From 614a1d74ddf388dcb82f69722c96696ad530602d Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Sat, 28 Mar 2020 18:07:41 +0900
Subject: [PATCH] Resolve #6192

---
 .../1585385921215-custom-notification.ts      | 48 +++++++++++++++
 src/client/components/notification.vue        | 35 ++++++-----
 src/models/entities/notification.ts           | 58 +++++++++++++++++--
 src/models/repositories/notification.ts       | 10 +++-
 src/server/api/authenticate.ts                | 14 ++---
 src/server/api/call.ts                        | 13 ++---
 src/server/api/define.ts                      |  9 +--
 src/server/api/endpoints/app/show.ts          |  4 +-
 .../api/endpoints/drive/files/create.ts       |  2 +-
 src/server/api/endpoints/i.ts                 |  4 +-
 src/server/api/endpoints/i/update.ts          |  4 +-
 src/server/api/endpoints/notes/polls/vote.ts  |  6 +-
 .../api/endpoints/notifications/create.ts     | 37 ++++++++++++
 .../api/endpoints/users/groups/invite.ts      |  3 +-
 src/server/api/stream/index.ts                | 13 ++---
 src/services/create-notification.ts           | 34 +++--------
 src/services/following/create.ts              |  8 ++-
 src/services/following/requests/create.ts     |  3 +-
 src/services/note/create.ts                   |  3 +-
 src/services/note/polls/vote.ts               |  6 +-
 src/services/note/reaction/create.ts          |  6 +-
 21 files changed, 229 insertions(+), 91 deletions(-)
 create mode 100644 migration/1585385921215-custom-notification.ts
 create mode 100644 src/server/api/endpoints/notifications/create.ts

