Merge pull request from GHSA-7pxq-6xx9-xpgm
* fix: fix improper authorization when accessing with third-party application
* refactor: refactor type definitions
* fix: get rid of unnecessary access limitation
* enhance: サードパーティアプリケーションがWebsocket APIを使えるように
* fix: add missing parentheses
* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"
This reverts commit 5150053275
.
* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする
* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加
* enhance(test): Websocket APIに対するテストも追加
* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合
* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正
* enhance(backend): Websocketの接続に最低限必要な権限を変更
* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように
* fix(backend): エンドポイントにアクセスするために必要な権限を変更
* fix(frontend/locale): Add missing type declaration
* chore: update `misskey-js/src/autogen`
---------
Co-authored-by: tamaina <tamaina@hotmail.co.jp>
This commit is contained in:
parent
d87fecda7f
commit
c96bc36fed
|
@ -132,7 +132,6 @@
|
||||||
- Fix: モデレーションログがモデレーターは閲覧できないように修正
|
- Fix: モデレーションログがモデレーターは閲覧できないように修正
|
||||||
- Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正
|
- Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正
|
||||||
- Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない
|
- Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない
|
||||||
- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正
|
|
||||||
|
|
||||||
## 2023.11.1
|
## 2023.11.1
|
||||||
|
|
||||||
|
|
|
@ -2066,6 +2066,55 @@ export interface Locale {
|
||||||
"write:flash": string;
|
"write:flash": string;
|
||||||
"read:flash-likes": string;
|
"read:flash-likes": string;
|
||||||
"write:flash-likes": string;
|
"write:flash-likes": string;
|
||||||
|
"read:admin:abuse-user-reports": string;
|
||||||
|
"write:admin:delete-account": string;
|
||||||
|
"write:admin:delete-all-files-of-a-user": string;
|
||||||
|
"read:admin:index-stats": string;
|
||||||
|
"read:admin:table-stats": string;
|
||||||
|
"read:admin:user-ips": string;
|
||||||
|
"read:admin:meta": string;
|
||||||
|
"write:admin:reset-password": string;
|
||||||
|
"write:admin:resolve-abuse-user-report": string;
|
||||||
|
"write:admin:send-email": string;
|
||||||
|
"read:admin:server-info": string;
|
||||||
|
"read:admin:show-moderation-log": string;
|
||||||
|
"read:admin:show-user": string;
|
||||||
|
"read:admin:show-users": string;
|
||||||
|
"write:admin:suspend-user": string;
|
||||||
|
"write:admin:unset-user-avatar": string;
|
||||||
|
"write:admin:unset-user-banner": string;
|
||||||
|
"write:admin:unsuspend-user": string;
|
||||||
|
"write:admin:meta": string;
|
||||||
|
"write:admin:user-note": string;
|
||||||
|
"write:admin:roles": string;
|
||||||
|
"read:admin:roles": string;
|
||||||
|
"write:admin:relays": string;
|
||||||
|
"read:admin:relays": string;
|
||||||
|
"write:admin:invite-codes": string;
|
||||||
|
"read:admin:invite-codes": string;
|
||||||
|
"write:admin:announcements": string;
|
||||||
|
"read:admin:announcements": string;
|
||||||
|
"write:admin:avatar-decorations": string;
|
||||||
|
"read:admin:avatar-decorations": string;
|
||||||
|
"write:admin:federation": string;
|
||||||
|
"write:admin:account": string;
|
||||||
|
"read:admin:account": string;
|
||||||
|
"write:admin:emoji": string;
|
||||||
|
"read:admin:emoji": string;
|
||||||
|
"write:admin:queue": string;
|
||||||
|
"read:admin:queue": string;
|
||||||
|
"write:admin:promo": string;
|
||||||
|
"write:admin:drive": string;
|
||||||
|
"read:admin:drive": string;
|
||||||
|
"read:admin:stream": string;
|
||||||
|
"write:admin:ad": string;
|
||||||
|
"read:admin:ad": string;
|
||||||
|
"write:invite-codes": string;
|
||||||
|
"read:invite-codes": string;
|
||||||
|
"write:clip-favorite": string;
|
||||||
|
"read:clip-favorite": string;
|
||||||
|
"read:federation": string;
|
||||||
|
"write:report-abuse": string;
|
||||||
};
|
};
|
||||||
"_auth": {
|
"_auth": {
|
||||||
"shareAccessTitle": string;
|
"shareAccessTitle": string;
|
||||||
|
|
|
@ -1971,6 +1971,55 @@ _permissions:
|
||||||
"write:flash": "Playを操作する"
|
"write:flash": "Playを操作する"
|
||||||
"read:flash-likes": "Playのいいねを見る"
|
"read:flash-likes": "Playのいいねを見る"
|
||||||
"write:flash-likes": "Playのいいねを操作する"
|
"write:flash-likes": "Playのいいねを操作する"
|
||||||
|
"read:admin:abuse-user-reports": "ユーザーからの通報を見る"
|
||||||
|
"write:admin:delete-account": "ユーザーアカウントを削除する"
|
||||||
|
"write:admin:delete-all-files-of-a-user": "ユーザーのすべてのファイルを削除する"
|
||||||
|
"read:admin:index-stats": "データベースインデックスに関する情報を見る"
|
||||||
|
"read:admin:table-stats": "データベーステーブルに関する情報を見る"
|
||||||
|
"read:admin:user-ips": "ユーザーのIPアドレスを見る"
|
||||||
|
"read:admin:meta": "インスタンスのメタデータを見る"
|
||||||
|
"write:admin:reset-password": "ユーザーのパスワードをリセットする"
|
||||||
|
"write:admin:resolve-abuse-user-report": "ユーザーからの通報を解決する"
|
||||||
|
