summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--packages/backend/package.json3
-rw-r--r--packages/backend/src/server/api/ApiServerService.ts3
-rw-r--r--packages/backend/src/server/web/ClientServerService.ts62
-rw-r--r--packages/backend/test/e2e/fetch-resource.ts32
-rw-r--r--packages/backend/test/utils.ts6
-rw-r--r--packages/frontend/src/pages/admin/queue.vue13
-rw-r--r--pnpm-lock.yaml72
7 files changed, 180 insertions, 11 deletions
diff --git a/packages/backend/package.json b/packages/backend/package.json
index ff4f2d7cf3..3f77d0f08a 100644
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@@ -67,6 +67,9 @@
"dependencies": {
"@aws-sdk/client-s3": "3.772.0",
"@aws-sdk/lib-storage": "3.772.0",
+ "@bull-board/api": "6.7.7",
+ "@bull-board/fastify": "6.7.7",
+ "@bull-board/ui": "6.7.7",
"@discordapp/twemoji": "15.1.0",
"@fastify/accepts": "5.0.2",
"@fastify/cookie": "11.0.2",
diff --git a/packages/backend/src/server/api/ApiServerService.ts b/packages/backend/src/server/api/ApiServerService.ts
index 12459d5698..0d77309537 100644
--- a/packages/backend/src/server/api/ApiServerService.ts
+++ b/packages/backend/src/server/api/ApiServerService.ts
@@ -6,6 +6,7 @@
import { Inject, Injectable } from '@nestjs/common';
import cors from '@fastify/cors';
import multipart from '@fastify/multipart';
+import fastifyCookie from '@fastify/cookie';
import { ModuleRef } from '@nestjs/core';
import { AuthenticationResponseJSON } from '@simplewebauthn/types';
import type { Config } from '@/config.js';
@@ -56,6 +57,8 @@ export class ApiServerService {
},
});
+ fastify.register(fastifyCookie, {});
+
// Prevent cache
fastify.addHook('onRequest', (request, reply, done) => {
reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
diff --git a/packages/backend/src/server/web/ClientServerService.ts b/packages/backend/src/server/web/ClientServerService.ts
index 165e4f3f73..79deb107b0 100644
--- a/packages/backend/src/server/web/ClientServerService.ts
+++ b/packages/backend/src/server/web/ClientServerService.ts
@@ -7,12 +7,16 @@ import { randomUUID } from 'node:crypto';
import { dirname } from 'node:path';
import { fileURLToPath } from 'node:url';
import { Inject, Injectable } from '@nestjs/common';
+import { createBullBoard } from '@bull-board/api';
+import { BullMQAdapter } from '@bull-board/api/bullMQAdapter.js';
+import { FastifyAdapter as BullBoardFastifyAdapter } from '@bull-board/fastify';
import ms from 'ms';
import sharp from 'sharp';
import pug from 'pug';
import { In, IsNull } from 'typeorm';
import fastifyStatic from '@fastify/static';
import fastifyView from '@fastify/view';
+import fastifyCookie from '@fastify/cookie';
import fastifyProxy from '@fastify/http-proxy';
import vary from 'vary';
import htmlSafeJsonStringify from 'htmlescape';
@@ -222,6 +226,64 @@ export class ClientServerService {
@bindThis
public createServer(fastify: FastifyInstance, options: FastifyPluginOptions, done: (err?: Error) => void) {
+ fastify.register(fastifyCookie, {});
+
+ //#region Bull Dashboard
+ const bullBoardPath = '/queue';
+
+ // Authenticate
+ fastify.addHook('onRequest', async (request, reply) => {
+ if (request.routeOptions.url == null) {
+ reply.code(404).send('Not found');
+ return;
+ }
+
+ // %71ueueとかでリクエストされたら困るため
