View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/669 Closes #723 Approved-by: dakkar <dakkar@thenautilus.net> Approved-by: Julia <julia@insertdomain.name>
This commit is contained in:
Julia
commit
1520bc1715
24 changed files with 244 additions and 68 deletions
|
|
@ -122,6 +122,11 @@ export class NodeinfoServerService {
|
|||
enableMcaptcha: meta.enableMcaptcha,
|
||||
enableTurnstile: meta.enableTurnstile,
|
||||
maxNoteTextLength: this.config.maxNoteLength,
|
||||
maxRemoteNoteTextLength: this.config.maxRemoteNoteLength,
|
||||
maxCwLength: this.config.maxCwLength,
|
||||
maxRemoteCwLength: this.config.maxRemoteCwLength,
|
||||
maxAltTextLength: this.config.maxAltTextLength,
|
||||
maxRemoteAltTextLength: this.config.maxRemoteAltTextLength,
|
||||
enableEmail: meta.enableEmail,
|
||||
enableServiceWorker: meta.enableServiceWorker,
|
||||
proxyAccountName: proxyAccount ? proxyAccount.username : null,
|
||||
|
|
|
|||
|
|
@ -5,11 +5,11 @@
|
|||
|
||||
import ms from 'ms';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { DB_MAX_IMAGE_COMMENT_LENGTH } from '@/const.js';
|
||||
import { IdentifiableError } from '@/misc/identifiable-error.js';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
||||
import { DriveService } from '@/core/DriveService.js';
|
||||
import type { Config } from '@/config.js';
|
||||
import { ApiError } from '../../../error.js';
|
||||
import { MiMeta } from '@/models/_.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
|
|
@ -56,6 +56,12 @@ export const meta = {
|
|||
code: 'NO_FREE_SPACE',
|
||||
id: 'd08dbc37-a6a9-463a-8c47-96c32ab5f064',
|
||||
},
|
||||
|
||||
commentTooLong: {
|
||||
message: 'Cannot upload the file because the comment exceeds the instance limit.',
|
||||
code: 'COMMENT_TOO_LONG',
|
||||
id: '333652d9-0826-40f5-a2c3-e2bedcbb9fe5',
|
||||
},
|
||||
},
|
||||
} as const;
|
||||
|
||||
|
|
@ -64,7 +70,7 @@ export const paramDef = {
|
|||
properties: {
|
||||
folderId: { type: 'string', format: 'misskey:id', nullable: true, default: null },
|
||||
name: { type: 'string', nullable: true, default: null },
|
||||
comment: { type: 'string', nullable: true, maxLength: DB_MAX_IMAGE_COMMENT_LENGTH, default: null },
|
||||
comment: { type: 'string', nullable: true, default: null },
|
||||
isSensitive: { type: 'boolean', default: false },
|
||||
force: { type: 'boolean', default: false },
|
||||
},
|
||||
|
|
@ -77,6 +83,9 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
@Inject(DI.meta)
|
||||
private serverSettings: MiMeta,
|
||||
|
||||
@Inject(DI.config)
|
||||
private config: Config,
|
||||
|
||||
private driveFileEntityService: DriveFileEntityService,
|
||||
private driveService: DriveService,
|
||||
) {
|
||||
|
|
@ -94,6 +103,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
}
|
||||
}
|
||||
|
||||
if (ps.comment && ps.comment.length > this.config.maxAltTextLength) {
|
||||
throw new ApiError(meta.errors.commentTooLong);
|
||||
}
|
||||
|
||||
try {
|
||||
// Create file
|
||||
const driveFile = await this.driveService.addFile({
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
|
|||
import { DI } from '@/di-symbols.js';
|
||||
import { RoleService } from '@/core/RoleService.js';
|
||||
import { DriveService } from '@/core/DriveService.js';
|
||||
import type { Config } from '@/config.js';
|
||||
import { ApiError } from '../../../error.js';