"write:admin:send-email": "メールを送る"
|
||||||
|
"read:admin:server-info": "サーバーの情報を見る"
|
||||||
|
"read:admin:show-moderation-log": "モデレーションログを見る"
|
||||||
|
"read:admin:show-user": "ユーザーのプライベートな情報を見る"
|
||||||
|
"read:admin:show-users": "ユーザーのプライベートな情報を見る"
|
||||||
|
"write:admin:suspend-user": "ユーザーを凍結する"
|
||||||
|
"write:admin:unset-user-avatar": "ユーザーのアバターを削除する"
|
||||||
|
"write:admin:unset-user-banner": "ユーザーのバーナーを削除する"
|
||||||
|
"write:admin:unsuspend-user": "ユーザーの凍結を解除する"
|
||||||
|
"write:admin:meta": "インスタンスのメタデータを操作する"
|
||||||
|
"write:admin:user-note": "モデレーションノートを操作する"
|
||||||
|
"write:admin:roles": "ロールを操作する"
|
||||||
|
"read:admin:roles": "ロールを見る"
|
||||||
|
"write:admin:relays": "リレーを操作する"
|
||||||
|
"read:admin:relays": "リレーを見る"
|
||||||
|
"write:admin:invite-codes": "招待コードを操作する"
|
||||||
|
"read:admin:invite-codes": "招待コードを見る"
|
||||||
|
"write:admin:announcements": "お知らせを操作する"
|
||||||
|
"read:admin:announcements": "お知らせを見る"
|
||||||
|
"write:admin:avatar-decorations": "アバターデコレーションを操作する"
|
||||||
|
"read:admin:avatar-decorations": "アバターデコレーションを見る"
|
||||||
|
"write:admin:federation": "連合に関する情報を操作する"
|
||||||
|
"write:admin:account": "ユーザーアカウントを操作する"
|
||||||
|
"read:admin:account": "ユーザーに関する情報を見る"
|
||||||
|
"write:admin:emoji": "絵文字を操作する"
|
||||||
|
"read:admin:emoji": "絵文字を見る"
|
||||||
|
"write:admin:queue": "ジョブキューを操作する"
|
||||||
|
"read:admin:queue": "ジョブキューに関する情報を見る"
|
||||||
|
"write:admin:promo": "プロモーションノートを操作する"
|
||||||
|
"write:admin:drive": "ユーザーのドライブを操作する"
|
||||||
|
"read:admin:drive": "ユーザーのドライブの関する情報を見る"
|
||||||
|
"read:admin:stream": "管理者用のWebsocket APIを使う"
|
||||||
|
"write:admin:ad": "広告を操作する"
|
||||||
|
"read:admin:ad": "広告を見る"
|
||||||
|
"write:invite-codes": "招待コードを作成する"
|
||||||
|
"read:invite-codes": "招待コードを取得する"
|
||||||
|
"write:clip-favorite": "クリップのいいねを操作する"
|
||||||
|
"read:clip-favorite": "クリップのいいねを見る"
|
||||||
|
"read:federation": "連合に関する情報を取得する"
|
||||||
|
"write:report-abuse": "違反を報告する"
|
||||||
|
|
||||||
_auth:
|
_auth:
|
||||||
shareAccessTitle: "アプリへのアクセス許可"
|
shareAccessTitle: "アプリへのアクセス許可"
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: syuilo and other misskey contributors
|
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
|
||||||
*/
|
|
||||||
|
|
||||||
export const kinds = [
|
|
||||||
'read:account',
|
|
||||||
'write:account',
|
|
||||||
'read:blocks',
|
|
||||||
'write:blocks',
|
|
||||||
'read:drive',
|
|
||||||
'write:drive',
|
|
||||||
'read:favorites',
|
|
||||||
'write:favorites',
|
|
||||||
'read:following',
|
|
||||||
'write:following',
|
|
||||||
'read:messaging',
|
|
||||||
'write:messaging',
|
|
||||||
'read:mutes',
|
|
||||||
'write:mutes',
|
|
||||||
'write:notes',
|
|
||||||
'read:notifications',
|
|
||||||
'write:notifications',
|
|
||||||
'read:reactions',
|
|
||||||
'write:reactions',
|
|
||||||
'write:votes',
|
|
||||||
'read:pages',
|
|
||||||
'write:pages',
|
|
||||||
'write:page-likes',
|
|
||||||
'read:page-likes',
|
|
||||||
'read:user-groups',
|
|
||||||
'write:user-groups',
|
|
||||||
'read:channels',
|
|
||||||
'write:channels',
|
|
||||||
'read:gallery',
|
|
||||||
'write:gallery',
|
|
||||||
'read:gallery-likes',
|
|
||||||
'write:gallery-likes',
|
|
||||||
];
|
|
||||||
// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions).
|
|
|
@ -330,7 +330,8 @@ export class ApiCallService implements OnApplicationShutdown {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) {
|
if (token && ((ep.meta.kind && !token.permission.some(p => p === ep.meta.kind))
|
||||||
|
|| (!ep.meta.kind && (ep.meta.requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin)))) {
|
||||||
throw new ApiError({
|
throw new ApiError({
|
||||||
message: 'Your app does not have the necessary permissions to use this endpoint.',
|
message: 'Your app does not have the necessary permissions to use this endpoint.',
|
||||||
code: 'PERMISSION_DENIED',
|
code: 'PERMISSION_DENIED',
|
||||||
|
|
|
@ -71,6 +71,10 @@ export class StreamingApiServerService {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
[user, app] = await this.authenticateService.authenticate(token);
|
[user, app] = await this.authenticateService.authenticate(token);
|
||||||
|
|
||||||
|
if (app !== null && !app.permission.some(p => p === 'read:account')) {
|
||||||
|
throw new AuthenticationError('Your app does not have necessary permissions to use websocket API.');
|
||||||
|
}
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof AuthenticationError) {
|
if (e instanceof AuthenticationError) {
|
||||||
socket.write([
|
socket.write([
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import type { Schema } from '@/misc/json-schema.js';
|
import type { Schema } from '@/misc/json-schema.js';
|
||||||
|
import { permissions } from 'misskey-js';
|
||||||
import { RolePolicies } from '@/core/RoleService.js';
|
import { RolePolicies } from '@/core/RoleService.js';
