diff --git a/CHANGELOG.md b/CHANGELOG.md index 52f5c07ab3..8b71f6540d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -132,7 +132,6 @@ - Fix: モデレーションログがモデレーターは閲覧できないように修正 - Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正 - Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない -- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正 ## 2023.11.1 diff --git a/locales/index.d.ts b/locales/index.d.ts index 02274cc086..157b8f44d5 100644 --- a/locales/index.d.ts +++ b/locales/index.d.ts @@ -2107,6 +2107,55 @@ export interface Locale { "write:flash": string; "read:flash-likes": string; "write:flash-likes": string; + "read:admin:abuse-user-reports": string; + "write:admin:delete-account": string; + "write:admin:delete-all-files-of-a-user": string; + "read:admin:index-stats": string; + "read:admin:table-stats": string; + "read:admin:user-ips": string; + "read:admin:meta": string; + "write:admin:reset-password": string; + "write:admin:resolve-abuse-user-report": string; + "write:admin:send-email": string; + "read:admin:server-info": string; + "read:admin:show-moderation-log": string; + "read:admin:show-user": string; + "read:admin:show-users": string; + "write:admin:suspend-user": string; + "write:admin:unset-user-avatar": string; + "write:admin:unset-user-banner": string; + "write:admin:unsuspend-user": string; + "write:admin:meta": string; + "write:admin:user-note": string; + "write:admin:roles": string; + "read:admin:roles": string; + "write:admin:relays": string; + "read:admin:relays": string; + "write:admin:invite-codes": string; + "read:admin:invite-codes": string; + "write:admin:announcements": string; + "read:admin:announcements": string; + "write:admin:avatar-decorations": string; + "read:admin:avatar-decorations": string; + "write:admin:federation": string; + "write:admin:account": string; + "read:admin:account": string; + "write:admin:emoji": string; + "read:admin:emoji": string; + "write:admin:queue": string; + "read:admin:queue": string; + "write:admin:promo": string; + "write:admin:drive": string; + "read:admin:drive": string; + "read:admin:stream": string; + "write:admin:ad": string; + "read:admin:ad": string; + "write:invite-codes": string; + "read:invite-codes": string; + "write:clip-favorite": string; + "read:clip-favorite": string; + "read:federation": string; + "write:report-abuse": string; }; "_auth": { "shareAccessTitle": string; diff --git a/locales/ja-JP.yml b/locales/ja-JP.yml index d6d6daec50..7cb678b5f3 100644 --- a/locales/ja-JP.yml +++ b/locales/ja-JP.yml @@ -2012,6 +2012,55 @@ _permissions: "write:flash": "Playを操作する" "read:flash-likes": "Playのいいねを見る" "write:flash-likes": "Playのいいねを操作する" + "read:admin:abuse-user-reports": "ユーザーからの通報を見る" + "write:admin:delete-account": "ユーザーアカウントを削除する" + "write:admin:delete-all-files-of-a-user": "ユーザーのすべてのファイルを削除する" + "read:admin:index-stats": "データベースインデックスに関する情報を見る" + "read:admin:table-stats": "データベーステーブルに関する情報を見る" + "read:admin:user-ips": "ユーザーのIPアドレスを見る" + "read:admin:meta": "インスタンスのメタデータを見る" + "write:admin:reset-password": "ユーザーのパスワードをリセットする" + "write:admin:resolve-abuse-user-report": "ユーザーからの通報を解決する" + "write:admin:send-email": "メールを送る" + "read:admin:server-info": "サーバーの情報を見る" + "read:admin:show-moderation-log": "モデレーションログを見る" + "read:admin:show-user": "ユーザーのプライベートな情報を見る" + "read:admin:show-users": "ユーザーのプライベートな情報を見る" + "write:admin:suspend-user": "ユーザーを凍結する" + "write:admin:unset-user-avatar": "ユーザーのアバターを削除する" + "write:admin:unset-user-banner": "ユーザーのバーナーを削除する" + "write:admin:unsuspend-user": "ユーザーの凍結を解除する" + "write:admin:meta": "インスタンスのメタデータを操作する" + "write:admin:user-note": "モデレーションノートを操作する" + "write:admin:roles": "ロールを操作する" + "read:admin:roles": "ロールを見る" + "write:admin:relays": "リレーを操作する" + "read:admin:relays": "リレーを見る" + "write:admin:invite-codes": "招待コードを操作する" + "read:admin:invite-codes": "招待コードを見る" + "write:admin:announcements": "お知らせを操作する" + "read:admin:announcements": "お知らせを見る" + "write:admin:avatar-decorations": "アバターデコレーションを操作する" + "read:admin:avatar-decorations": "アバターデコレーションを見る" + "write:admin:federation": "連合に関する情報を操作する" + "write:admin:account": "ユーザーアカウントを操作する" + "read:admin:account": "ユーザーに関する情報を見る" + "write:admin:emoji": "絵文字を操作する" + "read:admin:emoji": "絵文字を見る" + "write:admin:queue": "ジョブキューを操作する" + "read:admin:queue": "ジョブキューに関する情報を見る" + "write:admin:promo": "プロモーションノートを操作する" + "write:admin:drive": "ユーザーのドライブを操作する" + "read:admin:drive": "ユーザーのドライブの関する情報を見る" + "read:admin:stream": "管理者用のWebsocket APIを使う" + "write:admin:ad": "広告を操作する" + "read:admin:ad": "広告を見る" + "write:invite-codes": "招待コードを作成する" + "read:invite-codes": "招待コードを取得する" + "write:clip-favorite": "クリップのいいねを操作する" + "read:clip-favorite": "クリップのいいねを見る" + "read:federation": "連合に関する情報を取得する" + "write:report-abuse": "違反を報告する" _auth: shareAccessTitle: "アプリへのアクセス許可" diff --git a/packages/backend/src/misc/api-permissions.ts b/packages/backend/src/misc/api-permissions.ts deleted file mode 100644 index 57c9308844..0000000000 --- a/packages/backend/src/misc/api-permissions.ts +++ /dev/null @@ -1,40 +0,0 @@ -/* - * SPDX-FileCopyrightText: syuilo and other misskey contributors - * SPDX-License-Identifier: AGPL-3.0-only - */ - -export const kinds = [ - 'read:account', - 'write:account', - 'read:blocks', - 'write:blocks', - 'read:drive', - 'write:drive', - 'read:favorites', - 'write:favorites', - 'read:following', - 'write:following', - 'read:messaging', - 'write:messaging', - 'read:mutes', - 'write:mutes', - 'write:notes', - 'read:notifications', - 'write:notifications', - 'read:reactions', - 'write:reactions', - 'write:votes', - 'read:pages', - 'write:pages', - 'write:page-likes', - 'read:page-likes', - 'read:user-groups', - 'write:user-groups', - 'read:channels', - 'write:channels', - 'read:gallery', - 'write:gallery', - 'read:gallery-likes', - 'write:gallery-likes', -]; -// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions). diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts index 66f171a5d8..56f804dee8 100644 --- a/packages/backend/src/server/api/ApiCallService.ts +++ b/packages/backend/src/server/api/ApiCallService.ts @@ -330,7 +330,8 @@ export class ApiCallService implements OnApplicationShutdown { } } - if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) { + if (token && ((ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) + || (!ep.meta.kind && (ep.meta.requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin)))) { throw new ApiError({ message: 'Your app does not have the necessary permissions to use this endpoint.', code: 'PERMISSION_DENIED', diff --git a/packages/backend/src/server/api/StreamingApiServerService.ts b/packages/backend/src/server/api/StreamingApiServerService.ts index dc3a00617c..3b387d92ca 100644 --- a/packages/backend/src/server/api/StreamingApiServerService.ts +++ b/packages/backend/src/server/api/StreamingApiServerService.ts @@ -71,6 +71,10 @@ export class StreamingApiServerService { try { [user, app] = await this.authenticateService.authenticate(token); + + if (app !== null && !app.permission.some(p => p === 'read:account')) { + throw new AuthenticationError('Your app does not have necessary permissions to use websocket API.'); + } } catch (e) { if (e instanceof AuthenticationError) { socket.write([ diff --git a/packages/backend/src/server/api/endpoints.ts b/packages/backend/src/server/api/endpoints.ts index de858d5304..f82bf257fc 100644 --- a/packages/backend/src/server/api/endpoints.ts +++ b/packages/backend/src/server/api/endpoints.ts @@ -4,6 +4,7 @@ */ import type { Schema } from '@/misc/json-schema.js'; +import { permissions } from 'misskey-js'; import { RolePolicies } from '@/core/RoleService.js'; import * as ep___admin_meta from './endpoints/admin/meta.js'; @@ -750,7 +751,7 @@ const eps = [ ['sponsors', ep___sponsors], ]; -export interface IEndpointMeta { +interface IEndpointMetaBase { readonly stability?: 'deprecated' | 'experimental' | 'stable'; readonly tags?: ReadonlyArray; @@ -849,6 +850,23 @@ export interface IEndpointMeta { readonly cacheSec?: number; } +export type IEndpointMeta = (Omit & { + requireCredential?: false, + requireAdmin?: false, + requireModerator?: false, +}) | (Omit & { + secure: true, +}) | (Omit & { + requireCredential: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireModerator: true, + kind: (typeof permissions)[number], +}) | (Omit & { + requireAdmin: true, + kind: (typeof permissions)[number], +}) + export interface IEndpoint { name: string; meta: IEndpointMeta; diff --git a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts index 484118cd46..3484d6707a 100644 --- a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts +++ b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts @@ -13,10 +13,9 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:abuse-user-reports', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts index 07f24d2995..a2f9bf6945 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts @@ -15,7 +15,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', + secure: true, res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts index 86f4b0709b..52d8c8ce18 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts @@ -14,10 +14,9 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts index bc292fd53a..93673453d6 100644 --- a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts @@ -13,10 +13,9 @@ import { ApiError } from '@/server/api/error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:account', errors: { userNotFound: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/create.ts b/packages/backend/src/server/api/endpoints/admin/ad/create.ts index 087ae4befc..041b10f9f7 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/create.ts @@ -13,10 +13,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', res: { type: 'object', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts index ba655a6aa3..5b18b347d3 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/ad/list.ts b/packages/backend/src/server/api/endpoints/admin/ad/list.ts index 12528917dc..586c1f44db 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:ad', res: { type: 'array', optional: false, diff --git a/packages/backend/src/server/api/endpoints/admin/ad/update.ts b/packages/backend/src/server/api/endpoints/admin/ad/update.ts index b83c163004..bf96e44b0c 100644 --- a/packages/backend/src/server/api/endpoints/admin/ad/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/ad/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:ad', errors: { noSuchAd: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts index fb432336e4..c9df70c76b 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts @@ -10,10 +10,9 @@ import { AnnouncementService } from '@/core/AnnouncementService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts index e84e63c666..939333345e 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts index e98ef0b169..429b138599 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts @@ -14,10 +14,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:announcements', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts index e2ec344899..db6db8356d 100644 --- a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:announcements', errors: { noSuchAnnouncement: { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts index 158435ed21..4ac74253cc 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts @@ -10,10 +10,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts index 06083cc180..88977f801a 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts index 49a8718bce..33122c3eef 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts @@ -15,10 +15,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'read:admin:avatar-decorations', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts index 3d8f3d63de..6211345f96 100644 --- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageAvatarDecorations', + kind: 'write:admin:avatar-decorations', errors: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-account.ts b/packages/backend/src/server/api/endpoints/admin/delete-account.ts index adc446d14b..2c82c2879d 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-account.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-account.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-account', res: { }, diff --git a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts index 1fdbbfb12e..7d33065f2e 100644 --- a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:delete-all-files-of-a-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts index 3f23319a5f..af2bb6b1ca 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts @@ -10,10 +10,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts index fd8fa46a47..a3b221284b 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:drive', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/drive/files.ts b/packages/backend/src/server/api/endpoints/admin/drive/files.ts index 816bbfbc45..37fa439bcf 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/files.