From a930cddd1f54737577455b7917c32d1416080876 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=B4=87=E5=B3=B0=20=E6=9C=94=E8=8F=AF?= Date: Sun, 24 Nov 2024 21:15:21 +0900 Subject: [PATCH 1/9] =?UTF-8?q?Mod:=20=E3=83=A1=E3=83=BC=E3=83=AB=E3=83=89?= =?UTF-8?q?=E3=83=A1=E3=82=A4=E3=83=B3=E3=83=96=E3=83=A9=E3=83=83=E3=82=AF?= =?UTF-8?q?=E3=83=AA=E3=82=B9=E3=83=88=E3=82=92=E3=83=90=E3=83=AA=E3=83=87?= =?UTF-8?q?=E3=83=BC=E3=82=B7=E3=83=A7=E3=83=B3=E3=82=88=E3=82=8A=E5=85=88?= =?UTF-8?q?=E3=81=AB=E8=A9=95=E4=BE=A1=E3=81=99=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/backend/src/core/EmailService.ts | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/packages/backend/src/core/EmailService.ts b/packages/backend/src/core/EmailService.ts index da198d0e42..df6b981b69 100644 --- a/packages/backend/src/core/EmailService.ts +++ b/packages/backend/src/core/EmailService.ts @@ -176,6 +176,16 @@ export class EmailService { }; } + const emailDomain: string = emailAddress.split('@')[1]; + const isBanned = this.utilityService.isBlockedHost(this.meta.bannedEmailDomains, emailDomain); + + if (isBanned) { + return { + available: false, + reason: 'banned', + }; + } + let validated: { valid: boolean, reason?: string | null, @@ -214,16 +224,6 @@ export class EmailService { }; } - const emailDomain: string = emailAddress.split('@')[1]; - const isBanned = this.utilityService.isBlockedHost(this.meta.bannedEmailDomains, emailDomain); - - if (isBanned) { - return { - available: false, - reason: 'banned', - }; - } - return { available: true, reason: null, From 8229e27128df3dfa91d7d63917772eb0f31a7e3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=B4=87=E5=B3=B0=20=E6=9C=94=E8=8F=AF?= Date: Mon, 25 Nov 2024 20:00:17 +0900 Subject: [PATCH 2/9] =?UTF-8?q?Add(backend):=20=E3=83=9B=E3=83=AF=E3=82=A4?= =?UTF-8?q?=E3=83=88=E3=83=AA=E3=82=B9=E3=83=88=E3=81=A8=E3=81=97=E3=81=A6?= =?UTF-8?q?allowedEmailDomains=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../1732451011177-AddAllowedEmailDomains.js | 16 ++++++++++++++++ packages/backend/src/core/EmailService.ts | 9 +++++++++ packages/backend/src/core/UtilityService.ts | 6 ++++++ packages/backend/src/models/Meta.ts | 7 +++++++ .../src/server/api/endpoints/admin/meta.ts | 9 +++++++++ .../server/api/endpoints/admin/update-meta.ts | 5 +++++ packages/misskey-js/src/autogen/types.ts | 2 ++ 7 files changed, 54 insertions(+) create mode 100644 packages/backend/migration/1732451011177-AddAllowedEmailDomains.js diff --git a/packages/backend/migration/1732451011177-AddAllowedEmailDomains.js b/packages/backend/migration/1732451011177-AddAllowedEmailDomains.js new file mode 100644 index 0000000000..fd7e81ea9a --- /dev/null +++ b/packages/backend/migration/1732451011177-AddAllowedEmailDomains.js @@ -0,0 +1,16 @@ +/* + * SPDX-FileCopyrightText: syuilo and misskey-project + * SPDX-License-Identifier: AGPL-3.0-only + */ + +export class AddAllowedEmailDomains1732451011177 { + name = 'AddAllowedEmailDomains1732451011177' + + async up(queryRunner) { + await queryRunner.query(`ALTER TABLE "meta" ADD "allowedEmailDomains" character varying(1024) array NOT NULL DEFAULT '{}'`); + } + + async down(queryRunner) { + await queryRunner.query(`ALTER TABLE "meta" DROP COLUMN "allowedEmailDomains"`); + } +} diff --git a/packages/backend/src/core/EmailService.ts b/packages/backend/src/core/EmailService.ts index df6b981b69..d80ae280c6 100644 --- a/packages/backend/src/core/EmailService.ts +++ b/packages/backend/src/core/EmailService.ts @@ -177,6 +177,15 @@ export class EmailService { } const emailDomain: string = emailAddress.split('@')[1]; + + // ホワイトリストに含まれている場合は即座にtrueを返す + if (this.utilityService.isAllowedHost(this.meta.allowedEmailDomains, emailDomain)) { + return { + available: true, + reason: null, + }; + } + const isBanned = this.utilityService.isBlockedHost(this.meta.bannedEmailDomains, emailDomain); if (isBanned) { diff --git a/packages/backend/src/core/UtilityService.ts b/packages/backend/src/core/UtilityService.ts index 9a2ba72ed3..3974e69ae5 100644 --- a/packages/backend/src/core/UtilityService.ts +++ b/packages/backend/src/core/UtilityService.ts @@ -45,6 +45,12 @@ export class UtilityService { return blockedHosts.some(x => `.${host.toLowerCase()}`.endsWith(`.${x}`)); } + @bindThis + public isAllowedHost(allowedHosts: string[], host: string | null): boolean { + if (host == null) return false; + return allowedHosts.some(x => `.${host.toLowerCase()}`.endsWith(`.