add notifications for shared access granted/revoked/login
This commit is contained in:
Hazelnoot
parent
2a13e97863
commit
35a167701f
10 changed files with 260 additions and 12 deletions
44
locales/index.d.ts
vendored
44
locales/index.d.ts
vendored
|
|
@ -10434,6 +10434,18 @@ export interface Locale extends ILocale {
|
|||
* Import of {x} has been completed
|
||||
*/
|
||||
"importOfXCompleted": ParameterizedString<"x">;
|
||||
/**
|
||||
* Shared access granted
|
||||
*/
|
||||
"sharedAccessGranted": string;
|
||||
/**
|
||||
* Shared access revoked
|
||||
*/
|
||||
"sharedAccessRevoked": string;
|
||||
/**
|
||||
* Shared access login
|
||||
*/
|
||||
"sharedAccessLogin": string;
|
||||
};
|
||||
"_deck": {
|
||||
/**
|
||||
|
|
@ -13536,7 +13548,39 @@ export interface Locale extends ILocale {
|
|||
* User
|
||||
*/
|
||||
"user": string;
|
||||
/**
|
||||
* default
|
||||
*/
|
||||
"default": string;
|
||||
};
|
||||
/**
|
||||
* Permissions: {num}
|
||||
*/
|
||||
"permissionsLabel": ParameterizedString<"num">;
|
||||
/**
|
||||
* You have been granted shared access to {target} with {rank} rank and {perms} permissions.
|
||||
*/
|
||||
"sharedAccessGranted": ParameterizedString<"target" | "rank" | "perms">;
|
||||
/**
|
||||
* Shared access to {target} has been revoked.
|
||||
*/
|
||||
"sharedAccessRevoked": ParameterizedString<"target">;
|
||||
/**
|
||||
* {target} logged in via shared access.
|
||||
*/
|
||||
"sharedAccessLogin": ParameterizedString<"target">;
|
||||
/**
|
||||
* Unique name to record the purpose of this access token
|
||||
*/
|
||||
"accessTokenNameDescription": string;
|
||||
/**
|
||||
* Are you sure you want to revoke this token?
|
||||
*/
|
||||
"confirmRevokeToken": string;
|
||||
/**
|
||||
* Are you sure you want to revoke this token? {num} shared other users will lose shared access.
|
||||
*/
|
||||
"confirmRevokeSharedToken": ParameterizedString<"num">;
|
||||
}
|
||||
declare const locales: {
|
||||
[lang: string]: Locale;
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import { Inject, Injectable } from '@nestjs/common';
|
|||
import { ModuleRef } from '@nestjs/core';
|
||||
import { In, EntityNotFoundError } from 'typeorm';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import type { FollowRequestsRepository, NotesRepository, MiUser, UsersRepository, MiAccessToken } from '@/models/_.js';
|
||||
import type { FollowRequestsRepository, NotesRepository, MiUser, UsersRepository, MiAccessToken, AccessTokensRepository } from '@/models/_.js';
|
||||
import { awaitAll } from '@/misc/prelude/await-all.js';
|
||||
import type { MiGroupedNotification, MiNotification } from '@/models/Notification.js';
|
||||
import type { MiNote } from '@/models/Note.js';
|
||||
|
|
@ -21,7 +21,7 @@ import type { OnModuleInit } from '@nestjs/common';
|
|||
import type { UserEntityService } from './UserEntityService.js';
|
||||
import type { NoteEntityService } from './NoteEntityService.js';
|
||||
|
||||
const NOTE_REQUIRED_NOTIFICATION_TYPES = new Set(['note', 'mention', 'reply', 'renote', 'renote:grouped', 'quote', 'reaction', 'reaction:grouped', 'pollEnded', 'edited', 'scheduledNotePosted'] as (typeof groupedNotificationTypes[number])[]);
|
||||
const NOTE_REQUIRED_NOTIFICATION_TYPES = new Set(['note', 'mention', 'reply', 'renote', 'renote:grouped', 'quote', 'reaction', 'reaction:grouped', 'pollEnded', 'edited', 'scheduledNotePosted']);
|
||||
|
||||
function undefOnMissing<T>(packPromise: Promise<T>): Promise<T | undefined> {
|
||||
return packPromise.catch(err => {
|
||||
|
|
@ -49,6 +49,9 @@ export class NotificationEntityService implements OnModuleInit {
|
|||
@Inject(DI.followRequestsRepository)
|
||||
private followRequestsRepository: FollowRequestsRepository,
|
||||
|
||||
@Inject(DI.accessTokensRepository)
|
||||
private readonly accessTokensRepository: AccessTokensRepository,
|
||||
|
||||