|
||||||
|
|
||||||
import * as ep___admin_meta from './endpoints/admin/meta.js';
|
import * as ep___admin_meta from './endpoints/admin/meta.js';
|
||||||
|
@ -724,7 +725,7 @@ const eps = [
|
||||||
['retention', ep___retention],
|
['retention', ep___retention],
|
||||||
];
|
];
|
||||||
|
|
||||||
export interface IEndpointMeta {
|
interface IEndpointMetaBase {
|
||||||
readonly stability?: 'deprecated' | 'experimental' | 'stable';
|
readonly stability?: 'deprecated' | 'experimental' | 'stable';
|
||||||
|
|
||||||
readonly tags?: ReadonlyArray<string>;
|
readonly tags?: ReadonlyArray<string>;
|
||||||
|
@ -823,6 +824,23 @@ export interface IEndpointMeta {
|
||||||
readonly cacheSec?: number;
|
readonly cacheSec?: number;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export type IEndpointMeta = (Omit<IEndpointMetaBase, 'requireCrential' | 'requireModerator' | 'requireAdmin'> & {
|
||||||
|
requireCredential?: false,
|
||||||
|
requireAdmin?: false,
|
||||||
|
requireModerator?: false,
|
||||||
|
}) | (Omit<IEndpointMetaBase, 'secure'> & {
|
||||||
|
secure: true,
|
||||||
|
}) | (Omit<IEndpointMetaBase, 'requireCredential' | 'kind'> & {
|
||||||
|
requireCredential: true,
|
||||||
|
kind: (typeof permissions)[number],
|
||||||
|
}) | (Omit<IEndpointMetaBase, 'requireModerator' | 'kind'> & {
|
||||||
|
requireModerator: true,
|
||||||
|
kind: (typeof permissions)[number],
|
||||||
|
}) | (Omit<IEndpointMetaBase, 'requireAdmin' | 'kind'> & {
|
||||||
|
requireAdmin: true,
|
||||||
|
kind: (typeof permissions)[number],
|
||||||
|
})
|
||||||
|
|
||||||
export interface IEndpoint {
|
export interface IEndpoint {
|
||||||
name: string;
|
name: string;
|
||||||
meta: IEndpointMeta;
|
meta: IEndpointMeta;
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:abuse-user-reports',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -15,7 +15,7 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
secure: true,
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:account',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '@/server/api/error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:account',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
userNotFound: {
|
userNotFound: {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:ad',
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
optional: false,
|
optional: false,
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:ad',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchAd: {
|
noSuchAd: {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:ad',
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
optional: false,
|
optional: false,
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:ad',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchAd: {
|
noSuchAd: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { AnnouncementService } from '@/core/AnnouncementService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:announcements',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:announcements',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchAnnouncement: {
|
noSuchAnnouncement: {
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { IdService } from '@/core/IdService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:announcements',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:announcements',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchAnnouncement: {
|
noSuchAnnouncement: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageAvatarDecorations',
|
requireRolePolicy: 'canManageAvatarDecorations',
|
||||||
|
kind: 'write:admin:avatar-decorations',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageAvatarDecorations',
|
requireRolePolicy: 'canManageAvatarDecorations',
|
||||||
|
kind: 'write:admin:avatar-decorations',
|
||||||
errors: {
|
errors: {
|
||||||
},
|
},
|
||||||
} as const;
|
} as const;
|
||||||
|
|
|
@ -15,10 +15,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageAvatarDecorations',
|
requireRolePolicy: 'canManageAvatarDecorations',
|
||||||
|
kind: 'read:admin:avatar-decorations',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageAvatarDecorations',
|
requireRolePolicy: 'canManageAvatarDecorations',
|
||||||
|
kind: 'write:admin:avatar-decorations',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
},
|
},
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:delete-account',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
},
|
},
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:delete-all-files-of-a-user',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { QueueService } from '@/core/QueueService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:drive',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:drive',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:drive',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:drive',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchFile: {
