package communities import "github.com/status-im/status-go/protocol/protobuf" var adminAuthorizedEventTypes = []protobuf.CommunityEvent_EventType{ protobuf.CommunityEvent_COMMUNITY_EDIT, protobuf.CommunityEvent_COMMUNITY_MEMBER_TOKEN_PERMISSION_CHANGE, protobuf.CommunityEvent_COMMUNITY_MEMBER_TOKEN_PERMISSION_DELETE, protobuf.CommunityEvent_COMMUNITY_CATEGORY_CREATE, protobuf.CommunityEvent_COMMUNITY_CATEGORY_DELETE, protobuf.CommunityEvent_COMMUNITY_CATEGORY_EDIT, protobuf.CommunityEvent_COMMUNITY_CHANNEL_CREATE, protobuf.CommunityEvent_COMMUNITY_CHANNEL_DELETE, protobuf.CommunityEvent_COMMUNITY_CHANNEL_EDIT, protobuf.CommunityEvent_COMMUNITY_CATEGORY_REORDER, protobuf.CommunityEvent_COMMUNITY_CHANNEL_REORDER, protobuf.CommunityEvent_COMMUNITY_REQUEST_TO_JOIN_ACCEPT, protobuf.CommunityEvent_COMMUNITY_REQUEST_TO_JOIN_REJECT, protobuf.CommunityEvent_COMMUNITY_MEMBER_KICK, protobuf.CommunityEvent_COMMUNITY_MEMBER_BAN, protobuf.CommunityEvent_COMMUNITY_MEMBER_UNBAN, } var tokenMasterAuthorizedEventTypes = append(adminAuthorizedEventTypes, []protobuf.CommunityEvent_EventType{ protobuf.CommunityEvent_COMMUNITY_TOKEN_ADD, }...) var ownerAuthorizedEventTypes = tokenMasterAuthorizedEventTypes var rolesToAuthorizedEventTypes = map[protobuf.CommunityMember_Roles][]protobuf.CommunityEvent_EventType{ protobuf.CommunityMember_ROLE_NONE: []protobuf.CommunityEvent_EventType{}, protobuf.CommunityMember_ROLE_OWNER: ownerAuthorizedEventTypes, protobuf.CommunityMember_ROLE_MANAGE_USERS: []protobuf.CommunityEvent_EventType{}, protobuf.CommunityMember_ROLE_MODERATE_CONTENT: []protobuf.CommunityEvent_EventType{}, protobuf.CommunityMember_ROLE_ADMIN: adminAuthorizedEventTypes, protobuf.CommunityMember_ROLE_TOKEN_MASTER: tokenMasterAuthorizedEventTypes, } var adminAuthorizedPermissionTypes = []protobuf.CommunityTokenPermission_Type{ protobuf.CommunityTokenPermission_BECOME_MEMBER, protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL, protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL, } var tokenMasterAuthorizedPermissionTypes = append(adminAuthorizedPermissionTypes, []protobuf.CommunityTokenPermission_Type{ protobuf.CommunityTokenPermission_BECOME_ADMIN, }...) var ownerAuthorizedPermissionTypes = append(tokenMasterAuthorizedPermissionTypes, []protobuf.CommunityTokenPermission_Type{ protobuf.CommunityTokenPermission_BECOME_TOKEN_MASTER, }...) var rolesToAuthorizedPermissionTypes = map[protobuf.CommunityMember_Roles][]protobuf.CommunityTokenPermission_Type{ protobuf.CommunityMember_ROLE_NONE: []protobuf.CommunityTokenPermission_Type{}, protobuf.CommunityMember_ROLE_OWNER: ownerAuthorizedPermissionTypes, protobuf.CommunityMember_ROLE_MANAGE_USERS: []protobuf.CommunityTokenPermission_Type{}, protobuf.CommunityMember_ROLE_MODERATE_CONTENT: []protobuf.CommunityTokenPermission_Type{}, protobuf.CommunityMember_ROLE_ADMIN: adminAuthorizedPermissionTypes, protobuf.CommunityMember_ROLE_TOKEN_MASTER: tokenMasterAuthorizedPermissionTypes, } func canRolesPerformEvent(roles []protobuf.CommunityMember_Roles, eventType protobuf.CommunityEvent_EventType) bool { for _, role := range roles { authorizedEventTypes := rolesToAuthorizedEventTypes[role] for _, authorizedEventType := range authorizedEventTypes { if authorizedEventType == eventType { return true } } } return false } func canRolesModifyPermission(roles []protobuf.CommunityMember_Roles, permissionType protobuf.CommunityTokenPermission_Type) bool { for _, role := range roles { authorizedPermissionTypes := rolesToAuthorizedPermissionTypes[role] for _, authorizedPermissionType := range authorizedPermissionTypes { if authorizedPermissionType == permissionType { return true } } } return false } func RolesAuthorizedToPerformEvent(roles []protobuf.CommunityMember_Roles, event *CommunityEvent) bool { if !canRolesPerformEvent(roles, event.Type) { return false } if event.Type == protobuf.CommunityEvent_COMMUNITY_MEMBER_TOKEN_PERMISSION_CHANGE || event.Type == protobuf.CommunityEvent_COMMUNITY_MEMBER_TOKEN_PERMISSION_DELETE { return canRolesModifyPermission(roles, event.TokenPermission.Type) } return true }