From 616c405f0f54ec4ed5a586a0f25c3395543d6b2a Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 6 Jun 2024 14:14:59 -0500
Subject: [PATCH 01/32] Add an endpoint to request a NIP-05 name

---
 src/app.ts                   |  3 ++-
 src/controllers/api/ditto.ts | 23 +++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/app.ts b/src/app.ts
index bb1c5b6..4378445 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -30,7 +30,7 @@ import { adminAccountAction, adminAccountsController } from '@/controllers/api/a
 import { appCredentialsController, createAppController } from '@/controllers/api/apps.ts';
 import { blocksController } from '@/controllers/api/blocks.ts';
 import { bookmarksController } from '@/controllers/api/bookmarks.ts';
-import { adminRelaysController, adminSetRelaysController } from '@/controllers/api/ditto.ts';
+import { adminRelaysController, adminSetRelaysController, inviteRequestController } from '@/controllers/api/ditto.ts';
 import { emptyArrayController, emptyObjectController, notImplementedController } from '@/controllers/api/fallback.ts';
 import { instanceController } from '@/controllers/api/instance.ts';
 import { markersController, updateMarkersController } from '@/controllers/api/markers.ts';
@@ -239,6 +239,7 @@ app.delete('/api/v1/pleroma/admin/statuses/:id', requireRole('admin'), pleromaAd
 app.get('/api/v1/admin/ditto/relays', requireRole('admin'), adminRelaysController);
 app.put('/api/v1/admin/ditto/relays', requireRole('admin'), adminSetRelaysController);
 
+app.post('/api/v1/ditto/nip05', requireSigner, inviteRequestController);
 app.post('/api/v1/ditto/zap', requireSigner, zapController);
 
 app.post('/api/v1/reports', requireSigner, reportController);
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index df4f210..cf08cd3 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -5,6 +5,7 @@ import { AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
 import { Storages } from '@/storages.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
+import { createEvent } from '@/utils/api.ts';
 
 const markerSchema = z.enum(['read', 'write']);
 
@@ -58,3 +59,25 @@ function renderRelays(event: NostrEvent): RelayEntity[] {
     return acc;
   }, [] as RelayEntity[]);
 }
+
+const inviteRequestSchema = z.object({
+  nip05: z.string().email(),
+  reason: z.string().max(500).optional(),
+});
+
+export const inviteRequestController: AppController = async (c) => {
+  const { nip05, reason } = inviteRequestSchema.parse(await c.req.json());
+
+  await createEvent({
+    kind: 3036,
+    content: reason,
+    tags: [
+      ['r', nip05],
+      ['L', 'nip05.domain'],
+      ['l', nip05.split('@')[1], 'nip05.domain'],
+      ['p', Conf.pubkey],
+    ],
+  }, c);
+
+  return new Response('', { status: 204 });
+};

From ab2e9d8dd7ef126cc0c1d099d216966746ff3a60 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 6 Jun 2024 14:19:53 -0500
Subject: [PATCH 02/32] nostr.json: determine nip05 grant based on kind 30360
 events

---
 src/controllers/well-known/nostr.ts |  5 ++++-
 src/utils/nip05.ts                  | 11 +++++------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/controllers/well-known/nostr.ts b/src/controllers/well-known/nostr.ts
index 0669888..b6b7af0 100644
--- a/src/controllers/well-known/nostr.ts
+++ b/src/controllers/well-known/nostr.ts
@@ -10,9 +10,12 @@ const nameSchema = z.string().min(1).regex(/^\w+$/);
  * https://github.com/nostr-protocol/nips/blob/master/05.md
  */
 const nostrController: AppController = async (c) => {
+  const store = c.get('store');
+
   const result = nameSchema.safeParse(c.req.query('name'));
   const name = result.success ? result.data : undefined;
-  const pointer = name ? await localNip05Lookup(c.get('store'), name) : undefined;
+
+  const pointer = name ? await localNip05Lookup(store, name) : undefined;
 
   if (!name || !pointer) {
     return c.json({ names: {}, relays: {} });
diff --git a/src/utils/nip05.ts b/src/utils/nip05.ts
index 840ef6d..a579da6 100644
--- a/src/utils/nip05.ts
+++ b/src/utils/nip05.ts
@@ -45,16 +45,15 @@ const nip05Cache = new SimpleLRU<string, nip19.ProfilePointer>(
   { max: 500, ttl: Time.hours(1) },
 );
 
-async function localNip05Lookup(store: NStore, name: string): Promise<nip19.ProfilePointer | undefined> {
-  const [label] = await store.query([{
-    kinds: [1985],
+async function localNip05Lookup(store: NStore, localpart: string): Promise<nip19.ProfilePointer | undefined> {
+  const [grant] = await store.query([{
+    kinds: [30360],
+    '#d': [`${localpart}@${Conf.url.host}`],
     authors: [Conf.pubkey],
-    '#L': ['nip05'],
-    '#l': [`${name}@${Conf.url.host}`],
     limit: 1,
   }]);
 
-  const pubkey = label?.tags.find(([name]) => name === 'p')?.[1];
+  const pubkey = grant?.tags.find(([name]) => name === 'p')?.[1];
 
   if (pubkey) {
     return { pubkey, relays: [Conf.relay] };

From 179cafcc23fe2169cc0dcc5f19bc707aa4db20cd Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 6 Jun 2024 14:44:45 -0500
Subject: [PATCH 03/32] adminAccountsController: display users with a NIP-05
 grant, allow filtering "pending" users

---
 src/controllers/api/admin.ts | 48 +++++++++++++++++++++++++++---------
 src/interfaces/DittoEvent.ts |  1 -
 2 files changed, 37 insertions(+), 12 deletions(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index d7cd365..af03db5 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -1,13 +1,14 @@
+import { NostrEvent } from '@nostrify/nostrify';
 import { z } from 'zod';
 
 import { type AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
-import { DittoEvent } from '@/interfaces/DittoEvent.ts';
 import { booleanParamSchema } from '@/schema.ts';
 import { Storages } from '@/storages.ts';
 import { paginated, paginationSchema, parseBody, updateListAdminEvent } from '@/utils/api.ts';
 import { addTag } from '@/utils/tags.ts';
-import { renderAdminAccount } from '@/views/mastodon/admin-accounts.ts';
+import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
+import { hydrateEvents } from '@/storages/hydrate.ts';
 
 const adminAccountQuerySchema = z.object({
   local: booleanParamSchema.optional(),
@@ -36,25 +37,50 @@ const adminAccountsController: AppController = async (c) => {
   } = adminAccountQuerySchema.parse(c.req.query());
 
   // Not supported.
-  if (pending || disabled || silenced || suspended || sensitized) {
+  if (disabled || silenced || suspended || sensitized) {
     return c.json([]);
   }
 
   const store = await Storages.db();
-  const { since, until, limit } = paginationSchema.parse(c.req.query());
+  const params = paginationSchema.parse(c.req.query());
   const { signal } = c.req.raw;
 
-  const events = await store.query([{ kinds: [30361], authors: [Conf.pubkey], since, until, limit }], { signal });
-  const pubkeys = events.map((event) => event.tags.find(([name]) => name === 'd')?.[1]!);
-  const authors = await store.query([{ kinds: [0], authors: pubkeys }], { signal });
+  const pubkeys = new Set<string>();
+  const events: NostrEvent[] = [];
 
-  for (const event of events) {
-    const d = event.tags.find(([name]) => name === 'd')?.[1];
-    (event as DittoEvent).d_author = authors.find((author) => author.pubkey === d);
+  if (pending) {
+    for (const event of await store.query([{ kinds: [3036], ...params }], { signal })) {
+      pubkeys.add(event.pubkey);
+      events.push(event);
+    }
+  } else {
+    for (const event of await store.query([{ kinds: [30360], authors: [Conf.pubkey], ...params }], { signal })) {
+      const pubkey = event.tags.find(([name]) => name === 'd')?.[1];
+      if (pubkey) {
+        pubkeys.add(pubkey);
+        events.push(event);
+      }
+    }
   }
 
+  const authors = await store.query([{ kinds: [0], authors: [...pubkeys] }], { signal })
+    .then((events) => hydrateEvents({ store, events, signal }));
+
   const accounts = await Promise.all(
-    events.map((event) => renderAdminAccount(event)),
+    [...pubkeys].map(async (pubkey) => {
+      const author = authors.find((event) => event.pubkey === pubkey);
+      const account = author ? await renderAdminAccount(author) : await renderAdminAccountFromPubkey(pubkey);
+      const request = events.find((event) => event.kind === 3036 && event.pubkey === pubkey);
+      const grant = events.find(
+        (event) => event.kind === 30360 && event.tags.find(([name]) => name === 'd')?.[1] === pubkey,
+      );
+
+      return {
+        ...account,
+        invite_request: request ? request.content : null,
+        approved: !!grant,
+      };
+    }),
   );
 
   return paginated(c, events, accounts);
diff --git a/src/interfaces/DittoEvent.ts b/src/interfaces/DittoEvent.ts
index 6f3e1d2..fea8e1e 100644
--- a/src/interfaces/DittoEvent.ts
+++ b/src/interfaces/DittoEvent.ts
@@ -21,7 +21,6 @@ export interface DittoEvent extends NostrEvent {
   author_domain?: string;
   author_stats?: AuthorStats;
   event_stats?: EventStats;
-  d_author?: DittoEvent;
   user?: DittoEvent;
   repost?: DittoEvent;
   quote?: DittoEvent;

From 4f87287d4595e080ca5507270ec2e8bbe129acb0 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 6 Jun 2024 15:26:35 -0500
Subject: [PATCH 04/32] Add invite_request_username property to AdminAccount

---
 src/controllers/api/admin.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index af03db5..8fc8cf3 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -77,7 +77,8 @@ const adminAccountsController: AppController = async (c) => {
 
       return {
         ...account,
-        invite_request: request ? request.content : null,
+        invite_request: request?.content ?? null,
+        invite_request_username: request?.tags.find(([name]) => name === 'r')?.[1] ?? null,
         approved: !!grant,
       };
     }),

From a30e19b6b2c06bf598e713cb5510a3577899098e Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Thu, 6 Jun 2024 17:35:48 -0500
Subject: [PATCH 05/32] Fix nip05 endpoints

---
 src/controllers/api/admin.ts | 2 +-
 src/controllers/api/ditto.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index 8fc8cf3..8c55318 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -49,7 +49,7 @@ const adminAccountsController: AppController = async (c) => {
   const events: NostrEvent[] = [];
 
   if (pending) {
-    for (const event of await store.query([{ kinds: [3036], ...params }], { signal })) {
+    for (const event of await store.query([{ kinds: [3036], '#p': [Conf.pubkey], ...params }], { signal })) {
       pubkeys.add(event.pubkey);
       events.push(event);
     }
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index cf08cd3..e6f398d 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -79,5 +79,5 @@ export const inviteRequestController: AppController = async (c) => {
     ],
   }, c);
 
-  return new Response('', { status: 204 });
+  return new Response(null, { status: 204 });
 };

From fca7825bbfc50a32fb55a1c41185ce9913d807af Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Fri, 7 Jun 2024 22:11:17 -0500
Subject: [PATCH 06/32] EventsDB: replaceable deletions support

---
 deno.json                |  2 +-
 deno.lock                | 29 +++++++++++++++++++--
 src/storages/EventsDB.ts | 56 ++++++++++++++++++++++++++++++++++++----
 3 files changed, 79 insertions(+), 8 deletions(-)

diff --git a/deno.json b/deno.json
index 0b14069..b225c8e 100644
--- a/deno.json
+++ b/deno.json
@@ -22,7 +22,7 @@
     "@db/sqlite": "jsr:@db/sqlite@^0.11.1",
     "@isaacs/ttlcache": "npm:@isaacs/ttlcache@^1.4.1",
     "@noble/secp256k1": "npm:@noble/secp256k1@^2.0.0",
-    "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.22.5",
+    "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.23.0",
     "@scure/base": "npm:@scure/base@^1.1.6",
     "@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs",
     "@soapbox/kysely-deno-sqlite": "jsr:@soapbox/kysely-deno-sqlite@^2.1.0",
diff --git a/deno.lock b/deno.lock
index e502c76..d68a374 100644
--- a/deno.lock
+++ b/deno.lock
@@ -10,6 +10,7 @@
       "jsr:@nostrify/nostrify@^0.22.1": "jsr:@nostrify/nostrify@0.22.5",
       "jsr:@nostrify/nostrify@^0.22.4": "jsr:@nostrify/nostrify@0.22.4",
       "jsr:@nostrify/nostrify@^0.22.5": "jsr:@nostrify/nostrify@0.22.5",
+      "jsr:@nostrify/nostrify@^0.23.0": "jsr:@nostrify/nostrify@0.23.0",
       "jsr:@soapbox/kysely-deno-sqlite@^2.1.0": "jsr:@soapbox/kysely-deno-sqlite@2.2.0",
       "jsr:@soapbox/stickynotes@^0.4.0": "jsr:@soapbox/stickynotes@0.4.0",
       "jsr:@std/assert@^0.217.0": "jsr:@std/assert@0.217.0",
@@ -17,6 +18,7 @@
       "jsr:@std/assert@^0.224.0": "jsr:@std/assert@0.224.0",
       "jsr:@std/assert@^0.225.1": "jsr:@std/assert@0.225.3",
       "jsr:@std/bytes@^0.224.0": "jsr:@std/bytes@0.224.0",
+      "jsr:@std/bytes@^1.0.0-rc.3": "jsr:@std/bytes@1.0.0",
       "jsr:@std/crypto@^0.224.0": "jsr:@std/crypto@0.224.0",
       "jsr:@std/dotenv@^0.224.0": "jsr:@std/dotenv@0.224.0",
       "jsr:@std/encoding@^0.221.0": "jsr:@std/encoding@0.221.0",
@@ -25,7 +27,7 @@
       "jsr:@std/fmt@^0.221.0": "jsr:@std/fmt@0.221.0",
       "jsr:@std/fs@^0.221.0": "jsr:@std/fs@0.221.0",
       "jsr:@std/internal@^1.0.0": "jsr:@std/internal@1.0.0",
-      "jsr:@std/io@^0.224": "jsr:@std/io@0.224.0",
+      "jsr:@std/io@^0.224": "jsr:@std/io@0.224.1",
       "jsr:@std/media-types@^0.224.1": "jsr:@std/media-types@0.224.1",
       "jsr:@std/path@0.217": "jsr:@std/path@0.217.0",
       "jsr:@std/path@^0.221.0": "jsr:@std/path@0.221.0",
@@ -119,6 +121,20 @@
           "npm:zod@^3.23.8"
         ]
       },
+      "@nostrify/nostrify@0.23.0": {
+        "integrity": "8636c0322885707d6a7b342ef55f70debf399a1eb65b83abcce7972d69e30920",
+        "dependencies": [
+          "jsr:@std/encoding@^0.224.1",
+          "npm:@scure/base@^1.1.6",
+          "npm:@scure/bip32@^1.4.0",
+          "npm:@scure/bip39@^1.3.0",
+          "npm:kysely@^0.27.3",
+          "npm:lru-cache@^10.2.0",
+          "npm:nostr-tools@^2.7.0",
+          "npm:websocket-ts@^2.1.5",
+          "npm:zod@^3.23.8"
+        ]
+      },
       "@soapbox/kysely-deno-sqlite@2.2.0": {
         "integrity": "668ec94600bc4b4d7bd618dd7ca65d4ef30ee61c46ffcb379b6f45203c08517a",
         "dependencies": [
@@ -146,6 +162,9 @@
       "@std/bytes@0.224.0": {
         "integrity": "a2250e1d0eb7d1c5a426f21267ab9bdeac2447fa87a3d0d1a467d3f7a6058e49"
       },
+      "@std/bytes@1.0.0": {
+        "integrity": "9392e72af80adccaa1197912fa19990ed091cb98d5c9c4344b0c301b22d7c632"
+      },
       "@std/crypto@0.224.0": {
         "integrity": "154ef3ff08ef535562ef1a718718c5b2c5fc3808f0f9100daad69e829bfcdf2d",
         "dependencies": [
@@ -181,6 +200,12 @@
           "jsr:@std/bytes@^0.224.0"
         ]
       },
+      "@std/io@0.224.1": {
+        "integrity": "73de242551a5c0965eb33e36b1fc7df4834ffbc836a1a643a410ccd11253d6be",
+        "dependencies": [
+          "jsr:@std/bytes@^1.0.0-rc.3"
+        ]
+      },
       "@std/media-types@0.224.1": {
         "integrity": "9e69a5daed37c5b5c6d3ce4731dc191f80e67f79bed392b0957d1d03b87f11e1"
       },
@@ -1318,7 +1343,7 @@
     "dependencies": [
       "jsr:@bradenmacdonald/s3-lite-client@^0.7.4",
       "jsr:@db/sqlite@^0.11.1",
-      "jsr:@nostrify/nostrify@^0.22.5",
+      "jsr:@nostrify/nostrify@^0.23.0",
       "jsr:@soapbox/kysely-deno-sqlite@^2.1.0",
       "jsr:@soapbox/stickynotes@^0.4.0",
       "jsr:@std/assert@^0.225.1",
diff --git a/src/storages/EventsDB.ts b/src/storages/EventsDB.ts
index 20a0895..d55be2e 100644
--- a/src/storages/EventsDB.ts
+++ b/src/storages/EventsDB.ts
@@ -27,6 +27,7 @@ class EventsDB implements NStore {
 
   /** Conditions for when to index certain tags. */
   static tagConditions: Record<string, TagCondition> = {
+    'a': ({ count }) => count < 15,
     'd': ({ event, count }) => count === 0 && NKinds.parameterizedReplaceable(event.kind),
     'e': ({ event, count, value }) => ((event.kind === 10003) || count < 15) && isNostrId(value),
     'L': ({ event, count }) => event.kind === 1985 || count === 0,
@@ -77,17 +78,62 @@ class EventsDB implements NStore {
 
   /** Check if an event has been deleted by the admin. */
   private async isDeletedAdmin(event: NostrEvent): Promise<boolean> {
-    const [deletion] = await this.query([
+    const filters: NostrFilter[] = [
       { kinds: [5], authors: [Conf.pubkey], '#e': [event.id], limit: 1 },
-    ]);
-    return !!deletion;
+    ];
+
+    if (NKinds.replaceable(event.kind) || NKinds.parameterizedReplaceable(event.kind)) {
+      const d = event.tags.find(([tag]) => tag === 'd')?.[1] ?? '';
+
+      filters.push({
+        kinds: [5],
+        authors: [Conf.pubkey],
+        '#a': [`${event.kind}:${event.pubkey}:${d}`],
+        since: event.created_at,
+        limit: 1,
+      });
+    }
+
+    const events = await this.query(filters);
+    return events.length > 0;
   }
 