+ const url = decodeURI(request.routeOptions.url);
+ if (url === bullBoardPath || url.startsWith(bullBoardPath + '/')) {
+ if (!url.startsWith(bullBoardPath + '/static/')) {
+ reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
+ }
+
+ const token = request.cookies.token;
+ if (token == null) {
+ reply.code(401).send('Login required');
+ return;
+ }
+ const user = await this.usersRepository.findOneBy({ token });
+ if (user == null) {
+ reply.code(403).send('No such user');
+ return;
+ }
+ const isAdministrator = await this.roleService.isAdministrator(user);
+ if (!isAdministrator) {
+ reply.code(403).send('Access denied');
+ return;
+ }
+ }
+ });
+
+ const bullBoardServerAdapter = new BullBoardFastifyAdapter();
+
+ createBullBoard({
+ queues: [
+ this.systemQueue,
+ this.endedPollNotificationQueue,
+ this.deliverQueue,
+ this.inboxQueue,
+ this.dbQueue,
+ this.relationshipQueue,
+ this.objectStorageQueue,
+ this.userWebhookDeliverQueue,
+ this.systemWebhookDeliverQueue,
+ ].map(q => new BullMQAdapter(q)),
+ serverAdapter: bullBoardServerAdapter,
+ });
+
+ bullBoardServerAdapter.setBasePath(bullBoardPath);
+ (fastify.register as any)(bullBoardServerAdapter.registerPlugin(), { prefix: bullBoardPath });
+ //#endregion
+
fastify.register(fastifyView, {
root: _dirname + '/views',
engine: {
diff --git a/packages/backend/test/e2e/fetch-resource.ts b/packages/backend/test/e2e/fetch-resource.ts
index 740295bda8..b85cebf724 100644
--- a/packages/backend/test/e2e/fetch-resource.ts
+++ b/packages/backend/test/e2e/fetch-resource.ts
@@ -6,7 +6,7 @@
process.env.NODE_ENV = 'test';
import * as assert from 'assert';
-import { channel, clip, galleryPost, page, play, post, signup, simpleGet, uploadFile } from '../utils.js';
+import { channel, clip, cookie, galleryPost, page, play, post, signup, simpleGet, uploadFile } from '../utils.js';
import type { SimpleGetResponse } from '../utils.js';
import type * as misskey from 'misskey-js';
@@ -156,20 +156,20 @@ describe('Webリソース', () => {
describe(' has entry such ', () => {
beforeEach(() => {
- post(alice, { text: '**a**' });
+ post(alice, { text: "**a**" })
});
test('MFMを含まない。', async () => {
- const content = await simpleGet(path(alice.username), '*/*', undefined, res => res.text());
+ const content = await simpleGet(path(alice.username), "*/*", undefined, res => res.text());
const _body: unknown = content.body;
// JSONフィードのときは改めて文字列化する
- const body: string = typeof (_body) === 'object' ? JSON.stringify(_body) : _body as string;
+ const body: string = typeof (_body) === "object" ? JSON.stringify(_body) : _body as string;
- if (body.includes('**a**')) {
- throw new Error('MFM shouldn\'t be included');
+ if (body.includes("**a**")) {
+ throw new Error("MFM shouldn't be included");
}
});
- });
+ })
});
describe.each([{ path: '/api/foo' }])('$path', ({ path }) => {
@@ -180,6 +180,24 @@ describe('Webリソース', () => {
}));
});
+ describe.each([{ path: '/queue' }])('$path', ({ path }) => {
+ test('はログインしないとGETできない。', async () => await notOk({
+ path,
+ status: 401,
+ }));
+
+ test('はadminでなければGETできない。', async () => await notOk({
+ path,
+ cookie: cookie(bob),
+ status: 403,
+ }));
+
+ test('はadminならGETできる。', async () => await ok({
+ path,
+ cookie: cookie(alice),
+ }));
+ });
+
