From a671f9102d5d3e212d1e621a435dd6a147c4e191 Mon Sep 17 00:00:00 2001 From: syuilo Date: Sun, 17 Apr 2022 13:31:45 +0900 Subject: refactor: fix type --- .../server/api/endpoints/admin/announcements/list.ts | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) (limited to 'packages/backend/src/server/api/endpoints/admin') diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts index 1d8eb1d618..7a5758d75b 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts @@ -1,5 +1,6 @@ -import define from '../../../define.js'; import { Announcements, AnnouncementReads } from '@/models/index.js'; +import { Announcement } from '@/models/entities/announcement.js'; +import define from '../../../define.js'; import { makePaginationQuery } from '../../../common/make-pagination-query.js'; export const meta = { @@ -68,11 +69,21 @@ export default define(meta, paramDef, async (ps) => { const announcements = await query.take(ps.limit).getMany(); + const reads = new Map(); + for (const announcement of announcements) { - (announcement as any).reads = await AnnouncementReads.countBy({ + reads.set(announcement, await AnnouncementReads.countBy({ announcementId: announcement.id, - }); + })); } - return announcements; + return announcements.map(announcement => ({ + id: announcement.id, + createdAt: announcement.createdAt.toISOString(), + updatedAt: announcement.updatedAt?.toISOString() ?? null, + title: announcement.title, + text: announcement.text, + imageUrl: announcement.imageUrl, + reads: reads.get(announcement)!, + })); }); -- cgit v1.2.3-freya From 02bb36cdc47028bdd783b5ddc2a73ee31e8db068 Mon Sep 17 00:00:00 2001 From: syuilo Date: Sun, 17 Apr 2022 20:44:21 +0900 Subject: refactor: fix type --- .../src/remote/activitypub/kernel/move/index.ts | 0 .../src/remote/activitypub/models/person.ts | 4 +-- .../backend/src/server/activitypub/followers.ts | 24 ++++++-------- .../backend/src/server/activitypub/following.ts | 21 ++++-------- packages/backend/src/server/activitypub/outbox.ts | 37 +++++++++++----------- .../src/server/api/endpoints/admin/show-users.ts | 6 ++-- packages/backend/src/server/api/stream/index.ts | 2 +- 7 files changed, 41 insertions(+), 53 deletions(-) delete mode 100644 packages/backend/src/remote/activitypub/kernel/move/index.ts (limited to 'packages/backend/src/server/api/endpoints/admin') diff --git a/packages/backend/src/remote/activitypub/kernel/move/index.ts b/packages/backend/src/remote/activitypub/kernel/move/index.ts deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/packages/backend/src/remote/activitypub/models/person.ts b/packages/backend/src/remote/activitypub/models/person.ts index 4267f46fb3..f722e74702 100644 --- a/packages/backend/src/remote/activitypub/models/person.ts +++ b/packages/backend/src/remote/activitypub/models/person.ts @@ -271,7 +271,7 @@ export async function createPerson(uri: string, resolver?: Resolver): Promise): Promise { +export async function updatePerson(uri: string, resolver?: Resolver | null, hint?: IObject): Promise { if (typeof uri !== 'string') throw new Error('uri is not string'); // URIがこのサーバーを指しているならスキップ @@ -289,7 +289,7 @@ export async function updatePerson(uri: string, resolver?: Resolver | null, hint if (resolver == null) resolver = new Resolver(); - const object = hint || await resolver.resolve(uri) as any; + const object = hint || await resolver.resolve(uri); const person = validateActor(object, uri); diff --git a/packages/backend/src/server/activitypub/followers.ts b/packages/backend/src/server/activitypub/followers.ts index 4d4f733162..beb48713a6 100644 --- a/packages/backend/src/server/activitypub/followers.ts +++ b/packages/backend/src/server/activitypub/followers.ts @@ -1,32 +1,26 @@ import Router from '@koa/router'; +import { FindOptionsWhere, IsNull, LessThan } from 'typeorm'; import config from '@/config/index.js'; -import $ from 'cafy'; -import { ID } from '@/misc/cafy-id.js'; import * as url from '@/prelude/url.js'; import { renderActivity } from '@/remote/activitypub/renderer/index.js'; import renderOrderedCollection from '@/remote/activitypub/renderer/ordered-collection.js'; import renderOrderedCollectionPage from '@/remote/activitypub/renderer/ordered-collection-page.js'; import renderFollowUser from '@/remote/activitypub/renderer/follow-user.js'; -import { setResponseType } from '../activitypub.js'; import { Users, Followings, UserProfiles } from '@/models/index.js'; -import { IsNull, LessThan } from 'typeorm'; +import { Following } from '@/models/entities/following.js'; +import { setResponseType } from '../activitypub.js'; export default async (ctx: Router.RouterContext) => { const userId = ctx.params.user; - // Get 'cursor' parameter - const [cursor, cursorErr] = $.default.optional.type(ID).get(ctx.request.query.cursor); - - // Get 'page' parameter - const pageErr = !