private cacheService: CacheService,
|
||||
) {
|
||||
}
|
||||
|
|
@ -162,6 +165,9 @@ export class NotificationEntityService implements OnModuleInit {
|
|||
return null;
|
||||
}
|
||||
|
||||
const needsAccessToken = notification.type === 'sharedAccessGranted';
|
||||
const accessToken = (needsAccessToken && notification.tokenId) ? await this.accessTokensRepository.findOneBy({ id: notification.tokenId }) : null;
|
||||
|
||||
return await awaitAll({
|
||||
id: notification.id,
|
||||
createdAt: new Date(notification.createdAt).toISOString(),
|
||||
|
|
@ -200,6 +206,14 @@ export class NotificationEntityService implements OnModuleInit {
|
|||
header: notification.customHeader,
|
||||
icon: notification.customIcon,
|
||||
} : {}),
|
||||
...(notification.type === 'sharedAccessGranted' ? {
|
||||
tokenId: notification.tokenId,
|
||||
token: accessToken ? {
|
||||
id: accessToken.id,
|
||||
permission: accessToken.permission,
|
||||
rank: accessToken.rank,
|
||||
} : null,
|
||||
} : {}),
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -152,6 +152,22 @@ export type MiNotification = {
|
|||
id: string;
|
||||
createdAt: string;
|
||||
noteId: MiNote['id'];
|
||||
} | {
|
||||
type: 'sharedAccessGranted';
|
||||
id: string;
|
||||
createdAt: string;
|
||||
notifierId: MiUser['id'];
|
||||
tokenId: MiAccessToken['id'];
|
||||
} | {
|
||||
type: 'sharedAccessRevoked';
|
||||
id: string;
|
||||
createdAt: string;
|
||||
notifierId: MiUser['id'];
|
||||
} | {
|
||||
type: 'sharedAccessLogin';
|
||||
id: string;
|
||||
createdAt: string;
|
||||
notifierId: MiUser['id'];
|
||||
};
|
||||
|
||||
export type MiGroupedNotification = MiNotification | {
|
||||
|
|
|
|||
|
|
@ -460,6 +460,88 @@ export const packedNotificationSchema = {
|
|||
optional: false, nullable: false,
|
||||
},
|
||||
},
|
||||
}, {
|
||||
type: 'object',
|
||||
properties: {
|
||||
...baseSchema.properties,
|
||||
type: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
enum: ['sharedAccessGranted'],
|
||||
},
|
||||
user: {
|
||||
type: 'object',
|
||||
ref: 'UserLite',
|
||||
optional: false, nullable: false,
|
||||
},
|
||||
userId: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
format: 'id',
|
||||
},
|
||||
token: {
|
||||
type: 'object',
|
||||
optional: false, nullable: true,
|
||||
properties: {
|
||||
id: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
},
|
||||
permission: {
|
||||
type: 'array',
|
||||
optional: false, nullable: false,
|
||||
items: {
|
||||
type: 'string',
|
||||
},
|
||||
},
|
||||
rank: {
|
||||
type: 'string',
|
||||
enum: ['admin', 'mod', 'user'],
|
||||
optional: false, nullable: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}, {
|
||||
type: 'object',
|
||||
properties: {
|
||||
...baseSchema.properties,
|
||||
type: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
enum: ['sharedAccessRevoked'],
|
||||
},
|
||||
user: {
|
||||
type: 'object',
|
||||
ref: 'UserLite',
|
||||
optional: false, nullable: false,
|
||||
},
|
||||
userId: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
format: 'id',
|
||||
},
|
||||
},
|
||||
}, {
|
||||
type: 'object',
|
||||
properties: {
|
||||
...baseSchema.properties,
|
||||
type: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
enum: ['sharedAccessLogin'],
|
||||
},
|
||||
user: {
|
||||
type: 'object',
|
||||
ref: 'UserLite',
|
||||
optional: false, nullable: false,
|
||||
},
|
||||
userId: {
|
||||
type: 'string',
|
||||
optional: false, nullable: false,
|
||||
format: 'id',
|
||||
},
|
||||
},
|
||||
}, {
|
||||
type: 'object',
|
||||
properties: {
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ import { Inject, Injectable } from '@nestjs/common';
|
|||
import { Endpoint } from '@/server/api/endpoint-base.js';
|
||||
import type { AccessTokensRepository } from '@/models/_.js';
|
||||
import { DI } from '@/di-symbols.js';
|
||||
import { NotificationService } from '@/core/NotificationService.js';