describe.each([{ path: '/streaming' }])('$path', ({ path }) => {
test('はGETできない。', async () => await notOk({
path,
diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts
index 8306208477..cf97473d14 100644
--- a/packages/backend/test/utils.ts
+++ b/packages/backend/test/utils.ts
@@ -35,7 +35,7 @@ export type SystemWebhookPayload = {
createdAt: string;
type: string;
body: any;
-};
+}
const config = loadConfig();
export const port = config.port;
@@ -45,6 +45,10 @@ export const host = new URL(config.url).host;
export const WEBHOOK_HOST = 'http://localhost:15080';
export const WEBHOOK_PORT = 15080;
+export const cookie = (me: UserToken): string => {
+ return `token=${me.token};`;
+};
+
export type ApiRequest<E extends keyof misskey.Endpoints, P extends misskey.Endpoints[E]['req'] = misskey.Endpoints[E]['req']> = {
endpoint: E,
parameters: P,
diff --git a/packages/frontend/src/pages/admin/queue.vue b/packages/frontend/src/pages/admin/queue.vue
index b5aee1e51e..65d728e776 100644
--- a/packages/frontend/src/pages/admin/queue.vue
+++ b/packages/frontend/src/pages/admin/queue.vue
@@ -17,11 +17,11 @@ SPDX-License-Identifier: AGPL-3.0-only
<script lang="ts" setup>
import { ref, computed } from 'vue';
-import * as config from '@@/js/config.js';
+import type { Ref } from 'vue';
import XQueue from './queue.chart.vue';
import XHeader from './_header_.vue';
-import type { Ref } from 'vue';
import * as os from '@/os.js';
+import * as config from '@@/js/config.js';
import { i18n } from '@/i18n.js';
import { definePage } from '@/page.js';
import MkButton from '@/components/MkButton.vue';
@@ -54,7 +54,14 @@ function promoteAllQueues() {
});
}
-const headerActions = computed(() => []);
+const headerActions = computed(() => [{
+ asFullButton: true,
+ icon: 'ti ti-external-link',
+ text: i18n.ts.dashboard,
+ handler: () => {
+ window.open(config.url + '/queue', '_blank', 'noopener');
+ },
+}]);
const headerTabs = computed(() => [{
key: 'deliver',
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 4507cb2c71..db128be52f 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -89,6 +89,15 @@ importers:
'@aws-sdk/lib-storage':
specifier: 3.772.0
version: 3.772.0(@aws-sdk/client-s3@3.772.0)
+ '@bull-board/api':
+ specifier: 6.7.7
+ version: 6.7.7(@bull-board/ui@6.7.7)
+ '@bull-board/fastify':
+ specifier: 6.7.7
+ version: 6.7.7
+ '@bull-board/ui':
+ specifier: 6.7.7
+ version: 6.7.7
'@discordapp/twemoji':
specifier: 15.1.0
version: 15.1.0
@@ -2017,6 +2026,17 @@ packages:
resolution: {integrity: sha512-6zABk/ECA/QYSCQ1NGiVwwbQerUCZ+TQbp64Q3AgmfNvurHH0j8TtXa1qbShXA6qqkpAj4V5W8pP6mLe1mcMqA==}
engines: {node: '>=18'}
+ '@bull-board/api@6.7.7':
+ resolution: {integrity: sha512-jSBe+aeNs41T/BUJNutKSM17hJigDLoOaAzUZyFwT63/Yt00hiqQo90THXmDi3vGdXtTruGlkrC9OhVxBKo1eQ==}
+ peerDependencies:
+ '@bull-board/ui': 6.7.7
+
+ '@bull-board/fastify@6.7.7':
+ resolution: {integrity: sha512-EVxpRW0ag/tVPqfHm6s/3P6X5DnzKTr0J5lI1EgOvpe+OXavaPWkU0iLPepyyC6ls+k0djdkd1ix1PP/caqufw==}
+
+ '@bull-board/ui@6.7.7':
+ resolution: {integrity: sha512-QU3OkaJVIUt1SpRRV/XxPSTD9tmJcwBWi1oa4ND+qGWQigQ2H1PYfpQCNFOlyW8qCkBwkSDn8pLwlyGbppWqJg==}
+
'@bundled-es-modules/cookie@2.0.1':
resolution: {integrity: sha512-8o+5fRPLNbjbdGRRmJj3h6Hh1AQJf2dk3qQ/5ZFb+PXkRNiSoMGGUKlsgLfrxneb72axVJyIYji64E2+nNfYyw==}