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/files.ts @@ -13,10 +13,9 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts index 61cb843558..3aeb3e45e3 100644 --- a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts +++ b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:drive', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts index 5333adb624..1cd8125c52 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts index 7e484c612b..0868e24948 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts @@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchFile: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts index a24c72b9b8..611b64be07 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts @@ -17,10 +17,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts index c483794a40..450695984a 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts index e15af7717b..e1e6e7c2c4 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts index b75616f3cc..208616c0ac 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts @@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js'; import { QueueService } from '@/core/QueueService.js'; export const meta = { - kind: 'write:admin', + secure: true, requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', } as const; diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts index a383e09338..f3e0c1ef1f 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts @@ -15,10 +15,9 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts index 210b3639c3..59e87253f6 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts @@ -15,10 +15,9 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'read:admin:emoji', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts index 8e92db1daf..26dd43e926 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts index 5a06b5b32f..18961976f9 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts index b3e9c6df13..c680f2e2d4 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts index c59d13ad16..47c692b613 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts @@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts index 61d857b7b0..550bb0052b 100644 --- a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireRolePolicy: 'canManageCustomEmojis', + kind: 'write:admin:emoji', errors: { noSuchEmoji: { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts index b81297413c..57612850b4 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts index 6cc4e3087f..0d061c685f 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts index 18884dfca6..c15fb83454 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts @@ -12,10 +12,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts index cf4ac70cc9..188ab69532 100644 --- a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts +++ b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts @@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:federation', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts index b81d9857d7..0b50212119 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:index-stats', tags: ['admin'], res: { diff --git a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts index c104f653ef..0d44b288cb 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts @@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:table-stats', tags: ['admin'], diff --git a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts index 76c32f2a9f..1b437f718b 100644 --- a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts +++ b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts @@ -12,10 +12,9 @@ import { IdService } from '@/core/IdService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:user-ips', res: { type: 'array', optional: false, @@ -34,7 +33,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/create.ts b/packages/backend/src/server/api/endpoints/admin/invite/create.ts index 96de772edc..396b84623f 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/create.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:invite-codes', errors: { invalidDateTime: { diff --git a/packages/backend/src/server/api/endpoints/admin/invite/list.ts b/packages/backend/src/server/api/endpoints/admin/invite/list.ts index 3b7dc72e11..d293dcadc6 100644 --- a/packages/backend/src/server/api/endpoints/admin/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/invite/list.ts @@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts index 218ab42ffd..4fd2a568ad 100644 --- a/packages/backend/src/server/api/endpoints/admin/meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/meta.ts @@ -13,10 +13,9 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js'; export const meta = { tags: ['meta'], - kind: 'read:admin', - requireCredential: true, requireAdmin: true, + kind: 'read:admin:meta', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/promo/create.ts b/packages/backend/src/server/api/endpoints/admin/promo/create.ts index e2befec50f..ab69dfba96 100644 --- a/packages/backend/src/server/api/endpoints/admin/promo/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/promo/create.ts @@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:promo', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts index 1d565e8f24..9912043c8b 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts index 30005fc666..8473909103 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts @@ -11,10 +11,9 @@ import type { DeliverQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts index aa8b6edee5..19f7cb85c0 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts @@ -11,10 +11,9 @@ import type { InboxQueue } from '@/core/QueueModule.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:queue', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts index 8f46cd6375..d06780e044 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts @@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:queue', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts index 1d92e2bf86..189690b703 100644 --- a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts +++ b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts @@ -10,10 +10,9 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:emoji', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/add.ts b/packages/backend/src/server/api/endpoints/admin/relays/add.ts index 53b83560cf..d55dff7b0c 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/add.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/add.ts @@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', errors: { invalidUrl: { diff --git a/packages/backend/src/server/api/endpoints/admin/relays/list.ts b/packages/backend/src/server/api/endpoints/admin/relays/list.ts index 35c8e05487..61ea287bff 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/list.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:relays', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts index fdc53cb708..8a6dd4e152 100644 --- a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts +++ b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts @@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:relays', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/reset-password.ts b/packages/backend/src/server/api/endpoints/admin/reset-password.ts index d37a526db7..506cd609ae 100644 --- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts +++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts @@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:reset-password', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts index fb26c82a9d..26c4038b98 100644 --- a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts +++ b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts @@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:resolve-abuse-user-report', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts index bbd4cfabbe..8eb3d2bf59 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/create.ts b/packages/backend/src/server/api/endpoints/admin/roles/create.ts index ac6085d921..de23d2fb11 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/create.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/create.ts @@ -11,10 +11,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts index f60d6754a5..9e2968e317 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/list.ts b/packages/backend/src/server/api/endpoints/admin/roles/list.ts index 30917ce984..d3d1a10a69 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/list.ts @@ -12,10 +12,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/roles/show.ts b/packages/backend/src/server/api/endpoints/admin/roles/show.ts index 91e32d95be..ad4345e5a5 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/show.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/show.ts @@ -13,10 +13,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'read:admin', - requireCredential: true, requireModerator: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts index 701fea1ed5..c11265252c 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts @@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts index 066fc73234..203f749a6e 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts @@ -11,10 +11,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update.ts b/packages/backend/src/server/api/endpoints/admin/roles/update.ts index 6cfcd8ca4a..74d5aae5d8 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/update.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/update.ts @@ -14,10 +14,9 @@ import { RoleService } from '@/core/RoleService.js'; export const meta = { tags: ['admin', 'role'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/roles/users.ts b/packages/backend/src/server/api/endpoints/admin/roles/users.ts index 6a0f7f9987..66f4d9d26b 100644 --- a/packages/backend/src/server/api/endpoints/admin/roles/users.ts +++ b/packages/backend/src/server/api/endpoints/admin/roles/users.ts @@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js'; export const meta = { tags: ['admin', 'role', 'users'], - kind: 'read:admin', - requireCredential: false, requireAdmin: true, + kind: 'read:admin:roles', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/admin/send-email.ts b/packages/backend/src/server/api/endpoints/admin/send-email.ts index d22066909e..d20aee656c 100644 --- a/packages/backend/src/server/api/endpoints/admin/send-email.ts +++ b/packages/backend/src/server/api/endpoints/admin/send-email.ts @@ -10,10 +10,9 @@ import { EmailService } from '@/core/EmailService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:send-email', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/server-info.ts b/packages/backend/src/server/api/endpoints/admin/server-info.ts index d3c3bebff6..374712f57d 100644 --- a/packages/backend/src/server/api/endpoints/admin/server-info.ts +++ b/packages/backend/src/server/api/endpoints/admin/server-info.ts @@ -14,11 +14,10 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, requireModerator: true, + kind: 'read:admin:server-info', tags: ['admin', 'meta'], - kind: 'read:admin', - res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts index c82532ed67..f3601be9bb 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts @@ -15,8 +15,7 @@ export const meta = { requireCredential: true, requireAdmin: true, - - kind: 'read:admin', + kind: 'read:admin:show-moderation-log', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts index 76032cfb3d..ea22f9eeb9 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-user', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/admin/show-users.ts b/packages/backend/src/server/api/endpoints/admin/show-users.ts index f29ebc7fd3..6267fb97b2 100644 --- a/packages/backend/src/server/api/endpoints/admin/show-users.ts +++ b/packages/backend/src/server/api/endpoints/admin/show-users.ts @@ -16,8 +16,7 @@ export const meta = { requireCredential: true, requireModerator: true, - - kind: 'read:admin', + kind: 'read:admin:show-users', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts index 35c3f37481..a26fa81c13 100644 --- a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts @@ -19,10 +19,9 @@ import { QueueService } from '@/core/QueueService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:suspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts index 2309493937..8b22fad1d4 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-avatar', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts index 468c634e5b..5ec359c0ef 100644 --- a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts +++ b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unset-user-banner', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts index 8cdd317eae..9c896f0e64 100644 --- a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts +++ b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts @@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:unsuspend-user', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index 5d982b5093..5c916fe340 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -12,10 +12,9 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireAdmin: true, + kind: 'write:admin:meta', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts index dd0b777373..e582147e72 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts @@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js'; export const meta = { tags: ['admin'], - kind: 'write:admin', - requireCredential: true, requireModerator: true, + kind: 'write:admin:user-note', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/ap/get.ts b/packages/backend/src/server/api/endpoints/ap/get.ts index a4a7fd2037..e0ef5d413a 100644 --- a/packages/backend/src/server/api/endpoints/ap/get.ts +++ b/packages/backend/src/server/api/endpoints/ap/get.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:federation', limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts index 6cdd617561..8ab16880fa 100644 --- a/packages/backend/src/server/api/endpoints/ap/show.ts +++ b/packages/backend/src/server/api/endpoints/ap/show.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['federation'], requireCredential: true, + kind: 'read:account', limit: { duration: ms('1minute'), diff --git a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts index c0aa882088..e6198ff601 100644 --- a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts +++ b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts @@ -11,7 +11,7 @@ import { GetterService } from '@/server/api/GetterService.js'; export const meta = { tags: ['federation'], - requireCredential: true, + requireCredential: false, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts index 6391a2f580..cbe579eb6b 100644 --- a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts +++ b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['meta'], requireCredential: true, + secure: true, limit: { duration: ms('1hour'), diff --git a/packages/backend/src/server/api/endpoints/i.ts b/packages/backend/src/server/api/endpoints/i.ts index c0530bf392..c24e049180 100644 --- a/packages/backend/src/server/api/endpoints/i.ts +++ b/packages/backend/src/server/api/endpoints/i.