Merge branch 'develop' into fetch-outbox

2023-07-15 14:04:54 +00:00 · 2023-07-15 14:04:54 +00:00 · 6b26ce3768
commit 6b26ce3768
parent 5a0d7d41e6 d5f30ecb86
68 changed files with 2450 additions and 966 deletions
--- a/packages/backend/src/core/CoreModule.ts
+++ b/packages/backend/src/core/CoreModule.ts
@ -81,6 +81,7 @@ import { GalleryLikeEntityService } from './entities/GalleryLikeEntityService.js
 import { GalleryPostEntityService } from './entities/GalleryPostEntityService.js';
 import { HashtagEntityService } from './entities/HashtagEntityService.js';
 import { InstanceEntityService } from './entities/InstanceEntityService.js';
+import { InviteCodeEntityService } from './entities/InviteCodeEntityService.js';
 import { ModerationLogEntityService } from './entities/ModerationLogEntityService.js';
 import { MutingEntityService } from './entities/MutingEntityService.js';
 import { RenoteMutingEntityService } from './entities/RenoteMutingEntityService.js';
@ -205,6 +206,7 @@ const $GalleryLikeEntityService: Provider = { provide: 'GalleryLikeEntityService
 const $GalleryPostEntityService: Provider = { provide: 'GalleryPostEntityService', useExisting: GalleryPostEntityService };
 const $HashtagEntityService: Provider = { provide: 'HashtagEntityService', useExisting: HashtagEntityService };
 const $InstanceEntityService: Provider = { provide: 'InstanceEntityService', useExisting: InstanceEntityService };
+const $InviteCodeEntityService: Provider = { provide: 'InviteCodeEntityService', useExisting: InviteCodeEntityService };
 const $ModerationLogEntityService: Provider = { provide: 'ModerationLogEntityService', useExisting: ModerationLogEntityService };
 const $MutingEntityService: Provider = { provide: 'MutingEntityService', useExisting: MutingEntityService };
 const $RenoteMutingEntityService: Provider = { provide: 'RenoteMutingEntityService', useExisting: RenoteMutingEntityService };
@ -329,6 +331,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		GalleryPostEntityService,
 		HashtagEntityService,
 		InstanceEntityService,
+		InviteCodeEntityService,
 		ModerationLogEntityService,
 		MutingEntityService,
 		RenoteMutingEntityService,
@ -448,6 +451,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$GalleryPostEntityService,
 		$HashtagEntityService,
 		$InstanceEntityService,
+		$InviteCodeEntityService,
 		$ModerationLogEntityService,
 		$MutingEntityService,
 		$RenoteMutingEntityService,
@ -567,6 +571,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		GalleryPostEntityService,
 		HashtagEntityService,
 		InstanceEntityService,
+		InviteCodeEntityService,
 		ModerationLogEntityService,
 		MutingEntityService,
 		RenoteMutingEntityService,
@ -685,6 +690,7 @@ const $ApQuestionService: Provider = { provide: 'ApQuestionService', useExisting
 		$GalleryPostEntityService,
 		$HashtagEntityService,
 		$InstanceEntityService,
+		$InviteCodeEntityService,
 		$ModerationLogEntityService,
 		$MutingEntityService,
 		$RenoteMutingEntityService,
--- a/packages/backend/src/core/CreateSystemUserService.ts
+++ b/packages/backend/src/core/CreateSystemUserService.ts
@ -1,6 +1,6 @@
+import { randomUUID } from 'node:crypto';
 import { Inject, Injectable } from '@nestjs/common';
 import bcrypt from 'bcryptjs';
-import { v4 as uuid } from 'uuid';
 import { IsNull, DataSource } from 'typeorm';
 import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
 import { User } from '@/models/entities/User.js';
@ -24,7 +24,7 @@ export class CreateSystemUserService {

 	@bindThis
 	public async createSystemUser(username: string): Promise<User> {
-		const password = uuid();
+		const password = randomUUID();

