Merge branch 'misskey-develop' into merge/2025-03-24

# Conflicts:
#	.github/workflows/api-misskey-js.yml
#	.github/workflows/changelog-check.yml
#	.github/workflows/check-misskey-js-autogen.yml
#	.github/workflows/get-api-diff.yml
#	.github/workflows/lint.yml
#	.github/workflows/locale.yml
#	.github/workflows/on-release-created.yml
#	.github/workflows/storybook.yml
#	.github/workflows/test-backend.yml
#	.github/workflows/test-federation.yml
#	.github/workflows/test-frontend.yml
#	.github/workflows/test-misskey-js.yml
#	.github/workflows/test-production.yml
#	.github/workflows/validate-api-json.yml
#	package.json
#	packages/backend/package.json
#	packages/backend/src/server/api/ApiCallService.ts
#	packages/backend/src/server/api/endpoints/drive/files/create.ts
#	packages/frontend-shared/js/url.ts
#	packages/frontend/package.json
#	packages/frontend/src/components/MkFileCaptionEditWindow.vue
#	packages/frontend/src/components/MkInfo.vue
#	packages/frontend/src/components/MkLink.vue
#	packages/frontend/src/components/MkNote.vue
#	packages/frontend/src/components/MkNotes.vue
#	packages/frontend/src/components/MkPageWindow.vue
#	packages/frontend/src/components/MkReactionsViewer.vue
#	packages/frontend/src/components/MkTimeline.vue
#	packages/frontend/src/components/MkUrlPreview.vue
#	packages/frontend/src/components/MkUserPopup.vue
#	packages/frontend/src/components/global/MkPageHeader.vue
#	packages/frontend/src/components/global/MkUrl.vue
#	packages/frontend/src/components/global/PageWithHeader.vue
#	packages/frontend/src/pages/about-misskey.vue
#	packages/frontend/src/pages/announcements.vue
#	packages/frontend/src/pages/antenna-timeline.vue
#	packages/frontend/src/pages/channel.vue
#	packages/frontend/src/pages/instance-info.vue
#	packages/frontend/src/pages/note.vue
#	packages/frontend/src/pages/page.vue
#	packages/frontend/src/pages/role.vue
#	packages/frontend/src/pages/tag.vue
#	packages/frontend/src/pages/timeline.vue
#	packages/frontend/src/pages/user-list-timeline.vue
#	packages/frontend/src/pages/user/followers.vue
#	packages/frontend/src/pages/user/following.vue
#	packages/frontend/src/pages/user/home.vue
#	packages/frontend/src/pages/user/index.vue
#	packages/frontend/src/ui/deck.vue
#	packages/misskey-js/generator/package.json
#	pnpm-lock.yaml
#	scripts/changelog-checker/package-lock.json
#	scripts/changelog-checker/package.json

packages/backend/test/e2e/api.ts

@@ -159,8 +159,8 @@ describe('API', () => {
 			user: { token: application3 },
 		}, {
 			status: 403,
-			code: 'ROLE_PERMISSION_DENIED',
-			id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+			code: 'PERMISSION_DENIED',
+			id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',
 		});
 
 		await failedApiCall({

packages/backend/test/unit/server/api/drive/files/create.ts

@@ -0,0 +1,108 @@
+/*
+ * SPDX-FileCopyrightText: syuilo and misskey-project
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+import { S3Client } from '@aws-sdk/client-s3';
+import { Test, TestingModule } from '@nestjs/testing';
+import { mockClient } from 'aws-sdk-client-mock';
+import { FastifyInstance } from 'fastify';
+import request from 'supertest';
+import { CoreModule } from '@/core/CoreModule.js';
+import { RoleService } from '@/core/RoleService.js';
+import { DI } from '@/di-symbols.js';
+import { GlobalModule } from '@/GlobalModule.js';
+import { MiRole, UserProfilesRepository, UsersRepository } from '@/models/_.js';
+import { MiUser } from '@/models/User.js';
+import { ServerModule } from '@/server/ServerModule.js';
+import { ServerService } from '@/server/ServerService.js';
+
+describe('/drive/files/create', () => {
+	let module: TestingModule;
+	let server: FastifyInstance;
+	const s3Mock = mockClient(S3Client);
+	let roleService: RoleService;
+
+	let root: MiUser;
+	let role_tinyAttachment: MiRole;
+
+	beforeAll(async () => {
+		module = await Test.createTestingModule({
+			imports: [GlobalModule, CoreModule, ServerModule],
+		}).compile();
+		module.enableShutdownHooks();
+
+		const serverService = module.get<ServerService>(ServerService);
+		server = await serverService.launch();
+
+		const usersRepository = module.get<UsersRepository>(DI.usersRepository);
+		root = await usersRepository.insert({
+			id: 'root',
+			username: 'root',
+			usernameLower: 'root',
+			token: '1234567890123456',
+		}).then(x => usersRepository.findOneByOrFail(x.identifiers[0]));
+
+		const userProfilesRepository = module.get<UserProfilesRepository>(DI.userProfilesRepository);
+		await userProfilesRepository.insert({
+			userId: root.id,
+		});
+
+		roleService = module.get<RoleService>(RoleService);
+		role_tinyAttachment = await roleService.create({
+			name: 'test-role001',
+			description: 'Test role001 description',
+			target: 'manual',
+			policies: {
+				maxFileSizeMb: {
+					useDefault: false,
+					priority: 1,
+					// 10byte
+					value: 10 / 1024 / 1024,
+				},
+			},
+		});
+	});
+
+	beforeEach(async () => {
+		s3Mock.reset();
+		await roleService.unassign(root.id, role_tinyAttachment.id).catch(() => {});
+	});
+
+	afterAll(async () => {
+		await server.close();
+		await module.close();
+	});
+
+	test('200 ok', async () => {
+		const result = await request(server.server)
+			.post('/api/drive/files/create')
+			.set('Content-Type', 'multipart/form-data')
+			.set('Authorization', `Bearer ${root.token}`)
+			.attach('file', Buffer.from('a'.repeat(1024 * 1024)));
+		expect(result.statusCode).toBe(200);
+	});
+
+	test('200 ok(with role)', async () => {
+		await roleService.assign(root.id, role_tinyAttachment.id);
+
+		const result = await request(server.server)
+			.post('/api/drive/files/create')
+			.set('Content-Type', 'multipart/form-data')
+			.set('Authorization', `Bearer ${root.token}`)
+			.attach('file', Buffer.from('a'.repeat(10)));
+		expect(result.statusCode).toBe(200);
+	});
+
+	test('413 too large', async () => {
+		await roleService.assign(root.id, role_tinyAttachment.id);
+
+		const result = await request(server.server)
+			.post('/api/drive/files/create')
+			.set('Content-Type', 'multipart/form-data')
+			.set('Authorization', `Bearer ${root.token}`)
+			.attach('file', Buffer.from('a'.repeat(11)));
+		expect(result.statusCode).toBe(413);
+		expect(result.body.error.code).toBe('FILE_SIZE_TOO_LARGE');
+	});
+});