-
Notifications
You must be signed in to change notification settings - Fork 31
Add ability for users to block whole instances #2155
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from 8 commits
a77bc84
74530b4
9956cba
95238bb
ec7917b
d26c378
4e8f713
5356285
581d855
018a411
f31cc6a
a9edc4c
e46729f
e5d5843
19dd86b
3dd7c03
091f0fb
b55d82f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| page_federation: | ||
| controller: App\Controller\FederationController | ||
| path: /federation | ||
| methods: [ GET ] | ||
|
|
||
| federation_user_block_instance: | ||
| controller: App\Controller\FederationController::userBlockInstance | ||
| path: /federation/user/block | ||
| methods: [GET] | ||
|
|
||
| federation_user_unblock_instance: | ||
| controller: App\Controller\FederationController::userUnblockInstance | ||
| path: /federation/user/unblock | ||
| methods: [GET] |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| <?php | ||
|
|
||
| declare(strict_types=1); | ||
|
|
||
| namespace DoctrineMigrations; | ||
|
|
||
| use Doctrine\DBAL\Schema\Schema; | ||
| use Doctrine\Migrations\AbstractMigration; | ||
|
|
||
| final class Version20260603205601 extends AbstractMigration | ||
| { | ||
| public function getDescription(): string | ||
| { | ||
| return 'add InstanceBlock'; | ||
| } | ||
|
|
||
| public function up(Schema $schema): void | ||
| { | ||
| $this->addSql('CREATE SEQUENCE instance_block_id_seq INCREMENT BY 1 MINVALUE 1 START 1'); | ||
| $this->addSql('CREATE TABLE instance_block (id INT NOT NULL, user_id INT NOT NULL, instance_id INT NOT NULL, instance_domain TEXT NOT NULL, PRIMARY KEY (id))'); | ||
| $this->addSql('CREATE UNIQUE INDEX instance_block_idx ON instance_block (user_id, instance_domain)'); | ||
| $this->addSql('ALTER TABLE instance_block ADD CONSTRAINT FK_8F85864AA76ED395 FOREIGN KEY (user_id) REFERENCES "user" (id) ON DELETE CASCADE NOT DEFERRABLE'); | ||
| $this->addSql('ALTER TABLE instance_block ADD CONSTRAINT FK_8F85864A3A51721D FOREIGN KEY (instance_id) REFERENCES instance (id) ON DELETE CASCADE NOT DEFERRABLE'); | ||
| } | ||
|
|
||
| public function down(Schema $schema): void | ||
| { | ||
| $this->addSql('DROP SEQUENCE instance_block_id_seq CASCADE'); | ||
| $this->addSql('ALTER TABLE instance_block DROP CONSTRAINT FK_8F85864AA76ED395'); | ||
| $this->addSql('ALTER TABLE instance_block DROP CONSTRAINT FK_8F85864A3A51721D'); | ||
| $this->addSql('DROP TABLE instance_block'); | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| <?php | ||
|
|
||
| declare(strict_types=1); | ||
|
|
||
| namespace App\Controller\Api\Instance\Admin; | ||
|
|
||
| use App\Controller\Api\Instance\InstanceBaseApi; | ||
| use App\DTO\InstanceDomainsRequestDto; | ||
| use App\Schema\Errors\BadRequestErrorSchema; | ||
| use App\Schema\Errors\NotFoundErrorSchema; | ||
| use App\Schema\Errors\TooManyRequestsErrorSchema; | ||
| use App\Schema\Errors\UnauthorizedErrorSchema; | ||
| use Nelmio\ApiDocBundle\Attribute\Model; | ||
| use Nelmio\ApiDocBundle\Attribute\Security; | ||
| use OpenApi\Attributes as OA; | ||
| use Symfony\Component\HttpFoundation\JsonResponse; | ||
| use Symfony\Component\RateLimiter\RateLimiterFactoryInterface; | ||
| use Symfony\Component\Security\Http\Attribute\IsGranted; | ||
|
|
||
| class InstanceBlockGloballyApi extends InstanceBaseApi | ||
Check failureCode scanning / Psalm PropertyNotSetInConstructor Error
Property App\Controller\Api\Instance\Admin\InstanceBlockGloballyApi::$container is not defined in constructor of App\Controller\Api\Instance\Admin\InstanceBlockGloballyApi or in any methods called in the constructor
Check failureCode scanning / Psalm MethodSignatureMismatch Error
Method App\Controller\Api\Instance\Admin\InstanceBlockGloballyApi::validateCsrf has fewer parameters than parent method App\Controller\AbstractController::validateCsrf
Check failureCode scanning / Psalm UnusedClass Error
Class App\Controller\Api\Instance\Admin\InstanceBlockGloballyApi is never used
Check failureCode scanning / Psalm ClassMustBeFinal Error
Class App\Controller\Api\Instance\Admin\InstanceBlockGloballyApi is never extended and is not part of the public API, and thus must be made final.
|
||
|
github-advanced-security[bot] marked this conversation as resolved.
Fixed
|
||
| { | ||
| #[OA\RequestBody(content: new Model( | ||
| type: InstanceDomainsRequestDto::class, | ||
| ))] | ||
| #[OA\Response( | ||
| response: 204, | ||
| description: 'Instance is blocked', | ||
| headers: [ | ||
| new OA\Header(header: 'X-RateLimit-Remaining', description: 'Number of requests left until you will be rate limited', schema: new OA\Schema(type: 'integer')), | ||
| new OA\Header(header: 'X-RateLimit-Retry-After', description: 'Unix timestamp to retry the request after', schema: new OA\Schema(type: 'integer')), | ||
| new OA\Header(header: 'X-RateLimit-Limit', description: 'Number of requests available', schema: new OA\Schema(type: 'integer')), | ||
| ], | ||
| )] | ||
| #[OA\Response( | ||
| response: 400, | ||
| description: 'Instance domain not set in request-body', | ||
| content: new OA\JsonContent(ref: new Model(type: BadRequestErrorSchema::class)) | ||
| )] | ||
| #[OA\Response( | ||
| response: 401, | ||
| description: 'Permission denied due to missing or expired token', | ||
| content: new OA\JsonContent(ref: new Model(type: UnauthorizedErrorSchema::class)) | ||
| )] | ||
| #[OA\Response( | ||
| response: 404, | ||
| description: 'Instance with given domain was not found', | ||
| content: new OA\JsonContent(ref: new Model(type: NotFoundErrorSchema::class)) | ||
| )] | ||
| #[OA\Response( | ||
| response: 429, | ||
| description: 'You are being rate limited', | ||
| headers: [ | ||
| new OA\Header(header: 'X-RateLimit-Remaining', description: 'Number of requests left until you will be rate limited', schema: new OA\Schema(type: 'integer')), | ||
| new OA\Header(header: 'X-RateLimit-Retry-After', description: 'Unix timestamp to retry the request after', schema: new OA\Schema(type: 'integer')), | ||
| new OA\Header(header: 'X-RateLimit-Limit', description: 'Number of requests available', schema: new OA\Schema(type: 'integer')), | ||
| ], | ||
| content: new OA\JsonContent(ref: new Model(type: TooManyRequestsErrorSchema::class)) | ||
| )] | ||
| #[OA\Tag(name: 'admin/instance')] | ||
| #[IsGranted('ROLE_ADMIN')] | ||
| #[Security(name: 'oauth2', scopes: ['admin:federation:update'])] | ||
| #[IsGranted('ROLE_OAUTH2_ADMIN:FEDERATION:UPDATE')] | ||
| public function blockForAll( | ||
| RateLimiterFactoryInterface $apiModerateLimiter, | ||
| ): JsonResponse { | ||
| $headers = $this->rateLimit($apiModerateLimiter); | ||
|
|
||
| $instances = $this->getInstancesFromDomainsRequest(); | ||
|
|
||
| $this->instanceManager->blockInstancesGlobally($instances); | ||
|
|
||
| return new JsonResponse(status: 204, headers: $headers); | ||
| } | ||
| } | ||
Uh oh!
There was an error while loading. Please reload this page.