Moderator system

Closes #2357

16 files changed, 111 insertions, 12 deletions

diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index 6252537c0e..a3953d0439 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -29,6 +29,10 @@ export default (endpoint: string, user: IUser, app: IApp, data: any, file?: any)
 		return rej('YOU_ARE_NOT_ADMIN');
 	}
 
+	if (ep.meta.requireModerator && !user.isAdmin && !user.isModerator) {
+		return rej('YOU_ARE_NOT_MODERATOR');
+	}
+
 	if (app && ep.meta.kind && !app.permission.some(p => p === ep.meta.kind)) {
 		return rej('PERMISSION_DENIED');
 	}
diff --git a/src/server/api/endpoints.ts b/src/server/api/endpoints.ts
index e764ac2e95..6765a63e9f 100644
--- a/src/server/api/endpoints.ts
+++ b/src/server/api/endpoints.ts
@@ -31,6 +31,11 @@ export interface IEndpointMeta {
 	requireAdmin?: boolean;
 
 	/**
+	 * 管理者またはモデレーターのみ使えるエンドポイントか否か
+	 */
+	requireModerator?: boolean;
+
+	/**
 	 * エンドポイントのリミテーションに関するやつ
 	 * 省略した場合はリミテーションは無いものとして解釈されます。
 	 * また、withCredential が false の場合はリミテーションを行うことはできません。
diff --git a/src/server/api/endpoints/admin/emoji/add.ts b/src/server/api/endpoints/admin/emoji/add.ts
index 4f9a84e67e..91b5ff62d7 100644
--- a/src/server/api/endpoints/admin/emoji/add.ts
+++ b/src/server/api/endpoints/admin/emoji/add.ts
@@ -8,7 +8,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		name: {
diff --git a/src/server/api/endpoints/admin/emoji/list.ts b/src/server/api/endpoints/admin/emoji/list.ts
index fd69fb0b29..428b274fed 100644
--- a/src/server/api/endpoints/admin/emoji/list.ts
+++ b/src/server/api/endpoints/admin/emoji/list.ts
@@ -8,7 +8,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		host: {
diff --git a/src/server/api/endpoints/admin/emoji/remove.ts b/src/server/api/endpoints/admin/emoji/remove.ts
index 32f1ced0c8..1d6ed11b63 100644
--- a/src/server/api/endpoints/admin/emoji/remove.ts
+++ b/src/server/api/endpoints/admin/emoji/remove.ts
@@ -9,7 +9,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		id: {
diff --git a/src/server/api/endpoints/admin/emoji/update.ts b/src/server/api/endpoints/admin/emoji/update.ts
index d0c2e6dafc..cbcc07fd48 100644
--- a/src/server/api/endpoints/admin/emoji/update.ts
+++ b/src/server/api/endpoints/admin/emoji/update.ts
@@ -9,7 +9,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		id: {
diff --git a/src/server/api/endpoints/admin/invite.ts b/src/server/api/endpoints/admin/invite.ts
index 056cb8aa75..ebfcb84452 100644
--- a/src/server/api/endpoints/admin/invite.ts
+++ b/src/server/api/endpoints/admin/invite.ts
@@ -8,7 +8,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {}
 };
diff --git a/src/server/api/endpoints/admin/moderators/add.ts b/src/server/api/endpoints/admin/moderators/add.ts
new file mode 100644
index 0000000000..4b4675c566
--- /dev/null
+++ b/src/server/api/endpoints/admin/moderators/add.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import ID, { transform } from '../../../../../misc/cafy-id';
+import define from '../../../define';
+import User from '../../../../../models/user';
+
+export const meta = {
+	desc: {
+		'ja-JP': '指定したユーザーをモデレーターにします。',
+		'en-US': 'Mark a user as moderator.'
+	},
+
+	requireCredential: true,
+	requireAdmin: true,
+
+	params: {
+		userId: {
+			validator: $.type(ID),
+			transform: transform,
+			desc: {
+				'ja-JP': '対象のユーザーID',
+				'en-US': 'The user ID'
+			}
+		},
+	}
+};
+
+export default define(meta, (ps) => new Promise(async (res, rej) => {
+	const user = await User.findOne({
+		_id: ps.userId
+	});
+
+	if (user == null) {
+		return rej('user not found');
+	}
+
+	await User.update({
+		_id: user._id
+	}, {
+		$set: {
+			isModerator: true
+		}
+	});
+
+	res();
+}));
diff --git a/src/server/api/endpoints/admin/moderators/remove.ts b/src/server/api/endpoints/admin/moderators/remove.ts
new file mode 100644
index 0000000000..2b9da61bb5
--- /dev/null
+++ b/src/server/api/endpoints/admin/moderators/remove.ts
@@ -0,0 +1,45 @@
+import $ from 'cafy';
+import ID, { transform } from '../../../../../misc/cafy-id';
+import define from '../../../define';
+import User from '../../../../../models/user';
+
+export const meta = {
+	desc: {
+		'ja-JP': '指定したユーザーをモデレーター解除します。',
+		'en-US': 'Unmark a user as moderator.'
+	},
+
+	requireCredential: true,
+	requireAdmin: true,
+
+	params: {
+		userId: {
+			validator: $.type(ID),
+			transform: transform,
+			desc: {
+				'ja-JP': '対象のユーザーID',
+				'en-US': 'The user ID'
+			}
+		},
+	}
+};
+
+export default define(meta, (ps) => new Promise(async (res, rej) => {
+	const user = await User.findOne({
+		_id: ps.userId
+	});
+
+	if (user == null) {
+		return rej('user not found');
+	}
+
+	await User.update({
+		_id: user._id
+	}, {
+		$set: {
+			isModerator: false
+		}
+	});
+
+	res();
+}));
diff --git a/src/server/api/endpoints/admin/suspend-user.ts b/src/server/api/endpoints/admin/suspend-user.ts
index 0ad0aab74c..5bbd387a20 100644
--- a/src/server/api/endpoints/admin/suspend-user.ts
+++ b/src/server/api/endpoints/admin/suspend-user.ts
@@ -10,7 +10,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		userId: {
diff --git a/src/server/api/endpoints/admin/unsuspend-user.ts b/src/server/api/endpoints/admin/unsuspend-user.ts
index 7c5eedee46..4b53246264 100644
--- a/src/server/api/endpoints/admin/unsuspend-user.ts
+++ b/src/server/api/endpoints/admin/unsuspend-user.ts
@@ -10,7 +10,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		userId: {
diff --git a/src/server/api/endpoints/admin/unverify-user.ts b/src/server/api/endpoints/admin/unverify-user.ts
index d749e002e3..3e044ffed7 100644
--- a/src/server/api/endpoints/admin/unverify-user.ts
+++ b/src/server/api/endpoints/admin/unverify-user.ts
@@ -10,7 +10,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		userId: {
diff --git a/src/server/api/endpoints/admin/update-meta.ts b/src/server/api/endpoints/admin/update-meta.ts
index 39d7ef86b9..1e4ff959d9 100644
--- a/src/server/api/endpoints/admin/update-meta.ts
+++ b/src/server/api/endpoints/admin/update-meta.ts
@@ -8,7 +8,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		broadcasts: {
diff --git a/src/server/api/endpoints/admin/verify-user.ts b/src/server/api/endpoints/admin/verify-user.ts
index 09efc2e803..996e044d18 100644
--- a/src/server/api/endpoints/admin/verify-user.ts
+++ b/src/server/api/endpoints/admin/verify-user.ts
@@ -10,7 +10,7 @@ export const meta = {
 	},
 