diff --git a/migration/1585385921215-custom-notification.ts b/migration/1585385921215-custom-notification.ts
new file mode 100644
index 0000000000..24c29d53e5
--- /dev/null
+++ b/migration/1585385921215-custom-notification.ts
@@ -0,0 +1,48 @@
+import {MigrationInterface, QueryRunner} from "typeorm";
+
+export class customNotification1585385921215 implements MigrationInterface {
+    name = 'customNotification1585385921215'
+
+    public async up(queryRunner: QueryRunner): Promise<any> {
+        await queryRunner.query(`ALTER TABLE "notification" ADD "customBody" character varying(2048)`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD "customHeader" character varying(256)`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD "customIcon" character varying(1024)`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD "appAccessTokenId" character varying(32)`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP CONSTRAINT "FK_3b4e96eec8d36a8bbb9d02aa710"`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ALTER COLUMN "notifierId" DROP NOT NULL`, undefined);
+        await queryRunner.query(`COMMENT ON COLUMN "notification"."notifierId" IS 'The ID of sender user of the Notification.'`, undefined);
+        await queryRunner.query(`ALTER TYPE "public"."notification_type_enum" RENAME TO "notification_type_enum_old"`, undefined);
+        await queryRunner.query(`CREATE TYPE "notification_type_enum" AS ENUM('follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited', 'app')`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ALTER COLUMN "type" TYPE "notification_type_enum" USING "type"::"text"::"notification_type_enum"`, undefined);
+        await queryRunner.query(`DROP TYPE "notification_type_enum_old"`, undefined);
+        await queryRunner.query(`COMMENT ON COLUMN "notification"."type" IS 'The type of the Notification.'`, undefined);
+        await queryRunner.query(`CREATE INDEX "IDX_3b4e96eec8d36a8bbb9d02aa71" ON "notification" ("notifierId") `, undefined);
+        await queryRunner.query(`CREATE INDEX "IDX_33f33cc8ef29d805a97ff4628b" ON "notification" ("type") `, undefined);
+        await queryRunner.query(`CREATE INDEX "IDX_080ab397c379af09b9d2169e5b" ON "notification" ("isRead") `, undefined);
+        await queryRunner.query(`CREATE INDEX "IDX_e22bf6bda77b6adc1fd9e75c8c" ON "notification" ("appAccessTokenId") `, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD CONSTRAINT "FK_3b4e96eec8d36a8bbb9d02aa710" FOREIGN KEY ("notifierId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD CONSTRAINT "FK_e22bf6bda77b6adc1fd9e75c8c9" FOREIGN KEY ("appAccessTokenId") REFERENCES "access_token"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, undefined);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<any> {
+        await queryRunner.query(`ALTER TABLE "notification" DROP CONSTRAINT "FK_e22bf6bda77b6adc1fd9e75c8c9"`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP CONSTRAINT "FK_3b4e96eec8d36a8bbb9d02aa710"`, undefined);
+        await queryRunner.query(`DROP INDEX "IDX_e22bf6bda77b6adc1fd9e75c8c"`, undefined);
+        await queryRunner.query(`DROP INDEX "IDX_080ab397c379af09b9d2169e5b"`, undefined);
+        await queryRunner.query(`DROP INDEX "IDX_33f33cc8ef29d805a97ff4628b"`, undefined);
+        await queryRunner.query(`DROP INDEX "IDX_3b4e96eec8d36a8bbb9d02aa71"`, undefined);
+        await queryRunner.query(`COMMENT ON COLUMN "notification"."type" IS ''`, undefined);
+        await queryRunner.query(`CREATE TYPE "notification_type_enum_old" AS ENUM('follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited')`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ALTER COLUMN "type" TYPE "notification_type_enum_old" USING "type"::"text"::"notification_type_enum_old"`, undefined);
+        await queryRunner.query(`DROP TYPE "notification_type_enum"`, undefined);
+        await queryRunner.query(`ALTER TYPE "notification_type_enum_old" RENAME TO  "notification_type_enum"`, undefined);
+        await queryRunner.query(`COMMENT ON COLUMN "notification"."notifierId" IS ''`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ALTER COLUMN "notifierId" SET NOT NULL`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" ADD CONSTRAINT "FK_3b4e96eec8d36a8bbb9d02aa710" FOREIGN KEY ("notifierId") REFERENCES "user"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP COLUMN "appAccessTokenId"`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP COLUMN "customIcon"`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP COLUMN "customHeader"`, undefined);
+        await queryRunner.query(`ALTER TABLE "notification" DROP COLUMN "customBody"`, undefined);
+    }
+
+}
diff --git a/src/client/components/notification.vue b/src/client/components/notification.vue
index d768c0b074..f415887e76 100644
--- a/src/client/components/notification.vue
+++ b/src/client/components/notification.vue
@@ -1,22 +1,24 @@
 <template>
 <div class="mk-notification" :class="notification.type" v-size="[{ max: 500 }, { max: 600 }]">
 	<div class="head">
-		<mk-avatar class="avatar" :user="notification.user"/>
-		<div class="icon" :class="notification.type">
+		<mk-avatar v-if="notification.user" class="icon" :user="notification.user"/>
+		<img v-else class="icon" :src="notification.icon" alt=""/>
+		<div class="sub-icon" :class="notification.type">
 			<fa :icon="faPlus" v-if="notification.type === 'follow'"/>
-			<fa :icon="faClock" v-if="notification.type === 'receiveFollowRequest'"/>
-			<fa :icon="faCheck" v-if="notification.type === 'followRequestAccepted'"/>
-			<fa :icon="faIdCardAlt" v-if="notification.type === 'groupInvited'"/>
-			<fa :icon="faRetweet" v-if="notification.type === 'renote'"/>
-			<fa :icon="faReply" v-if="notification.type === 'reply'"/>
-			<fa :icon="faAt" v-if="notification.type === 'mention'"/>
-			<fa :icon="faQuoteLeft" v-if="notification.type === 'quote'"/>
-			<x-reaction-icon v-if="notification.type === 'reaction'" :reaction="notification.reaction" :no-style="true"/>
+			<fa :icon="faClock" v-else-if="notification.type === 'receiveFollowRequest'"/>
+			<fa :icon="faCheck" v-else-if="notification.type === 'followRequestAccepted'"/>
+			<fa :icon="faIdCardAlt" v-else-if="notification.type === 'groupInvited'"/>
+			<fa :icon="faRetweet" v-else-if="notification.type === 'renote'"/>
+			<fa :icon="faReply" v-else-if="notification.type === 'reply'"/>
+			<fa :icon="faAt" v-else-if="notification.type === 'mention'"/>
+			<fa :icon="faQuoteLeft" v-else-if="notification.type === 'quote'"/>
+			<x-reaction-icon v-else-if="notification.type === 'reaction'" :reaction="notification.reaction" :no-style="true"/>
 		</div>
 	</div>
 	<div class="tail">
 		<header>
-			<router-link class="name" :to="notification.user | userPage" v-user-preview="notification.user.id"><mk-user-name :user="notification.user"/></router-link>
+			<router-link v-if="notification.user" class="name" :to="notification.user | userPage" v-user-preview="notification.user.id"><mk-user-name :user="notification.user"/></router-link>
+			<span v-else>{{ notification.header }}</span>
 			<mk-time :time="notification.createdAt" v-if="withTime"/>
 		</header>
 		<router-link v-if="notification.type === 'reaction'" class="text" :to="notification.note | notePage" :title="getNoteSummary(notification.note)">
@@ -42,6 +44,9 @@
 		<span v-if="notification.type === 'followRequestAccepted'" class="text" style="opacity: 0.6;">{{ $t('followRequestAccepted') }}</span>
 		<span v-if="notification.type === 'receiveFollowRequest'" class="text" style="opacity: 0.6;">{{ $t('receiveFollowRequest') }}<div v-if="full && !followRequestDone"><button class="_textButton" @click="acceptFollowRequest()">{{ $t('accept') }}</button> | <button class="_textButton" @click="rejectFollowRequest()">{{ $t('reject') }}</button></div></span>
 		<span v-if="notification.type === 'groupInvited'" class="text" style="opacity: 0.6;">{{ $t('groupInvited') }}: <b>{{ notification.invitation.group.name }}</b><div v-if="full && !groupInviteDone"><button class="_textButton" @click="acceptGroupInvitation()">{{ $t('accept') }}</button> | <button class="_textButton" @click="rejectGroupInvitation()">{{ $t('reject') }}</button></div></span>
+		<span v-if="notification.type === 'app'" class="text">
+			<mfm :text="notification.body" :nowrap="!full"/>
+		</span>
 	</div>
 </div>
 </template>
@@ -142,14 +147,14 @@ export default Vue.extend({
 		height: 42px;
 		margin-right: 8px;
 