|
||||
|
||||
export const meta = {
|
||||
requireCredential: true,
|
||||
|
|
@ -37,29 +38,37 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
constructor(
|
||||
@Inject(DI.accessTokensRepository)
|
||||
private accessTokensRepository: AccessTokensRepository,
|
||||
|
||||
private readonly notificationService: NotificationService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
if (ps.tokenId) {
|
||||
const tokenExist = await this.accessTokensRepository.exists({ where: { id: ps.tokenId } });
|
||||
const tokenExist = await this.accessTokensRepository.findOne({ where: { id: ps.tokenId } });
|
||||
|
||||
if (tokenExist) {
|
||||
for (const granteeId of tokenExist.granteeIds) {
|
||||
this.notificationService.createNotification(granteeId, 'sharedAccessRevoked', {}, me.id);
|
||||
}
|
||||
|
||||
await this.accessTokensRepository.delete({
|
||||
id: ps.tokenId,
|
||||
userId: me.id,
|
||||
});
|
||||
}
|
||||
} else if (ps.token) {
|
||||
const tokenExist = await this.accessTokensRepository.exists({ where: { token: ps.token } });
|
||||
const tokenExist = await this.accessTokensRepository.findOne({ where: { token: ps.token } });
|
||||
|
||||
if (tokenExist) {
|
||||
for (const granteeId of tokenExist.granteeIds) {
|
||||
this.notificationService.createNotification(granteeId, 'sharedAccessRevoked', {}, me.id);
|
||||
}
|
||||
|
||||
await this.accessTokensRepository.delete({
|
||||
token: ps.token,
|
||||
userId: me.id,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// TODO notify of access revoked
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
|
|||
import { DI } from '@/di-symbols.js';
|
||||
import type { AccessTokensRepository } from '@/models/_.js';
|
||||
import { ApiError } from '@/server/api/error.js';
|
||||
import { NotificationService } from '@/core/NotificationService.js';
|
||||
|
||||
export const meta = {
|
||||
requireCredential: true,
|
||||
|
|
@ -57,6 +58,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
constructor(
|
||||
@Inject(DI.accessTokensRepository)
|
||||
private readonly accessTokensRepository: AccessTokensRepository,
|
||||
|
||||
private readonly notificationService: NotificationService,
|
||||
) {
|
||||
super(meta, paramDef, async (ps, me) => {
|
||||
const token = await this.accessTokensRepository.findOneBy({ id: ps.grantId });
|
||||
|
|
@ -69,7 +72,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
throw new ApiError(meta.errors.noSuchAccess);
|
||||
}
|
||||
|
||||
// TODO notify of login
|
||||
this.notificationService.createNotification(token.userId, 'sharedAccessLogin', {}, me.id);
|
||||
|
||||
return {
|
||||
token: token.token,
|
||||
|
|
|
|||
|
|
@ -117,7 +117,11 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
|||
granteeIds: ps.grantees,
|
||||
});
|
||||
|
||||
// TODO notify of access granted
|
||||
if (ps.grantees) {
|
||||
for (const granteeId of ps.grantees) {
|
||||
this.notificationService.createNotification(granteeId, 'sharedAccessGranted', { tokenId: accessTokenId }, me.id);
|
||||
}
|
||||
}
|
||||
|
||||
// アクセストークンが生成されたことを通知
|
||||
this.notificationService.createNotification(me.id, 'createToken', {});
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
<template>
|
||||
<div :class="$style.root">
|
||||
<div :class="$style.head">
|
||||
<MkAvatar v-if="['pollEnded', 'note', 'edited', 'scheduledNotePosted'].includes(notification.type) && 'note' in notification" :class="$style.icon" :user="notification.note.user" link preview/>
|
||||
<MkAvatar v-if="['pollEnded', 'note', 'edited', 'scheduledNotePosted', 'sharedAccessGranted', 'sharedAccessRevoked', 'sharedAccessLogin'].includes(notification.type) && 'note' in notification" :class="$style.icon" :user="notification.note.user" link preview/>
|
||||
<MkAvatar v-else-if="['roleAssigned', 'achievementEarned', 'exportCompleted', 'importCompleted', 'login', 'createToken', 'scheduledNoteFailed'].includes(notification.type)" :class="$style.icon" :user="$i" link preview/>