   /** The DITTO_NSEC can delete any event from the database. NDatabase already handles user deletions. */
   private async deleteEventsAdmin(event: NostrEvent): Promise<void> {
     if (event.kind === 5 && event.pubkey === Conf.pubkey) {
-      const ids = getTagSet(event.tags, 'e');
-      await this.remove([{ ids: [...ids] }]);
+      const ids = new Set(event.tags.filter(([name]) => name === 'e').map(([_name, value]) => value));
+      const addrs = new Set(event.tags.filter(([name]) => name === 'a').map(([_name, value]) => value));
+
+      const filters: NostrFilter[] = [];
+
+      if (ids.size) {
+        filters.push({ ids: [...ids] });
+      }
+
+      for (const addr of addrs) {
+        const [k, pubkey, d] = addr.split(':');
+        const kind = Number(k);
+
+        if (!(Number.isInteger(kind) && kind >= 0)) continue;
+        if (!isNostrId(pubkey)) continue;
+        if (d === undefined) continue;
+
+        const filter: NostrFilter = {
+          kinds: [kind],
+          authors: [pubkey],
+          until: event.created_at,
+        };
+
+        if (d) {
+          filter['#d'] = [d];
+        }
+
+        filters.push(filter);
+      }
+
+      if (filters.length) {
+        await this.remove(filters);
+      }
     }
   }
 

From b088276c5127bb2164ac13a26be5684ecb6e3e0f Mon Sep 17 00:00:00 2001
From: "P. Reis" <patrickpereirareal1@gmail.com>
Date: Sat, 8 Jun 2024 09:10:19 -0300
Subject: [PATCH 07/32] fix: remove unused variable

---
 src/storages/EventsDB.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/storages/EventsDB.ts b/src/storages/EventsDB.ts
index d55be2e..5366178 100644
--- a/src/storages/EventsDB.ts
+++ b/src/storages/EventsDB.ts
@@ -11,7 +11,6 @@ import { RelayError } from '@/RelayError.ts';
 import { purifyEvent } from '@/storages/hydrate.ts';
 import { isNostrId, isURL } from '@/utils.ts';
 import { abortError } from '@/utils/abort.ts';
-import { getTagSet } from '@/utils/tags.ts';
 
 /** Function to decide whether or not to index a tag. */
 type TagCondition = ({ event, count, value }: {

From 7d54a5c7d08b3716a4f546ed0ddd871591946eb9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 11:13:15 -0500
Subject: [PATCH 08/32] Kind 30361 -> 30382

---
 docs/events.md                     | 40 ----------------
 fixtures/events/event-30361.json   | 15 ------
 scripts/admin-role.ts              | 42 +++++++++++++----
 src/controllers/api/admin.ts       |  2 +-
 src/db/users.ts                    | 75 ------------------------------
 src/middleware/auth98Middleware.ts | 23 ++++-----
 src/storages/EventsDB.ts           |  2 -
 src/storages/hydrate.ts            |  4 +-
 src/views/mastodon/accounts.ts     |  8 ++--
 9 files changed, 52 insertions(+), 159 deletions(-)
 delete mode 100644 docs/events.md
 delete mode 100644 fixtures/events/event-30361.json
 delete mode 100644 src/db/users.ts

diff --git a/docs/events.md b/docs/events.md
deleted file mode 100644
index 1674239..0000000
--- a/docs/events.md
+++ /dev/null
@@ -1,40 +0,0 @@
-# Ditto custom events
-
-Instead of using database tables, the Ditto server publishes Nostr events that describe its state. It then reads these events using Nostr filters.
-
-## Ditto User (kind 30361)
-
-The Ditto server publishes kind `30361` events to represent users. These events are parameterized replaceable events of kind `30361` where the `d` tag is a pubkey. These events are published by Ditto's internal admin keypair.
-
-User events have the following tags:
-
-- `d` - pubkey of the user.
-- `role` - one of `admin` or `user`.
-
-Example:
-
-```json
-{
-  "id": "d6ae2f320ae163612bf28080e7c6e55b228ee39bfa04ad50baab2e51022d4d59",
-  "kind": 30361,
-  "pubkey": "4cfc6ceb07bbe2f5e75f746f3e6f0eda53973e0374cd6bdbce7a930e10437e06",
-  "content": "",
-  "created_at": 1691568245,
-  "tags": [
-    ["d", "79c2cae114ea28a981e7559b4fe7854a473521a8d22a66bbab9fa248eb820ff6"],
-    ["role", "user"],
-    ["alt", "User's account was updated by the admins of ditto.ngrok.app"]
-  ],
-  "sig": "fc12db77b1c8f8aa86c73b617f0cd4af1e6ba244239eaf3164a292de6d39363f32d6b817ffff796ace7a103d75e1d8e6a0fb7f618819b32d81a953b4a75d7507"
-}
-```
-
-## NIP-78
-
-[NIP-78](https://github.com/nostr-protocol/nips/blob/master/78.md) defines events of kind `30078` with a globally unique `d` tag. These events are queried by the `d` tag, which allows Ditto to store custom data on relays. Ditto uses reverse DNS names like `pub.ditto.<thing>` for `d` tags.
-
-The sections below describe the `content` field. Some are encrypted and some are not, depending on whether the data should be public. Also, some events are user events, and some are admin events.
-
-### `pub.ditto.pleroma.config`
-
-NIP-04 encrypted JSON array of Pleroma ConfigDB objects. Pleroma admin API endpoints set this config, and Ditto reads from it.
diff --git a/fixtures/events/event-30361.json b/fixtures/events/event-30361.json
deleted file mode 100644
index 5844000..0000000
--- a/fixtures/events/event-30361.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-  "id": "d6ae2f320ae163612bf28080e7c6e55b228ee39bfa04ad50baab2e51022d4d59",
-  "kind": 30361,
-  "pubkey": "4cfc6ceb07bbe2f5e75f746f3e6f0eda53973e0374cd6bdbce7a930e10437e06",
-  "content": "",
-  "created_at": 1691568245,
-  "tags": [
-    ["d", "79c2cae114ea28a981e7559b4fe7854a473521a8d22a66bbab9fa248eb820ff6"],
-    ["name", "alex"],
-    ["role", "user"],
-    ["origin", "https://ditto.ngrok.app"],
-    ["alt", "@alex@ditto.ngrok.app's account was updated by the admins of ditto.ngrok.app"]
-  ],
-  "sig": "fc12db77b1c8f8aa86c73b617f0cd4af1e6ba244239eaf3164a292de6d39363f32d6b817ffff796ace7a103d75e1d8e6a0fb7f618819b32d81a953b4a75d7507"
-}
\ No newline at end of file
diff --git a/scripts/admin-role.ts b/scripts/admin-role.ts
index 6e7bfc6..305b593 100644
--- a/scripts/admin-role.ts
+++ b/scripts/admin-role.ts
@@ -1,7 +1,6 @@
 import { NSchema } from '@nostrify/nostrify';
 
 import { DittoDB } from '@/db/DittoDB.ts';
-import { Conf } from '@/config.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { EventsDB } from '@/storages/EventsDB.ts';
 import { nostrNow } from '@/utils.ts';
@@ -21,14 +20,39 @@ if (!['admin', 'user'].includes(role)) {
   Deno.exit(1);
 }
 
-const event = await new AdminSigner().signEvent({
-  kind: 30361,
-  tags: [
-    ['d', pubkey],
-    ['role', role],
-    // NIP-31: https://github.com/nostr-protocol/nips/blob/master/31.md
-    ['alt', `User's account was updated by the admins of ${Conf.url.host}`],
-  ],
+const signer = new AdminSigner();
+const admin = await signer.getPublicKey();
+
+const [existing] = await eventsDB.query([{
+  kinds: [30382],
+  authors: [admin],
+  '#d': [pubkey],
+  limit: 1,
+}]);
+
+const prevTags = (existing?.tags ?? []).filter(([name, value]) => {
+  if (name === 'd') {
+    return false;
+  }
+  if (name === 'n' && value === 'admin') {
+    return false;
+  }
+  return true;
+});
+
+const tags: string[][] = [
+  ['d', pubkey],
+];
+
+if (role === 'admin') {
+  tags.push(['n', 'admin']);
+}
+
+tags.push(...prevTags);
+
+const event = await signer.signEvent({
+  kind: 30382,
+  tags,
   content: '',
   created_at: nostrNow(),
 });
diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index d7cd365..ae2221f 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -44,7 +44,7 @@ const adminAccountsController: AppController = async (c) => {
   const { since, until, limit } = paginationSchema.parse(c.req.query());
   const { signal } = c.req.raw;
 
-  const events = await store.query([{ kinds: [30361], authors: [Conf.pubkey], since, until, limit }], { signal });
+  const events = await store.query([{ kinds: [30382], authors: [Conf.pubkey], since, until, limit }], { signal });
   const pubkeys = events.map((event) => event.tags.find(([name]) => name === 'd')?.[1]!);
   const authors = await store.query([{ kinds: [0], authors: pubkeys }], { signal });
 
diff --git a/src/db/users.ts b/src/db/users.ts
deleted file mode 100644
index bf0cab7..0000000
--- a/src/db/users.ts
+++ /dev/null
@@ -1,75 +0,0 @@
-import { NostrFilter } from '@nostrify/nostrify';
-import Debug from '@soapbox/stickynotes/debug';
-
-import { Conf } from '@/config.ts';
-import * as pipeline from '@/pipeline.ts';
-import { AdminSigner } from '@/signers/AdminSigner.ts';
-import { Storages } from '@/storages.ts';
-
-const debug = Debug('ditto:users');
-
-interface User {
-  pubkey: string;
-  inserted_at: Date;
-  admin: boolean;
-}
-
-function buildUserEvent(user: User) {
-  const { origin, host } = Conf.url;
-  const signer = new AdminSigner();
-
-  return signer.signEvent({
-    kind: 30361,
-    tags: [
-      ['d', user.pubkey],
-      ['role', user.admin ? 'admin' : 'user'],
-      ['origin', origin],
-      // NIP-31: https://github.com/nostr-protocol/nips/blob/master/31.md
-      ['alt', `User's account was updated by the admins of ${host}`],
-    ],
-    content: '',
-    created_at: Math.floor(user.inserted_at.getTime() / 1000),
-  });
-}
-
-/** Adds a user to the database. */
-async function insertUser(user: User) {
-  debug('insertUser', JSON.stringify(user));
-  const event = await buildUserEvent(user);
-  return pipeline.handleEvent(event, AbortSignal.timeout(1000));
-}
-
-/**
- * Finds a single user based on one or more properties.
- *
- * ```ts
- * await findUser({ username: 'alex' });
- * ```
- */
-async function findUser(user: Partial<User>, signal?: AbortSignal): Promise<User | undefined> {
-  const filter: NostrFilter = { kinds: [30361], authors: [Conf.pubkey], limit: 1 };
-
-  for (const [key, value] of Object.entries(user)) {
-    switch (key) {
-      case 'pubkey':
-        filter['#d'] = [String(value)];
-        break;
-      case 'admin':
-        filter['#role'] = [value ? 'admin' : 'user'];
-        break;
-    }
-  }
-
-  const store = await Storages.db();
-  const [event] = await store.query([filter], { signal });
-
-  if (event) {
-    return {
-      pubkey: event.tags.find(([name]) => name === 'd')?.[1]!,
-      inserted_at: new Date(event.created_at * 1000),
-      admin: event.tags.find(([name]) => name === 'role')?.[1] === 'admin',
-    };
-  }
-}
-
-export { buildUserEvent, findUser, insertUser, type User };
diff --git a/src/middleware/auth98Middleware.ts b/src/middleware/auth98Middleware.ts
index 34d6937..05b0681 100644
--- a/src/middleware/auth98Middleware.ts
+++ b/src/middleware/auth98Middleware.ts
@@ -2,8 +2,8 @@ import { NostrEvent } from '@nostrify/nostrify';
 import { HTTPException } from 'hono';
 
 import { type AppContext, type AppMiddleware } from '@/app.ts';
-import { findUser, User } from '@/db/users.ts';
 import { ReadOnlySigner } from '@/signers/ReadOnlySigner.ts';
+import { Storages } from '@/storages.ts';
 import { localRequest } from '@/utils/api.ts';
 import {
   buildAuthEventTemplate,
@@ -11,6 +11,7 @@ import {
   type ParseAuthRequestOpts,
   validateAuthEvent,
 } from '@/utils/nip98.ts';
+import { Conf } from '@/config.ts';
 
 /**
  * NIP-98 auth.
@@ -35,7 +36,14 @@ type UserRole = 'user' | 'admin';
 /** Require the user to prove their role before invoking the controller. */
 function requireRole(role: UserRole, opts?: ParseAuthRequestOpts): AppMiddleware {
   return withProof(async (_c, proof, next) => {
-    const user = await findUser({ pubkey: proof.pubkey });
+    const store = await Storages.db();
+
+    const [user] = await store.query([{
+      kinds: [30382],
+      authors: [Conf.pubkey],
+      '#d': [proof.pubkey],
+      limit: 1,
+    }]);
 
     if (user && matchesRole(user, role)) {
       await next();
@@ -53,15 +61,8 @@ function requireProof(opts?: ParseAuthRequestOpts): AppMiddleware {
 }
 
 /** Check whether the user fulfills the role. */
-function matchesRole(user: User, role: UserRole): boolean {
-  switch (role) {
-    case 'user':
-      return true;
-    case 'admin':
-      return user.admin;
-    default:
-      return false;
-  }
+function matchesRole(user: NostrEvent, role: UserRole): boolean {
+  return user.tags.some(([tag, value]) => tag === 'n' && value === role);
 }
 
 /** HOC to obtain proof in middleware. */
diff --git a/src/storages/EventsDB.ts b/src/storages/EventsDB.ts
index 5366178..8dcee6c 100644
--- a/src/storages/EventsDB.ts
+++ b/src/storages/EventsDB.ts
@@ -39,8 +39,6 @@ class EventsDB implements NStore {
     'q': ({ event, count, value }) => count === 0 && event.kind === 1 && isNostrId(value),
     'r': ({ event, count, value }) => (event.kind === 1985 ? count < 20 : count < 3) && isURL(value),
     't': ({ event, count, value }) => (event.kind === 1985 ? count < 20 : count < 5) && value.length < 50,
-    'name': ({ event, count }) => event.kind === 30361 && count === 0,
-    'role': ({ event, count }) => event.kind === 30361 && count === 0,
   };
 
   constructor(private kysely: Kysely<DittoTables>) {
diff --git a/src/storages/hydrate.ts b/src/storages/hydrate.ts
index d80c2f4..ded03d4 100644
--- a/src/storages/hydrate.ts
+++ b/src/storages/hydrate.ts
@@ -82,7 +82,7 @@ export function assembleEvents(
 
   for (const event of a) {
     event.author = b.find((e) => matchFilter({ kinds: [0], authors: [event.pubkey] }, e));
-    event.user = b.find((e) => matchFilter({ kinds: [30361], authors: [admin], '#d': [event.pubkey] }, e));
+    event.user = b.find((e) => matchFilter({ kinds: [30382], authors: [admin], '#d': [event.pubkey] }, e));
 
     if (event.kind === 1) {
       const id = findQuoteTag(event.tags)?.[1] || findQuoteInContent(event.content);
@@ -201,7 +201,7 @@ function gatherUsers({ events, store, signal }: HydrateOpts): Promise<DittoEvent
   const pubkeys = new Set(events.map((event) => event.pubkey));
 
   return store.query(
-    [{ kinds: [30361], authors: [Conf.pubkey], '#d': [...pubkeys], limit: pubkeys.size }],
+    [{ kinds: [30382], authors: [Conf.pubkey], '#d': [...pubkeys], limit: pubkeys.size }],
     { signal },
   );
 }
diff --git a/src/views/mastodon/accounts.ts b/src/views/mastodon/accounts.ts
index 918d03b..b226915 100644
--- a/src/views/mastodon/accounts.ts
+++ b/src/views/mastodon/accounts.ts
@@ -6,6 +6,7 @@ import { Conf } from '@/config.ts';
 import { type DittoEvent } from '@/interfaces/DittoEvent.ts';
 import { getLnurl } from '@/utils/lnurl.ts';
 import { nip05Cache } from '@/utils/nip05.ts';
+import { getTagSet } from '@/utils/tags.ts';
 import { Nip05, nostrDate, nostrNow, parseNip05 } from '@/utils.ts';
 import { renderEmojis } from '@/views/mastodon/emojis.ts';
 
@@ -33,7 +34,7 @@ async function renderAccount(
 
   const npub = nip19.npubEncode(pubkey);
   const parsed05 = await parseAndVerifyNip05(nip05, pubkey);
-  const role = event.user?.tags.find(([name]) => name === 'role')?.[1] ?? 'user';
+  const roles = getTagSet(event.tags, 'n');
 
   return {
     id: pubkey,
@@ -74,11 +75,10 @@ async function renderAccount(
     username: parsed05?.nickname || npub.substring(0, 8),
     ditto: {
       accepts_zaps: Boolean(getLnurl({ lud06, lud16 })),
-      is_registered: Boolean(event.user),
     },
     pleroma: {
-      is_admin: role === 'admin',
-      is_moderator: ['admin', 'moderator'].includes(role),
+      is_admin: roles.has('admin'),
+      is_moderator: roles.has('admin') || roles.has('moderator'),
       is_local: parsed05?.domain === Conf.url.host,
       settings_store: undefined as unknown,
     },

From b9922f96a0fa7a69c4748b906467366ba49b6c04 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 12:17:06 -0500
Subject: [PATCH 09/32] adminActionController: mark "n" tags on the user