$.default.optional.str.or(['true', 'false']).ok(ctx.request.query.page); - const page: boolean = ctx.request.query.page === 'true'; - - // Validate parameters - if (cursorErr || pageErr) { + const cursor = ctx.request.query.cursor; + if (cursor != null && typeof cursor !== 'string') { ctx.status = 400; return; } + const page = ctx.request.query.page === 'true'; + const user = await Users.findOneBy({ id: userId, host: IsNull(), @@ -57,7 +51,7 @@ export default async (ctx: Router.RouterContext) => { if (page) { const query = { followeeId: user.id, - } as any; + } as FindOptionsWhere; // カーソルが指定されている場合 if (cursor) { @@ -86,7 +80,7 @@ export default async (ctx: Router.RouterContext) => { inStock ? `${partOf}?${url.query({ page: 'true', cursor: followings[followings.length - 1].id, - })}` : undefined + })}` : undefined, ); ctx.body = renderActivity(rendered); diff --git a/packages/backend/src/server/activitypub/following.ts b/packages/backend/src/server/activitypub/following.ts index 0af1f424f9..3a25a6316c 100644 --- a/packages/backend/src/server/activitypub/following.ts +++ b/packages/backend/src/server/activitypub/following.ts @@ -1,33 +1,26 @@ import Router from '@koa/router'; +import { LessThan, IsNull, FindOptionsWhere } from 'typeorm'; import config from '@/config/index.js'; -import $ from 'cafy'; -import { ID } from '@/misc/cafy-id.js'; import * as url from '@/prelude/url.js'; import { renderActivity } from '@/remote/activitypub/renderer/index.js'; import renderOrderedCollection from '@/remote/activitypub/renderer/ordered-collection.js'; import renderOrderedCollectionPage from '@/remote/activitypub/renderer/ordered-collection-page.js'; import renderFollowUser from '@/remote/activitypub/renderer/follow-user.js'; -import { setResponseType } from '../activitypub.js'; import { Users, Followings, UserProfiles } from '@/models/index.js'; -import { LessThan, IsNull, FindOptionsWhere } from 'typeorm'; import { Following } from '@/models/entities/following.js'; +import { setResponseType } from '../activitypub.js'; export default async (ctx: Router.RouterContext) => { const userId = ctx.params.user; - // Get 'cursor' parameter - const [cursor, cursorErr] = $.default.optional.type(ID).get(ctx.request.query.cursor); - - // Get 'page' parameter - const pageErr = !$.default.optional.str.or(['true', 'false']).ok(ctx.request.query.page); - const page: boolean = ctx.request.query.page === 'true'; - - // Validate parameters - if (cursorErr || pageErr) { + const cursor = ctx.request.query.cursor; + if (cursor != null && typeof cursor !== 'string') { ctx.status = 400; return; } + const page = ctx.request.query.page === 'true'; + const user = await Users.findOneBy({ id: userId, host: IsNull(), @@ -87,7 +80,7 @@ export default async (ctx: Router.RouterContext) => { inStock ? `${partOf}?${url.query({ page: 'true', cursor: followings[followings.length - 1].id, - })}` : undefined + })}` : undefined, ); ctx.body = renderActivity(rendered); diff --git a/packages/backend/src/server/activitypub/outbox.ts b/packages/backend/src/server/activitypub/outbox.ts index 6b9592bcf3..7a2586998a 100644 --- a/packages/backend/src/server/activitypub/outbox.ts +++ b/packages/backend/src/server/activitypub/outbox.ts @@ -1,36 +1,37 @@ import Router from '@koa/router'; +import { Brackets, IsNull } from 'typeorm'; import config from '@/config/index.js'; -import $ from 'cafy'; -import { ID } from '@/misc/cafy-id.js'; import { renderActivity } from '@/remote/activitypub/renderer/index.js'; import renderOrderedCollection from '@/remote/activitypub/renderer/ordered-collection.js'; import