oscar-surf/misskey
oscar-surf/misskey
0
0
Fork 0
Code Issues Pull Requests Packages Releases 2 Activity

feat: ロールによるコンテンツの操作の制限 (#120)

Browse Source
This commit is contained in:
まっちゃとーにゅ 2023-07-28 04:21:59 +09:00 committed by GitHub
parent 0bed053b7d
commit 46f8a0435c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
91 changed files with 228 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
locales/en-US.yml
View File

@ -1404,6 +1404,9 @@ _role:
gtlAvailable: "Can view the global timeline"
ltlAvailable: "Can view the local timeline"
canPublicNote: "Can send public notes"
canCreateContent: "Can create contents"
canUpdateContent: "Can edit contents"
canDeleteContent: "Can delete contents"
canInvite: "Can create instance invite codes"
inviteLimit: "Invite limit"
inviteLimitCycle: "Invite limit cooldown"

3
locales/index.d.ts vendored
View File

@ -1490,6 +1490,9 @@ export interface Locale {
"gtlAvailable": string;
"ltlAvailable": string;
"canPublicNote": string;
"canCreateContent": string;
"canUpdateContent": string;
"canDeleteContent": string;
"canInvite": string;
"inviteLimit": string;
"inviteLimitCycle": string;

3
locales/ja-JP.yml
View File

@ -1412,6 +1412,9 @@ _role:
gtlAvailable: "グローバルタイムラインの閲覧"
ltlAvailable: "ローカルタイムラインの閲覧"
canPublicNote: "パブリック投稿の許可"
canCreateContent: "コンテンツの作成"
canUpdateContent: "コンテンツの編集"
canDeleteContent: "コンテンツの削除"
canInvite: "サーバー招待コードの発行"
inviteLimit: "招待コードの作成可能数"
inviteLimitCycle: "招待コードの発行間隔"

9
packages/backend/src/core/RoleService.ts
View File

@ -20,6 +20,9 @@ export type RolePolicies = {
gtlAvailable: boolean;
ltlAvailable: boolean;
canPublicNote: boolean;
canCreateContent: boolean;
canUpdateContent: boolean;
canDeleteContent: boolean;
canInvite: boolean;
inviteLimit: number;
inviteLimitCycle: number;
@ -44,6 +47,9 @@ export const DEFAULT_POLICIES: RolePolicies = {
gtlAvailable: true,
ltlAvailable: true,
canPublicNote: true,
canCreateContent: true,
canUpdateContent: true,
canDeleteContent: true,
canInvite: false,
inviteLimit: 0,
inviteLimitCycle: 60 * 24 * 7,
@ -287,6 +293,9 @@ export class RoleService implements OnApplicationShutdown {
gtlAvailable: calc('gtlAvailable', vs => vs.some(v => v === true)),
ltlAvailable: calc('ltlAvailable', vs => vs.some(v => v === true)),
canPublicNote: calc('canPublicNote', vs => vs.some(v => v === true)),
canCreateContent: calc('canCreateContent', vs => vs.some(v => v === true)),
canUpdateContent: calc('canUpdateContent', vs => vs.some(v => v === true)),
canDeleteContent: calc('canDeleteContent', vs => vs.some(v => v === true)),
canInvite: calc('canInvite', vs => vs.some(v => v === true)),
inviteLimit: calc('inviteLimit', vs => Math.max(...vs)),
inviteLimitCycle: calc('inviteLimitCycle', vs => Math.max(...vs)),

10
packages/backend/src/core/entities/UserEntityService.ts
View File

@ -351,8 +351,9 @@ export class UserEntityService implements OnModuleInit {
(profile.ffVisibility === 'followers') && (relation && relation.isFollowing) ? user.followersCount :
null;
const isModerator = isMe && opts.detail ? this.roleService.isModerator(user) : null;
const isAdmin = isMe && opts.detail ? this.roleService.isAdministrator(user) : null;
const isModerator = isMe && opts.detail ? await this.roleService.isModerator(user) : null;
const isAdmin = isMe && opts.detail ? await this.roleService.isAdministrator(user) : null;
const policies = opts.detail ? await this.roleService.getUserPolicies(user.id) : null;
const falsy = opts.detail ? false : undefined;
@ -396,7 +397,8 @@ export class UserEntityService implements OnModuleInit {
bannerUrl: user.bannerUrl,
bannerBlurhash: user.bannerBlurhash,
isLocked: user.isLocked,
isSilenced: this.roleService.getUserPolicies(user.id).then(r => !r.canPublicNote),
isSilenced: !policies?.canPublicNote,
isLimited: !(policies?.canCreateContent && policies.canUpdateContent && policies.canDeleteContent),
isSuspended: user.isSuspended ?? falsy,
description: profile!.description,
location: profile!.location,
@ -473,7 +475,7 @@ export class UserEntityService implements OnModuleInit {
emailNotificationTypes: profile!.emailNotificationTypes,
achievements: profile!.achievements,
loggedInDays: profile!.loggedInDates.length,
policies: this.roleService.getUserPolicies(user.id),
policies: policies,
} : {}),
...(opts.includeSecrets ? {