|
||||
import { DB_MAX_IMAGE_COMMENT_LENGTH } from '@/const.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['drive'],
|
||||
|
|
@ -51,6 +51,12 @@ export const meta = {
|
|||
code: 'RESTRICTED_BY_ROLE',
|
||||
id: '7f59dccb-f465-75ab-5cf4-3ce44e3282f7',
|
||||
},
|
||||
|
||||
commentTooLong: {
|
||||
message: 'Cannot upload the file because the comment exceeds the instance limit.',
|
||||
code: 'COMMENT_TOO_LONG',
|
||||
id: '333652d9-0826-40f5-a2c3-e2bedcbb9fe5',
|
||||
},
|
||||
},
|
||||
res: {
|
||||
type: 'object',
|
||||
|
|
@ -66,7 +72,7 @@ export const paramDef = {
|
|||
folderId: { type: 'string', format: 'misskey:id', nullable: true },
|
||||
name: { type: 'string' },
|
||||
isSensitive: { type: 'boolean' },
|
||||
comment: { type: 'string', nullable: true, maxLength: DB_MAX_IMAGE_COMMENT_LENGTH },
|
||||
comment: { type: 'string', nullable: true },
|
||||
},
|
||||
required: ['fileId'],
|
||||
} as const;
|
||||
|
|
@ -76,6 +82,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
constructor(
|
||||
@Inject(DI.driveFilesRepository)
|
||||
private driveFilesRepository: DriveFilesRepository,
|
||||
@Inject(DI.config)
|
||||
private config: Config,
|
||||
|
||||
private driveService: DriveService,
|
||||
private roleService: RoleService,
|
||||
|
|
@ -90,6 +98,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
throw new ApiError(meta.errors.accessDenied);
|
||||
}
|
||||
|
||||
if (ps.comment && ps.comment.length > this.config.maxAltTextLength) {
|
||||
throw new ApiError(meta.errors.commentTooLong);
|
||||
}
|
||||
|
||||
let packedFile;
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -4,12 +4,14 @@
|
|||
*/
|
||||
|
||||
import ms from 'ms';
|
||||
import { Injectable } from '@nestjs/common';
|
||||
import { Inject, Injectable } from '@nestjs/common';
|
||||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import { GlobalEventService } from '@/core/GlobalEventService.js';
|
||||
import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.js';
|
||||
import { DriveService } from '@/core/DriveService.js';
|
||||
import { DB_MAX_IMAGE_COMMENT_LENGTH } from '@/const.js';
|
||||
import { ApiError } from '@/server/api/error.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import type { Config } from '@/config.js';
|
||||
|
||||
export const meta = {
|
||||
tags: ['drive'],
|
||||
|
|
@ -26,6 +28,14 @@ export const meta = {
|
|||
prohibitMoved: true,
|
||||
|
||||
kind: 'write:drive',
|
||||
|
||||
errors: {
|
||||
commentTooLong: {
|
||||
message: 'Cannot upload the file because the comment exceeds the instance limit.',
|
||||
code: 'COMMENT_TOO_LONG',
|
||||
id: '333652d9-0826-40f5-a2c3-e2bedcbb9fe5',
|
||||
},
|
||||
},
|
||||
} as const;
|
||||
|
||||
export const paramDef = {
|
||||
|
|
@ -34,7 +44,7 @@ export const paramDef = {
|
|||
url: { type: 'string' },
|
||||
folderId: { type: 'string', format: 'misskey:id', nullable: true, default: null },
|
||||
isSensitive: { type: 'boolean', default: false },
|
||||
comment: { type: 'string', nullable: true, maxLength: DB_MAX_IMAGE_COMMENT_LENGTH, default: null },
|
||||
comment: { type: 'string', nullable: true, default: null },
|
||||
marker: { type: 'string', nullable: true, default: null },
|
||||
force: { type: 'boolean', default: false },
|
||||
},
|
||||
|
|
@ -44,11 +54,18 @@ export const paramDef = {
|
|||
@Injectable()
|
