${i}` });
for (let j = 0; j < 10 - i; j++) {
const p = await post(u, { text: `test${j}` });
const p = await post(u, { text: `test${j}` });
await post(alice, { text: `@${u.username} test${j}`, replyId: p.id });
}
return (await acc).concat(u);
}, Promise.resolve([] as User[]));
@ -377,7 +377,7 @@ describe('ユーザー', () => {
assert.strictEqual(response.securityKeys, false);
assert.deepStrictEqual(response.roles, []);
assert.strictEqual(response.memo, null);
// MeDetailedOnly
assert.strictEqual(response.avatarId, null);
assert.strictEqual(response.bannerId, null);
@ -408,7 +408,7 @@ describe('ユーザー', () => {
assert.deepStrictEqual(response.emailNotificationTypes, ['follow', 'receiveFollowRequest', 'groupInvited']);
assert.deepStrictEqual(response.achievements, []);
assert.deepStrictEqual(response.loggedInDays, 0);
assert.deepStrictEqual(response.policies, DEFAULT_POLICIES);
assert.deepStrictEqual(response.policies, DEFAULT_POLICIES);
assert.notStrictEqual(response.email, undefined);
assert.strictEqual(response.emailVerified, false);
assert.deepStrictEqual(response.securityKeysList, []);
@ -501,8 +501,8 @@ describe('ユーザー', () => {
const response = await successfulApiCall({ endpoint: 'i/update', parameters: parameters, user: alice });
assert.match(response.avatarUrl ?? '.', /^[-a-zA-Z0-9@:%._\+~#&?=\/]+$/);
assert.match(response.avatarBlurhash ?? '.', /[ -~]{54}/);
const expected = {
...meDetailed(alice, true),
const expected = {
...meDetailed(alice, true),
avatarId: aliceFile.id,
avatarBlurhash: response.avatarBlurhash,
avatarUrl: response.avatarUrl,
@ -511,8 +511,8 @@ describe('ユーザー', () => {
const parameters2 = { avatarId: null };
const response2 = await successfulApiCall({ endpoint: 'i/update', parameters: parameters2, user: alice });
const expected2 = {
...meDetailed(alice, true),
const expected2 = {
...meDetailed(alice, true),
avatarId: null,
avatarBlurhash: null,
avatarUrl: alice.avatarUrl, // 解除した場合、identiconになる
@ -526,8 +526,8 @@ describe('ユーザー', () => {
const response = await successfulApiCall({ endpoint: 'i/update', parameters: parameters, user: alice });
assert.match(response.bannerUrl ?? '.', /^[-a-zA-Z0-9@:%._\+~#&?=\/]+$/);
assert.match(response.bannerBlurhash ?? '.', /[ -~]{54}/);
const expected = {
...meDetailed(alice, true),
const expected = {
...meDetailed(alice, true),
bannerId: aliceFile.id,
bannerBlurhash: response.bannerBlurhash,
bannerUrl: response.bannerUrl,
@ -536,8 +536,8 @@ describe('ユーザー', () => {
const parameters2 = { bannerId: null };
const response2 = await successfulApiCall({ endpoint: 'i/update', parameters: parameters2, user: alice });
const expected2 = {
...meDetailed(alice, true),
const expected2 = {
...meDetailed(alice, true),
bannerId: null,
bannerBlurhash: null,
bannerUrl: null,
@ -553,7 +553,7 @@ describe('ユーザー', () => {
const response = await successfulApiCall({ endpoint: 'i/pin', parameters, user: alice });
const expected = { ...meDetailed(alice, false), pinnedNoteIds: [aliceNote.id], pinnedNotes: [aliceNote] };
assert.deepStrictEqual(response, expected);
const response2 = await successfulApiCall({ endpoint: 'i/unpin', parameters, user: alice });
const expected2 = meDetailed(alice, false);
assert.deepStrictEqual(response2, expected2);
