From b8849adbdd8a06b11e92736c905a821d7c687217 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Mar 2022 13:14:49 +0000 Subject: [PATCH 01/36] Bump minimist from 1.2.5 to 1.2.6 in /api Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] --- api/package-lock.json | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/api/package-lock.json b/api/package-lock.json index 1aa41056..de889188 100644 --- a/api/package-lock.json +++ b/api/package-lock.json @@ -4607,8 +4607,9 @@ } }, "../util/node_modules/minimist": { - "version": "1.2.5", - "license": "MIT" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "../util/node_modules/minipass": { "version": "2.9.0", @@ -13196,8 +13197,9 @@ } }, "node_modules/minimist": { - "version": "1.2.5", - "license": "MIT" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "node_modules/minipass": { "version": "3.1.5", @@ -19764,7 +19766,9 @@ } }, "minimist": { - "version": "1.2.5" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "2.9.0", @@ -24388,7 +24392,9 @@ } }, "minimist": { - "version": "1.2.5" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "3.1.5", From 3e72fac692f0de63580b07d77d2ebd2869966c0a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Mar 2022 13:21:03 +0000 Subject: [PATCH 02/36] Bump minimist from 1.2.5 to 1.2.6 in /gateway Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] --- gateway/package-lock.json | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/gateway/package-lock.json b/gateway/package-lock.json index 9b3841af..38bdab90 100644 --- a/gateway/package-lock.json +++ b/gateway/package-lock.json @@ -4479,8 +4479,9 @@ } }, "../util/node_modules/minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "../util/node_modules/minipass": { "version": "2.9.0", @@ -8768,8 +8769,9 @@ } }, "node_modules/minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", "dev": true }, "node_modules/minipass": { @@ -13666,8 +13668,9 @@ } }, "minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "2.9.0", @@ -16870,8 +16873,9 @@ } }, "minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==", "dev": true }, "minipass": { From dc9278bb50883a8a2e11fac1c4a93f1bf84f0edc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Mar 2022 14:18:45 +0000 Subject: [PATCH 03/36] Bump minimist from 1.2.5 to 1.2.6 in /cdn Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] --- cdn/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cdn/package-lock.json b/cdn/package-lock.json index b48833b0..e6e9bb1a 100644 --- a/cdn/package-lock.json +++ b/cdn/package-lock.json @@ -5739,9 +5739,9 @@ } }, "node_modules/minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "node_modules/minipass": { "version": "3.1.6", @@ -12301,9 +12301,9 @@ } }, "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "3.1.6", From 0a4c7b168c6cc025c47617592e1907246ee7c2a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Mar 2022 14:18:18 +0000 Subject: [PATCH 04/36] Bump minimist from 1.2.5 to 1.2.6 in /util Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] --- util/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/util/package-lock.json b/util/package-lock.json index 82e90b36..b2fa8bbf 100644 --- a/util/package-lock.json +++ b/util/package-lock.json @@ -5003,9 +5003,9 @@ } }, "node_modules/minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "node_modules/minipass": { "version": "2.9.0", @@ -12060,9 +12060,9 @@ } }, "minimist": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "2.9.0", From 296949786d5441194ad4fdae6a1c752b7ae31093 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 30 Mar 2022 14:20:32 +0000 Subject: [PATCH 05/36] Bump minimist from 1.2.5 to 1.2.6 in /bundle Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] --- bundle/package-lock.json | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/bundle/package-lock.json b/bundle/package-lock.json index f6e46bc1..4742b4a4 100644 --- a/bundle/package-lock.json +++ b/bundle/package-lock.json @@ -7334,8 +7334,9 @@ } }, "node_modules/minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "node_modules/minipass": { "version": "3.1.5", @@ -16550,8 +16551,9 @@ } }, "minimist": { - "version": "1.2.5", - "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz", + "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q==" }, "minipass": { "version": "3.1.5", From 40f08ed76c35daea8a1e743d2076e27ea4d7e40f Mon Sep 17 00:00:00 2001 From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com> Date: Thu, 31 Mar 2022 01:21:40 +1100 Subject: [PATCH 06/36] Fix typo in table 'client_relase' -> 'client_release' ( and other of the same typo ) (#703) * Fixed typo in table name 'client_relase' -> 'client_release'. Fixed more typos of the same typo. * Fixed migration ( but dirty lol ) --- api/scripts/droptables.sql | 2 +- api/src/routes/downloads.ts | 6 +++--- .../store/published-listings/applications.ts | 2 +- api/src/routes/store/published-listings/skus.ts | 2 +- api/src/routes/updates.ts | 12 ++++++------ bundle/package.json | 2 +- .../{ClientRelase.ts => ClientRelease.ts} | 4 ++-- util/src/entities/Config.ts | 10 +++++----- util/src/entities/index.ts | 2 +- util/src/migrations/1648643945733-ReleaseTypo.ts | 16 ++++++++++++++++ 10 files changed, 37 insertions(+), 21 deletions(-) rename util/src/entities/{ClientRelase.ts => ClientRelease.ts} (81%) create mode 100644 util/src/migrations/1648643945733-ReleaseTypo.ts diff --git a/api/scripts/droptables.sql b/api/scripts/droptables.sql index 57d1b271..8a852048 100644 --- a/api/scripts/droptables.sql +++ b/api/scripts/droptables.sql @@ -26,6 +26,6 @@ DROP TABLE webhooks; DROP TABLE channels; DROP TABLE members; DROP TABLE guilds; -DROP TABLE client_relase; +DROP TABLE client_release; -- DROP TABLE users; -- DROP TABLE config; \ No newline at end of file diff --git a/api/src/routes/downloads.ts b/api/src/routes/downloads.ts index ad78b62f..ddfc080c 100644 --- a/api/src/routes/downloads.ts +++ b/api/src/routes/downloads.ts @@ -1,6 +1,6 @@ import { Router, Response, Request } from "express"; import { route } from "@fosscord/api"; -import { Relase, Config } from "@fosscord/util"; +import { Release, Config } from "@fosscord/util"; const router = Router(); @@ -12,9 +12,9 @@ router.get("/:branch", route({}), async (req: Request, res: Response) => { if(!platform || !