Commit graph

22 commits

Author SHA1 Message Date
Chocolate Pie
82822e29d9
Merge pull request from GHSA-7pxq-6xx9-xpgm
* fix: fix improper authorization when accessing with third-party application

* refactor: refactor type definitions

* fix: get rid of unnecessary access limitation

* enhance: サードパーティアプリケーションがWebsocket APIを使えるように

* fix: add missing parentheses

* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"

This reverts commit 5150053275.

* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする

* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加

* enhance(test): Websocket APIに対するテストも追加

* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合

* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正

* enhance(backend): Websocketの接続に最低限必要な権限を変更

* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように

* fix(backend): エンドポイントにアクセスするために必要な権限を変更

* fix(frontend/locale): Add missing type declaration

* chore: update `misskey-js/src/autogen`

---------

Co-authored-by: tamaina <tamaina@hotmail.co.jp>
2023-12-28 09:45:54 +01:00
Marie
5db583a3eb merge: upstream 2023-12-23 02:09:23 +01:00
syuilo
5150053275 fix(backend): add missing kind definition for admin endpoints to improve security 2023-12-18 12:32:26 +09:00
Mar0xy
8595a325ce
merge: upstream 2023-09-26 02:26:30 +02:00
syuilo
5318532a8d enhance: improve moderation log 2023-09-25 10:29:12 +09:00
syuilo
19bc9c20a6 improve moderation log 2023-09-23 20:50:02 +09:00
Mar0xy
7111c6c90b
upd: swap bcrypt to argon2, add misskey-js to dev, auto load replies 2023-09-22 00:21:57 +02:00
syuilo
6cf466e5d1
update deps (#11820)
* update deps

* fix

* wip

* wip

* wip

* Update docker-compose.yml.example

* Delete reviewer-lottery.yml

* Update RepositoryModule.ts

* wip

* wip

* clean up

* update deps

* wip

* wip
2023-09-15 14:28:29 +09:00
woxtu
dd1783f984
chore(backend): Resolve import/no-default-export rule violations (#11732)
* Disable `import/no-default-export` properly

* Disable `import/no-default-export`
2023-08-17 21:20:58 +09:00
Shun Sakai
c2370a1be6
chore: 著作権とライセンスについての情報を各ファイルに追加する (#11348)
* chore: Add the SPDX information to each file

Add copyright and licensing information as defined in version 3.0 of
the REUSE Specification.

* tweak format

---------

Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2023-07-27 14:31:52 +09:00
Kagami Sascha Rosylight
ef354e94f2
refactor(backend): replace rndstr with secureRndstr (#11044)
* refactor(backend): replace rndstr with secureRndstr

* Update pnpm-lock.yaml

* .js
2023-06-25 11:04:33 +09:00
syuilo
2470afaa2e
Role (#9437)
* wip

* Update CHANGELOG.md

* wip

* wip

* wip

* Update create.ts

* wip

* wip

* Update CHANGELOG.md

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* Update CHANGELOG.md

* wip

* wip

* Update delete.ts

* Update delete.ts

* wip

* wip

* wip

* Update account-info.vue

* wip

* wip

* Update settings.vue

* Update user-info.vue

* wip

* Update show-file.ts

* Update show-user.ts

* wip

* wip

* Update delete.ts

* wip

* wip

* Update overview.moderators.vue

* Create 1673500412259-Role.js

* wip

* wip

* Update roles.vue

* 色

* Update roles.vue

* integrate silence

* wip

* wip
2023-01-12 21:02:26 +09:00
syuilo
01d4d55e78 fix import type 2022-09-21 05:33:11 +09:00
syuilo
b75184ec8e
なんかもうめっちゃ変えた 2022-09-18 03:27:08 +09:00
syuilo
1c67c26bd8
refactor: migrate to typeorm 3.0 (#8443)
* wip

* wip

* wip

* Update following.ts

* wip

* wip

* wip

* Update resolve-user.ts

* maxQueryExecutionTime

* wip

* wip
2022-03-26 15:34:00 +09:00
syuilo
d071d18dd7
refactor: Use ESM (#8358)
* wip

* wip

* fix

* clean up

* Update tsconfig.json

* Update activitypub.ts

* wip
2022-02-27 11:07:39 +09:00
tamaina
fcfb5ef0a3
Fix ajv (#8333)
* wip

* ✌️

* use ajv/dist/core

* revert try

* clean up
2022-02-20 13:15:40 +09:00
syuilo
510de87607
refactor: use ajv instead of cafy (#8324)
* wip

* wip

* Update abuse-user-reports.ts

* Update files.ts

* Update list-remote.ts

* Update list.ts

* Update show-users.ts

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* Update update.ts

* Update search.ts

* Update reactions.ts

* Update search.ts

* wip

* wip

* wip

* wip

* Update update.ts

* Update relation.ts

* Update available.ts

* wip

* wip

* wip

* Update packages/backend/src/server/api/define.ts

Co-authored-by: Johann150 <johann.galle@protonmail.com>

* Update define.ts

* Update define.ts

* typo

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* wip

* Update update.ts

* wip

* Update signup.ts

* Update call.ts

* minimum for limit

* type

* remove needless annotation

* wip

* Update signup.ts

* wip

* wip

* fix

* Update create.ts

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2022-02-19 14:05:32 +09:00
tamaina
efb0ffc4ec
refactor: APIエンドポイントファイルの定義を良い感じにする (#8154)
* Fix API Schema Error

* Delete SimpleSchema/SimpleObj
and Move schemas to dedicated files

* Userのスキーマを分割してみる

* define packMany type

* add ,

* Ensure enum schema and Make "as const" put once

* test?

* Revert "test?"

This reverts commit 97dc9bfa70851bfb7d1cf38e883f8df20fb78b79.

* Revert "Fix API Schema Error"

This reverts commit 21b6176d974ed8e3eb73723ad21a105c5d297323.

* ✌️

* clean up

* test?

* wip

* wip

* better schema def

* ✌️

* fix

* add minLength property

* wip

* wip

* wip

* anyOf/oneOf/allOfに対応? ~ relation.ts

* refactor!

* Define MinimumSchema

* wip

* wip

* anyOf/oneOf/allOfが動作するようにUnionSchemaTypeを修正

* anyOf/oneOf/allOfが動作するようにUnionSchemaTypeを修正

* Update packages/backend/src/misc/schema.ts

Co-authored-by: Acid Chicken (硫酸鶏) <root@acid-chicken.com>

* fix

* array oneOfをより正確な型に

* array oneOfをより正確な型に

* wip

* ✌️

* なんかもういろいろ

* remove

* very good schema

* api schema

* wip

* refactor: awaitAllの型定義を変えてみる

* fix

* specify types in awaitAll

* specify types in awaitAll

* ✌️

* wip

* ...

* ✌️

* AllowDateはやめておく

* 不必要なoptional: false, nullable: falseを廃止

* Packedが展開されないように

* 続packed

* wip

* define note type

* wip

* UserDetailedをMeDetailedかUserDetailedNotMeかを区別できるように

* wip

* wip

* wip specify user type of other schemas

* ok

* convertSchemaToOpenApiSchemaを改修

* convertSchemaToOpenApiSchemaを改修

* Fix

* fix

* ✌️

* wip

* 分割代入ではなくallOfで定義するように

Co-authored-by: Acid Chicken (硫酸鶏) <root@acid-chicken.com>
2022-01-18 22:27:10 +09:00
syuilo
4a64280a7c lint 2022-01-03 02:12:50 +09:00
syuilo
c69b72e199 fix lint 2021-12-09 23:58:30 +09:00
syuilo
0e4a111f81 refactoring
Resolve #7779
2021-11-12 02:02:25 +09:00
Renamed from src/server/api/endpoints/admin/reset-password.ts (Browse further)