@atproto/pds 0.3.9 → 0.3.10

package/dist/lexicon/index.d.ts

@@ -124,6 +124,7 @@ export declare const COM_ATPROTO_MODERATION: {
     DefsReasonSexual: string;
     DefsReasonRude: string;
     DefsReasonOther: string;
+    DefsReasonAppeal: string;
 };
 export declare const APP_BSKY_GRAPH: {
     DefsModlist: string;

package/dist/lexicon/lexicons.d.ts

@@ -177,9 +177,18 @@ export declare const schemaDict: {
                         type: string;
                         format: string;
                     };
+                    lastAppealedAt: {
+                        type: string;
+                        format: string;
+                        description: string;
+                    };
                     takendown: {
                         type: string;
                     };
+                    appealed: {
+                        type: string;
+                        description: string;
+                    };
                     suspendUntil: {
                         type: string;
                         format: string;
@@ -606,6 +615,16 @@ export declare const schemaDict: {
                     };
                 };
             };
+            modEventResolveAppeal: {
+                type: string;
+                description: string;
+                properties: {
+                    comment: {
+                        type: string;
+                        description: string;
+                    };
+                };
+            };
             modEventComment: {
                 type: string;
                 description: string;
@@ -705,6 +724,10 @@ export declare const schemaDict: {
                         type: string;
                         description: string;
                     };
+                    comment: {
+                        type: string;
+                        description: string;
+                    };
                 };
             };
         };
@@ -1214,6 +1237,10 @@ export declare const schemaDict: {
                             type: string;
                             description: string;
                         };
+                        appealed: {
+                            type: string;
+                            description: string;
+                        };
                         limit: {
                             type: string;
                             minimum: number;
@@ -1324,6 +1351,10 @@ export declare const schemaDict: {
                                 type: string;
                                 format: string;
                             };
+                            comment: {
+                                type: string;
+                                description: string;
+                            };
                         };
                     };
                 };
@@ -1777,6 +1808,10 @@ export declare const schemaDict: {
                 type: string;
                 description: string;
             };
+            reasonAppeal: {
+                type: string;
+                description: string;
+            };
         };
     };
     ComAtprotoRepoApplyWrites: {

package/dist/lexicon/types/com/atproto/admin/defs.d.ts

@@ -31,7 +31,7 @@ export declare function isModEventView(v: unknown): v is ModEventView;
 export declare function validateModEventView(v: unknown): ValidationResult;
 export interface ModEventViewDetail {
     id: number;
-    event: ModEventTakedown | ModEventReverseTakedown | ModEventComment | ModEventReport | ModEventLabel | ModEventAcknowledge | ModEventEscalate | ModEventMute | {
+    event: ModEventTakedown | ModEventReverseTakedown | ModEventComment | ModEventReport | ModEventLabel | ModEventAcknowledge | ModEventEscalate | ModEventMute | ModEventResolveAppeal | {
         $type: string;
         [k: string]: unknown;
     };
@@ -78,7 +78,9 @@ export interface SubjectStatusView {
     lastReviewedBy?: string;
     lastReviewedAt?: string;
     lastReportedAt?: string;
+    lastAppealedAt?: string;
     takendown?: boolean;
+    appealed?: boolean;
     suspendUntil?: string;
     [k: string]: unknown;
 }
@@ -254,6 +256,12 @@ export interface ModEventReverseTakedown {
 }
 export declare function isModEventReverseTakedown(v: unknown): v is ModEventReverseTakedown;
 export declare function validateModEventReverseTakedown(v: unknown): ValidationResult;
+export interface ModEventResolveAppeal {
+    comment?: string;
+    [k: string]: unknown;
+}
+export declare function isModEventResolveAppeal(v: unknown): v is ModEventResolveAppeal;
+export declare function validateModEventResolveAppeal(v: unknown): ValidationResult;
 export interface ModEventComment {
     comment: string;
     sticky?: boolean;
@@ -303,6 +311,7 @@ export declare function isModEventUnmute(v: unknown): v is ModEventUnmute;
 export declare function validateModEventUnmute(v: unknown): ValidationResult;
 export interface ModEventEmail {
     subjectLine: string;
+    comment?: string;
     [k: string]: unknown;
 }
 export declare function isModEventEmail(v: unknown): v is ModEventEmail;