---
 src/app.ts                   |  4 ++--
 src/controllers/api/admin.ts | 28 +++++++++++++++++-----------
 src/utils/api.ts             | 31 +++++++++++++++++++++++++++++++
 3 files changed, 50 insertions(+), 13 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index bb1c5b6..771b887 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -26,7 +26,7 @@ import {
   updateCredentialsController,
   verifyCredentialsController,
 } from '@/controllers/api/accounts.ts';
-import { adminAccountAction, adminAccountsController } from '@/controllers/api/admin.ts';
+import { adminAccountsController, adminActionController } from '@/controllers/api/admin.ts';
 import { appCredentialsController, createAppController } from '@/controllers/api/apps.ts';
 import { blocksController } from '@/controllers/api/blocks.ts';
 import { bookmarksController } from '@/controllers/api/bookmarks.ts';
@@ -251,7 +251,7 @@ app.post(
   adminReportResolveController,
 );
 
-app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requireRole('admin'), adminAccountAction);
+app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requireRole('admin'), adminActionController);
 
 // Not (yet) implemented.
 app.get('/api/v1/custom_emojis', emptyArrayController);
diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index ae2221f..1b5794c 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -5,8 +5,7 @@ import { Conf } from '@/config.ts';
 import { DittoEvent } from '@/interfaces/DittoEvent.ts';
 import { booleanParamSchema } from '@/schema.ts';
 import { Storages } from '@/storages.ts';
-import { paginated, paginationSchema, parseBody, updateListAdminEvent } from '@/utils/api.ts';
-import { addTag } from '@/utils/tags.ts';
+import { paginated, paginationSchema, parseBody, updateUser } from '@/utils/api.ts';
 import { renderAdminAccount } from '@/views/mastodon/admin-accounts.ts';
 
 const adminAccountQuerySchema = z.object({
@@ -64,7 +63,7 @@ const adminAccountActionSchema = z.object({
   type: z.enum(['none', 'sensitive', 'disable', 'silence', 'suspend']),
 });
 
-const adminAccountAction: AppController = async (c) => {
+const adminActionController: AppController = async (c) => {
   const body = await parseBody(c.req.raw);
   const result = adminAccountActionSchema.safeParse(body);
   const authorId = c.req.param('id');
@@ -75,17 +74,24 @@ const adminAccountAction: AppController = async (c) => {
 
   const { data } = result;
 
-  if (data.type !== 'disable') {
-    return c.json({ error: 'Record invalid' }, 422);
+  const n: Record<string, boolean> = {};
+
+  if (data.type === 'sensitive') {
+    n.sensitive = true;
+  }
+  if (data.type === 'disable') {
+    n.disable = true;
+  }
+  if (data.type === 'silence') {
+    n.silence = true;
+  }
+  if (data.type === 'suspend') {
+    n.suspend = true;
   }
 
-  await updateListAdminEvent(
-    { kinds: [10000], authors: [Conf.pubkey], limit: 1 },
-    (tags) => addTag(tags, ['p', authorId]),
-    c,
-  );
+  await updateUser(authorId, n, c);
 
   return c.json({}, 200);
 };
 
-export { adminAccountAction, adminAccountsController };
+export { adminAccountsController, adminActionController };
diff --git a/src/utils/api.ts b/src/utils/api.ts
index 3cc8b7d..8010615 100644
--- a/src/utils/api.ts
+++ b/src/utils/api.ts
@@ -107,6 +107,36 @@ async function updateAdminEvent<E extends EventStub>(
   return createAdminEvent(fn(prev), c);
 }
 
+async function updateUser(pubkey: string, n: Record<string, boolean>, c: AppContext): Promise<NostrEvent> {
+  const signer = new AdminSigner();
+  const admin = await signer.getPublicKey();
+
+  return updateAdminEvent(
+    { kinds: [30382], authors: [admin], '#d': [pubkey], limit: 1 },
+    (prev) => {
+      const prevNames = prev?.tags.reduce((acc, [name, value]) => {
+        if (name === 'n') acc[value] = true;
+        return acc;
+      }, {} as Record<string, boolean>);
+
+      const names = { ...prevNames, ...n };
+      const nTags = Object.entries(names).filter(([, value]) => value).map(([name]) => ['n', name]);
+      const other = prev?.tags.filter(([name]) => !['d', 'n'].includes(name)) ?? [];
+
+      return {
+        kind: 30382,
+        content: prev?.content,
+        tags: [
+          ['d', pubkey],
+          ...nTags,
+          ...other,
+        ],
+      };
+    },
+    c,
+  );
+}
+
 /** Push the event through the pipeline, rethrowing any RelayError. */
 async function publishEvent(event: NostrEvent, c: AppContext): Promise<NostrEvent> {
   debug('EVENT', event);
@@ -267,4 +297,5 @@ export {
   updateEvent,
   updateListAdminEvent,
   updateListEvent,
+  updateUser,
 };

From a30cdec79b00d0feb7327022d6a1034e3a2a396c Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 12:22:00 -0500
Subject: [PATCH 10/32] pipeline: ensure event doesn't already exist in DB

---
 src/pipeline.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/pipeline.ts b/src/pipeline.ts
index 3255aa7..c85cc0b 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -35,6 +35,7 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
   }
   if (!(await verifyEventWorker(event))) return;
   if (encounterEvent(event)) return;
+  if (await existsInDB(event)) return;
   debug(`NostrEvent<${event.kind}> ${event.id}`);
 
   if (event.kind !== 24133) {
@@ -84,6 +85,13 @@ function encounterEvent(event: NostrEvent): boolean {
   return encountered;
 }
 
+/** Check if the event already exists in the database. */
+async function existsInDB(event: DittoEvent): Promise<boolean> {
+  const store = await Storages.db();
+  const events = await store.query([{ ids: [event.id], limit: 1 }]);
+  return events.length > 0;
+}
+
 /** Hydrate the event with the user, if applicable. */
 async function hydrateEvent(event: DittoEvent, signal: AbortSignal): Promise<void> {
   await hydrateEvents({ events: [event], store: await Storages.db(), signal });

From e5fadafc7aa9a445c08e50429d04501d82ec4d1a Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 12:58:59 -0500
Subject: [PATCH 11/32] Create AdminStore to filter out banned users

---
 src/pipeline.ts            | 19 +++++++++---------
 src/storages.ts            |  8 ++++----
 src/storages/AdminStore.ts | 40 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 54 insertions(+), 13 deletions(-)
 create mode 100644 src/storages/AdminStore.ts

diff --git a/src/pipeline.ts b/src/pipeline.ts
index c85cc0b..f59a1eb 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -1,14 +1,11 @@
 import { NKinds, NostrEvent, NSchema as n } from '@nostrify/nostrify';
-import { PipePolicy } from '@nostrify/nostrify/policies';
 import Debug from '@soapbox/stickynotes/debug';
 import { sql } from 'kysely';
 import { LRUCache } from 'lru-cache';
 
-import { Conf } from '@/config.ts';
 import { DittoDB } from '@/db/DittoDB.ts';
 import { deleteAttachedMedia } from '@/db/unattached-media.ts';
 import { DittoEvent } from '@/interfaces/DittoEvent.ts';
-import { MuteListPolicy } from '@/policies/MuteListPolicy.ts';
 import { RelayError } from '@/RelayError.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
 import { Storages } from '@/storages.ts';
@@ -44,6 +41,15 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
 
   await hydrateEvent(event, signal);
 
+  const n = getTagSet(event.user?.tags ?? [], 'n');
+
+  if (n.has('disable')) {
+    throw new RelayError('blocked', 'user is disabled');
+  }
+  if (n.has('suspend')) {
+    throw new RelayError('blocked', 'user is suspended');
+  }
+
   await Promise.all([
     storeEvent(event, signal),
     parseMetadata(event, signal),
@@ -55,13 +61,8 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
 async function policyFilter(event: NostrEvent): Promise<void> {
   const debug = Debug('ditto:policy');
 
-  const policy = new PipePolicy([
-    new MuteListPolicy(Conf.pubkey, await Storages.admin()),
-    policyWorker,
-  ]);
-
   try {
-    const result = await policy.call(event);
+    const result = await policyWorker.call(event);
     debug(JSON.stringify(result));
     RelayError.assert(result);
   } catch (e) {
diff --git a/src/storages.ts b/src/storages.ts
index f8f206d..4aaca1c 100644
--- a/src/storages.ts
+++ b/src/storages.ts
@@ -3,15 +3,15 @@ import { RelayPoolWorker } from 'nostr-relaypool';
 
 import { Conf } from '@/config.ts';
 import { DittoDB } from '@/db/DittoDB.ts';
+import { AdminStore } from '@/storages/AdminStore.ts';
 import { EventsDB } from '@/storages/EventsDB.ts';
 import { PoolStore } from '@/storages/pool-store.ts';
 import { SearchStore } from '@/storages/search-store.ts';
 import { InternalRelay } from '@/storages/InternalRelay.ts';
-import { UserStore } from '@/storages/UserStore.ts';
 
 export class Storages {
   private static _db: Promise<EventsDB> | undefined;
-  private static _admin: Promise<UserStore> | undefined;
+  private static _admin: Promise<AdminStore> | undefined;
   private static _client: Promise<PoolStore> | undefined;
   private static _pubsub: Promise<InternalRelay> | undefined;
   private static _search: Promise<SearchStore> | undefined;
@@ -28,9 +28,9 @@ export class Storages {
   }
 
   /** Admin user storage. */
-  public static async admin(): Promise<UserStore> {
+  public static async admin(): Promise<AdminStore> {
     if (!this._admin) {
-      this._admin = Promise.resolve(new UserStore(Conf.pubkey, await this.db()));
+      this._admin = Promise.resolve(new AdminStore(await this.db()));
     }
     return this._admin;
   }
diff --git a/src/storages/AdminStore.ts b/src/storages/AdminStore.ts
new file mode 100644
index 0000000..6285a14
--- /dev/null
+++ b/src/storages/AdminStore.ts
@@ -0,0 +1,40 @@
+import { NostrEvent, NostrFilter, NStore } from '@nostrify/nostrify';
+
+import { Conf } from '@/config.ts';
+import { DittoEvent } from '@/interfaces/DittoEvent.ts';
+import { getTagSet } from '@/utils/tags.ts';
+
+/** A store that prevents banned users from being displayed. */
+export class AdminStore implements NStore {
+  constructor(private store: NStore) {}
+
+  async event(event: NostrEvent, opts?: { signal?: AbortSignal }): Promise<void> {
+    return await this.store.event(event, opts);
+  }
+
+  async query(filters: NostrFilter[], opts: { signal?: AbortSignal; limit?: number } = {}): Promise<DittoEvent[]> {
+    const events = await this.store.query(filters, opts);
+
+    const users = await this.store.query([{
+      kinds: [30382],
+      authors: [Conf.pubkey],
+      '#d': events.map((event) => event.pubkey),
+      limit: 1,
+    }]);
+
+    return events.filter((event) => {
+      const user = users.find(
+        ({ kind, pubkey, tags }) =>
+          kind === 30382 && pubkey === Conf.pubkey && tags.find(([name]) => name === 'd')?.[1] === event.pubkey,
+      );
+
+      const n = getTagSet(user?.tags ?? [], 'n');
+
+      if (n.has('disable') || n.has('suspend')) {
+        return false;
+      }
+
+      return true;
+    });
+  }
+}

From 284ae9aab7e479626a0db8abfacba99cdedf7267 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 13:14:07 -0500
Subject: [PATCH 12/32] renderAccount: fix display of roles

---
 src/views/mastodon/accounts.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/views/mastodon/accounts.ts b/src/views/mastodon/accounts.ts
index b226915..5c7b776 100644
--- a/src/views/mastodon/accounts.ts
+++ b/src/views/mastodon/accounts.ts
@@ -34,7 +34,7 @@ async function renderAccount(
 
   const npub = nip19.npubEncode(pubkey);
   const parsed05 = await parseAndVerifyNip05(nip05, pubkey);
-  const roles = getTagSet(event.tags, 'n');
+  const roles = getTagSet(event.user?.tags ?? [], 'n');
 
   return {
     id: pubkey,

From d2238e80f9e12f9890a629ed1770a2b3cb804af7 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 13:44:57 -0500
Subject: [PATCH 13/32] Support Pleroma admin tags

---
 src/app.ts                     |  5 +++
 src/controllers/api/pleroma.ts | 71 +++++++++++++++++++++++++++++++++-
 src/utils/api.ts               |  5 ++-
 src/views/mastodon/accounts.ts |  1 +
 4 files changed, 79 insertions(+), 3 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 771b887..2657a28 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -42,6 +42,8 @@ import {
   configController,
   frontendConfigController,
   pleromaAdminDeleteStatusController,
+  pleromaAdminTagController,
+  pleromaAdminUntagController,
   updateConfigController,
 } from '@/controllers/api/pleroma.ts';
 import { preferencesController } from '@/controllers/api/preferences.ts';
@@ -253,6 +255,9 @@ app.post(
 
 app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requireRole('admin'), adminActionController);
 
+app.put('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminTagController);
+app.delete('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminUntagController);
+
 // Not (yet) implemented.
 app.get('/api/v1/custom_emojis', emptyArrayController);
 app.get('/api/v1/filters', emptyArrayController);
diff --git a/src/controllers/api/pleroma.ts b/src/controllers/api/pleroma.ts
index 31b4fc5..57b77cf 100644
--- a/src/controllers/api/pleroma.ts
+++ b/src/controllers/api/pleroma.ts
@@ -6,7 +6,8 @@ import { Conf } from '@/config.ts';
 import { configSchema, elixirTupleSchema, type PleromaConfig } from '@/schemas/pleroma-api.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { Storages } from '@/storages.ts';
-import { createAdminEvent } from '@/utils/api.ts';
+import { createAdminEvent, updateAdminEvent } from '@/utils/api.ts';
+import { lookupPubkey } from '@/utils/lookup.ts';
 
 const frontendConfigController: AppController = async (c) => {
   const store = await Storages.db();
@@ -87,4 +88,70 @@ async function getConfigs(store: NStore, signal: AbortSignal): Promise<PleromaCo
   }
 }
 
-export { configController, frontendConfigController, pleromaAdminDeleteStatusController, updateConfigController };
+const pleromaAdminTagsSchema = z.object({
+  nicknames: z.string().array(),
+  tags: z.string().array(),
+});
+
+const pleromaAdminTagController: AppController = async (c) => {
+  const params = pleromaAdminTagsSchema.parse(await c.req.json());
+
+  for (const nickname of params.nicknames) {
+    const pubkey = await lookupPubkey(nickname);
+    if (!pubkey) continue;
+
+    await updateAdminEvent(
+      { kinds: [30382], authors: [Conf.pubkey], '#d': [pubkey], limit: 1 },
+      (prev) => {
+        const tags = prev?.tags ?? [['d', pubkey]];
+
+        for (const tag of params.tags) {
+          const existing = prev?.tags.some(([name, value]) => name === 't' && value === tag);
+          if (!existing) {
+            tags.push(['t', tag]);
+          }
+        }
+
+        return {
+          kind: 30382,
+          content: prev?.content ?? '',
+          tags,
+        };
+      },
+      c,
+    );
+  }
+
+  return new Response(null, { status: 204 });
+};
+
+const pleromaAdminUntagController: AppController = async (c) => {
+  const params = pleromaAdminTagsSchema.parse(await c.req.json());
+
+  for (const nickname of params.nicknames) {
+    const pubkey = await lookupPubkey(nickname);
+    if (!pubkey) continue;
+
+    await updateAdminEvent(
+      { kinds: [30382], authors: [Conf.pubkey], '#d': [pubkey], limit: 1 },
+      (prev) => ({
+        kind: 30382,
+        content: prev?.content ?? '',
+        tags: (prev?.tags ?? [['d', pubkey]])
+          .filter(([name, value]) => !(name === 't' && params.tags.includes(value))),
+      }),
+      c,
+    );
+  }
+
+  return new Response(null, { status: 204 });
+};
+
+export {
+  configController,
+  frontendConfigController,
+  pleromaAdminDeleteStatusController,
+  pleromaAdminTagController,
+  pleromaAdminUntagController,
+  updateConfigController,
+};
diff --git a/src/utils/api.ts b/src/utils/api.ts
index 8010615..fdbfbfd 100644
--- a/src/utils/api.ts
+++ b/src/utils/api.ts
@@ -73,6 +73,8 @@ function updateListEvent(
 async function createAdminEvent(t: EventStub, c: AppContext): Promise<NostrEvent> {
   const signer = new AdminSigner();
 
+  console.log(t);
+
   const event = await signer.signEvent({
     content: '',
     created_at: nostrNow(),
@@ -125,7 +127,7 @@ async function updateUser(pubkey: string, n: Record<string, boolean>, c: AppCont
 
       return {
         kind: 30382,
-        content: prev?.content,
+        content: prev?.content ?? '',
         tags: [
           ['d', pubkey],
           ...nTags,
@@ -294,6 +296,7 @@ export {
   type PaginationParams,
   paginationSchema,
   parseBody,
+  updateAdminEvent,
   updateEvent,
   updateListAdminEvent,
   updateListEvent,
diff --git a/src/views/mastodon/accounts.ts b/src/views/mastodon/accounts.ts
index 5c7b776..3974c3c 100644
--- a/src/views/mastodon/accounts.ts
+++ b/src/views/mastodon/accounts.ts
@@ -81,6 +81,7 @@ async function renderAccount(
       is_moderator: roles.has('admin') || roles.has('moderator'),
       is_local: parsed05?.domain === Conf.url.host,
       settings_store: undefined as unknown,
+      tags: [...getTagSet(event.user?.tags ?? [], 't')],
     },
     nostr: {
       pubkey,

From d2df7522c4184c94ba3fa28c01bcc74a9156ae01 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 13:57:50 -0500
Subject: [PATCH 14/32] Add Pleroma suggest/unsuggest endpoints

---
 src/app.ts                     |  4 ++++
 src/controllers/api/pleroma.ts | 38 ++++++++++++++++++++++++++++++----
 src/views/mastodon/accounts.ts |  7 ++++---
 3 files changed, 42 insertions(+), 7 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 2657a28..f9ea03a 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -42,7 +42,9 @@ import {
   configController,
   frontendConfigController,
   pleromaAdminDeleteStatusController,
+  pleromaAdminSuggestController,
   pleromaAdminTagController,
+  pleromaAdminUnsuggestController,
   pleromaAdminUntagController,
   updateConfigController,
 } from '@/controllers/api/pleroma.ts';
@@ -257,6 +259,8 @@ app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requi
 
 app.put('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminTagController);
 app.delete('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminUntagController);
+app.patch('/api/v1/pleroma/admin/users/suggest', requireRole('admin'), pleromaAdminSuggestController);
+app.patch('/api/v1/pleroma/admin/users/unsuggest', requireRole('admin'), pleromaAdminUnsuggestController);
 