-		> .avatar {
+		> .icon {
 			display: block;
 			width: 100%;
 			height: 100%;
 			border-radius: 6px;
 		}
 
-		> .icon {
+		> .sub-icon {
 			position: absolute;
 			z-index: 1;
 			bottom: -2px;
@@ -163,6 +168,10 @@ export default Vue.extend({
 			font-size: 12px;
 			pointer-events: none;
 
+			&:empty {
+				display: none;
+			}
+
 			> * {
 				color: #fff;
 				width: 100%;
diff --git a/src/models/entities/notification.ts b/src/models/entities/notification.ts
index cd3fe9b01e..565645a5d6 100644
--- a/src/models/entities/notification.ts
+++ b/src/models/entities/notification.ts
@@ -4,6 +4,7 @@ import { id } from '../id';
 import { Note } from './note';
 import { FollowRequest } from './follow-request';
 import { UserGroupInvitation } from './user-group-invitation';
+import { AccessToken } from './access-token';
 
 @Entity()
 export class Notification {
@@ -35,11 +36,13 @@ export class Notification {
 	/**
 	 * 通知の送信者(initiator)
 	 */
+	@Index()
 	@Column({
 		...id(),
+		nullable: true,
 		comment: 'The ID of sender user of the Notification.'
 	})
-	public notifierId: User['id'];
+	public notifierId: User['id'] | null;
 
 	@ManyToOne(type => User, {
 		onDelete: 'CASCADE'
@@ -59,16 +62,19 @@ export class Notification {
 	 * receiveFollowRequest - フォローリクエストされた
 	 * followRequestAccepted - 自分の送ったフォローリクエストが承認された
 	 * groupInvited - グループに招待された
+	 * app - アプリ通知
 	 */
+	@Index()
 	@Column('enum', {
-		enum: ['follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited'],
+		enum: ['follow', 'mention', 'reply', 'renote', 'quote', 'reaction', 'pollVote', 'receiveFollowRequest', 'followRequestAccepted', 'groupInvited', 'app'],
 		comment: 'The type of the Notification.'
 	})
-	public type: 'follow' | 'mention' | 'reply' | 'renote' | 'quote' | 'reaction' | 'pollVote' | 'receiveFollowRequest' | 'followRequestAccepted' | 'groupInvited';
+	public type: 'follow' | 'mention' | 'reply' | 'renote' | 'quote' | 'reaction' | 'pollVote' | 'receiveFollowRequest' | 'followRequestAccepted' | 'groupInvited' | 'app';
 
 	/**
 	 * 通知が読まれたかどうか
 	 */
+	@Index()
 	@Column('boolean', {
 		default: false,
 		comment: 'Whether the Notification is read.'
@@ -114,10 +120,52 @@ export class Notification {
 	@Column('varchar', {
 		length: 128, nullable: true
 	})
-	public reaction: string;
+	public reaction: string | null;
 