||||
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
|
||||
constructor(
|
||||
@Inject(DI.config)
|
||||
private config: Config,
|
||||
|
||||
private driveFileEntityService: DriveFileEntityService,
|
||||
private driveService: DriveService,
|
||||
private globalEventService: GlobalEventService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, user, _1, _2, _3, ip, headers) => {
|
||||
if (ps.comment && ps.comment.length > this.config.maxAltTextLength) {
|
||||
throw new ApiError(meta.errors.commentTooLong);
|
||||
}
|
||||
|
||||
this.driveService.uploadFromUrl({ url: ps.url, user, folderId: ps.folderId, sensitive: ps.isSensitive, force: ps.force, comment: ps.comment, requestIp: ip, requestHeaders: headers }).then(file => {
|
||||
this.driveFileEntityService.pack(file, { self: true }).then(packedFile => {
|
||||
this.globalEventService.publishMainStream(user.id, 'urlUploadFinished', {
|
||||
|
|
|
|||
|
|
@ -5,15 +5,12 @@
|
|||
|
||||
process.env.NODE_ENV = 'test';
|
||||
|
||||
import { readFile } from 'node:fs/promises';
|
||||
import { fileURLToPath } from 'node:url';
|
||||
import { dirname } from 'node:path';
|
||||
import { describe, test, expect } from '@jest/globals';
|
||||
import { loadConfig } from '@/config.js';
|
||||
import { getValidator } from '../../../../../test/prelude/get-api-validator.js';
|
||||
import { paramDef } from './create.js';
|
||||
|
||||
const _filename = fileURLToPath(import.meta.url);
|
||||
const _dirname = dirname(_filename);
|
||||
const config = loadConfig();
|
||||
|
||||
const VALID = true;
|
||||
const INVALID = false;
|
||||
|
|
@ -21,7 +18,12 @@ const INVALID = false;
|
|||
describe('api:notes/create', () => {
|
||||
describe('validation', () => {
|
||||
const v = getValidator(paramDef);
|
||||
const tooLong = readFile(_dirname + '/../../../../../test/resources/misskey.svg', 'utf-8');
|
||||
const tooLong = (limit: number) => {
|
||||
const arr: string[] = [''];
|
||||
arr.length = limit + 1;
|
||||
arr.fill('a');
|
||||
return arr.join('');
|
||||
};
|
||||
|
||||
test('reject empty', () => {
|
||||
const valid = v({ });
|
||||
|
|
@ -71,8 +73,8 @@ describe('api:notes/create', () => {
|
|||
.toBe(INVALID);
|
||||
});
|
||||
|
||||
test('over 500 characters cw', async () => {
|
||||
expect(v({ text: 'Body', cw: await tooLong }))
|
||||
test('over max characters cw', async () => {
|
||||
expect(v({ text: '', cw: tooLong(config.maxNoteLength) }))
|
||||
.toBe(INVALID);
|
||||
});
|
||||
});
|
||||
|
|
@ -220,7 +222,7 @@ describe('api:notes/create', () => {
|
|||
});
|
||||
|
||||
test('reject poll with too long choice', async () => {
|
||||
expect(v({ poll: { choices: [await tooLong, '2'] } }))
|
||||
expect(v({ poll: { choices: [tooLong(config.maxNoteLength), '2'] } }))
|
||||
.toBe(INVALID);
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -90,6 +90,12 @@ export const meta = {
|
|||
id: '3ac74a84-8fd5-4bb0-870f-01804f82ce16',
|
||||
},
|
||||
|
||||
maxCwLength: {
|
||||
message: 'You tried posting a content warning which is too long.',
|
||||
code: 'MAX_CW_LENGTH',
|
||||
id: '7004c478-bda3-4b4f-acb2-4316398c9d52',
|
||||
},
|
||||
|
||||
cannotReplyToSpecifiedVisibilityNoteWithExtendedVisibility: {
|
||||
message: 'You cannot reply to a specified visibility note with extended visibility.',
|
||||
code: 'CANNOT_REPLY_TO_SPECIFIED_VISIBILITY_NOTE_WITH_EXTENDED_VISIBILITY',
