Sharkey/src/server/api/call.ts

import limiter from './limiter';
import { IUser } from '../../models/user';
import { IApp } from '../../models/app';
import endpoints from './endpoints';
import { ApiError } from './error';
import { apiLogger } from './logger';
import { Response } from './define';

const accessDenied = {
	message: 'Access denied.',
	code: 'ACCESS_DENIED',
	id: '56f35758-7dd5-468b-8439-5d6fb8ec9b8e'
};

export default async (endpoint: string, user: IUser, app: IApp, data: any, file?: any) => {
	const isSecure = user != null && app == null;

	const ep = endpoints.find(e => e.name === endpoint);

	if (ep == null) {
		throw new ApiError({
			message: 'No such endpoint.',
			code: 'NO_SUCH_ENDPOINT',
			id: 'f8080b67-5f9c-4eb7-8c18-7f1eeae8f709',
		});
	}

	if (ep.meta.secure && !isSecure) {
		throw new ApiError(accessDenied);
	}

	if (ep.meta.requireCredential && user == null) {
		throw new ApiError({
			message: 'Credential required.',
			code: 'CREDENTIAL_REQUIRED',
			id: '1384574d-a912-4b81-8601-c7b1c4085df1',
		});
	}

	if (ep.meta.requireCredential && user.isSuspended) {
		throw new ApiError(accessDenied, { reason: 'Your account has been suspended.' });
	}

	if (ep.meta.requireAdmin && !user.isAdmin) {
		throw new ApiError(accessDenied, { reason: 'You are not the admin.' });
	}

	if (ep.meta.requireModerator && !user.isAdmin && !user.isModerator) {
		throw new ApiError(accessDenied, { reason: 'You are not a moderator.' });
	}

	if (app && ep.meta.kind && !app.permission.some(p => p === ep.meta.kind)) {
		throw new ApiError({
			message: 'Your app does not have the necessary permissions to use this endpoint.',
			code: 'PERMISSION_DENIED',
			id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',
		});
	}

	if (ep.meta.requireCredential && ep.meta.limit) {
		try {
			await limiter(ep, user); // Rate limit
		} catch (e) {
			// drop request if limit exceeded
			throw new ApiError({
				message: 'Rate limit exceeded. Please try again later.',
				code: 'RATE_LIMIT_EXCEEDED',
				id: 'd5826d14-3982-4d2e-8011-b9e9f02499ef',
			});
		}
	}

	let res: Response;

	// API invoking
	try {
		res = await ep.exec(data, user, app, file);
	} catch (e) {
		if (e instanceof ApiError) {
			throw e;
		} else {
			apiLogger.error(e);
			throw new ApiError(null, {
				e: {
					message: e.message,
					code: e.code,
					stack: e.stack
				}
			});
		}
	}

	return res;
};
Fix typo 2018-12-25 13:02:37 +02:00			`import limiter from './limiter';`
Clean up 2018-08-21 22:53:02 +03:00			`import { IUser } from '../../models/user';`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`import { IApp } from '../../models/app';`
良い感じに 2018-07-15 21:43:36 +03:00			`import endpoints from './endpoints';`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`import { ApiError } from './error';`
			`import { apiLogger } from './logger';`
			`import { Response } from './define';`

			`const accessDenied = {`
			`message: 'Access denied.',`
			`code: 'ACCESS_DENIED',`
			`id: '56f35758-7dd5-468b-8439-5d6fb8ec9b8e'`
			`};`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00
Refactoring 2019-01-23 12:33:29 +02:00			`export default async (endpoint: string, user: IUser, app: IApp, data: any, file?: any) => {`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`const isSecure = user != null && app == null;`

良い感じに 2018-07-15 21:43:36 +03:00			`const ep = endpoints.find(e => e.name === endpoint);`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00
V10 (#2826) * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update CHANGELOG.md * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update CHANGELOG.md * Update CHANGELOG.md * wip * Update CHANGELOG.md * wip * wip * wip * wip 2018-10-07 05:06:17 +03:00			`if (ep == null) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError({`
			`message: 'No such endpoint.',`
			`code: 'NO_SUCH_ENDPOINT',`
			`id: 'f8080b67-5f9c-4eb7-8c18-7f1eeae8f709',`
			`});`
V10 (#2826) * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update CHANGELOG.md * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * Update CHANGELOG.md * Update CHANGELOG.md * wip * Update CHANGELOG.md * wip * wip * wip * wip 2018-10-07 05:06:17 +03:00			`}`

良い感じに 2018-07-15 21:25:35 +03:00			`if (ep.meta.secure && !isSecure) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError(accessDenied);`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`}`

良い感じに 2018-07-15 21:25:35 +03:00			`if (ep.meta.requireCredential && user == null) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError({`
			`message: 'Credential required.',`
			`code: 'CREDENTIAL_REQUIRED',`
			`id: '1384574d-a912-4b81-8601-c7b1c4085df1',`
			`});`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`}`

良い感じに 2018-07-15 21:25:35 +03:00			`if (ep.meta.requireCredential && user.isSuspended) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError(accessDenied, { reason: 'Your account has been suspended.' });`
アカウントを凍結されていたらAPIにアクセスできないようにした 2018-07-13 17:44:45 +03:00			`}`

#2359 など 2018-08-20 19:03:58 +03:00			`if (ep.meta.requireAdmin && !user.isAdmin) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError(accessDenied, { reason: 'You are not the admin.' });`
wip 2018-08-13 19:05:58 +03:00			`}`

Moderator system Closes #2357 2018-11-14 21:15:42 +02:00			`if (ep.meta.requireModerator && !user.isAdmin && !user.isModerator) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError(accessDenied, { reason: 'You are not a moderator.' });`
Moderator system Closes #2357 2018-11-14 21:15:42 +02:00			`}`

if elimination (#2635) 2018-09-06 00:06:22 +03:00			`if (app && ep.meta.kind && !app.permission.some(p => p === ep.meta.kind)) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError({`
			`message: 'Your app does not have the necessary permissions to use this endpoint.',`
			`code: 'PERMISSION_DENIED',`
			`id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',`
			`});`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`}`

良い感じに 2018-07-15 21:25:35 +03:00			`if (ep.meta.requireCredential && ep.meta.limit) {`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`try {`
Fix typo 2018-12-25 13:02:37 +02:00			`await limiter(ep, user); // Rate limit`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`} catch (e) {`
			`// drop request if limit exceeded`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`throw new ApiError({`
			`message: 'Rate limit exceeded. Please try again later.',`
			`code: 'RATE_LIMIT_EXCEEDED',`
			`id: 'd5826d14-3982-4d2e-8011-b9e9f02499ef',`
			`});`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`}`
			`}`

Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`let res: Response;`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00
			`// API invoking`
			`try {`
Refactor 2018-11-02 06:47:44 +02:00			`res = await ep.exec(data, user, app, file);`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`} catch (e) {`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`if (e instanceof ApiError) {`
Refactoring 2019-01-23 12:33:29 +02:00			`throw e;`
Improve error handling of API (#4345) * wip * wip * wip * Update attached_notes.ts * wip * Refactor * wip * wip * wip * wip * wip * wip * wip * wip * Update call.ts * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * :v: * Fix 2019-02-22 04:46:58 +02:00			`} else {`
			`apiLogger.error(e);`
			`throw new ApiError(null, {`
			`e: {`
			`message: e.message,`
			`code: e.code,`
			`stack: e.stack`
			`}`
			`});`
API: Better error response 2018-10-26 08:38:34 +03:00			`}`
ストリーム経由でAPIにリクエストできるように 2018-04-11 11:40:01 +03:00			`}`

Refactoring 2019-01-23 12:33:29 +02:00			`return res;`
			`};`