fix(backend): add missing kind definition for admin endpoints to improve security

2023-12-18 12:32:26 +09:00
parent 776eea736a
commit 5150053275
77 changed files with 153 additions and 2 deletions
--- a/packages/backend/src/server/api/endpoints/admin/invite/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/invite/create.ts
@@ -16,6 +16,8 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],

+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,

--- a/packages/backend/src/server/api/endpoints/admin/invite/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/invite/list.ts
@@ -12,6 +12,8 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],

+	kind: 'write:admin',
+
 	requireCredential: true,
 	requireModerator: true,