Create requireCredentialSecureMode

`requireCredentialSecureMode` is a replacement for `requireCredential` as
a three-valued enum. Keeping `requireCredential` as a boolean makes future
merges easier, and whether the endpoint should be allowed in secure mode
is determined by `requireCredentialSecureMode`. This implies that
`requireCredential: true, requireCredentialSecureMode: false` is an invalid
value.
This commit is contained in:
jaina heartles 2024-03-03 16:51:39 -08:00
parent 2e8420d2e9
commit 27e6714827
384 changed files with 768 additions and 379 deletions

View file

@ -272,8 +272,7 @@ export class ApiCallService implements OnApplicationShutdown {
}
}
const requireCredential = (ep.meta.requireCredential === 'always' ||
(ep.meta.requireCredential === 'conditional' && this.config.secureApiMode));
const requireCredential = (ep.meta.requireCredential || (ep.meta.requireCredentialSecureMode && this.config.secureApiMode));
if (requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin) {
if (user == null) {
throw new ApiError({

View file

@ -28,16 +28,16 @@ type File = {
// TODO: paramsの型をT['params']のスキーマ定義から推論する
type Executor<T extends IEndpointMeta, Ps extends Schema> =
(params: SchemaType<Ps>, user: T['requireCredential'] extends 'always' ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, cleanup?: () => any, ip?: string | null, headers?: Record<string, string> | null) =>
(params: SchemaType<Ps>, user: T['requireCredential'] extends true ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, cleanup?: () => any, ip?: string | null, headers?: Record<string, string> | null) =>
Promise<T['res'] extends undefined ? Response : SchemaType<NonNullable<T['res']>>>;
export abstract class Endpoint<T extends IEndpointMeta, Ps extends Schema> {
public exec: (params: any, user: T['requireCredential'] extends 'always' ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, ip?: string | null, headers?: Record<string, string> | null) => Promise<any>;
public exec: (params: any, user: T['requireCredential'] extends true ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, ip?: string | null, headers?: Record<string, string> | null) => Promise<any>;
constructor(meta: T, paramDef: Ps, cb: Executor<T, Ps>) {
const validate = ajv.compile(paramDef);
this.exec = (params: any, user: T['requireCredential'] extends 'always' ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, ip?: string | null, headers?: Record<string, string> | null) => {
this.exec = (params: any, user: T['requireCredential'] extends true ? MiLocalUser : MiLocalUser | null, token: MiAccessToken | null, file?: File, ip?: string | null, headers?: Record<string, string> | null) => {
let cleanup: undefined | (() => void) = undefined;
if (meta.requireFile) {

View file

@ -791,7 +791,12 @@ interface IEndpointMetaBase {
*
* false
*/
readonly requireCredential?: 'always' | 'conditional' | 'never';
readonly requireCredential?: boolean;
/**
* Should a credential be required when the server is in secureApiMode
*/
readonly requireCredentialSecureMode?: boolean;
/**
* isModeratorなロールを必要とするか
@ -871,14 +876,14 @@ interface IEndpointMetaBase {
readonly cacheSec?: number;
}
export type IEndpointMeta = (Omit<IEndpointMetaBase, 'requireCrential' | 'requireModerator' | 'requireAdmin'> & {
requireCredential?: 'conditional',
export type IEndpointMeta = (Omit<IEndpointMetaBase, 'requireCredential' | 'requireModerator' | 'requireAdmin'> & {
requireCredential?: false,
requireAdmin?: false,
requireModerator?: false,
}) | (Omit<IEndpointMetaBase, 'secure'> & {
secure: true,
}) | (Omit<IEndpointMetaBase, 'requireCredential' | 'kind'> & {
requireCredential: 'always',
requireCredential: true,
kind: (typeof permissions)[number],
}) | (Omit<IEndpointMetaBase, 'requireModerator' | 'kind'> & {
requireModerator: true,

View file

@ -13,7 +13,8 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:abuse-user-reports',

View file

@ -17,7 +17,8 @@ import { Packed } from '@/misc/json-schema.js';
export const meta = {
tags: ['admin'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
res: {
type: 'object',

View file

@ -14,7 +14,8 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:account',
} as const;

View file

@ -13,7 +13,8 @@ import { ApiError } from '@/server/api/error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'read:admin:account',

View file

@ -13,7 +13,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:ad',
res: {

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:ad',

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:ad',
res: {

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:ad',

View file

@ -10,7 +10,8 @@ import { AnnouncementService } from '@/core/AnnouncementService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:announcements',

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:announcements',

View file

@ -14,7 +14,8 @@ import { IdService } from '@/core/IdService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:announcements',

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:announcements',

View file

@ -8,7 +8,8 @@ import { EmailService } from '@/core/EmailService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:approve-user',
} as const;

View file

@ -10,7 +10,8 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageAvatarDecorations',
kind: 'write:admin:avatar-decorations',
} as const;

View file

@ -12,7 +12,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageAvatarDecorations',
kind: 'write:admin:avatar-decorations',
errors: {

View file

@ -15,7 +15,8 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageAvatarDecorations',
kind: 'read:admin:avatar-decorations',

View file

@ -12,7 +12,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageAvatarDecorations',
kind: 'write:admin:avatar-decorations',

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:delete-account',
} as const;

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:delete-all-files-of-a-user',
} as const;

View file

@ -10,7 +10,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:drive',
} as const;

View file

@ -13,7 +13,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:drive',
} as const;

View file

@ -13,7 +13,8 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:drive',

View file

@ -14,7 +14,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:drive',

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -14,7 +14,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',

View file

@ -17,7 +17,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',

View file

@ -9,7 +9,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
secure: true,
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
} as const;