@@ -6252,6 +6272,11 @@ packages:
ee-first@1.1.1:
resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==}
+ ejs@3.1.10:
+ resolution: {integrity: sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==}
+ engines: {node: '>=0.10.0'}
+ hasBin: true
+
electron-to-chromium@1.4.686:
resolution: {integrity: sha512-3avY1B+vUzNxEgkBDpKOP8WarvUAEwpRaiCL0He5OKWEFxzaOFiq4WoZEZe7qh0ReS7DiWoHMnYoQCKxNZNzSg==}
@@ -6738,6 +6763,9 @@ packages:
resolution: {integrity: sha512-VZR5I7k5wkD0HgFnMsq5hOsSc710MJMu5Nc5QYsbe38NN5iPV/XTObYLc/cpttRTf6lX538+5uO1ZQRhYibiZQ==}
engines: {node: '>=18'}
+ filelist@1.0.4:
+ resolution: {integrity: sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==}
+
filename-reserved-regex@3.0.0:
resolution: {integrity: sha512-hn4cQfU6GOT/7cFHXBqeBg2TbrMBgdD0kcjLhvSQYYwm3s4B6cjvBfb7nBALJLAXqmU5xajSa7X2NnUud/VCdw==}
engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0}
@@ -7607,6 +7635,11 @@ packages:
resolution: {integrity: sha512-cub8rahkh0Q/bw1+GxP7aeSe29hHHn2V4m29nnDlvCdlgU+3UGxkZp7Z53jLUdpX3jdTO0nJZUDl3xvbWc2Xog==}
engines: {node: 20 || >=22}
+ jake@10.9.2:
+ resolution: {integrity: sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==}
+ engines: {node: '>=10'}
+ hasBin: true
+
jest-changed-files@29.7.0:
resolution: {integrity: sha512-fEArFiwf1BpQ+4bXSprcDc3/x4HSzL4al2tozwVpDFpsxALjLYdyiIK4e5Vz66GQJIbXJ82+35PtysofptNX2w==}
engines: {node: ^14.15.0 || ^16.10.0 || >=18.0.0}
@@ -9531,6 +9564,9 @@ packages:
resolution: {integrity: sha512-1qny3OExCf0UvUV/5wpYKf2YwPcOqXzkwKKSmKHiE6ZMQs5heeE/c8eXK+PNllPvmjgAbfnsbpkGZWy8cBpn9w==}
engines: {node: '>=4'}
+ redis-info@3.1.0:
+ resolution: {integrity: sha512-ER4L9Sh/vm63DkIE0bkSjxluQlioBiBgf5w1UuldaW/3vPcecdljVDisZhmnCMvsxHNiARTTDDHGg9cGwTfrKg==}
+
redis-lock@0.1.4:
resolution: {integrity: sha512-7/+zu86XVQfJVx1nHTzux5reglDiyUCDwmW7TSlvVezfhH2YLc/Rc8NE0ejQG+8/0lwKzm29/u/4+ogKeLosiA==}
engines: {node: '>=0.6'}
@@ -12162,6 +12198,23 @@ snapshots:
'@bcoe/v8-coverage@1.0.2': {}
+ '@bull-board/api@6.7.7(@bull-board/ui@6.7.7)':
+ dependencies:
+ '@bull-board/ui': 6.7.7
+ redis-info: 3.1.0
+
+ '@bull-board/fastify@6.7.7':
+ dependencies:
+ '@bull-board/api': 6.7.7(@bull-board/ui@6.7.7)
+ '@bull-board/ui': 6.7.7
+ '@fastify/static': 8.1.1
+ '@fastify/view': 10.0.2
+ ejs: 3.1.10
+
+ '@bull-board/ui@6.7.7':
+ dependencies:
+ '@bull-board/api': 6.7.7(@bull-board/ui@6.7.7)
+
'@bundled-es-modules/cookie@2.0.1':
dependencies:
cookie: 0.7.2
@@ -17284,6 +17337,10 @@ snapshots:
ee-first@1.1.1: {}
+ ejs@3.1.10:
+ dependencies:
+ jake: 10.9.2
+
electron-to-chromium@1.4.686: {}
electron-to-chromium@1.5.123: {}
@@ -18143,6 +18200,10 @@ snapshots:
token-types: 6.0.0
uint8array-extras: 1.4.0
+ filelist@1.0.4:
+ dependencies:
+ minimatch: 5.1.2
+
filename-reserved-regex@3.0.0: {}
filenamify@6.0.0:
@@ -19067,6 +19128,13 @@ snapshots:
optionalDependencies:
'@pkgjs/parseargs': 0.11.0
+ jake@10.9.2:
+ dependencies:
+ async: 3.2.4
+ chalk: 4.1.2
+ filelist: 1.0.4
+ minimatch: 3.1.2
+
jest-changed-files@29.7.0:
dependencies:
execa: 5.1.1
@@ -21518,6 +21586,10 @@ snapshots:
redis-errors@1.2.0: {}
+ redis-info@3.1.0:
+ dependencies:
+ lodash: 4.17.21
+
redis-lock@0.1.4: {}
redis-parser@3.0.0:
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 20:18:29 +0000