["linux", "osx", "win"].includes(platform.toString())) return res.status(404) - const relase = await Relase.findOneOrFail({ name: client.relases.upstreamVersion }); + const release = await Release.findOneOrFail({ name: client.releases.upstreamVersion }); - res.redirect(relase[`win_url`]); + res.redirect(release[`win_url`]); }); export default router; diff --git a/api/src/routes/store/published-listings/applications.ts b/api/src/routes/store/published-listings/applications.ts index f06a01e4..060a4c3d 100644 --- a/api/src/routes/store/published-listings/applications.ts +++ b/api/src/routes/store/published-listings/applications.ts @@ -18,7 +18,7 @@ router.get("/:id", route({}), async (req: Request, res: Response) => { access_type: 2, name: "", features: [], - relase_date: "", + release_date: "", premium: false, slug: "", flags: 4, diff --git a/api/src/routes/store/published-listings/skus.ts b/api/src/routes/store/published-listings/skus.ts index f06a01e4..060a4c3d 100644 --- a/api/src/routes/store/published-listings/skus.ts +++ b/api/src/routes/store/published-listings/skus.ts @@ -18,7 +18,7 @@ router.get("/:id", route({}), async (req: Request, res: Response) => { access_type: 2, name: "", features: [], - relase_date: "", + release_date: "", premium: false, slug: "", flags: 4, diff --git a/api/src/routes/updates.ts b/api/src/routes/updates.ts index 4682ce7c..cb4577c8 100644 --- a/api/src/routes/updates.ts +++ b/api/src/routes/updates.ts @@ -1,19 +1,19 @@ import { Router, Response, Request } from "express"; import { route } from "@fosscord/api"; -import { Config, Relase } from "@fosscord/util"; +import { Config, Release } from "@fosscord/util"; const router = Router(); router.get("/", route({}), async (req: Request, res: Response) => { const { client } = Config.get(); - const relase = await Relase.findOneOrFail({ name: client.relases.upstreamVersion}) + const release = await Release.findOneOrFail({ name: client.releases.upstreamVersion}) res.json({ - name: relase.name, - pub_date: relase.pub_date, - url: relase.url, - notes: relase.notes + name: release.name, + pub_date: release.pub_date, + url: release.url, + notes: release.notes }); }); diff --git a/bundle/package.json b/bundle/package.json index 3754a3bf..7d68427f 100644 --- a/bundle/package.json +++ b/bundle/package.json @@ -111,4 +111,4 @@ "typescript-json-schema": "^0.50.1", "ws": "^7.4.2" } -} +} \ No newline at end of file diff --git a/util/src/entities/ClientRelase.ts b/util/src/entities/ClientRelease.ts similarity index 81% rename from util/src/entities/ClientRelase.ts rename to util/src/entities/ClientRelease.ts index e021b82b..c5afd307 100644 --- a/util/src/entities/ClientRelase.ts +++ b/util/src/entities/ClientRelease.ts @@ -1,8 +1,8 @@ import { Column, Entity} from "typeorm"; import { BaseClass } from "./BaseClass"; -@Entity("client_relase") -export class Relase extends BaseClass { +@Entity("client_release") +export class Release extends BaseClass { @Column() name: string; diff --git a/util/src/entities/Config.ts b/util/src/entities/Config.ts index f4a266dc..8d29b387 100644 --- a/util/src/entities/Config.ts +++ b/util/src/entities/Config.ts @@ -188,8 +188,8 @@ export interface ConfigValue { }, client: { useTestClient: Boolean; - relases: { - useLocalRelases: Boolean; //TODO + releases: { + useLocalRelease: Boolean; //TODO upstreamVersion: string; } }, @@ -222,7 +222,7 @@ export const DefaultConfigOptions: ConfigValue = { }, general: { instanceName: "Fosscord Instance", - instanceDescription: "This is a Fosscord instance made in pre-relase days", + instanceDescription: "This is a Fosscord instance made in pre-release days", frontPage: null, tosPage: null, correspondenceEmail: "noreply@localhost.local", @@ -389,8 +389,8 @@ export const DefaultConfigOptions: ConfigValue = { }, client: { useTestClient: true, - relases: { - useLocalRelases: true, + releases: { + useLocalRelease: true, upstreamVersion: "0.0.264" } }, diff --git a/util/src/entities/index.ts b/util/src/entities/index.ts index fc18d422..f023d5a6 100644 --- a/util/src/entities/index.ts +++ b/util/src/entities/index.ts @@ -27,4 +27,4 @@ export * from "./Template"; export * from "./User"; export * from "./VoiceState"; export * from "./Webhook"; -export * from "./ClientRelase"; \ No newline at end of file +export * from "./ClientRelease"; \ No newline at end of file diff --git a/util/src/migrations/1648643945733-ReleaseTypo.ts b/util/src/migrations/1648643945733-ReleaseTypo.ts new file mode 100644 index 00000000..944b9dd9 --- /dev/null +++ b/util/src/migrations/1648643945733-ReleaseTypo.ts @@ -0,0 +1,16 @@ +import { MigrationInterface, QueryRunner } from "typeorm"; + +export class ReleaseTypo1648643945733 implements MigrationInterface { + name = "ReleaseTypo1648643945733"; + + public async up(queryRunner: QueryRunner): Promise { + //drop table first because typeorm creates it before migrations run + await queryRunner.dropTable("client_release", true); + await queryRunner.renameTable("client_relase", "client_release"); + } + + public async down(queryRunner: QueryRunner): Promise { + await queryRunner.dropTable("client_relase", true); + await queryRunner.renameTable("client_release", "client_relase"); + } +} From 31bfe2a22a81b0878e9232d91b19925ff12d4007 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sat, 2 Apr 2022 10:22:54 +0300 Subject: [PATCH 07/36] =?UTF-8?q?first=20steps=20for=20E2EE=20support=20?= =?UTF-8?q?=E2=80=94=20channel=20security=20settings=20event?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- util/src/entities/Encryption.ts | 35 +++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 util/src/entities/Encryption.ts diff --git a/util/src/entities/Encryption.ts b/util/src/entities/Encryption.ts new file mode 100644 index 00000000..3b82ff84 --- /dev/null +++ b/util/src/entities/Encryption.ts @@ -0,0 +1,35 @@ +import { Column, Entity, JoinColumn, ManyToOne, OneToMany, RelationId } from "typeorm"; +import { BaseClass } from "./BaseClass"; +import { Guild } from "./Guild"; +import { PublicUserProjection, User } from "./User"; +import { HTTPError } from "lambert-server"; +import { containsAll, emitEvent, getPermission, Snowflake, trimSpecial, InvisibleCharacters } from "../util"; +import { BitField, BitFieldResolvable, BitFlag } from "../util/BitField"; +import { Recipient } from "./Recipient"; +import { Message } from "./Message"; +import { ReadState } from "./ReadState"; +import { Invite } from "./Invite"; +import { DmChannelDTO } from "../dtos"; + +@Entity("security_settings") +export class SecuritySettings extends BaseClass { + + @Column({nullable: true}) + guild_id: Snowflake; + + @Column({nullable: true}) + channel_id: Snowflake; + + @Column() + encryption_permission_mask: BitField; + + @Column() + allowed_algorithms: string[]; + + @Column() + current_algorithm: string; + + @Column({nullable: true}) + used_since_message: Snowflake; + +} From 18aa4c405bab0ebf2c7dd1fd1d7e33475f764c6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sat, 2 Apr 2022 12:06:14 +0300 Subject: [PATCH 08/36] More message types --- util/src/entities/Message.ts | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/util/src/entities/Message.ts b/util/src/entities/Message.ts index e577d5df..04b04747 100644 --- a/util/src/entities/Message.ts +++ b/util/src/entities/Message.ts @@ -41,8 +41,14 @@ export enum MessageType { CHANNEL_FOLLOW_ADD = 12, GUILD_DISCOVERY_DISQUALIFIED = 14, GUILD_DISCOVERY_REQUALIFIED = 15, + ENCRYPTED = 16, REPLY = 19, APPLICATION_COMMAND = 20, + ROUTE_ADDED = 41, // custom message routing: new route affecting that channel + ROUTE_DISABLED = 42, // custom message routing: given route no longer affecting that channel + ENCRYPTION = 50, + CUSTOM_START = 63, + UNHANDLED = 255 } @Entity("messages") @@ -203,6 +209,7 @@ export interface MessageComponent { } export enum MessageComponentType { + Script = 0, // self command script ActionRow = 1, Button = 2, } From 1a3812a483f63c1f78b12a1e0182d139bc8af921 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sun, 3 Apr 2022 14:49:16 +0300 Subject: [PATCH 09/36] Add our custom channel types --- util/src/entities/Channel.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/util/src/entities/Channel.ts b/util/src/entities/Channel.ts index 08be1e02..4bf81901 100644 --- a/util/src/entities/Channel.ts +++ b/util/src/entities/Channel.ts @@ -20,13 +20,17 @@ export enum ChannelType { GROUP_DM = 3, // a direct message between multiple users GUILD_CATEGORY = 4, // an organizational category that contains zero or more channels GUILD_NEWS = 5, // a channel that users can follow and crosspost into a guild or route - GUILD_STORE = 6, // a channel in which game developers can sell their game on Discord + GUILD_STORE = 6, // a channel in which game developers can sell their things ENCRYPTED = 7, // end-to-end encrypted channel ENCRYPTED_THREAD = 8, // end-to-end encrypted thread channel + TRANSACTIONAL = 9, // event chain style transactional channel GUILD_NEWS_THREAD = 10, // a temporary sub-channel within a GUILD_NEWS channel GUILD_PUBLIC_THREAD = 11, // a temporary sub-channel within a GUILD_TEXT channel GUILD_PRIVATE_THREAD = 12, // a temporary sub-channel within a GUILD_TEXT channel that is only viewable by those invited and those with the MANAGE_THREADS permission GUILD_STAGE_VOICE = 13, // a voice channel for hosting events with an audience + TICKET_TRACKER = 33, // ticket tracker, individual ticket items shall have type 12 + KANBAN = 34, // confluence like kanban board + VOICELESS_WHITEBOARD = 35, // whiteboard but without voice (whiteboard + voice is the same as stage) CUSTOM_START = 64, // start custom channel types from here UNHANDLED = 255 // unhandled unowned pass-through channel type } From fac61d7f6a52145580c167c8f3394820604db512 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Mon, 4 Apr 2022 18:22:37 +0300 Subject: [PATCH 10/36] Revert "Make member.premium_since ISO8601 timestamp" (#710) This reverts commit 093ae5558007031253b5dadb5a5be96dd265683d. --- util/src/entities/Member.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/src/entities/Member.ts b/util/src/entities/Member.ts index 928a25d7..a246b891 100644 --- a/util/src/entities/Member.ts +++ b/util/src/entities/Member.ts @@ -85,8 +85,8 @@ export class Member extends BaseClassWithoutId { @Column() joined_at: Date; - @Column() - premium_since?: Date; + @Column({ type: "bigint", nullable: true }) + premium_since?: number; @Column() deaf: boolean; @@ -245,7 +245,7 @@ export class Member extends BaseClassWithoutId { nick: undefined, roles: [guild_id], // @everyone role joined_at: new Date(), - premium_since: new Date(), + premium_since: (new Date()).getTime(), deaf: false, mute: false, pending: false, From d08689b4180c2a66382ca9a6174b1c177076a65f Mon Sep 17 00:00:00 2001 From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com> Date: Tue, 5 Apr 2022 19:58:34 +1000 Subject: [PATCH 11/36] User Notes (#707) * Notes implementation. Bug: Client does not save note locally after uploading to server. Client does save after reloading page. Is this due to the response being sent by PUT? * I don't know why the client doesn't do optimistic UI updates with this, or any updates at all without reloading the page * Added USER_NOTE_UPDATE event, thanks @TheRealGeoDash2019 ! --- api/src/routes/users/@me/notes.ts | 35 ++++++++++++++++++++++++++----- util/src/entities/User.ts | 4 ++++ util/src/interfaces/Event.ts | 1 + 3 files changed, 35 insertions(+), 5 deletions(-) diff --git a/api/src/routes/users/@me/notes.ts b/api/src/routes/users/@me/notes.ts index 96067bf5..4887b191 100644 --- a/api/src/routes/users/@me/notes.ts +++ b/api/src/routes/users/@me/notes.ts @@ -1,14 +1,39 @@ import { Request, Response, Router } from "express"; import { route } from "@fosscord/api"; +import { User, emitEvent } from "@fosscord/util"; const router: Router = Router(); +router.get("/:id", route({}), async (req: Request, res: Response) => { + const { id } = req.params; + const user = await User.findOneOrFail({ where: { id: req.user_id }, select: ["notes"] }); + + const note = user.notes[id]; + return res.json({ + note: note, + note_user_id: id, + user_id: user.id, + }); +}); + router.put("/:id", route({}), async (req: Request, res: Response) => { - //TODO - res.json({ - message: "Unknown User", - code: 10013 - }).status(404); + const { id } = req.params; + const user = await User.findOneOrFail({ where: { id: req.user_id } }); + const noteUser = await User.findOneOrFail({ where: { id: id }}); //if noted user does not exist throw + const { note } = req.body; + + await User.update({ id: req.user_id }, { notes: { ...user.notes, [noteUser.id]: note } }); + + await emitEvent({ + event: "USER_NOTE_UPDATE", + data: { + note: note, + id: noteUser.id + }, + user_id: user.id, + }) + + return res.status(204); }); export default router; diff --git a/util/src/entities/User.ts b/util/src/entities/User.ts index ed7bd4ce..7091ee24 100644 --- a/util/src/entities/User.ts +++ b/util/src/entities/User.ts @@ -164,6 +164,9 @@ export class User extends BaseClass { @Column({ type: "simple-json", select: false }) settings: UserSettings; + @Column({ type: "simple-json" }) + notes: { [key: string]: string }; //key is ID of user + toPublicUser() { const user: any = {}; PublicUserProjection.forEach((x) => { @@ -271,6 +274,7 @@ export class User extends BaseClass { }, settings: { ...defaultSettings, locale: language }, fingerprints: [], + notes: {}, }); await user.save(); diff --git a/util/src/interfaces/Event.ts b/util/src/interfaces/Event.ts index a5253c09..416082ed 100644 --- a/util/src/interfaces/Event.ts +++ b/util/src/interfaces/Event.ts @@ -623,6 +623,7 @@ export type EVENT = | "PRESENCE_UPDATE" | "TYPING_START" | "USER_UPDATE" + | "USER_NOTE_UPDATE" | "WEBHOOKS_UPDATE" | "INTERACTION_CREATE" | "VOICE_STATE_UPDATE" From 3702c9c1670cb6716ba203eeb32080b226914f28 Mon Sep 17 00:00:00 2001 From: Samuel <34555296+Flam3rboy@users.noreply.github.com> Date: Mon, 4 Apr 2022 15:10:50 +0200 Subject: [PATCH 12/36] New translations common.json (Hebrew) --- api/locales/he/common.json | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/api/locales/he/common.json b/api/locales/he/common.json index 8bb9c042..9e72e941 100644 --- a/api/locales/he/common.json +++ b/api/locales/he/common.json @@ -7,12 +7,12 @@ "BASE_TYPE_BOOLEAN": "This field must be a boolean", "BASE_TYPE_CHOICES": "This field must be one of ({{types}})", "BASE_TYPE_CLASS": "This field must be an instance of {{type}}", - "BASE_TYPE_OBJECT": "This field must be an object", - "BASE_TYPE_ARRAY": "This field must be an array", - "UNKOWN_FIELD": "Unknown key: {{key}}", - "BASE_TYPE_CONSTANT": "This field must be {{value}}", - "EMAIL_TYPE_INVALID_EMAIL": "Not a well-formed email address", - "DATE_TYPE_PARSE": "Could not parse {{date}}. Should be ISO8601", - "BASE_TYPE_BAD_LENGTH": "Must be between {{length}} in length" + "BASE_TYPE_OBJECT": "שדה זה חייב להיות אובייקט", + "BASE_TYPE_ARRAY": "שדה זה חייב להיות מערך", + "UNKOWN_FIELD": "מפתח לא ידוע: {{key}}", + "BASE_TYPE_CONSTANT": "שדה זה להיות {{value}}", + "EMAIL_TYPE_INVALID_EMAIL": "כתובת דואר אלקטרוני לא חוקית", + "DATE_TYPE_PARSE": "לא ניתן לנתח {{date}}. צריך להיות ISO8601", + "BASE_TYPE_BAD_LENGTH": "האורך חייב להיות בין {{length}}" } } From 9d753774094ffc85ad43307221a4aeb330f8e172 Mon Sep 17 00:00:00 2001 From: Luna Alfien Date: Wed, 6 Apr 2022 16:07:50 -0700 Subject: [PATCH 13/36] Fix 404 URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1bcea1e3..a15a4b64 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,6 @@ This repository contains: - [Contributing](https://docs.fosscord.com/contributing/server/) -## [Setup](https://docs.fosscord.com/setup/server/) +## [Setup](https://docs.fosscord.com/server/setup/) - [Download](https://github.com/fosscord/fosscord-server/releases) From f8bb47508659a58faa222ef42fd61f64016f94d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Thu, 7 Apr 2022 17:49:44 +0300 Subject: [PATCH 14/36] with public read receipts explicitly stored, no need to store manual flag of the read mark --- util/src/entities/ReadState.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/src/entities/ReadState.ts b/util/src/entities/ReadState.ts index e6d73105..b915573b 100644 --- a/util/src/entities/ReadState.ts +++ b/util/src/entities/ReadState.ts @@ -49,6 +49,7 @@ export class ReadState extends BaseClass { @Column({ nullable: true }) mention_count: number; - @Column({ nullable: true }) + // @Column({ nullable: true }) + // TODO: derive this from (last_message_id=notifications_cursor=public_ack)=true manual: boolean; } From 742e534e31e332ecf49ea5aacc734ef52958bd20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Thu, 7 Apr 2022 23:13:43 +0300 Subject: [PATCH 15/36] scheduled maintenances --- .../routes/scheduled-maintenances/upcoming_json.ts | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 api/src/routes/scheduled-maintenances/upcoming_json.ts diff --git a/api/src/routes/scheduled-maintenances/upcoming_json.ts b/api/src/routes/scheduled-maintenances/upcoming_json.ts new file mode 100644 index 00000000..83092e44 --- /dev/null +++ b/api/src/routes/scheduled-maintenances/upcoming_json.ts @@ -0,0 +1,12 @@ +import { Router, Request, Response } from "express"; +import { route } from "@fosscord/api"; +const router = Router(); + +router.get("/scheduled-maintenances/upcoming.json",route({}), async (req: Request, res: Response) => { + res.json({ + "page": {}, + "scheduled_maintenances": {} + }); +}); + +export default router; From c5de68d0bc24c939987060ce593ddb1182c3df74 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Thu, 7 Apr 2022 23:15:41 +0300 Subject: [PATCH 16/36] added the maintenance listing endpoint --- api/src/middlewares/Authentication.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts index 429cf11e..5a08caf3 100644 --- a/api/src/middlewares/Authentication.ts +++ b/api/src/middlewares/Authentication.ts @@ -15,6 +15,7 @@ export const NO_AUTHORIZATION_ROUTES = [ "/experiments", "/updates", "/downloads/", + "/scheduled-maintenances/upcoming.json", // Public kubernetes integration "/-/readyz", "/-/healthz", From d1f24b25370203a7604853727dc535eb87c21122 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Thu, 7 Apr 2022 23:47:26 +0300 Subject: [PATCH 17/36] More rights stuff --- util/src/util/Rights.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/util/src/util/Rights.ts b/util/src/util/Rights.ts index db5384d0..dedbfe30 100644 --- a/util/src/util/Rights.ts +++ b/util/src/util/Rights.ts @@ -1,6 +1,7 @@ import { BitField } from "./BitField"; import "missing-native-js-functions"; import { BitFieldResolvable, BitFlag } from "./BitField"; +import { User } from "../entities"; var HTTPError: any; @@ -85,6 +86,16 @@ export class Rights extends BitField { // @ts-ignore throw new HTTPError(`You are missing the following rights ${permission}`, 403); } + + export async function getRight( + user_id: string, + /** opts: { + in_behalf?: (keyof User)[]; + } = {} **/) + { + user = await User.findOneOrFail({ where: { id: user_id } }); + return new Rights(user.right); + } } const ALL_RIGHTS = Object.values(Rights.FLAGS).reduce((total, val) => total | val, BigInt(0)); From 785544e1c8d7b579f161c0b3ca0c6e13e44cae18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 00:00:22 +0300 Subject: [PATCH 18/36] Update index.ts --- .../#channel_id/messages/#message_id/index.ts | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts index 7f7de264..bdc34a81 100644 --- a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts +++ b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts @@ -1,4 +1,4 @@ -import { Channel, emitEvent, getPermission, MessageDeleteEvent, Message, MessageUpdateEvent } from "@fosscord/util"; +import { Channel, emitEvent, getPermission, getRight MessageDeleteEvent, Message, MessageUpdateEvent } from "@fosscord/util"; import { Router, Response, Request } from "express"; import { route } from "@fosscord/api"; import { handleMessage, postHandleMessage } from "@fosscord/api"; @@ -7,18 +7,21 @@ import { MessageCreateSchema } from "../index"; const router = Router(); // TODO: message content/embed string length limit -router.patch("/", route({ body: "MessageCreateSchema", permission: "SEND_MESSAGES" }), async (req: Request, res: Response) => { +router.patch("/", route({ body: "MessageCreateSchema", permission: "SEND_MESSAGES", right: "SEND_MESSAGES" }), async (req: Request, res: Response) => { const { message_id, channel_id } = req.params; var body = req.body as MessageCreateSchema; const message = await Message.findOneOrFail({ where: { id: message_id, channel_id }, relations: ["attachments"] }); const permissions = await getPermission(req.user_id, undefined, channel_id); + + const rights = await getRights(req.user_id); - if (req.user_id !== message.author_id) { + if ((req.user_id !== message.author_id)) { + if (rights.has("MANAGE_MESSAGES")) break; permissions.hasThrow("MANAGE_MESSAGES"); body = { flags: body.flags }; // admins can only suppress embeds of other messages - } + } else rights.hasThrow("SELF_EDIT_MESSAGES"); const new_message = await handleMessage({ ...message, @@ -46,17 +49,17 @@ router.patch("/", route({ body: "MessageCreateSchema", permission: "SEND_MESSAGE return res.json(message); }); -// permission check only if deletes messagr from other user router.delete("/", route({}), async (req: Request, res: Response) => { const { message_id, channel_id } = req.params; const channel = await Channel.findOneOrFail({ id: channel_id }); const message = await Message.findOneOrFail({ id: message_id }); - if (message.author_id !== req.user_id) { + if ((message.author_id !== req.user_id)) { + if (rights.has("MANAGE_MESSAGES")) break; const permission = await getPermission(req.user_id, channel.guild_id, channel_id); permission.hasThrow("MANAGE_MESSAGES"); - } + } else rights.hasThrow("SELF_DELETE_MESSAGES"); await Message.delete({ id: message_id }); From ec07a9f415eb34eac2249c9fdaf0769f880717d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 10:26:20 +0300 Subject: [PATCH 19/36] fix the build mistakes from yesternight --- .../#channel_id/messages/#message_id/index.ts | 19 ++++++++++++------- util/src/util/Rights.ts | 17 ++++++++--------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts index bdc34a81..58dfb1cc 100644 --- a/api/src/routes/channels/#channel_id/messages/#message_id/index.ts +++ b/api/src/routes/channels/#channel_id/messages/#message_id/index.ts @@ -1,4 +1,4 @@ -import { Channel, emitEvent, getPermission, getRight MessageDeleteEvent, Message, MessageUpdateEvent } from "@fosscord/util"; +import { Channel, emitEvent, getPermission, getRights, MessageDeleteEvent, Message, MessageUpdateEvent } from "@fosscord/util"; import { Router, Response, Request } from "express"; import { route } from "@fosscord/api"; import { handleMessage, postHandleMessage } from "@fosscord/api"; @@ -18,9 +18,11 @@ router.patch("/", route({ body: "MessageCreateSchema", permission: "SEND_MESSAGE const rights = await getRights(req.user_id); if ((req.user_id !== message.author_id)) { - if (rights.has("MANAGE_MESSAGES")) break; - permissions.hasThrow("MANAGE_MESSAGES"); - body = { flags: body.flags }; // admins can only suppress embeds of other messages + if (!rights.has("MANAGE_MESSAGES")) { + permissions.hasThrow("MANAGE_MESSAGES"); + body = { flags: body.flags }; +// guild admins can only suppress embeds of other messages, no such restriction imposed to instance-wide admins + } } else rights.hasThrow("SELF_EDIT_MESSAGES"); const new_message = await handleMessage({ @@ -54,11 +56,14 @@ router.delete("/", route({}), async (req: Request, res: Response) => { const channel = await Channel.findOneOrFail({ id: channel_id }); const message = await Message.findOneOrFail({ id: message_id }); + + const rights = await getRights(req.user_id); if ((message.author_id !== req.user_id)) { - if (rights.has("MANAGE_MESSAGES")) break; - const permission = await getPermission(req.user_id, channel.guild_id, channel_id); - permission.hasThrow("MANAGE_MESSAGES"); + if (!rights.has("MANAGE_MESSAGES")) { + const permission = await getPermission(req.user_id, channel.guild_id, channel_id); + permission.hasThrow("MANAGE_MESSAGES"); + } } else rights.hasThrow("SELF_DELETE_MESSAGES"); await Message.delete({ id: message_id }); diff --git a/util/src/util/Rights.ts b/util/src/util/Rights.ts index dedbfe30..35ad9514 100644 --- a/util/src/util/Rights.ts +++ b/util/src/util/Rights.ts @@ -87,15 +87,14 @@ export class Rights extends BitField { throw new HTTPError(`You are missing the following rights ${permission}`, 403); } - export async function getRight( - user_id: string, - /** opts: { - in_behalf?: (keyof User)[]; - } = {} **/) - { - user = await User.findOneOrFail({ where: { id: user_id } }); - return new Rights(user.right); - } } const ALL_RIGHTS = Object.values(Rights.FLAGS).reduce((total, val) => total | val, BigInt(0)); + +export async function getRights( user_id: string + /**, opts: { + in_behalf?: (keyof User)[]; + } = {} **/) { + let user = await User.findOneOrFail({ where: { id: user_id } }); + return new Rights(user.rights); +} From 5774c037eedba9f7c05d66f86f350a0a480f82a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 10:53:05 +0300 Subject: [PATCH 20/36] add joined_by to allow for separate treatment of force-joiners --- util/src/entities/Member.ts | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/util/src/entities/Member.ts b/util/src/entities/Member.ts index a246b891..ae889a85 100644 --- a/util/src/entities/Member.ts +++ b/util/src/entities/Member.ts @@ -70,7 +70,7 @@ export class Member extends BaseClassWithoutId { @Column({ nullable: true }) nick?: string; - + @JoinTable({ name: "member_roles", joinColumn: { name: "index", referencedColumnName: "index" }, @@ -102,8 +102,17 @@ export class Member extends BaseClassWithoutId { @Column({ nullable: true }) last_message_id?: string; + + /** + @JoinColumn({ name: "id" }) + @ManyToOne(() => User, { + onDelete: "DO NOTHING", + // do not auto-kick force-joined members just because their joiners left the server + }) **/ + @Column({ nullable: true }) + joined_by: string; - // TODO: update + // TODO: add this when we have proper read receipts // @Column({ type: "simple-json" }) // read_state: ReadState; From 68d1b6efd20d9c666e86326c4437f113809a6d82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 10:53:49 +0300 Subject: [PATCH 21/36] optional --- util/src/entities/Member.