diff options
| author | Hazelnoot <acomputerdog@gmail.com> | 2025-02-11 10:52:52 -0500 |
|---|---|---|
| committer | Hazelnoot <acomputerdog@gmail.com> | 2025-02-11 10:52:52 -0500 |
| commit | feb80ee992c8cf2d719b089023b1352052aaad2d (patch) | |
| tree | d4559dc61e763b8b431abeaa8e0a3c30663dadaf /packages/backend/src/server/api/endpoints | |
| parent | Merge branch 'develop' into merge/2024-02-03 (diff) | |
| parent | merge: Cleanup and bulk fixes to Mastodon API (resolves #495, #509, #707, #7... (diff) | |
| download | sharkey-feb80ee992c8cf2d719b089023b1352052aaad2d.tar.gz sharkey-feb80ee992c8cf2d719b089023b1352052aaad2d.tar.bz2 sharkey-feb80ee992c8cf2d719b089023b1352052aaad2d.zip | |
Merge branch 'develop' into merge/2024-02-03
Diffstat (limited to 'packages/backend/src/server/api/endpoints')
3 files changed, 39 insertions, 4 deletions
diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts index 19ca3ceb8e..fc19e18e59 100644 --- a/packages/backend/src/server/api/endpoints/ap/show.ts +++ b/packages/backend/src/server/api/endpoints/ap/show.ts @@ -4,11 +4,10 @@ */ import { Inject, Injectable } from '@nestjs/common'; -import ms from 'ms'; import { Endpoint } from '@/server/api/endpoint-base.js'; import type { MiNote } from '@/models/Note.js'; import type { MiLocalUser, MiUser } from '@/models/User.js'; -import { isActor, isPost, getApId } from '@/core/activitypub/type.js'; +import { isActor, isPost, getApId, getNullableApId, ObjectWithId } from '@/core/activitypub/type.js'; import type { SchemaType } from '@/misc/json-schema.js'; import { ApResolverService } from '@/core/activitypub/ApResolverService.js'; import { ApDbResolverService } from '@/core/activitypub/ApDbResolverService.js'; @@ -18,6 +17,8 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { UtilityService } from '@/core/UtilityService.js'; import { bindThis } from '@/decorators.js'; +import { ApRequestService } from '@/core/activitypub/ApRequestService.js'; +import { InstanceActorService } from '@/core/InstanceActorService.js'; import { ApiError } from '../../error.js'; import { IdentifiableError } from '@/misc/identifiable-error.js'; @@ -27,9 +28,10 @@ export const meta = { requireCredential: true, kind: 'read:account', + // Up to 30 calls, then 1 per 1/2 second limit: { - duration: ms('1minute'), max: 30, + dripRate: 500, }, errors: { @@ -120,6 +122,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint- private apDbResolverService: ApDbResolverService, private apPersonService: ApPersonService, private apNoteService: ApNoteService, + private readonly apRequestService: ApRequestService, + private readonly instanceActorService: InstanceActorService, ) { super(meta, paramDef, async (ps, me) => { const object = await this.fetchAny(ps.uri, me); @@ -146,6 +150,12 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint- ])); if (local != null) return local; + // No local object found with that uri. + // Before we fetch, resolve the URI in case it has a cross-origin redirect or anything like that. + // Resolver.resolve() uses strict verification, which is overly paranoid for a user-provided lookup. + uri = await this.resolveCanonicalUri(uri); // eslint-disable-line no-param-reassign + if (!this.utilityService.isFederationAllowedUri(uri)) return null; + const host = this.utilityService.extractDbHost(uri); // local object, not found in db? fail @@ -228,4 +238,13 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint- return null; } + + /** + * Resolves an arbitrary URI to its canonical, post-redirect form. + */ + private async resolveCanonicalUri(uri: string): Promise<string> { + const user = await this.instanceActorService.getInstanceActor(); + const res = await this.apRequestService.signedGet(uri, user, true) as ObjectWithId; + return getNullableApId(res) ?? uri; + } } diff --git a/packages/backend/src/server/api/endpoints/notes/search-by-tag.ts b/packages/backend/src/server/api/endpoints/notes/search-by-tag.ts index 227ac0ebbf..6bba7bf37e 100644 --- a/packages/backend/src/server/api/endpoints/notes/search-by-tag.ts +++ b/packages/backend/src/server/api/endpoints/notes/search-by-tag.ts @@ -87,7 +87,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint- ) { super(meta, paramDef, async (ps, me) => { const query = this.queryService.makePaginationQuery(this.notesRepository.createQueryBuilder('note'), ps.sinceId, ps.untilId) - .andWhere('note.visibility = \'public\'') + .andWhere("note.visibility IN ('public', 'home')") // keep in sync with NoteCreateService call to `hashtagService.updateHashtags()` .innerJoinAndSelect('note.user', 'user') .leftJoinAndSelect('note.reply', 'reply') .leftJoinAndSelect('note.renote', 'renote') diff --git a/packages/backend/src/server/api/endpoints/users/relation.ts b/packages/backend/src/server/api/endpoints/users/relation.ts index e659c46713..c7016d8d32 100644 --- a/packages/backend/src/server/api/endpoints/users/relation.ts +++ b/packages/backend/src/server/api/endpoints/users/relation.ts @@ -58,6 +58,14 @@ export const meta = { type: 'boolean', optional: false, nullable: false, }, + isInstanceMuted: { + type: 'boolean', + optional: true, nullable: false, + }, + memo: { + type: 'string', + optional: true, nullable: true, + }, }, }, { @@ -103,6 +111,14 @@ export const meta = { type: 'boolean', optional: false, nullable: false, }, + isInstanceMuted: { + type: 'boolean', + optional: true, nullable: false, + }, + memo: { + type: 'string', + optional: true, nullable: true, + }, }, }, }, |