4
packages/backend/src/models/json-schema/user.ts
View File

@ -121,6 +121,10 @@ export const packedUserDetailedNotMeOnlySchema = {
type: 'boolean',
nullable: false, optional: false,
},
isLimited: {
type: 'boolean',
nullable: false, optional: false,
},
isSuspended: {
type: 'boolean',
nullable: false, optional: false,

5
packages/backend/src/server/api/endpoints/admin/show-user.ts
View File

@ -51,8 +51,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
throw new Error('user not found');
}
const policies = await this.roleService.getUserPolicies(user.id);
const isModerator = await this.roleService.isModerator(user);
const isSilenced = !(await this.roleService.getUserPolicies(user.id)).canPublicNote;
const isLimited = !(policies.canCreateContent && policies.canUpdateContent && policies.canDeleteContent);
const isSilenced = !policies.canPublicNote;
const _me = await this.usersRepository.findOneByOrFail({ id: me.id });
if (!await this.roleService.isAdministrator(_me) && await this.roleService.isAdministrator(user)) {
@ -80,6 +82,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
mutingNotificationTypes: profile.mutingNotificationTypes,
isModerator: isModerator,
isSilenced: isSilenced,
isLimited: isLimited,
isSuspended: user.isSuspended,
lastActiveDate: user.lastActiveDate,
moderationNote: profile.moderationNote ?? '',

1
packages/backend/src/server/api/endpoints/antennas/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['antennas'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/antennas/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['antennas'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/antennas/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['antennas'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/blocking/create.ts
View File

@ -17,6 +17,7 @@ export const meta = {
},
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:blocks',

1
packages/backend/src/server/api/endpoints/blocking/delete.ts
View File

@ -17,6 +17,7 @@ export const meta = {
},
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:blocks',

1
packages/backend/src/server/api/endpoints/channels/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/channels/favorite.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/channels/follow.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/channels/unfavorite.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/channels/unfollow.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/channels/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['channels'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:channels',

1
packages/backend/src/server/api/endpoints/clips/add-note.ts
View File

@ -14,6 +14,7 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/clips/create.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['clips'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/clips/delete.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['clips'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/clips/remove-note.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['account', 'notes', 'clips'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/clips/unfavorite.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['clip'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/clips/update.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['clips'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/drive/files/create.ts
View File

@ -14,6 +14,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/drive/files/delete.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:drive',

1
packages/backend/src/server/api/endpoints/drive/files/update.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:drive',

1
packages/backend/src/server/api/endpoints/drive/files/upload-from-url.ts
View File

@ -18,6 +18,7 @@ export const meta = {
description: 'Request the server to download a new drive file from the specified URL.',
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/drive/folders/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
kind: 'write:drive',

1
packages/backend/src/server/api/endpoints/drive/folders/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:drive',

1
packages/backend/src/server/api/endpoints/drive/folders/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['drive'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:drive',

1
packages/backend/src/server/api/endpoints/flash/create.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['flash'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/flash/delete.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['flashs'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:flash',

1
packages/backend/src/server/api/endpoints/flash/like.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['flash'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/flash/unlike.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['flash'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/flash/update.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['flash'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/gallery/posts/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['gallery'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/gallery/posts/delete.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['gallery'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:gallery',

1
packages/backend/src/server/api/endpoints/gallery/posts/like.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['gallery'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/gallery/posts/unlike.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['gallery'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/gallery/posts/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['gallery'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/i/delete-account.ts
View File

@ -7,6 +7,7 @@ import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
secure: true,
} as const;

2
packages/backend/src/server/api/endpoints/i/import-antennas.ts
View File

@ -11,6 +11,8 @@ import { ApiError } from '../../error.js';
export const meta = {
secure: true,
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,
limit: {

2
packages/backend/src/server/api/endpoints/i/import-blocking.ts
View File

@ -10,6 +10,8 @@ import { ApiError } from '../../error.js';
export const meta = {
secure: true,
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
limit: {