package/dist/lexicon/types/com/atproto/admin/queryModerationStatuses.d.ts

@@ -15,6 +15,7 @@ export interface QueryParams {
     sortField: 'lastReviewedAt' | 'lastReportedAt';
     sortDirection: 'asc' | 'desc';
     takendown?: boolean;
+    appealed?: boolean;
     limit: number;
     cursor?: string;
 }

package/dist/lexicon/types/com/atproto/admin/sendEmail.d.ts

@@ -7,6 +7,7 @@ export interface InputSchema {
     content: string;
     subject?: string;
     senderDid: string;
+    comment?: string;
     [k: string]: unknown;
 }
 export interface OutputSchema {

package/dist/lexicon/types/com/atproto/moderation/defs.d.ts

@@ -1,7 +1,8 @@
-export declare type ReasonType = 'com.atproto.moderation.defs#reasonSpam' | 'com.atproto.moderation.defs#reasonViolation' | 'com.atproto.moderation.defs#reasonMisleading' | 'com.atproto.moderation.defs#reasonSexual' | 'com.atproto.moderation.defs#reasonRude' | 'com.atproto.moderation.defs#reasonOther' | (string & {});
+export declare type ReasonType = 'com.atproto.moderation.defs#reasonSpam' | 'com.atproto.moderation.defs#reasonViolation' | 'com.atproto.moderation.defs#reasonMisleading' | 'com.atproto.moderation.defs#reasonSexual' | 'com.atproto.moderation.defs#reasonRude' | 'com.atproto.moderation.defs#reasonOther' | 'com.atproto.moderation.defs#reasonAppeal' | (string & {});
 export declare const REASONSPAM = "com.atproto.moderation.defs#reasonSpam";
 export declare const REASONVIOLATION = "com.atproto.moderation.defs#reasonViolation";
 export declare const REASONMISLEADING = "com.atproto.moderation.defs#reasonMisleading";
 export declare const REASONSEXUAL = "com.atproto.moderation.defs#reasonSexual";
 export declare const REASONRUDE = "com.atproto.moderation.defs#reasonRude";
 export declare const REASONOTHER = "com.atproto.moderation.defs#reasonOther";
+export declare const REASONAPPEAL = "com.atproto.moderation.defs#reasonAppeal";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@atproto/pds",
-  "version": "0.3.9",
+  "version": "0.3.10",
   "license": "MIT",
   "description": "Reference implementation of atproto Personal Data Server (PDS)",
   "keywords": [
@@ -16,7 +16,7 @@
   "main": "dist/index.js",
   "bin": "dist/bin.js",
   "dependencies": {
-    "@did-plc/lib": "^0.0.1",
+    "@did-plc/lib": "^0.0.4",
     "better-sqlite3": "^7.6.2",
     "bytes": "^3.1.2",
     "compression": "^1.7.4",
@@ -44,7 +44,7 @@
     "typed-emitter": "^2.1.0",
     "uint8arrays": "3.0.0",
     "zod": "^3.21.4",
-    "@atproto/api": "^0.7.4",
+    "@atproto/api": "^0.8.0",
     "@atproto/aws": "^0.1.6",
     "@atproto/common": "^0.3.3",
     "@atproto/crypto": "^0.3.0",
@@ -68,9 +68,9 @@
     "axios": "^0.27.2",
     "get-port": "^6.1.2",
     "ws": "^8.12.0",
-    "@atproto/api": "^0.7.4",
-    "@atproto/bsky": "^0.0.21",
-    "@atproto/dev-env": "^0.2.21",
+    "@atproto/api": "^0.8.0",
+    "@atproto/bsky": "^0.0.22",
+    "@atproto/dev-env": "^0.2.22",
     "@atproto/lex-cli": "^0.2.5"
   },
   "scripts": {

package/src/api/com/atproto/admin/disableAccountInvites.ts

@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { account } = input.body

package/src/api/com/atproto/admin/disableInviteCodes.ts

@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { codes = [], accounts = [] } = input.body

package/src/api/com/atproto/admin/enableAccountInvites.ts

@@ -11,7 +11,7 @@ export default function (server: Server, ctx: AppContext) {
           'Account invites are managed by the entryway service',
         )
       }
-      if (!auth.credentials.admin) {
+      if (!auth.credentials.moderator) {
         throw new AuthRequiredError('Insufficient privileges')
       }
       const { account } = input.body