renderOrderedCollectionPage from '@/remote/activitypub/renderer/ordered-collection-page.js'; -import { setResponseType } from '../activitypub.js'; import renderNote from '@/remote/activitypub/renderer/note.js'; import renderCreate from '@/remote/activitypub/renderer/create.js'; import renderAnnounce from '@/remote/activitypub/renderer/announce.js'; import { countIf } from '@/prelude/array.js'; import * as url from '@/prelude/url.js'; import { Users, Notes } from '@/models/index.js'; -import { makePaginationQuery } from '../api/common/make-pagination-query.js'; -import { Brackets, IsNull } from 'typeorm'; import { Note } from '@/models/entities/note.js'; +import { makePaginationQuery } from '../api/common/make-pagination-query.js'; +import { setResponseType } from '../activitypub.js'; export default async (ctx: Router.RouterContext) => { const userId = ctx.params.user; - // Get 'sinceId' parameter - const [sinceId, sinceIdErr] = $.default.optional.type(ID).get(ctx.request.query.since_id); + const sinceId = ctx.request.query.since_id; + if (sinceId != null && typeof sinceId !== 'string') { + ctx.status = 400; + return; + } - // Get 'untilId' parameter - const [untilId, untilIdErr] = $.default.optional.type(ID).get(ctx.request.query.until_id); + const untilId = ctx.request.query.until_id; + if (untilId != null && typeof untilId !== 'string') { + ctx.status = 400; + return; + } - // Get 'page' parameter - const pageErr = !$.default.optional.str.or(['true', 'false']).ok(ctx.request.query.page); - const page: boolean = ctx.request.query.page === 'true'; + const page = ctx.request.query.page === 'true'; - // Validate parameters - if (sinceIdErr || untilIdErr || pageErr || countIf(x => x != null, [sinceId, untilId]) > 1) { + if (countIf(x => x != null, [sinceId, untilId]) > 1) { ctx.status = 400; return; } @@ -52,8 +53,8 @@ export default async (ctx: Router.RouterContext) => { const query = makePaginationQuery(Notes.createQueryBuilder('note'), sinceId, untilId) .andWhere('note.userId = :userId', { userId: user.id }) .andWhere(new Brackets(qb => { qb - .where(`note.visibility = 'public'`) - .orWhere(`note.visibility = 'home'`); + .where('note.visibility = \'public\'') + .orWhere('note.visibility = \'home\''); })) .andWhere('note.localOnly = FALSE'); @@ -76,7 +77,7 @@ export default async (ctx: Router.RouterContext) => { notes.length ? `${partOf}?${url.query({ page: 'true', until_id: notes[notes.length - 1].id, - })}` : undefined + })}` : undefined, ); ctx.body = renderActivity(rendered); @@ -85,7 +86,7 @@ export default async (ctx: Router.RouterContext) => { // index page const rendered = renderOrderedCollection(partOf, user.notesCount, `${partOf}?page=true`, - `${partOf}?page=true&since_id=000000000000000000000000` + `${partOf}?page=true&since_id=000000000000000000000000`, ); ctx.body = renderActivity(rendered); ctx.set('Cache-Control', 'public, max-age=180'); diff --git a/packages/backend/src/server/api/endpoints/admin/show-users.ts b/packages/backend/src/server/api/endpoints/admin/show-users.ts index 2703b4b9db..1575d81d5d 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-users.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-users.ts @@ -1,5 +1,5 @@ -import define from '../../define.js'; import { Users } from '@/models/index.js'; +import define from '../../define.js'; export const meta = { tags: ['admin'], @@ -24,8 +24,8 @@ export const paramDef = { limit: { type: 'integer', minimum: 1, maximum: 100, default: 10 }, offset: { type: 'integer', default: 0 }, sort: { type: 'string', enum: ['+follower', '-follower', '+createdAt', '-createdAt', '+updatedAt', '-updatedAt'] }, - state: { type: 'string', enum: ['all', 'available', 'admin', 'moderator', 'adminOrModerator', 'silenced', 'suspended'], default: "all" }, - origin: { type: 'string', enum: ['combined', 'local', 'remote'], default: "local" }, + state: { type: 'string', enum: ['all', 'alive', 'available', 'admin', 'moderator', 'adminOrModerator', 'silenced', 'suspended'], default: 'all' }, + origin: { type: 'string', enum: ['combined', 'local', 'remote'], default: 'local' }, username: { type: 'string', nullable: true, default: null }, hostname: { type: 'string', diff --git a/packages/backend/src/server/api/stream/index.ts