@ -614,7 +614,7 @@ describe('ユーザー', () => {
});
test.todo('をリスト形式で取得することができる(リモート, hostname指定');
test.todo('をリスト形式で取得することができるpagenation');
//#endregion
//#region ユーザー情報(users/show)
@ -686,9 +686,9 @@ describe('ユーザー', () => {
const parameters = { userIds: [bob.id, alice.id, carol.id] };
const response = await successfulApiCall({ endpoint: 'users/show', parameters, user: alice });
const expected = [
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: bob.id }, user: alice }),
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: alice.id }, user: alice }),
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: carol.id }, user: alice }),
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: bob.id }, user: alice }),
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: alice.id }, user: alice }),
await successfulApiCall({ endpoint: 'users/show', parameters: { userId: carol.id }, user: alice }),
];
assert.deepStrictEqual(response, expected);
});
@ -703,7 +703,7 @@ describe('ユーザー', () => {
// BUG サスペンドユーザーを一般ユーザーから見るとrootユーザーが返ってくる
//{ label: 'サスペンドユーザーが(一般ユーザーが見るときは)含まれない', user: (): User => userSuspended, me: (): User => bob, excluded: true },
{ label: '削除済ユーザーが含まれる', user: (): User => userDeletedBySelf },
{ label: '削除済(byAdmin)ユーザーが含まれる', user: (): User => userDeletedByAdmin },
{ label: '削除済(byAdmin)ユーザーが含まれる', user: (): User => userDeletedByAdmin },
] as const)('をID指定のリスト形式で取得することができ、結果に$label', async ({ user, me, excluded }) => {
const parameters = { userIds: [user().id] };
const response = await successfulApiCall({ endpoint: 'users/show', parameters, user: me?.() ?? alice });
@ -736,7 +736,7 @@ describe('ユーザー', () => {
{ label: 'サイレンスユーザーが含まれる', user: (): User => userSilenced },
{ label: 'サスペンドユーザーが含まれない', user: (): User => userSuspended, excluded: true },
{ label: '削除済ユーザーが含まれる', user: (): User => userDeletedBySelf },
{ label: '削除済(byAdmin)ユーザーが含まれる', user: (): User => userDeletedByAdmin },
{ label: '削除済(byAdmin)ユーザーが含まれる', user: (): User => userDeletedByAdmin },
] as const)('を検索することができ、結果に$labelが含まれる', async ({ user, excluded }) => {
const parameters = { query: user().username, limit: 1 };
const response = await successfulApiCall({ endpoint: 'users/search', parameters, user: alice });
@ -749,7 +749,7 @@ describe('ユーザー', () => {
//#endregion
//#region ID指定検索(users/search-by-username-and-host)
test.each([
test.each([
{ label: '自分', parameters: { username: 'alice' }, user: (): User[] => [alice] },
{ label: '自分かつusernameが大文字', parameters: { username: 'ALICE' }, user: (): User[] => [alice] },
{ label: 'ローカルのフォロイーでノートなし', parameters: { username: 'userFollowedByAlice' }, user: (): User[] => [userFollowedByAlice] },
@ -788,7 +788,7 @@ describe('ユーザー', () => {
test('がよくリプライをするユーザーのリストを取得できる', async () => {
const parameters = { userId: alice.id, limit: 5 };
const response = await successfulApiCall({ endpoint: 'users/get-frequently-replied-users', parameters, user: alice });
const expected = await Promise.all(usersReplying.slice(0, parameters.limit).map(async (s, i) => ({
const expected = await Promise.all(usersReplying.slice(0, parameters.limit).map(async (s, i) => ({
user: await show(s.id, alice),
weight: (usersReplying.length - i) / usersReplying.length,
})));

