From 530a2825249b841a18dabed4bf17c75981470d70 Mon Sep 17 00:00:00 2001 From: Chocolate Pie <106949016+chocolate-pie@users.noreply.github.com> Date: Wed, 27 Dec 2023 17:36:38 +0900 Subject: [PATCH] =?UTF-8?q?fix(test):=20CI=E3=81=8C=E8=90=BD=E3=81=A1?= =?UTF-8?q?=E3=81=A6=E3=81=84=E3=82=8B=E5=95=8F=E9=A1=8C=E3=82=92=E4=BF=AE?= =?UTF-8?q?=E6=AD=A3=20(#12816)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(test): CIが落ちているのを修正 * fix(ci)?: CIの`typecheck`が落ちる問題を修正 * fix(ci): コンフィグファイルのタイポを修正 --- .forgejo/workflows/lint.yml | 2 ++ CHANGELOG.md | 2 ++ .../src/server/api/endpoints/admin/accounts/create.ts | 6 ++---- packages/misskey-js/etc/misskey-js.api.md | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/lint.yml b/.forgejo/workflows/lint.yml index 132c6c455d..0a773d5fb0 100644 --- a/.forgejo/workflows/lint.yml +++ b/.forgejo/workflows/lint.yml @@ -80,4 +80,6 @@ jobs: cache: 'pnpm' - run: corepack enable - run: pnpm i --frozen-lockfile + - run: pnpm --filter misskey-js run build + if: ${{ matrix.workspace == 'backend' }} - run: pnpm --filter ${{ matrix.workspace }} run typecheck diff --git a/CHANGELOG.md b/CHANGELOG.md index b7f37d747d..95fcbbd881 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,8 @@ - Fix: 1702718871541-ffVisibility.jsのdownが壊れている - Fix:「非センシティブのみ(リモートはいいねのみ)」を設定していても、センシティブに設定されたカスタム絵文字をリアクションできる問題を修正 - Fix: ロールアサイン時の通知で,ロールアイコンが縮小されずに表示される問題を修正 +- Fix: サードパーティアプリケーションがWebsocket APIに無条件にアクセスできる問題を修正 +- Fix: サードパーティアプリケーションがユーザーの許可なしに非公開の情報を見ることができる問題を修正 ## 2023.12.0 diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts index a2f9bf6945..f54d567fff 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts @@ -15,8 +15,6 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - secure: true, - res: { type: 'object', optional: false, nullable: false, @@ -48,12 +46,12 @@ export default class extends Endpoint { // eslint- private userEntityService: UserEntityService, private signupService: SignupService, ) { - super(meta, paramDef, async (ps, _me) => { + super(meta, paramDef, async (ps, _me, token) => { const me = _me ? await this.usersRepository.findOneByOrFail({ id: _me.id }) : null; const noUsers = (await this.usersRepository.countBy({ host: IsNull(), })) === 0; - if (!noUsers && !me?.isRoot) throw new Error('access denied'); + if ((!noUsers && !me?.isRoot) || token !== null) throw new Error('access denied'); const { account, secret } = await this.signupService.signup({ username: ps.username, diff --git a/packages/misskey-js/etc/misskey-js.api.md b/packages/misskey-js/etc/misskey-js.api.md index 653372ba2c..d4c43f207c 100644 --- a/packages/misskey-js/etc/misskey-js.api.md +++ b/packages/misskey-js/etc/misskey-js.api.md @@ -2505,7 +2505,7 @@ type PagesUpdateRequest = operations['pages/update']['requestBody']['content'][' function parse(acct: string): Acct; // @public (undocumented) -export const permissions: string[]; +export const permissions: readonly ["read:account", "write:account", "read:blocks", "write:blocks", "read:drive", "write:drive", "read:favorites", "write:favorites", "read:following", "write:following", "read:messaging", "write:messaging", "read:mutes", "write:mutes", "write:notes", "read:notifications", "write:notifications", "read:reactions", "write:reactions", "write:votes", "read:pages", "write:pages", "write:page-likes", "read:page-likes", "read:user-groups", "write:user-groups", "read:channels", "write:channels", "read:gallery", "write:gallery", "read:gallery-likes", "write:gallery-likes", "read:flash", "write:flash", "read:flash-likes", "write:flash-likes", "read:admin:abuse-user-reports", "write:admin:delete-account", "write:admin:delete-all-files-of-a-user", "read:admin:index-stats", "read:admin:table-stats", "read:admin:user-ips", "read:admin:meta", "write:admin:reset-password", "write:admin:resolve-abuse-user-report", "write:admin:send-email", "read:admin:server-info", "read:admin:show-moderation-log", "read:admin:show-user", "read:admin:show-users", "write:admin:suspend-user", "write:admin:unset-user-avatar", "write:admin:unset-user-banner", "write:admin:unsuspend-user", "write:admin:meta", "write:admin:user-note", "write:admin:roles", "read:admin:roles", "write:admin:relays", "read:admin:relays", "write:admin:invite-codes", "read:admin:invite-codes", "write:admin:announcements", "read:admin:announcements", "write:admin:avatar-decorations", "read:admin:avatar-decorations", "write:admin:federation", "write:admin:account", "read:admin:account", "write:admin:emoji", "read:admin:emoji", "write:admin:queue", "read:admin:queue", "write:admin:promo", "write:admin:drive", "read:admin:drive", "write:admin:ad", "read:admin:ad", "write:invite-codes", "read:invite-codes", "write:clip-favorite", "read:clip-favorite", "read:federation", "write:report-abuse"]; // @public (undocumented) type PingResponse = operations['ping']['responses']['200']['content']['application/json'];