|
||||
<div v-else-if="notification.type === 'reaction:grouped' && notification.note.reactionAcceptance === 'likeOnly'" :class="[$style.icon, $style.icon_reactionGroupHeart]"><i class="ph-smiley ph-bold ph-lg" style="line-height: 1;"></i></div>
|
||||
<div v-else-if="notification.type === 'reaction:grouped'" :class="[$style.icon, $style.icon_reactionGroup]"><i class="ph-smiley ph-bold ph-lg" style="line-height: 1;"></i></div>
|
||||
|
|
@ -26,7 +26,7 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
[$style.t_achievementEarned]: notification.type === 'achievementEarned',
|
||||
[$style.t_exportCompleted]: notification.type === 'exportCompleted',
|
||||
[$style.t_importCompleted]: notification.type === 'importCompleted',
|
||||
[$style.t_login]: notification.type === 'login',
|
||||
[$style.t_login]: ['login', 'sharedAccessGranted', 'sharedAccessRevoked', 'sharedAccessLogin'].includes(notification.type),
|
||||
[$style.t_createToken]: notification.type === 'createToken',
|
||||
[$style.t_chatRoomInvitationReceived]: notification.type === 'chatRoomInvitationReceived',
|
||||
[$style.t_roleAssigned]: notification.type === 'roleAssigned' && notification.role.iconUrl == null,
|
||||
|
|
@ -34,7 +34,8 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
[$style.t_roleAssigned]: notification.type === 'scheduledNoteFailed',
|
||||
[$style.t_pollEnded]: notification.type === 'scheduledNotePosted',
|
||||
}]"
|
||||
> <!-- we re-use t_pollEnded for "edited" instead of making an identical style -->
|
||||
>
|
||||
<!-- we re-use t_pollEnded for "edited" instead of making an identical style -->
|
||||
<i v-if="notification.type === 'follow'" class="ti ti-plus"></i>
|
||||
<i v-else-if="notification.type === 'receiveFollowRequest'" class="ti ti-clock"></i>
|
||||
<i v-else-if="notification.type === 'followRequestAccepted'" class="ti ti-check"></i>
|
||||
|
|
@ -56,6 +57,9 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
<i v-else-if="notification.type === 'edited'" class="ph-pencil ph-bold ph-lg"></i>
|
||||
<i v-else-if="notification.type === 'scheduledNoteFailed'" class="ti ti-calendar-event"></i>
|
||||
<i v-else-if="notification.type === 'scheduledNotePosted'" class="ti ti-calendar-event"></i>
|
||||
<i v-else-if="notification.type === 'sharedAccessGranted'" class="ph-door-open ph-bold pg-lg"></i>
|
||||
<i v-else-if="notification.type === 'sharedAccessRevoked'" class="ph-lock ph-bold pg-lg"></i>
|
||||
<i v-else-if="notification.type === 'sharedAccessLogin'" class="ph-sign-in ph-bold pg-lg"></i>
|
||||
<!-- notification.reaction が null になることはまずないが、ここでoptional chaining使うと一部ブラウザで刺さるので念の為 -->
|
||||
<MkReactionIcon
|
||||
v-else-if="notification.type === 'reaction'"
|
||||
|
|
@ -86,6 +90,9 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
<span v-else-if="notification.type === 'edited'">{{ i18n.ts._notification.edited }}</span>
|
||||
<span v-else-if="notification.type === 'scheduledNoteFailed'">{{ i18n.ts._notification.scheduledNoteFailed }}</span>
|
||||
<span v-else-if="notification.type === 'scheduledNotePosted'">{{ i18n.ts._notification.scheduledNotePosted }}</span>
|
||||
<span v-else-if="notification.type === 'sharedAccessGranted'">{{ i18n.ts._notification.sharedAccessGranted }}</span>
|
||||
<span v-else-if="notification.type === 'sharedAccessRevoked'">{{ i18n.ts._notification.sharedAccessRevoked }}</span>
|
||||
<span v-else-if="notification.type === 'sharedAccessLogin'">{{ i18n.ts._notification.sharedAccessLogin }}</span>
|
||||
<MkTime v-if="withTime" :time="notification.createdAt" :class="$style.headerTime"/>
|
||||
</header>
|
||||
<div>
|
||||
|
|
@ -191,6 +198,28 @@ SPDX-License-Identifier: AGPL-3.0-only
|
|||
<Mfm :text="getNoteSummary(notification.note)" :isBlock="true" :plain="true" :nowrap="true" :author="notification.note.user"/>