6
packages/backend/test/tsconfig.json
View file

@ -9,9 +9,9 @@
"noFallthroughCasesInSwitch": true,
"declaration": false,
"sourceMap": true,
"target": "es2021",
"target": "ES2022",
"module": "es2020",
"moduleResolution": "node",
"moduleResolution": "node16",
"allowSyntheticDefaultImports": true,
"removeComments": false,
"noLib": false,
@ -39,6 +39,6 @@
"include": [
"./**/*.ts",
"../src/**/*.test.ts",
"../src/@types/**/*.ts",
"../src/@types/**/*.ts"
]
}

30
packages/backend/test/unit/RoleService.ts
View file

@ -4,7 +4,6 @@ import { jest } from '@jest/globals';
import { ModuleMocker } from 'jest-mock';
import { Test } from '@nestjs/testing';
import * as lolex from '@sinonjs/fake-timers';
import rndstr from 'rndstr';
import { GlobalModule } from '@/GlobalModule.js';
import { RoleService } from '@/core/RoleService.js';
import type { Role, RolesRepository, RoleAssignmentsRepository, UsersRepository, User } from '@/models/index.js';
@ -14,6 +13,7 @@ import { genAid } from '@/misc/id/aid.js';
import { CacheService } from '@/core/CacheService.js';
import { IdService } from '@/core/IdService.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
import { sleep } from '../utils.js';
import type { TestingModule } from '@nestjs/testing';
import type { MockFunctionMetadata } from 'jest-mock';
@ -30,7 +30,7 @@ describe('RoleService', () => {
let clock: lolex.InstalledClock;
function createUser(data: Partial<User> = {}) {
const un = rndstr('a-z0-9', 16);
const un = secureRndstr(16);
return usersRepository.insert({
id: genAid(new Date()),
createdAt: new Date(),
@ -106,19 +106,19 @@ describe('RoleService', () => {
});
describe('getUserPolicies', () => {
test('instance default policies', async () => {
test('instance default policies', async () => {
const user = await createUser();
metaService.fetch.mockResolvedValue({
policies: {
canManageCustomEmojis: false,
},
} as any);
const result = await roleService.getUserPolicies(user.id);
expect(result.canManageCustomEmojis).toBe(false);
});
test('instance default policies 2', async () => {
const user = await createUser();
metaService.fetch.mockResolvedValue({
@ -126,12 +126,12 @@ describe('RoleService', () => {
canManageCustomEmojis: true,
},
} as any);
const result = await roleService.getUserPolicies(user.id);
expect(result.canManageCustomEmojis).toBe(true);
});
test('with role', async () => {
const user = await createUser();
const role = await createRole({
@ -150,9 +150,9 @@ describe('RoleService', () => {
canManageCustomEmojis: false,
},
} as any);
const result = await roleService.getUserPolicies(user.id);
expect(result.canManageCustomEmojis).toBe(true);
});
@ -185,9 +185,9 @@ describe('RoleService', () => {
driveCapacityMb: 50,
},
} as any);
const result = await roleService.getUserPolicies(user.id);
expect(result.driveCapacityMb).toBe(100);
});
@ -226,7 +226,7 @@ describe('RoleService', () => {
canManageCustomEmojis: false,
},
} as any);
const user1Policies = await roleService.getUserPolicies(user1.id);
const user2Policies = await roleService.getUserPolicies(user2.id);
expect(user1Policies.canManageCustomEmojis).toBe(false);
@ -251,7 +251,7 @@ describe('RoleService', () => {
canManageCustomEmojis: false,
},
} as any);
const result = await roleService.getUserPolicies(user.id);
expect(result.canManageCustomEmojis).toBe(true);

10
packages/backend/test/unit/activitypub.ts
View file

@ -1,7 +1,6 @@
process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import rndstr from 'rndstr';
import { Test } from '@nestjs/testing';
import { jest } from '@jest/globals';
@ -13,13 +12,14 @@ import { CoreModule } from '@/core/CoreModule.js';
import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
import { LoggerService } from '@/core/LoggerService.js';
import type { IActor } from '@/core/activitypub/type.js';
import { MockResolver } from '../misc/mock-resolver.js';
import { Note } from '@/models/index.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
import { MockResolver } from '../misc/mock-resolver.js';
const host = 'https://host1.test';
function createRandomActor(): IActor & { id: string } {
const preferredUsername = `${rndstr('A-Z', 4)}${rndstr('a-z', 4)}`;
const preferredUsername = secureRndstr(8);
const actorId = `${host}/users/${preferredUsername.toLowerCase()}`;
return {
@ -61,7 +61,7 @@ describe('ActivityPub', () => {
const post = {
'@context': 'https://www.w3.org/ns/activitystreams',
id: `${host}/users/${rndstr('0-9a-z', 8)}`,
id: `${host}/users/${secureRndstr(8)}`,
type: 'Note',
attributedTo: actor.id,
to: 'https://www.w3.org/ns/activitystreams#Public',
@ -94,7 +94,7 @@ describe('ActivityPub', () => {
test('Truncate long name', async () => {
const actor = {
...createRandomActor(),
name: rndstr('0-9a-z', 129),
name: secureRndstr(129),
};
resolver._register(actor.id, actor);

