Merge branch 'develop'

7 files changed, 330 insertions, 1 deletions

diff --git a/src/server/api/endpoints/admin/ad/create.ts b/src/server/api/endpoints/admin/ad/create.ts
new file mode 100644
index 0000000000..7777e95e6e
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/create.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { Ads } from '../../../../../models';
+import { genId } from '@/misc/gen-id';
+
+export const meta = {
+	tags: ['admin'],
+
+	requireCredential: true as const,
+	requireModerator: true,
+
+	params: {
+		url: {
+			validator: $.str.min(1)
+		},
+		memo: {
+			validator: $.str
+		},
+		place: {
+			validator: $.str
+		},
+		priority: {
+			validator: $.str
+		},
+		expiresAt: {
+			validator: $.num.int()
+		},
+		imageUrl: {
+			validator: $.str.min(1)
+		}
+	},
+};
+
+export default define(meta, async (ps) => {
+	await Ads.insert({
+		id: genId(),
+		createdAt: new Date(),
+		expiresAt: new Date(ps.expiresAt),
+		url: ps.url,
+		imageUrl: ps.imageUrl,
+		priority: ps.priority,
+		place: ps.place,
+		memo: ps.memo,
+	});
+});
diff --git a/src/server/api/endpoints/admin/ad/delete.ts b/src/server/api/endpoints/admin/ad/delete.ts
new file mode 100644
index 0000000000..6a5f92193e
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/delete.ts
@@ -0,0 +1,34 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { ID } from '@/misc/cafy-id';
+import { Ads } from '../../../../../models';
+import { ApiError } from '../../../error';
+
+export const meta = {
+	tags: ['admin'],
+
+	requireCredential: true as const,
+	requireModerator: true,
+
+	params: {
+		id: {
+			validator: $.type(ID)
+		}
+	},
+
+	errors: {
+		noSuchAd: {
+			message: 'No such ad.',
+			code: 'NO_SUCH_AD',
+			id: 'ccac9863-3a03-416e-b899-8a64041118b1'
+		}
+	}
+};
+
+export default define(meta, async (ps, me) => {
+	const ad = await Ads.findOne(ps.id);
+
+	if (ad == null) throw new ApiError(meta.errors.noSuchAd);
+
+	await Ads.delete(ad.id);
+});
diff --git a/src/server/api/endpoints/admin/ad/list.ts b/src/server/api/endpoints/admin/ad/list.ts
new file mode 100644
index 0000000000..a323f2a9ed
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/list.ts
@@ -0,0 +1,36 @@
+import $ from 'cafy';
+import { ID } from '@/misc/cafy-id';
+import define from '../../../define';
+import { Ads } from '../../../../../models';
+import { makePaginationQuery } from '../../../common/make-pagination-query';
+
+export const meta = {
+	tags: ['admin'],
+
+	requireCredential: true as const,
+	requireModerator: true,
+
+	params: {
+		limit: {
+			validator: $.optional.num.range(1, 100),
+			default: 10
+		},
+
+		sinceId: {
+			validator: $.optional.type(ID),
+		},
+
+		untilId: {
+			validator: $.optional.type(ID),
+		},
+	},
+};
+
+export default define(meta, async (ps) => {
+	const query = makePaginationQuery(Ads.createQueryBuilder('ad'), ps.sinceId, ps.untilId)
+		.andWhere('ad.expiresAt > :now', { now: new Date() });
+
+	const ads = await query.take(ps.limit!).getMany();
+
+	return ads;
+});
diff --git a/src/server/api/endpoints/admin/ad/update.ts b/src/server/api/endpoints/admin/ad/update.ts
new file mode 100644
index 0000000000..694af98394
--- /dev/null
+++ b/src/server/api/endpoints/admin/ad/update.ts
@@ -0,0 +1,59 @@
+import $ from 'cafy';
+import define from '../../../define';
+import { ID } from '@/misc/cafy-id';
+import { Ads } from '../../../../../models';
+import { ApiError } from '../../../error';
+
+export const meta = {
+	tags: ['admin'],
+
+	requireCredential: true as const,
+	requireModerator: true,
+
+	params: {
+		id: {
+			validator: $.type(ID)
+		},
+		memo: {
+			validator: $.str
+		},
+		url: {
+			validator: $.str.min(1)
+		},
+		imageUrl: {
+			validator: $.str.min(1)
+		},
+		place: {
+			validator: $.str
+		},
+		priority: {
+			validator: $.str
+		},
+		expiresAt: {
+			validator: $.num.int()
+		},
+	},
+
+	errors: {
+		noSuchAd: {
+			message: 'No such ad.',
+			code: 'NO_SUCH_AD',
+			id: 'b7aa1727-1354-47bc-a182-3a9c3973d300'
+		}
+	}
+};
+
+export default define(meta, async (ps, me) => {
+	const ad = await Ads.findOne(ps.id);
+
+	if (ad == null) throw new ApiError(meta.errors.noSuchAd);
+
+	await Ads.update(ad.id, {
+		url: ps.url,
+		place: ps.place,
+		priority: ps.priority,
+		memo: ps.memo,
+		imageUrl: ps.imageUrl,
+		expiresAt: new Date(ps.expiresAt),
+	});
+});
diff --git a/src/server/api/endpoints/meta.ts b/src/server/api/endpoints/meta.ts
index 3760c8b37b..5b7292ef16 100644
--- a/src/server/api/endpoints/meta.ts
+++ b/src/server/api/endpoints/meta.ts
@@ -2,8 +2,9 @@ import $ from 'cafy';
 import config from '@/config';
 import define from '../define';
 import { fetchMeta } from '@/misc/fetch-meta';
-import { Emojis, Users } from '../../../models';
+import { Ads, Emojis, Users } from '../../../models';
 import { DB_MAX_NOTE_TEXT_LENGTH } from '@/misc/hard-limits';
+import { MoreThan } from 'typeorm';
 
 export const meta = {
 	desc: {
@@ -193,6 +194,30 @@ export const meta = {
 					}
 				}
 			},
+			ads: {
+				type: 'array' as const,
+				optional: false as const, nullable: false as const,
+				items: {
+					type: 'object' as const,
+					optional: false as const, nullable: false as const,
+					properties: {
+						place: {
+							type: 'string' as const,
+							optional: false as const, nullable: false as const
+						},
+						url: {
+							type: 'string' as const,
+							optional: false as const, nullable: false as const,
+							format: 'url'
+						},
+						imageUrl: {
+							type: 'string' as const,
+							optional: false as const, nullable: false as const,
+							format: 'url'
+						},
+					}
+				}
+			},
 			requireSetup: {
 				type: 'boolean' as const,
 				optional: false as const, nullable: false as const,
@@ -443,6 +468,12 @@ export default define(meta, async (ps, me) => {
 		}
 	});
 
+	const ads = await Ads.find({
+		where: {
+			expiresAt: MoreThan(new Date())
+		},
+	});
+
 	const response: any = {
 		maintainerName: instance.maintainerName,
 		maintainerEmail: instance.maintainerEmail,
@@ -477,6 +508,12 @@ export default define(meta, async (ps, me) => {
 		logoImageUrl: instance.logoImageUrl,
 		maxNoteTextLength: Math.min(instance.maxNoteTextLength, DB_MAX_NOTE_TEXT_LENGTH),
 		emojis: await Emojis.packMany(emojis),
+		ads: ads.map(ad => ({
+			url: ad.url,
+			place: ad.place,
+			priority: ad.priority,
+			imageUrl: ad.imageUrl,
+		})),
 		enableEmail: instance.enableEmail,
 
 		enableTwitterIntegration: instance.enableTwitterIntegration,
diff --git a/src/server/api/endpoints/request-reset-password.ts b/src/server/api/endpoints/request-reset-password.ts
new file mode 100644
index 0000000000..c880df7527
--- /dev/null
+++ b/src/server/api/endpoints/request-reset-password.ts
@@ -0,0 +1,73 @@
+import $ from 'cafy';
+import { publishMainStream } from '../../../services/stream';
+import define from '../define';
+import rndstr from 'rndstr';
+import config from '@/config';
+import * as ms from 'ms';
+import { Users, UserProfiles, PasswordResetRequests } from '../../../models';
+import { sendEmail } from '../../../services/send-email';
+import { ApiError } from '../error';
+import { genId } from '@/misc/gen-id';
+import { IsNull } from 'typeorm';
+
+export const meta = {
+	requireCredential: false as const,
+
+	limit: {
+		duration: ms('1hour'),
+		max: 3
+	},
+
+	params: {
+		username: {
+			validator: $.str
+		},
+
+		email: {
+			validator: $.str
+		},
+	},
+
+	errors: {
+
+	}
+};
+
+export default define(meta, async (ps) => {
+	const user = await Users.findOne({
+		usernameLower: ps.username.toLowerCase(),
+		host: IsNull()
+	});
+
+	// 合致するユーザーが登録されていなかったら無視
+	if (user == null) {
+		return;
+	}
+
+	const profile = await UserProfiles.findOneOrFail(user.id);
+
+	// 合致するメアドが登録されていなかったら無視
+	if (profile.email !== ps.email) {
+		return;
+	}
+
+	// メアドが認証されていなかったら無視
+	if (!profile.emailVerified) {
+		return;
+	}
+
+	const token = rndstr('a-z0-9', 64);
+
+	await PasswordResetRequests.insert({
+		id: genId(),
+		createdAt: new Date(),
+		userId: profile.userId,
+		token
+	});
+
+	const link = `${config.url}/reset-password/${token}`;
+
+	sendEmail(ps.email, 'Password reset requested',
+		`To reset password, please click this link:<br><a href="${link}">${link}</a>`,
+		`To reset password, please click this link: ${link}`);
+});
diff --git a/src/server/api/endpoints/reset-password.ts b/src/server/api/endpoints/reset-password.ts
new file mode 100644
index 0000000000..5f79bdbd00
--- /dev/null
+++ b/src/server/api/endpoints/reset-password.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import * as bcrypt from 'bcryptjs';
+import { publishMainStream } from '../../../services/stream';
+import define from '../define';
+import { Users, UserProfiles, PasswordResetRequests } from '../../../models';
+import { ApiError } from '../error';
+
+export const meta = {
+	requireCredential: false as const,
+
+	params: {
+		token: {
+			validator: $.str
+		},
+
+		password: {
+			validator: $.str
+		}
+	},
+
+	errors: {
+
+	}
+};
+
+export default define(meta, async (ps, user) => {
+	const req = await PasswordResetRequests.findOneOrFail({
+		token: ps.token,
+	});
+
+	// 発行してから30分以上経過していたら無効
+	if (Date.now() - req.createdAt.getTime() > 1000 * 60 * 30) {
+		throw new Error(); // TODO
+	}
+
+	// Generate hash of password
+	const salt = await bcrypt.genSalt(8);
+	const hash = await bcrypt.hash(ps.password, salt);
+
+	await UserProfiles.update(req.userId, {
+		password: hash
+	});
+
+	PasswordResetRequests.delete(req.id);
+});