From a35c2f214b1b1054229f31569f6df4090a7375a5 Mon Sep 17 00:00:00 2001 From: Hazelnoot Date: Fri, 21 Feb 2025 22:04:36 -0500 Subject: convert Authorized Fetch to a setting and add support for hybrid mode (essential metadata only) --- packages/backend/src/server/api/endpoints/admin/meta.ts | 12 ++++++++++++ .../backend/src/server/api/endpoints/admin/update-meta.ts | 10 ++++++++++ packages/backend/src/server/api/endpoints/i/update.ts | 10 ++++++++++ 3 files changed, 32 insertions(+) (limited to 'packages/backend/src/server/api/endpoints') diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts index d581c07e8c..d3f24e07bb 100644 --- a/packages/backend/src/server/api/endpoints/admin/meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/meta.ts @@ -9,6 +9,7 @@ import { MetaService } from '@/core/MetaService.js'; import type { Config } from '@/config.js'; import { DI } from '@/di-symbols.js'; import { DEFAULT_POLICIES } from '@/core/RoleService.js'; +import { instanceUnsignedFetchOptions } from '@/const.js'; export const meta = { tags: ['meta'], @@ -589,6 +590,15 @@ export const meta = { optional: false, nullable: false, }, }, + hasLegacyAuthFetchSetting: { + type: 'boolean', + optional: false, nullable: false, + }, + allowUnsignedFetch: { + type: 'string', + enum: instanceUnsignedFetchOptions, + optional: false, nullable: false, + }, }, }, } as const; @@ -745,6 +755,8 @@ export default class extends Endpoint { // eslint- trustedLinkUrlPatterns: instance.trustedLinkUrlPatterns, federation: instance.federation, federationHosts: instance.federationHosts, + hasLegacyAuthFetchSetting: config.checkActivityPubGetSignature != null, + allowUnsignedFetch: instance.allowUnsignedFetch, }; }); } diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index f6ce86790a..33d4bbd00f 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -8,6 +8,7 @@ import type { MiMeta } from '@/models/Meta.js'; import { ModerationLogService } from '@/core/ModerationLogService.js'; import { Endpoint } from '@/server/api/endpoint-base.js'; import { MetaService } from '@/core/MetaService.js'; +import { instanceUnsignedFetchOptions } from '@/const.js'; export const meta = { tags: ['admin'], @@ -205,6 +206,11 @@ export const paramDef = { type: 'string', }, }, + allowUnsignedFetch: { + type: 'string', + enum: instanceUnsignedFetchOptions, + nullable: false, + }, }, required: [], } as const; @@ -753,6 +759,10 @@ export default class extends Endpoint { // eslint- set.federationHosts = ps.federationHosts.filter(Boolean).map(x => x.toLowerCase()); } + if (ps.allowUnsignedFetch !== undefined) { + set.allowUnsignedFetch = ps.allowUnsignedFetch; + } + const before = await this.metaService.fetch(true); await this.metaService.update(set); diff --git a/packages/backend/src/server/api/endpoints/i/update.ts b/packages/backend/src/server/api/endpoints/i/update.ts index f74452e2af..f1d201d081 100644 --- a/packages/backend/src/server/api/endpoints/i/update.ts +++ b/packages/backend/src/server/api/endpoints/i/update.ts @@ -33,6 +33,7 @@ import type { Config } from '@/config.js'; import { safeForSql } from '@/misc/safe-for-sql.js'; import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; import { notificationRecieveConfig } from '@/models/json-schema/user.js'; +import { userUnsignedFetchOptions } from '@/const.js'; import { ApiLoggerService } from '../../ApiLoggerService.js'; import { ApiError } from '../../error.js'; @@ -255,6 +256,11 @@ export const paramDef = { enum: ['default', 'parent', 'defaultParent', 'parentDefault'], nullable: false, }, + allowUnsignedFetch: { + type: 'string', + enum: userUnsignedFetchOptions, + nullable: false, + }, }, } as const; @@ -519,6 +525,10 @@ export default class extends Endpoint { // eslint- profileUpdates.defaultCWPriority = ps.defaultCWPriority; } + if (ps.allowUnsignedFetch !== undefined) { + updates.allowUnsignedFetch = ps.allowUnsignedFetch; + } + //#region emojis/tags let emojis = [] as string[]; -- cgit v1.2.3-freya