API: visiblity cannot be less restrictive

Removed a now unnecessary provision from services/note/create as well.
This commit is contained in:
Johann150 2022-07-28 12:34:23 +02:00
parent 8c198f648b
commit 40d9aa6219
Signed by untrusted user: Johann150
GPG key ID: 9EE6577A2A06F8F1
3 changed files with 25 additions and 6 deletions

View file

@ -78,13 +78,24 @@ export const meta = {
code: 'YOU_HAVE_BEEN_BLOCKED', code: 'YOU_HAVE_BEEN_BLOCKED',
id: 'b390d7e1-8a5e-46ed-b625-06271cafd3d3', id: 'b390d7e1-8a5e-46ed-b625-06271cafd3d3',
}, },
lessRestrictiveVisibility: {
message: 'The visibility cannot be less restrictive than the parent note.',
code: 'LESS_RESTRICTIVE_VISIBILITY',
id: 'c8ab7a7a-8852-41e2-8b24-079bbaceb585',
},
}, },
} as const; } as const;
export const paramDef = { export const paramDef = {
type: 'object', type: 'object',
properties: { properties: {
visibility: { type: 'string', enum: noteVisibilities, default: 'public' }, visibility: {
description: 'The visibility of the new note. Must be the same or more restrictive than a replied to or quoted note.'
type: 'string',
enum: noteVisibilities,
default: 'public',
},
visibleUserIds: { type: 'array', uniqueItems: true, items: { visibleUserIds: { type: 'array', uniqueItems: true, items: {
type: 'string', format: 'misskey:id', type: 'string', format: 'misskey:id',
} }, } },
@ -195,6 +206,11 @@ export default define(meta, paramDef, async (ps, user) => {
throw new ApiError(meta.errors.cannotReRenote); throw new ApiError(meta.errors.cannotReRenote);
} }
// check that the visibility is not less restrictive
if (noteVisibilities.indexOf(renote.visibility) > noteVisibilities.indexOf(ps.visibility)) {
throw new ApiError(meta.errors.lessRestrictiveVisibility);
}
// Check blocking // Check blocking
if (renote.userId !== user.id) { if (renote.userId !== user.id) {
const block = await Blockings.findOneBy({ const block = await Blockings.findOneBy({
@ -219,6 +235,11 @@ export default define(meta, paramDef, async (ps, user) => {
throw new ApiError(meta.errors.cannotReplyToPureRenote); throw new ApiError(meta.errors.cannotReplyToPureRenote);
} }
// check that the visibility is not less restrictive
if (noteVisibilities.indexOf(reply.visibility) > noteVisibilities.indexOf(ps.visibility)) {
throw new ApiError(meta.errors.lessRestrictiveVisibility);
}
// Check blocking // Check blocking
if (reply.userId !== user.id) { if (reply.userId !== user.id) {
const block = await Blockings.findOneBy({ const block = await Blockings.findOneBy({

View file

@ -170,11 +170,6 @@ export default async (user: { id: User['id']; username: User['username']; host:
data.visibility = 'followers'; data.visibility = 'followers';
} }
// 返信対象がpublicではないならhomeにする
if (data.reply && data.reply.visibility !== 'public' && data.visibility === 'public') {
data.visibility = 'home';
}
// ローカルのみをRenoteしたらローカルのみにする // ローカルのみをRenoteしたらローカルのみにする
if (data.renote && data.renote.localOnly && data.channel == null) { if (data.renote && data.renote.localOnly && data.channel == null) {
data.localOnly = true; data.localOnly = true;

View file

@ -1,5 +1,8 @@
export const notificationTypes = ['follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'pollEnded', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited', 'app'] as const; export const notificationTypes = ['follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'pollEnded', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited', 'app'] as const;
/**
* Note visibilities, ordered from most to least open.
*/
export const noteVisibilities = ['public', 'home', 'followers', 'specified'] as const; export const noteVisibilities = ['public', 'home', 'followers', 'specified'] as const;
export const mutedNoteReasons = ['word', 'manual', 'spam', 'other'] as const; export const mutedNoteReasons = ['word', 'manual', 'spam', 'other'] as const;