|
||||
<i class="ph-quotes ph-bold ph-lg" :class="$style.quote"></i>
|
||||
</MkA>
|
||||
|
||||
<div v-else-if="notification.type === 'sharedAccessGranted'">
|
||||
<MkA :to="userPage(notification.user)">
|
||||
<I18n :src="i18n.ts.sharedAccessGranted" tag="span">
|
||||
<template #target><MkAcct :user="notification.user"/></template>
|
||||
<template #rank>{{ i18n.ts._ranks[notification.token?.rank ?? 'default'] }}</template>
|
||||
<template #perms>{{ notification.token?.permission.length ?? 0 }}</template>
|
||||
</I18n>
|
||||
</MkA>
|
||||
</div>
|
||||
|
||||
<MkA v-else-if="notification.type === 'sharedAccessRevoked'" :to="userPage(notification.user)">
|
||||
<I18n :src="i18n.ts.sharedAccessRevoked" tag="span">
|
||||
<template #target><MkAcct :user="notification.user"/></template>
|
||||
</I18n>
|
||||
</MkA>
|
||||
|
||||
<MkA v-else-if="notification.type === 'sharedAccessLogin'" :to="userPage(notification.user)">
|
||||
<I18n :src="i18n.ts.sharedAccessLogin" tag="span">
|
||||
<template #target><MkAcct :user="notification.user"/></template>
|
||||
</I18n>
|
||||
</MkA>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -432,8 +461,8 @@ function getActualReactedUsersCount(notification: Misskey.entities.Notification)
|
|||
.headerName {
|
||||
text-overflow: ellipsis;
|
||||
white-space: nowrap;
|
||||
min-width: 0;
|
||||
overflow: hidden;
|
||||
min-width: 0;
|
||||
}
|
||||
|
||||
.headerTime {
|
||||
|
|
|
|||
|
|
@ -5022,6 +5022,42 @@ export type components = {
|
|||
/** Format: id */
|
||||
userId: string;
|
||||
note: components['schemas']['Note'];
|
||||
} | ({
|
||||
/** Format: id */
|
||||
id: string;
|
||||
/** Format: date-time */
|
||||
createdAt: string;
|
||||
/** @enum {string} */
|
||||
type: 'sharedAccessGranted';
|
||||
user: components['schemas']['UserLite'];
|
||||
/** Format: id */
|
||||
userId: string;
|
||||
token: ({
|
||||
id: string;
|
||||
permission: string[];
|
||||
/** @enum {string|null} */
|
||||
rank: 'admin' | 'mod' | 'user';
|
||||
}) | null;
|
||||
}) | {
|
||||
/** Format: id */
|
||||
id: string;
|
||||
/** Format: date-time */
|
||||
createdAt: string;
|
||||
/** @enum {string} */
|
||||
type: 'sharedAccessRevoked';
|
||||
user: components['schemas']['UserLite'];
|
||||
/** Format: id */
|
||||
userId: string;
|
||||
} | {
|
||||
/** Format: id */
|
||||
id: string;
|
||||
/** Format: date-time */
|
||||
createdAt: string;
|
||||
/** @enum {string} */
|
||||
type: 'sharedAccessLogin';
|
||||
user: components['schemas']['UserLite'];
|
||||
/** Format: id */
|
||||
userId: string;
|
||||
} | {
|
||||
/** Format: id */
|
||||
id: string;
|
||||
|
|
|
|||
|
|
@ -329,6 +329,9 @@ _notification:
|
|||
scheduledNoteFailed: "Posting scheduled note failed"
|
||||
scheduledNotePosted: "Scheduled Note was posted"
|
||||
importOfXCompleted: "Import of {x} has been completed"
|
||||
sharedAccessGranted: "Shared access granted"
|
||||
sharedAccessRevoked: "Shared access revoked"
|
||||
sharedAccessLogin: "Shared access login"
|
||||
_types:
|
||||
renote: "Boosts"
|
||||
edited: "Edits"
|
||||
|
|
@ -699,3 +702,11 @@ _ranks:
|
|||
admin: "Admin"
|
||||
mod: "Moderator"
|
||||
user: "User"
|
||||
default: "default"
|
||||
permissionsLabel: "Permissions: {num}"
|
||||
sharedAccessGranted: "You have been granted shared access to {target} with {rank} rank and {perms} permissions."
|
||||
sharedAccessRevoked: "Shared access to {target} has been revoked."
|
||||
sharedAccessLogin: "{target} logged in via shared access."
|
||||
accessTokenNameDescription: "Unique name to record the purpose of this access token"
|
||||
confirmRevokeToken: "Are you sure you want to revoke this token?"
|
||||
confirmRevokeSharedToken: "Are you sure you want to revoke this token? {num} shared other users will lose shared access."
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue