fix(backend): 一部policyがリモートユーザーに適用されない問題を修正 (MisskeyIO#693)
This commit is contained in:
parent
cd2c14d205
commit
1c58ea0253
@ -253,6 +253,11 @@ export class NoteCreateService implements OnApplicationShutdown {
|
||||
const meta = await this.metaService.fetch();
|
||||
const policies = await this.roleService.getUserPolicies(user.id);
|
||||
|
||||
if (!policies.canCreateContent) {
|
||||
this.logger.error('Request rejected because user has no permission to create content', { user: user.id, note: data });
|
||||
throw new IdentifiableError('5b1c2b67-50a6-4a8a-a59c-0ede40890de3', 'User has no permission to create content.');
|
||||
}
|
||||
|
||||
if (data.visibility === 'public' && data.channel == null) {
|
||||
const sensitiveWords = meta.sensitiveWords;
|
||||
if (this.utilityService.isKeyWordIncluded(data.cw ?? this.utilityService.concatNoteContentsForKeyWordCheck({ text: data.text, pollChoices: data.poll?.choices }), sensitiveWords)) {
|
||||
|
@ -116,8 +116,13 @@ export class ReactionService {
|
||||
if (!await this.noteEntityService.isVisibleForMe(note, user.id)) {
|
||||
throw new IdentifiableError('68e9d2d1-48bf-42c2-b90a-b20e09fd3d48', 'Note not accessible for you.');
|
||||
}
|
||||
|
||||
const policies = await this.roleService.getUserPolicies(user.id);
|
||||
|
||||
if (!policies.canUpdateContent) {
|
||||
throw new IdentifiableError('cf63c2de-0df1-4db5-9fff-b2110b6e5450', 'User has no permission to update content.');
|
||||
}
|
||||
|
||||
let reaction = _reaction ?? FALLBACK;
|
||||
if (note.reactionAcceptance === 'likeOnly' || !policies.canUseReaction || ((note.reactionAcceptance === 'likeOnlyForRemote' || note.reactionAcceptance === 'nonSensitiveOnlyForLocalLikeOnlyForRemote') && (user.host != null))) {
|
||||
reaction = '\u2764';
|
||||
|
Loading…
Reference in New Issue
Block a user