|
noSuchFile: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchFile: {
|
noSuchFile: {
|
||||||
|
|
|
@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchEmoji: {
|
noSuchEmoji: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchEmoji: {
|
noSuchEmoji: {
|
||||||
|
|
|
@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||||
import { QueueService } from '@/core/QueueService.js';
|
import { QueueService } from '@/core/QueueService.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
kind: 'write:admin',
|
secure: true,
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
|
@ -15,10 +15,9 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'read:admin:emoji',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -15,10 +15,9 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'read:admin:emoji',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canManageCustomEmojis',
|
requireRolePolicy: 'canManageCustomEmojis',
|
||||||
|
kind: 'write:admin:emoji',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchEmoji: {
|
noSuchEmoji: {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:federation',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:federation',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { QueueService } from '@/core/QueueService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:federation',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:federation',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:index-stats',
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
res: {
|
res: {
|
||||||
|
|
|
@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:table-stats',
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { IdService } from '@/core/IdService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:user-ips',
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
optional: false,
|
optional: false,
|
||||||
|
@ -34,7 +33,7 @@ export const meta = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
},
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:invite-codes',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
invalidDateTime: {
|
invalidDateTime: {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:invite-codes',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['meta'],
|
tags: ['meta'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:meta',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:promo',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchNote: {
|
noSuchNote: {
|
||||||
|
|
|
@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:queue',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -11,10 +11,9 @@ import type { DeliverQueue } from '@/core/QueueModule.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:queue',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -11,10 +11,9 @@ import type { InboxQueue } from '@/core/QueueModule.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:queue',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:queue',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:emoji',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:relays',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
invalidUrl: {
|
invalidUrl: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:relays',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:relays',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:reset-password',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:resolve-abuse-user-report',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -11,10 +11,9 @@ import { RoleService } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:roles',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -11,10 +11,9 @@ import { MetaService } from '@/core/MetaService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,10 +14,9 @@ import { RoleService } from '@/core/RoleService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role'],
|
tags: ['admin', 'role'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin', 'role', 'users'],
|
tags: ['admin', 'role', 'users'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
requireCredential: false,
|
requireCredential: false,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:roles',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchRole: {
|
noSuchRole: {
|
||||||
|
|
|
@ -10,10 +10,9 @@ import { EmailService } from '@/core/EmailService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:send-email',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,11 +14,10 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:server-info',
|
||||||
|
|
||||||
tags: ['admin', 'meta'],
|
tags: ['admin', 'meta'],
|
||||||
|
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
optional: false, nullable: false,
|