package/src/api/com/atproto/admin/sendEmail.ts

@@ -16,6 +16,7 @@ export default function (server: Server, ctx: AppContext) {
         recipientDid,
         senderDid,
         subject = 'Message from Bluesky moderator',
+        comment,
       } = input.body
       const account = await ctx.accountManager.getAccount(recipientDid)
       if (!account) {
@@ -44,6 +45,7 @@ export default function (server: Server, ctx: AppContext) {
           event: {
             $type: 'com.atproto.admin.defs#modEventEmail',
             subjectLine: subject,
+            comment,
           },
           subject: {
             $type: 'com.atproto.admin.defs#repoRef',

package/src/api/com/atproto/moderation/util.ts

@@ -10,6 +10,7 @@ import {
   REASONRUDE,
   REASONSEXUAL,
   REASONVIOLATION,
+  REASONAPPEAL,
 } from '../../../../lexicon/types/com/atproto/moderation/defs'
 import { parseCidParam } from '../../../../util/params'
 
@@ -49,4 +50,5 @@ const reasonTypes = new Set([
   REASONRUDE,
   REASONSEXUAL,
   REASONVIOLATION,
+  REASONAPPEAL,
 ])

package/src/api/com/atproto/server/createAccount.ts

@@ -2,12 +2,12 @@ import { DidDocument, MINUTE, check } from '@atproto/common'
 import { AtprotoData, ensureAtpDocument } from '@atproto/identity'
 import { InvalidRequestError } from '@atproto/xrpc-server'
 import { ExportableKeypair, Keypair, Secp256k1Keypair } from '@atproto/crypto'
+import * as plc from '@did-plc/lib'
 import disposable from 'disposable-email'
 import {
   baseNormalizeAndValidate,
   normalizeAndValidateHandle,
 } from '../../../../handle'
-import * as plc from '@did-plc/lib'
 import { Server } from '../../../../lexicon'
 import { InputSchema as CreateAccountInput } from '../../../../lexicon/types/com/atproto/server/createAccount'
 import AppContext from '../../../../context'
@@ -101,7 +101,12 @@ const validateInputsForEntrywayPds = async (
       'IncompatibleDidDoc',
     )
   }
-  await plc.assureValidOp(plcOp)
+  try {
+    await plc.assureValidOp(plcOp)
+    await plc.assureValidSig([plcRotationKey], plcOp)
+  } catch (err) {
+    throw new InvalidRequestError('invalid plc operation', 'IncompatibleDidDoc')
+  }
   const doc = plc.formatDidDoc({ did, ...plcOp })
   const data = ensureAtpDocument(doc)
 

package/src/lexicon/index.ts

@@ -135,6 +135,7 @@ export const COM_ATPROTO_MODERATION = {
   DefsReasonSexual: 'com.atproto.moderation.defs#reasonSexual',
   DefsReasonRude: 'com.atproto.moderation.defs#reasonRude',
   DefsReasonOther: 'com.atproto.moderation.defs#reasonOther',
+  DefsReasonAppeal: 'com.atproto.moderation.defs#reasonAppeal',
 }
 export const APP_BSKY_GRAPH = {
   DefsModlist: 'app.bsky.graph.defs#modlist',