${x}`)); + } + @bindThis public isSilencedHost(silencedHosts: string[] | undefined, host: string | null): boolean { if (!silencedHosts || host == null) return false; diff --git a/packages/backend/src/models/Meta.ts b/packages/backend/src/models/Meta.ts index ad5e31ad6f..252f45cf42 100644 --- a/packages/backend/src/models/Meta.ts +++ b/packages/backend/src/models/Meta.ts @@ -569,6 +569,13 @@ export class MiMeta { }) public bannedEmailDomains: string[]; + @Column('varchar', { + length: 1024, + array: true, + default: '{}', + }) + public allowedEmailDomains: string[]; + @Column('varchar', { length: 1024, array: true, default: '{ "admin", "administrator", "root", "system", "maintainer", "host", "mod", "moderator", "owner", "superuser", "staff", "auth", "i", "me", "everyone", "all", "mention", "mentions", "example", "user", "users", "account", "accounts", "official", "help", "helps", "support", "supports", "info", "information", "informations", "announce", "announces", "announcement", "announcements", "notice", "notification", "notifications", "dev", "developer", "developers", "tech", "misskey" }', }) diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts index 64e3cc33bd..b15597f784 100644 --- a/packages/backend/src/server/api/endpoints/admin/meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/meta.ts @@ -192,6 +192,14 @@ export const meta = { optional: false, nullable: false, }, }, + allowedEmailDomains: { + type: 'array', + optional: true, nullable: false, + items: { + type: 'string', + optional: false, nullable: false, + }, + }, preservedUsernames: { type: 'array', optional: false, nullable: false, @@ -643,6 +651,7 @@ export default class extends Endpoint { // eslint- enableServerMachineStats: instance.enableServerMachineStats, enableIdenticonGeneration: instance.enableIdenticonGeneration, bannedEmailDomains: instance.bannedEmailDomains, + allowedEmailDomains: instance.allowedEmailDomains, policies: { ...DEFAULT_POLICIES, ...instance.policies }, manifestJsonOverride: instance.manifestJsonOverride, enableFanoutTimeline: instance.enableFanoutTimeline, diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts index 38ef0d1de8..2e1c2515ad 100644 --- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts +++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts @@ -141,6 +141,7 @@ export const paramDef = { enableIdenticonGeneration: { type: 'boolean' }, serverRules: { type: 'array', items: { type: 'string' } }, bannedEmailDomains: { type: 'array', items: { type: 'string' } }, + allowedEmailDomains: { type: 'array', items: { type: 'string' } }, preservedUsernames: { type: 'array', items: { type: 'string' } }, manifestJsonOverride: { type: 'string' }, enableFanoutTimeline: { type: 'boolean' }, @@ -639,6 +640,10 @@ export default class extends Endpoint { // eslint- set.bannedEmailDomains = ps.bannedEmailDomains; } + if (ps.allowedEmailDomains !== undefined) { + set.allowedEmailDomains = ps.allowedEmailDomains; + } + if (ps.urlPreviewEnabled !== undefined) { set.urlPreviewEnabled = ps.urlPreviewEnabled; } diff --git a/packages/misskey-js/src/autogen/types.ts b/packages/misskey-js/src/autogen/types.ts index 42ca05e057..a497d51e27 100644 --- a/packages/misskey-js/src/autogen/types.ts +++ b/packages/misskey-js/src/autogen/types.ts @@ -5138,6 +5138,7 @@ export type operations = { prohibitedWords: string[]; prohibitedWordsForNameOfUser: string[]; bannedEmailDomains?: string[]; + allowedEmailDomains?: string[]; preservedUsernames: string[]; hcaptchaSecretKey: string | null; mcaptchaSecretKey: string | null; @@ -9578,6 +9579,7 @@ export type operations = { enableIdenticonGeneration?: boolean; serverRules?: string[]; bannedEmailDomains?: string[]; + allowedEmailDomains?: string[]; preservedUsernames?: string[]; manifestJsonOverride?: string; enableFanoutTimeline?: boolean; From 866cd43207ef9c99396ebdea72c710442a394eb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=B4=87=E5=B3=B0=20=E6=9C=94=E8=8F=AF?= Date: Mon, 25 Nov 2024 20:08:59 +0900 Subject: [PATCH 3/9] =?UTF-8?q?Add:=20=E3=82=B3=E3=83=B3=E3=83=88=E3=83=AD?= =?UTF-8?q?=E3=83=BC=E3=83=AB=E3=83=91=E3=83=8D=E3=83=AB=E3=81=ABAllowedEm?= =?UTF-8?q?ailDomains=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../frontend/src/pages/admin/security.vue | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/packages/frontend/src/pages/admin/security.vue b/packages/frontend/src/pages/admin/security.vue index 975a4a1265..9e6eda1310 100644 --- a/packages/frontend/src/pages/admin/security.vue +++ b/packages/frontend/src/pages/admin/security.vue @@ -88,6 +88,19 @@ SPDX-License-Identifier: AGPL-3.0-only + + + + +
+ + + +
+
+