 // Not (yet) implemented.
 app.get('/api/v1/custom_emojis', emptyArrayController);
diff --git a/src/controllers/api/pleroma.ts b/src/controllers/api/pleroma.ts
index 57b77cf..f428ce9 100644
--- a/src/controllers/api/pleroma.ts
+++ b/src/controllers/api/pleroma.ts
@@ -6,7 +6,7 @@ import { Conf } from '@/config.ts';
 import { configSchema, elixirTupleSchema, type PleromaConfig } from '@/schemas/pleroma-api.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { Storages } from '@/storages.ts';
-import { createAdminEvent, updateAdminEvent } from '@/utils/api.ts';
+import { createAdminEvent, updateAdminEvent, updateUser } from '@/utils/api.ts';
 import { lookupPubkey } from '@/utils/lookup.ts';
 
 const frontendConfigController: AppController = async (c) => {
@@ -88,13 +88,13 @@ async function getConfigs(store: NStore, signal: AbortSignal): Promise<PleromaCo
   }
 }
 
-const pleromaAdminTagsSchema = z.object({
+const pleromaAdminTagSchema = z.object({
   nicknames: z.string().array(),
   tags: z.string().array(),
 });
 
 const pleromaAdminTagController: AppController = async (c) => {
-  const params = pleromaAdminTagsSchema.parse(await c.req.json());
+  const params = pleromaAdminTagSchema.parse(await c.req.json());
 
   for (const nickname of params.nicknames) {
     const pubkey = await lookupPubkey(nickname);
@@ -126,7 +126,7 @@ const pleromaAdminTagController: AppController = async (c) => {
 };
 
 const pleromaAdminUntagController: AppController = async (c) => {
-  const params = pleromaAdminTagsSchema.parse(await c.req.json());
+  const params = pleromaAdminTagSchema.parse(await c.req.json());
 
   for (const nickname of params.nicknames) {
     const pubkey = await lookupPubkey(nickname);
@@ -147,11 +147,41 @@ const pleromaAdminUntagController: AppController = async (c) => {
   return new Response(null, { status: 204 });
 };
 
+const pleromaAdminSuggestSchema = z.object({
+  nicknames: z.string().array(),
+});
+
+const pleromaAdminSuggestController: AppController = async (c) => {
+  const { nicknames } = pleromaAdminSuggestSchema.parse(await c.req.json());
+
+  for (const nickname of nicknames) {
+    const pubkey = await lookupPubkey(nickname);
+    if (!pubkey) continue;
+    await updateUser(pubkey, { suggest: true }, c);
+  }
+
+  return new Response(null, { status: 204 });
+};
+
+const pleromaAdminUnsuggestController: AppController = async (c) => {
+  const { nicknames } = pleromaAdminSuggestSchema.parse(await c.req.json());
+
+  for (const nickname of nicknames) {
+    const pubkey = await lookupPubkey(nickname);
+    if (!pubkey) continue;
+    await updateUser(pubkey, { suggest: false }, c);
+  }
+
+  return new Response(null, { status: 204 });
+};
+
 export {
   configController,
   frontendConfigController,
   pleromaAdminDeleteStatusController,
+  pleromaAdminSuggestController,
   pleromaAdminTagController,
+  pleromaAdminUnsuggestController,
   pleromaAdminUntagController,
   updateConfigController,
 };
diff --git a/src/views/mastodon/accounts.ts b/src/views/mastodon/accounts.ts
index 3974c3c..9f2f052 100644
--- a/src/views/mastodon/accounts.ts
+++ b/src/views/mastodon/accounts.ts
@@ -34,7 +34,7 @@ async function renderAccount(
 
   const npub = nip19.npubEncode(pubkey);
   const parsed05 = await parseAndVerifyNip05(nip05, pubkey);
-  const roles = getTagSet(event.user?.tags ?? [], 'n');
+  const names = getTagSet(event.user?.tags ?? [], 'n');
 
   return {
     id: pubkey,
@@ -77,8 +77,9 @@ async function renderAccount(
       accepts_zaps: Boolean(getLnurl({ lud06, lud16 })),
     },
     pleroma: {
-      is_admin: roles.has('admin'),
-      is_moderator: roles.has('admin') || roles.has('moderator'),
+      is_admin: names.has('admin'),
+      is_moderator: names.has('admin') || names.has('moderator'),
+      is_suggested: names.has('suggest'),
       is_local: parsed05?.domain === Conf.url.host,
       settings_store: undefined as unknown,
       tags: [...getTagSet(event.user?.tags ?? [], 't')],

From 9c24bac0ca7448f3bdad8931171c41c4816d5251 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 14:07:14 -0500
Subject: [PATCH 15/32] Pull suggested profiles from kind 30382 events

---
 src/controllers/api/suggestions.ts | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/controllers/api/suggestions.ts b/src/controllers/api/suggestions.ts
index b56851a..c31ffc0 100644
--- a/src/controllers/api/suggestions.ts
+++ b/src/controllers/api/suggestions.ts
@@ -31,7 +31,7 @@ async function renderV2Suggestions(c: AppContext, params: PaginatedListParams, s
   const pubkey = await signer?.getPublicKey();
 
   const filters: NostrFilter[] = [
-    { kinds: [3], authors: [Conf.pubkey], limit: 1 },
+    { kinds: [30382], authors: [Conf.pubkey], '#n': ['suggest'], limit },
     { kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [Conf.pubkey], limit: 1 },
   ];
 
@@ -42,8 +42,8 @@ async function renderV2Suggestions(c: AppContext, params: PaginatedListParams, s
 
   const events = await store.query(filters, { signal });
 
-  const [suggestedEvent, followsEvent, mutesEvent, trendingEvent] = [
-    events.find((event) => matchFilter({ kinds: [3], authors: [Conf.pubkey] }, event)),
+  const [userEvents, followsEvent, mutesEvent, trendingEvent] = [
+    events.filter((event) => matchFilter({ kinds: [30382], authors: [Conf.pubkey], '#n': ['suggest'] }, event)),
     pubkey ? events.find((event) => matchFilter({ kinds: [3], authors: [pubkey] }, event)) : undefined,
     pubkey ? events.find((event) => matchFilter({ kinds: [10000], authors: [pubkey] }, event)) : undefined,
     events.find((event) =>
@@ -51,8 +51,13 @@ async function renderV2Suggestions(c: AppContext, params: PaginatedListParams, s
     ),
   ];
 
-  const [suggested, trending, follows, mutes] = [
-    getTagSet(suggestedEvent?.tags ?? [], 'p'),
+  const suggested = new Set(
+    userEvents
+      .map((event) => event.tags.find(([name]) => name === 'd')?.[1])
+      .filter((pubkey): pubkey is string => !!pubkey),
+  );
+
+  const [trending, follows, mutes] = [
     getTagSet(trendingEvent?.tags ?? [], 'p'),
     getTagSet(followsEvent?.tags ?? [], 'p'),
     getTagSet(mutesEvent?.tags ?? [], 'p'),

From ca57d1be105bb5ec61bfae14b0e2d128959a23f3 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 14:28:39 -0500
Subject: [PATCH 16/32] Remove stray console.log

---
 src/utils/api.ts | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/utils/api.ts b/src/utils/api.ts
index fdbfbfd..a9390b5 100644
--- a/src/utils/api.ts
+++ b/src/utils/api.ts
@@ -73,8 +73,6 @@ function updateListEvent(
 async function createAdminEvent(t: EventStub, c: AppContext): Promise<NostrEvent> {
   const signer = new AdminSigner();
 
-  console.log(t);
-
   const event = await signer.signEvent({
     content: '',
     created_at: nostrNow(),

From a2d865d6ccea412c27fae5c543dc8aa8ea62ad9c Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 17:54:39 -0500
Subject: [PATCH 17/32] Generate an internal event for each report and invite
 request

---
 src/pipeline.ts | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/src/pipeline.ts b/src/pipeline.ts
index f59a1eb..7cdaa60 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -3,10 +3,12 @@ import Debug from '@soapbox/stickynotes/debug';
 import { sql } from 'kysely';
 import { LRUCache } from 'lru-cache';
 
+import { Conf } from '@/config.ts';
 import { DittoDB } from '@/db/DittoDB.ts';
 import { deleteAttachedMedia } from '@/db/unattached-media.ts';
 import { DittoEvent } from '@/interfaces/DittoEvent.ts';
 import { RelayError } from '@/RelayError.ts';
+import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
 import { Storages } from '@/storages.ts';
 import { eventAge, parseNip05, Time } from '@/utils.ts';
@@ -53,6 +55,7 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
   await Promise.all([
     storeEvent(event, signal),
     parseMetadata(event, signal),
+    generateSetEvents(event),
     processMedia(event),
     streamOut(event),
   ]);
@@ -176,4 +179,46 @@ async function streamOut(event: NostrEvent): Promise<void> {
   }
 }
 
+async function generateSetEvents(event: NostrEvent): Promise<void> {
+  const tagsAdmin = event.tags.some(([name, value]) => ['p', 'P'].includes(name) && value === Conf.pubkey);
+
+  if (event.kind === 1984 && tagsAdmin) {
+    const signer = new AdminSigner();
+
+    const rel = await signer.signEvent({
+      kind: 30383,
+      content: '',
+      tags: [
+        ['d', event.id],
+        ['p', event.pubkey],
+        ['k', '1984'],
+        ['n', 'open'],
+        ...[...getTagSet(event.tags, 'p')].map((pubkey) => ['P', pubkey]),
+        ...[...getTagSet(event.tags, 'e')].map((pubkey) => ['e', pubkey]),
+      ],
+      created_at: Math.floor(Date.now() / 1000),
+    });
+
+    await handleEvent(rel, AbortSignal.timeout(1000));
+  }
+
+  if (event.kind === 3036 && tagsAdmin) {
+    const signer = new AdminSigner();
+
+    const rel = await signer.signEvent({
+      kind: 30383,
+      content: '',
+      tags: [
+        ['d', event.id],
+        ['p', event.pubkey],
+        ['k', '3036'],
+        ['n', 'open'],
+      ],
+      created_at: Math.floor(Date.now() / 1000),
+    });
+
+    await handleEvent(rel, AbortSignal.timeout(1000));
+  }
+}
+
 export { handleEvent };

From a14515bbe010eee99e601c7fa9c7a6749feb85fa Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 19:48:56 -0500
Subject: [PATCH 18/32] Rework reports with event sets

---
 src/controllers/api/reports.ts | 80 ++++++++++++++++++++++++++--------
 src/storages/EventsDB.ts       |  2 +-
 src/utils/api.ts               | 17 ++++++--
 3 files changed, 75 insertions(+), 24 deletions(-)

diff --git a/src/controllers/api/reports.ts b/src/controllers/api/reports.ts
index 9cb2627..2092b8a 100644
--- a/src/controllers/api/reports.ts
+++ b/src/controllers/api/reports.ts
@@ -1,12 +1,14 @@
-import { NSchema as n } from '@nostrify/nostrify';
+import { NostrFilter, NSchema as n } from '@nostrify/nostrify';
 import { z } from 'zod';
 
 import { type AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
-import { createAdminEvent, createEvent, parseBody } from '@/utils/api.ts';
+import { createEvent, paginationSchema, parseBody, updateEventInfo } from '@/utils/api.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
 import { renderAdminReport } from '@/views/mastodon/reports.ts';
 import { renderReport } from '@/views/mastodon/reports.ts';
+import { getTagSet } from '@/utils/tags.ts';
+import { booleanParamSchema } from '@/schema.ts';
 
 const reportSchema = z.object({
   account_id: n.id(),
@@ -52,18 +54,60 @@ const reportController: AppController = async (c) => {
   return c.json(await renderReport(event));
 };
 
+const adminReportsSchema = z.object({
+  resolved: booleanParamSchema.optional(),
+  account_id: n.id().optional(),
+  target_account_id: n.id().optional(),
+});
+
 /** https://docs.joinmastodon.org/methods/admin/reports/#get */
 const adminReportsController: AppController = async (c) => {
   const store = c.get('store');
   const viewerPubkey = await c.get('signer')?.getPublicKey();
 
-  const reports = await store.query([{ kinds: [1984], '#P': [Conf.pubkey] }])
-    .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }))
-    .then((events) =>
-      Promise.all(
-        events.map((event) => renderAdminReport(event, { viewerPubkey })),
-      )
-    );
+  const params = paginationSchema.parse(c.req.query());
+  const { resolved, account_id, target_account_id } = adminReportsSchema.parse(c.req.query());
+
+  const filter: NostrFilter = {
+    kinds: [30383],
+    authors: [Conf.pubkey],
+    ...params,
+  };
+
+  if (typeof resolved === 'boolean') {
+    filter['#n'] = [resolved ? 'closed' : 'open'];
+  }
+  if (account_id) {
+    filter['#p'] = [account_id];
+  }
+  if (target_account_id) {
+    filter['#P'] = [target_account_id];
+  }
+
+  const orig = await store.query([filter]);
+  const ids = new Set<string>();
+
+  for (const event of orig) {
+    const d = event.tags.find(([name]) => name === 'd')?.[1];
+    if (d) {
+      ids.add(d);
+    }
+  }
+
+  const events = await store.query([{ kinds: [1984], ids: [...ids] }])
+    .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }));
+
+  const reports = await Promise.all(
+    events.map((event) => {
+      const internal = orig.find(({ tags }) => tags.some(([name, value]) => name === 'd' && value === event.id));
+      const names = getTagSet(internal?.tags ?? [], 'n');
+
+      return renderAdminReport(event, {
+        viewerPubkey,
+        actionTaken: names.has('closed'),
+      });
+    }),
+  );
 
   return c.json(reports);
 };
@@ -82,12 +126,13 @@ const adminReportController: AppController = async (c) => {
   }], { signal });
 
   if (!event) {
-    return c.json({ error: 'This action is not allowed' }, 403);
+    return c.json({ error: 'Not found' }, 404);
   }
 
   await hydrateEvents({ events: [event], store, signal });
 
-  return c.json(await renderAdminReport(event, { viewerPubkey: pubkey }));
+  const report = await renderAdminReport(event, { viewerPubkey: pubkey });
+  return c.json(report);
 };
 
 /** https://docs.joinmastodon.org/methods/admin/reports/#resolve */
@@ -104,18 +149,15 @@ const adminReportResolveController: AppController = async (c) => {
   }], { signal });
 
   if (!event) {
-    return c.json({ error: 'This action is not allowed' }, 403);
+    return c.json({ error: 'Not found' }, 404);
   }
 
+  await updateEventInfo(eventId, { open: false, closed: true }, c);
+
   await hydrateEvents({ events: [event], store, signal });
 
-  await createAdminEvent({
-    kind: 5,
-    tags: [['e', event.id]],
-    content: 'Report closed.',
-  }, c);
-
-  return c.json(await renderAdminReport(event, { viewerPubkey: pubkey, actionTaken: true }));
+  const report = await renderAdminReport(event, { viewerPubkey: pubkey, actionTaken: true });
+  return c.json(report);
 };
 
 export { adminReportController, adminReportResolveController, adminReportsController, reportController };
diff --git a/src/storages/EventsDB.ts b/src/storages/EventsDB.ts
index 8dcee6c..6a94954 100644
--- a/src/storages/EventsDB.ts
+++ b/src/storages/EventsDB.ts
@@ -29,9 +29,9 @@ class EventsDB implements NStore {
     'a': ({ count }) => count < 15,
     'd': ({ event, count }) => count === 0 && NKinds.parameterizedReplaceable(event.kind),
     'e': ({ event, count, value }) => ((event.kind === 10003) || count < 15) && isNostrId(value),
+    'k': ({ count, value }) => count === 0 && Number.isInteger(Number(value)),
     'L': ({ event, count }) => event.kind === 1985 || count === 0,
     'l': ({ event, count }) => event.kind === 1985 || count === 0,
-    'media': ({ count, value }) => (count < 4) && isURL(value),
     'n': ({ count, value }) => count < 50 && value.length < 50,
     'P': ({ count, value }) => count === 0 && isNostrId(value),
     'p': ({ event, count, value }) => (count < 15 || event.kind === 3) && isNostrId(value),
diff --git a/src/utils/api.ts b/src/utils/api.ts
index a9390b5..1fa397b 100644
--- a/src/utils/api.ts
+++ b/src/utils/api.ts
@@ -107,12 +107,20 @@ async function updateAdminEvent<E extends EventStub>(
   return createAdminEvent(fn(prev), c);
 }
 
-async function updateUser(pubkey: string, n: Record<string, boolean>, c: AppContext): Promise<NostrEvent> {
+function updateUser(pubkey: string, n: Record<string, boolean>, c: AppContext): Promise<NostrEvent> {
+  return updateNames(30382, pubkey, n, c);
+}
+
+function updateEventInfo(id: string, n: Record<string, boolean>, c: AppContext): Promise<NostrEvent> {
+  return updateNames(30383, id, n, c);
+}
+
+async function updateNames(k: number, d: string, n: Record<string, boolean>, c: AppContext): Promise<NostrEvent> {
   const signer = new AdminSigner();
   const admin = await signer.getPublicKey();
 
   return updateAdminEvent(
-    { kinds: [30382], authors: [admin], '#d': [pubkey], limit: 1 },
+    { kinds: [k], authors: [admin], '#d': [d], limit: 1 },
     (prev) => {
       const prevNames = prev?.tags.reduce((acc, [name, value]) => {
         if (name === 'n') acc[value] = true;
@@ -124,10 +132,10 @@ async function updateUser(pubkey: string, n: Record<string, boolean>, c: AppCont
       const other = prev?.tags.filter(([name]) => !['d', 'n'].includes(name)) ?? [];
 
       return {
-        kind: 30382,
+        kind: k,
         content: prev?.content ?? '',
         tags: [
-          ['d', pubkey],
+          ['d', d],
           ...nTags,
           ...other,
         ],
@@ -296,6 +304,7 @@ export {
   parseBody,
   updateAdminEvent,
   updateEvent,
+  updateEventInfo,
   updateListAdminEvent,
   updateListEvent,
   updateUser,

From bd6424acf53ef73d14205ef4bdd1356818ffb3bf Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sat, 8 Jun 2024 22:16:34 -0500
Subject: [PATCH 19/32] Add preliminary nameRequestsController

---
 src/app.ts                   |  4 ++--
 src/controllers/api/ditto.ts | 29 ++++++++++++++++++-----
 src/interfaces/DittoEvent.ts |  2 ++
 src/pipeline.ts              |  2 +-
 src/storages/hydrate.ts      | 46 ++++++++++++++++++++++++++++--------
 src/views/ditto.ts           | 25 ++++++++++++++++++++
 6 files changed, 89 insertions(+), 19 deletions(-)
 create mode 100644 src/views/ditto.ts

diff --git a/src/app.ts b/src/app.ts
index 198dc7f..19641d4 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -30,7 +30,7 @@ import { adminAccountsController, adminActionController } from '@/controllers/ap
 import { appCredentialsController, createAppController } from '@/controllers/api/apps.ts';
 import { blocksController } from '@/controllers/api/blocks.ts';
 import { bookmarksController } from '@/controllers/api/bookmarks.ts';
-import { adminRelaysController, adminSetRelaysController, inviteRequestController } from '@/controllers/api/ditto.ts';
+import { adminRelaysController, adminSetRelaysController, nameRequestController } from '@/controllers/api/ditto.ts';
 import { emptyArrayController, emptyObjectController, notImplementedController } from '@/controllers/api/fallback.ts';
 import { instanceController } from '@/controllers/api/instance.ts';
 import { markersController, updateMarkersController } from '@/controllers/api/markers.ts';
@@ -243,7 +243,7 @@ app.delete('/api/v1/pleroma/admin/statuses/:id', requireRole('admin'), pleromaAd
 app.get('/api/v1/admin/ditto/relays', requireRole('admin'), adminRelaysController);
 app.put('/api/v1/admin/ditto/relays', requireRole('admin'), adminSetRelaysController);
 
-app.post('/api/v1/ditto/nip05', requireSigner, inviteRequestController);
+app.post('/api/v1/ditto/names', requireSigner, nameRequestController);
 app.post('/api/v1/ditto/zap', requireSigner, zapController);
 
 app.post('/api/v1/reports', requireSigner, reportController);
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index e6f398d..4cf2cd4 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -3,9 +3,11 @@ import { z } from 'zod';
 
 import { AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
-import { Storages } from '@/storages.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
+import { Storages } from '@/storages.ts';
+import { hydrateEvents } from '@/storages/hydrate.ts';
 import { createEvent } from '@/utils/api.ts';
+import { renderNameRequest } from '@/views/ditto.ts';
 
 const markerSchema = z.enum(['read', 'write']);
 
@@ -60,15 +62,15 @@ function renderRelays(event: NostrEvent): RelayEntity[] {
   }, [] as RelayEntity[]);
 }
 
-const inviteRequestSchema = z.object({
+const nameRequestSchema = z.object({
   nip05: z.string().email(),
   reason: z.string().max(500).optional(),
 });
 
-export const inviteRequestController: AppController = async (c) => {
-  const { nip05, reason } = inviteRequestSchema.parse(await c.req.json());
+export const nameRequestController: AppController = async (c) => {
+  const { nip05, reason } = nameRequestSchema.parse(await c.req.json());
 
-  await createEvent({
+  const event = await createEvent({
     kind: 3036,
     content: reason,
     tags: [
@@ -79,5 +81,20 @@ export const inviteRequestController: AppController = async (c) => {
     ],
   }, c);
 
-  return new Response(null, { status: 204 });
+  await hydrateEvents({ events: [event], store: await Storages.db() });
+
+  const nameRequest = await renderNameRequest(event);
+  return c.json(nameRequest);
+};
+
+export const nameRequestsController: AppController = async (c) => {
+  const store = await Storages.db();
+  const signer = c.get('signer')!;
+  const pubkey = await signer.getPublicKey();
+
+  const events = await store.query([{ kinds: [3036], authors: [pubkey], limit: 20 }])
+    .then((events) => hydrateEvents({ events, store }));
+
+  const nameRequests = await Promise.all(events.map(renderNameRequest));
+  return c.json(nameRequests);
 };
diff --git a/src/interfaces/DittoEvent.ts b/src/interfaces/DittoEvent.ts
index fea8e1e..85e11d6 100644
--- a/src/interfaces/DittoEvent.ts
+++ b/src/interfaces/DittoEvent.ts
@@ -34,4 +34,6 @@ export interface DittoEvent extends NostrEvent {
    * https://github.com/nostr-protocol/nips/blob/master/56.md
    */
   reported_notes?: DittoEvent[];
+  /** Admin event relationship. */
+  info?: DittoEvent;
 }
diff --git a/src/pipeline.ts b/src/pipeline.ts
index 7cdaa60..20fed92 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -212,7 +212,7 @@ async function generateSetEvents(event: NostrEvent): Promise<void> {
         ['d', event.id],
         ['p', event.pubkey],
         ['k', '3036'],
-        ['n', 'open'],
+        ['n', 'pending'],
       ],
       created_at: Math.floor(Date.now() / 1000),
     });
diff --git a/src/storages/hydrate.ts b/src/storages/hydrate.ts
index ded03d4..a3821aa 100644
--- a/src/storages/hydrate.ts
+++ b/src/storages/hydrate.ts
@@ -44,6 +44,10 @@ async function hydrateEvents(opts: HydrateOpts): Promise<DittoEvent[]> {
     cache.push(event);
   }
 
+  for (const event of await gatherInfo({ events: cache, store, signal })) {
+    cache.push(event);
+  }
+
   for (const event of await gatherReportedProfiles({ events: cache, store, signal })) {
     cache.push(event);
   }
@@ -83,6 +87,7 @@ export function assembleEvents(
   for (const event of a) {
     event.author = b.find((e) => matchFilter({ kinds: [0], authors: [event.pubkey] }, e));
     event.user = b.find((e) => matchFilter({ kinds: [30382], authors: [admin], '#d': [event.pubkey] }, e));
+    event.info = b.find((e) => matchFilter({ kinds: [30383], authors: [admin], '#d': [event.id] }, e));
 
     if (event.kind === 1) {
       const id = findQuoteTag(event.tags)?.[1] || findQuoteInContent(event.content);
@@ -106,20 +111,21 @@ export function assembleEvents(
     }
 
     if (event.kind === 1984) {
-      const targetAccountId = event.tags.find(([name]) => name === 'p')?.[1];
-      if (targetAccountId) {
-        event.reported_profile = b.find((e) => matchFilter({ kinds: [0], authors: [targetAccountId] }, e));
+      const pubkey = event.tags.find(([name]) => name === 'p')?.[1];
+      if (pubkey) {
+        event.reported_profile = b.find((e) => matchFilter({ kinds: [0], authors: [pubkey] }, e));
       }
-      const reportedEvents: DittoEvent[] = [];
 
-      const status_ids = event.tags.filter(([name]) => name === 'e').map((tag) => tag[1]);
-      if (status_ids.length > 0) {
-        for (const id of status_ids) {
-          const reportedEvent = b.find((e) => matchFilter({ kinds: [1], ids: [id] }, e));
-          if (reportedEvent) reportedEvents.push(reportedEvent);
+      const reportedEvents: DittoEvent[] = [];
+      const ids = event.tags.filter(([name]) => name === 'e').map(([_name, value]) => value);
+
+      for (const id of ids) {
+        const reported = b.find((e) => matchFilter({ kinds: [1], ids: [id] }, e));
+        if (reported) {
+          reportedEvents.push(reported);
         }
-        event.reported_notes = reportedEvents;
       }
+      event.reported_notes = reportedEvents;
     }
 
     event.author_stats = stats.authors.find((stats) => stats.pubkey === event.pubkey);
@@ -206,6 +212,26 @@ function gatherUsers({ events, store, signal }: HydrateOpts): Promise<DittoEvent
   );
 }
 
+/** Collect info events from the events. */
+function gatherInfo({ events, store, signal }: HydrateOpts): Promise<DittoEvent[]> {
+  const ids = new Set<string>();
+
+  for (const event of events) {
+    if (event.kind === 3036) {
+      ids.add(event.id);
+    }
+  }
+
+  if (!ids.size) {
+    return Promise.resolve([]);
+  }
+
+  return store.query(
+    [{ ids: [...ids], limit: ids.size }],
+    { signal },
+  );
+}
+
 /** Collect reported notes from the events. */
 function gatherReportedNotes({ events, store, signal }: HydrateOpts): Promise<DittoEvent[]> {
   const ids = new Set<string>();
diff --git a/src/views/ditto.ts b/src/views/ditto.ts
new file mode 100644
index 0000000..708c522
--- /dev/null
+++ b/src/views/ditto.ts
@@ -0,0 +1,25 @@
+import { DittoEvent } from '@/interfaces/DittoEvent.ts';
+import { accountFromPubkey, renderAccount } from '@/views/mastodon/accounts.ts';
+import { getTagSet } from '@/utils/tags.ts';
+
+export async function renderNameRequest(event: DittoEvent) {
+  const n = getTagSet(event.info?.tags ?? [], 'n');
+
+  let approvalStatus = 'pending';
+
+  if (n.has('approved')) {
+    approvalStatus = 'approved';
+  }
+  if (n.has('rejected')) {
+    approvalStatus = 'rejected';
+  }
+
+  return {
+    id: event.id,
+    account: event.author ? await renderAccount(event.author) : accountFromPubkey(event.pubkey),
+    name: event.tags.find(([name]) => name === 'r')?.[1] || '',
+    reason: event.content,
+    approval_status: approvalStatus,
+    created_at: new Date(event.created_at * 1000).toISOString(),
+  };
+}

From 8a7cae98419b23e665debee161936d1126c7c8a5 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 11:03:46 -0500
Subject: [PATCH 20/32] Refactor reports more, add reopen endpoint

---
 src/app.ts                     |  7 +++
 src/controllers/api/ditto.ts   | 97 +++++++++++++++++++++++++++++++---
 src/controllers/api/reports.ts | 46 +++++++++++-----
 src/storages/hydrate.ts        |  8 ++-
 src/views/mastodon/reports.ts  | 32 +++++------
 5 files changed, 153 insertions(+), 37 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 19641d4..e58bd53 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -53,6 +53,7 @@ import { deleteReactionController, reactionController, reactionsController } fro
 import { relayController } from '@/controllers/nostr/relay.ts';
 import {
   adminReportController,
+  adminReportReopenController,
   adminReportResolveController,
   adminReportsController,
   reportController,
@@ -255,6 +256,12 @@ app.post(
   requireRole('admin'),
   adminReportResolveController,
 );
+app.post(
+  '/api/v1/admin/reports/:id{[0-9a-f]{64}}/reopen',
+  requireSigner,
+  requireRole('admin'),
+  adminReportReopenController,
+);
 
 app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requireRole('admin'), adminActionController);
 
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index 4cf2cd4..d1f9b0d 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -1,12 +1,13 @@
-import { NostrEvent } from '@nostrify/nostrify';
+import { NostrEvent, NostrFilter, NSchema as n } from '@nostrify/nostrify';
 import { z } from 'zod';
 
 import { AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
+import { booleanParamSchema } from '@/schema.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { Storages } from '@/storages.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
-import { createEvent } from '@/utils/api.ts';
+import { createEvent, paginated, paginationSchema } from '@/utils/api.ts';
 import { renderNameRequest } from '@/views/ditto.ts';
 
 const markerSchema = z.enum(['read', 'write']);
@@ -87,14 +88,98 @@ export const nameRequestController: AppController = async (c) => {
   return c.json(nameRequest);
 };
 
+const nameRequestsSchema = z.object({
+  approved: booleanParamSchema.optional(),
+  rejected: booleanParamSchema.optional(),
+});
+
 export const nameRequestsController: AppController = async (c) => {
   const store = await Storages.db();
   const signer = c.get('signer')!;
   const pubkey = await signer.getPublicKey();
 
-  const events = await store.query([{ kinds: [3036], authors: [pubkey], limit: 20 }])
-    .then((events) => hydrateEvents({ events, store }));
+  const params = paginationSchema.parse(c.req.query());
+  const { approved, rejected } = nameRequestsSchema.parse(c.req.query());
 
-  const nameRequests = await Promise.all(events.map(renderNameRequest));
-  return c.json(nameRequests);
+  const filter: NostrFilter = {
+    kinds: [30383],
+    authors: [Conf.pubkey],
+    '#k': ['3036'],
+    '#p': [pubkey],
+    ...params,
+  };
+
+  if (approved) {
+    filter['#n'] = ['approved'];
+  }
+  if (rejected) {
+    filter['#n'] = ['rejected'];
+  }
+
+  const orig = await store.query([filter]);
+  const ids = new Set<string>();
+
+  for (const event of orig) {
+    const d = event.tags.find(([name]) => name === 'd')?.[1];
+    if (d) {
+      ids.add(d);
+    }
+  }
+
+  const events = await store.query([{ kinds: [3036], ids: [...ids] }])
+    .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }));
+
+  const nameRequests = await Promise.all(
+    events.map((event) => renderNameRequest(event)),
+  );
+
+  return paginated(c, orig, nameRequests);
+};
+
+const adminNameRequestsSchema = z.object({
+  account_id: n.id().optional(),
+  approved: booleanParamSchema.optional(),
+  rejected: booleanParamSchema.optional(),
+});
+
+export const adminNameRequestsController: AppController = async (c) => {
+  const store = await Storages.db();
+  const params = paginationSchema.parse(c.req.query());
+  const { account_id, approved, rejected } = adminNameRequestsSchema.parse(c.req.query());
+
+  const filter: NostrFilter = {
+    kinds: [30383],
+    authors: [Conf.pubkey],
+    '#k': ['3036'],
+    ...params,
+  };
+
+  if (account_id) {
+    filter['#p'] = [account_id];
+  }
+  if (approved) {
+    filter['#n'] = ['approved'];
+  }
+  if (rejected) {
+    filter['#n'] = ['rejected'];
+  }
+
+  const orig = await store.query([filter]);
+  const ids = new Set<string>();
+
+  for (const event of orig) {
+    const d = event.tags.find(([name]) => name === 'd')?.[1];
+    if (d) {
+      ids.add(d);
+    }
+  }
+
+  const events = await store.query([{ kinds: [3036], ids: [...ids] }])
+    .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }));
+
+  const nameRequests = await Promise.all(
+    events.map((event) => renderNameRequest(event)),
+  );
+
+  return paginated(c, orig, nameRequests);
 };
diff --git a/src/controllers/api/reports.ts b/src/controllers/api/reports.ts
index 2092b8a..9a2750f 100644
--- a/src/controllers/api/reports.ts
+++ b/src/controllers/api/reports.ts
@@ -7,7 +7,6 @@ import { createEvent, paginationSchema, parseBody, updateEventInfo } from '@/uti
 import { hydrateEvents } from '@/storages/hydrate.ts';
 import { renderAdminReport } from '@/views/mastodon/reports.ts';
 import { renderReport } from '@/views/mastodon/reports.ts';
-import { getTagSet } from '@/utils/tags.ts';
 import { booleanParamSchema } from '@/schema.ts';
 
 const reportSchema = z.object({
@@ -71,6 +70,7 @@ const adminReportsController: AppController = async (c) => {
   const filter: NostrFilter = {
     kinds: [30383],
     authors: [Conf.pubkey],
+    '#k': ['1984'],
     ...params,
   };
 
@@ -98,15 +98,7 @@ const adminReportsController: AppController = async (c) => {
     .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }));
 
   const reports = await Promise.all(
-    events.map((event) => {
-      const internal = orig.find(({ tags }) => tags.some(([name, value]) => name === 'd' && value === event.id));
-      const names = getTagSet(internal?.tags ?? [], 'n');
-
-      return renderAdminReport(event, {
-        viewerPubkey,
-        actionTaken: names.has('closed'),
-      });
-    }),
+    events.map((event) => renderAdminReport(event, { viewerPubkey })),
   );
 
   return c.json(reports);
@@ -153,11 +145,39 @@ const adminReportResolveController: AppController = async (c) => {
   }
 
   await updateEventInfo(eventId, { open: false, closed: true }, c);
-
   await hydrateEvents({ events: [event], store, signal });
 
-  const report = await renderAdminReport(event, { viewerPubkey: pubkey, actionTaken: true });
+  const report = await renderAdminReport(event, { viewerPubkey: pubkey });
   return c.json(report);
 };
 
-export { adminReportController, adminReportResolveController, adminReportsController, reportController };
+const adminReportReopenController: AppController = async (c) => {
+  const eventId = c.req.param('id');
+  const { signal } = c.req.raw;
+  const store = c.get('store');
+  const pubkey = await c.get('signer')?.getPublicKey();
+
+  const [event] = await store.query([{
+    kinds: [1984],
+    ids: [eventId],
+    limit: 1,
+  }], { signal });
+
+  if (!event) {
+    return c.json({ error: 'Not found' }, 404);
+  }
+
+  await updateEventInfo(eventId, { open: true, closed: false }, c);
+  await hydrateEvents({ events: [event], store, signal });
+
+  const report = await renderAdminReport(event, { viewerPubkey: pubkey });
+  return c.json(report);
+};
+
+export {
+  adminReportController,
+  adminReportReopenController,
+  adminReportResolveController,
+  adminReportsController,
+  reportController,
+};
diff --git a/src/storages/hydrate.ts b/src/storages/hydrate.ts
index a3821aa..9ec9e8c 100644
--- a/src/storages/hydrate.ts
+++ b/src/storages/hydrate.ts
@@ -206,6 +206,10 @@ function gatherAuthors({ events, store, signal }: HydrateOpts): Promise<DittoEve
 function gatherUsers({ events, store, signal }: HydrateOpts): Promise<DittoEvent[]> {
   const pubkeys = new Set(events.map((event) => event.pubkey));
 