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + kind: "read:account", res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts index 303c0a7f87..3580d6ba1b 100644 --- a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts +++ b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts @@ -11,6 +11,7 @@ import { MetaService } from '@/core/MetaService.js'; export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts index bd6e85a074..79a81cb73f 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts index 2352beb130..d9b26cab2c 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/get.ts b/packages/backend/src/server/api/endpoints/i/registry/get.ts index 4155a43e0d..c373410256 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/get.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/get.ts @@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'read:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts index b411cdd3d9..a91dcd9543 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys.ts b/packages/backend/src/server/api/endpoints/i/registry/keys.ts index 04e120d752..ad203d5203 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/keys.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/keys.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'read:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/i/registry/remove.ts b/packages/backend/src/server/api/endpoints/i/registry/remove.ts index ba8100b547..9cbe271b91 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/remove.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/remove.ts @@ -12,6 +12,7 @@ import { ApiError } from '../../../error.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchKey: { diff --git a/packages/backend/src/server/api/endpoints/i/registry/set.ts b/packages/backend/src/server/api/endpoints/i/registry/set.ts index 58bb450bce..c61d5b8727 100644 --- a/packages/backend/src/server/api/endpoints/i/registry/set.ts +++ b/packages/backend/src/server/api/endpoints/i/registry/set.ts @@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js'; export const meta = { requireCredential: true, + kind: 'write:account', } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/invite/create.ts b/packages/backend/src/server/api/endpoints/invite/create.ts index d82fa50e4f..4f37f2f4bb 100644 --- a/packages/backend/src/server/api/endpoints/invite/create.ts +++ b/packages/backend/src/server/api/endpoints/invite/create.ts @@ -19,6 +19,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { exceededCreateLimit: { diff --git a/packages/backend/src/server/api/endpoints/invite/delete.ts b/packages/backend/src/server/api/endpoints/invite/delete.ts index 3b57775739..d84430a49f 100644 --- a/packages/backend/src/server/api/endpoints/invite/delete.ts +++ b/packages/backend/src/server/api/endpoints/invite/delete.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'write:invite-codes', errors: { noSuchCode: { diff --git a/packages/backend/src/server/api/endpoints/invite/limit.ts b/packages/backend/src/server/api/endpoints/invite/limit.ts index 1f4190c948..fc3bb9bdc2 100644 --- a/packages/backend/src/server/api/endpoints/invite/limit.ts +++ b/packages/backend/src/server/api/endpoints/invite/limit.ts @@ -16,6 +16,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/invite/list.ts b/packages/backend/src/server/api/endpoints/invite/list.ts index 2107516ce4..6734f27e14 100644 --- a/packages/backend/src/server/api/endpoints/invite/list.ts +++ b/packages/backend/src/server/api/endpoints/invite/list.ts @@ -15,6 +15,7 @@ export const meta = { requireCredential: true, requireRolePolicy: 'canInvite', + kind: 'read:invite-codes', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/my/apps.ts b/packages/backend/src/server/api/endpoints/my/apps.ts index 98c317346f..1b70b85b07 100644 --- a/packages/backend/src/server/api/endpoints/my/apps.ts +++ b/packages/backend/src/server/api/endpoints/my/apps.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account', 'app'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts index 48b8a3f4b6..13cfb31ad0 100644 --- a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts @@ -25,6 +25,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/mentions.ts b/packages/backend/src/server/api/endpoints/notes/mentions.ts index 6fab024d17..2317f8f7b2 100644 --- a/packages/backend/src/server/api/endpoints/notes/mentions.ts +++ b/packages/backend/src/server/api/endpoints/notes/mentions.ts @@ -16,6 +16,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts index af7ff8bdcd..90af29a695 100644 --- a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts +++ b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/state.ts b/packages/backend/src/server/api/endpoints/notes/state.ts index b5fd47723c..20faea566d 100644 --- a/packages/backend/src/server/api/endpoints/notes/state.ts +++ b/packages/backend/src/server/api/endpoints/notes/state.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/notes/timeline.ts b/packages/backend/src/server/api/endpoints/notes/timeline.ts index 8e2de0cd37..3dcebe7e29 100644 --- a/packages/backend/src/server/api/endpoints/notes/timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/notes/translate.ts b/packages/backend/src/server/api/endpoints/notes/translate.ts index d46bd69795..698c37b616 100644 --- a/packages/backend/src/server/api/endpoints/notes/translate.ts +++ b/packages/backend/src/server/api/endpoints/notes/translate.ts @@ -17,6 +17,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'read:account', res: { type: 'object', diff --git a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts index 10d3a7a697..71c2b8054e 100644 --- a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts +++ b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts @@ -22,6 +22,7 @@ export const meta = { tags: ['notes', 'lists'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/promo/read.ts b/packages/backend/src/server/api/endpoints/promo/read.ts index 7d07c92178..f427939a7a 100644 --- a/packages/backend/src/server/api/endpoints/promo/read.ts +++ b/packages/backend/src/server/api/endpoints/promo/read.ts @@ -15,6 +15,7 @@ export const meta = { tags: ['notes'], requireCredential: true, + kind: 'write:account', errors: { noSuchNote: { diff --git a/packages/backend/src/server/api/endpoints/roles/list.ts b/packages/backend/src/server/api/endpoints/roles/list.ts index dc2be8e11d..d40e937d4e 100644 --- a/packages/backend/src/server/api/endpoints/roles/list.ts +++ b/packages/backend/src/server/api/endpoints/roles/list.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['role'], requireCredential: true, + kind: 'read:account', res: { type: 'array', diff --git a/packages/backend/src/server/api/endpoints/roles/notes.ts b/packages/backend/src/server/api/endpoints/roles/notes.ts index 7010df22c9..4ce3fc8908 100644 --- a/packages/backend/src/server/api/endpoints/roles/notes.ts +++ b/packages/backend/src/server/api/endpoints/roles/notes.ts @@ -18,6 +18,7 @@ export const meta = { tags: ['role', 'notes'], requireCredential: true, + kind: 'read:account', errors: { noSuchRole: { diff --git a/packages/backend/src/server/api/endpoints/sw/register.ts b/packages/backend/src/server/api/endpoints/sw/register.ts index 9ab062326d..bb50048d94 100644 --- a/packages/backend/src/server/api/endpoints/sw/register.ts +++ b/packages/backend/src/server/api/endpoints/sw/register.ts @@ -14,6 +14,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Register to receive push notifications.', diff --git a/packages/backend/src/server/api/endpoints/sw/show-registration.ts b/packages/backend/src/server/api/endpoints/sw/show-registration.ts index 126299e3f7..15d3df8587 100644 --- a/packages/backend/src/server/api/endpoints/sw/show-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/show-registration.ts @@ -12,6 +12,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Check push notification registration exists.', diff --git a/packages/backend/src/server/api/endpoints/sw/update-registration.ts b/packages/backend/src/server/api/endpoints/sw/update-registration.ts index a1a97df0be..7bf59784a2 100644 --- a/packages/backend/src/server/api/endpoints/sw/update-registration.ts +++ b/packages/backend/src/server/api/endpoints/sw/update-registration.ts @@ -13,6 +13,7 @@ export const meta = { tags: ['account'], requireCredential: true, + secure: true, description: 'Update push notification registration.', diff --git a/packages/backend/src/server/api/endpoints/users/achievements.ts b/packages/backend/src/server/api/endpoints/users/achievements.ts index d6ad718dfa..3a584a819a 100644 --- a/packages/backend/src/server/api/endpoints/users/achievements.ts +++ b/packages/backend/src/server/api/endpoints/users/achievements.ts @@ -9,7 +9,7 @@ import type { UserProfilesRepository } from '@/models/_.js'; import { DI } from '@/di-symbols.js'; export const meta = { - requireCredential: true, + requireCredential: false, res: { type: 'array', @@ -24,7 +24,7 @@ export const meta = { }, }, }, - } + }, } as const; export const paramDef = { diff --git a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts index 4eb37c3e43..fa2e3338b8 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts @@ -18,6 +18,7 @@ import { UserListService } from '@/core/UserListService.js'; export const meta = { requireCredential: true, prohibitMoved: true, + kind: 'write:account', res: { type: 'object', optional: false, nullable: false, diff --git a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts index 2ecf0a1256..864cdc2ee0 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts @@ -12,6 +12,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts index 23611ab8c4..d51d57343e 100644 --- a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts +++ b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts @@ -11,6 +11,7 @@ import { DI } from '@/di-symbols.js'; export const meta = { requireCredential: true, + kind: 'write:account', errors: { noSuchList: { message: 'No such user list.', diff --git a/packages/backend/src/server/api/endpoints/users/relation.ts b/packages/backend/src/server/api/endpoints/users/relation.ts index 326042ed3d..26b61c9fb2 100644 --- a/packages/backend/src/server/api/endpoints/users/relation.ts +++ b/packages/backend/src/server/api/endpoints/users/relation.ts @@ -11,6 +11,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'read:account', description: 'Show the different kinds of relations between the authenticated user and the specified user(s).', diff --git a/packages/backend/src/server/api/endpoints/users/report-abuse.ts b/packages/backend/src/server/api/endpoints/users/report-abuse.ts index 649802744f..bdaf78758b 100644 --- a/packages/backend/src/server/api/endpoints/users/report-abuse.ts +++ b/packages/backend/src/server/api/endpoints/users/report-abuse.ts @@ -20,6 +20,7 @@ export const meta = { tags: ['users'], requireCredential: true, + kind: 'write:report-abuse', description: 'File a report.', diff --git a/packages/backend/src/server/api/stream/ChannelsService.ts b/packages/backend/src/server/api/stream/ChannelsService.ts index f9f2f15aff..3fc3f4d31a 100644 --- a/packages/backend/src/server/api/stream/ChannelsService.ts +++ b/packages/backend/src/server/api/stream/ChannelsService.ts @@ -20,6 +20,7 @@ import { AntennaChannelService } from './channels/antenna.js'; import { DriveChannelService } from './channels/drive.js'; import { HashtagChannelService } from './channels/hashtag.js'; import { RoleTimelineChannelService } from './channels/role-timeline.js'; +import { type MiChannelService } from './channel.js'; @Injectable() export class ChannelsService { @@ -43,7 +44,7 @@ export class ChannelsService { } @bindThis - public getChannelService(name: string) { + public getChannelService(name: string): MiChannelService { switch (name) { case 'main': return this.mainChannelService; case 'homeTimeline': return this.homeTimelineChannelService; diff --git a/packages/backend/src/server/api/stream/Connection.ts b/packages/backend/src/server/api/stream/Connection.ts index 4180ccc56a..a89fbcc5e5 100644 --- a/packages/backend/src/server/api/stream/Connection.ts +++ b/packages/backend/src/server/api/stream/Connection.ts @@ -248,6 +248,11 @@ export default class Connection { return; } + if (this.token && ((channelService.kind && !this.token.permission.some(p => p === channelService.kind)) + || (!channelService.kind && channelService.requireCredential))) { + return; + } + // 共有可能チャンネルに接続しようとしていて、かつそのチャンネルに既に接続していたら無意味なので無視 if (channelService.shouldShare && this.channels.some(c => c.chName === channel)) { return; diff --git a/packages/backend/src/server/api/stream/channel.ts b/packages/backend/src/server/api/stream/channel.ts index 46b0709773..80df3803eb 100644 --- a/packages/backend/src/server/api/stream/channel.ts +++ b/packages/backend/src/server/api/stream/channel.ts @@ -16,6 +16,7 @@ export default abstract class Channel { public abstract readonly chName: string; public static readonly shouldShare: boolean; public static readonly requireCredential: boolean; + public static readonly kind?: string | null; protected get user() { return this.connection.user; @@ -76,3 +77,10 @@ export default abstract class Channel { public onMessage?(type: string, body: any): void; } + +export type MiChannelService = { + shouldShare: boolean; + requireCredential: T; + kind: T extends true ? string : string | null | undefined; + create: (id: string, connection: Connection) => Channel; +} diff --git a/packages/backend/src/server/api/stream/channels/admin.ts b/packages/backend/src/server/api/stream/channels/admin.ts index bfb36d9cb8..b8f369ce84 100644 --- a/packages/backend/src/server/api/stream/channels/admin.ts +++ b/packages/backend/src/server/api/stream/channels/admin.