 		// Generate hash of password
 		const salt = await bcrypt.genSalt(8);
--- a/packages/backend/src/core/DriveService.ts
+++ b/packages/backend/src/core/DriveService.ts
@ -1,6 +1,6 @@
+import { randomUUID } from 'node:crypto';
 import * as fs from 'node:fs';
 import { Inject, Injectable } from '@nestjs/common';
-import { v4 as uuid } from 'uuid';
 import sharp from 'sharp';
 import { sharpBmp } from 'sharp-read-bmp';
 import { IsNull } from 'typeorm';
@ -162,7 +162,7 @@ export class DriveService {
 				?? `${ meta.objectStorageUseSSL ? 'https' : 'http' }://${ meta.objectStorageEndpoint }${ meta.objectStoragePort ? `:${meta.objectStoragePort}` : '' }/${ meta.objectStorageBucket }`;

 			// for original
-			const key = `${meta.objectStoragePrefix}/${uuid()}${ext}`;
+			const key = `${meta.objectStoragePrefix}/${randomUUID()}${ext}`;
 			const url = `${ baseUrl }/${ key }`;

 			// for alts
@ -179,7 +179,7 @@ export class DriveService {
 			];

 			if (alts.webpublic) {
-				webpublicKey = `${meta.objectStoragePrefix}/webpublic-${uuid()}.${alts.webpublic.ext}`;
+				webpublicKey = `${meta.objectStoragePrefix}/webpublic-${randomUUID()}.${alts.webpublic.ext}`;
 				webpublicUrl = `${ baseUrl }/${ webpublicKey }`;

 				this.registerLogger.info(`uploading webpublic: ${webpublicKey}`);
@ -187,7 +187,7 @@ export class DriveService {
 			}

 			if (alts.thumbnail) {
-				thumbnailKey = `${meta.objectStoragePrefix}/thumbnail-${uuid()}.${alts.thumbnail.ext}`;
+				thumbnailKey = `${meta.objectStoragePrefix}/thumbnail-${randomUUID()}.${alts.thumbnail.ext}`;
 				thumbnailUrl = `${ baseUrl }/${ thumbnailKey }`;

 				this.registerLogger.info(`uploading thumbnail: ${thumbnailKey}`);
@ -212,9 +212,9 @@ export class DriveService {

 			return await this.driveFilesRepository.insert(file).then(x => this.driveFilesRepository.findOneByOrFail(x.identifiers[0]));
 		} else { // use internal storage
-			const accessKey = uuid();
-			const thumbnailAccessKey = 'thumbnail-' + uuid();
-			const webpublicAccessKey = 'webpublic-' + uuid();
+			const accessKey = randomUUID();
+			const thumbnailAccessKey = 'thumbnail-' + randomUUID();
+			const webpublicAccessKey = 'webpublic-' + randomUUID();

 			const url = this.internalStorageService.saveFromPath(accessKey, path);

@ -584,9 +584,9 @@ export class DriveService {
 			if (isLink) {
 				file.url = url;
 				// ローカルプロキシ用
-				file.accessKey = uuid();
-				file.thumbnailAccessKey = 'thumbnail-' + uuid();
-				file.webpublicAccessKey = 'webpublic-' + uuid();
+				file.accessKey = randomUUID();
+				file.thumbnailAccessKey = 'thumbnail-' + randomUUID();
+				file.webpublicAccessKey = 'webpublic-' + randomUUID();
 			}
 		}