22
packages/backend/test/utils.ts
View file

@ -83,7 +83,7 @@ const relativeFetch = async (path: string, init?: RequestInit | undefined) => {
return await fetch(new URL(path, `http://127.0.0.1:${port}/`).toString(), init);
};
export const signup = async (params?: any): Promise<any> => {
export const signup = async (params?: Partial<misskey.Endpoints['signup']['req']>): Promise<NonNullable<misskey.Endpoints['signup']['res']>> => {
const q = Object.assign({
username: 'test',
password: 'test',
@ -213,8 +213,8 @@ export const role = async (user: any, role: any = {}, policies: any = {}): Promi
isPublic: false,
name: 'New Role',
target: 'manual',
policies: {
...Object.entries(DEFAULT_POLICIES).map(([k, v]) => [k, {
policies: {
...Object.entries(DEFAULT_POLICIES).map(([k, v]) => [k, {
priority: 0,
useDefault: true,
value: v,
@ -351,11 +351,11 @@ export const waitFire = async (user: any, channel: string, trgr: () => any, cond
});
};
export type SimpleGetResponse = {
status: number,
body: any | JSDOM | null,
type: string | null,
location: string | null
export type SimpleGetResponse = {
status: number,
body: any | JSDOM | null,
type: string | null,
location: string | null
};
export const simpleGet = async (path: string, accept = '*/*', cookie: any = undefined): Promise<SimpleGetResponse> => {
const res = await relativeFetch(path, {
@ -374,9 +374,9 @@ export const simpleGet = async (path: string, accept = '*/*', cookie: any = unde
'text/html; charset=utf-8',
];
const body =
jsonTypes.includes(res.headers.get('content-type') ?? '') ? await res.json() :
htmlTypes.includes(res.headers.get('content-type') ?? '') ? new JSDOM(await res.text()) :
const body =
jsonTypes.includes(res.headers.get('content-type') ?? '') ? await res.json() :
htmlTypes.includes(res.headers.get('content-type') ?? '') ? new JSDOM(await res.text()) :
null;
return {

6
packages/backend/tsconfig.json
View file

@ -9,9 +9,9 @@
"noFallthroughCasesInSwitch": true,
"declaration": false,
"sourceMap": false,
"target": "es2021",
"module": "esnext",
"moduleResolution": "node",
"target": "ES2022",
"module": "ESNext",
"moduleResolution": "node16",
"allowSyntheticDefaultImports": true,
"removeComments": false,
"noLib": false,

33
packages/cherrypick-js/etc/cherrypick-js.api.md
View file

@ -1984,6 +1984,19 @@ export type Endpoints = {
req: TODO;
res: TODO;
};
'signup': {
req: {
username: string;
password: string;
host?: string;
invitationCode?: string;
emailAddress?: string;
'hcaptcha-response'?: string;
'g-recaptcha-response'?: string;
'turnstile-response'?: string;
};
res: MeSignup | null;
};
'stats': {
req: NoParams;
res: Stats;
@ -2201,6 +2214,8 @@ declare namespace entities {
UserGroup,
UserList,
MeDetailed,
MeDetailedWithSecret,
MeSignup,
DriveFile,
DriveFolder,
GalleryPost,
@ -2418,6 +2433,22 @@ type MeDetailed = UserDetailed & {
[other: string]: any;
};
// @public (undocumented)
type MeDetailedWithSecret = MeDetailed & {
email: string;
emailVerified: boolean;
securityKeysList: {
id: string;
name: string;
lastUsed: string;
}[];
};
// @public (undocumented)
type MeSignup = MeDetailedWithSecret & {
token: string;
};
// @public (undocumented)
type MessagingMessage = {
id: ID;
@ -2769,7 +2800,7 @@ type UserSorting = '+follower' | '-follower' | '+createdAt' | '-createdAt' | '+u
//
// src/api.types.ts:16:32 - (ae-forgotten-export) The symbol "TODO" needs to be exported by the entry point index.d.ts
// src/api.types.ts:18:25 - (ae-forgotten-export) The symbol "NoParams" needs to be exported by the entry point index.d.ts
// src/api.types.ts:616:18 - (ae-forgotten-export) The symbol "ShowUserReq" needs to be exported by the entry point index.d.ts
// src/api.types.ts:631:18 - (ae-forgotten-export) The symbol "ShowUserReq" needs to be exported by the entry point index.d.ts
// src/streaming.types.ts:33:4 - (ae-forgotten-export) The symbol "FIXME" needs to be exported by the entry point index.d.ts
// (No @packageDocumentation comment for this package)

