2021-11-12 13:11:15 +01:00
|
|
|
import * as sanitizeHtml from 'sanitize-html';
|
2022-09-17 20:27:08 +02:00
|
|
|
import { Inject, Injectable } from '@nestjs/common';
|
2022-09-20 22:33:11 +02:00
|
|
|
import type { UsersRepository, AbuseUserReportsRepository } from '@/models/index.js';
|
2022-09-17 20:27:08 +02:00
|
|
|
import { IdService } from '@/core/IdService.js';
|
|
|
|
import { Endpoint } from '@/server/api/endpoint-base.js';
|
|
|
|
import { GlobalEventService } from '@/core/GlobalEventService.js';
|
|
|
|
import { MetaService } from '@/core/MetaService.js';
|
|
|
|
import { EmailService } from '@/core/EmailService.js';
|
|
|
|
import { DI } from '@/di-symbols.js';
|
2022-06-14 11:01:23 +02:00
|
|
|
import { ApiError } from '../../error.js';
|
2022-09-24 00:15:16 +02:00
|
|
|
import { GetterService } from '@/server/api/GetterService.js';
|
2019-01-19 11:16:48 +01:00
|
|
|
|
|
|
|
export const meta = {
|
2019-02-23 03:20:58 +01:00
|
|
|
tags: ['users'],
|
|
|
|
|
2022-01-18 14:27:10 +01:00
|
|
|
requireCredential: true,
|
2019-01-19 11:16:48 +01:00
|
|
|
|
2022-06-10 07:25:20 +02:00
|
|
|
description: 'File a report.',
|
|
|
|
|
2019-02-22 03:46:58 +01:00
|
|
|
errors: {
|
|
|
|
noSuchUser: {
|
|
|
|
message: 'No such user.',
|
|
|
|
code: 'NO_SUCH_USER',
|
2021-11-12 13:11:15 +01:00
|
|
|
id: '1acefcb5-0959-43fd-9685-b48305736cb5',
|
2019-02-22 03:46:58 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
cannotReportYourself: {
|
|
|
|
message: 'Cannot report yourself.',
|
|
|
|
code: 'CANNOT_REPORT_YOURSELF',
|
2021-11-12 13:11:15 +01:00
|
|
|
id: '1e13149e-b1e8-43cf-902e-c01dbfcb202f',
|
2019-02-22 03:46:58 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
cannotReportAdmin: {
|
|
|
|
message: 'Cannot report the admin.',
|
|
|
|
code: 'CANNOT_REPORT_THE_ADMIN',
|
2021-11-12 13:11:15 +01:00
|
|
|
id: '35e166f5-05fb-4f87-a2d5-adb42676d48f',
|
|
|
|
},
|
|
|
|
},
|
2022-01-18 14:27:10 +01:00
|
|
|
} as const;
|
2019-01-19 11:16:48 +01:00
|
|
|
|
2022-02-20 05:15:40 +01:00
|
|
|
export const paramDef = {
|
2022-02-19 06:05:32 +01:00
|
|
|
type: 'object',
|
|
|
|
properties: {
|
|
|
|
userId: { type: 'string', format: 'misskey:id' },
|
|
|
|
comment: { type: 'string', minLength: 1, maxLength: 2048 },
|
|
|
|
},
|
|
|
|
required: ['userId', 'comment'],
|
|
|
|
} as const;
|
|
|
|
|
2021-11-12 13:11:15 +01:00
|
|
|
// eslint-disable-next-line import/no-default-export
|
2022-09-17 20:27:08 +02:00
|
|
|
@Injectable()
|
|
|
|
export default class extends Endpoint<typeof meta, typeof paramDef> {
|
|
|
|
constructor(
|
|
|
|
@Inject(DI.usersRepository)
|
|
|
|
private usersRepository: UsersRepository,
|
2019-01-19 11:16:48 +01:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
@Inject(DI.abuseUserReportsRepository)
|
|
|
|
private abuseUserReportsRepository: AbuseUserReportsRepository,
|
2019-01-19 11:16:48 +01:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
private idService: IdService,
|
|
|
|
private metaService: MetaService,
|
|
|
|
private emailService: EmailService,
|
|
|
|
private getterService: GetterService,
|
|
|
|
private globalEventService: GlobalEventService,
|
|
|
|
) {
|
|
|
|
super(meta, paramDef, async (ps, me) => {
|
|
|
|
// Lookup user
|
|
|
|
const user = await this.getterService.getUser(ps.userId).catch(err => {
|
|
|
|
if (err.id === '15348ddd-432d-49c2-8a5a-8069753becff') throw new ApiError(meta.errors.noSuchUser);
|
|
|
|
throw err;
|
|
|
|
});
|
|
|
|
|
|
|
|
if (user.id === me.id) {
|
|
|
|
throw new ApiError(meta.errors.cannotReportYourself);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (user.isAdmin) {
|
|
|
|
throw new ApiError(meta.errors.cannotReportAdmin);
|
|
|
|
}
|
2019-02-22 03:46:58 +01:00
|
|
|
|
2022-09-17 20:27:08 +02:00
|
|
|
const report = await this.abuseUserReportsRepository.insert({
|
|
|
|
id: this.idService.genId(),
|
|
|
|
createdAt: new Date(),
|
|
|
|
targetUserId: user.id,
|
|
|
|
targetUserHost: user.host,
|
|
|
|
reporterId: me.id,
|
|
|
|
reporterHost: null,
|
|
|
|
comment: ps.comment,
|
|
|
|
}).then(x => this.abuseUserReportsRepository.findOneByOrFail(x.identifiers[0]));
|
|
|
|
|
|
|
|
// Publish event to moderators
|
|
|
|
setImmediate(async () => {
|
|
|
|
const moderators = await this.usersRepository.find({
|
|
|
|
where: [{
|
|
|
|
isAdmin: true,
|
|
|
|
}, {
|
|
|
|
isModerator: true,
|
|
|
|
}],
|
|
|
|
});
|
|
|
|
|
|
|
|
for (const moderator of moderators) {
|
|
|
|
this.globalEventService.publishAdminStream(moderator.id, 'newAbuseUserReport', {
|
|
|
|
id: report.id,
|
|
|
|
targetUserId: report.targetUserId,
|
|
|
|
reporterId: report.reporterId,
|
|
|
|
comment: report.comment,
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
const meta = await this.metaService.fetch();
|
|
|
|
if (meta.email) {
|
|
|
|
this.emailService.sendEmail(meta.email, 'New abuse report',
|
|
|
|
sanitizeHtml(ps.comment),
|
|
|
|
sanitizeHtml(ps.comment));
|
|
|
|
}
|
2019-01-27 06:55:02 +01:00
|
|
|
});
|
2022-09-17 20:27:08 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|