From e6fee1a84ede7aa8f0a1e6fe449e7161716062c3 Mon Sep 17 00:00:00 2001
From: Godfrain Jacques <gkounkou@gmail.com>
Date: Wed, 10 Apr 2024 10:51:58 -0700
Subject: [PATCH] fix_: token-permitted channel input not locked (#5046)

Issue #14117
---
 ...nities_messenger_token_permissions_test.go | 38 +++++++++++
 protocol/messenger_communities.go             | 63 +++++++++++--------
 2 files changed, 76 insertions(+), 25 deletions(-)

diff --git a/protocol/communities_messenger_token_permissions_test.go b/protocol/communities_messenger_token_permissions_test.go
index 206863b7d..fb2610dca 100644
--- a/protocol/communities_messenger_token_permissions_test.go
+++ b/protocol/communities_messenger_token_permissions_test.go
@@ -863,6 +863,44 @@ func (s *MessengerCommunitiesTokenPermissionsSuite) TestJoinCommunityWithAdminPe
 	s.Require().Equal(bobAddress, revealedAccounts[0].Address)
 }
 
+func (s *MessengerCommunitiesTokenPermissionsSuite) TestSharedAddressesReturnsRevealedAccount() {
+	community, _ := s.createCommunity()
+
+	permissionRequest := requests.CreateCommunityTokenPermission{
+		CommunityID: community.ID(),
+		Type:        protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL,
+		TokenCriteria: []*protobuf.TokenCriteria{
+			&protobuf.TokenCriteria{
+				Type:              protobuf.CommunityTokenType_ERC20,
+				ContractAddresses: map[uint64]string{testChainID1: "0x123"},
+				Symbol:            "TEST",
+				AmountInWei:       "100000000000000000000",
+				Decimals:          uint64(18),
+			},
+		},
+	}
+
+	response, err := s.owner.CreateCommunityTokenPermission(&permissionRequest)
+	s.Require().NoError(err)
+	s.Require().Len(response.Communities(), 1)
+
+	s.advertiseCommunityTo(community, s.alice)
+
+	s.joinCommunity(community, s.alice, bobPassword, []string{})
+
+	revealedAccounts, err := s.alice.GetRevealedAccounts(community.ID(), common.PubkeyToHex(&s.alice.identity.PublicKey))
+	s.Require().NoError(err)
+	s.Require().Len(revealedAccounts, 2)
+	s.Require().Equal(aliceAddress1, revealedAccounts[0].Address)
+	s.Require().Equal(aliceAddress2, revealedAccounts[1].Address)
+
+	sharedAddresses, err := s.alice.getSharedAddresses(community.ID(), []string{})
+	s.Require().NoError(err)
+	s.Require().Len(sharedAddresses, 2)
+	s.Require().Equal(sharedAddresses[0].String(), revealedAccounts[0].Address)
+	s.Require().Equal(sharedAddresses[1].String(), revealedAccounts[1].Address)
+}
+
 func (s *MessengerCommunitiesTokenPermissionsSuite) TestJoinCommunityAsMemberWithMemberAndAdminPermission() {
 	community, _ := s.createCommunity()
 
diff --git a/protocol/messenger_communities.go b/protocol/messenger_communities.go
index abeab0df6..8ddd55f14 100644
--- a/protocol/messenger_communities.go
+++ b/protocol/messenger_communities.go
@@ -4061,28 +4061,53 @@ func (m *Messenger) CheckPermissionsToJoinCommunity(request *requests.CheckPermi
 	return m.communitiesManager.CheckPermissionToJoin(request.CommunityID, addresses)
 }
 
-func (m *Messenger) CheckCommunityChannelPermissions(request *requests.CheckCommunityChannelPermissions) (*communities.CheckChannelPermissionsResponse, error) {
-	if err := request.Validate(); err != nil {
-		return nil, err
+func (m *Messenger) getSharedAddresses(communityID types.HexBytes, requestAddresses []string) ([]gethcommon.Address, error) {
+	addressesMap := make(map[string]struct{})
+
+	for _, v := range requestAddresses {
+		addressesMap[v] = struct{}{}
 	}
 
-	var addresses []gethcommon.Address
+	if len(requestAddresses) == 0 {
+		sharedAddresses, err := m.GetRevealedAccounts(communityID, common.PubkeyToHex(&m.identity.PublicKey))
+		if err != nil {
+			return nil, err
+		}
 
-	if len(request.Addresses) == 0 {
+		for _, v := range sharedAddresses {
+			addressesMap[v.Address] = struct{}{}
+		}
+	}
+
+	if len(addressesMap) == 0 {
 		accounts, err := m.settings.GetActiveAccounts()
 		if err != nil {
 			return nil, err
 		}
 
 		for _, a := range accounts {
-			addresses = append(addresses, gethcommon.HexToAddress(a.Address.Hex()))
-		}
-	} else {
-		for _, v := range request.Addresses {
-			addresses = append(addresses, gethcommon.HexToAddress(v))
+			addressesMap[a.Address.Hex()] = struct{}{}
 		}
 	}
 
+	var addresses []gethcommon.Address
+	for addr := range addressesMap {
+		addresses = append(addresses, gethcommon.HexToAddress(addr))
+	}
+
+	return addresses, nil
+}
+
+func (m *Messenger) CheckCommunityChannelPermissions(request *requests.CheckCommunityChannelPermissions) (*communities.CheckChannelPermissionsResponse, error) {
+	if err := request.Validate(); err != nil {
+		return nil, err
+	}
+
+	addresses, err := m.getSharedAddresses(request.CommunityID, request.Addresses)
+	if err != nil {
+		return nil, err
+	}
+
 	return m.communitiesManager.CheckChannelPermissions(request.CommunityID, request.ChatID, addresses)
 }
 
@@ -4091,21 +4116,9 @@ func (m *Messenger) CheckAllCommunityChannelsPermissions(request *requests.Check
 		return nil, err
 	}
 
-	var addresses []gethcommon.Address
-
-	if len(request.Addresses) == 0 {
-		accounts, err := m.settings.GetActiveAccounts()
-		if err != nil {
-			return nil, err
-		}
-
-		for _, a := range accounts {
-			addresses = append(addresses, gethcommon.HexToAddress(a.Address.Hex()))
-		}
-	} else {
-		for _, v := range request.Addresses {
-			addresses = append(addresses, gethcommon.HexToAddress(v))
-		}
+	addresses, err := m.getSharedAddresses(request.CommunityID, request.Addresses)
+	if err != nil {
+		return nil, err
 	}
 
 	return m.communitiesManager.CheckAllChannelsPermissions(request.CommunityID, addresses)