2
packages/backend/src/server/api/endpoints/i/import-muting.ts
View File

@ -10,6 +10,8 @@ import { ApiError } from '../../error.js';
export const meta = {
secure: true,
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
limit: {

3
packages/backend/src/server/api/endpoints/i/import-user-lists.ts
View File

@ -10,7 +10,10 @@ import { ApiError } from '../../error.js';
export const meta = {
secure: true,
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,
limit: {
duration: ms('1hour'),
max: 1,

3
packages/backend/src/server/api/endpoints/i/move.ts
View File

@ -23,7 +23,10 @@ export const meta = {
secure: true,
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
limit: {
duration: ms('1day'),
max: 5,

2
packages/backend/src/server/api/endpoints/i/pin.ts
View File

@ -8,6 +8,8 @@ export const meta = {
tags: ['account', 'notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/i/unpin.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['account', 'notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

5
packages/backend/src/server/api/endpoints/i/update-email.ts
View File

@ -12,10 +12,11 @@ import { L_CHARS, secureRndstr } from '@/misc/secure-rndstr.js';
import { ApiError } from '../../error.js';
export const meta = {
requireCredential: true,
secure: true,
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
limit: {
duration: ms('1hour'),
max: 3,

1
packages/backend/src/server/api/endpoints/i/update.ts
View File

@ -30,6 +30,7 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/i/webhooks/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['webhooks'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/i/webhooks/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['webhooks'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/i/webhooks/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['webhooks'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

2
packages/backend/src/server/api/endpoints/mute/create.ts
View File

@ -11,6 +11,8 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
kind: 'write:mutes',

1
packages/backend/src/server/api/endpoints/mute/delete.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:mutes',

1
packages/backend/src/server/api/endpoints/notes/create.ts
View File

@ -17,6 +17,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/notes/delete.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:notes',

2
packages/backend/src/server/api/endpoints/notes/favorites/create.ts
View File

@ -12,6 +12,8 @@ export const meta = {
tags: ['notes', 'favorites'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
kind: 'write:favorites',

1
packages/backend/src/server/api/endpoints/notes/favorites/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['notes', 'favorites'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:favorites',

1
packages/backend/src/server/api/endpoints/notes/polls/vote.ts
View File

@ -16,6 +16,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/notes/reactions/create.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['reactions', 'notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/notes/reactions/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['reactions', 'notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:reactions',

1
packages/backend/src/server/api/endpoints/notes/thread-muting/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/notes/thread-muting/delete.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/notes/unrenote.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['notes'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:notes',

1
packages/backend/src/server/api/endpoints/pages/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['pages'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/pages/delete.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['pages'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:pages',

1
packages/backend/src/server/api/endpoints/pages/like.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['pages'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/pages/unlike.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['pages'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/pages/update.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['pages'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

2
packages/backend/src/server/api/endpoints/renote-mute/create.ts
View File

@ -13,6 +13,8 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,
kind: 'write:mutes',

1
packages/backend/src/server/api/endpoints/renote-mute/delete.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:mutes',

3
packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts
View File

@ -12,7 +12,10 @@ import { UserListService } from '@/core/UserListService.js';
export const meta = {
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,
res: {
type: 'object',
optional: false, nullable: false,

1
packages/backend/src/server/api/endpoints/users/lists/create.ts
View File

@ -12,6 +12,7 @@ export const meta = {
tags: ['lists'],
requireCredential: true,
requireRolePolicy: 'canCreateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/users/lists/delete.ts
View File

@ -8,6 +8,7 @@ export const meta = {
tags: ['lists'],
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
kind: 'write:account',

2
packages/backend/src/server/api/endpoints/users/lists/favorite.ts
View File

@ -7,6 +7,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
errors: {
noSuchList: {
message: 'No such user list.',

1
packages/backend/src/server/api/endpoints/users/lists/pull.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['lists', 'users'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

1
packages/backend/src/server/api/endpoints/users/lists/push.ts
View File

@ -11,6 +11,7 @@ export const meta = {
tags: ['lists', 'users'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
prohibitMoved: true,

2
packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts
View File

@ -6,6 +6,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
errors: {
noSuchList: {
message: 'No such user list.',

1
packages/backend/src/server/api/endpoints/users/lists/update.ts
View File

@ -9,6 +9,7 @@ export const meta = {
tags: ['lists'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

1
packages/backend/src/server/api/endpoints/users/update-memo.ts
View File

@ -10,6 +10,7 @@ export const meta = {
tags: ['account'],
requireCredential: true,
requireRolePolicy: 'canUpdateContent',
kind: 'write:account',

2
packages/backend/test/e2e/users.ts
View File

@ -91,6 +91,7 @@ describe('ユーザー', () => {
bannerBlurhash: user.bannerBlurhash,
isLocked: user.isLocked,
isSilenced: user.isSilenced,
isLimited: user.isLimited,
isSuspended: user.isSuspended,
description: user.description,
location: user.location,
@ -356,6 +357,7 @@ describe('ユーザー', () => {
assert.strictEqual(response.bannerBlurhash, null);
assert.strictEqual(response.isLocked, false);
assert.strictEqual(response.isSilenced, false);
assert.strictEqual(response.isLimited, false);
assert.strictEqual(response.isSuspended, false);
assert.strictEqual(response.description, null);
assert.strictEqual(response.location, null);

1
packages/frontend/.storybook/fakes.ts
View File

@ -99,6 +99,7 @@ export function userDetailed(id = 'someuserid', username = 'miskist', host = 'mi
isModerator: false,
isMuted: false,
isSilenced: false,
isLimited: false,
isSuspended: false,
lang: 'en',
location: 'Fediverse',

2
packages/frontend/src/components/MkUserCardMini.vue
View File

@ -1,5 +1,5 @@
<template>
<div v-adaptive-bg :class="[$style.root, { yellow: user.isSilenced, red: user.isSuspended, gray: false }]">
<div v-adaptive-bg :class="[$style.root, { yellow: user.isSilenced, gray: user.isLimited, red: user.isSuspended }]">
<MkAvatar class="avatar" :user="user" indicator/>
<div class="body">
<span class="name"><MkUserName class="name" :user="user"/></span>

3
packages/frontend/src/const.ts
View File

@ -56,6 +56,9 @@ export const ROLE_POLICIES = [
'gtlAvailable',
'ltlAvailable',
'canPublicNote',
'canCreateContent',
'canUpdateContent',
'canDeleteContent',
'canInvite',
'inviteLimit',
'inviteLimitCycle',

60
packages/frontend/src/pages/admin/roles.editor.vue
View File

@ -155,6 +155,66 @@
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canCreateContent, 'canCreateContent'])">
<template #label>{{ i18n.ts._role._options.canCreateContent }}</template>
<template #suffix>
<span v-if="role.policies.canCreateContent.useDefault" :class="$style.useDefaultLabel">{{ i18n.ts._role.useBaseValue }}</span>
<span v-else>{{ role.policies.canCreateContent.value ? i18n.ts.yes : i18n.ts.no }}</span>
<span :class="$style.priorityIndicator"><i :class="getPriorityIcon(role.policies.canCreateContent)"></i></span>
</template>
<div class="_gaps">
<MkSwitch v-model="role.policies.canCreateContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts._role.useBaseValue }}</template>
</MkSwitch>
<MkSwitch v-model="role.policies.canCreateContent.value" :disabled="role.policies.canCreateContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
<MkRange v-model="role.policies.canCreateContent.priority" :min="0" :max="2" :step="1" easing :textConverter="(v) => v === 0 ? i18n.ts._role._priority.low : v === 1 ? i18n.ts._role._priority.middle : v === 2 ? i18n.ts._role._priority.high : ''">
<template #label>{{ i18n.ts._role.priority }}</template>
</MkRange>
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canUpdateContent, 'canUpdateContent'])">
<template #label>{{ i18n.ts._role._options.canUpdateContent }}</template>
<template #suffix>
<span v-if="role.policies.canUpdateContent.useDefault" :class="$style.useDefaultLabel">{{ i18n.ts._role.useBaseValue }}</span>
<span v-else>{{ role.policies.canUpdateContent.value ? i18n.ts.yes : i18n.ts.no }}</span>
<span :class="$style.priorityIndicator"><i :class="getPriorityIcon(role.policies.canUpdateContent)"></i></span>
</template>
<div class="_gaps">
<MkSwitch v-model="role.policies.canUpdateContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts._role.useBaseValue }}</template>
</MkSwitch>
<MkSwitch v-model="role.policies.canUpdateContent.value" :disabled="role.policies.canUpdateContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
<MkRange v-model="role.policies.canUpdateContent.priority" :min="0" :max="2" :step="1" easing :textConverter="(v) => v === 0 ? i18n.ts._role._priority.low : v === 1 ? i18n.ts._role._priority.middle : v === 2 ? i18n.ts._role._priority.high : ''">
<template #label>{{ i18n.ts._role.priority }}</template>
</MkRange>
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canDeleteContent, 'canDeleteContent'])">
<template #label>{{ i18n.ts._role._options.canDeleteContent }}</template>
<template #suffix>
<span v-if="role.policies.canDeleteContent.useDefault" :class="$style.useDefaultLabel">{{ i18n.ts._role.useBaseValue }}</span>
<span v-else>{{ role.policies.canDeleteContent.value ? i18n.ts.yes : i18n.ts.no }}</span>
<span :class="$style.priorityIndicator"><i :class="getPriorityIcon(role.policies.canDeleteContent)"></i></span>
</template>
<div class="_gaps">
<MkSwitch v-model="role.policies.canDeleteContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts._role.useBaseValue }}</template>
</MkSwitch>
<MkSwitch v-model="role.policies.canDeleteContent.value" :disabled="role.policies.canDeleteContent.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
<MkRange v-model="role.policies.canDeleteContent.priority" :min="0" :max="2" :step="1" easing :textConverter="(v) => v === 0 ? i18n.ts._role._priority.low : v === 1 ? i18n.ts._role._priority.middle : v === 2 ? i18n.ts._role._priority.high : ''">
<template #label>{{ i18n.ts._role.priority }}</template>
</MkRange>
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canInvite, 'canInvite'])">
<template #label>{{ i18n.ts._role._options.canInvite }}</template>
<template #suffix>

24
packages/frontend/src/pages/admin/roles.vue
View File

@ -43,6 +43,30 @@
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canCreateContent, 'canCreateContent'])">
<template #label>{{ i18n.ts._role._options.canCreateContent }}</template>
<template #suffix>{{ policies.canCreateContent ? i18n.ts.yes : i18n.ts.no }}</template>
<MkSwitch v-model="policies.canCreateContent">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canUpdateContent, 'canUpdateContent'])">
<template #label>{{ i18n.ts._role._options.canUpdateContent }}</template>
<template #suffix>{{ policies.canUpdateContent ? i18n.ts.yes : i18n.ts.no }}</template>
<MkSwitch v-model="policies.canUpdateContent">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canDeleteContent, 'canDeleteContent'])">
<template #label>{{ i18n.ts._role._options.canDeleteContent }}</template>
<template #suffix>{{ policies.canDeleteContent ? i18n.ts.yes : i18n.ts.no }}</template>
<MkSwitch v-model="policies.canDeleteContent">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canInvite, 'canInvite'])">
<template #label>{{ i18n.ts._role._options.canInvite }}</template>
<template #suffix>{{ policies.canInvite ? i18n.ts.yes : i18n.ts.no }}</template>

10
packages/frontend/src/pages/user-info.vue
View File

@ -11,6 +11,7 @@
<span class="sub"><span class="acct _monospace">@{{ acct(user) }}</span></span>
<span class="state">
<span v-if="suspended" class="suspended">Suspended</span>
<span v-if="limited" class="limited">Limited</span>
<span v-if="silenced" class="silenced">Silenced</span>
<span v-if="moderator" class="moderator">Moderator</span>
</span>
@ -219,6 +220,7 @@ let ips = $ref(null);
let ap = $ref(null);
let moderator = $ref(false);
let silenced = $ref(false);
let limited = $ref(false);
let suspended = $ref(false);
let moderationNote = $ref('');
const filesPagination = {
@ -244,6 +246,7 @@ function createFetcher() {
ips = _ips;
moderator = info.isModerator;
silenced = info.isSilenced;
limited = info.isLimited;
suspended = info.isSuspended;
moderationNote = info.moderationNote;
@ -485,7 +488,7 @@ definePageMetadata(computed(() => ({
display: none;
}
> .suspended, > .silenced, > .moderator {
> .suspended, > .limited, > .silenced, > .moderator {
display: inline-block;
border: solid 1px;
border-radius: 6px;
@ -498,6 +501,11 @@ definePageMetadata(computed(() => ({
border-color: var(--error);
}
> .limited {
color: var(--error);
border-color: var(--error);
}
> .silenced {
color: var(--warn);
border-color: var(--warn);

1
packages/misskey-js/etc/misskey-js.api.md
View File

@ -2770,6 +2770,7 @@ type UserDetailed = UserLite & {
isModerator: boolean;
isMuted: boolean;
isSilenced: boolean;
isLimited: boolean;
isSuspended: boolean;
lang: string | null;
lastFetchedAt?: DateString;

1
packages/misskey-js/src/entities.ts
View File

@ -53,6 +53,7 @@ export type UserDetailed = UserLite & {
isModerator: boolean;
isMuted: boolean;
isSilenced: boolean;
isLimited: boolean;
isSuspended: boolean;
lang: string | null;
lastFetchedAt?: DateString;