package/src/lexicon/lexicons.ts

@@ -102,6 +102,7 @@ export const schemaDict = {
               'lex:com.atproto.admin.defs#modEventAcknowledge',
               'lex:com.atproto.admin.defs#modEventEscalate',
               'lex:com.atproto.admin.defs#modEventMute',
+              'lex:com.atproto.admin.defs#modEventResolveAppeal',
             ],
           },
           subject: {
@@ -237,9 +238,20 @@ export const schemaDict = {
             type: 'string',
             format: 'datetime',
           },
+          lastAppealedAt: {
+            type: 'string',
+            format: 'datetime',
+            description:
+              'Timestamp referencing when the author of the subject appealed a moderation action',
+          },
           takendown: {
             type: 'boolean',
           },
+          appealed: {
+            type: 'boolean',
+            description:
+              'True indicates that the a previously taken moderator action was appealed against, by the author of the content. False indicates last appeal was resolved by moderators.',
+          },
           suspendUntil: {
             type: 'string',
             format: 'datetime',
@@ -717,6 +729,16 @@ export const schemaDict = {
           },
         },
       },
+      modEventResolveAppeal: {
+        type: 'object',
+        description: 'Resolve appeal on a subject',
+        properties: {
+          comment: {
+            type: 'string',
+            description: 'Describe resolution.',
+          },
+        },
+      },
       modEventComment: {
         type: 'object',
         description: 'Add a comment to a subject',
@@ -816,6 +838,10 @@ export const schemaDict = {
             type: 'string',
             description: 'The subject line of the email sent to the user.',
           },
+          comment: {
+            type: 'string',
+            description: 'Additional comment about the outgoing comm.',
+          },
         },
       },
     },
@@ -1357,6 +1383,10 @@ export const schemaDict = {
               type: 'boolean',
               description: 'Get subjects that were taken down',
             },
+            appealed: {
+              type: 'boolean',
+              description: 'Get subjects in unresolved appealed status',
+            },
             limit: {
               type: 'integer',
               minimum: 1,
@@ -1467,6 +1497,11 @@ export const schemaDict = {
                 type: 'string',
                 format: 'did',
               },
+              comment: {
+                type: 'string',
+                description:
+                  "Additional comment by the sender that won't be used in the email itself but helpful to provide more context for moderators/reviewers",
+              },
             },
           },
         },
@@ -1937,6 +1972,7 @@ export const schemaDict = {
           'com.atproto.moderation.defs#reasonSexual',
           'com.atproto.moderation.defs#reasonRude',
           'com.atproto.moderation.defs#reasonOther',
+          'com.atproto.moderation.defs#reasonAppeal',
         ],
       },
       reasonSpam: {
@@ -1964,6 +2000,10 @@ export const schemaDict = {
         type: 'token',
         description: 'Other: reports not falling under another report category',
       },
+      reasonAppeal: {
+        type: 'token',
+        description: 'Appeal: appeal a previously taken moderation action',
+      },
     },
   },
   ComAtprotoRepoApplyWrites: {

package/src/lexicon/types/com/atproto/admin/defs.ts

@@ -76,6 +76,7 @@ export interface ModEventViewDetail {
     | ModEventAcknowledge
     | ModEventEscalate
     | ModEventMute
+    | ModEventResolveAppeal
     | { $type: string; [k: string]: unknown }
   subject:
     | RepoView
@@ -147,7 +148,11 @@ export interface SubjectStatusView {
   lastReviewedBy?: string
   lastReviewedAt?: string
   lastReportedAt?: string
+  /** Timestamp referencing when the author of the subject appealed a moderation action */
+  lastAppealedAt?: string
   takendown?: boolean
+  /** True indicates that the a previously taken moderator action was appealed against, by the author of the content. False indicates last appeal was resolved by moderators. */
+  appealed?: boolean
   suspendUntil?: string
   [k: string]: unknown
 }
@@ -538,6 +543,27 @@ export function validateModEventReverseTakedown(v: unknown): ValidationResult {
   return lexicons.validate('com.atproto.admin.defs#modEventReverseTakedown', v)
 }
 
+/** Resolve appeal on a subject */
+export interface ModEventResolveAppeal {
+  /** Describe resolution. */
+  comment?: string
+  [k: string]: unknown
+}
+
+export function isModEventResolveAppeal(
+  v: unknown,
+): v is ModEventResolveAppeal {
+  return (
+    isObj(v) &&
+    hasProp(v, '$type') &&
+    v.$type === 'com.atproto.admin.defs#modEventResolveAppeal'
+  )
+}
+
+export function validateModEventResolveAppeal(v: unknown): ValidationResult {
+  return lexicons.validate('com.atproto.admin.defs#modEventResolveAppeal', v)
+}
+
 /** Add a comment to a subject */
 export interface ModEventComment {
   comment: string
@@ -674,6 +700,8 @@ export function validateModEventUnmute(v: unknown): ValidationResult {
 export interface ModEventEmail {
   /** The subject line of the email sent to the user. */
   subjectLine: string
+  /** Additional comment about the outgoing comm. */
+  comment?: string
   [k: string]: unknown
 }
 

package/src/lexicon/types/com/atproto/admin/queryModerationStatuses.ts

@@ -32,6 +32,8 @@ export interface QueryParams {
   sortDirection: 'asc' | 'desc'
   /** Get subjects that were taken down */
   takendown?: boolean
+  /** Get subjects in unresolved appealed status */
+  appealed?: boolean
   limit: number
   cursor?: string
 }

package/src/lexicon/types/com/atproto/admin/sendEmail.ts

@@ -15,6 +15,8 @@ export interface InputSchema {
   content: string
   subject?: string
   senderDid: string
+  /** Additional comment by the sender that won't be used in the email itself but helpful to provide more context for moderators/reviewers */
+  comment?: string
   [k: string]: unknown
 }
 

package/src/lexicon/types/com/atproto/moderation/defs.ts

@@ -13,6 +13,7 @@ export type ReasonType =
   | 'com.atproto.moderation.defs#reasonSexual'
   | 'com.atproto.moderation.defs#reasonRude'
   | 'com.atproto.moderation.defs#reasonOther'
+  | 'com.atproto.moderation.defs#reasonAppeal'
   | (string & {})
 