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AdminChannel extends Channel { public readonly chName = 'admin'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:admin:stream'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class AdminChannel extends Channel { } @Injectable() -export class AdminChannelService { +export class AdminChannelService implements MiChannelService { public readonly shouldShare = AdminChannel.shouldShare; public readonly requireCredential = AdminChannel.requireCredential; + public readonly kind = AdminChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/antenna.ts b/packages/backend/src/server/api/stream/channels/antenna.ts index a48e6ba5c6..200db8eb0e 100644 --- a/packages/backend/src/server/api/stream/channels/antenna.ts +++ b/packages/backend/src/server/api/stream/channels/antenna.ts @@ -8,12 +8,13 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class AntennaChannel extends Channel { public readonly chName = 'antenna'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = true as const; + public static kind = 'read:account'; private antennaId: string; constructor( @@ -62,9 +63,10 @@ class AntennaChannel extends Channel { } @Injectable() -export class AntennaChannelService { +export class AntennaChannelService implements MiChannelService { public readonly shouldShare = AntennaChannel.shouldShare; public readonly requireCredential = AntennaChannel.requireCredential; + public readonly kind = AntennaChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/channel.ts b/packages/backend/src/server/api/stream/channels/channel.ts index 57034231a3..20275249b8 100644 --- a/packages/backend/src/server/api/stream/channels/channel.ts +++ b/packages/backend/src/server/api/stream/channels/channel.ts @@ -8,12 +8,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class ChannelChannel extends Channel { public readonly chName = 'channel'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private channelId: string; constructor( @@ -65,9 +65,10 @@ class ChannelChannel extends Channel { } @Injectable() -export class ChannelChannelService { +export class ChannelChannelService implements MiChannelService { public readonly shouldShare = ChannelChannel.shouldShare; public readonly requireCredential = ChannelChannel.requireCredential; + public readonly kind = ChannelChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/drive.ts b/packages/backend/src/server/api/stream/channels/drive.ts index 83f53c1836..4bf34a72c9 100644 --- a/packages/backend/src/server/api/stream/channels/drive.ts +++ b/packages/backend/src/server/api/stream/channels/drive.ts @@ -5,12 +5,13 @@ import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class DriveChannel extends Channel { public readonly chName = 'drive'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; @bindThis public async init(params: any) { @@ -22,9 +23,10 @@ class DriveChannel extends Channel { } @Injectable() -export class DriveChannelService { +export class DriveChannelService implements MiChannelService { public readonly shouldShare = DriveChannel.shouldShare; public readonly requireCredential = DriveChannel.requireCredential; + public readonly kind = DriveChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/global-timeline.ts b/packages/backend/src/server/api/stream/channels/global-timeline.ts index f64a13bcc5..e05e380aae 100644 --- a/packages/backend/src/server/api/stream/channels/global-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/global-timeline.ts @@ -12,12 +12,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class GlobalTimelineChannel extends Channel { public readonly chName = 'globalTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withFiles: boolean; private withBots: boolean; @@ -96,9 +96,10 @@ class GlobalTimelineChannel extends Channel { } @Injectable() -export class GlobalTimelineChannelService { +export class GlobalTimelineChannelService implements MiChannelService { public readonly shouldShare = GlobalTimelineChannel.shouldShare; public readonly requireCredential = GlobalTimelineChannel.requireCredential; + public readonly kind = GlobalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/hashtag.ts b/packages/backend/src/server/api/stream/channels/hashtag.ts index f30b29cfd6..3d4f2fc528 100644 --- a/packages/backend/src/server/api/stream/channels/hashtag.ts +++ b/packages/backend/src/server/api/stream/channels/hashtag.ts @@ -9,12 +9,12 @@ import { isUserRelated } from '@/misc/is-user-related.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HashtagChannel extends Channel { public readonly chName = 'hashtag'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private q: string[][]; constructor( @@ -70,9 +70,10 @@ class HashtagChannel extends Channel { } @Injectable() -export class HashtagChannelService { +export class HashtagChannelService implements MiChannelService { public readonly shouldShare = HashtagChannel.shouldShare; public readonly requireCredential = HashtagChannel.requireCredential; + public readonly kind = HashtagChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/home-timeline.ts b/packages/backend/src/server/api/stream/channels/home-timeline.ts index 534973f834..3b499b7bf3 100644 --- a/packages/backend/src/server/api/stream/channels/home-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/home-timeline.ts @@ -10,12 +10,13 @@ import { isInstanceMuted } from '@/misc/is-instance-muted.js'; import type { Packed } from '@/misc/json-schema.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HomeTimelineChannel extends Channel { public readonly chName = 'homeTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withFiles: boolean; @@ -101,9 +102,10 @@ class HomeTimelineChannel extends Channel { } @Injectable() -export class HomeTimelineChannelService { +export class HomeTimelineChannelService implements MiChannelService { public readonly shouldShare = HomeTimelineChannel.shouldShare; public readonly requireCredential = HomeTimelineChannel.requireCredential; + public readonly kind = HomeTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts index 746c661d31..26cbbebe83 100644 --- a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts @@ -12,12 +12,13 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class HybridTimelineChannel extends Channel { public readonly chName = 'hybridTimeline'; public static shouldShare = false; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; private withRenotes: boolean; private withReplies: boolean; private withBots: boolean; @@ -119,9 +120,10 @@ class HybridTimelineChannel extends Channel { } @Injectable() -export class HybridTimelineChannelService { +export class HybridTimelineChannelService implements MiChannelService { public readonly shouldShare = HybridTimelineChannel.shouldShare; public readonly requireCredential = HybridTimelineChannel.requireCredential; + public readonly kind = HybridTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/local-timeline.ts b/packages/backend/src/server/api/stream/channels/local-timeline.ts index 419159197a..40342b6c7b 100644 --- a/packages/backend/src/server/api/stream/channels/local-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/local-timeline.ts @@ -11,12 +11,12 @@ import { MetaService } from '@/core/MetaService.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class LocalTimelineChannel extends Channel { public readonly chName = 'localTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private withRenotes: boolean; private withReplies: boolean; private withBots: boolean; @@ -95,9 +95,10 @@ class LocalTimelineChannel extends Channel { } @Injectable() -export class LocalTimelineChannelService { +export class LocalTimelineChannelService implements MiChannelService { public readonly shouldShare = LocalTimelineChannel.shouldShare; public readonly requireCredential = LocalTimelineChannel.requireCredential; + public readonly kind = LocalTimelineChannel.kind; constructor( private metaService: MetaService, diff --git a/packages/backend/src/server/api/stream/channels/main.ts b/packages/backend/src/server/api/stream/channels/main.ts index f969d02337..ab605e3ec5 100644 --- a/packages/backend/src/server/api/stream/channels/main.ts +++ b/packages/backend/src/server/api/stream/channels/main.ts @@ -7,12 +7,13 @@ import { Injectable } from '@nestjs/common'; import { isInstanceMuted, isUserFromMutedInstance } from '@/misc/is-instance-muted.js'; import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class MainChannel extends Channel { public readonly chName = 'main'; public static shouldShare = true; - public static requireCredential = true; + public static requireCredential = true as const; + public static kind = 'read:account'; constructor( private noteEntityService: NoteEntityService, @@ -63,9 +64,10 @@ class MainChannel extends Channel { } @Injectable() -export class MainChannelService { +export class MainChannelService implements MiChannelService { public readonly shouldShare = MainChannel.shouldShare; public readonly requireCredential = MainChannel.requireCredential; + public readonly kind = MainChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/queue-stats.ts b/packages/backend/src/server/api/stream/channels/queue-stats.ts index f0dc472303..5ceb2c3bbc 100644 --- a/packages/backend/src/server/api/stream/channels/queue-stats.ts +++ b/packages/backend/src/server/api/stream/channels/queue-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class QueueStatsChannel extends Channel { public readonly chName = 'queueStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class QueueStatsChannel extends Channel { } @Injectable() -export class QueueStatsChannelService { +export class QueueStatsChannelService implements MiChannelService { public readonly shouldShare = QueueStatsChannel.shouldShare; public readonly requireCredential = QueueStatsChannel.requireCredential; + public readonly kind = QueueStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/role-timeline.ts b/packages/backend/src/server/api/stream/channels/role-timeline.ts index 38d3604cc5..b3bbb77dbf 100644 --- a/packages/backend/src/server/api/stream/channels/role-timeline.ts +++ b/packages/backend/src/server/api/stream/channels/role-timeline.ts @@ -10,12 +10,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { bindThis } from '@/decorators.js'; import { RoleService } from '@/core/RoleService.js'; import type { GlobalEvents } from '@/core/GlobalEventService.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class RoleTimelineChannel extends Channel { public readonly chName = 'roleTimeline'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private roleId: string; constructor( @@ -67,9 +67,10 @@ class RoleTimelineChannel extends Channel { } @Injectable() -export class RoleTimelineChannelService { +export class RoleTimelineChannelService implements MiChannelService { public readonly shouldShare = RoleTimelineChannel.shouldShare; public readonly requireCredential = RoleTimelineChannel.requireCredential; + public readonly kind = RoleTimelineChannel.kind; constructor( private noteEntityService: NoteEntityService, diff --git a/packages/backend/src/server/api/stream/channels/server-stats.ts b/packages/backend/src/server/api/stream/channels/server-stats.ts index cacae275a8..615b6946cc 100644 --- a/packages/backend/src/server/api/stream/channels/server-stats.ts +++ b/packages/backend/src/server/api/stream/channels/server-stats.ts @@ -6,14 +6,14 @@ import Xev from 'xev'; import { Injectable } from '@nestjs/common'; import { bindThis } from '@/decorators.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; const ev = new Xev(); class ServerStatsChannel extends Channel { public readonly chName = 'serverStats'; public static shouldShare = true; - public static requireCredential = false; + public static requireCredential = false as const; constructor(id: string, connection: Channel['connection']) { super(id, connection); @@ -53,9 +53,10 @@ class ServerStatsChannel extends Channel { } @Injectable() -export class ServerStatsChannelService { +export class ServerStatsChannelService implements MiChannelService { public readonly shouldShare = ServerStatsChannel.shouldShare; public readonly requireCredential = ServerStatsChannel.requireCredential; + public readonly kind = ServerStatsChannel.kind; constructor( ) { diff --git a/packages/backend/src/server/api/stream/channels/user-list.ts b/packages/backend/src/server/api/stream/channels/user-list.ts index fe293e2b4d..909b5a5e03 100644 --- a/packages/backend/src/server/api/stream/channels/user-list.ts +++ b/packages/backend/src/server/api/stream/channels/user-list.ts @@ -11,12 +11,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js'; import { DI } from '@/di-symbols.js'; import { bindThis } from '@/decorators.js'; import { isInstanceMuted } from '@/misc/is-instance-muted.js'; -import Channel from '../channel.js'; +import Channel, { type MiChannelService } from '../channel.js'; class UserListChannel extends Channel { public readonly chName = 'userList'; public static shouldShare = false; - public static requireCredential = false; + public static requireCredential = false as const; private listId: string; private membershipsMap: Record | undefined> = {}; private listUsersClock: NodeJS.Timeout; @@ -137,9 +137,10 @@ class UserListChannel extends Channel { } @Injectable() -export class UserListChannelService { +export class UserListChannelService implements MiChannelService { public readonly shouldShare = UserListChannel.shouldShare; public readonly requireCredential = UserListChannel.requireCredential; + public readonly kind = UserListChannel.kind; constructor( @Inject(DI.userListsRepository) diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts index 15da74931d..cf24228b83 100644 --- a/packages/backend/test/e2e/api.ts +++ b/packages/backend/test/e2e/api.ts @@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; import { IncomingMessage } from 'http'; -import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js'; +import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch, createAppToken } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -89,6 +89,11 @@ describe('API', () => { }); test('管理者専用のAPIのアクセス制限', async () => { + const application = await createAppToken(alice, ['read:account']); + const application2 = await createAppToken(alice, ['read:admin:index-stats']); + const application3 = await createAppToken(bob, []); + const application4 = await createAppToken(bob, ['read:admin:index-stats']); + // aliceは管理者、APIを使える await successfulApiCall({ endpoint: '/admin/get-index-stats', @@ -128,6 +133,42 @@ describe('API', () => { code: 'AUTHENTICATION_FAILED', id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14', }); + + await successfulApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application2 }, + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application }, + }, { + status: 403, + code: 'PERMISSION_DENIED', + id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application3 