 	@Column('integer', {
 		nullable: true
 	})
-	public choice: number;
+	public choice: number | null;
+
+	/**
+	 * アプリ通知のbody
+	 */
+	@Column('varchar', {
+		length: 2048, nullable: true
+	})
+	public customBody: string | null;
+
+	/**
+	 * アプリ通知のheader
+	 * (省略時はアプリ名で表示されることを期待)
+	 */
+	@Column('varchar', {
+		length: 256, nullable: true
+	})
+	public customHeader: string | null;
+
+	/**
+	 * アプリ通知のicon(URL)
+	 * (省略時はアプリアイコンで表示されることを期待)
+	 */
+	@Column('varchar', {
+		length: 1024, nullable: true
+	})
+	public customIcon: string | null;
+
+	/**
+	 * アプリ通知のアプリ(のトークン)
+	 */
+	@Index()
+	@Column({
+		...id(),
+		nullable: true
+	})
+	public appAccessTokenId: AccessToken['id'] | null;
+
+	@ManyToOne(type => AccessToken, {
+		onDelete: 'CASCADE'
+	})
+	@JoinColumn()
+	public appAccessToken: AccessToken | null;
 }
diff --git a/src/models/repositories/notification.ts b/src/models/repositories/notification.ts
index f020714f80..a8978cc01b 100644
--- a/src/models/repositories/notification.ts
+++ b/src/models/repositories/notification.ts
@@ -1,5 +1,5 @@
 import { EntityRepository, Repository } from 'typeorm';
-import { Users, Notes, UserGroupInvitations } from '..';
+import { Users, Notes, UserGroupInvitations, AccessTokens } from '..';
 import { Notification } from '../entities/notification';
 import { ensure } from '../../prelude/ensure';
 import { awaitAll } from '../../prelude/await-all';
@@ -13,13 +13,14 @@ export class NotificationRepository extends Repository<Notification> {
 		src: Notification['id'] | Notification,
 	): Promise<PackedNotification> {
 		const notification = typeof src === 'object' ? src : await this.findOne(src).then(ensure);
+		const token = notification.appAccessTokenId ? await AccessTokens.findOne(notification.appAccessTokenId).then(ensure) : null;
 
 		return await awaitAll({
 			id: notification.id,
 			createdAt: notification.createdAt.toISOString(),
 			type: notification.type,
 			userId: notification.notifierId,
-			user: Users.pack(notification.notifier || notification.notifierId),
+			user: notification.notifierId ? Users.pack(notification.notifier || notification.notifierId) : null,
 			...(notification.type === 'mention' ? {
 				note: Notes.pack(notification.note || notification.noteId!, notification.notifieeId),
 			} : {}),
@@ -43,6 +44,11 @@ export class NotificationRepository extends Repository<Notification> {
 			...(notification.type === 'groupInvited' ? {
 				invitation: UserGroupInvitations.pack(notification.userGroupInvitationId!),
 			} : {}),
+			...(notification.type === 'app' ? {
+				body: notification.customBody,
+				header: notification.customHeader || token!.name,
+				icon: notification.customIcon || token!.iconUrl,
+			} : {}),
 		});
 	}
 
diff --git a/src/server/api/authenticate.ts b/src/server/api/authenticate.ts
index 32ad3b4019..c3e277e8de 100644
--- a/src/server/api/authenticate.ts
+++ b/src/server/api/authenticate.ts
@@ -2,12 +2,9 @@ import isNativeToken from './common/is-native-token';
 import { User } from '../../models/entities/user';
 import { Users, AccessTokens, Apps } from '../../models';
 import { ensure } from '../../prelude/ensure';
+import { AccessToken } from '../../models/entities/access-token';
 