 /** Spam: frequent unwanted promotion, replies, mentions */
@@ -27,3 +28,5 @@ export const REASONSEXUAL = 'com.atproto.moderation.defs#reasonSexual'
 export const REASONRUDE = 'com.atproto.moderation.defs#reasonRude'
 /** Other: reports not falling under another report category */
 export const REASONOTHER = 'com.atproto.moderation.defs#reasonOther'
+/** Appeal: appeal a previously taken moderation action */
+export const REASONAPPEAL = 'com.atproto.moderation.defs#reasonAppeal'

package/tests/entryway.test.ts

@@ -1,5 +1,6 @@
 import * as os from 'node:os'
 import * as path from 'node:path'
+import * as plcLib from '@did-plc/lib'
 import AtpAgent from '@atproto/api'
 import { Secp256k1Keypair, randomStr } from '@atproto/crypto'
 import { SeedClient, TestPds, TestPlc, mockResolvers } from '@atproto/dev-env'
@@ -131,6 +132,28 @@ describe('entryway', () => {
     expect(accountFromPds?.handle).toEqual('alice3.test')
     expect(accountFromEntryway?.handle).toEqual('alice3.test')
   })
+
+  it('does not allow bringing own op to account creation.', async () => {
+    const {
+      data: { signingKey },
+    } = await pdsAgent.api.com.atproto.server.reserveSigningKey({})
+    const rotationKey = await Secp256k1Keypair.create()
+    const plcCreate = await plcLib.createOp({
+      signingKey,
+      rotationKeys: [rotationKey.did(), entryway.ctx.plcRotationKey.did()],
+      handle: 'weirdalice.test',
+      pds: pds.ctx.cfg.service.publicUrl,
+      signer: rotationKey,
+    })
+    const tryCreateAccount = pdsAgent.api.com.atproto.server.createAccount(
+      { did: plcCreate.did, plcOp: plcCreate.op, handle: 'weirdalice.test' },
+      {
+        headers: SeedClient.getHeaders(accessToken),
+        encoding: 'application/json',
+      },
+    )
+    await expect(tryCreateAccount).rejects.toThrow('invalid plc operation')
+  })
 })
 
 const createEntryway = async (

package/tests/invites-admin.test.ts

@@ -177,13 +177,13 @@ describe('pds admin invite views', () => {
     expect(aliceView.data.invites?.length).toBe(6)
   })
 
-  it('does not allow non-admin moderators to disable invites.', async () => {
+  it('does not allow triage moderators to disable invites.', async () => {
     const attemptDisableInvites =
       agent.api.com.atproto.admin.disableInviteCodes(
         { codes: ['x'], accounts: [alice] },
         {
           encoding: 'application/json',
-          headers: network.pds.adminAuthHeaders('moderator'),
+          headers: network.pds.adminAuthHeaders('triage'),
         },
       )
     await expect(attemptDisableInvites).rejects.toThrow(
@@ -255,12 +255,12 @@ describe('pds admin invite views', () => {
     expect(res.every((row) => row.disabled === 1))
   })
 
-  it('does not allow non-admin moderations to disable account invites', async () => {
+  it('does not allow triage moderators to disable account invites', async () => {
     const attempt = agent.api.com.atproto.admin.disableAccountInvites(
       { account: alice },
       {
         encoding: 'application/json',
-        headers: network.pds.adminAuthHeaders('moderator'),
+        headers: network.pds.adminAuthHeaders('triage'),
       },
     )
     await expect(attempt).rejects.toThrow('Insufficient privileges')
@@ -285,12 +285,12 @@ describe('pds admin invite views', () => {
     expect(invRes.data.codes.length).toBeGreaterThan(0)
   })
 
-  it('does not allow non-admin moderations to enable account invites', async () => {
+  it('does not allow triage moderators to enable account invites', async () => {
     const attempt = agent.api.com.atproto.admin.enableAccountInvites(
       { account: alice },
       {
         encoding: 'application/json',
-        headers: network.pds.adminAuthHeaders('moderator'),
+        headers: network.pds.adminAuthHeaders('triage'),
       },
     )
     await expect(attempt).rejects.toThrow('Insufficient privileges')