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); + + await failedApiCall({ + endpoint: '/admin/get-index-stats', + parameters: {}, + user: { token: application4 }, + }, { + status: 403, + code: 'ROLE_PERMISSION_DENIED', + id: 'c3d38592-54c0-429d-be96-5636b0431a61', + }); }); describe('Authentication header', () => { diff --git a/packages/backend/test/e2e/streaming.ts b/packages/backend/test/e2e/streaming.ts index c4824f50ce..288c54bdbc 100644 --- a/packages/backend/test/e2e/streaming.ts +++ b/packages/backend/test/e2e/streaming.ts @@ -6,8 +6,9 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; +import { WebSocket } from 'ws'; import { MiFollowing } from '@/models/Following.js'; -import { signup, api, post, startServer, initTestDb, waitFire } from '../utils.js'; +import { signup, api, post, startServer, initTestDb, waitFire, createAppToken, port } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import type * as misskey from 'misskey-js'; @@ -560,6 +561,28 @@ describe('Streaming', () => { }); }); + test('Authentication', async () => { + const application = await createAppToken(ayano, []); + const application2 = await createAppToken(ayano, ['read:account']); + const socket = new WebSocket(`ws://127.0.0.1:${port}/streaming?i=${application}`); + const established = await new Promise((resolve, reject) => { + socket.on('error', () => resolve(false)); + socket.on('unexpected-response', () => resolve(false)); + setTimeout(() => resolve(true), 3000); + }); + + socket.close(); + assert.strictEqual(established, false); + + const fired = await waitFire( + { token: application2 }, 'hybridTimeline', + () => api('notes/create', { text: 'Hello, world!' }, ayano), + msg => msg.type === 'note' && msg.body.userId === ayano.id, + ); + + assert.strictEqual(fired, true); + }); + // XXX: QueryFailedError: duplicate key value violates unique constraint "IDX_347fec870eafea7b26c8a73bac" /* describe('Hashtag Timeline', () => { diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts index 97118d73c0..db7629d2c4 100644 --- a/packages/backend/test/utils.ts +++ b/packages/backend/test/utils.ts @@ -6,6 +6,7 @@ import * as assert from 'node:assert'; import { readFile } from 'node:fs/promises'; import { isAbsolute, basename } from 'node:path'; +import { randomUUID } from 'node:crypto'; import { inspect } from 'node:util'; import WebSocket, { ClientOptions } from 'ws'; import fetch, { File, RequestInit } from 'node-fetch'; @@ -126,6 +127,15 @@ export const post = async (user: UserToken, params?: misskey.Endpoints['notes/cr return res.body ? res.body.createdNote : null; }; +export const createAppToken = async (user: UserToken, permissions: (typeof misskey.permissions)[number][]) => { + const res = await api('miauth/gen-token', { + session: randomUUID(), + permission: permissions, + }, user); + + return (res.body as misskey.entities.MiauthGenTokenResponse).token; +}; + // 非公開ノートをAPI越しに見たときのノート NoteEntityService.ts export const hiddenNote = (note: any): any => { const temp = { diff --git a/packages/frontend/src/components/MkTokenGenerateWindow.vue b/packages/frontend/src/components/MkTokenGenerateWindow.vue index f5fa86a908..8e8e26ed5f 100644 --- a/packages/frontend/src/components/MkTokenGenerateWindow.vue +++ b/packages/frontend/src/components/MkTokenGenerateWindow.vue @@ -33,7 +33,7 @@ SPDX-License-Identifier: AGPL-3.0-only {{ i18n.ts.enableAll }}
- {{ i18n.t(`_permissions.${kind}`) }} + {{ i18n.t(`_permissions.${kind}`) }}
@@ -54,7 +54,7 @@ const props = withDefaults(defineProps<{ title?: string | null; information?: string | null; initialName?: string | null; - initialPermissions?: string[] | null; + initialPermissions?: (typeof Misskey.permissions)[number][] | null; }>(), { title: null, information: null, @@ -67,16 +67,17 @@ const emit = defineEmits<{ (ev: 'done', result: { name: string | null, permissions: string[] }): void; }>(); +const defaultPermissions = Misskey.permissions.filter(p => !p.startsWith('read:admin') && !p.startsWith('write:admin')); const dialog = shallowRef>(); const name = ref(props.initialName); -const permissions = ref({}); +const permissions = ref(>{}); if (props.initialPermissions) { for (const kind of props.initialPermissions) { permissions.value[kind] = true; } } else { - for (const kind of Misskey.permissions) { + for (const kind of defaultPermissions) { permissions.value[kind] = false; } } diff --git a/packages/misskey-js/src/autogen/apiClientJSDoc.ts b/packages/misskey-js/src/autogen/apiClientJSDoc.ts index 7f4094845a..758beaf3a0 100644 --- a/packages/misskey-js/src/autogen/apiClientJSDoc.ts +++ b/packages/misskey-js/src/autogen/apiClientJSDoc.ts @@ -1,6 +1,6 @@ /* * version: 2023.12.0 - * generatedAt: 2023-12-25T03:48:32.008Z + * generatedAt: 2023-12-26T23:35:09.494Z */ import type { SwitchCaseResponseType } from '../api.js'; @@ -11,7 +11,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:meta* */ request( endpoint: E, @@ -22,7 +22,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports* */ request( endpoint: E, @@ -33,7 +33,8 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *No* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *No* */ request( endpoint: E, @@ -44,7 +45,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:account* */ request( endpoint: E, @@ -55,7 +56,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:account* */ request( endpoint: E, @@ -66,7 +67,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ request( endpoint: E, @@ -77,7 +78,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ request( endpoint: E, @@ -88,7 +89,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:ad* */ request( endpoint: E, @@ -99,7 +100,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ request( endpoint: E, @@ -110,7 +111,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ request( endpoint: E, @@ -121,7 +122,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ request( endpoint: E, @@ -132,7 +133,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:announcements* */ request( endpoint: E, @@ -143,7 +144,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ request( endpoint: E, @@ -154,7 +155,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ request( endpoint: E, @@ -165,7 +166,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ request( endpoint: E, @@ -176,7 +177,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations* */ request( endpoint: E, @@ -187,7 +188,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ request( endpoint: E, @@ -198,7 +199,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user* */ request( endpoint: E, @@ -209,7 +210,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar* */ request( endpoint: E, @@ -220,7 +221,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner* */ request( endpoint: E, @@ -231,7 +232,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ request( endpoint: E, @@ -242,7 +243,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ request( endpoint: E, @@ -253,7 +254,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ request( endpoint: E, @@ -264,7 +265,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ request( endpoint: E, @@ -275,7 +276,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -286,7 +287,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -297,7 +298,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -308,7 +309,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -319,7 +320,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -330,7 +331,8 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *Yes* */ request( endpoint: E, @@ -341,7 +343,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ request( endpoint: E, @@ -352,7 +354,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ request( endpoint: E, @@ -363,7 +365,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -374,7 +376,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -385,7 +387,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -396,7 +398,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -407,7 +409,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ request( endpoint: E, @@ -418,7 +420,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ request( endpoint: E, @@ -429,7 +431,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ request( endpoint: E, @@ -440,7 +442,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ request( endpoint: E, @@ -451,7 +453,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ request( endpoint: E, @@ -462,7 +464,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats* */ request( endpoint: E, @@ -473,7 +475,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats* */ request( endpoint: E, @@ -484,7 +486,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips* */ request( endpoint: E, @@ -495,7 +497,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes* */ request( endpoint: E, @@ -506,7 +508,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes* */ request( endpoint: E, @@ -517,7 +519,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:promo* */ request( endpoint: E, @@ -528,7 +530,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ request( endpoint: E, @@ -539,7 +541,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ request( endpoint: E, @@ -550,7 +552,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ request( endpoint: E, @@ -561,7 +563,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ request( endpoint: E, @@ -572,7 +574,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ request( endpoint: E, @@ -583,7 +585,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ request( endpoint: E, @@ -594,7 +596,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:relays* */ request( endpoint: E, @@ -605,7 +607,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ request( endpoint: E, @@ -616,7 +618,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password* */ request( endpoint: E, @@ -627,7 +629,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report* */ request( endpoint: E, @@ -638,7 +640,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:send-email* */ request( endpoint: E, @@ -649,7 +651,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:server-info* */ request( endpoint: E, @@ -660,7 +662,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log* */ request( endpoint: E, @@ -671,7 +673,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-user* */ request( endpoint: E, @@ -682,7 +684,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-users* */ request( endpoint: E, @@ -693,7 +695,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user* */ request( endpoint: E, @@ -704,7 +706,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user* */ request( endpoint: E, @@ -715,7 +717,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:meta* */ request( endpoint: E, @@ -726,7 +728,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account* */ request( endpoint: E, @@ -737,7 +739,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:user-note* */ request( endpoint: E, @@ -748,7 +750,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -759,7 +761,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -770,7 +772,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ request( endpoint: E, @@ -781,7 +783,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ request( endpoint: E, @@ -792,7 +794,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -803,7 +805,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -814,7 +816,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -825,7 +827,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ request( endpoint: E, @@ -836,7 +838,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *No* / **Permission**: *read:admin* + * **Credential required**: *No* / **Permission**: *read:admin:roles* */ request( endpoint: E, @@ -924,7 +926,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:federation* */ request( endpoint: E, @@ -935,7 +937,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -1729,7 +1731,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ request( endpoint: E, @@ -2037,7 +2039,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2168,7 +2170,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -2469,7 +2471,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2480,7 +2482,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2491,7 +2493,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2502,7 +2504,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2513,7 +2515,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2524,7 +2526,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -2547,7 +2549,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -2683,7 +2685,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ request( endpoint: E, @@ -2694,7 +2696,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ request( endpoint: E, @@ -2705,7 +2707,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ request( endpoint: E, @@ -2716,7 +2718,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ request( endpoint: E, @@ -2838,7 +2840,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2959,7 +2961,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2981,7 +2983,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -2992,7 +2994,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3102,7 +3104,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3135,7 +3137,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3146,7 +3148,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3168,7 +3170,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3422,7 +3424,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -3433,7 +3435,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3466,7 +3468,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3532,6 +3534,7 @@ declare module '../api.js' { /** * Check push notification registration exists. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ request( @@ -3543,6 +3546,7 @@ declare module '../api.js' { /** * Update push notification registration. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ request( @@ -3554,6 +3558,7 @@ declare module '../api.js' { /** * Register to receive push notifications. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ request( @@ -3741,7 +3746,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -3752,7 +3757,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -3774,7 +3779,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ request( endpoint: E, @@ -3862,7 +3867,7 @@ declare module '../api.js' { /** * Show the different kinds of relations between the authenticated user and the specified user(s). * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ request( endpoint: E, @@ -3873,7 +3878,7 @@ declare module '../api.js' { /** * File a report. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:report-abuse* */ request( endpoint: E, @@ -3917,7 +3922,7 @@ declare module '../api.js' { /** * No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ request( endpoint: E, @@ -3950,6 +3955,7 @@ declare module '../api.js' { /** * No description provided. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ request( diff --git a/packages/misskey-js/src/autogen/endpoint.ts b/packages/misskey-js/src/autogen/endpoint.ts index 5e05759047..2ed76a22f9 100644 --- a/packages/misskey-js/src/autogen/endpoint.ts +++ b/packages/misskey-js/src/autogen/endpoint.ts @@ -1,6 +1,6 @@ /* * version: 2023.12.0 - * generatedAt: 2023-12-25T03:48:32.001Z + * generatedAt: 2023-12-26T23:35:09.491Z */ import type { diff --git a/packages/misskey-js/src/autogen/entities.ts b/packages/misskey-js/src/autogen/entities.ts index ceb2f242ac..c857e8e370 100644 --- a/packages/misskey-js/src/autogen/entities.ts +++ b/packages/misskey-js/src/autogen/entities.ts @@ -1,6 +1,6 @@ /* * version: 2023.12.0 - * generatedAt: 2023-12-25T03:48:31.996Z + * generatedAt: 2023-12-26T23:35:09.489Z */ import { operations } from './types.js'; diff --git a/packages/misskey-js/src/autogen/models.ts b/packages/misskey-js/src/autogen/models.ts index a7fde6c1a3..c5b81a6b41 100644 --- a/packages/misskey-js/src/autogen/models.ts +++ b/packages/misskey-js/src/autogen/models.ts @@ -1,6 +1,6 @@ /* * version: 2023.12.0 - * generatedAt: 2023-12-25T03:48:31.993Z + * generatedAt: 2023-12-26T23:35:09.485Z */ import { components } from './types.js'; diff --git a/packages/misskey-js/src/autogen/types.ts b/packages/misskey-js/src/autogen/types.ts index 28fe5654e6..94bb263980 100644 --- a/packages/misskey-js/src/autogen/types.ts +++ b/packages/misskey-js/src/autogen/types.ts @@ -3,7 +3,7 @@ /* * version: 2023.12.0 - * generatedAt: 2023-12-25T03:48:31.850Z + * generatedAt: 2023-12-26T23:35:09.389Z */ /** @@ -22,7 +22,7 @@ export type paths = { * admin/meta * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:meta* */ post: operations['admin/meta']; }; @@ -31,7 +31,7 @@ export type paths = { * admin/abuse-user-reports * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports* */ post: operations['admin/abuse-user-reports']; }; @@ -40,7 +40,8 @@ export type paths = { * admin/accounts/create * @description No description provided. * - * **Credential required**: *No* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *No* */ post: operations['admin/accounts/create']; }; @@ -49,7 +50,7 @@ export type paths = { * admin/accounts/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:account* */ post: operations['admin/accounts/delete']; }; @@ -58,7 +59,7 @@ export type paths = { * admin/accounts/find-by-email * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:account* */ post: operations['admin/accounts/find-by-email']; }; @@ -67,7 +68,7 @@ export type paths = { * admin/ad/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ post: operations['admin/ad/create']; }; @@ -76,7 +77,7 @@ export type paths = { * admin/ad/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ post: operations['admin/ad/delete']; }; @@ -85,7 +86,7 @@ export type paths = { * admin/ad/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:ad* */ post: operations['admin/ad/list']; }; @@ -94,7 +95,7 @@ export type paths = { * admin/ad/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ post: operations['admin/ad/update']; }; @@ -103,7 +104,7 @@ export type paths = { * admin/announcements/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ post: operations['admin/announcements/create']; }; @@ -112,7 +113,7 @@ export type paths = { * admin/announcements/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ post: operations['admin/announcements/delete']; }; @@ -121,7 +122,7 @@ export type paths = { * admin/announcements/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:announcements* */ post: operations['admin/announcements/list']; }; @@ -130,7 +131,7 @@ export type paths = { * admin/announcements/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ post: operations['admin/announcements/update']; }; @@ -139,7 +140,7 @@ export type paths = { * admin/avatar-decorations/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ post: operations['admin/avatar-decorations/create']; }; @@ -148,7 +149,7 @@ export type paths = { * admin/avatar-decorations/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ post: operations['admin/avatar-decorations/delete']; }; @@ -157,7 +158,7 @@ export type paths = { * admin/avatar-decorations/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations* */ post: operations['admin/avatar-decorations/list']; }; @@ -166,7 +167,7 @@ export type paths = { * admin/avatar-decorations/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ post: operations['admin/avatar-decorations/update']; }; @@ -175,7 +176,7 @@ export type paths = { * admin/delete-all-files-of-a-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user* */ post: operations['admin/delete-all-files-of-a-user']; }; @@ -184,7 +185,7 @@ export type paths = { * admin/unset-user-avatar * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar* */ post: operations['admin/unset-user-avatar']; }; @@ -193,7 +194,7 @@ export type paths = { * admin/unset-user-banner * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner* */ post: operations['admin/unset-user-banner']; }; @@ -202,7 +203,7 @@ export type paths = { * admin/drive/clean-remote-files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ post: operations['admin/drive/clean-remote-files']; }; @@ -211,7 +212,7 @@ export type paths = { * admin/drive/cleanup * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ post: operations['admin/drive/cleanup']; }; @@ -220,7 +221,7 @@ export type paths = { * admin/drive/files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ post: operations['admin/drive/files']; }; @@ -229,7 +230,7 @@ export type paths = { * admin/drive/show-file * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ post: operations['admin/drive/show-file']; }; @@ -238,7 +239,7 @@ export type paths = { * admin/emoji/add-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/add-aliases-bulk']; }; @@ -247,7 +248,7 @@ export type paths = { * admin/emoji/add * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/add']; }; @@ -256,7 +257,7 @@ export type paths = { * admin/emoji/copy * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/copy']; }; @@ -265,7 +266,7 @@ export type paths = { * admin/emoji/delete-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/delete-bulk']; }; @@ -274,7 +275,7 @@ export type paths = { * admin/emoji/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/delete']; }; @@ -283,7 +284,8 @@ export type paths = { * admin/emoji/import-zip * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *Yes* */ post: operations['admin/emoji/import-zip']; }; @@ -292,7 +294,7 @@ export type paths = { * admin/emoji/list-remote * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ post: operations['admin/emoji/list-remote']; }; @@ -301,7 +303,7 @@ export type paths = { * admin/emoji/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ post: operations['admin/emoji/list']; }; @@ -310,7 +312,7 @@ export type paths = { * admin/emoji/remove-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/remove-aliases-bulk']; }; @@ -319,7 +321,7 @@ export type paths = { * admin/emoji/set-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/set-aliases-bulk']; }; @@ -328,7 +330,7 @@ export type paths = { * admin/emoji/set-category-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/set-category-bulk']; }; @@ -337,7 +339,7 @@ export type paths = { * admin/emoji/set-license-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/set-license-bulk']; }; @@ -346,7 +348,7 @@ export type paths = { * admin/emoji/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ post: operations['admin/emoji/update']; }; @@ -355,7 +357,7 @@ export type paths = { * admin/federation/delete-all-files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ post: operations['admin/federation/delete-all-files']; }; @@ -364,7 +366,7 @@ export type paths = { * admin/federation/refresh-remote-instance-metadata * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ post: operations['admin/federation/refresh-remote-instance-metadata']; }; @@ -373,7 +375,7 @@ export type paths = { * admin/federation/remove-all-following * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ post: operations['admin/federation/remove-all-following']; }; @@ -382,7 +384,7 @@ export type paths = { * admin/federation/update-instance * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ post: operations['admin/federation/update-instance']; }; @@ -391,7 +393,7 @@ export type paths = { * admin/get-index-stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats* */ post: operations['admin/get-index-stats']; }; @@ -400,7 +402,7 @@ export type paths = { * admin/get-table-stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats* */ post: operations['admin/get-table-stats']; }; @@ -409,7 +411,7 @@ export type paths = { * admin/get-user-ips * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips* */ post: operations['admin/get-user-ips']; }; @@ -418,7 +420,7 @@ export type paths = { * admin/invite/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes* */ post: operations['admin/invite/create']; }; @@ -427,7 +429,7 @@ export type paths = { * admin/invite/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes* */ post: operations['admin/invite/list']; }; @@ -436,7 +438,7 @@ export type paths = { * admin/promo/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:promo* */ post: operations['admin/promo/create']; }; @@ -445,7 +447,7 @@ export type paths = { * admin/queue/clear * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ post: operations['admin/queue/clear']; }; @@ -454,7 +456,7 @@ export type paths = { * admin/queue/deliver-delayed * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ post: operations['admin/queue/deliver-delayed']; }; @@ -463,7 +465,7 @@ export type paths = { * admin/queue/inbox-delayed * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ post: operations['admin/queue/inbox-delayed']; }; @@ -472,7 +474,7 @@ export type paths = { * admin/queue/promote * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ post: operations['admin/queue/promote']; }; @@ -481,7 +483,7 @@ export type paths = { * admin/queue/stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ post: operations['admin/queue/stats']; }; @@ -490,7 +492,7 @@ export type paths = { * admin/relays/add * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ post: operations['admin/relays/add']; }; @@ -499,7 +501,7 @@ export type paths = { * admin/relays/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:relays* */ post: operations['admin/relays/list']; }; @@ -508,7 +510,7 @@ export type paths = { * admin/relays/remove * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ post: operations['admin/relays/remove']; }; @@ -517,7 +519,7 @@ export type paths = { * admin/reset-password * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password* */ post: operations['admin/reset-password']; }; @@ -526,7 +528,7 @@ export type paths = { * admin/resolve-abuse-user-report * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report* */ post: operations['admin/resolve-abuse-user-report']; }; @@ -535,7 +537,7 @@ export type paths = { * admin/send-email * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:send-email* */ post: operations['admin/send-email']; }; @@ -544,7 +546,7 @@ export type paths = { * admin/server-info * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:server-info* */ post: operations['admin/server-info']; }; @@ -553,7 +555,7 @@ export type paths = { * admin/show-moderation-logs * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log* */ post: operations['admin/show-moderation-logs']; }; @@ -562,7 +564,7 @@ export type paths = { * admin/show-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-user* */ post: operations['admin/show-user']; }; @@ -571,7 +573,7 @@ export type paths = { * admin/show-users * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-users* */ post: operations['admin/show-users']; }; @@ -580,7 +582,7 @@ export type paths = { * admin/suspend-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user* */ post: operations['admin/suspend-user']; }; @@ -589,7 +591,7 @@ export type paths = { * admin/unsuspend-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user* */ post: operations['admin/unsuspend-user']; }; @@ -598,7 +600,7 @@ export type paths = { * admin/update-meta * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:meta* */ post: operations['admin/update-meta']; }; @@ -607,7 +609,7 @@ export type paths = { * admin/delete-account * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account* */ post: operations['admin/delete-account']; }; @@ -616,7 +618,7 @@ export type paths = { * admin/update-user-note * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:user-note* */ post: operations['admin/update-user-note']; }; @@ -625,7 +627,7 @@ export type paths = { * admin/roles/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/create']; }; @@ -634,7 +636,7 @@ export type paths = { * admin/roles/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/delete']; }; @@ -643,7 +645,7 @@ export type paths = { * admin/roles/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ post: operations['admin/roles/list']; }; @@ -652,7 +654,7 @@ export type paths = { * admin/roles/show * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ post: operations['admin/roles/show']; }; @@ -661,7 +663,7 @@ export type paths = { * admin/roles/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/update']; }; @@ -670,7 +672,7 @@ export type paths = { * admin/roles/assign * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/assign']; }; @@ -679,7 +681,7 @@ export type paths = { * admin/roles/unassign * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/unassign']; }; @@ -688,7 +690,7 @@ export type paths = { * admin/roles/update-default-policies * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ post: operations['admin/roles/update-default-policies']; }; @@ -697,7 +699,7 @@ export type paths = { * admin/roles/users * @description No description provided. * - * **Credential required**: *No* / **Permission**: *read:admin* + * **Credential required**: *No* / **Permission**: *read:admin:roles* */ post: operations['admin/roles/users']; }; @@ -769,7 +771,7 @@ export type paths = { * ap/get * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:federation* */ post: operations['ap/get']; }; @@ -778,7 +780,7 @@ export type paths = { * ap/show * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['ap/show']; }; @@ -1519,7 +1521,7 @@ export type paths = { * federation/update-remote-user * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ post: operations['federation/update-remote-user']; }; @@ -1792,7 +1794,7 @@ export type paths = { * i * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i']; }; @@ -1901,7 +1903,7 @@ export type paths = { * i/claim-achievement * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['i/claim-achievement']; }; @@ -2150,7 +2152,7 @@ export type paths = { * i/registry/get-all * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i/registry/get-all']; }; @@ -2159,7 +2161,7 @@ export type paths = { * i/registry/get-detail * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i/registry/get-detail']; }; @@ -2168,7 +2170,7 @@ export type paths = { * i/registry/get * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i/registry/get']; }; @@ -2177,7 +2179,7 @@ export type paths = { * i/registry/keys-with-type * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i/registry/keys-with-type']; }; @@ -2186,7 +2188,7 @@ export type paths = { * i/registry/keys * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['i/registry/keys']; }; @@ -2195,7 +2197,7 @@ export type paths = { * i/registry/remove * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['i/registry/remove']; }; @@ -2214,7 +2216,7 @@ export type paths = { * i/registry/set * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['i/registry/set']; }; @@ -2326,7 +2328,7 @@ export type paths = { * invite/create * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ post: operations['invite/create']; }; @@ -2335,7 +2337,7 @@ export type paths = { * invite/delete * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ post: operations['invite/delete']; }; @@ -2344,7 +2346,7 @@ export type paths = { * invite/list * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ post: operations['invite/list']; }; @@ -2353,7 +2355,7 @@ export type paths = { * invite/limit * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ post: operations['invite/limit']; }; @@ -2467,7 +2469,7 @@ export type paths = { * my/apps * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['my/apps']; }; @@ -2573,7 +2575,7 @@ export type paths = { * notes/hybrid-timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/hybrid-timeline']; }; @@ -2591,7 +2593,7 @@ export type paths = { * notes/mentions * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/mentions']; }; @@ -2600,7 +2602,7 @@ export type paths = { * notes/polls/recommendation * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/polls/recommendation']; }; @@ -2697,7 +2699,7 @@ export type paths = { * notes/state * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/state']; }; @@ -2724,7 +2726,7 @@ export type paths = { * notes/timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/timeline']; }; @@ -2733,7 +2735,7 @@ export type paths = { * notes/translate * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/translate']; }; @@ -2751,7 +2753,7 @@ export type paths = { * notes/user-list-timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['notes/user-list-timeline']; }; @@ -2959,7 +2961,7 @@ export type paths = { * promo/read * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['promo/read']; }; @@ -2968,7 +2970,7 @@ export type paths = { * roles/list * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['roles/list']; }; @@ -2995,7 +2997,7 @@ export type paths = { * roles/notes * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['roles/notes']; }; @@ -3056,6 +3058,7 @@ export type paths = { * sw/show-registration * @description Check push notification registration exists. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ post: operations['sw/show-registration']; @@ -3065,6 +3068,7 @@ export type paths = { * sw/update-registration * @description Update push notification registration. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ post: operations['sw/update-registration']; @@ -3074,6 +3078,7 @@ export type paths = { * sw/register * @description Register to receive push notifications. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ post: operations['sw/register']; @@ -3234,7 +3239,7 @@ export type paths = { * users/lists/favorite * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['users/lists/favorite']; }; @@ -3243,7 +3248,7 @@ export type paths = { * users/lists/unfavorite * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['users/lists/unfavorite']; }; @@ -3261,7 +3266,7 @@ export type paths = { * users/lists/create-from-public * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ post: operations['users/lists/create-from-public']; }; @@ -3333,7 +3338,7 @@ export type paths = { * users/relation * @description Show the different kinds of relations between the authenticated user and the specified user(s). * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ post: operations['users/relation']; }; @@ -3342,7 +3347,7 @@ export type paths = { * users/report-abuse * @description File a report. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:report-abuse* */ post: operations['users/report-abuse']; }; @@ -3378,7 +3383,7 @@ export type paths = { * users/achievements * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ post: operations['users/achievements']; }; @@ -3412,6 +3417,7 @@ export type paths = { * fetch-external-resources * @description No description provided. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ post: operations['fetch-external-resources']; @@ -4381,7 +4387,7 @@ export type operations = { * admin/meta * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:meta* */ 'admin/meta': { responses: { @@ -4522,7 +4528,7 @@ export type operations = { * admin/abuse-user-reports * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports* */ 'admin/abuse-user-reports': { requestBody: { @@ -4614,7 +4620,8 @@ export type operations = { * admin/accounts/create * @description No description provided. * - * **Credential required**: *No* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *No* */ 'admin/accounts/create': { requestBody: { @@ -4668,7 +4675,7 @@ export type operations = { * admin/accounts/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:account* */ 'admin/accounts/delete': { requestBody: { @@ -4720,7 +4727,7 @@ export type operations = { * admin/accounts/find-by-email * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:account* */ 'admin/accounts/find-by-email': { requestBody: { @@ -4773,7 +4780,7 @@ export type operations = { * admin/ad/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ 'admin/ad/create': { requestBody: { @@ -4834,7 +4841,7 @@ export type operations = { * admin/ad/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ 'admin/ad/delete': { requestBody: { @@ -4886,7 +4893,7 @@ export type operations = { * admin/ad/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:ad* */ 'admin/ad/list': { requestBody: { @@ -4946,7 +4953,7 @@ export type operations = { * admin/ad/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:ad* */ 'admin/ad/update': { requestBody: { @@ -5007,7 +5014,7 @@ export type operations = { * admin/announcements/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ 'admin/announcements/create': { requestBody: { @@ -5096,7 +5103,7 @@ export type operations = { * admin/announcements/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ 'admin/announcements/delete': { requestBody: { @@ -5148,7 +5155,7 @@ export type operations = { * admin/announcements/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:announcements* */ 'admin/announcements/list': { requestBody: { @@ -5222,7 +5229,7 @@ export type operations = { * admin/announcements/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:announcements* */ 'admin/announcements/update': { requestBody: { @@ -5285,7 +5292,7 @@ export type operations = { * admin/avatar-decorations/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ 'admin/avatar-decorations/create': { requestBody: { @@ -5339,7 +5346,7 @@ export type operations = { * admin/avatar-decorations/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ 'admin/avatar-decorations/delete': { requestBody: { @@ -5391,7 +5398,7 @@ export type operations = { * admin/avatar-decorations/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations* */ 'admin/avatar-decorations/list': { requestBody: { @@ -5465,7 +5472,7 @@ export type operations = { * admin/avatar-decorations/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations* */ 'admin/avatar-decorations/update': { requestBody: { @@ -5521,7 +5528,7 @@ export type operations = { * admin/delete-all-files-of-a-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user* */ 'admin/delete-all-files-of-a-user': { requestBody: { @@ -5573,7 +5580,7 @@ export type operations = { * admin/unset-user-avatar * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar* */ 'admin/unset-user-avatar': { requestBody: { @@ -5625,7 +5632,7 @@ export type operations = { * admin/unset-user-banner * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner* */ 'admin/unset-user-banner': { requestBody: { @@ -5677,7 +5684,7 @@ export type operations = { * admin/drive/clean-remote-files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ 'admin/drive/clean-remote-files': { responses: { @@ -5721,7 +5728,7 @@ export type operations = { * admin/drive/cleanup * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:drive* */ 'admin/drive/cleanup': { responses: { @@ -5765,7 +5772,7 @@ export type operations = { * admin/drive/files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ 'admin/drive/files': { requestBody: { @@ -5836,7 +5843,7 @@ export type operations = { * admin/drive/show-file * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:drive* */ 'admin/drive/show-file': { requestBody: { @@ -5940,7 +5947,7 @@ export type operations = { * admin/emoji/add-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/add-aliases-bulk': { requestBody: { @@ -5992,7 +5999,7 @@ export type operations = { * admin/emoji/add * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/add': { requestBody: { @@ -6052,7 +6059,7 @@ export type operations = { * admin/emoji/copy * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/copy': { requestBody: { @@ -6109,7 +6116,7 @@ export type operations = { * admin/emoji/delete-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/delete-bulk': { requestBody: { @@ -6160,7 +6167,7 @@ export type operations = { * admin/emoji/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/delete': { requestBody: { @@ -6212,7 +6219,8 @@ export type operations = { * admin/emoji/import-zip * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. + * **Credential required**: *Yes* */ 'admin/emoji/import-zip': { requestBody: { @@ -6264,7 +6272,7 @@ export type operations = { * admin/emoji/list-remote * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ 'admin/emoji/list-remote': { requestBody: { @@ -6338,7 +6346,7 @@ export type operations = { * admin/emoji/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ 'admin/emoji/list': { requestBody: { @@ -6407,7 +6415,7 @@ export type operations = { * admin/emoji/remove-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/remove-aliases-bulk': { requestBody: { @@ -6459,7 +6467,7 @@ export type operations = { * admin/emoji/set-aliases-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/set-aliases-bulk': { requestBody: { @@ -6511,7 +6519,7 @@ export type operations = { * admin/emoji/set-category-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/set-category-bulk': { requestBody: { @@ -6564,7 +6572,7 @@ export type operations = { * admin/emoji/set-license-bulk * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/set-license-bulk': { requestBody: { @@ -6617,7 +6625,7 @@ export type operations = { * admin/emoji/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:emoji* */ 'admin/emoji/update': { requestBody: { @@ -6679,7 +6687,7 @@ export type operations = { * admin/federation/delete-all-files * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ 'admin/federation/delete-all-files': { requestBody: { @@ -6730,7 +6738,7 @@ export type operations = { * admin/federation/refresh-remote-instance-metadata * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ 'admin/federation/refresh-remote-instance-metadata': { requestBody: { @@ -6781,7 +6789,7 @@ export type operations = { * admin/federation/remove-all-following * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ 'admin/federation/remove-all-following': { requestBody: { @@ -6832,7 +6840,7 @@ export type operations = { * admin/federation/update-instance * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:federation* */ 'admin/federation/update-instance': { requestBody: { @@ -6884,7 +6892,7 @@ export type operations = { * admin/get-index-stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats* */ 'admin/get-index-stats': { responses: { @@ -6933,7 +6941,7 @@ export type operations = { * admin/get-table-stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats* */ 'admin/get-table-stats': { responses: { @@ -6979,7 +6987,7 @@ export type operations = { * admin/get-user-ips * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips* */ 'admin/get-user-ips': { requestBody: { @@ -7037,7 +7045,7 @@ export type operations = { * admin/invite/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes* */ 'admin/invite/create': { requestBody: { @@ -7092,7 +7100,7 @@ export type operations = { * admin/invite/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes* */ 'admin/invite/list': { requestBody: { @@ -7155,7 +7163,7 @@ export type operations = { * admin/promo/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:promo* */ 'admin/promo/create': { requestBody: { @@ -7208,7 +7216,7 @@ export type operations = { * admin/queue/clear * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ 'admin/queue/clear': { responses: { @@ -7252,7 +7260,7 @@ export type operations = { * admin/queue/deliver-delayed * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ 'admin/queue/deliver-delayed': { responses: { @@ -7298,7 +7306,7 @@ export type operations = { * admin/queue/inbox-delayed * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:queue* */ 'admin/queue/inbox-delayed': { responses: { @@ -7344,7 +7352,7 @@ export type operations = { * admin/queue/promote * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:queue* */ 'admin/queue/promote': { requestBody: { @@ -7396,7 +7404,7 @@ export type operations = { * admin/queue/stats * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:emoji* */ 'admin/queue/stats': { responses: { @@ -7447,7 +7455,7 @@ export type operations = { * admin/relays/add * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ 'admin/relays/add': { requestBody: { @@ -7510,7 +7518,7 @@ export type operations = { * admin/relays/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:relays* */ 'admin/relays/list': { responses: { @@ -7566,7 +7574,7 @@ export type operations = { * admin/relays/remove * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:relays* */ 'admin/relays/remove': { requestBody: { @@ -7617,7 +7625,7 @@ export type operations = { * admin/reset-password * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password* */ 'admin/reset-password': { requestBody: { @@ -7673,7 +7681,7 @@ export type operations = { * admin/resolve-abuse-user-report * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report* */ 'admin/resolve-abuse-user-report': { requestBody: { @@ -7727,7 +7735,7 @@ export type operations = { * admin/send-email * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:send-email* */ 'admin/send-email': { requestBody: { @@ -7780,7 +7788,7 @@ export type operations = { * admin/server-info * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:server-info* */ 'admin/server-info': { responses: { @@ -7850,7 +7858,7 @@ export type operations = { * admin/show-moderation-logs * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log* */ 'admin/show-moderation-logs': { requestBody: { @@ -7921,7 +7929,7 @@ export type operations = { * admin/show-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-user* */ 'admin/show-user': { requestBody: { @@ -7975,7 +7983,7 @@ export type operations = { * admin/show-users * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:show-users* */ 'admin/show-users': { requestBody: { @@ -8050,7 +8058,7 @@ export type operations = { * admin/suspend-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user* */ 'admin/suspend-user': { requestBody: { @@ -8102,7 +8110,7 @@ export type operations = { * admin/unsuspend-user * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user* */ 'admin/unsuspend-user': { requestBody: { @@ -8154,7 +8162,7 @@ export type operations = { * admin/update-meta * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:meta* */ 'admin/update-meta': { requestBody: { @@ -8299,7 +8307,7 @@ export type operations = { * admin/delete-account * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account* */ 'admin/delete-account': { requestBody: { @@ -8353,7 +8361,7 @@ export type operations = { * admin/update-user-note * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:user-note* */ 'admin/update-user-note': { requestBody: { @@ -8406,7 +8414,7 @@ export type operations = { * admin/roles/create * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/create': { requestBody: { @@ -8474,7 +8482,7 @@ export type operations = { * admin/roles/delete * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/delete': { requestBody: { @@ -8526,7 +8534,7 @@ export type operations = { * admin/roles/list * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ 'admin/roles/list': { responses: { @@ -8572,7 +8580,7 @@ export type operations = { * admin/roles/show * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *read:admin* + * **Credential required**: *Yes* / **Permission**: *read:admin:roles* */ 'admin/roles/show': { requestBody: { @@ -8626,7 +8634,7 @@ export type operations = { * admin/roles/update * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/update': { requestBody: { @@ -8693,7 +8701,7 @@ export type operations = { * admin/roles/assign * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/assign': { requestBody: { @@ -8748,7 +8756,7 @@ export type operations = { * admin/roles/unassign * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/unassign': { requestBody: { @@ -8802,7 +8810,7 @@ export type operations = { * admin/roles/update-default-policies * @description No description provided. * - * **Credential required**: *Yes* / **Permission**: *write:admin* + * **Credential required**: *Yes* / **Permission**: *write:admin:roles* */ 'admin/roles/update-default-policies': { requestBody: { @@ -8853,7 +8861,7 @@ export type operations = { * admin/roles/users * @description No description provided. * - * **Credential required**: *No* / **Permission**: *read:admin* + * **Credential required**: *No* / **Permission**: *read:admin:roles* */ 'admin/roles/users': { requestBody: { @@ -9327,7 +9335,7 @@ export type operations = { * ap/get * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:federation* */ 'ap/get': { requestBody: { @@ -9386,7 +9394,7 @@ export type operations = { * ap/show * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'ap/show': { requestBody: { @@ -13615,7 +13623,7 @@ export type operations = { * federation/update-remote-user * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ 'federation/update-remote-user': { requestBody: { @@ -15200,7 +15208,7 @@ export type operations = { * i * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ i: { responses: { @@ -15853,7 +15861,7 @@ export type operations = { * i/claim-achievement * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'i/claim-achievement': { requestBody: { @@ -17311,7 +17319,7 @@ export type operations = { * i/registry/get-all * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'i/registry/get-all': { requestBody: { @@ -17366,7 +17374,7 @@ export type operations = { * i/registry/get-detail * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'i/registry/get-detail': { requestBody: { @@ -17422,7 +17430,7 @@ export type operations = { * i/registry/get * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'i/registry/get': { requestBody: { @@ -17478,7 +17486,7 @@ export type operations = { * i/registry/keys-with-type * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'i/registry/keys-with-type': { requestBody: { @@ -17533,7 +17541,7 @@ export type operations = { * i/registry/keys * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'i/registry/keys': { requestBody: { @@ -17586,7 +17594,7 @@ export type operations = { * i/registry/remove * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'i/registry/remove': { requestBody: { @@ -17690,7 +17698,7 @@ export type operations = { * i/registry/set * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'i/registry/set': { requestBody: { @@ -18446,7 +18454,7 @@ export type operations = { * invite/create * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ 'invite/create': { responses: { @@ -18492,7 +18500,7 @@ export type operations = { * invite/delete * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:invite-codes* */ 'invite/delete': { requestBody: { @@ -18544,7 +18552,7 @@ export type operations = { * invite/list * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ 'invite/list': { requestBody: { @@ -18602,7 +18610,7 @@ export type operations = { * invite/limit * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:invite-codes* */ 'invite/limit': { responses: { @@ -19282,7 +19290,7 @@ export type operations = { * my/apps * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'my/apps': { requestBody: { @@ -19959,7 +19967,7 @@ export type operations = { * notes/hybrid-timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/hybrid-timeline': { requestBody: { @@ -20101,7 +20109,7 @@ export type operations = { * notes/mentions * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/mentions': { requestBody: { @@ -20162,7 +20170,7 @@ export type operations = { * notes/polls/recommendation * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/polls/recommendation': { requestBody: { @@ -20762,7 +20770,7 @@ export type operations = { * notes/state * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/state': { requestBody: { @@ -20929,7 +20937,7 @@ export type operations = { * notes/timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/timeline': { requestBody: { @@ -21001,7 +21009,7 @@ export type operations = { * notes/translate * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/translate': { requestBody: { @@ -21117,7 +21125,7 @@ export type operations = { * notes/user-list-timeline * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'notes/user-list-timeline': { requestBody: { @@ -22409,7 +22417,7 @@ export type operations = { * promo/read * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'promo/read': { requestBody: { @@ -22461,7 +22469,7 @@ export type operations = { * roles/list * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'roles/list': { responses: { @@ -22625,7 +22633,7 @@ export type operations = { * roles/notes * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'roles/notes': { requestBody: { @@ -22954,6 +22962,7 @@ export type operations = { * sw/show-registration * @description Check push notification registration exists. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ 'sw/show-registration': { @@ -23015,6 +23024,7 @@ export type operations = { * sw/update-registration * @description Update push notification registration. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ 'sw/update-registration': { @@ -23073,6 +23083,7 @@ export type operations = { * sw/register * @description Register to receive push notifications. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ 'sw/register': { @@ -24077,7 +24088,7 @@ export type operations = { * users/lists/favorite * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'users/lists/favorite': { requestBody: { @@ -24129,7 +24140,7 @@ export type operations = { * users/lists/unfavorite * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'users/lists/unfavorite': { requestBody: { @@ -24237,7 +24248,7 @@ export type operations = { * users/lists/create-from-public * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:account* */ 'users/lists/create-from-public': { requestBody: { @@ -24728,7 +24739,7 @@ export type operations = { * users/relation * @description Show the different kinds of relations between the authenticated user and the specified user(s). * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *read:account* */ 'users/relation': { requestBody: { @@ -24803,7 +24814,7 @@ export type operations = { * users/report-abuse * @description File a report. * - * **Credential required**: *Yes* + * **Credential required**: *Yes* / **Permission**: *write:report-abuse* */ 'users/report-abuse': { requestBody: { @@ -25036,7 +25047,7 @@ export type operations = { * users/achievements * @description No description provided. * - * **Credential required**: *Yes* + * **Credential required**: *No* */ 'users/achievements': { requestBody: { @@ -25202,6 +25213,7 @@ export type operations = { * fetch-external-resources * @description No description provided. * + * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties. * **Credential required**: *Yes* */ 'fetch-external-resources': { diff --git a/packages/misskey-js/src/consts.ts b/packages/misskey-js/src/consts.ts index 069f5f9499..9b25e2af74 100644 --- a/packages/misskey-js/src/consts.ts +++ b/packages/misskey-js/src/consts.ts @@ -45,7 +45,55 @@ export const permissions = [ 'write:flash', 'read:flash-likes', 'write:flash-likes', -]; + 'read:admin:abuse-user-reports', + 'write:admin:delete-account', + 'write:admin:delete-all-files-of-a-user', + 'read:admin:index-stats', + 'read:admin:table-stats', + 'read:admin:user-ips', + 'read:admin:meta', + 'write:admin:reset-password', + 'write:admin:resolve-abuse-user-report', + 'write:admin:send-email', + 'read:admin:server-info', + 'read:admin:show-moderation-log', + 'read:admin:show-user', + 'read:admin:show-users', + 'write:admin:suspend-user', + 'write:admin:unset-user-avatar', + 'write:admin:unset-user-banner', + 'write:admin:unsuspend-user', + 'write:admin:meta', + 'write:admin:user-note', + 'write:admin:roles', + 'read:admin:roles', + 'write:admin:relays', + 'read:admin:relays', + 'write:admin:invite-codes', + 'read:admin:invite-codes', + 'write:admin:announcements', + 'read:admin:announcements', + 'write:admin:avatar-decorations', + 'read:admin:avatar-decorations', + 'write:admin:federation', + 'write:admin:account', + 'read:admin:account', + 'write:admin:emoji', + 'read:admin:emoji', + 'write:admin:queue', + 'read:admin:queue', + 'write:admin:promo', + 'write:admin:drive', + 'read:admin:drive', + 'write:admin:ad', + 'read:admin:ad', + 'write:invite-codes', + 'read:invite-codes', + 'write:clip-favorite', + 'read:clip-favorite', + 'read:federation', + 'write:report-abuse', +] as const; export const moderationLogTypes = [ 'updateServerSettings',