From 9021bb5694bbe31cbff09d25d5d610fef0cfdda9 Mon Sep 17 00:00:00 2001 From: syuilo Date: Tue, 14 Aug 2018 01:05:58 +0900 Subject: [PATCH] wip --- locales/ja.yml | 18 ++++++++ .../views/pages/admin/admin.dashboard.vue | 27 +++++++++++ .../views/pages/admin/admin.suspend-user.vue | 39 ++++++++++++++++ .../app/desktop/views/pages/admin/admin.vue | 35 ++++++++++++++ src/server/api/call.ts | 8 +++- src/server/api/endpoints.ts | 5 ++ .../api/endpoints/admin/suspend-user.ts | 46 +++++++++++++++++++ 7 files changed, 176 insertions(+), 2 deletions(-) create mode 100644 src/client/app/desktop/views/pages/admin/admin.dashboard.vue create mode 100644 src/client/app/desktop/views/pages/admin/admin.suspend-user.vue create mode 100644 src/client/app/desktop/views/pages/admin/admin.vue create mode 100644 src/server/api/endpoints/admin/suspend-user.ts diff --git a/locales/ja.yml b/locales/ja.yml index 15f3d936de..580ade0ed3 100644 --- a/locales/ja.yml +++ b/locales/ja.yml @@ -897,6 +897,24 @@ desktop/views/components/window.vue: popout: "ポップアウト" close: "閉じる" +desktop/views/pages/admin/admin.vue: + dashboard: "ダッシュボード" + drive: "ドライブ" + users: "ユーザー" + update: "更新" + +desktop/views/paages/admin/admin.dashboard.vue: + dashboard: "ダッシュボード" + all-users: "全てのユーザー" + original-users: "このインスタンスのユーザー" + all-notes: "全てのノート" + original-notes: "このインスタンスのノート" + +desktop/views/pages/admin/admin.suspend-user.vue: + suspend-user: "ユーザーの凍結" + suspend: "凍結" + suspended: "凍結しました" + desktop/views/pages/deck/deck.tl-column.vue: is-media-only: "メディア投稿のみ" is-media-view: "メディアビュー" diff --git a/src/client/app/desktop/views/pages/admin/admin.dashboard.vue b/src/client/app/desktop/views/pages/admin/admin.dashboard.vue new file mode 100644 index 0000000000..ec43b93840 --- /dev/null +++ b/src/client/app/desktop/views/pages/admin/admin.dashboard.vue @@ -0,0 +1,27 @@ + + + diff --git a/src/client/app/desktop/views/pages/admin/admin.suspend-user.vue b/src/client/app/desktop/views/pages/admin/admin.suspend-user.vue new file mode 100644 index 0000000000..d47a4795ee --- /dev/null +++ b/src/client/app/desktop/views/pages/admin/admin.suspend-user.vue @@ -0,0 +1,39 @@ + + + diff --git a/src/client/app/desktop/views/pages/admin/admin.vue b/src/client/app/desktop/views/pages/admin/admin.vue new file mode 100644 index 0000000000..03a356c4a0 --- /dev/null +++ b/src/client/app/desktop/views/pages/admin/admin.vue @@ -0,0 +1,35 @@ + + + diff --git a/src/server/api/call.ts b/src/server/api/call.ts index 1d0e858762..e4bb30b695 100644 --- a/src/server/api/call.ts +++ b/src/server/api/call.ts @@ -1,6 +1,6 @@ import { performance } from 'perf_hooks'; import limitter from './limitter'; -import { IUser } from '../../models/user'; +import { IUser, isLocalUser } from '../../models/user'; import { IApp } from '../../models/app'; import endpoints from './endpoints'; @@ -21,6 +21,10 @@ export default (endpoint: string, user: IUser, app: IApp, data: any, file?: any) return rej('YOUR_ACCOUNT_HAS_BEEN_SUSPENDED'); } + if (ep.meta.requireAdmin && !(isLocalUser(user) && user.isAdmin)) { + return rej('YOU_ARE_NOT_ADMIN'); + } + if (app && ep.meta.kind) { if (!app.permission.some(p => p === ep.meta.kind)) { return rej('PERMISSION_DENIED'); @@ -53,7 +57,7 @@ export default (endpoint: string, user: IUser, app: IApp, data: any, file?: any) const time = after - before; if (time > 1000) { - console.warn(`SLOW API CALL DETECTED: ${ep.name} (${ time }ms)`); + console.warn(`SLOW API CALL DETECTED: ${ep.name} (${time}ms)`); } } catch (e) { rej(e); diff --git a/src/server/api/endpoints.ts b/src/server/api/endpoints.ts index 332a051ae1..d4a44070e6 100644 --- a/src/server/api/endpoints.ts +++ b/src/server/api/endpoints.ts @@ -14,6 +14,11 @@ export interface IEndpointMeta { */ requireCredential?: boolean; + /** + * 管理者のみ使えるエンドポイントか否か + */ + requireAdmin?: boolean; + /** * エンドポイントのリミテーションに関するやつ * 省略した場合はリミテーションは無いものとして解釈されます。 diff --git a/src/server/api/endpoints/admin/suspend-user.ts b/src/server/api/endpoints/admin/suspend-user.ts new file mode 100644 index 0000000000..8698120cdb --- /dev/null +++ b/src/server/api/endpoints/admin/suspend-user.ts @@ -0,0 +1,46 @@ +import $ from 'cafy'; +import ID from '../../../../misc/cafy-id'; +import getParams from '../../get-params'; +import User from '../../../../models/user'; + +export const meta = { + desc: { + ja: '指定したユーザーを凍結します。', + en: 'Suspend a user.' + }, + + requireCredential: true, + requireAdmin: true, + + params: { + userId: $.type(ID).note({ + desc: { + ja: '対象のユーザーID', + en: 'The user ID which you want to suspend' + } + }), + } +}; + +export default (params: any) => new Promise(async (res, rej) => { + const [ps, psErr] = getParams(meta, params); + if (psErr) return rej(psErr); + + const user = await User.findOne({ + _id: ps.userId + }); + + if (user == null) { + return rej('user not found'); + } + + await User.findOneAndUpdate({ + _id: user._id + }, { + $set: { + isSuspended: true + } + }); + + res(); +});