+  if (!pubkeys.size) {
+    return Promise.resolve([]);
+  }
+
   return store.query(
     [{ kinds: [30382], authors: [Conf.pubkey], '#d': [...pubkeys], limit: pubkeys.size }],
     { signal },
@@ -217,7 +221,7 @@ function gatherInfo({ events, store, signal }: HydrateOpts): Promise<DittoEvent[
   const ids = new Set<string>();
 
   for (const event of events) {
-    if (event.kind === 3036) {
+    if (event.kind === 1984 || event.kind === 3036) {
       ids.add(event.id);
     }
   }
@@ -227,7 +231,7 @@ function gatherInfo({ events, store, signal }: HydrateOpts): Promise<DittoEvent[
   }
 
   return store.query(
-    [{ ids: [...ids], limit: ids.size }],
+    [{ kinds: [30383], authors: [Conf.pubkey], '#d': [...ids], limit: ids.size }],
     { signal },
   );
 }
diff --git a/src/views/mastodon/reports.ts b/src/views/mastodon/reports.ts
index bec08b4..48baa42 100644
--- a/src/views/mastodon/reports.ts
+++ b/src/views/mastodon/reports.ts
@@ -3,6 +3,7 @@ import { accountFromPubkey, renderAccount } from '@/views/mastodon/accounts.ts';
 import { nostrDate } from '@/utils.ts';
 import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
 import { renderStatus } from '@/views/mastodon/statuses.ts';
+import { getTagSet } from '@/utils/tags.ts';
 
 /** Expects a `reportEvent` of kind 1984 and a `profile` of kind 0 of the person being reported */
 async function renderReport(event: DittoEvent) {
@@ -30,43 +31,42 @@ async function renderReport(event: DittoEvent) {
 
 interface RenderAdminReportOpts {
   viewerPubkey?: string;
-  actionTaken?: boolean;
 }
 
 /** Admin-level information about a filed report.
  * Expects an event of kind 1984 fully hydrated.
  * https://docs.joinmastodon.org/entities/Admin_Report */
-async function renderAdminReport(reportEvent: DittoEvent, opts: RenderAdminReportOpts) {
-  const { viewerPubkey, actionTaken = false } = opts;
+async function renderAdminReport(event: DittoEvent, opts: RenderAdminReportOpts) {
+  const { viewerPubkey } = opts;
 
   // The category is present in both the 'e' and 'p' tag, however, it is possible to report a user without reporting a note, so it's better to get the category from the 'p' tag
-  const category = reportEvent.tags.find(([name]) => name === 'p')?.[2];
+  const category = event.tags.find(([name]) => name === 'p')?.[2];
 
   const statuses = [];
-  if (reportEvent.reported_notes) {
-    for (const status of reportEvent.reported_notes) {
+  if (event.reported_notes) {
+    for (const status of event.reported_notes) {
       statuses.push(await renderStatus(status, { viewerPubkey }));
     }
   }
 
-  const reportedPubkey = reportEvent.tags.find(([name]) => name === 'p')?.[1];
+  const reportedPubkey = event.tags.find(([name]) => name === 'p')?.[1];
   if (!reportedPubkey) {
     return;
   }
 
+  const names = getTagSet(event.info?.tags ?? [], 'n');
+
   return {
-    id: reportEvent.id,
-    action_taken: actionTaken,
+    id: event.id,
+    action_taken: names.has('closed'),
     action_taken_at: null,
     category,
-    comment: reportEvent.content,
+    comment: event.content,
     forwarded: false,
-    created_at: nostrDate(reportEvent.created_at).toISOString(),
-    account: reportEvent.author
-      ? await renderAdminAccount(reportEvent.author)
-      : await renderAdminAccountFromPubkey(reportEvent.pubkey),
-    target_account: reportEvent.reported_profile
-      ? await renderAdminAccount(reportEvent.reported_profile)
+    created_at: nostrDate(event.created_at).toISOString(),
+    account: event.author ? await renderAdminAccount(event.author) : await renderAdminAccountFromPubkey(event.pubkey),
+    target_account: event.reported_profile
+      ? await renderAdminAccount(event.reported_profile)
       : await renderAdminAccountFromPubkey(reportedPubkey),
     assigned_account: null,
     action_taken_by_account: null,

From 58a01f90de6709ce47f67693e357192aba28a363 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 11:07:37 -0500
Subject: [PATCH 21/32] Paginate reports

---
 src/controllers/api/reports.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/controllers/api/reports.ts b/src/controllers/api/reports.ts
index 9a2750f..da107ed 100644
--- a/src/controllers/api/reports.ts
+++ b/src/controllers/api/reports.ts
@@ -3,7 +3,7 @@ import { z } from 'zod';
 
 import { type AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
-import { createEvent, paginationSchema, parseBody, updateEventInfo } from '@/utils/api.ts';
+import { createEvent, paginated, paginationSchema, parseBody, updateEventInfo } from '@/utils/api.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
 import { renderAdminReport } from '@/views/mastodon/reports.ts';
 import { renderReport } from '@/views/mastodon/reports.ts';
@@ -101,7 +101,7 @@ const adminReportsController: AppController = async (c) => {
     events.map((event) => renderAdminReport(event, { viewerPubkey })),
   );
 
-  return c.json(reports);
+  return paginated(c, orig, reports);
 };
 
 /** https://docs.joinmastodon.org/methods/admin/reports/#get-one */

From 8802cbd77935a9b6874f3ba564ea8ac7c413aecd Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 11:24:01 -0500
Subject: [PATCH 22/32] suggest -> suggested

---
 src/controllers/api/pleroma.ts     | 4 ++--
 src/controllers/api/suggestions.ts | 4 ++--
 src/views/mastodon/accounts.ts     | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/controllers/api/pleroma.ts b/src/controllers/api/pleroma.ts
index f428ce9..31d8545 100644
--- a/src/controllers/api/pleroma.ts
+++ b/src/controllers/api/pleroma.ts
@@ -157,7 +157,7 @@ const pleromaAdminSuggestController: AppController = async (c) => {
   for (const nickname of nicknames) {
     const pubkey = await lookupPubkey(nickname);
     if (!pubkey) continue;
-    await updateUser(pubkey, { suggest: true }, c);
+    await updateUser(pubkey, { suggested: true }, c);
   }
 
   return new Response(null, { status: 204 });
@@ -169,7 +169,7 @@ const pleromaAdminUnsuggestController: AppController = async (c) => {
   for (const nickname of nicknames) {
     const pubkey = await lookupPubkey(nickname);
     if (!pubkey) continue;
-    await updateUser(pubkey, { suggest: false }, c);
+    await updateUser(pubkey, { suggested: false }, c);
   }
 
   return new Response(null, { status: 204 });
diff --git a/src/controllers/api/suggestions.ts b/src/controllers/api/suggestions.ts
index c31ffc0..7e461c4 100644
--- a/src/controllers/api/suggestions.ts
+++ b/src/controllers/api/suggestions.ts
@@ -31,7 +31,7 @@ async function renderV2Suggestions(c: AppContext, params: PaginatedListParams, s
   const pubkey = await signer?.getPublicKey();
 
   const filters: NostrFilter[] = [
-    { kinds: [30382], authors: [Conf.pubkey], '#n': ['suggest'], limit },
+    { kinds: [30382], authors: [Conf.pubkey], '#n': ['suggested'], limit },
     { kinds: [1985], '#L': ['pub.ditto.trends'], '#l': [`#p`], authors: [Conf.pubkey], limit: 1 },
   ];
 
@@ -43,7 +43,7 @@ async function renderV2Suggestions(c: AppContext, params: PaginatedListParams, s
   const events = await store.query(filters, { signal });
 
   const [userEvents, followsEvent, mutesEvent, trendingEvent] = [
-    events.filter((event) => matchFilter({ kinds: [30382], authors: [Conf.pubkey], '#n': ['suggest'] }, event)),
+    events.filter((event) => matchFilter({ kinds: [30382], authors: [Conf.pubkey], '#n': ['suggested'] }, event)),
     pubkey ? events.find((event) => matchFilter({ kinds: [3], authors: [pubkey] }, event)) : undefined,
     pubkey ? events.find((event) => matchFilter({ kinds: [10000], authors: [pubkey] }, event)) : undefined,
     events.find((event) =>
diff --git a/src/views/mastodon/accounts.ts b/src/views/mastodon/accounts.ts
index 9f2f052..99f69f0 100644
--- a/src/views/mastodon/accounts.ts
+++ b/src/views/mastodon/accounts.ts
@@ -79,7 +79,7 @@ async function renderAccount(
     pleroma: {
       is_admin: names.has('admin'),
       is_moderator: names.has('admin') || names.has('moderator'),
-      is_suggested: names.has('suggest'),
+      is_suggested: names.has('suggested'),
       is_local: parsed05?.domain === Conf.url.host,
       settings_store: undefined as unknown,
       tags: [...getTagSet(event.user?.tags ?? [], 't')],

From 594f37ea3348682edebe8c48a2f9edb7b96a5e57 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 11:26:57 -0500
Subject: [PATCH 23/32] Use past-tense for some n-tag values

---
 src/controllers/api/admin.ts | 6 +++---
 src/pipeline.ts              | 4 ++--
 src/storages/AdminStore.ts   | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index 9da15bc..a9ec619 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -107,13 +107,13 @@ const adminActionController: AppController = async (c) => {
     n.sensitive = true;
   }
   if (data.type === 'disable') {
-    n.disable = true;
+    n.disabled = true;
   }
   if (data.type === 'silence') {
-    n.silence = true;
+    n.silenced = true;
   }
   if (data.type === 'suspend') {
-    n.suspend = true;
+    n.suspended = true;
   }
 
   await updateUser(authorId, n, c);
diff --git a/src/pipeline.ts b/src/pipeline.ts
index 20fed92..9f99520 100644
--- a/src/pipeline.ts
+++ b/src/pipeline.ts
@@ -45,10 +45,10 @@ async function handleEvent(event: DittoEvent, signal: AbortSignal): Promise<void
 
   const n = getTagSet(event.user?.tags ?? [], 'n');
 
-  if (n.has('disable')) {
+  if (n.has('disabled')) {
     throw new RelayError('blocked', 'user is disabled');
   }
-  if (n.has('suspend')) {
+  if (n.has('suspended')) {
     throw new RelayError('blocked', 'user is suspended');
   }
 
diff --git a/src/storages/AdminStore.ts b/src/storages/AdminStore.ts
index 6285a14..8fe7576 100644
--- a/src/storages/AdminStore.ts
+++ b/src/storages/AdminStore.ts
@@ -30,7 +30,7 @@ export class AdminStore implements NStore {
 
       const n = getTagSet(user?.tags ?? [], 'n');
 
-      if (n.has('disable') || n.has('suspend')) {
+      if (n.has('disabled') || n.has('suspended')) {
         return false;
       }
 

From 2a2f43d1062d19f3327717e17374fc1b500c7fcd Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 11:57:10 -0500
Subject: [PATCH 24/32] Add admin name approve/reject endpoints

---
 src/app.ts                   | 16 +++++++++-
 src/controllers/api/ditto.ts | 57 +++++++++++++++++++++++++++++++++++-
 src/storages/EventsDB.ts     |  2 ++
 3 files changed, 73 insertions(+), 2 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index e58bd53..7bf29ca 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -30,7 +30,15 @@ import { adminAccountsController, adminActionController } from '@/controllers/ap
 import { appCredentialsController, createAppController } from '@/controllers/api/apps.ts';
 import { blocksController } from '@/controllers/api/blocks.ts';
 import { bookmarksController } from '@/controllers/api/bookmarks.ts';
-import { adminRelaysController, adminSetRelaysController, nameRequestController } from '@/controllers/api/ditto.ts';
+import {
+  adminNameApproveController,
+  adminNameRejectController,
+  adminNameRequestsController,
+  adminRelaysController,
+  adminSetRelaysController,
+  nameRequestController,
+  nameRequestsController,
+} from '@/controllers/api/ditto.ts';
 import { emptyArrayController, emptyObjectController, notImplementedController } from '@/controllers/api/fallback.ts';
 import { instanceController } from '@/controllers/api/instance.ts';
 import { markersController, updateMarkersController } from '@/controllers/api/markers.ts';
@@ -245,6 +253,12 @@ app.get('/api/v1/admin/ditto/relays', requireRole('admin'), adminRelaysControlle
 app.put('/api/v1/admin/ditto/relays', requireRole('admin'), adminSetRelaysController);
 
 app.post('/api/v1/ditto/names', requireSigner, nameRequestController);
+app.get('/api/v1/ditto/names', requireSigner, nameRequestsController);
+
+app.get('/api/v1/admin/ditto/names', requireRole('admin'), adminNameRequestsController);
+app.post('/api/v1/admin/ditto/names/:id{[0-9a-f]{64}}/approve', requireRole('admin'), adminNameApproveController);
+app.post('/api/v1/admin/ditto/names/:id{[0-9a-f]{64}}/reject', requireRole('admin'), adminNameRejectController);
+
 app.post('/api/v1/ditto/zap', requireSigner, zapController);
 
 app.post('/api/v1/reports', requireSigner, reportController);
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index d1f9b0d..f8ac5f2 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -7,7 +7,7 @@ import { booleanParamSchema } from '@/schema.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { Storages } from '@/storages.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
-import { createEvent, paginated, paginationSchema } from '@/utils/api.ts';
+import { createAdminEvent, createEvent, paginated, paginationSchema, updateEventInfo } from '@/utils/api.ts';
 import { renderNameRequest } from '@/views/ditto.ts';
 
 const markerSchema = z.enum(['read', 'write']);
@@ -183,3 +183,58 @@ export const adminNameRequestsController: AppController = async (c) => {
 
   return paginated(c, orig, nameRequests);
 };
+
+export const adminNameApproveController: AppController = async (c) => {
+  const eventId = c.req.param('id');
+  const store = await Storages.db();
+
+  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
+  if (!event) {
+    return c.json({ error: 'Event not found' }, 404);
+  }
+
+  const r = event.tags.find(([name]) => name === 'r')?.[1];
+  if (!r) {
+    return c.json({ error: 'NIP-05 not found' }, 404);
+  }
+  if (!z.string().email().safeParse(r).success) {
+    return c.json({ error: 'Invalid NIP-05' }, 400);
+  }
+
+  const [existing] = await store.query([{ kinds: [30360], authors: [Conf.pubkey], '#d': [r], limit: 1 }]);
+  if (existing) {
+    return c.json({ error: 'NIP-05 already granted to another user' }, 400);
+  }
+
+  await createAdminEvent({
+    kind: 30360,
+    tags: [
+      ['d', r],
+      ['L', 'nip05.domain'],
+      ['l', r.split('@')[1], 'nip05.domain'],
+      ['p', event.pubkey],
+    ],
+  }, c);
+
+  await updateEventInfo(eventId, { pending: false, approved: true, rejected: false }, c);
+  await hydrateEvents({ events: [event], store });
+
+  const nameRequest = await renderNameRequest(event);
+  return c.json(nameRequest);
+};
+
+export const adminNameRejectController: AppController = async (c) => {
+  const eventId = c.req.param('id');
+  const store = await Storages.db();
+
+  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
+  if (!event) {
+    return c.json({ error: 'Event not found' }, 404);
+  }
+
+  await updateEventInfo(eventId, { pending: false, approved: false, rejected: true }, c);
+  await hydrateEvents({ events: [event], store });
+
+  const nameRequest = await renderNameRequest(event);
+  return c.json(nameRequest);
+};
diff --git a/src/storages/EventsDB.ts b/src/storages/EventsDB.ts
index 6a94954..c26ebf1 100644
--- a/src/storages/EventsDB.ts
+++ b/src/storages/EventsDB.ts
@@ -223,6 +223,8 @@ class EventsDB implements NStore {
         return event.content;
       case 30009:
         return EventsDB.buildTagsSearchContent(event.tags.filter(([t]) => t !== 'alt'));
+      case 30360:
+        return event.tags.find(([name]) => name === 'd')?.[1] || '';
       default:
         return '';
     }

From 5379863d36678ae348015c2fb4304120a34cc380 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 12:13:50 -0500
Subject: [PATCH 25/32] Tag the nip05 request in the grant event

---
 src/controllers/api/ditto.ts | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index f8ac5f2..5c8ea9c 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -64,20 +64,20 @@ function renderRelays(event: NostrEvent): RelayEntity[] {
 }
 
 const nameRequestSchema = z.object({
-  nip05: z.string().email(),
+  name: z.string().email(),
   reason: z.string().max(500).optional(),
 });
 
 export const nameRequestController: AppController = async (c) => {
-  const { nip05, reason } = nameRequestSchema.parse(await c.req.json());
+  const { name, reason } = nameRequestSchema.parse(await c.req.json());
 
   const event = await createEvent({
     kind: 3036,
     content: reason,
     tags: [
-      ['r', nip05],
+      ['r', name],
       ['L', 'nip05.domain'],
-      ['l', nip05.split('@')[1], 'nip05.domain'],
+      ['l', name.split('@')[1], 'nip05.domain'],
       ['p', Conf.pubkey],
     ],
   }, c);
@@ -213,6 +213,7 @@ export const adminNameApproveController: AppController = async (c) => {
       ['L', 'nip05.domain'],
       ['l', r.split('@')[1], 'nip05.domain'],
       ['p', event.pubkey],
+      ['e', event.id],
     ],
   }, c);
 

From 07a380fb75f24cc95ea77a834b65e36c0fc132b2 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 13:43:40 -0500
Subject: [PATCH 26/32] Rework adminAccountsController to display pending
 accounts from nip05 requests

---
 src/controllers/api/admin.ts         | 112 ++++++++++++++++-----------
 src/views/ditto.ts                   |  25 +++---
 src/views/mastodon/admin-accounts.ts |  22 ++++--
 3 files changed, 95 insertions(+), 64 deletions(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index a9ec619..df5bf96 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -1,13 +1,14 @@
-import { NostrEvent } from '@nostrify/nostrify';
+import { NostrFilter } from '@nostrify/nostrify';
 import { z } from 'zod';
 
 import { type AppController } from '@/app.ts';
 import { Conf } from '@/config.ts';
 import { booleanParamSchema } from '@/schema.ts';
 import { Storages } from '@/storages.ts';
-import { paginated, paginationSchema, parseBody, updateUser } from '@/utils/api.ts';
-import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
+import { paginated, paginationSchema, parseBody, updateUser } from '@/utils/api.ts';
+import { renderNameRequest } from '@/views/ditto.ts';
+import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
 
 const adminAccountQuerySchema = z.object({
   local: booleanParamSchema.optional(),
@@ -27,62 +28,83 @@ const adminAccountQuerySchema = z.object({
 });
 
 const adminAccountsController: AppController = async (c) => {
+  const store = await Storages.db();
+  const params = paginationSchema.parse(c.req.query());
+  const { signal } = c.req.raw;
   const {
+    local,
     pending,
     disabled,
     silenced,
     suspended,
     sensitized,
+    staff,
   } = adminAccountQuerySchema.parse(c.req.query());
 
