prevent the old account from calling some endpoints

This commit is contained in:
Namekuji 2023-04-13 13:46:01 -04:00
parent 91a59da055
commit 5e845f1ad5
38 changed files with 92 additions and 3 deletions

View file

@ -261,6 +261,17 @@ export class ApiCallService implements OnApplicationShutdown {
}
}
if (ep.meta.prohibitMoved) {
if (user?.movedToUri) {
throw new ApiError({
message: 'You have moved your account.',
code: 'YOUR_ACCOUNT_MOVED',
id: '56f20ec9-fd06-4fa5-841b-edd6d7d4fa31',
httpStatusCode: 403,
});
}
}
if ((ep.meta.requireModerator || ep.meta.requireAdmin) && !user!.isRoot) {
const myRoles = await this.roleService.getUserRoles(user!.id);
if (ep.meta.requireModerator && !myRoles.some(r => r.isModerator || r.isAdministrator)) {

View file

@ -702,6 +702,12 @@ export interface IEndpointMeta {
readonly requireRolePolicy?: keyof RolePolicies;
/**
*
* false
*/
readonly prohibitMoved?: boolean;
/**
*
*

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
errors: {
@ -71,7 +73,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
@Inject(DI.userListsRepository)
private userListsRepository: UserListsRepository,
private antennaEntityService: AntennaEntityService,
private globalEventService: GlobalEventService,
) {

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: false,
prohibitMoved: true,
res: {
type: 'object',
optional: false, nullable: false,

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:channels',
limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:channels',
errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:channels',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:channels',
errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:channels',
errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
limit: {

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
res: {
@ -57,7 +59,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
if (currentCount > (await this.roleService.getUserPolicies(me.id)).clipLimit) {
throw new ApiError(meta.errors.tooManyClips);
}
const clip = await this.clipsRepository.insert({
id: this.idService.genId(),
createdAt: new Date(),

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:clip-favorite',
errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:clip-favorite',
errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
errors: {

View file

@ -15,6 +15,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
limit: {
duration: ms('1hour'),
max: 120,

View file

@ -19,6 +19,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:drive',
} as const;

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:flash',
limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:flash-likes',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:flash-likes',
errors: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:flash',
limit: {

View file

@ -19,6 +19,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:following',
errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery',
limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery-likes',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery-likes',
errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:gallery',
limit: {

View file

@ -18,6 +18,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
limit: {
duration: ms('1hour'),
max: 300,

View file

@ -17,6 +17,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:votes',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:reactions',
errors: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:pages',
limit: {

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:page-likes',
errors: {

View file

@ -9,6 +9,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:page-likes',
errors: {

View file

@ -11,6 +11,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:pages',
limit: {

View file

@ -13,6 +13,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
description: 'Create a new list of users.',
@ -58,7 +60,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> {
if (currentCount > (await this.roleService.getUserPolicies(me.id)).userListLimit) {
throw new ApiError(meta.errors.tooManyUserLists);
}
const userList = await this.userListsRepository.insert({
id: this.idService.genId(),
createdAt: new Date(),

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
description: 'Remove a user from a list.',

View file

@ -12,6 +12,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
description: 'Add a user to an existing list.',

View file

@ -10,6 +10,8 @@ export const meta = {
requireCredential: true,
prohibitMoved: true,
kind: 'write:account',
description: 'Update the properties of a list.',