enforce role policies in /notes endpoint

2025-08-13 14:47:37 -04:00 · 2025-08-13 14:47:37 -04:00 · f5df44e028
commit f5df44e028
parent 738106f493
1 changed files with 24 additions and 0 deletions
--- a/packages/backend/src/server/api/endpoints/notes.ts
+++ b/packages/backend/src/server/api/endpoints/notes.ts
@ -9,6 +9,8 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
 import { QueryService } from '@/core/QueryService.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { DI } from '@/di-symbols.js';
+import { ApiError } from '@/server/api/error.js';
+import { RoleService } from '@/core/RoleService.js';

 export const meta = {
 	tags: ['notes'],
@ -23,6 +25,19 @@ export const meta = {
 		},
 	},

+	errors: {
+		gtlDisabled: {
+			message: 'Global timeline has been disabled.',
+			code: 'GTL_DISABLED',
+			id: '0332fc13-6ab2-4427-ae80-a9fadffd1a6b',
+		},
+		ltlDisabled: {
+			message: 'Local timeline has been disabled.',
+			code: 'LTL_DISABLED',
+			id: '45a6eb02-7695-4393-b023-dd3be9aaaefd',
+		},
+	},
+
 	// 120 calls per minute
 	// 200 ms between calls
 	limit: {
@ -55,8 +70,17 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-

 		private noteEntityService: NoteEntityService,
 		private queryService: QueryService,
+		private readonly roleService: RoleService,
 	) {
 		super(meta, paramDef, async (ps, me) => {
+			const policies = await this.roleService.getUserPolicies(me ? me.id : null);
+			if (!ps.local && !policies.gtlAvailable) {
+				throw new ApiError(meta.errors.gtlDisabled);
+			}
+			if (ps.local && !policies.ltlAvailable) {
+				throw new ApiError(meta.errors.ltlDisabled);
+			}
+
 			const query = this.queryService.makePaginationQuery(this.notesRepository.createQueryBuilder('note'), ps.sinceId, ps.untilId)
 				.andWhere('note.visibility = \'public\'')
 				.andWhere('note.localOnly = FALSE')