@ -713,9 +713,9 @@ export class DriveService {
 				webpublicUrl: null,
 				storedInternal: false,
 				// ローカルプロキシ用
-				accessKey: uuid(),
-				thumbnailAccessKey: 'thumbnail-' + uuid(),
-				webpublicAccessKey: 'webpublic-' + uuid(),
+				accessKey: randomUUID(),
+				thumbnailAccessKey: 'thumbnail-' + randomUUID(),
+				webpublicAccessKey: 'webpublic-' + randomUUID(),
 			});
 		} else {
 			this.driveFilesRepository.delete(file.id);
--- a/packages/backend/src/core/HttpRequestService.ts
+++ b/packages/backend/src/core/HttpRequestService.ts
@ -1,5 +1,6 @@
 import * as http from 'node:http';
 import * as https from 'node:https';
+import * as net from 'node:net';
 import CacheableLookup from 'cacheable-lookup';
 import fetch from 'node-fetch';
 import { HttpProxyAgent, HttpsProxyAgent } from 'hpagent';
@ -46,14 +47,14 @@ export class HttpRequestService {
 		this.http = new http.Agent({
 			keepAlive: true,
 			keepAliveMsecs: 30 * 1000,
-			lookup: cache.lookup,
-		} as http.AgentOptions);
+			lookup: cache.lookup as unknown as net.LookupFunction,
+		});

 		this.https = new https.Agent({
 			keepAlive: true,
 			keepAliveMsecs: 30 * 1000,
-			lookup: cache.lookup,
-		} as https.AgentOptions);
+			lookup: cache.lookup as unknown as net.LookupFunction,
+		});

 		const maxSockets = Math.max(256, config.deliverJobConcurrency ?? 128);

@ -144,7 +145,7 @@ export class HttpRequestService {
 			method: args.method ?? 'GET',
 			headers: {
 				'User-Agent': this.config.userAgent,
-				...(args.headers ?? {})
+				...(args.headers ?? {}),
 			},
 			body: args.body,
 			size: args.size ?? 10 * 1024 * 1024,
--- a/packages/backend/src/core/QueueService.ts
+++ b/packages/backend/src/core/QueueService.ts
@ -1,5 +1,5 @@
+import { randomUUID } from 'node:crypto';
 import { Inject, Injectable } from '@nestjs/common';
-import { v4 as uuid } from 'uuid';
 import type { IActivity } from '@/core/activitypub/type.js';
 import type { DriveFile } from '@/models/entities/DriveFile.js';
 import type { Webhook, webhookEventTypes } from '@/models/entities/Webhook.js';
@ -416,7 +416,7 @@ export class QueueService {
 			to: webhook.url,
 			secret: webhook.secret,
 			createdAt: Date.now(),
-			eventId: uuid(),
+			eventId: randomUUID(),
 		};

 		return this.webhookDeliverQueue.add(webhook.id, data, {
--- a/packages/backend/src/core/RemoteUserResolveService.ts
+++ b/packages/backend/src/core/RemoteUserResolveService.ts
@ -71,7 +71,7 @@ export class RemoteUserResolveService {
 			return await this.apPersonService.createPerson(self.href);
 		}