-  // Not supported.
-  if (disabled || silenced || suspended || sensitized) {
-    return c.json([]);
-  }
-
-  const store = await Storages.db();
-  const params = paginationSchema.parse(c.req.query());
-  const { signal } = c.req.raw;
-
-  const pubkeys = new Set<string>();
-  const events: NostrEvent[] = [];
-
   if (pending) {
-    for (const event of await store.query([{ kinds: [3036], '#p': [Conf.pubkey], ...params }], { signal })) {
-      pubkeys.add(event.pubkey);
-      events.push(event);
-    }
-  } else {
-    for (const event of await store.query([{ kinds: [30360], authors: [Conf.pubkey], ...params }], { signal })) {
-      const pubkey = event.tags.find(([name]) => name === 'd')?.[1];
-      if (pubkey) {
-        pubkeys.add(pubkey);
-        events.push(event);
-      }
+    if (disabled || silenced || suspended || sensitized) {
+      return c.json([]);
     }
+
+    const orig = await store.query(
+      [{ kinds: [30383], authors: [Conf.pubkey], '#k': ['3036'], ...params }],
+      { signal },
+    );
+
+    const ids = new Set<string>(
+      orig
+        .map(({ tags }) => tags.find(([name]) => name === 'd')?.[1])
+        .filter((id): id is string => !!id),
+    );
+
+    const events = await store.query([{ kinds: [3036], ids: [...ids] }])
+      .then((events) => hydrateEvents({ store, events, signal }));
+
+    const nameRequests = await Promise.all(events.map(renderNameRequest));
+    return paginated(c, orig, nameRequests);
   }
 
-  const authors = await store.query([{ kinds: [0], authors: [...pubkeys] }], { signal })
-    .then((events) => hydrateEvents({ store, events, signal }));
+  if (disabled || silenced || suspended || sensitized) {
+    const n = [];
 
-  const accounts = await Promise.all(
-    [...pubkeys].map(async (pubkey) => {
-      const author = authors.find((event) => event.pubkey === pubkey);
-      const account = author ? await renderAdminAccount(author) : await renderAdminAccountFromPubkey(pubkey);
-      const request = events.find((event) => event.kind === 3036 && event.pubkey === pubkey);
-      const grant = events.find(
-        (event) => event.kind === 30360 && event.tags.find(([name]) => name === 'd')?.[1] === pubkey,
-      );
+    if (disabled) {
+      n.push('disabled');
+    }
+    if (silenced) {
+      n.push('silenced');
+    }
+    if (suspended) {
+      n.push('suspended');
+    }
+    if (sensitized) {
+      n.push('sensitized');
+    }
+    if (staff) {
+      n.push('admin');
+      n.push('moderator');
+    }
 
-      return {
-        ...account,
-        invite_request: request?.content ?? null,
-        invite_request_username: request?.tags.find(([name]) => name === 'r')?.[1] ?? null,
-        approved: !!grant,
-      };
-    }),
-  );
+    const events = await store.query([{ kinds: [30382], authors: [Conf.pubkey], '#n': n, ...params }], { signal });
+    const pubkeys = new Set<string>(events.map(({ pubkey }) => pubkey));
+    const authors = await store.query([{ kinds: [0], authors: [...pubkeys] }])
+      .then((events) => hydrateEvents({ store, events, signal }));
 
+    const accounts = await Promise.all(
+      [...pubkeys].map((pubkey) => {
+        const author = authors.find((e) => e.pubkey === pubkey);
+        return author ? renderAdminAccount(author) : renderAdminAccountFromPubkey(pubkey);
+      }),
+    );
+
+    return paginated(c, events, accounts);
+  }
+
+  const filter: NostrFilter = { kinds: [0], ...params };
+  if (local) {
+    filter.search = `domain:${Conf.url.host}`;
+  }
+  const events = await store.query([filter], { signal });
+  const accounts = await Promise.all(events.map(renderAdminAccount));
   return paginated(c, events, accounts);
 };
 
@@ -104,7 +126,7 @@ const adminActionController: AppController = async (c) => {
   const n: Record<string, boolean> = {};
 
   if (data.type === 'sensitive') {
-    n.sensitive = true;
+    n.sensitized = true;
   }
   if (data.type === 'disable') {
     n.disabled = true;
diff --git a/src/views/ditto.ts b/src/views/ditto.ts
index 708c522..ebc07b7 100644
--- a/src/views/ditto.ts
+++ b/src/views/ditto.ts
@@ -1,25 +1,22 @@
 import { DittoEvent } from '@/interfaces/DittoEvent.ts';
-import { accountFromPubkey, renderAccount } from '@/views/mastodon/accounts.ts';
 import { getTagSet } from '@/utils/tags.ts';
+import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
 
+/** Renders an Admin::Account entity from a name request event. */
 export async function renderNameRequest(event: DittoEvent) {
   const n = getTagSet(event.info?.tags ?? [], 'n');
+  const [username, domain] = event.tags.find(([name]) => name === 'r')?.[1]?.split('@') ?? [];
 
-  let approvalStatus = 'pending';
-
-  if (n.has('approved')) {
-    approvalStatus = 'approved';
-  }
-  if (n.has('rejected')) {
-    approvalStatus = 'rejected';
-  }
+  const adminAccount = event.author
+    ? await renderAdminAccount(event.author)
+    : await renderAdminAccountFromPubkey(event.pubkey);
 
   return {
+    ...adminAccount,
     id: event.id,
-    account: event.author ? await renderAccount(event.author) : accountFromPubkey(event.pubkey),
-    name: event.tags.find(([name]) => name === 'r')?.[1] || '',
-    reason: event.content,
-    approval_status: approvalStatus,
-    created_at: new Date(event.created_at * 1000).toISOString(),
+    approved: n.has('approved'),
+    username,
+    domain,
+    invite_request: event.content,
   };
 }
diff --git a/src/views/mastodon/admin-accounts.ts b/src/views/mastodon/admin-accounts.ts
index 4dc8569..34b6860 100644
--- a/src/views/mastodon/admin-accounts.ts
+++ b/src/views/mastodon/admin-accounts.ts
@@ -1,9 +1,20 @@
 import { accountFromPubkey, renderAccount } from '@/views/mastodon/accounts.ts';
-import { type DittoEvent } from '@/interfaces/DittoEvent.ts';
+import { DittoEvent } from '@/interfaces/DittoEvent.ts';
+import { getTagSet } from '@/utils/tags.ts';
 
 /** Expects a kind 0 fully hydrated */
 async function renderAdminAccount(event: DittoEvent) {
   const account = await renderAccount(event);
+  const names = getTagSet(event.user?.tags ?? [], 'n');
+
+  let role = 'user';
+
+  if (names.has('admin')) {
+    role = 'admin';
+  }
+  if (names.has('moderator')) {
+    role = 'moderator';
+  }
 
   return {
     id: account.id,
@@ -15,12 +26,13 @@ async function renderAdminAccount(event: DittoEvent) {
     ips: [],
     locale: '',
     invite_request: null,
-    role: event.tags.find(([name]) => name === 'role')?.[1],
+    role,
     confirmed: true,
     approved: true,
-    disabled: false,
-    silenced: false,
-    suspended: false,
+    disabled: names.has('disabled'),
+    silenced: names.has('silenced'),
+    suspended: names.has('suspended'),
+    sensitized: names.has('sensitized'),
     account,
   };
 }

From 2245263011a70b8f7a0ce1e5560834d1607cc6e9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 14:50:37 -0500
Subject: [PATCH 27/32] Add ditto:name_grant notification

---
 src/app.ts                           |  23 +++---
 src/controllers/api/admin.ts         |  61 ++++++++++++++-
 src/controllers/api/ditto.ts         | 108 +--------------------------
 src/controllers/api/notifications.ts |  80 +++++++++++++++++---
 src/views/mastodon/notifications.ts  |  19 +++++
 5 files changed, 164 insertions(+), 127 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 7bf29ca..074359d 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -26,14 +26,16 @@ import {
   updateCredentialsController,
   verifyCredentialsController,
 } from '@/controllers/api/accounts.ts';
-import { adminAccountsController, adminActionController } from '@/controllers/api/admin.ts';
+import {
+  adminAccountsController,
+  adminActionController,
+  adminApproveController,
+  adminRejectController,
+} from '@/controllers/api/admin.ts';
 import { appCredentialsController, createAppController } from '@/controllers/api/apps.ts';
 import { blocksController } from '@/controllers/api/blocks.ts';
 import { bookmarksController } from '@/controllers/api/bookmarks.ts';
 import {
-  adminNameApproveController,
-  adminNameRejectController,
-  adminNameRequestsController,
   adminRelaysController,
   adminSetRelaysController,
   nameRequestController,
@@ -244,7 +246,6 @@ app.get('/api/v1/pleroma/statuses/:id{[0-9a-f]{64}}/reactions/:emoji', reactions
 app.put('/api/v1/pleroma/statuses/:id{[0-9a-f]{64}}/reactions/:emoji', requireSigner, reactionController);
 app.delete('/api/v1/pleroma/statuses/:id{[0-9a-f]{64}}/reactions/:emoji', requireSigner, deleteReactionController);
 
-app.get('/api/v1/admin/accounts', requireRole('admin'), adminAccountsController);
 app.get('/api/v1/pleroma/admin/config', requireRole('admin'), configController);
 app.post('/api/v1/pleroma/admin/config', requireRole('admin'), updateConfigController);
 app.delete('/api/v1/pleroma/admin/statuses/:id', requireRole('admin'), pleromaAdminDeleteStatusController);
@@ -255,10 +256,6 @@ app.put('/api/v1/admin/ditto/relays', requireRole('admin'), adminSetRelaysContro
 app.post('/api/v1/ditto/names', requireSigner, nameRequestController);
 app.get('/api/v1/ditto/names', requireSigner, nameRequestsController);
 
-app.get('/api/v1/admin/ditto/names', requireRole('admin'), adminNameRequestsController);
-app.post('/api/v1/admin/ditto/names/:id{[0-9a-f]{64}}/approve', requireRole('admin'), adminNameApproveController);
-app.post('/api/v1/admin/ditto/names/:id{[0-9a-f]{64}}/reject', requireRole('admin'), adminNameRejectController);
-
 app.post('/api/v1/ditto/zap', requireSigner, zapController);
 
 app.post('/api/v1/reports', requireSigner, reportController);
@@ -277,7 +274,15 @@ app.post(
   adminReportReopenController,
 );
 
+app.get('/api/v1/admin/accounts', requireRole('admin'), adminAccountsController);
 app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/action', requireSigner, requireRole('admin'), adminActionController);
+app.post(
+  '/api/v1/admin/accounts/:id{[0-9a-f]{64}}/approve',
+  requireSigner,
+  requireRole('admin'),
+  adminApproveController,
+);
+app.post('/api/v1/admin/accounts/:id{[0-9a-f]{64}}/reject', requireSigner, requireRole('admin'), adminRejectController);
 
 app.put('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminTagController);
 app.delete('/api/v1/pleroma/admin/users/tag', requireRole('admin'), pleromaAdminUntagController);
diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index df5bf96..90afd52 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -6,7 +6,7 @@ import { Conf } from '@/config.ts';
 import { booleanParamSchema } from '@/schema.ts';
 import { Storages } from '@/storages.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
-import { paginated, paginationSchema, parseBody, updateUser } from '@/utils/api.ts';
+import { createAdminEvent, paginated, paginationSchema, parseBody, updateEventInfo, updateUser } from '@/utils/api.ts';
 import { renderNameRequest } from '@/views/ditto.ts';
 import { renderAdminAccount, renderAdminAccountFromPubkey } from '@/views/mastodon/admin-accounts.ts';
 
@@ -47,7 +47,7 @@ const adminAccountsController: AppController = async (c) => {
     }
 
     const orig = await store.query(
-      [{ kinds: [30383], authors: [Conf.pubkey], '#k': ['3036'], ...params }],
+      [{ kinds: [30383], authors: [Conf.pubkey], '#k': ['3036'], '#n': ['pending'], ...params }],
       { signal },
     );
 
@@ -143,4 +143,59 @@ const adminActionController: AppController = async (c) => {
   return c.json({}, 200);
 };
 
-export { adminAccountsController, adminActionController };
+const adminApproveController: AppController = async (c) => {
+  const eventId = c.req.param('id');
+  const store = await Storages.db();
+
+  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
+  if (!event) {
+    return c.json({ error: 'Event not found' }, 404);
+  }
+
+  const r = event.tags.find(([name]) => name === 'r')?.[1];
+  if (!r) {
+    return c.json({ error: 'NIP-05 not found' }, 404);
+  }
+  if (!z.string().email().safeParse(r).success) {
+    return c.json({ error: 'Invalid NIP-05' }, 400);
+  }
+
+  const [existing] = await store.query([{ kinds: [30360], authors: [Conf.pubkey], '#d': [r], limit: 1 }]);
+  if (existing) {
+    return c.json({ error: 'NIP-05 already granted to another user' }, 400);
+  }
+
+  await createAdminEvent({
+    kind: 30360,
+    tags: [
+      ['d', r],
+      ['L', 'nip05.domain'],
+      ['l', r.split('@')[1], 'nip05.domain'],
+      ['p', event.pubkey],
+      ['e', event.id],
+    ],
+  }, c);
+
+  await updateEventInfo(eventId, { pending: false, approved: true, rejected: false }, c);
+  await hydrateEvents({ events: [event], store });
+
+  const nameRequest = await renderNameRequest(event);
+  return c.json(nameRequest);
+};
+
+const adminRejectController: AppController = async (c) => {
+  const eventId = c.req.param('id');
+  const store = await Storages.db();
+
+  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
+  if (!event) {
+    return c.json({ error: 'Event not found' }, 404);
+  }
+
+  await updateEventInfo(eventId, { pending: false, approved: false, rejected: true }, c);
+  await hydrateEvents({ events: [event], store });
+
+  const nameRequest = await renderNameRequest(event);
+  return c.json(nameRequest);
+};
+export { adminAccountsController, adminActionController, adminApproveController, adminRejectController };
diff --git a/src/controllers/api/ditto.ts b/src/controllers/api/ditto.ts
index 5c8ea9c..5723a9e 100644
--- a/src/controllers/api/ditto.ts
+++ b/src/controllers/api/ditto.ts
@@ -1,4 +1,4 @@
-import { NostrEvent, NostrFilter, NSchema as n } from '@nostrify/nostrify';
+import { NostrEvent, NostrFilter } from '@nostrify/nostrify';
 import { z } from 'zod';
 
 import { AppController } from '@/app.ts';
@@ -7,7 +7,7 @@ import { booleanParamSchema } from '@/schema.ts';
 import { AdminSigner } from '@/signers/AdminSigner.ts';
 import { Storages } from '@/storages.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
-import { createAdminEvent, createEvent, paginated, paginationSchema, updateEventInfo } from '@/utils/api.ts';
+import { createEvent, paginated, paginationSchema } from '@/utils/api.ts';
 import { renderNameRequest } from '@/views/ditto.ts';
 
 const markerSchema = z.enum(['read', 'write']);
@@ -135,107 +135,3 @@ export const nameRequestsController: AppController = async (c) => {
 
   return paginated(c, orig, nameRequests);
 };
-
-const adminNameRequestsSchema = z.object({
-  account_id: n.id().optional(),
-  approved: booleanParamSchema.optional(),
-  rejected: booleanParamSchema.optional(),
-});
-
-export const adminNameRequestsController: AppController = async (c) => {
-  const store = await Storages.db();
-  const params = paginationSchema.parse(c.req.query());
-  const { account_id, approved, rejected } = adminNameRequestsSchema.parse(c.req.query());
-
-  const filter: NostrFilter = {
-    kinds: [30383],
-    authors: [Conf.pubkey],
-    '#k': ['3036'],
-    ...params,
-  };
-
-  if (account_id) {
-    filter['#p'] = [account_id];
-  }
-  if (approved) {
-    filter['#n'] = ['approved'];
-  }
-  if (rejected) {
-    filter['#n'] = ['rejected'];
-  }
-
-  const orig = await store.query([filter]);
-  const ids = new Set<string>();
-
-  for (const event of orig) {
-    const d = event.tags.find(([name]) => name === 'd')?.[1];
-    if (d) {
-      ids.add(d);
-    }
-  }
-
-  const events = await store.query([{ kinds: [3036], ids: [...ids] }])
-    .then((events) => hydrateEvents({ store, events: events, signal: c.req.raw.signal }));
-
-  const nameRequests = await Promise.all(
-    events.map((event) => renderNameRequest(event)),
-  );
-
-  return paginated(c, orig, nameRequests);
-};
-
-export const adminNameApproveController: AppController = async (c) => {
-  const eventId = c.req.param('id');
-  const store = await Storages.db();
-
-  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
-  if (!event) {
-    return c.json({ error: 'Event not found' }, 404);
-  }
-
-  const r = event.tags.find(([name]) => name === 'r')?.[1];
-  if (!r) {
-    return c.json({ error: 'NIP-05 not found' }, 404);
-  }
-  if (!z.string().email().safeParse(r).success) {
-    return c.json({ error: 'Invalid NIP-05' }, 400);
-  }
-
-  const [existing] = await store.query([{ kinds: [30360], authors: [Conf.pubkey], '#d': [r], limit: 1 }]);
-  if (existing) {
-    return c.json({ error: 'NIP-05 already granted to another user' }, 400);
-  }
-
-  await createAdminEvent({
-    kind: 30360,
-    tags: [
-      ['d', r],
-      ['L', 'nip05.domain'],
-      ['l', r.split('@')[1], 'nip05.domain'],
-      ['p', event.pubkey],
-      ['e', event.id],
-    ],
-  }, c);
-
-  await updateEventInfo(eventId, { pending: false, approved: true, rejected: false }, c);
-  await hydrateEvents({ events: [event], store });
-
-  const nameRequest = await renderNameRequest(event);
-  return c.json(nameRequest);
-};
-
-export const adminNameRejectController: AppController = async (c) => {
-  const eventId = c.req.param('id');
-  const store = await Storages.db();
-
-  const [event] = await store.query([{ kinds: [3036], ids: [eventId] }]);
-  if (!event) {
-    return c.json({ error: 'Event not found' }, 404);
-  }
-
-  await updateEventInfo(eventId, { pending: false, approved: false, rejected: true }, c);
-  await hydrateEvents({ events: [event], store });
-
-  const nameRequest = await renderNameRequest(event);
-  return c.json(nameRequest);
-};
diff --git a/src/controllers/api/notifications.ts b/src/controllers/api/notifications.ts
index ba15bd0..d92ccf4 100644
--- a/src/controllers/api/notifications.ts
+++ b/src/controllers/api/notifications.ts
@@ -1,24 +1,87 @@
-import { NostrFilter } from '@nostrify/nostrify';
+import { NostrFilter, NSchema as n } from '@nostrify/nostrify';
+import { z } from 'zod';
 
 import { AppContext, AppController } from '@/app.ts';
+import { Conf } from '@/config.ts';
 import { hydrateEvents } from '@/storages/hydrate.ts';
-import { paginated, paginationSchema } from '@/utils/api.ts';
+import { paginated, PaginationParams, paginationSchema } from '@/utils/api.ts';
 import { renderNotification } from '@/views/mastodon/notifications.ts';
 