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/util/src/entities/Member.ts b/util/src/entities/Member.ts index ae889a85..fe2d5590 100644 --- a/util/src/entities/Member.ts +++ b/util/src/entities/Member.ts @@ -109,8 +109,8 @@ export class Member extends BaseClassWithoutId { onDelete: "DO NOTHING", // do not auto-kick force-joined members just because their joiners left the server }) **/ - @Column({ nullable: true }) - joined_by: string; + @Column({ nullable: true}) + joined_by?: string; // TODO: add this when we have proper read receipts // @Column({ type: "simple-json" }) From 22952ef928808d4112e0bd3c2a5b867d3e4c4b1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:02:11 +0300 Subject: [PATCH 22/36] enforce the rights --- api/src/util/handlers/Message.ts | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/api/src/util/handlers/Message.ts b/api/src/util/handlers/Message.ts index 2d9f7032..f0ecf416 100644 --- a/api/src/util/handlers/Message.ts +++ b/api/src/util/handlers/Message.ts @@ -7,6 +7,7 @@ import { MessageCreateEvent, MessageUpdateEvent, getPermission, + getRights, CHANNEL_MENTION, Snowflake, USER_MENTION, @@ -61,17 +62,18 @@ export async function handleMessage(opts: MessageOptions): Promise { throw new HTTPError("Content length over max character limit") } - // TODO: are tts messages allowed in dm channels? should permission be checked? if (opts.author_id) { message.author = await User.getPublicUser(opts.author_id); - } + const rights = await getRights(opts.author_id); + rights.hasThrow("SEND_MESSAGES"); + } if (opts.application_id) { message.application = await Application.findOneOrFail({ id: opts.application_id }); } if (opts.webhook_id) { message.webhook = await Webhook.findOneOrFail({ id: opts.webhook_id }); } - + const permission = await getPermission(opts.author_id, channel.guild_id, opts.channel_id); permission.hasThrow("SEND_MESSAGES"); // TODO: add the rights check if (permission.cache.member) { From be3f796f3462ce925c445d710e848425ac1f9d94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:05:19 +0300 Subject: [PATCH 23/36] remove todos that are implemented --- api/src/util/handlers/Message.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/api/src/util/handlers/Message.ts b/api/src/util/handlers/Message.ts index f0ecf416..5a5ac666 100644 --- a/api/src/util/handlers/Message.ts +++ b/api/src/util/handlers/Message.ts @@ -75,7 +75,7 @@ export async function handleMessage(opts: MessageOptions): Promise { } const permission = await getPermission(opts.author_id, channel.guild_id, opts.channel_id); - permission.hasThrow("SEND_MESSAGES"); // TODO: add the rights check + permission.hasThrow("SEND_MESSAGES"); if (permission.cache.member) { message.member = permission.cache.member; } @@ -83,7 +83,7 @@ export async function handleMessage(opts: MessageOptions): Promise { if (opts.tts) permission.hasThrow("SEND_TTS_MESSAGES"); if (opts.message_reference) { permission.hasThrow("READ_MESSAGE_HISTORY"); - // code below has to be redone when we add custom message routing and cross-channel replies + // code below has to be redone when we add custom message routing if (message.guild_id !== null) { const guild = await Guild.findOneOrFail({ id: channel.guild_id }); if (!guild.features.includes("CROSS_CHANNEL_REPLIES")) { @@ -91,7 +91,7 @@ export async function handleMessage(opts: MessageOptions): Promise { if (opts.message_reference.channel_id !== opts.channel_id) throw new HTTPError("You can only reference messages from this channel"); } } - // TODO: should be checked if the referenced message exists? + // Q: should be checked if the referenced message exists? ANSWER: NO // @ts-ignore message.type = MessageType.REPLY; } From 3a5a90007e7ad8942cd121cf410f7996ecb1e35a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:23:09 +0300 Subject: [PATCH 24/36] MANAGE_GUILDS --- api/src/routes/guilds/#guild_id/index.ts | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts index 991c3f93..8e1e74f7 100644 --- a/api/src/routes/guilds/#guild_id/index.ts +++ b/api/src/routes/guilds/#guild_id/index.ts @@ -1,5 +1,5 @@ import { Request, Response, Router } from "express"; -import { emitEvent, getPermission, Guild, GuildUpdateEvent, handleFile, Member } from "@fosscord/util"; +import { DiscordApiErrors, emitEvent, getPermission, getRights, Guild, GuildUpdateEvent, handleFile, Member } from "@fosscord/util"; import { HTTPError } from "lambert-server"; import { route } from "@fosscord/api"; import "missing-native-js-functions"; @@ -37,9 +37,17 @@ router.get("/", route({}), async (req: Request, res: Response) => { return res.send(guild); }); -router.patch("/", route({ body: "GuildUpdateSchema", permission: "MANAGE_GUILD" }), async (req: Request, res: Response) => { +router.patch("/", route({ body: "GuildUpdateSchema"}), async (req: Request, res: Response) => { const body = req.body as GuildUpdateSchema; const { guild_id } = req.params; + + + const rights = await getRight(req.user_id); + const permission = await getPermission(req.user_id, guild_id); + + if (!rights.has("MANAGE_GUILDS")||!permission.has("MANAGE_GUILD")) + throw DiscordApiErrors.MISSING_PERMISSIONS("MANAGE_GUILD"); + // TODO: guild update check image if (body.icon) body.icon = await handleFile(`/icons/${guild_id}`, body.icon); From a4e4d40bb967a73130363b134cf9072e08ea4d3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:29:04 +0300 Subject: [PATCH 25/36] rights enforcement in guild create --- api/src/routes/guilds/index.ts | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/api/src/routes/guilds/index.ts b/api/src/routes/guilds/index.ts index 7b676211..10721413 100644 --- a/api/src/routes/guilds/index.ts +++ b/api/src/routes/guilds/index.ts @@ -1,5 +1,5 @@ import { Router, Request, Response } from "express"; -import { Role, Guild, Snowflake, Config, Member, Channel, DiscordApiErrors, handleFile } from "@fosscord/util"; +import { Role, Guild, Snowflake, Config, getRights, Member, Channel, DiscordApiErrors, handleFile } from "@fosscord/util"; import { route } from "@fosscord/api"; import { ChannelModifySchema } from "../channels/#channel_id"; @@ -20,12 +20,13 @@ export