-		// ユーザー情報が古い場合は、WebFilgerからやりなおして返す
+		// ユーザー情報が古い場合は、WebFingerからやりなおして返す
 		if (user.lastFetchedAt == null || Date.now() - user.lastFetchedAt.getTime() > 1000 * 60 * 60 * 24) {
 			// 繋がらないインスタンスに何回も試行するのを防ぐ, 後続の同様処理の連続試行を防ぐ ため 試行前にも更新する
 			await this.usersRepository.update(user.id, {
--- a/packages/backend/src/core/RoleService.ts
+++ b/packages/backend/src/core/RoleService.ts
@ -21,6 +21,9 @@ export type RolePolicies = {
 	ltlAvailable: boolean;
 	canPublicNote: boolean;
 	canInvite: boolean;
+	inviteLimit: number;
+	inviteLimitCycle: number;
+	inviteExpirationTime: number;
 	canManageCustomEmojis: boolean;
 	canSearchNotes: boolean;
 	canHideAds: boolean;
@ -42,6 +45,9 @@ export const DEFAULT_POLICIES: RolePolicies = {
 	ltlAvailable: true,
 	canPublicNote: true,
 	canInvite: false,
+	inviteLimit: 0,
+	inviteLimitCycle: 60 * 24 * 7,
+	inviteExpirationTime: 0,
 	canManageCustomEmojis: false,
 	canSearchNotes: false,
 	canHideAds: false,
@ -277,6 +283,9 @@ export class RoleService implements OnApplicationShutdown {
 			ltlAvailable: calc('ltlAvailable', vs => vs.some(v => v === true)),
 			canPublicNote: calc('canPublicNote', vs => vs.some(v => v === true)),
 			canInvite: calc('canInvite', vs => vs.some(v => v === true)),
+			inviteLimit: calc('inviteLimit', vs => Math.max(...vs)),
+			inviteLimitCycle: calc('inviteLimitCycle', vs => Math.max(...vs)),
+			inviteExpirationTime: calc('inviteExpirationTime', vs => Math.max(...vs)),
 			canManageCustomEmojis: calc('canManageCustomEmojis', vs => vs.some(v => v === true)),
 			canSearchNotes: calc('canSearchNotes', vs => vs.some(v => v === true)),
 			canHideAds: calc('canHideAds', vs => vs.some(v => v === true)),
--- a/packages/backend/src/core/SearchService.ts
+++ b/packages/backend/src/core/SearchService.ts
@ -52,6 +52,7 @@ function compileQuery(q: Q): string {

@Injectable()
 export class SearchService {
+	private readonly meilisearchIndexScope: 'local' | 'global' | string[] = 'local';
 	private meilisearchNoteIndex: Index | null = null;

 	constructor(
@ -92,6 +93,10 @@ export class SearchService {
 				},
 			});
 		}
+
+		if (config.meilisearch?.scope) {
+			this.meilisearchIndexScope = config.meilisearch.scope;
+		}
 	}

 	@bindThis
@ -100,7 +105,22 @@ export class SearchService {
 		if (!['home', 'public'].includes(note.visibility)) return;

 		if (this.meilisearch) {
-			this.meilisearchNoteIndex!.addDocuments([{
+			switch (this.meilisearchIndexScope) {
+				case 'global':
+					break;
+
+				case 'local':
+					if (note.userHost == null) break;
+					return;
+
+				default: {
+					if (note.userHost == null) break;
+					if (this.meilisearchIndexScope.includes(note.userHost)) break;
+					return;
+				}
+			}
+
+			await this.meilisearchNoteIndex?.addDocuments([{
 				id: note.id,
 				createdAt: note.createdAt.getTime(),
 				userId: note.userId,
--- a/packages/backend/src/core/activitypub/ApRendererService.ts
+++ b/packages/backend/src/core/activitypub/ApRendererService.ts
@ -1,7 +1,6 @@
-import { createPublicKey } from 'node:crypto';
+import { createPublicKey, randomUUID } from 'node:crypto';
 import { Inject, Injectable } from '@nestjs/common';
 import { In } from 'typeorm';
-import { v4 as uuid } from 'uuid';
 import * as mfm from 'mfm-js';
 import { DI } from '@/di-symbols.js';
 import type { Config } from '@/config.js';
@ -613,7 +612,7 @@ export class ApRendererService {
 	@bindThis
 	public addContext<T extends IObject>(x: T): T & { '@context': any; id: string; } {
 		if (typeof x === 'object' && x.id == null) {
-			x.id = `${this.config.url}/${uuid()}`;
+			x.id = `${this.config.url}/${randomUUID()}`;
 		}

 		return Object.assign({
--- a/packages/backend/src/core/activitypub/models/ApImageService.ts
+++ b/packages/backend/src/core/activitypub/models/ApImageService.ts
@ -1,7 +1,6 @@
 import { Inject, Injectable } from '@nestjs/common';
 import { DI } from '@/di-symbols.js';
 import type { DriveFilesRepository } from '@/models/index.js';
-import type { Config } from '@/config.js';
 import type { RemoteUser } from '@/models/entities/User.js';
 import type { DriveFile } from '@/models/entities/DriveFile.js';
 import { MetaService } from '@/core/MetaService.js';
@ -20,9 +19,6 @@ export class ApImageService {
 	private logger: Logger;

 	constructor(
-		@Inject(DI.config)
-		private config: Config,
-
 		@Inject(DI.driveFilesRepository)
 		private driveFilesRepository: DriveFilesRepository,

@ -47,7 +43,7 @@ export class ApImageService {
 		const image = await this.apResolverService.createResolver().resolve(value);

 		if (image.url == null) {
-			throw new Error('invalid image: url not privided');
+			throw new Error('invalid image: url not provided');
 		}

 		if (typeof image.url !== 'string') {
@ -62,12 +58,17 @@ export class ApImageService {

 		const instance = await this.metaService.fetch();

+		// Cache if remote file cache is on AND either
+		// 1. remote sensitive file is also on
+		// 2. or the image is not sensitive
+		const shouldBeCached = instance.cacheRemoteFiles && (instance.cacheRemoteSensitiveFiles || !image.sensitive);
+
 		const file = await this.driveService.uploadFromUrl({
 			url: image.url,
 			user: actor,
 			uri: image.url,
 			sensitive: image.sensitive,
-			isLink: !instance.cacheRemoteFiles,
+			isLink: !shouldBeCached,
 			comment: truncate(image.name ?? undefined, DB_MAX_IMAGE_COMMENT_LENGTH),
 		});
 		if (!file.isLink || file.url === image.url) return file;
--- a/packages/backend/src/core/entities/InviteCodeEntityService.ts
+++ b/packages/backend/src/core/entities/InviteCodeEntityService.ts
@ -0,0 +1,52 @@
+import { Inject, Injectable } from '@nestjs/common';
+import { DI } from '@/di-symbols.js';
+import type { RegistrationTicketsRepository } from '@/models/index.js';
+import { awaitAll } from '@/misc/prelude/await-all.js';
+import type { Packed } from '@/misc/json-schema.js';
+import type { User } from '@/models/entities/User.js';
+import type { RegistrationTicket } from '@/models/entities/RegistrationTicket.js';
+import { bindThis } from '@/decorators.js';
+import { UserEntityService } from './UserEntityService.js';
+
+@Injectable()
+export class InviteCodeEntityService {
+	constructor(
+		@Inject(DI.registrationTicketsRepository)
+		private registrationTicketsRepository: RegistrationTicketsRepository,
+
+		private userEntityService: UserEntityService,
+	) {
+	}
+
+	@bindThis
+	public async pack(
+		src: RegistrationTicket['id'] | RegistrationTicket,
+		me?: { id: User['id'] } | null | undefined,
+	): Promise<Packed<'InviteCode'>> {
+		const target = typeof src === 'object' ? src : await this.registrationTicketsRepository.findOneOrFail({
+			where: {
+				id: src,
+			},
+			relations: ['createdBy', 'usedBy'],
+		});
+
+		return await awaitAll({
+			id: target.id,
+			code: target.code,
+			expiresAt: target.expiresAt ? target.expiresAt.toISOString() : null,
+			createdAt: target.createdAt.toISOString(),
+			createdBy: target.createdBy ? await this.userEntityService.pack(target.createdBy, me) : null,
+			usedBy: target.usedBy ? await this.userEntityService.pack(target.usedBy, me) : null,
+			usedAt: target.usedAt ? target.usedAt.toISOString() : null,
+			used: !!target.usedAt,
+		});
+	}
+
+	@bindThis
+	public packMany(
+		targets: any[],
+		me: { id: User['id'] },
+	) {
+		return Promise.all(targets.map(x => this.pack(x, me)));
+	}
+}