b/packages/backend/src/server/api/stream/index.ts index 7077047b76..2d23145f14 100644 --- a/packages/backend/src/server/api/stream/index.ts +++ b/packages/backend/src/server/api/stream/index.ts @@ -19,7 +19,7 @@ import { StreamEventEmitter, StreamMessages } from './types.js'; */ export default class Connection { public user?: User; - public userProfile?: UserProfile; + public userProfile?: UserProfile | null; public following: Set = new Set(); public muting: Set = new Set(); public blocking: Set = new Set(); // "被"blocking -- cgit v1.2.3-freya From aaf5bb62abd6c1daefc675a7aa7eebfac561fb3a Mon Sep 17 00:00:00 2001 From: Johann150 Date: Thu, 19 May 2022 09:54:45 +0200 Subject: enhance: uniform theme color (#8702) * enhance: make theme color format uniform All newly fetched instance theme colors will be uniformely formatted as hashtag followed by 6 hexadecimal digits. Colors are checked for validity and invalid colors are not handled. * better input validation for own theme color * migration to unify theme color formats Fixes theme colors of other instances as well as the local instance. * add changelog entry Co-authored-by: syuilo --- CHANGELOG.md | 3 ++ .../migration/1652859567549-uniform-themecolor.js | 38 ++++++++++++++++++++++ .../src/server/api/endpoints/admin/update-meta.ts | 2 +- .../src/services/fetch-instance-metadata.ts | 14 +++----- 4 files changed, 47 insertions(+), 10 deletions(-) create mode 100644 packages/backend/migration/1652859567549-uniform-themecolor.js (limited to 'packages/backend/src/server/api/endpoints/admin') diff --git a/CHANGELOG.md b/CHANGELOG.md index fb8b8fdee6..21ae948d0a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,9 @@ You should also include the user name that made the change. - update dependencies @syuilo - enhance: display URL of QR code for TOTP registration @syuilo - make CAPTCHA required for signin to improve security @syuilo +- The theme color is now better validated. @Johann150 + Your own theme color may be unset if it was in an invalid format. + Admins should check their instance settings if in doubt. - Perform port diagnosis at startup only when Listen fails @mei23 ### Bugfixes diff --git a/packages/backend/migration/1652859567549-uniform-themecolor.js b/packages/backend/migration/1652859567549-uniform-themecolor.js new file mode 100644 index 0000000000..bc47143e54 --- /dev/null +++ b/packages/backend/migration/1652859567549-uniform-themecolor.js @@ -0,0 +1,38 @@ +import tinycolor from 'tinycolor2'; + +export class uniformThemecolor1652859567549 { + name = 'uniformThemecolor1652859567549' + + async up(queryRunner) { + const formatColor = (color) => { + let tc = new tinycolor(color); + if (color.isValid()) { + return color.toHexString(); + } else { + return null; + } + }; + + await Promise.all(queryRunner.query('SELECT "id", "themeColor" FROM "instance" WHERE "themeColor" IS NOT NULL') + .then(instances => instances.map(instance => { + // update theme color to uniform format, e.g. #00ff00 + // invalid theme colors get set to null + instance.color = formatColor(instance.color); + + return queryRunner.query('UPDATE "instance" SET "themeColor" = :themeColor WHERE "id" = :id', instance); + }))); + + // also fix own theme color + await queryRunner.query('SELECT "themeColor" FROM "meta" WHERE "themeColor" IS NOT NULL LIMIT 1') + .then(metas => { + if (metas.length > 0) { + return queryRunner.query('UPDATE "meta" SET "themeColor" = :color', { color: formatColor(metas[0].color) }); + } + }); + } + + async down(queryRunner) { + // The original representation is not stored, so migrating back is not possible. + // The new format also works in older versions so this is not a problem. + } +} diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index b23ee9e3df..09e43301b7 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -27,7 +27,7 @@ export const paramDef = { blockedHosts: { type: 'array', nullable: true, items: { type: 'string', } }, - themeColor: { type: 'string', nullable: true }, + themeColor: { type: 'string', nullable: true, pattern: '^#[0-9a-fA-F]{6}$' }, mascotImageUrl: { type: 'string', nullable: true }, bannerUrl: { type: 'string', nullable: true }, errorImageUrl: { type: 