interface GuildCreateSchema { //TODO: create default channel -router.post("/", route({ body: "GuildCreateSchema" }), async (req: Request, res: Response) => { +router.post("/", route({ body: "GuildCreateSchema", right: "CREATE_GUILDS" }), async (req: Request, res: Response) => { const body = req.body as GuildCreateSchema; const { maxGuilds } = Config.get().limits.user; const guild_count = await Member.count({ id: req.user_id }); - if (guild_count >= maxGuilds) { + const rights = await getRights(req.user_id); + if ((guild_count >= maxGuilds)&&!rights.has("MANAGE_GUILDS")) { throw DiscordApiErrors.MAXIMUM_GUILDS.withParams(maxGuilds); } From 76268ae456f9151250a762dd1dc9cec7a127889a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:32:00 +0300 Subject: [PATCH 26/36] JOIN_GUILDS --- api/src/routes/invites/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/routes/invites/index.ts b/api/src/routes/invites/index.ts index 37e9e05a..21da2d18 100644 --- a/api/src/routes/invites/index.ts +++ b/api/src/routes/invites/index.ts @@ -13,7 +13,7 @@ router.get("/:code", route({}), async (req: Request, res: Response) => { res.status(200).send(invite); }); -router.post("/:code", route({}), async (req: Request, res: Response) => { +router.post("/:code", route({right: "JOIN_GUILDS"}), async (req: Request, res: Response) => { const { code } = req.params; const { guild_id } = await Invite.findOneOrFail({ code }) const { features } = await Guild.findOneOrFail({ id: guild_id}); From 2c0d2f40c8df354c5a749e9af647aba4066e45b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 11:34:01 +0300 Subject: [PATCH 27/36] invite right enforced --- api/src/routes/channels/#channel_id/invites.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/api/src/routes/channels/#channel_id/invites.ts b/api/src/routes/channels/#channel_id/invites.ts index 6d2c625d..208a0705 100644 --- a/api/src/routes/channels/#channel_id/invites.ts +++ b/api/src/routes/channels/#channel_id/invites.ts @@ -19,7 +19,8 @@ export interface InviteCreateSchema { target_user_type?: number; } -router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT_INVITE" }), async (req: Request, res: Response) => { +router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT_INVITE", right: "CREATE_INSTANT_INVITE" }), + async (req: Request, res: Response) => { const { user_id } = req; const { channel_id } = req.params; const channel = await Channel.findOneOrFail({ where: { id: channel_id }, select: ["id", "name", "type", "guild_id"] }); From 271574bb384a4d8a08f0058a453abd7839707b32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Fri, 8 Apr 2022 17:30:55 +0300 Subject: [PATCH 28/36] correct right name --- api/src/routes/channels/#channel_id/invites.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/routes/channels/#channel_id/invites.ts b/api/src/routes/channels/#channel_id/invites.ts index 208a0705..6367a8b6 100644 --- a/api/src/routes/channels/#channel_id/invites.ts +++ b/api/src/routes/channels/#channel_id/invites.ts @@ -19,7 +19,7 @@ export interface InviteCreateSchema { target_user_type?: number; } -router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT_INVITE", right: "CREATE_INSTANT_INVITE" }), +router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INVITES", right: "CREATE_INSTANT_INVITE" }), async (req: Request, res: Response) => { const { user_id } = req; const { channel_id } = req.params; From 596c60e010a8372c729306476c0734e86f990ad9 Mon Sep 17 00:00:00 2001 From: binsky Date: Sat, 9 Apr 2022 04:11:10 +0200 Subject: [PATCH 29/36] fix invite right enforcement --- api/src/routes/channels/#channel_id/invites.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/routes/channels/#channel_id/invites.ts b/api/src/routes/channels/#channel_id/invites.ts index 6367a8b6..9c361164 100644 --- a/api/src/routes/channels/#channel_id/invites.ts +++ b/api/src/routes/channels/#channel_id/invites.ts @@ -19,7 +19,7 @@ export interface InviteCreateSchema { target_user_type?: number; } -router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INVITES", right: "CREATE_INSTANT_INVITE" }), +router.post("/", route({ body: "InviteCreateSchema", permission: "CREATE_INSTANT_INVITE", right: "CREATE_INVITES" }), async (req: Request, res: Response) => { const { user_id } = req; const { channel_id } = req.params; From 88dd33a9a271ec73f9ce0beb8c5c8e662912fc68 Mon Sep 17 00:00:00 2001 From: binsky Date: Sat, 9 Apr 2022 04:12:16 +0200 Subject: [PATCH 30/36] fix MANAGE_GUILDS; rename getRight to getRights --- api/src/routes/guilds/#guild_id/index.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/api/src/routes/guilds/#guild_id/index.ts b/api/src/routes/guilds/#guild_id/index.ts index 8e1e74f7..4ec3df72 100644 --- a/api/src/routes/guilds/#guild_id/index.ts +++ b/api/src/routes/guilds/#guild_id/index.ts @@ -42,11 +42,11 @@ router.patch("/", route({ body: "GuildUpdateSchema"}), async (req: Request, res: const { guild_id } = req.params; - const rights = await getRight(req.user_id); + const rights = await getRights(req.user_id); const permission = await getPermission(req.user_id, guild_id); if (!rights.has("MANAGE_GUILDS")||!permission.has("MANAGE_GUILD")) - throw DiscordApiErrors.MISSING_PERMISSIONS("MANAGE_GUILD"); + throw DiscordApiErrors.MISSING_PERMISSIONS.withParams("MANAGE_GUILD"); // TODO: guild update check image From 66609ec5f49ad0fa3522a9ff0f340b7f61dcd9c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sat, 9 Apr 2022 13:46:50 +0300 Subject: [PATCH 31/36] Update User.ts --- util/src/entities/User.ts | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/util/src/entities/User.ts b/util/src/entities/User.ts index 7091ee24..42d926b2 100644 --- a/util/src/entities/User.ts +++ b/util/src/entities/User.ts @@ -60,7 +60,7 @@ export class User extends BaseClass { username: string; // username max length 32, min 2 (should be configurable) @Column() - discriminator: string; // #0001 4 digit long string from #0001 - #9999 + discriminator: string; // opaque string: 4 digits on discord.com setDiscriminator(val: string) { const number = Number(val); @@ -88,10 +88,10 @@ export class User extends BaseClass { mobile: boolean; // if the user has mobile app installed @Column() - premium: boolean; // if user bought nitro - + premium: boolean; // if user bought individual premium + @Column() - premium_type: number; // nitro level + premium_type: number; // individual premium level @Column() bot: boolean; // if user is bot @@ -100,11 +100,11 @@ export class User extends BaseClass { bio: string; // short description of the user (max 190 chars -> should be configurable) @Column() - system: boolean; // shouldn't be used, the api sents this field type true, if the generated message comes from a system generated author + system: boolean; // shouldn't be used, the api sends this field type true, if the generated message comes from a system generated author @Column({ select: false }) - nsfw_allowed: boolean; // if the user is older than 18 (resp. Config) - + nsfw_allowed: boolean; // if the user can do age-restricted actions (NSFW channels/guilds/commands) + @Column({ select: false }) mfa_enabled: boolean; // if multi factor authentication is enabled From 467f2d6ed934543360c4381e0e7052996773b909 Mon Sep 17 00:00:00 2001 From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com> Date: Sat, 9 Apr 2022 23:53:57 +1000 Subject: [PATCH 32/36] Resolves #715 --- util/src/entities/User.