-type App = {
-	permission: string[];
-};
-
-export default async (token: string): Promise<[User | null | undefined, App | null | undefined]> => {
+export default async (token: string): Promise<[User | null | undefined, AccessToken | null | undefined]> => {
 	if (token == null) {
 		return [null, null];
 	}
@@ -45,12 +42,11 @@ export default async (token: string): Promise<[User | null | undefined, App | nu
 				.findOne(accessToken.appId).then(ensure);
 
 			return [user, {
+				id: accessToken.id,
 				permission: app.permission
-			}];
+			} as AccessToken];
 		} else {
-			return [user, {
-				permission: accessToken.permission
-			}];
+			return [user, accessToken];
 		}
 	}
 };
diff --git a/src/server/api/call.ts b/src/server/api/call.ts
index c75006ef31..7911eb9b49 100644
--- a/src/server/api/call.ts
+++ b/src/server/api/call.ts
@@ -4,10 +4,7 @@ import { User } from '../../models/entities/user';
 import endpoints from './endpoints';
 import { ApiError } from './error';
 import { apiLogger } from './logger';
-
-type App = {
-	permission: string[];
-};
+import { AccessToken } from '../../models/entities/access-token';
 
 const accessDenied = {
 	message: 'Access denied.',
@@ -15,8 +12,8 @@ const accessDenied = {
 	id: '56f35758-7dd5-468b-8439-5d6fb8ec9b8e'
 };
 
-export default async (endpoint: string, user: User | null | undefined, app: App | null | undefined, data: any, file?: any) => {
-	const isSecure = user != null && app == null;
+export default async (endpoint: string, user: User | null | undefined, token: AccessToken | null | undefined, data: any, file?: any) => {
+	const isSecure = user != null && token == null;
 
 	const ep = endpoints.find(e => e.name === endpoint);
 
@@ -54,7 +51,7 @@ export default async (endpoint: string, user: User | null | undefined, app: App
 		throw new ApiError(accessDenied, { reason: 'You are not a moderator.' });
 	}
 
-	if (app && ep.meta.kind && !app.permission.some(p => p === ep.meta.kind)) {
+	if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) {
 		throw new ApiError({
 			message: 'Your app does not have the necessary permissions to use this endpoint.',
 			code: 'PERMISSION_DENIED',
@@ -76,7 +73,7 @@ export default async (endpoint: string, user: User | null | undefined, app: App
 
 	// API invoking
 	const before = performance.now();
-	return await ep.exec(data, user, isSecure, file).catch((e: Error) => {
+	return await ep.exec(data, user, token, file).catch((e: Error) => {
 		if (e instanceof ApiError) {
 			throw e;
 		} else {
diff --git a/src/server/api/define.ts b/src/server/api/define.ts
index 3c9e6863b7..2ee0ba4868 100644
--- a/src/server/api/define.ts
+++ b/src/server/api/define.ts
@@ -3,6 +3,7 @@ import { ILocalUser } from '../../models/entities/user';
 import { IEndpointMeta } from './endpoints';
 import { ApiError } from './error';
 import { SchemaType } from '../../misc/schema';
+import { AccessToken } from '../../models/entities/access-token';
 
 // TODO: defaultが設定されている場合はその型も考慮する
 type Params<T extends IEndpointMeta> = {
@@ -14,12 +15,12 @@ type Params<T extends IEndpointMeta> = {
 export type Response = Record<string, any> | void;
 
 type executor<T extends IEndpointMeta> =
-	(params: Params<T>, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, isSecure: boolean, file?: any, cleanup?: Function) =>
+	(params: Params<T>, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, token: AccessToken, file?: any, cleanup?: Function) =>
 		Promise<T['res'] extends undefined ? Response : SchemaType<NonNullable<T['res']>>>;
 
 export default function <T extends IEndpointMeta>(meta: T, cb: executor<T>)
-		: (params: any, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, isSecure: boolean, file?: any) => Promise<any> {
-	return (params: any, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, isSecure: boolean, file?: any) => {
+		: (params: any, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, token: AccessToken, file?: any) => Promise<any> {
+	return (params: any, user: T['requireCredential'] extends true ? ILocalUser : ILocalUser | null, token: AccessToken, file?: any) => {
 		function cleanup() {
 			fs.unlink(file.path, () => {});
 		}
@@ -36,7 +37,7 @@ export default function <T extends IEndpointMeta>(meta: T, cb: executor<T>)
 			return Promise.reject(pserr);
 		}
 
-		return cb(ps, user, isSecure, file, cleanup);
+		return cb(ps, user, token, file, cleanup);
 	};
 }
 
diff --git a/src/server/api/endpoints/app/show.ts b/src/server/api/endpoints/app/show.ts
index c1bbb2c53e..e3f3a1eaa4 100644
--- a/src/server/api/endpoints/app/show.ts
+++ b/src/server/api/endpoints/app/show.ts
@@ -28,7 +28,9 @@ export const meta = {
 	}
 };
 
-export default define(meta, async (ps, user, isSecure) => {
+export default define(meta, async (ps, user, token) => {
+	const isSecure = token == null;
+
 	// Lookup app
 	const ap = await Apps.findOne(ps.appId);
 
diff --git a/src/server/api/endpoints/drive/files/create.ts b/src/server/api/endpoints/drive/files/create.ts
index 5043fbb8e7..c0bb6bcc6e 100644
--- a/src/server/api/endpoints/drive/files/create.ts
+++ b/src/server/api/endpoints/drive/files/create.ts
@@ -78,7 +78,7 @@ export const meta = {
 	}
 };
 
-export default define(meta, async (ps, user, isSecure, file, cleanup) => {
+export default define(meta, async (ps, user, _, file, cleanup) => {
 	// Get 'name' parameter
 	let name = ps.name || file.originalname;
 	if (name !== undefined && name !== null) {
diff --git a/src/server/api/endpoints/i.ts b/src/server/api/endpoints/i.ts
index 3909d54663..02d59682b8 100644
--- a/src/server/api/endpoints/i.ts
+++ b/src/server/api/endpoints/i.ts
@@ -19,7 +19,9 @@ export const meta = {
 	},
 };
 
-export default define(meta, async (ps, user, isSecure) => {
+export default define(meta, async (ps, user, token) => {
+	const isSecure = token == null;
+
 	return await Users.pack(user, user, {
 		detail: true,
 		includeHasUnreadNotes: true,
diff --git a/src/server/api/endpoints/i/update.ts b/src/server/api/endpoints/i/update.ts
index 0a3ba824ae..c90f050251 100644
--- a/src/server/api/endpoints/i/update.ts
+++ b/src/server/api/endpoints/i/update.ts
@@ -178,7 +178,9 @@ export const meta = {
 	}
 };
 
-export default define(meta, async (ps, user, isSecure) => {
+export default define(meta, async (ps, user, token) => {
+	const isSecure = token == null;
+
 	const updates = {} as Partial<User>;
 	const profileUpdates = {} as Partial<UserProfile>;
 
diff --git a/src/server/api/endpoints/notes/polls/vote.ts b/src/server/api/endpoints/notes/polls/vote.ts
index 3c5492f8ee..45210b5a6e 100644
--- a/src/server/api/endpoints/notes/polls/vote.ts
+++ b/src/server/api/endpoints/notes/polls/vote.ts
@@ -132,7 +132,8 @@ export default define(meta, async (ps, user) => {
 	});
 
 	// Notify
-	createNotification(note.userId, user.id, 'pollVote', {
+	createNotification(note.userId, 'pollVote', {
+		notifierId: user.id,
 		noteId: note.id,
 		choice: ps.choice
 	});
@@ -143,7 +144,8 @@ export default define(meta, async (ps, user) => {
 		userId: Not(user.id),
 	}).then(watchers => {
 		for (const watcher of watchers) {
-			createNotification(watcher.userId, user.id, 'pollVote', {
+			createNotification(watcher.userId, 'pollVote', {
+				notifierId: user.id,
 				noteId: note.id,
 				choice: ps.choice
 			});
diff --git a/src/server/api/endpoints/notifications/create.ts b/src/server/api/endpoints/notifications/create.ts
new file mode 100644
index 0000000000..fed422b645
--- /dev/null
+++ b/src/server/api/endpoints/notifications/create.ts
@@ -0,0 +1,37 @@
+import $ from 'cafy';
+import define from '../../define';
+import { createNotification } from '../../../../services/create-notification';
+
+export const meta = {
+	tags: ['notifications'],
+
+	requireCredential: true as const,
+
+	kind: 'write:notifications',
+
+	params: {
+		body: {
+			validator: $.str
+		},
+
+		header: {
+			validator: $.optional.nullable.str
+		},
+
+		icon: {
+			validator: $.optional.nullable.str
+		},
+	},
+
+	errors: {
+	}
+};
+
+export default define(meta, async (ps, user, token) => {
+	createNotification(user.id, 'app', {
+		appAccessTokenId: token.id,
+		customBody: ps.body,
+		customHeader: ps.header,
+		customIcon: ps.icon,
+	});
+});
diff --git a/src/server/api/endpoints/users/groups/invite.ts b/src/server/api/endpoints/users/groups/invite.ts
index da0fd1c2ca..a0f5091b07 100644
--- a/src/server/api/endpoints/users/groups/invite.ts
+++ b/src/server/api/endpoints/users/groups/invite.ts
@@ -104,7 +104,8 @@ export default define(meta, async (ps, me) => {
 	} as UserGroupInvitation);
 
 	// 通知を作成
-	createNotification(user.id, me.id, 'groupInvited', {
+	createNotification(user.id, 'groupInvited', {
+		notifierId: me.id,
 		userGroupInvitationId: invitation.id
 	});
 });
diff --git a/src/server/api/stream/index.ts b/src/server/api/stream/index.ts
index 4b233b9a8b..05594ac722 100644
--- a/src/server/api/stream/index.ts
+++ b/src/server/api/stream/index.ts
@@ -9,10 +9,7 @@ import { EventEmitter } from 'events';
 import { User } from '../../../models/entities/user';
 import { Users, Followings, Mutings } from '../../../models';
 import { ApiError } from '../error';
-
-type App = {
-	permission: string[];
-};
+import { AccessToken } from '../../../models/entities/access-token';
 
 /**
  * Main stream connection
@@ -21,7 +18,7 @@ export default class Connection {
 	public user?: User;
 	public following: User['id'][] = [];
 	public muting: User['id'][] = [];
-	public app: App;
+	public token: AccessToken;
 	private wsConnection: websocket.connection;
 	public subscriber: EventEmitter;
 	private channels: Channel[] = [];
@@ -33,12 +30,12 @@ export default class Connection {
 		wsConnection: websocket.connection,
 		subscriber: EventEmitter,
 		user: User | null | undefined,
-		app: App | null | undefined
+		token: AccessToken | null | undefined
 	) {
 		this.wsConnection = wsConnection;
 		this.subscriber = subscriber;
 		if (user) this.user = user;
-		if (app) this.app = app;
+		if (token) this.token = token;
 
 		this.wsConnection.on('message', this.onWsConnectionMessage);
 
@@ -86,7 +83,7 @@ export default class Connection {
 		const endpoint = payload.endpoint || payload.ep; // alias
 
 		// 呼び出し
-		call(endpoint, user, this.app, payload.data).then(res => {
+		call(endpoint, user, this.token, payload.data).then(res => {
 			this.sendMessageToWs(`api:${payload.id}`, { res });
 		}).catch((e: ApiError) => {
 			this.sendMessageToWs(`api:${payload.id}`, {
diff --git a/src/services/create-notification.ts b/src/services/create-notification.ts
index c5c6e7144b..7fc8bfaf53 100644
--- a/src/services/create-notification.ts
+++ b/src/services/create-notification.ts
@@ -3,46 +3,26 @@ import pushSw from './push-notification';
 import { Notifications, Mutings } from '../models';
 import { genId } from '../misc/gen-id';
 import { User } from '../models/entities/user';
-import { Note } from '../models/entities/note';
 import { Notification } from '../models/entities/notification';
-import { FollowRequest } from '../models/entities/follow-request';
-import { UserGroupInvitation } from '../models/entities/user-group-invitation';
 
 export async function createNotification(
 	notifieeId: User['id'],
-	notifierId: User['id'],
 	type: Notification['type'],
-	content?: {
-		noteId?: Note['id'];
-		reaction?: string;
-		choice?: number;
-		followRequestId?: FollowRequest['id'];
-		userGroupInvitationId?: UserGroupInvitation['id'];
-	}
+	data: Partial<Notification>
 ) {
-	if (notifieeId === notifierId) {
+	if (data.notifierId && (notifieeId === data.notifierId)) {
 		return null;
 	}
 
-	const data = {
+	// Create notification
+	const notification = await Notifications.save({
 		id: genId(),
 		createdAt: new Date(),
 		notifieeId: notifieeId,
-		notifierId: notifierId,
 		type: type,
 		isRead: false,
-	} as Partial<Notification>;
-
-	if (content) {
-		if (content.noteId) data.noteId = content.noteId;
-		if (content.reaction) data.reaction = content.reaction;
-		if (content.choice) data.choice = content.choice;
-		if (content.followRequestId) data.followRequestId = content.followRequestId;
-		if (content.userGroupInvitationId) data.userGroupInvitationId = content.userGroupInvitationId;
-	}
-
-	// Create notification
-	const notification = await Notifications.save(data);
+		...data
+	} as Partial<Notification>);
 
 	const packed = await Notifications.pack(notification);
 
@@ -58,7 +38,7 @@ export async function createNotification(
 			const mutings = await Mutings.find({
 				muterId: notifieeId
 			});
-			if (mutings.map(m => m.muteeId).includes(notifierId)) {
+			if (data.notifierId && mutings.map(m => m.muteeId).includes(data.notifierId)) {
 				return;
 			}
 			//#endregion
diff --git a/src/services/following/create.ts b/src/services/following/create.ts
index ce352ffbc1..c5f130f49f 100644
--- a/src/services/following/create.ts
+++ b/src/services/following/create.ts
@@ -57,7 +57,9 @@ export async function insertFollowingDoc(followee: User, follower: User) {
 		});
 
 		// 通知を作成
-		createNotification(follower.id, followee.id, 'followRequestAccepted');
+		createNotification(follower.id, 'followRequestAccepted', {
+			notifierId: followee.id,
+		});
 	}
 
 	if (alreadyFollowed) return;
@@ -95,7 +97,9 @@ export async function insertFollowingDoc(followee: User, follower: User) {
 		Users.pack(follower, followee).then(packed => publishMainStream(followee.id, 'followed', packed)),
 
 		// 通知を作成
-		createNotification(followee.id, follower.id, 'follow');
+		createNotification(followee.id, 'follow', {
+			notifierId: follower.id
+		});
 	}
 }
 
diff --git a/src/services/following/requests/create.ts b/src/services/following/requests/create.ts
index 1c6bac0fbe..deaeedb9a8 100644
--- a/src/services/following/requests/create.ts
+++ b/src/services/following/requests/create.ts
@@ -50,7 +50,8 @@ export default async function(follower: User, followee: User, requestId?: string
 		}).then(packed => publishMainStream(followee.id, 'meUpdated', packed));
 
 		// 通知を作成
-		createNotification(followee.id, follower.id, 'receiveFollowRequest', {
+		createNotification(followee.id, 'receiveFollowRequest', {
+			notifierId: follower.id,
 			followRequestId: followRequest.id
 		});
 	}
diff --git a/src/services/note/create.ts b/src/services/note/create.ts
index 50586e8bc7..60a5a5e69d 100644
--- a/src/services/note/create.ts
+++ b/src/services/note/create.ts
@@ -78,7 +78,8 @@ class NotificationManager {
 
 			// 通知される側のユーザーが通知する側のユーザーをミュートしていない限りは通知する
 			if (!mentioneesMutedUserIds.includes(this.notifier.id)) {
-				createNotification(x.target, this.notifier.id, x.reason, {
+				createNotification(x.target, x.reason, {
+					notifierId: this.notifier.id,
 					noteId: this.note.id
 				});
 			}
diff --git a/src/services/note/polls/vote.ts b/src/services/note/polls/vote.ts
index aee52ba10d..7350c813af 100644
--- a/src/services/note/polls/vote.ts
+++ b/src/services/note/polls/vote.ts
@@ -48,7 +48,8 @@ export default async function(user: User, note: Note, choice: number) {
 	});
 
 	// Notify
-	createNotification(note.userId, user.id, 'pollVote', {
+	createNotification(note.userId, 'pollVote', {
+		notifierId: user.id,
 		noteId: note.id,
 		choice: choice
 	});
@@ -60,7 +61,8 @@ export default async function(user: User, note: Note, choice: number) {
 	})
 	.then(watchers => {
 		for (const watcher of watchers) {
-			createNotification(watcher.userId, user.id, 'pollVote', {
+			createNotification(watcher.userId, 'pollVote', {
+				notifierId: user.id,
 				noteId: note.id,
 				choice: choice
 			});
diff --git a/src/services/note/reaction/create.ts b/src/services/note/reaction/create.ts
index 166c4e1f81..72750affe0 100644
--- a/src/services/note/reaction/create.ts
+++ b/src/services/note/reaction/create.ts
@@ -66,7 +66,8 @@ export default async (user: User, note: Note, reaction?: string) => {
 
 	// リアクションされたユーザーがローカルユーザーなら通知を作成
 	if (note.userHost === null) {
-		createNotification(note.userId, user.id, 'reaction', {
+		createNotification(note.userId, 'reaction', {
+			notifierId: user.id,
 			noteId: note.id,
 			reaction: reaction
 		});
@@ -78,7 +79,8 @@ export default async (user: User, note: Note, reaction?: string) => {
 		userId: Not(user.id)
 	}).then(watchers => {
 		for (const watcher of watchers) {
-			createNotification(watcher.userId, user.id, 'reaction', {
+			createNotification(watcher.userId, 'reaction', {
+				notifierId: user.id,
 				noteId: note.id,
 				reaction: reaction
 			});