 	requireCredential: true,
-	requireAdmin: true,
+	requireModerator: true,
 
 	params: {
 		userId: {
diff --git a/src/server/api/endpoints/meta.ts b/src/server/api/endpoints/meta.ts
index f7c3179909..b324b113c8 100644
--- a/src/server/api/endpoints/meta.ts
+++ b/src/server/api/endpoints/meta.ts
@@ -84,7 +84,7 @@ export default define(meta, (ps, me) => new Promise(async (res, rej) => {
 		};
 	}
 
-	if (me && me.isAdmin) {
+	if (me && (me.isAdmin || me.isModerator)) {
 		response.hidedTags = instance.hidedTags;
 		response.recaptchaSecretKey = instance.recaptchaSecretKey;
 		response.proxyAccount = instance.proxyAccount;
diff --git a/src/server/api/endpoints/notes/delete.ts b/src/server/api/endpoints/notes/delete.ts
index a8f22ad405..aa11f7bf19 100644
--- a/src/server/api/endpoints/notes/delete.ts
+++ b/src/server/api/endpoints/notes/delete.ts
@@ -38,7 +38,7 @@ export default define(meta, (ps, user) => new Promise(async (res, rej) => {
 		return rej('note not found');
 	}
 
-	if (!user.isAdmin && !note.userId.equals(user._id)) {
+	if (!user.isAdmin && !user.isModerator && !note.userId.equals(user._id)) {
 		return rej('access denied');
 	}