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/src/entities/User.ts b/util/src/entities/User.ts index 42d926b2..a5c4c136 100644 --- a/util/src/entities/User.ts +++ b/util/src/entities/User.ts @@ -132,7 +132,7 @@ export class User extends BaseClass { @Column() public_flags: number; - @Column() + @Column({ type: "bigint" }) rights: string; // Rights @OneToMany(() => Session, (session: Session) => session.user) From d54fa9b1cb6e5a35b44860565cd9592c22f121de Mon Sep 17 00:00:00 2001 From: 1itt1eB0y Date: Sat, 9 Apr 2022 22:43:38 +0800 Subject: [PATCH 33/36] bug fix Fix `QueryFailedError: constraint "FK_05535bc695e9f7ee104616459d3" for relation "messages" already exists` --- util/src/entities/Message.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/src/entities/Message.ts b/util/src/entities/Message.ts index 04b04747..b32bbd94 100644 --- a/util/src/entities/Message.ts +++ b/util/src/entities/Message.ts @@ -90,7 +90,7 @@ export class Message extends BaseClass { @RelationId((message: Message) => message.member) member_id: string; - @JoinColumn({ name: "author_id", referencedColumnName: "id" }) + @JoinColumn({ name: "member_id", referencedColumnName: "id" }) @ManyToOne(() => User, { onDelete: "CASCADE", }) From 2e6599654046291832b7138e452777e75d45f4b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sat, 9 Apr 2022 21:45:45 +0300 Subject: [PATCH 34/36] add an elegant entropy check --- api/src/util/utility/passwordStrength.ts | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/api/src/util/utility/passwordStrength.ts b/api/src/util/utility/passwordStrength.ts index 047df008..81ac2559 100644 --- a/api/src/util/utility/passwordStrength.ts +++ b/api/src/util/utility/passwordStrength.ts @@ -13,6 +13,7 @@ const blocklist: string[] = []; // TODO: update ones passwordblocklist is stored * - min numbers * - min symbols * - min uppercase chars + * - shannon entropy divided by password entropy * * Returns: 0 > pw > 1 */ @@ -22,28 +23,38 @@ export function checkPassword(password: string): number { // checks for total password len if (password.length >= minLength - 1) { - strength += 0.25; + strength += 0.05; } // checks for amount of Numbers if (password.count(reNUMBER) >= minNumbers - 1) { - strength += 0.25; + strength += 0.05; } // checks for amount of Uppercase Letters if (password.count(reUPPERCASELETTER) >= minUpperCase - 1) { - strength += 0.25; + strength += 0.05; } // checks for amount of symbols if (password.replace(reSYMBOLS, "").length >= minSymbols - 1) { - strength += 0.25; + strength += 0.05; } // checks if password only consists of numbers or only consists of chars if (password.length == password.count(reNUMBER) || password.length === password.count(reUPPERCASELETTER)) { strength = 0; } - + + var entropyMap; + for (let i = 0; i < password.length; i++) { + if (entropyMap[password[i]]) entropyMap[password[i]]++; + else entropyMap[password[i]] = 1; + } + + let entropies = Array(entropyMap); + + entropies.map(x => (x / entropyMap.length)); + strength += entropies.reduceRight((a, x), a - (x * Math.log2(x))) / Math.log2(password.length); return strength; } From fd702100ea5a9a88131b387f8ea573a601a1b3ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sat, 9 Apr 2022 21:48:25 +0300 Subject: [PATCH 35/36] Update passwordStrength.ts --- api/src/util/utility/passwordStrength.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/util/utility/passwordStrength.ts b/api/src/util/utility/passwordStrength.ts index 81ac2559..e75e48f6 100644 --- a/api/src/util/utility/passwordStrength.ts +++ b/api/src/util/utility/passwordStrength.ts @@ -46,7 +46,7 @@ export function checkPassword(password: string): number { strength = 0; } - var entropyMap; + let entropyMap; for (let i = 0; i < password.length; i++) { if (entropyMap[password[i]]) entropyMap[password[i]]++; else entropyMap[password[i]] = 1; From 01315087d99b8f1d1c31bf83c363130376192f47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkin=20Alp=20G=C3=BCney?= Date: Sun, 10 Apr 2022 13:54:05 +0300 Subject: [PATCH 36/36] Update Guild.ts --- util/src/entities/Guild.ts | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/util/src/entities/Guild.ts b/util/src/entities/Guild.ts index 9ac148ee..70bb41c5 100644 --- a/util/src/entities/Guild.ts +++ b/util/src/entities/Guild.ts @@ -187,11 +187,11 @@ export class Guild extends BaseClass { @Column({ nullable: true }) @RelationId((guild: Guild) => guild.owner) - owner_id: string; + owner_id?: string; // optional to allow for ownerless guilds @JoinColumn({ name: "owner_id", referencedColumnName: "id" }) @ManyToOne(() => User) - owner: User; + owner?: User; // optional to allow for ownerless guilds @Column({ nullable: true }) preferred_locale?: string; @@ -200,7 +200,7 @@ export class Guild extends BaseClass { premium_subscription_count?: number; @Column({ nullable: true }) - premium_tier?: number; // nitro boost level + premium_tier?: number; // crowd premium level @Column({ nullable: true }) @RelationId((guild: Guild) => guild.public_updates_channel) @@ -269,6 +269,10 @@ export class Guild extends BaseClass { @Column({ nullable: true }) nsfw?: boolean; + + // TODO: nested guilds + @Column({ nullable: true }) + parent?: string; // only for developer portal permissions?: number; @@ -308,7 +312,7 @@ export class Guild extends BaseClass { verification_level: 0, welcome_screen: { enabled: false, - description: "No description", + description: "Fill in your description", welcome_channels: [], }, widget_enabled: true, // NB: don't set it as false to prevent artificial restrictions