|
||||
|
|
@ -147,7 +153,7 @@ export const paramDef = {
|
|||
visibleUserIds: { type: 'array', uniqueItems: true, items: {
|
||||
type: 'string', format: 'misskey:id',
|
||||
} },
|
||||
cw: { type: 'string', nullable: true, minLength: 1, maxLength: 500 },
|
||||
cw: { type: 'string', nullable: true, minLength: 1 },
|
||||
localOnly: { type: 'boolean', default: false },
|
||||
reactionAcceptance: { type: 'string', nullable: true, enum: [null, 'likeOnly', 'likeOnlyForRemote', 'nonSensitiveOnly', 'nonSensitiveOnlyForLocalLikeOnlyForRemote'], default: null },
|
||||
noExtractMentions: { type: 'boolean', default: false },
|
||||
|
|
@ -250,10 +256,12 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
private noteCreateService: NoteCreateService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
const contentLength = (ps.text?.length ?? 0) + (ps.cw?.length ?? 0);
|
||||
if (contentLength > this.config.maxNoteLength) {
|
||||
if (ps.text && ps.text.length > this.config.maxNoteLength) {
|
||||
throw new ApiError(meta.errors.maxLength);
|
||||
}
|
||||
if (ps.cw && ps.cw.length > this.config.maxCwLength) {
|
||||
throw new ApiError(meta.errors.maxCwLength);
|
||||
}
|
||||
|
||||
let visibleUsers: MiUser[] = [];
|
||||
if (ps.visibleUserIds) {
|
||||
|
|
|
|||
|
|
@ -86,6 +86,12 @@ export const meta = {
|
|||
id: '3ac74a84-8fd5-4bb0-870f-01804f82ce16',
|
||||
},
|
||||
|
||||
maxCwLength: {
|
||||
message: 'You tried posting a content warning which is too long.',
|
||||
code: 'MAX_CW_LENGTH',
|
||||
id: '7004c478-bda3-4b4f-acb2-4316398c9d52',
|
||||
},
|
||||
|
||||
cannotReplyToSpecifiedVisibilityNoteWithExtendedVisibility: {
|
||||
message: 'You cannot reply to a specified visibility note with extended visibility.',
|
||||
code: 'CANNOT_REPLY_TO_SPECIFIED_VISIBILITY_NOTE_WITH_EXTENDED_VISIBILITY',
|
||||
|
|
@ -197,7 +203,7 @@ export const paramDef = {
|
|||
format: 'misskey:id',
|
||||
},
|
||||
},
|
||||
cw: { type: 'string', nullable: true, minLength: 1, maxLength: 500 },
|
||||
cw: { type: 'string', nullable: true, minLength: 1 },
|
||||
localOnly: { type: 'boolean', default: false },
|
||||
reactionAcceptance: { type: 'string', nullable: true, enum: [null, 'likeOnly', 'likeOnlyForRemote', 'nonSensitiveOnly', 'nonSensitiveOnlyForLocalLikeOnlyForRemote'], default: null },
|
||||
noExtractMentions: { type: 'boolean', default: false },
|
||||
|
|
@ -297,10 +303,12 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
private noteEditService: NoteEditService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
const contentLength = (ps.text?.length ?? 0) + (ps.cw?.length ?? 0);
|
||||
if (contentLength > this.config.maxNoteLength) {
|
||||
if (ps.text && ps.text.length > this.config.maxNoteLength) {
|
||||
throw new ApiError(meta.errors.maxLength);
|
||||
}
|
||||
if (ps.cw && ps.cw.length > this.config.maxCwLength) {
|
||||
throw new ApiError(meta.errors.maxCwLength);
|
||||
}
|
||||
|
||||
let visibleUsers: MiUser[] = [];
|
||||
if (ps.visibleUserIds) {
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ export async function getInstance(
|
|||
},
|
||||
polls: {
|
||||
max_options: 10,
|
||||
max_characters_per_option: 50,
|
||||
max_characters_per_option: 150,
|
||||
min_expiration: 50,
|
||||
max_expiration: 2629746,
|
||||
},
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue