prevent the old account from calling some endpoints

This commit is contained in:
Namekuji 2023-04-13 13:46:01 -04:00
parent 91a59da055
commit 5e845f1ad5
38 changed files with 92 additions and 3 deletions

View file

@ -261,6 +261,17 @@ export class ApiCallService implements OnApplicationShutdown {
} }
} }
if (ep.meta.prohibitMoved) {
if (user?.movedToUri) {
throw new ApiError({
message: 'You have moved your account.',
code: 'YOUR_ACCOUNT_MOVED',
id: '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31',
httpStatusCode: 403,
});
}
}
if ((ep.meta.requireModerator || ep.meta.requireAdmin) && !user!.isRoot) { if ((ep.meta.requireModerator || ep.meta.requireAdmin) && !user!.isRoot) {
const myRoles = await this.roleService.getUserRoles(user!.id); const myRoles = await this.roleService.getUserRoles(user!.id);
if (ep.meta.requireModerator && !myRoles.some(r => r.isModerator || r.isAdministrator)) { if (ep.meta.requireModerator && !myRoles.some(r => r.isModerator || r.isAdministrator)) {

View file

@ -702,6 +702,12 @@ export interface IEndpointMeta {
readonly requireRolePolicy?: keyof RolePolicies; readonly requireRolePolicy?: keyof RolePolicies;
/**
*
* false
*/
readonly prohibitMoved?: boolean;
/** /**
* *
* *

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
errors: { errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
errors: { errors: {
@ -71,7 +73,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
@Inject(DI.userListsRepository) @Inject(DI.userListsRepository)
private userListsRepository: UserListsRepository, private userListsRepository: UserListsRepository,
private antennaEntityService: AntennaEntityService, private antennaEntityService: AntennaEntityService,
private globalEventService: GlobalEventService, private globalEventService: GlobalEventService,
) { ) {

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: false, requireCredential: false,
prohibitMoved: true,
res: { res: {
type: 'object', type: 'object',
optional: false, nullable: false, optional: false, nullable: false,

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:channels', kind: 'write:channels',
limit: { limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:channels', kind: 'write:channels',
errors: { errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:channels', kind: 'write:channels',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:channels', kind: 'write:channels',
errors: { errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:channels', kind: 'write:channels',
errors: { errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
limit: { limit: {

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
res: { res: {
@ -57,7 +59,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
if (currentCount > (await this.roleService.getUserPolicies(me.id)).clipLimit) { if (currentCount > (await this.roleService.getUserPolicies(me.id)).clipLimit) {
throw new ApiError(meta.errors.tooManyClips); throw new ApiError(meta.errors.tooManyClips);
} }
const clip = await this.clipsRepository.insert({ const clip = await this.clipsRepository.insert({
id: this.idService.genId(), id: this.idService.genId(),
createdAt: new Date(), createdAt: new Date(),

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:clip-favorite', kind: 'write:clip-favorite',
errors: { errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:clip-favorite', kind: 'write:clip-favorite',
errors: { errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
errors: { errors: {

View file

@ -15,6 +15,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
limit: { limit: {
duration: ms('1hour'), duration: ms('1hour'),
max: 120, max: 120,

View file

@ -19,6 +19,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:drive', kind: 'write:drive',
} as const; } as const;

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:flash', kind: 'write:flash',
limit: { limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:flash-likes', kind: 'write:flash-likes',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:flash-likes', kind: 'write:flash-likes',
errors: { errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:flash', kind: 'write:flash',
limit: { limit: {

View file

@ -19,6 +19,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:following', kind: 'write:following',
errors: { errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery', kind: 'write:gallery',
limit: { limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery-likes', kind: 'write:gallery-likes',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery-likes', kind: 'write:gallery-likes',
errors: { errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery', kind: 'write:gallery',
limit: { limit: {

View file

@ -18,6 +18,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
limit: { limit: {
duration: ms('1hour'), duration: ms('1hour'),
max: 300, max: 300,

View file

@ -17,6 +17,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:votes', kind: 'write:votes',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:reactions', kind: 'write:reactions',
errors: { errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:pages', kind: 'write:pages',
limit: { limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:page-likes', kind: 'write:page-likes',
errors: { errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:page-likes', kind: 'write:page-likes',
errors: { errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:pages', kind: 'write:pages',
limit: { limit: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
description: 'Create a new list of users.', description: 'Create a new list of users.',
@ -58,7 +60,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
if (currentCount > (await this.roleService.getUserPolicies(me.id)).userListLimit) { if (currentCount > (await this.roleService.getUserPolicies(me.id)).userListLimit) {
throw new ApiError(meta.errors.tooManyUserLists); throw new ApiError(meta.errors.tooManyUserLists);
} }
const userList = await this.userListsRepository.insert({ const userList = await this.userListsRepository.insert({
id: this.idService.genId(), id: this.idService.genId(),
createdAt: new Date(), createdAt: new Date(),

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
description: 'Remove a user from a list.', description: 'Remove a user from a list.',

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
description: 'Add a user to an existing list.', description: 'Add a user to an existing list.',

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true, requireCredential: true,
prohibitMoved: true,
kind: 'write:account', kind: 'write:account',
description: 'Update the properties of a list.', description: 'Update the properties of a list.',