18
packages/cherrypick-js/package.json
View file

@ -1,6 +1,6 @@
{
"name": "cherrypick-js",
"version": "0.0.15-cherrypick.1",
"version": "0.0.16-cherrypick.1",
"description": "CherryPick SDK for JavaScript",
"main": "./built/index.js",
"types": "./built/index.d.ts",
@ -20,26 +20,26 @@
"url": "git+https://github.com/misskey-dev/misskey.js.git"
},
"devDependencies": {
"@microsoft/api-extractor": "7.34.7",
"@microsoft/api-extractor": "7.36.0",
"@swc/jest": "0.2.26",
"@types/jest": "29.5.1",
"@types/node": "18.16.3",
"@typescript-eslint/eslint-plugin": "5.59.5",
"@typescript-eslint/parser": "5.59.5",
"eslint": "8.40.0",
"@types/jest": "29.5.2",
"@types/node": "20.3.1",
"@typescript-eslint/eslint-plugin": "5.60.0",
"@typescript-eslint/parser": "5.60.0",
"eslint": "8.43.0",
"jest": "29.5.0",
"jest-fetch-mock": "3.0.3",
"jest-websocket-mock": "2.4.0",
"mock-socket": "9.2.1",
"tsd": "0.28.1",
"typescript": "5.0.4"
"typescript": "5.1.3"
},
"files": [
"built"
],
"dependencies": {
"@swc/cli": "0.1.62",
"@swc/core": "1.3.56",
"@swc/core": "1.3.66",
"eventemitter3": "5.0.1",
"reconnecting-websocket": "4.4.0"
}

17
packages/cherrypick-js/src/api.types.ts
View file

@ -2,7 +2,7 @@ import type {
Ad, Announcement, Antenna, App, AuthSession, Blocking, Channel, Clip, DateString, DetailedInstanceMetadata, DriveFile, DriveFolder, Following, FollowingFolloweePopulated, FollowingFollowerPopulated, FollowRequest, GalleryPost, Instance,
LiteInstanceMetadata,
MeDetailed,
Note, NoteFavorite, OriginType, Page, ServerInfo, Stats, User, UserDetailed, UserGroup, UserList, UserSorting, Notification, NoteReaction, Signin, MessagingMessage,
Note, NoteFavorite, OriginType, Page, ServerInfo, Stats, User, UserDetailed, MeSignup, UserGroup, UserList, UserSorting, Notification, NoteReaction, Signin, MessagingMessage,
} from './entities.js';
type TODO = Record<string, any> | null;
@ -569,6 +569,21 @@ export type Endpoints = {
'room/show': { req: TODO; res: TODO; };
'room/update': { req: TODO; res: TODO; };
// signup
'signup': {
req: {
username: string;
password: string;
host?: string;
invitationCode?: string;
emailAddress?: string;
'hcaptcha-response'?: string;
'g-recaptcha-response'?: string;
'turnstile-response'?: string;
};
res: MeSignup | null;
};
// stats
'stats': { req: NoParams; res: Stats; };

14
packages/cherrypick-js/src/entities.ts
View file

@ -107,6 +107,20 @@ export type MeDetailed = UserDetailed & {
[other: string]: any;
};
export type MeDetailedWithSecret = MeDetailed & {
email: string;
emailVerified: boolean;
securityKeysList: {
id: string;
name: string;
lastUsed: string;
}[];
};
export type MeSignup = MeDetailedWithSecret & {
token: string;
};
export type DriveFile = {
id: ID;
createdAt: DateString;

4
packages/cherrypick-js/tsconfig.json
View file

@ -1,9 +1,9 @@
{
"$schema": "http://json.schemastore.org/tsconfig",
"compilerOptions": {
"target": "es2022",
"target": "ES2022",
"module": "ES2020",
"moduleResolution": "node",
"moduleResolution": "node16",
"declaration": true,
"declarationMap": true,
"sourceMap": true,

48
packages/frontend/package.json
View file

@ -20,9 +20,9 @@
"@rollup/plugin-replace": "5.0.2",
"@rollup/pluginutils": "5.0.2",
"@syuilo/aiscript": "0.13.3",
"@tabler/icons-webfont": "2.21.0",
"@tabler/icons-webfont": "2.22.0",
"@vitejs/plugin-vue": "4.2.3",
"@vue-macros/reactivity-transform": "0.3.9",
"@vue-macros/reactivity-transform": "0.3.10",
"@vue/compiler-sfc": "3.3.4",
"astring": "1.8.6",
"autosize": "6.0.1",
@ -37,14 +37,14 @@
"chartjs-plugin-zoom": "2.0.1",
"cherrypick-js": "workspace:*",
"cherrypick-mfm-js": "github:kokonect-link/mfm.js",
"chromatic": "6.18.0",
"chromatic": "6.19.9",
"compare-versions": "5.0.3",
"cropperjs": "2.0.0-beta.2",
"cropperjs": "2.0.0-beta.3",
"date-fns": "2.30.0",
"escape-regexp": "0.0.1",
"estree-walker": "^3.0.3",
"eventemitter3": "5.0.1",
"gsap": "3.11.5",
"gsap": "3.12.1",
"idb-keyval": "6.2.1",
"insert-text-at-cursor": "0.3.0",
"is-file-animated": "1.0.2",
@ -55,12 +55,10 @@
"prismjs": "1.29.0",
"punycode": "2.3.0",
"querystring": "0.2.1",
"rndstr": "1.0.0",
"rollup": "3.23.0",
"rollup": "3.25.1",
"s-age": "1.1.2",
"sanitize-html": "2.10.0",
"sass": "1.62.1",
"seedrandom": "3.0.5",
"sanitize-html": "2.11.0",
"sass": "1.63.6",
"strict-event-emitter-types": "2.0.0",
"syuilo-password-strength": "0.0.1",
"temml": "0.10.0",
@ -106,32 +104,30 @@
"@types/gulp-rename": "2.0.2",
"@types/matter-js": "0.18.5",
"@types/micromatch": "4.0.2",
"@types/node": "20.2.5",
"@types/node": "20.3.1",
"@types/punycode": "2.1.0",
"@types/sanitize-html": "2.9.0",
"@types/seedrandom": "3.0.5",
"@types/testing-library__jest-dom": "^5.14.6",
"@types/throttle-debounce": "5.0.0",
"@types/tinycolor2": "1.4.3",
"@types/uuid": "9.0.1",
"@types/uuid": "9.0.2",
"@types/websocket": "1.0.5",
"@types/ws": "8.5.4",
"@typescript-eslint/eslint-plugin": "5.59.8",
"@typescript-eslint/parser": "5.59.8",
"@vitest/coverage-c8": "0.31.4",
"@types/ws": "8.5.5",
"@typescript-eslint/eslint-plugin": "5.60.0",
"@typescript-eslint/parser": "5.60.0",
"@vitest/coverage-v8": "0.32.2",
"@vue/runtime-core": "3.3.4",
"acorn": "^8.8.2",
"acorn": "8.9.0",
"chokidar-cli": "3.0.0",
"cross-env": "7.0.3",
"cypress": "12.13.0",
"eslint": "8.41.0",
"cypress": "12.15.0",
"eslint": "8.43.0",
"eslint-plugin-import": "2.27.5",
"eslint-plugin-storybook": "^0.6.12",
"eslint-plugin-vue": "9.14.1",
"eslint-plugin-vue": "9.15.0",
"fast-glob": "3.2.12",
"happy-dom": "9.20.3",
"micromatch": "3.1.10",
"msw": "1.2.1",
"msw": "1.2.2",
"msw-storybook-addon": "1.8.0",
"prettier": "2.8.8",
"react": "18.2.0",
@ -141,9 +137,9 @@
"storybook-addon-misskey-theme": "github:misskey-dev/storybook-addon-misskey-theme",
"summaly": "github:misskey-dev/summaly",
"vite-plugin-turbosnap": "1.0.2",
"vitest": "0.31.4",
"vitest": "0.32.2",
"vitest-fetch-mock": "0.2.2",
"vue-eslint-parser": "9.3.0",
"vue-tsc": "1.6.5"
"vue-eslint-parser": "9.3.1",
"vue-tsc": "1.8.1"
}
}

6
packages/frontend/src/pages/user/home.vue
View file

@ -46,8 +46,10 @@
</div>
<div v-if="user.roles.length > 0" class="roles">
<span v-for="role in user.roles" :key="role.id" v-tooltip="role.description" class="role" :style="{ '--color': role.color }">
<img v-if="role.iconUrl" style="height: 1.3em; vertical-align: -22%;" :src="role.iconUrl"/>
{{ role.name }}
<MkA v-adaptive-bg :to="`/roles/${role.id}`">
<img v-if="role.iconUrl" style="height: 1.3em; vertical-align: -22%;" :src="role.iconUrl"/>
{{ role.name }}
</MkA>
</span>
</div>
<div v-if="iAmModerator" class="moderationNote">

17
packages/frontend/src/ui/deck.vue
View file

@ -4,12 +4,13 @@
<div :class="$style.main">
<XStatusBars/>
<div ref="columnsEl" :class="[$style.sections, { [$style.center]: deckStore.reactiveState.columnAlign.value === 'center', [$style.snapScroll]: snapScroll }]" @contextmenu.self.prevent="onContextmenu">
<div ref="columnsEl" :class="[$style.sections, { [$style.center]: deckStore.reactiveState.columnAlign.value === 'center', [$style.snapScroll]: snapScroll }]" @contextmenu.self.prevent="onContextmenu" @wheel.self="onWheel">
<!-- sectionを利用しているのはdeck.vue側でcolumnに対してfirst-of-typeを効かせるため -->
<section
v-for="ids in layout"
:class="$style.section"
:style="columns.filter(c => ids.includes(c.id)).some(c => c.flexible) ? { flex: 1, minWidth: '350px' } : { width: Math.max(...columns.filter(c => ids.includes(c.id)).map(c => c.width)) + 'px' }"
@wheel.self="onWheel"
>
<component
:is="columnComponents[columns.find(c => c.id === id)!.type] ?? XTlColumn"
@ -19,6 +20,7 @@
:class="$style.column"
:column="columns.find(c => c.id === id)"
:isStacked="ids.length > 1"
@headerWheel="onWheel"
/>
</section>
<div v-if="layout.length === 0" class="_panel" :class="$style.onboarding">
@ -196,15 +198,14 @@ const onContextmenu = (ev) => {
}], ev);
};
document.documentElement.style.overflowY = 'hidden';
document.documentElement.style.scrollBehavior = 'auto';
window.addEventListener('wheel', (ev) => {
if (ev.target === columnsEl && ev.deltaX === 0) {
columnsEl.scrollLeft += ev.deltaY;
} else if (getScrollContainer(ev.target as HTMLElement) == null && ev.deltaX === 0) {
function onWheel(ev: WheelEvent) {
if (ev.deltaX === 0) {
columnsEl.scrollLeft += ev.deltaY;
}
});
}
document.documentElement.style.overflowY = 'hidden';
document.documentElement.style.scrollBehavior = 'auto';
loadDeck();

5
packages/frontend/src/ui/deck/column.vue
View file

@ -12,6 +12,7 @@
@dragstart="onDragstart"
@dragend="onDragend"
@contextmenu.prevent.stop="onContextmenu"
@wheel="emit('headerWheel', $event)"
>
<svg viewBox="0 0 256 128" :class="$style.tabShape">
<g transform="matrix(6.2431,0,0,6.2431,-677.417,-29.3839)">
@ -56,6 +57,10 @@ const props = withDefaults(defineProps<{
naked: false,
});
const emit = defineEmits<{
(ev: 'headerWheel', ctx: WheelEvent): void;
}>();
let body = $shallowRef<HTMLDivElement | null>();
let dragging = $ref(false);

16
packages/frontend/src/workers/test-webgl2.ts
View file

@ -1,13 +1,7 @@
try {
// throw ReferenceError in Safari <= 16.3
const canvas = new OffscreenCanvas(1, 1);
const gl = canvas.getContext('webgl2');
if (gl) {
postMessage({ result: true });
} else {
postMessage({ result: false });
}
} catch (err) {
// assert(e instanceof ReferenceError)
const canvas = globalThis.OffscreenCanvas && new OffscreenCanvas(1, 1);
const gl = canvas?.getContext('webgl2');
if (gl) {
postMessage({ result: true });
} else {
postMessage({ result: false });
}

8
packages/frontend/test/tsconfig.json
View file

@ -9,9 +9,9 @@
"noFallthroughCasesInSwitch": true,
"declaration": false,
"sourceMap": true,
"target": "es2021",
"target": "ES2022",
"module": "es2020",
"moduleResolution": "node",
"moduleResolution": "node16",
"allowSyntheticDefaultImports": true,
"removeComments": false,
"noLib": false,
@ -27,7 +27,7 @@
"@/*": ["../src/*"]
},
"typeRoots": [
"../node_modules/@types",
"../node_modules/@types"
],
"lib": [
"esnext",
@ -38,6 +38,6 @@
"compileOnSave": false,
"include": [
"./**/*.ts",
"../src/**/*.vue",
"../src/**/*.vue"
]
}

10
packages/frontend/tsconfig.json
View file

@ -9,9 +9,9 @@
"noFallthroughCasesInSwitch": true,
"declaration": false,
"sourceMap": false,
"target": "es2021",
"target": "ES2022",
"module": "esnext",
"moduleResolution": "node",
"moduleResolution": "node16",
"removeComments": false,
"noLib": false,
"strict": true,
@ -23,12 +23,12 @@
"useDefineForClassFields": true,
"baseUrl": ".",
"paths": {
"@/*": ["./src/*"],
"@/*": ["./src/*"]
},
"typeRoots": [
"node_modules/@types",
"node_modules/@vue-macros",
"@types",
"@types"
],
"types": [
"vite/client",
@ -47,6 +47,6 @@
"./**/*.vue"
],
"exclude": [
".storybook/**/*",
".storybook/**/*"
]
}

6
packages/sw/package.json
View file

@ -14,10 +14,10 @@
"cherrypick-js": "workspace:*"
},
"devDependencies": {
"@typescript-eslint/parser": "5.59.5",
"@typescript-eslint/parser": "5.60.0",
"@typescript/lib-webworker": "npm:@types/serviceworker@0.0.67",
"eslint": "8.40.0",
"eslint": "8.43.0",
"eslint-plugin-import": "2.27.5",
"typescript": "5.0.4"
"typescript": "5.1.3"
}
}

8
packages/sw/tsconfig.json
View file

@ -9,9 +9,9 @@
"noFallthroughCasesInSwitch": true,
"declaration": false,
"sourceMap": false,
"target": "es2021",
"target": "ES2022",
"module": "esnext",
"moduleResolution": "node",
"moduleResolution": "node16",
"removeComments": false,
"noLib": false,
"strict": true,
@ -21,11 +21,11 @@
"isolatedModules": true,
"baseUrl": ".",
"paths": {
"@/*": ["./src/*"],
"@/*": ["./src/*"]
},
"typeRoots": [
"node_modules/@types",
"@types",
"@types"
],
"lib": [
"esnext",

2672
pnpm-lock.yaml
View file

File diff suppressed because it is too large Load diff