View file

@ -15,7 +15,8 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'read:admin:emoji',

View file

@ -15,7 +15,8 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'read:admin:emoji',

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -10,7 +10,8 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',
} as const;

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireRolePolicy: 'canManageCustomEmojis',
kind: 'write:admin:emoji',

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:federation',
} as const;

View file

@ -13,7 +13,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:federation',
} as const;

View file

@ -12,7 +12,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:federation',
} as const;

View file

@ -14,7 +14,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:federation',
} as const;

View file

@ -9,7 +9,8 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'read:admin:index-stats',

View file

@ -9,7 +9,8 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'read:admin:table-stats',

View file

@ -12,7 +12,8 @@ import { IdService } from '@/core/IdService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:user-ips',
res: {

View file

@ -16,7 +16,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:invite-codes',

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:invite-codes',

View file

@ -13,7 +13,8 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js';
export const meta = {
tags: ['meta'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'read:admin:meta',

View file

@ -6,7 +6,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:nsfw-user',
} as const;

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:promo',

View file

@ -11,7 +11,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:queue',
} as const;

View file

@ -11,7 +11,8 @@ import type { DeliverQueue } from '@/core/QueueModule.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:queue',

View file

@ -11,7 +11,8 @@ import type { InboxQueue } from '@/core/QueueModule.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:queue',

View file

@ -11,7 +11,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:queue',
} as const;

View file

@ -10,7 +10,8 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:emoji',

View file

@ -12,7 +12,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:relays',

View file

@ -10,7 +10,8 @@ import { RelayService } from '@/core/RelayService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:relays',

View file

@ -10,7 +10,8 @@ import { RelayService } from '@/core/RelayService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:relays',
} as const;

View file

@ -15,7 +15,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:reset-password',

View file

@ -15,7 +15,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:resolve-abuse-user-report',
} as const;

View file

@ -13,7 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:roles',

View file

@ -11,7 +11,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:roles',

View file

@ -13,7 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:roles',

View file

@ -12,7 +12,8 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:roles',

View file

@ -13,7 +13,8 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:roles',

View file

@ -13,7 +13,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:roles',

View file

@ -11,7 +11,8 @@ import { MetaService } from '@/core/MetaService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:roles',
} as const;

View file

@ -14,7 +14,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin', 'role'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:roles',

View file

@ -16,7 +16,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin', 'role', 'users'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
requireModerator: true,
kind: 'read:admin:roles',

View file

@ -10,7 +10,8 @@ import { EmailService } from '@/core/EmailService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:send-email',
} as const;

View file

@ -12,7 +12,8 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
import { DI } from '@/di-symbols.js';
export const meta = {
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:server-info',

View file

@ -13,7 +13,8 @@ import { ModerationLogEntityService } from '@/core/entities/ModerationLogEntityS
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'read:admin:show-moderation-log',

View file

@ -15,7 +15,8 @@ import { notificationRecieveConfig } from '@/models/json-schema/user.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:show-user',

View file

@ -14,7 +14,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'read:admin:show-users',

View file

@ -7,7 +7,8 @@ import { RoleService } from '@/core/RoleService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:silence-user',
} as const;

View file

@ -19,7 +19,8 @@ import { QueueService } from '@/core/QueueService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:suspend-user',
} as const;

View file

@ -6,7 +6,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:unnsfw-user',
} as const;

View file

@ -12,7 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:unset-user-avatar',
} as const;

View file

@ -12,7 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:unset-user-banner',
} as const;

View file

@ -6,7 +6,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:unsilence-user',
} as const;

View file

@ -13,7 +13,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:unsuspend-user',
} as const;

View file

@ -12,7 +12,8 @@ import { MetaService } from '@/core/MetaService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireAdmin: true,
kind: 'write:admin:meta',
} as const;

View file

@ -12,7 +12,8 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
requireModerator: true,
kind: 'write:admin:user-note',
} as const;

View file

@ -14,7 +14,8 @@ import type { AnnouncementReadsRepository, AnnouncementsRepository } from '@/mod
export const meta = {
tags: ['meta'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
res: {
type: 'array',

View file

@ -16,7 +16,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['antennas'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
prohibitMoved: true,

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['antennas'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'write:account',

View file

@ -12,7 +12,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['antennas', 'account'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'read:account',

View file

@ -20,7 +20,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['antennas', 'account', 'notes'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'read:account',

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['antennas', 'account'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'read:account',

View file

@ -14,7 +14,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['antennas'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
prohibitMoved: true,

View file

@ -11,7 +11,8 @@ import { ApResolverService } from '@/core/activitypub/ApResolverService.js';
export const meta = {
tags: ['federation'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'read:federation',
limit: {

View file

@ -24,7 +24,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['federation'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'read:account',
limit: {

View file

@ -15,7 +15,8 @@ import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['app'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
res: {
type: 'object',

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['app'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
errors: {
noSuchApp: {

View file

@ -15,7 +15,8 @@ import { ApiError } from '../../error.js';
export const meta = {
tags: ['auth'],
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
secure: true,

View file

@ -15,7 +15,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['auth'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
res: {
type: 'object',

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['auth'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
errors: {
noSuchSession: {

View file

@ -13,7 +13,8 @@ import { ApiError } from '../../../error.js';
export const meta = {
tags: ['auth'],
requireCredential: 'never',
requireCredential: false,
requireCredentialSecureMode: false,
res: {
type: 'object',

View file

@ -21,7 +21,8 @@ export const meta = {
max: 20,
},
requireCredential: 'always',
requireCredential: true,
requireCredentialSecureMode: true,
kind: 'write:blocks',

Some files were not shown because too many files have changed in this diff Show more