'string', nullable: true }, diff --git a/packages/backend/src/services/fetch-instance-metadata.ts b/packages/backend/src/services/fetch-instance-metadata.ts index d5294c5fe8..029c388dc2 100644 --- a/packages/backend/src/services/fetch-instance-metadata.ts +++ b/packages/backend/src/services/fetch-instance-metadata.ts @@ -1,5 +1,6 @@ import { DOMWindow, JSDOM } from 'jsdom'; import fetch from 'node-fetch'; +import tinycolor from 'tinycolor2'; import { getJson, getHtml, getAgentByUrl } from '@/misc/fetch.js'; import { Instance } from '@/models/entities/instance.js'; import { Instances } from '@/models/index.js'; @@ -208,16 +209,11 @@ async function fetchIconUrl(instance: Instance, doc: DOMWindow['document'] | nul } async function getThemeColor(doc: DOMWindow['document'] | null, manifest: Record | null): Promise { - if (doc) { - const themeColor = doc.querySelector('meta[name="theme-color"]')?.getAttribute('content'); + const themeColor = doc?.querySelector('meta[name="theme-color"]')?.getAttribute('content') || manifest?.theme_color; - if (themeColor) { - return themeColor; - } - } - - if (manifest) { - return manifest.theme_color; + if (themeColor) { + const color = new tinycolor(themeColor); + if (color.isValid()) return color.toHexString(); } return null; -- cgit v1.2.3-freya From 6061937996ec90c4d59cab5d199760bc20ffae6e Mon Sep 17 00:00:00 2001 From: PikaDude Date: Sat, 4 Jun 2022 00:14:50 +1000 Subject: User moderation details (#8762) * add more user details for admins to see * fix some issues * small style fix as suggested by Johann150 Co-authored-by: Johann150 * fix Co-authored-by: Johann150 Co-authored-by: Johann150 --- .../src/server/api/endpoints/admin/show-user.ts | 42 +++++++++++++++++++--- packages/client/src/pages/user-info.vue | 3 ++ 2 files changed, 40 insertions(+), 5 deletions(-) (limited to 'packages/backend/src/server/api/endpoints/admin') diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts index bf6cc16532..78033aed58 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts @@ -1,5 +1,5 @@ +import { Signins, UserProfiles, Users } from '@/models/index.js'; import define from '../../define.js'; -import { Users } from '@/models/index.js'; export const meta = { tags: ['admin'], @@ -23,9 +23,12 @@ export const paramDef = { // eslint-disable-next-line import/no-default-export export default define(meta, paramDef, async (ps, me) => { - const user = await Users.findOneBy({ id: ps.userId }); + const [user, profile] = await Promise.all([ + Users.findOneBy({ id: ps.userId }), + UserProfiles.findOneBy({ userId: ps.userId }) + ]); - if (user == null) { + if (user == null || profile == null) { throw new Error('user not found'); } @@ -34,8 +37,37 @@ export default define(meta, paramDef, async (ps, me) => { throw new Error('cannot show info of admin'); } + if (!_me.isAdmin) { + return { + isModerator: user.isModerator, + isSilenced: user.isSilenced, + isSuspended: user.isSuspended, + }; + } + + const maskedKeys = ['accessToken', 'accessTokenSecret', 'refreshToken']; + Object.keys(profile.integrations).forEach(integration => { + maskedKeys.forEach(key => profile.integrations[integration][key] = ''); + }); + + const signins = await Signins.findBy({ userId: user.id }); + return { - ...user, - token: user.token != null ? '' : user.token, + email: profile.email, + emailVerified: profile.emailVerified, + autoAcceptFollowed: profile.autoAcceptFollowed, + noCrawle: profile.noCrawle, + alwaysMarkNsfw: profile.alwaysMarkNsfw, + carefulBot: profile.carefulBot, + injectFeaturedNote: profile.injectFeaturedNote, + receiveAnnouncementEmail: profile.receiveAnnouncementEmail, + integrations: profile.integrations, + mutedWords: profile.mutedWords, + mutedInstances: profile.mutedInstances, + mutingNotificationTypes: profile.mutingNotificationTypes, + isModerator: user.isModerator, + isSilenced: user.isSilenced, + isSuspended: user.isSuspended, + signins, }; }); diff --git a/packages/client/src/pages/user-info.vue b/packages/client/src/pages/user-info.vue index 1b2682ed29..54e1f13021 100644 --- a/packages/client/src/pages/user-info.vue +++ b/packages/client/src/pages/user-info.vue @@ -54,6 +54,9 @@ {{ $ts.updateRemoteUser }} + + + -- cgit v1.2.3-freya