+/** Set of known notification types across backends. */
+const notificationTypes = new Set([
+  'mention',
+  'status',
+  'reblog',
+  'follow',
+  'follow_request',
+  'favourite',
+  'poll',
+  'update',
+  'admin.sign_up',
+  'admin.report',
+  'severed_relationships',
+  'pleroma:emoji_reaction',
+  'ditto:name_grant',
+]);
+
+const notificationsSchema = z.object({
+  account_id: n.id().optional(),
+});
+
 const notificationsController: AppController = async (c) => {
   const pubkey = await c.get('signer')?.getPublicKey()!;
-  const { since, until } = paginationSchema.parse(c.req.query());
+  const params = paginationSchema.parse(c.req.query());
 
-  return renderNotifications(c, [{ kinds: [1, 6, 7], '#p': [pubkey], since, until }]);
+  const types = notificationTypes
+    .intersection(new Set(c.req.queries('types[]') ?? notificationTypes))
+    .difference(new Set(c.req.queries('exclude_types[]')));
+
+  const { account_id } = notificationsSchema.parse(c.req.query());
+
+  const kinds = new Set<number>();
+
+  if (types.has('mention')) {
+    kinds.add(1);
+  }
+  if (types.has('reblog')) {
+    kinds.add(6);
+  }
+  if (types.has('favourite') || types.has('pleroma:emoji_reaction')) {
+    kinds.add(7);
+  }
+
+  const filter: NostrFilter = {
+    kinds: [...kinds],
+    '#p': [pubkey],
+    ...params,
+  };
+
+  const filters: NostrFilter[] = [filter];
+
+  if (account_id) {
+    filter.authors = [account_id];
+  }
+
+  if (types.has('ditto:name_grant') && !account_id) {
+    filters.push({ kinds: [30360], authors: [Conf.pubkey], '#p': [pubkey], ...params });
+  }
+
+  return renderNotifications(filters, types, params, c);
 };
 
-async function renderNotifications(c: AppContext, filters: NostrFilter[]) {
+async function renderNotifications(
+  filters: NostrFilter[],
+  types: Set<string>,
+  params: PaginationParams,
+  c: AppContext,
+) {
   const store = c.get('store');
   const pubkey = await c.get('signer')?.getPublicKey()!;
   const { signal } = c.req.raw;
+  const opts = { signal, limit: params.limit };
 
   const events = await store
-    .query(filters, { signal })
+    .query(filters, opts)
     .then((events) => events.filter((event) => event.pubkey !== pubkey))
     .then((events) => hydrateEvents({ events, store, signal }));
 
@@ -26,9 +89,8 @@ async function renderNotifications(c: AppContext, filters: NostrFilter[]) {
     return c.json([]);
   }
 
-  const notifications = (await Promise
-    .all(events.map((event) => renderNotification(event, { viewerPubkey: pubkey }))))
-    .filter(Boolean);
+  const notifications = (await Promise.all(events.map((event) => renderNotification(event, { viewerPubkey: pubkey }))))
+    .filter((notification) => notification && types.has(notification.type));
 
   if (!notifications.length) {
     return c.json([]);
diff --git a/src/views/mastodon/notifications.ts b/src/views/mastodon/notifications.ts
index 5b618d7..e11d45a 100644
--- a/src/views/mastodon/notifications.ts
+++ b/src/views/mastodon/notifications.ts
@@ -26,6 +26,10 @@ function renderNotification(event: DittoEvent, opts: RenderNotificationOpts) {
   if (event.kind === 7) {
     return renderReaction(event, opts);
   }
+
+  if (event.kind === 30360) {
+    return renderNameGrant(event);
+  }
 }
 
 async function renderMention(event: DittoEvent, opts: RenderNotificationOpts) {
@@ -87,6 +91,21 @@ async function renderReaction(event: DittoEvent, opts: RenderNotificationOpts) {
   };
 }
 
+async function renderNameGrant(event: DittoEvent) {
+  const d = event.tags.find(([name]) => name === 'd')?.[1];
+  const account = event.author ? await renderAccount(event.author) : await accountFromPubkey(event.pubkey);
+
+  if (!d) return;
+
+  return {
+    id: notificationId(event),
+    type: 'ditto:name_grant',
+    name: d,
+    created_at: nostrDate(event.created_at).toISOString(),
+    account,
+  };
+}
+
 /** This helps notifications be sorted in the correct order. */
 function notificationId({ id, created_at }: NostrEvent): string {
   return `${created_at}-${id}`;

From 42fac52e9ef80f423852ce92163514eae6046b2b Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 15:31:14 -0500
Subject: [PATCH 28/32] Support streaming notifications

---
 src/controllers/api/streaming.ts    | 66 ++++++++++++++++-------------
 src/views/mastodon/notifications.ts | 12 +++---
 2 files changed, 44 insertions(+), 34 deletions(-)

diff --git a/src/controllers/api/streaming.ts b/src/controllers/api/streaming.ts
index 427c350..552ea3b 100644
--- a/src/controllers/api/streaming.ts
+++ b/src/controllers/api/streaming.ts
@@ -1,4 +1,4 @@
-import { NostrFilter } from '@nostrify/nostrify';
+import { NostrEvent, NostrFilter } from '@nostrify/nostrify';
 import Debug from '@soapbox/stickynotes/debug';
 import { z } from 'zod';
 
@@ -11,6 +11,7 @@ import { hydrateEvents } from '@/storages/hydrate.ts';
 import { Storages } from '@/storages.ts';
 import { bech32ToPubkey } from '@/utils.ts';
 import { renderReblog, renderStatus } from '@/views/mastodon/statuses.ts';
+import { renderNotification } from '@/views/mastodon/notifications.ts';
 
 const debug = Debug('ditto:streaming');
 
@@ -52,6 +53,11 @@ const streamingController: AppController = async (c) => {
 
   const { socket, response } = Deno.upgradeWebSocket(c.req.raw, { protocol: token, idleTimeout: 30 });
 
+  const store = await Storages.db();
+  const pubsub = await Storages.pubsub();
+
+  const policy = pubkey ? new MuteListPolicy(pubkey, await Storages.admin()) : undefined;
+
   function send(name: string, payload: object) {
     if (socket.readyState === WebSocket.OPEN) {
       debug('send', name, JSON.stringify(payload));
@@ -63,52 +69,54 @@ const streamingController: AppController = async (c) => {
     }
   }
 
-  socket.onopen = async () => {
-    if (!stream) return;
-
-    const filter = await topicToFilter(stream, c.req.query(), pubkey);
-    if (!filter) return;
-
+  async function sub(type: string, filters: NostrFilter[], render: (event: NostrEvent) => Promise<unknown>) {
     try {
-      const db = await Storages.db();
-      const pubsub = await Storages.pubsub();
-
-      for await (const msg of pubsub.req([filter], { signal: controller.signal })) {
+      for await (const msg of pubsub.req(filters, { signal: controller.signal })) {
         if (msg[0] === 'EVENT') {
           const event = msg[2];
 
-          if (pubkey) {
-            const policy = new MuteListPolicy(pubkey, await Storages.admin());
+          if (policy) {
             const [, , ok] = await policy.call(event);
             if (!ok) {
               continue;
             }
           }
 
-          await hydrateEvents({
-            events: [event],
-            store: db,
-            signal: AbortSignal.timeout(1000),
-          });
+          await hydrateEvents({ events: [event], store, signal: AbortSignal.timeout(1000) });
 
-          if (event.kind === 1) {
-            const status = await renderStatus(event, { viewerPubkey: pubkey });
-            if (status) {
-              send('update', status);
-            }
-          }
+          const result = await render(event);
 
-          if (event.kind === 6) {
-            const status = await renderReblog(event, { viewerPubkey: pubkey });
-            if (status) {
-              send('update', status);
-            }
+          if (result) {
+            send(type, result);
           }
         }
       }
     } catch (e) {
       debug('streaming error:', e);
     }
+  }
+
+  socket.onopen = async () => {
+    if (!stream) return;
+    const topicFilter = await topicToFilter(stream, c.req.query(), pubkey);
+
+    if (topicFilter) {
+      sub('update', [topicFilter], async (event) => {
+        if (event.kind === 1) {
+          return await renderStatus(event, { viewerPubkey: pubkey });
+        }
+        if (event.kind === 6) {
+          return await renderReblog(event, { viewerPubkey: pubkey });
+        }
+      });
+    }
+
+    if (['user', 'user:notification'].includes(stream) && pubkey) {
+      sub('notification', [{ '#p': [pubkey] }], async (event) => {
+        return await renderNotification(event, { viewerPubkey: pubkey });
+      });
+      return;
+    }
   };
 
   socket.onclose = () => {
diff --git a/src/views/mastodon/notifications.ts b/src/views/mastodon/notifications.ts
index e11d45a..8f2a8a6 100644
--- a/src/views/mastodon/notifications.ts
+++ b/src/views/mastodon/notifications.ts
@@ -1,8 +1,10 @@
+import { NostrEvent } from '@nostrify/nostrify';
+
+import { Conf } from '@/config.ts';
 import { DittoEvent } from '@/interfaces/DittoEvent.ts';
 import { nostrDate } from '@/utils.ts';
 import { accountFromPubkey, renderAccount } from '@/views/mastodon/accounts.ts';
 import { renderStatus } from '@/views/mastodon/statuses.ts';
-import { NostrEvent } from '@nostrify/nostrify';
 
 interface RenderNotificationOpts {
   viewerPubkey: string;
@@ -27,7 +29,7 @@ function renderNotification(event: DittoEvent, opts: RenderNotificationOpts) {
     return renderReaction(event, opts);
   }
 
-  if (event.kind === 30360) {
+  if (event.kind === 30360 && event.pubkey === Conf.pubkey) {
     return renderNameGrant(event);
   }
 }
@@ -49,7 +51,7 @@ async function renderReblog(event: DittoEvent, opts: RenderNotificationOpts) {
   if (event.repost?.kind !== 1) return;
   const status = await renderStatus(event.repost, opts);
   if (!status) return;
-  const account = event.author ? await renderAccount(event.author) : accountFromPubkey(event.pubkey);
+  const account = event.author ? await renderAccount(event.author) : await accountFromPubkey(event.pubkey);
 
   return {
     id: notificationId(event),
@@ -64,7 +66,7 @@ async function renderFavourite(event: DittoEvent, opts: RenderNotificationOpts)
   if (event.reacted?.kind !== 1) return;
   const status = await renderStatus(event.reacted, opts);
   if (!status) return;
-  const account = event.author ? await renderAccount(event.author) : accountFromPubkey(event.pubkey);
+  const account = event.author ? await renderAccount(event.author) : await accountFromPubkey(event.pubkey);
 
   return {
     id: notificationId(event),
@@ -79,7 +81,7 @@ async function renderReaction(event: DittoEvent, opts: RenderNotificationOpts) {
   if (event.reacted?.kind !== 1) return;
   const status = await renderStatus(event.reacted, opts);
   if (!status) return;
-  const account = event.author ? await renderAccount(event.author) : accountFromPubkey(event.pubkey);
+  const account = event.author ? await renderAccount(event.author) : await accountFromPubkey(event.pubkey);
 
   return {
     id: notificationId(event),

From 229975a752554c95c5ed04a824aa75db7cb7ba48 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 18:50:45 -0500
Subject: [PATCH 29/32] adminActionController: delete user's events on suspend

---
 src/controllers/api/admin.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index 90afd52..f61b389 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -114,6 +114,7 @@ const adminAccountActionSchema = z.object({
 
 const adminActionController: AppController = async (c) => {
   const body = await parseBody(c.req.raw);
+  const store = await Storages.db();
   const result = adminAccountActionSchema.safeParse(body);
   const authorId = c.req.param('id');
 
@@ -136,6 +137,7 @@ const adminActionController: AppController = async (c) => {
   }
   if (data.type === 'suspend') {
     n.suspended = true;
+    store.remove([{ authors: [authorId] }]).catch(console.warn);
   }
 
   await updateUser(authorId, n, c);

From d1ba797c93f080545713d03f3b9e37bffc3be9d5 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 19:22:11 -0500
Subject: [PATCH 30/32] Add revoke_name admin action

---
 src/controllers/api/admin.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/controllers/api/admin.ts b/src/controllers/api/admin.ts
index f61b389..bcc40ce 100644
--- a/src/controllers/api/admin.ts
+++ b/src/controllers/api/admin.ts
@@ -109,7 +109,7 @@ const adminAccountsController: AppController = async (c) => {
 };
 
 const adminAccountActionSchema = z.object({
-  type: z.enum(['none', 'sensitive', 'disable', 'silence', 'suspend']),
+  type: z.enum(['none', 'sensitive', 'disable', 'silence', 'suspend', 'revoke_name']),
 });
 
 const adminActionController: AppController = async (c) => {
@@ -139,6 +139,10 @@ const adminActionController: AppController = async (c) => {
     n.suspended = true;
     store.remove([{ authors: [authorId] }]).catch(console.warn);
   }
+  if (data.type === 'revoke_name') {
+    n.revoke_name = true;
+    store.remove([{ kinds: [30360], authors: [Conf.pubkey], '#p': [authorId] }]).catch(console.warn);
+  }
 
   await updateUser(authorId, n, c);
 

From e7ed3c839c5f9256e23886429ff24740f35b19c9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 19:48:33 -0500
Subject: [PATCH 31/32] AdminStore: fix users check

---
 src/storages/AdminStore.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/storages/AdminStore.ts b/src/storages/AdminStore.ts
index 8fe7576..014dcb7 100644
--- a/src/storages/AdminStore.ts
+++ b/src/storages/AdminStore.ts
@@ -14,12 +14,13 @@ export class AdminStore implements NStore {
 
   async query(filters: NostrFilter[], opts: { signal?: AbortSignal; limit?: number } = {}): Promise<DittoEvent[]> {
     const events = await this.store.query(filters, opts);
+    const pubkeys = new Set(events.map((event) => event.pubkey));
 
     const users = await this.store.query([{
       kinds: [30382],
       authors: [Conf.pubkey],
-      '#d': events.map((event) => event.pubkey),
-      limit: 1,
+      '#d': [...pubkeys],
+      limit: pubkeys.size,
     }]);
 
     return events.filter((event) => {

From 6b3e01a072a9b3194e7e076fdcea4134ac13a607 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 9 Jun 2024 21:42:31 -0500
Subject: [PATCH 32/32] Upgrade nostrify to v0.23.1

---
 deno.json | 2 +-
 deno.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/deno.json b/deno.json
index b225c8e..ecf32a3 100644
--- a/deno.json
+++ b/deno.json
@@ -22,7 +22,7 @@
     "@db/sqlite": "jsr:@db/sqlite@^0.11.1",
     "@isaacs/ttlcache": "npm:@isaacs/ttlcache@^1.4.1",
     "@noble/secp256k1": "npm:@noble/secp256k1@^2.0.0",
-    "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.23.0",
+    "@nostrify/nostrify": "jsr:@nostrify/nostrify@^0.23.1",
     "@scure/base": "npm:@scure/base@^1.1.6",
     "@sentry/deno": "https://deno.land/x/sentry@7.112.2/index.mjs",
     "@soapbox/kysely-deno-sqlite": "jsr:@soapbox/kysely-deno-sqlite@^2.1.0",
diff --git a/deno.lock b/deno.lock
index d68a374..7d767ab 100644
--- a/deno.lock
+++ b/deno.lock
@@ -10,7 +10,7 @@
       "jsr:@nostrify/nostrify@^0.22.1": "jsr:@nostrify/nostrify@0.22.5",
       "jsr:@nostrify/nostrify@^0.22.4": "jsr:@nostrify/nostrify@0.22.4",
       "jsr:@nostrify/nostrify@^0.22.5": "jsr:@nostrify/nostrify@0.22.5",
-      "jsr:@nostrify/nostrify@^0.23.0": "jsr:@nostrify/nostrify@0.23.0",
+      "jsr:@nostrify/nostrify@^0.23.1": "jsr:@nostrify/nostrify@0.23.1",
       "jsr:@soapbox/kysely-deno-sqlite@^2.1.0": "jsr:@soapbox/kysely-deno-sqlite@2.2.0",
       "jsr:@soapbox/stickynotes@^0.4.0": "jsr:@soapbox/stickynotes@0.4.0",
       "jsr:@std/assert@^0.217.0": "jsr:@std/assert@0.217.0",
@@ -121,8 +121,8 @@
           "npm:zod@^3.23.8"
         ]
       },
-      "@nostrify/nostrify@0.23.0": {
-        "integrity": "8636c0322885707d6a7b342ef55f70debf399a1eb65b83abcce7972d69e30920",
+      "@nostrify/nostrify@0.23.1": {
+        "integrity": "7a242dedfe33cf38131696ad96d789d54257cfbfd5b5e63748fe5d53c057d99a",
         "dependencies": [
           "jsr:@std/encoding@^0.224.1",
           "npm:@scure/base@^1.1.6",
@@ -1343,7 +1343,7 @@
     "dependencies": [
       "jsr:@bradenmacdonald/s3-lite-client@^0.7.4",
       "jsr:@db/sqlite@^0.11.1",
-      "jsr:@nostrify/nostrify@^0.23.0",
+      "jsr:@nostrify/nostrify@^0.23.1",
       "jsr:@soapbox/kysely-deno-sqlite@^2.1.0",
       "jsr:@soapbox/stickynotes@^0.4.0",
       "jsr:@std/assert@^0.225.1",