optional: false, nullable: false,
|
||||||
|
|
|
@ -15,8 +15,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'read:admin:show-moderation-log',
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -16,8 +16,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:show-user',
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -16,8 +16,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'read:admin:show-users',
|
||||||
kind: 'read:admin',
|
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
|
@ -19,10 +19,9 @@ import { QueueService } from '@/core/QueueService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:suspend-user',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:unset-user-avatar',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:unset-user-banner',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:unsuspend-user',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { MetaService } from '@/core/MetaService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireAdmin: true,
|
requireAdmin: true,
|
||||||
|
kind: 'write:admin:meta',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['admin'],
|
tags: ['admin'],
|
||||||
|
|
||||||
kind: 'write:admin',
|
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireModerator: true,
|
requireModerator: true,
|
||||||
|
kind: 'write:admin:user-note',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,6 +12,7 @@ export const meta = {
|
||||||
tags: ['federation'],
|
tags: ['federation'],
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:federation',
|
||||||
|
|
||||||
limit: {
|
limit: {
|
||||||
duration: ms('1hour'),
|
duration: ms('1hour'),
|
||||||
|
|
|
@ -25,6 +25,7 @@ export const meta = {
|
||||||
tags: ['federation'],
|
tags: ['federation'],
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
|
|
||||||
limit: {
|
limit: {
|
||||||
duration: ms('1hour'),
|
duration: ms('1hour'),
|
||||||
|
|
|
@ -11,7 +11,7 @@ import { GetterService } from '@/server/api/GetterService.js';
|
||||||
export const meta = {
|
export const meta = {
|
||||||
tags: ['federation'],
|
tags: ['federation'],
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: false,
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -14,6 +14,7 @@ export const meta = {
|
||||||
tags: ['meta'],
|
tags: ['meta'],
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
secure: true,
|
||||||
|
|
||||||
limit: {
|
limit: {
|
||||||
duration: ms('1hour'),
|
duration: ms('1hour'),
|
||||||
|
|
|
@ -14,6 +14,7 @@ export const meta = {
|
||||||
tags: ['account'],
|
tags: ['account'],
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: "read:account",
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -10,6 +10,7 @@ import { AchievementService, ACHIEVEMENT_TYPES } from '@/core/AchievementService
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
prohibitMoved: true,
|
prohibitMoved: true,
|
||||||
|
kind: 'write:account',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchKey: {
|
noSuchKey: {
|
||||||
|
|
|
@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchKey: {
|
noSuchKey: {
|
||||||
|
|
|
@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'read:account',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -12,6 +12,7 @@ import { ApiError } from '../../../error.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'write:account',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchKey: {
|
noSuchKey: {
|
||||||
|
|
|
@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
|
||||||
|
|
||||||
export const meta = {
|
export const meta = {
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
|
kind: 'write:account',
|
||||||
} as const;
|
} as const;
|
||||||
|
|
||||||
export const paramDef = {
|
export const paramDef = {
|
||||||
|
|
|
@ -19,6 +19,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canInvite',
|
requireRolePolicy: 'canInvite',
|
||||||
|
kind: 'write:invite-codes',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
exceededCreateLimit: {
|
exceededCreateLimit: {
|
||||||
|
|
|
@ -15,6 +15,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canInvite',
|
requireRolePolicy: 'canInvite',
|
||||||
|
kind: 'write:invite-codes',
|
||||||
|
|
||||||
errors: {
|
errors: {
|
||||||
noSuchCode: {
|
noSuchCode: {
|
||||||
|
|
|
@ -16,6 +16,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canInvite',
|
requireRolePolicy: 'canInvite',
|
||||||
|
kind: 'read:invite-codes',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'object',
|
type: 'object',
|
||||||
|
|
|
@ -15,6 +15,7 @@ export const meta = {
|
||||||
|
|
||||||
requireCredential: true,
|
requireCredential: true,
|
||||||
requireRolePolicy: 'canInvite',
|
requireRolePolicy: 'canInvite',
|
||||||
|
kind: 'read:invite-codes',
|
||||||
|
|
||||||
res: {
|
res: {
|
||||||
type: 'array',
|
type: 'array',
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue