5271 lines
164 KiB
Go
5271 lines
164 KiB
Go
package communities
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"crypto/ecdsa"
|
|
"database/sql"
|
|
"encoding/hex"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"github.com/golang/protobuf/proto"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/pkg/errors"
|
|
"go.uber.org/zap"
|
|
|
|
gethcommon "github.com/ethereum/go-ethereum/common"
|
|
"github.com/ethereum/go-ethereum/common/hexutil"
|
|
"github.com/status-im/status-go/account"
|
|
utils "github.com/status-im/status-go/common"
|
|
"github.com/status-im/status-go/eth-node/crypto"
|
|
"github.com/status-im/status-go/eth-node/types"
|
|
"github.com/status-im/status-go/images"
|
|
multiaccountscommon "github.com/status-im/status-go/multiaccounts/common"
|
|
"github.com/status-im/status-go/params"
|
|
"github.com/status-im/status-go/protocol/common"
|
|
"github.com/status-im/status-go/protocol/common/shard"
|
|
community_token "github.com/status-im/status-go/protocol/communities/token"
|
|
"github.com/status-im/status-go/protocol/encryption"
|
|
"github.com/status-im/status-go/protocol/ens"
|
|
"github.com/status-im/status-go/protocol/protobuf"
|
|
"github.com/status-im/status-go/protocol/requests"
|
|
"github.com/status-im/status-go/protocol/transport"
|
|
"github.com/status-im/status-go/rpc/network"
|
|
"github.com/status-im/status-go/server"
|
|
"github.com/status-im/status-go/services/wallet/bigint"
|
|
walletcommon "github.com/status-im/status-go/services/wallet/common"
|
|
"github.com/status-im/status-go/services/wallet/thirdparty"
|
|
"github.com/status-im/status-go/services/wallet/token"
|
|
"github.com/status-im/status-go/services/wallet/wallettypes"
|
|
"github.com/status-im/status-go/signal"
|
|
)
|
|
|
|
type Publisher interface {
|
|
publish(subscription *Subscription)
|
|
}
|
|
|
|
var defaultAnnounceList = [][]string{
|
|
{"udp://tracker.opentrackr.org:1337/announce"},
|
|
{"udp://tracker.openbittorrent.com:6969/announce"},
|
|
}
|
|
var pieceLength = 100 * 1024
|
|
|
|
const maxArchiveSizeInBytes = 30000000
|
|
|
|
var maxNbMembers = 5000
|
|
var maxNbPendingRequestedMembers = 100
|
|
|
|
var memberPermissionsCheckInterval = 8 * time.Hour
|
|
var validateInterval = 2 * time.Minute
|
|
|
|
// Used for testing only
|
|
func SetValidateInterval(duration time.Duration) {
|
|
validateInterval = duration
|
|
}
|
|
func SetMaxNbMembers(maxNb int) {
|
|
maxNbMembers = maxNb
|
|
}
|
|
func SetMaxNbPendingRequestedMembers(maxNb int) {
|
|
maxNbPendingRequestedMembers = maxNb
|
|
}
|
|
|
|
// errors
|
|
var (
|
|
ErrTorrentTimedout = errors.New("torrent has timed out")
|
|
ErrCommunityRequestAlreadyRejected = errors.New("that user was already rejected from the community")
|
|
ErrInvalidClock = errors.New("invalid clock to cancel request to join")
|
|
)
|
|
|
|
type Manager struct {
|
|
persistence *Persistence
|
|
encryptor *encryption.Protocol
|
|
ensSubscription chan []*ens.VerificationRecord
|
|
subscriptions []chan *Subscription
|
|
ensVerifier *ens.Verifier
|
|
ownerVerifier OwnerVerifier
|
|
identity *ecdsa.PrivateKey
|
|
installationID string
|
|
accountsManager account.Manager
|
|
tokenManager TokenManager
|
|
collectiblesManager CollectiblesManager
|
|
logger *zap.Logger
|
|
transport *transport.Transport
|
|
timesource common.TimeSource
|
|
quit chan struct{}
|
|
walletConfig *params.WalletConfig
|
|
communityTokensService CommunityTokensServiceInterface
|
|
membersReevaluationTasks sync.Map // stores `membersReevaluationTask`
|
|
forceMembersReevaluation map[string]chan struct{}
|
|
stopped bool
|
|
RekeyInterval time.Duration
|
|
PermissionChecker PermissionChecker
|
|
keyDistributor KeyDistributor
|
|
communityLock *CommunityLock
|
|
mediaServer server.MediaServerInterface
|
|
}
|
|
|
|
type CommunityLock struct {
|
|
logger *zap.Logger
|
|
locks map[string]*sync.Mutex
|
|
mutex sync.Mutex
|
|
}
|
|
|
|
func NewCommunityLock(logger *zap.Logger) *CommunityLock {
|
|
return &CommunityLock{
|
|
logger: logger.Named("CommunityLock"),
|
|
locks: make(map[string]*sync.Mutex),
|
|
}
|
|
}
|
|
|
|
func (c *CommunityLock) Lock(communityID types.HexBytes) {
|
|
c.mutex.Lock()
|
|
communityIDStr := types.EncodeHex(communityID)
|
|
lock, ok := c.locks[communityIDStr]
|
|
if !ok {
|
|
lock = &sync.Mutex{}
|
|
c.locks[communityIDStr] = lock
|
|
}
|
|
c.mutex.Unlock()
|
|
|
|
lock.Lock()
|
|
}
|
|
|
|
func (c *CommunityLock) Unlock(communityID types.HexBytes) {
|
|
c.mutex.Lock()
|
|
communityIDStr := types.EncodeHex(communityID)
|
|
lock, ok := c.locks[communityIDStr]
|
|
c.mutex.Unlock()
|
|
|
|
if ok {
|
|
lock.Unlock()
|
|
} else {
|
|
c.logger.Warn("trying to unlock a non-existent lock", zap.String("communityID", communityIDStr))
|
|
}
|
|
}
|
|
|
|
func (c *CommunityLock) Init() {
|
|
c.locks = make(map[string]*sync.Mutex)
|
|
}
|
|
|
|
type HistoryArchiveDownloadTask struct {
|
|
CancelChan chan struct{}
|
|
Waiter sync.WaitGroup
|
|
m sync.RWMutex
|
|
Cancelled bool
|
|
}
|
|
|
|
type HistoryArchiveDownloadTaskInfo struct {
|
|
TotalDownloadedArchivesCount int
|
|
TotalArchivesCount int
|
|
Cancelled bool
|
|
}
|
|
|
|
type ArchiveFileService interface {
|
|
CreateHistoryArchiveTorrentFromMessages(communityID types.HexBytes, messages []*types.Message, topics []types.TopicType, startDate time.Time, endDate time.Time, partition time.Duration, encrypt bool) ([]string, error)
|
|
CreateHistoryArchiveTorrentFromDB(communityID types.HexBytes, topics []types.TopicType, startDate time.Time, endDate time.Time, partition time.Duration, encrypt bool) ([]string, error)
|
|
SaveMessageArchiveID(communityID types.HexBytes, hash string) error
|
|
GetMessageArchiveIDsToImport(communityID types.HexBytes) ([]string, error)
|
|
SetMessageArchiveIDImported(communityID types.HexBytes, hash string, imported bool) error
|
|
ExtractMessagesFromHistoryArchive(communityID types.HexBytes, archiveID string) ([]*protobuf.WakuMessage, error)
|
|
GetHistoryArchiveMagnetlink(communityID types.HexBytes) (string, error)
|
|
LoadHistoryArchiveIndexFromFile(myKey *ecdsa.PrivateKey, communityID types.HexBytes) (*protobuf.WakuMessageArchiveIndex, error)
|
|
}
|
|
|
|
type ArchiveService interface {
|
|
ArchiveFileService
|
|
|
|
SetOnline(bool)
|
|
SetTorrentConfig(*params.TorrentConfig)
|
|
StartTorrentClient() error
|
|
Stop() error
|
|
IsReady() bool
|
|
GetCommunityChatsFilters(communityID types.HexBytes) ([]*transport.Filter, error)
|
|
GetCommunityChatsTopics(communityID types.HexBytes) ([]types.TopicType, error)
|
|
GetHistoryArchivePartitionStartTimestamp(communityID types.HexBytes) (uint64, error)
|
|
CreateAndSeedHistoryArchive(communityID types.HexBytes, topics []types.TopicType, startDate time.Time, endDate time.Time, partition time.Duration, encrypt bool) error
|
|
StartHistoryArchiveTasksInterval(community *Community, interval time.Duration)
|
|
StopHistoryArchiveTasksInterval(communityID types.HexBytes)
|
|
SeedHistoryArchiveTorrent(communityID types.HexBytes) error
|
|
UnseedHistoryArchiveTorrent(communityID types.HexBytes)
|
|
IsSeedingHistoryArchiveTorrent(communityID types.HexBytes) bool
|
|
GetHistoryArchiveDownloadTask(communityID string) *HistoryArchiveDownloadTask
|
|
AddHistoryArchiveDownloadTask(communityID string, task *HistoryArchiveDownloadTask)
|
|
DownloadHistoryArchivesByMagnetlink(communityID types.HexBytes, magnetlink string, cancelTask chan struct{}) (*HistoryArchiveDownloadTaskInfo, error)
|
|
TorrentFileExists(communityID string) bool
|
|
}
|
|
|
|
type ArchiveManagerConfig struct {
|
|
TorrentConfig *params.TorrentConfig
|
|
Logger *zap.Logger
|
|
Persistence *Persistence
|
|
Transport *transport.Transport
|
|
Identity *ecdsa.PrivateKey
|
|
Encryptor *encryption.Protocol
|
|
Publisher Publisher
|
|
}
|
|
|
|
func (t *HistoryArchiveDownloadTask) IsCancelled() bool {
|
|
t.m.RLock()
|
|
defer t.m.RUnlock()
|
|
return t.Cancelled
|
|
}
|
|
|
|
func (t *HistoryArchiveDownloadTask) Cancel() {
|
|
t.m.Lock()
|
|
defer t.m.Unlock()
|
|
t.Cancelled = true
|
|
close(t.CancelChan)
|
|
}
|
|
|
|
type membersReevaluationTask struct {
|
|
lastStartTime time.Time
|
|
lastSuccessTime time.Time
|
|
onDemandRequestTime time.Time
|
|
mutex sync.Mutex
|
|
}
|
|
|
|
type managerOptions struct {
|
|
accountsManager account.Manager
|
|
tokenManager TokenManager
|
|
collectiblesManager CollectiblesManager
|
|
walletConfig *params.WalletConfig
|
|
communityTokensService CommunityTokensServiceInterface
|
|
permissionChecker PermissionChecker
|
|
|
|
// allowForcingCommunityMembersReevaluation indicates whether we should allow forcing community members reevaluation.
|
|
// This will allow using `force` argument in ScheduleMembersReevaluation.
|
|
// Should only be used in tests.
|
|
allowForcingCommunityMembersReevaluation bool
|
|
}
|
|
|
|
type TokenManager interface {
|
|
GetBalancesByChain(ctx context.Context, accounts, tokens []gethcommon.Address, chainIDs []uint64) (BalancesByChain, error)
|
|
GetCachedBalancesByChain(ctx context.Context, accounts, tokenAddresses []gethcommon.Address, chainIDs []uint64) (BalancesByChain, error)
|
|
FindOrCreateTokenByAddress(ctx context.Context, chainID uint64, address gethcommon.Address) *token.Token
|
|
GetAllChainIDs() ([]uint64, error)
|
|
}
|
|
|
|
type CollectibleContractData struct {
|
|
TotalSupply *bigint.BigInt
|
|
Transferable bool
|
|
RemoteBurnable bool
|
|
InfiniteSupply bool
|
|
}
|
|
|
|
type AssetContractData struct {
|
|
TotalSupply *bigint.BigInt
|
|
InfiniteSupply bool
|
|
}
|
|
|
|
type CommunityTokensServiceInterface interface {
|
|
GetCollectibleContractData(chainID uint64, contractAddress string) (*CollectibleContractData, error)
|
|
SetSignerPubKey(ctx context.Context, chainID uint64, contractAddress string, txArgs wallettypes.SendTxArgs, password string, newSignerPubKey string) (string, error)
|
|
GetAssetContractData(chainID uint64, contractAddress string) (*AssetContractData, error)
|
|
SafeGetSignerPubKey(ctx context.Context, chainID uint64, communityID string) (string, error)
|
|
DeploymentSignatureDigest(chainID uint64, addressFrom string, communityID string) ([]byte, error)
|
|
ProcessCommunityTokenAction(message *protobuf.CommunityTokenAction) error
|
|
}
|
|
|
|
type DefaultTokenManager struct {
|
|
tokenManager *token.Manager
|
|
networkManager network.ManagerInterface
|
|
}
|
|
|
|
func NewDefaultTokenManager(tm *token.Manager, nm network.ManagerInterface) *DefaultTokenManager {
|
|
return &DefaultTokenManager{tokenManager: tm, networkManager: nm}
|
|
}
|
|
|
|
type BalancesByChain = map[uint64]map[gethcommon.Address]map[gethcommon.Address]*hexutil.Big
|
|
|
|
func (m *DefaultTokenManager) GetAllChainIDs() ([]uint64, error) {
|
|
networks, err := m.networkManager.Get(false)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
areTestNetworksEnabled, err := m.networkManager.GetTestNetworksEnabled()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
chainIDs := make([]uint64, 0)
|
|
for _, network := range networks {
|
|
if areTestNetworksEnabled == network.IsTest {
|
|
chainIDs = append(chainIDs, network.ChainID)
|
|
}
|
|
}
|
|
return chainIDs, nil
|
|
}
|
|
|
|
type CollectiblesManager interface {
|
|
FetchBalancesByOwnerAndContractAddress(ctx context.Context, chainID walletcommon.ChainID, ownerAddress gethcommon.Address, contractAddresses []gethcommon.Address) (thirdparty.TokenBalancesPerContractAddress, error)
|
|
FetchCachedBalancesByOwnerAndContractAddress(ctx context.Context, chainID walletcommon.ChainID, ownerAddress gethcommon.Address, contractAddresses []gethcommon.Address) (thirdparty.TokenBalancesPerContractAddress, error)
|
|
GetCollectibleOwnership(id thirdparty.CollectibleUniqueID) ([]thirdparty.AccountBalance, error)
|
|
FetchCollectibleOwnersByContractAddress(ctx context.Context, chainID walletcommon.ChainID, contractAddress gethcommon.Address) (*thirdparty.CollectibleContractOwnership, error)
|
|
}
|
|
|
|
func (m *DefaultTokenManager) GetBalancesByChain(ctx context.Context, accounts, tokenAddresses []gethcommon.Address, chainIDs []uint64) (BalancesByChain, error) {
|
|
clients, err := m.tokenManager.RPCClient.EthClients(chainIDs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
resp, err := m.tokenManager.GetBalancesByChain(context.Background(), clients, accounts, tokenAddresses)
|
|
return resp, err
|
|
}
|
|
|
|
func (m *DefaultTokenManager) GetCachedBalancesByChain(ctx context.Context, accounts, tokenAddresses []gethcommon.Address, chainIDs []uint64) (BalancesByChain, error) {
|
|
resp, err := m.tokenManager.GetCachedBalancesByChain(accounts, tokenAddresses, chainIDs)
|
|
if err != nil {
|
|
return resp, err
|
|
}
|
|
|
|
return resp, nil
|
|
}
|
|
|
|
func (m *DefaultTokenManager) FindOrCreateTokenByAddress(ctx context.Context, chainID uint64, address gethcommon.Address) *token.Token {
|
|
return m.tokenManager.FindOrCreateTokenByAddress(ctx, chainID, address)
|
|
}
|
|
|
|
type ManagerOption func(*managerOptions)
|
|
|
|
func WithAccountManager(accountsManager account.Manager) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.accountsManager = accountsManager
|
|
}
|
|
}
|
|
|
|
func WithPermissionChecker(permissionChecker PermissionChecker) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.permissionChecker = permissionChecker
|
|
}
|
|
}
|
|
|
|
func WithCollectiblesManager(collectiblesManager CollectiblesManager) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.collectiblesManager = collectiblesManager
|
|
}
|
|
}
|
|
|
|
func WithTokenManager(tokenManager TokenManager) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.tokenManager = tokenManager
|
|
}
|
|
}
|
|
|
|
func WithWalletConfig(walletConfig *params.WalletConfig) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.walletConfig = walletConfig
|
|
}
|
|
}
|
|
|
|
func WithCommunityTokensService(communityTokensService CommunityTokensServiceInterface) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.communityTokensService = communityTokensService
|
|
}
|
|
}
|
|
|
|
func WithAllowForcingCommunityMembersReevaluation(enabled bool) ManagerOption {
|
|
return func(opts *managerOptions) {
|
|
opts.allowForcingCommunityMembersReevaluation = enabled
|
|
}
|
|
}
|
|
|
|
type OwnerVerifier interface {
|
|
SafeGetSignerPubKey(ctx context.Context, chainID uint64, communityID string) (string, error)
|
|
}
|
|
|
|
func NewManager(
|
|
identity *ecdsa.PrivateKey,
|
|
installationID string,
|
|
db *sql.DB,
|
|
encryptor *encryption.Protocol,
|
|
logger *zap.Logger,
|
|
ensverifier *ens.Verifier,
|
|
ownerVerifier OwnerVerifier,
|
|
transport *transport.Transport,
|
|
timesource common.TimeSource,
|
|
keyDistributor KeyDistributor,
|
|
mediaServer server.MediaServerInterface,
|
|
opts ...ManagerOption,
|
|
) (*Manager, error) {
|
|
if identity == nil {
|
|
return nil, errors.New("empty identity")
|
|
}
|
|
|
|
if timesource == nil {
|
|
return nil, errors.New("no timesource")
|
|
}
|
|
|
|
var err error
|
|
if logger == nil {
|
|
if logger, err = zap.NewDevelopment(); err != nil {
|
|
return nil, errors.Wrap(err, "failed to create a logger")
|
|
}
|
|
}
|
|
|
|
managerConfig := managerOptions{}
|
|
for _, opt := range opts {
|
|
opt(&managerConfig)
|
|
}
|
|
|
|
manager := &Manager{
|
|
logger: logger,
|
|
encryptor: encryptor,
|
|
identity: identity,
|
|
installationID: installationID,
|
|
ownerVerifier: ownerVerifier,
|
|
quit: make(chan struct{}),
|
|
transport: transport,
|
|
timesource: timesource,
|
|
keyDistributor: keyDistributor,
|
|
communityLock: NewCommunityLock(logger),
|
|
mediaServer: mediaServer,
|
|
}
|
|
|
|
manager.persistence = &Persistence{
|
|
db: db,
|
|
recordBundleToCommunity: manager.dbRecordBundleToCommunity,
|
|
}
|
|
|
|
if managerConfig.accountsManager != nil {
|
|
manager.accountsManager = managerConfig.accountsManager
|
|
}
|
|
|
|
if managerConfig.collectiblesManager != nil {
|
|
manager.collectiblesManager = managerConfig.collectiblesManager
|
|
}
|
|
|
|
if managerConfig.tokenManager != nil {
|
|
manager.tokenManager = managerConfig.tokenManager
|
|
}
|
|
|
|
if managerConfig.walletConfig != nil {
|
|
manager.walletConfig = managerConfig.walletConfig
|
|
}
|
|
|
|
if managerConfig.communityTokensService != nil {
|
|
manager.communityTokensService = managerConfig.communityTokensService
|
|
}
|
|
|
|
if ensverifier != nil {
|
|
sub := ensverifier.Subscribe()
|
|
manager.ensSubscription = sub
|
|
manager.ensVerifier = ensverifier
|
|
}
|
|
|
|
if managerConfig.permissionChecker != nil {
|
|
manager.PermissionChecker = managerConfig.permissionChecker
|
|
} else {
|
|
manager.PermissionChecker = &DefaultPermissionChecker{
|
|
tokenManager: manager.tokenManager,
|
|
collectiblesManager: manager.collectiblesManager,
|
|
logger: logger,
|
|
ensVerifier: ensverifier,
|
|
}
|
|
}
|
|
|
|
if managerConfig.allowForcingCommunityMembersReevaluation {
|
|
manager.logger.Warn("allowing forcing community members reevaluation, this should only be used in test environment")
|
|
manager.forceMembersReevaluation = make(map[string]chan struct{}, 10)
|
|
}
|
|
|
|
return manager, nil
|
|
}
|
|
|
|
type Subscription struct {
|
|
Community *Community
|
|
CreatingHistoryArchivesSignal *signal.CreatingHistoryArchivesSignal
|
|
HistoryArchivesCreatedSignal *signal.HistoryArchivesCreatedSignal
|
|
NoHistoryArchivesCreatedSignal *signal.NoHistoryArchivesCreatedSignal
|
|
HistoryArchivesSeedingSignal *signal.HistoryArchivesSeedingSignal
|
|
HistoryArchivesUnseededSignal *signal.HistoryArchivesUnseededSignal
|
|
HistoryArchiveDownloadedSignal *signal.HistoryArchiveDownloadedSignal
|
|
DownloadingHistoryArchivesStartedSignal *signal.DownloadingHistoryArchivesStartedSignal
|
|
DownloadingHistoryArchivesFinishedSignal *signal.DownloadingHistoryArchivesFinishedSignal
|
|
ImportingHistoryArchiveMessagesSignal *signal.ImportingHistoryArchiveMessagesSignal
|
|
CommunityEventsMessage *CommunityEventsMessage
|
|
AcceptedRequestsToJoin []types.HexBytes
|
|
RejectedRequestsToJoin []types.HexBytes
|
|
CommunityPrivilegedMemberSyncMessage *CommunityPrivilegedMemberSyncMessage
|
|
TokenCommunityValidated *CommunityResponse
|
|
}
|
|
|
|
type CommunityResponse struct {
|
|
Community *Community `json:"community"`
|
|
Changes *CommunityChanges `json:"changes"`
|
|
RequestsToJoin []*RequestToJoin `json:"requestsToJoin"`
|
|
FailedToDecrypt []*CommunityPrivateDataFailedToDecrypt `json:"-"`
|
|
}
|
|
|
|
func (m *Manager) SetMediaServer(mediaServer server.MediaServerInterface) {
|
|
m.mediaServer = mediaServer
|
|
}
|
|
|
|
func (m *Manager) Subscribe() chan *Subscription {
|
|
subscription := make(chan *Subscription, 100)
|
|
m.subscriptions = append(m.subscriptions, subscription)
|
|
return subscription
|
|
}
|
|
|
|
func (m *Manager) Start() error {
|
|
m.stopped = false
|
|
m.communityLock.Init()
|
|
if m.ensVerifier != nil {
|
|
m.runENSVerificationLoop()
|
|
}
|
|
|
|
if m.ownerVerifier != nil {
|
|
m.runOwnerVerificationLoop()
|
|
}
|
|
|
|
go func() {
|
|
defer utils.LogOnPanic()
|
|
_ = m.fillMissingCommunityTokens()
|
|
}()
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) runENSVerificationLoop() {
|
|
go func() {
|
|
defer utils.LogOnPanic()
|
|
for {
|
|
select {
|
|
case <-m.quit:
|
|
m.logger.Debug("quitting ens verification loop")
|
|
return
|
|
case records, more := <-m.ensSubscription:
|
|
if !more {
|
|
m.logger.Debug("no more ens records, quitting")
|
|
return
|
|
}
|
|
m.logger.Info("received records", zap.Any("records", records))
|
|
}
|
|
}
|
|
}()
|
|
}
|
|
|
|
// This function is mostly a way to fix any community that is missing tokens in its description
|
|
func (m *Manager) fillMissingCommunityTokens() error {
|
|
controlledCommunities, err := m.Controlled()
|
|
if err != nil {
|
|
m.logger.Error("failed to retrieve orgs", zap.Error(err))
|
|
return err
|
|
}
|
|
|
|
unlock := func() {
|
|
for _, c := range controlledCommunities {
|
|
m.communityLock.Unlock(c.ID())
|
|
}
|
|
}
|
|
for _, c := range controlledCommunities {
|
|
m.communityLock.Lock(c.ID())
|
|
}
|
|
defer unlock()
|
|
|
|
for _, community := range controlledCommunities {
|
|
tokens, err := m.GetCommunityTokens(community.IDString())
|
|
if err != nil {
|
|
m.logger.Error("failed to retrieve community tokens", zap.Error(err))
|
|
return err
|
|
}
|
|
|
|
for _, token := range tokens {
|
|
if token.DeployState != community_token.Deployed {
|
|
continue
|
|
}
|
|
tokenMetadata := &protobuf.CommunityTokenMetadata{
|
|
ContractAddresses: map[uint64]string{uint64(token.ChainID): token.Address},
|
|
Description: token.Description,
|
|
Image: token.Base64Image,
|
|
Symbol: token.Symbol,
|
|
TokenType: token.TokenType,
|
|
Name: token.Name,
|
|
Decimals: uint32(token.Decimals),
|
|
Version: token.Version,
|
|
}
|
|
modified, err := community.UpsertCommunityTokensMetadata(tokenMetadata)
|
|
if err != nil {
|
|
m.logger.Error("failed to add token metadata to the description", zap.Error(err))
|
|
return err
|
|
}
|
|
if modified {
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
m.logger.Error("failed to save the new community", zap.Error(err))
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Only for testing
|
|
func (m *Manager) CommunitiesToValidate() (map[string][]communityToValidate, error) { // nolint: golint
|
|
return m.persistence.getCommunitiesToValidate()
|
|
}
|
|
|
|
func (m *Manager) runOwnerVerificationLoop() {
|
|
m.logger.Info("starting owner verification loop")
|
|
go func() {
|
|
defer utils.LogOnPanic()
|
|
for {
|
|
select {
|
|
case <-m.quit:
|
|
m.logger.Debug("quitting owner verification loop")
|
|
return
|
|
case <-time.After(validateInterval):
|
|
// If ownerverifier is nil, we skip, this is useful for testing
|
|
if m.ownerVerifier == nil {
|
|
continue
|
|
}
|
|
|
|
communitiesToValidate, err := m.persistence.getCommunitiesToValidate()
|
|
|
|
if err != nil {
|
|
m.logger.Error("failed to fetch communities to validate", zap.Error(err))
|
|
continue
|
|
}
|
|
for id, communities := range communitiesToValidate {
|
|
m.logger.Info("validating communities", zap.String("id", id), zap.Int("count", len(communities)))
|
|
|
|
_, _ = m.validateCommunity(communities)
|
|
}
|
|
}
|
|
}
|
|
}()
|
|
}
|
|
|
|
func (m *Manager) ValidateCommunityByID(communityID types.HexBytes) (*CommunityResponse, error) {
|
|
communitiesToValidate, err := m.persistence.getCommunityToValidateByID(communityID)
|
|
if err != nil {
|
|
m.logger.Error("failed to validate community by ID", zap.String("id", communityID.String()), zap.Error(err))
|
|
return nil, err
|
|
}
|
|
return m.validateCommunity(communitiesToValidate)
|
|
|
|
}
|
|
|
|
func (m *Manager) validateCommunity(communityToValidateData []communityToValidate) (*CommunityResponse, error) {
|
|
for _, community := range communityToValidateData {
|
|
signer, description, err := UnwrapCommunityDescriptionMessage(community.payload)
|
|
if err != nil {
|
|
m.logger.Error("failed to unwrap community", zap.Error(err))
|
|
continue
|
|
}
|
|
|
|
chainID := CommunityDescriptionTokenOwnerChainID(description)
|
|
if chainID == 0 {
|
|
// This should not happen
|
|
m.logger.Error("chain id is 0, ignoring")
|
|
continue
|
|
}
|
|
|
|
m.logger.Info("validating community", zap.String("id", types.EncodeHex(community.id)), zap.String("signer", common.PubkeyToHex(signer)))
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
|
defer cancel()
|
|
|
|
owner, err := m.ownerVerifier.SafeGetSignerPubKey(ctx, chainID, types.EncodeHex(community.id))
|
|
if err != nil {
|
|
m.logger.Error("failed to get owner", zap.Error(err))
|
|
continue
|
|
}
|
|
|
|
ownerPK, err := common.HexToPubkey(owner)
|
|
if err != nil {
|
|
m.logger.Error("failed to convert pk string to ecdsa", zap.Error(err))
|
|
continue
|
|
}
|
|
|
|
// TODO: handle shards
|
|
response, err := m.HandleCommunityDescriptionMessage(signer, description, community.payload, ownerPK, nil)
|
|
if err != nil {
|
|
m.logger.Error("failed to handle community", zap.Error(err))
|
|
err = m.persistence.DeleteCommunityToValidate(community.id, community.clock)
|
|
if err != nil {
|
|
m.logger.Error("failed to delete community to validate", zap.Error(err))
|
|
}
|
|
continue
|
|
}
|
|
|
|
if response != nil {
|
|
|
|
m.logger.Info("community validated", zap.String("id", types.EncodeHex(community.id)), zap.String("signer", common.PubkeyToHex(signer)))
|
|
m.publish(&Subscription{TokenCommunityValidated: response})
|
|
err := m.persistence.DeleteCommunitiesToValidateByCommunityID(community.id)
|
|
if err != nil {
|
|
m.logger.Error("failed to delete communities to validate", zap.Error(err))
|
|
}
|
|
return response, nil
|
|
}
|
|
}
|
|
|
|
return nil, nil
|
|
}
|
|
|
|
func (m *Manager) Stop() error {
|
|
m.stopped = true
|
|
close(m.quit)
|
|
for _, c := range m.subscriptions {
|
|
close(c)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) publish(subscription *Subscription) {
|
|
if m.stopped {
|
|
return
|
|
}
|
|
for _, s := range m.subscriptions {
|
|
select {
|
|
case s <- subscription:
|
|
default:
|
|
m.logger.Warn("subscription channel full, dropping message")
|
|
}
|
|
}
|
|
}
|
|
|
|
func (m *Manager) All() ([]*Community, error) {
|
|
return m.persistence.AllCommunities(&m.identity.PublicKey)
|
|
}
|
|
|
|
type CommunityShard struct {
|
|
CommunityID string `json:"communityID"`
|
|
Shard *shard.Shard `json:"shard"`
|
|
}
|
|
|
|
type CuratedCommunities struct {
|
|
ContractCommunities []string
|
|
ContractFeaturedCommunities []string
|
|
}
|
|
|
|
type KnownCommunitiesResponse struct {
|
|
ContractCommunities []string `json:"contractCommunities"`
|
|
ContractFeaturedCommunities []string `json:"contractFeaturedCommunities"`
|
|
Descriptions map[string]*Community `json:"communities"`
|
|
UnknownCommunities []string `json:"unknownCommunities"`
|
|
}
|
|
|
|
func (m *Manager) GetStoredDescriptionForCommunities(communityIDs []string) (*KnownCommunitiesResponse, error) {
|
|
response := &KnownCommunitiesResponse{
|
|
Descriptions: make(map[string]*Community),
|
|
}
|
|
|
|
for i := range communityIDs {
|
|
communityID := communityIDs[i]
|
|
communityIDBytes, err := types.DecodeHex(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(types.HexBytes(communityIDBytes))
|
|
if err != nil && err != ErrOrgNotFound {
|
|
return nil, err
|
|
}
|
|
|
|
if community != nil {
|
|
response.Descriptions[community.IDString()] = community
|
|
} else {
|
|
response.UnknownCommunities = append(response.UnknownCommunities, communityID)
|
|
}
|
|
|
|
response.ContractCommunities = append(response.ContractCommunities, communityID)
|
|
}
|
|
|
|
return response, nil
|
|
}
|
|
|
|
func (m *Manager) Joined() ([]*Community, error) {
|
|
return m.persistence.JoinedCommunities(&m.identity.PublicKey)
|
|
}
|
|
|
|
func (m *Manager) Spectated() ([]*Community, error) {
|
|
return m.persistence.SpectatedCommunities(&m.identity.PublicKey)
|
|
}
|
|
|
|
func (m *Manager) CommunityUpdateLastOpenedAt(communityID types.HexBytes, timestamp int64) (*Community, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.UpdateLastOpenedAt(community.ID(), timestamp)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
community.UpdateLastOpenedAt(timestamp)
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) JoinedAndPendingCommunitiesWithRequests() ([]*Community, error) {
|
|
return m.persistence.JoinedAndPendingCommunitiesWithRequests(&m.identity.PublicKey)
|
|
}
|
|
|
|
func (m *Manager) DeletedCommunities() ([]*Community, error) {
|
|
return m.persistence.DeletedCommunities(&m.identity.PublicKey)
|
|
}
|
|
|
|
func (m *Manager) Controlled() ([]*Community, error) {
|
|
communities, err := m.persistence.CommunitiesWithPrivateKey(&m.identity.PublicKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
controlled := make([]*Community, 0, len(communities))
|
|
|
|
for _, c := range communities {
|
|
if c.IsControlNode() {
|
|
controlled = append(controlled, c)
|
|
}
|
|
}
|
|
|
|
return controlled, nil
|
|
}
|
|
|
|
// CreateCommunity takes a description, generates an ID for it, saves it and return it
|
|
func (m *Manager) CreateCommunity(request *requests.CreateCommunity, publish bool) (*Community, error) {
|
|
|
|
description, err := request.ToCommunityDescription()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
description.Members = make(map[string]*protobuf.CommunityMember)
|
|
description.Members[common.PubkeyToHex(&m.identity.PublicKey)] = &protobuf.CommunityMember{Roles: []protobuf.CommunityMember_Roles{protobuf.CommunityMember_ROLE_OWNER}}
|
|
|
|
err = ValidateCommunityDescription(description)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
description.Clock = 1
|
|
|
|
key, err := crypto.GenerateKey()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
description.ID = types.EncodeHex(crypto.CompressPubkey(&key.PublicKey))
|
|
|
|
config := Config{
|
|
ID: &key.PublicKey,
|
|
PrivateKey: key,
|
|
ControlNode: &key.PublicKey,
|
|
ControlDevice: true,
|
|
Logger: m.logger,
|
|
Joined: true,
|
|
JoinedAt: time.Now().Unix(),
|
|
MemberIdentity: m.identity,
|
|
CommunityDescription: description,
|
|
Shard: nil,
|
|
LastOpenedAt: 0,
|
|
}
|
|
|
|
var descriptionEncryptor DescriptionEncryptor
|
|
if m.encryptor != nil {
|
|
descriptionEncryptor = m
|
|
}
|
|
community, err := New(config, m.timesource, descriptionEncryptor, m.mediaServer)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// We join any community we create
|
|
community.Join()
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Save grant for own community
|
|
grant, err := community.BuildGrant(&m.identity.PublicKey, "")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
err = m.persistence.SaveCommunityGrant(community.IDString(), grant, uint64(time.Now().UnixMilli()))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Mark this device as the control node
|
|
syncControlNode := &protobuf.SyncCommunityControlNode{
|
|
Clock: 1,
|
|
InstallationId: m.installationID,
|
|
}
|
|
err = m.SaveSyncControlNode(community.ID(), syncControlNode)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if publish {
|
|
m.publish(&Subscription{Community: community})
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) CreateCommunityTokenPermission(request *requests.CreateCommunityTokenPermission) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// ensure key is generated before marshaling,
|
|
// as it requires key to encrypt description
|
|
if community.IsControlNode() && m.encryptor != nil {
|
|
key, err := m.encryptor.GenerateHashRatchetKey(community.ID())
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
keyID, err := key.GetKeyID()
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
m.logger.Info("generate key for token", zap.String("group-id", types.Bytes2Hex(community.ID())), zap.String("key-id", types.Bytes2Hex(keyID)))
|
|
}
|
|
|
|
community, changes, err := m.createCommunityTokenPermission(request, community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) EditCommunityTokenPermission(request *requests.EditCommunityTokenPermission) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
tokenPermission := request.ToCommunityTokenPermission()
|
|
|
|
changes, err := community.UpsertTokenPermission(&tokenPermission)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
type reevaluateMemberRole struct {
|
|
old protobuf.CommunityMember_Roles
|
|
new protobuf.CommunityMember_Roles
|
|
}
|
|
|
|
func (rmr reevaluateMemberRole) hasChanged() bool {
|
|
return rmr.old != rmr.new
|
|
}
|
|
|
|
func (rmr reevaluateMemberRole) isPrivileged() bool {
|
|
return rmr.new != protobuf.CommunityMember_ROLE_NONE
|
|
}
|
|
|
|
func (rmr reevaluateMemberRole) hasChangedToPrivileged() bool {
|
|
return rmr.hasChanged() && rmr.old == protobuf.CommunityMember_ROLE_NONE
|
|
}
|
|
|
|
func (rmr reevaluateMemberRole) hasChangedPrivilegedRole() bool {
|
|
return (rmr.old == protobuf.CommunityMember_ROLE_ADMIN && rmr.new == protobuf.CommunityMember_ROLE_TOKEN_MASTER) ||
|
|
(rmr.old == protobuf.CommunityMember_ROLE_TOKEN_MASTER && rmr.new == protobuf.CommunityMember_ROLE_ADMIN)
|
|
}
|
|
|
|
type reevaluateMembersResult struct {
|
|
membersToRemove map[string]struct{}
|
|
membersRoles map[string]*reevaluateMemberRole
|
|
membersToRemoveFromChannels map[string]map[string]struct{}
|
|
membersToAddToChannels map[string]map[string]protobuf.CommunityMember_ChannelRole
|
|
}
|
|
|
|
func (rmr *reevaluateMembersResult) newPrivilegedRoles() (map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey, error) {
|
|
result := map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey{}
|
|
|
|
for memberKey, roles := range rmr.membersRoles {
|
|
if roles.hasChangedToPrivileged() || roles.hasChangedPrivilegedRole() {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if result[roles.new] == nil {
|
|
result[roles.new] = []*ecdsa.PublicKey{}
|
|
}
|
|
result[roles.new] = append(result[roles.new], memberPubKey)
|
|
}
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
// Fetch all owners for all collectibles.
|
|
func (m *Manager) fetchCollectiblesOwners(collectibles map[walletcommon.ChainID]map[gethcommon.Address]struct{}) (CollectiblesOwners, error) {
|
|
if m.collectiblesManager == nil {
|
|
return nil, errors.New("no collectibles manager")
|
|
}
|
|
|
|
collectiblesOwners := make(CollectiblesOwners)
|
|
for chainID, contractAddresses := range collectibles {
|
|
collectiblesOwners[chainID] = make(map[gethcommon.Address]*thirdparty.CollectibleContractOwnership)
|
|
|
|
for contractAddress := range contractAddresses {
|
|
ownership, err := m.collectiblesManager.FetchCollectibleOwnersByContractAddress(context.Background(), chainID, contractAddress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
collectiblesOwners[chainID][contractAddress] = ownership
|
|
}
|
|
}
|
|
return collectiblesOwners, nil
|
|
}
|
|
|
|
// use it only for testing purposes
|
|
func (m *Manager) ReevaluateMembers(communityID types.HexBytes) (*Community, map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey, error) {
|
|
return m.reevaluateMembers(communityID)
|
|
}
|
|
|
|
// First, the community is read from the database,
|
|
// then the members are reevaluated, and only then
|
|
// the community is locked and changes are applied.
|
|
// NOTE: Changes made to the same community
|
|
// while reevaluation is ongoing are respected
|
|
// and do not affect the result of this function.
|
|
// If permissions are changed in the meantime,
|
|
// they will be accommodated with the next reevaluation.
|
|
func (m *Manager) reevaluateMembers(communityID types.HexBytes) (*Community, map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey, error) {
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if !community.IsControlNode() {
|
|
return nil, nil, ErrNotEnoughPermissions
|
|
}
|
|
|
|
communityPermissionsPreParsedData, channelPermissionsPreParsedData := PreParsePermissionsData(community.tokenPermissions())
|
|
|
|
// Optimization: Fetch all collectibles owners before members iteration to avoid asking providers for the same collectibles.
|
|
collectiblesOwners, err := m.fetchCollectiblesOwners(CollectibleAddressesFromPreParsedPermissionsData(communityPermissionsPreParsedData, channelPermissionsPreParsedData))
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
result := &reevaluateMembersResult{
|
|
membersToRemove: map[string]struct{}{},
|
|
membersRoles: map[string]*reevaluateMemberRole{},
|
|
membersToRemoveFromChannels: map[string]map[string]struct{}{},
|
|
membersToAddToChannels: map[string]map[string]protobuf.CommunityMember_ChannelRole{},
|
|
}
|
|
|
|
membersAccounts, err := m.persistence.GetCommunityRequestsToJoinRevealedAddresses(community.ID())
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
for memberKey := range community.Members() {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if memberKey == common.PubkeyToHex(&m.identity.PublicKey) || community.IsMemberOwner(memberPubKey) {
|
|
continue
|
|
}
|
|
|
|
revealedAccount, memberHasWallet := membersAccounts[memberKey]
|
|
if !memberHasWallet {
|
|
result.membersToRemove[memberKey] = struct{}{}
|
|
continue
|
|
}
|
|
|
|
accountsAndChainIDs := revealedAccountsToAccountsAndChainIDsCombination(revealedAccount)
|
|
|
|
result.membersRoles[memberKey] = &reevaluateMemberRole{
|
|
old: community.MemberRole(memberPubKey),
|
|
new: protobuf.CommunityMember_ROLE_NONE,
|
|
}
|
|
|
|
becomeTokenMasterPermissions := communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_TOKEN_MASTER]
|
|
if becomeTokenMasterPermissions != nil {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissionsWithPreFetchedData(becomeTokenMasterPermissions, accountsAndChainIDs, true, collectiblesOwners)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if permissionResponse.Satisfied {
|
|
result.membersRoles[memberKey].new = protobuf.CommunityMember_ROLE_TOKEN_MASTER
|
|
// Skip further validation if user has TokenMaster permissions
|
|
continue
|
|
}
|
|
}
|
|
|
|
becomeAdminPermissions := communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_ADMIN]
|
|
if becomeAdminPermissions != nil {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissionsWithPreFetchedData(becomeAdminPermissions, accountsAndChainIDs, true, collectiblesOwners)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if permissionResponse.Satisfied {
|
|
result.membersRoles[memberKey].new = protobuf.CommunityMember_ROLE_ADMIN
|
|
// Skip further validation if user has Admin permissions
|
|
continue
|
|
}
|
|
}
|
|
|
|
becomeMemberPermissions := communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_MEMBER]
|
|
if becomeMemberPermissions != nil {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissionsWithPreFetchedData(becomeMemberPermissions, accountsAndChainIDs, true, collectiblesOwners)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if !permissionResponse.Satisfied {
|
|
result.membersToRemove[memberKey] = struct{}{}
|
|
// Skip channels validation if user has been removed
|
|
continue
|
|
}
|
|
}
|
|
|
|
addToChannels, removeFromChannels, err := m.reevaluateMemberChannelsPermissions(community, memberPubKey, channelPermissionsPreParsedData, accountsAndChainIDs, collectiblesOwners)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
result.membersToAddToChannels[memberKey] = addToChannels
|
|
result.membersToRemoveFromChannels[memberKey] = removeFromChannels
|
|
}
|
|
|
|
newPrivilegedRoles, err := result.newPrivilegedRoles()
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Note: community itself may have changed in the meantime of permissions reevaluation.
|
|
community, err = m.applyReevaluateMembersResult(communityID, result)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, newPrivilegedRoles, m.saveAndPublish(community)
|
|
}
|
|
|
|
// Apply results on the most up-to-date community.
|
|
func (m *Manager) applyReevaluateMembersResult(communityID types.HexBytes, result *reevaluateMembersResult) (*Community, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.IsControlNode() {
|
|
return nil, ErrNotEnoughPermissions
|
|
}
|
|
|
|
// Remove members.
|
|
for memberKey := range result.membersToRemove {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
_, err = community.RemoveUserFromOrg(memberPubKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
// Ensure members have proper roles.
|
|
for memberKey, roles := range result.membersRoles {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.HasMember(memberPubKey) {
|
|
continue
|
|
}
|
|
|
|
_, err = community.SetRoleToMember(memberPubKey, roles.new)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Ensure privileged members can post in all chats.
|
|
if roles.isPrivileged() {
|
|
for channelID := range community.Chats() {
|
|
_, err = community.AddMemberToChat(channelID, memberPubKey, []protobuf.CommunityMember_Roles{roles.new}, protobuf.CommunityMember_CHANNEL_ROLE_POSTER)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Remove members from channels.
|
|
for memberKey, channels := range result.membersToRemoveFromChannels {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
for channelID := range channels {
|
|
_, err = community.RemoveUserFromChat(memberPubKey, channelID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
// Add unprivileged members to channels.
|
|
for memberKey, channels := range result.membersToAddToChannels {
|
|
memberPubKey, err := common.HexToPubkey(memberKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.HasMember(memberPubKey) {
|
|
continue
|
|
}
|
|
|
|
for channelID, channelRole := range channels {
|
|
_, err = community.AddMemberToChat(channelID, memberPubKey, []protobuf.CommunityMember_Roles{protobuf.CommunityMember_ROLE_NONE}, channelRole)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) reevaluateMemberChannelsPermissions(community *Community, memberPubKey *ecdsa.PublicKey,
|
|
channelPermissionsPreParsedData map[string]*PreParsedCommunityPermissionsData, accountsAndChainIDs []*AccountChainIDsCombination, collectiblesOwners CollectiblesOwners) (map[string]protobuf.CommunityMember_ChannelRole, map[string]struct{}, error) {
|
|
|
|
addToChannels := map[string]protobuf.CommunityMember_ChannelRole{}
|
|
removeFromChannels := map[string]struct{}{}
|
|
|
|
// check which permissions we satisfy and which not
|
|
channelPermissionsCheckResult, err := m.checkChannelsPermissionsWithPreFetchedData(channelPermissionsPreParsedData, accountsAndChainIDs, true, collectiblesOwners)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
for channelID := range community.Chats() {
|
|
channelPermissionsCheckResult, hasChannelPermission := channelPermissionsCheckResult[community.ChatID(channelID)]
|
|
|
|
// ensure member is added if channel has no permissions
|
|
if !hasChannelPermission {
|
|
addToChannels[channelID] = protobuf.CommunityMember_CHANNEL_ROLE_POSTER
|
|
continue
|
|
}
|
|
|
|
viewAndPostSatisfied, viewAndPostPermissionExists := channelPermissionsCheckResult[protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL]
|
|
viewOnlySatisfied, viewOnlyPermissionExists := channelPermissionsCheckResult[protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL]
|
|
|
|
satisfied := false
|
|
channelRole := protobuf.CommunityMember_CHANNEL_ROLE_VIEWER
|
|
if viewAndPostPermissionExists && viewAndPostSatisfied {
|
|
satisfied = viewAndPostSatisfied
|
|
channelRole = protobuf.CommunityMember_CHANNEL_ROLE_POSTER
|
|
} else if !satisfied && viewOnlyPermissionExists {
|
|
satisfied = viewOnlySatisfied
|
|
}
|
|
|
|
if satisfied {
|
|
addToChannels[channelID] = channelRole
|
|
} else {
|
|
removeFromChannels[channelID] = struct{}{}
|
|
}
|
|
}
|
|
|
|
return addToChannels, removeFromChannels, nil
|
|
}
|
|
|
|
func (m *Manager) checkChannelsPermissionsImpl(channelsPermissionsPreParsedData map[string]*PreParsedCommunityPermissionsData, accountsAndChainIDs []*AccountChainIDsCombination, shortcircuit bool, collectiblesOwners CollectiblesOwners) (map[string]map[protobuf.CommunityTokenPermission_Type]bool, error) {
|
|
checkPermissions := func(channelsPermissionPreParsedData *PreParsedCommunityPermissionsData) (*CheckPermissionsResponse, error) {
|
|
if collectiblesOwners != nil {
|
|
return m.PermissionChecker.CheckPermissionsWithPreFetchedData(channelsPermissionPreParsedData, accountsAndChainIDs, true, collectiblesOwners)
|
|
} else {
|
|
return m.PermissionChecker.CheckPermissions(channelsPermissionPreParsedData, accountsAndChainIDs, true)
|
|
}
|
|
}
|
|
|
|
channelPermissionsCheckResult := make(map[string]map[protobuf.CommunityTokenPermission_Type]bool)
|
|
for _, channelsPermissionPreParsedData := range channelsPermissionsPreParsedData {
|
|
permissionResponse, err := checkPermissions(channelsPermissionPreParsedData)
|
|
if err != nil {
|
|
return channelPermissionsCheckResult, err
|
|
}
|
|
// Note: in `PreParsedCommunityPermissionsData` for channels there will be only one permission
|
|
// no need to iterate over `Permissions`
|
|
for _, chatId := range channelsPermissionPreParsedData.Permissions[0].ChatIds {
|
|
if _, exists := channelPermissionsCheckResult[chatId]; !exists {
|
|
channelPermissionsCheckResult[chatId] = make(map[protobuf.CommunityTokenPermission_Type]bool)
|
|
}
|
|
satisfied, exists := channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type]
|
|
if exists && satisfied {
|
|
continue
|
|
}
|
|
channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type] = permissionResponse.Satisfied
|
|
}
|
|
}
|
|
return channelPermissionsCheckResult, nil
|
|
}
|
|
|
|
func (m *Manager) checkChannelsPermissionsWithPreFetchedData(channelsPermissionsPreParsedData map[string]*PreParsedCommunityPermissionsData, accountsAndChainIDs []*AccountChainIDsCombination, shortcircuit bool, collectiblesOwners CollectiblesOwners) (map[string]map[protobuf.CommunityTokenPermission_Type]bool, error) {
|
|
return m.checkChannelsPermissionsImpl(channelsPermissionsPreParsedData, accountsAndChainIDs, shortcircuit, collectiblesOwners)
|
|
}
|
|
|
|
func (m *Manager) checkChannelsPermissions(channelsPermissionsPreParsedData map[string]*PreParsedCommunityPermissionsData, accountsAndChainIDs []*AccountChainIDsCombination, shortcircuit bool) (map[string]map[protobuf.CommunityTokenPermission_Type]bool, error) {
|
|
return m.checkChannelsPermissionsImpl(channelsPermissionsPreParsedData, accountsAndChainIDs, shortcircuit, nil)
|
|
}
|
|
|
|
func (m *Manager) StartMembersReevaluationLoop(communityID types.HexBytes, reevaluateOnStart bool) {
|
|
go m.reevaluateMembersLoop(communityID, reevaluateOnStart)
|
|
}
|
|
|
|
func (m *Manager) reevaluateMembersLoop(communityID types.HexBytes, reevaluateOnStart bool) {
|
|
defer utils.LogOnPanic()
|
|
if _, exists := m.membersReevaluationTasks.Load(communityID.String()); exists {
|
|
return
|
|
}
|
|
|
|
m.membersReevaluationTasks.Store(communityID.String(), &membersReevaluationTask{})
|
|
defer m.membersReevaluationTasks.Delete(communityID.String())
|
|
|
|
var forceReevaluation chan struct{}
|
|
if m.forceMembersReevaluation != nil {
|
|
forceReevaluation = make(chan struct{}, 10)
|
|
m.forceMembersReevaluation[communityID.String()] = forceReevaluation
|
|
}
|
|
|
|
type criticalError struct {
|
|
error
|
|
}
|
|
|
|
shouldReevaluate := func(task *membersReevaluationTask, force bool) bool {
|
|
task.mutex.Lock()
|
|
defer task.mutex.Unlock()
|
|
|
|
// Ensure reevaluation is performed not more often than once per 5 minutes
|
|
if !force && task.lastSuccessTime.After(time.Now().Add(-5*time.Minute)) {
|
|
return false
|
|
}
|
|
|
|
if !task.lastSuccessTime.Before(time.Now().Add(-memberPermissionsCheckInterval)) &&
|
|
!task.lastStartTime.Before(task.onDemandRequestTime) {
|
|
return false
|
|
}
|
|
|
|
return true
|
|
}
|
|
|
|
reevaluateMembers := func(force bool) (err error) {
|
|
t, exists := m.membersReevaluationTasks.Load(communityID.String())
|
|
if !exists {
|
|
return criticalError{
|
|
error: errors.New("missing task"),
|
|
}
|
|
}
|
|
task, ok := t.(*membersReevaluationTask)
|
|
if !ok {
|
|
return criticalError{
|
|
error: errors.New("invalid task type"),
|
|
}
|
|
}
|
|
|
|
if !shouldReevaluate(task, force) {
|
|
return nil
|
|
}
|
|
|
|
task.mutex.Lock()
|
|
task.lastStartTime = time.Now()
|
|
task.mutex.Unlock()
|
|
|
|
err = m.reevaluateCommunityMembersPermissions(communityID)
|
|
if err != nil {
|
|
if errors.Is(err, ErrOrgNotFound) {
|
|
return criticalError{
|
|
error: err,
|
|
}
|
|
}
|
|
return err
|
|
}
|
|
|
|
task.mutex.Lock()
|
|
task.lastSuccessTime = time.Now()
|
|
task.mutex.Unlock()
|
|
|
|
m.logger.Info("reevaluation finished", zap.String("communityID", communityID.String()), zap.Duration("elapsed", task.lastSuccessTime.Sub(task.lastStartTime)))
|
|
return nil
|
|
}
|
|
|
|
ticker := time.NewTicker(10 * time.Second)
|
|
defer ticker.Stop()
|
|
|
|
reevaluate := reevaluateOnStart
|
|
force := false
|
|
|
|
for {
|
|
if reevaluate {
|
|
err := reevaluateMembers(force)
|
|
if err != nil {
|
|
var criticalError *criticalError
|
|
if errors.As(err, &criticalError) {
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
force = false
|
|
reevaluate = false
|
|
|
|
select {
|
|
case <-ticker.C:
|
|
reevaluate = true
|
|
continue
|
|
|
|
case <-forceReevaluation:
|
|
reevaluate = true
|
|
force = true
|
|
continue
|
|
|
|
case <-m.quit:
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func (m *Manager) ForceMembersReevaluation(communityID types.HexBytes) error {
|
|
if m.forceMembersReevaluation == nil {
|
|
return errors.New("forcing members reevaluation is not allowed")
|
|
}
|
|
return m.scheduleMembersReevaluation(communityID, true)
|
|
}
|
|
|
|
func (m *Manager) ScheduleMembersReevaluation(communityID types.HexBytes) error {
|
|
return m.scheduleMembersReevaluation(communityID, false)
|
|
}
|
|
|
|
func (m *Manager) scheduleMembersReevaluation(communityID types.HexBytes, forceImmediateReevaluation bool) error {
|
|
t, exists := m.membersReevaluationTasks.Load(communityID.String())
|
|
if !exists {
|
|
// No reevaluation task yet. We start the loop which will create it
|
|
m.StartMembersReevaluationLoop(communityID, true)
|
|
return nil
|
|
}
|
|
|
|
task, ok := t.(*membersReevaluationTask)
|
|
if !ok {
|
|
return errors.New("invalid task type")
|
|
}
|
|
task.mutex.Lock()
|
|
defer task.mutex.Unlock()
|
|
task.onDemandRequestTime = time.Now()
|
|
|
|
if forceImmediateReevaluation {
|
|
m.forceMembersReevaluation[communityID.String()] <- struct{}{}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) DeleteCommunityTokenPermission(request *requests.DeleteCommunityTokenPermission) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
changes, err := community.DeleteTokenPermission(request.PermissionID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) reevaluateCommunityMembersPermissions(communityID types.HexBytes) error {
|
|
// Publish when the reevluation started since it can take a while
|
|
signal.SendCommunityMemberReevaluationStarted(types.EncodeHex(communityID))
|
|
|
|
community, newPrivilegedMembers, err := m.reevaluateMembers(communityID)
|
|
|
|
// Publish the reevaluation ending, even if it errored
|
|
// A possible improvement would be to pass the error here
|
|
signal.SendCommunityMemberReevaluationEnded(types.EncodeHex(communityID))
|
|
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return m.ShareRequestsToJoinWithPrivilegedMembers(community, newPrivilegedMembers)
|
|
}
|
|
|
|
func (m *Manager) DeleteCommunity(id types.HexBytes) error {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
err := m.persistence.DeleteCommunity(id)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return m.persistence.DeleteCommunitySettings(id)
|
|
}
|
|
|
|
func (m *Manager) updateShard(community *Community, shard *shard.Shard, clock uint64) error {
|
|
community.config.Shard = shard
|
|
if shard == nil {
|
|
return m.persistence.DeleteCommunityShard(community.ID())
|
|
}
|
|
|
|
return m.persistence.SaveCommunityShard(community.ID(), shard, clock)
|
|
}
|
|
|
|
func (m *Manager) UpdateShard(community *Community, shard *shard.Shard, clock uint64) error {
|
|
m.communityLock.Lock(community.ID())
|
|
defer m.communityLock.Unlock(community.ID())
|
|
|
|
return m.updateShard(community, shard, clock)
|
|
}
|
|
|
|
// SetShard assigns a shard to a community
|
|
func (m *Manager) SetShard(communityID types.HexBytes, shard *shard.Shard) (*Community, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community.increaseClock()
|
|
|
|
err = m.updateShard(community, shard, community.Clock())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) UpdatePubsubTopicPrivateKey(topic string, privKey *ecdsa.PrivateKey) error {
|
|
if privKey != nil {
|
|
return m.transport.StorePubsubTopicKey(topic, privKey)
|
|
}
|
|
|
|
return m.transport.RemovePubsubTopicKey(topic)
|
|
}
|
|
|
|
// EditCommunity takes a description, updates the community with the description,
|
|
// saves it and returns it
|
|
func (m *Manager) EditCommunity(request *requests.EditCommunity) (*Community, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
newDescription, err := request.ToCommunityDescription()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("can't create community description: %v", err)
|
|
}
|
|
|
|
// If permissions weren't explicitly set on original request, use existing ones
|
|
if newDescription.Permissions.Access == protobuf.CommunityPermissions_UNKNOWN_ACCESS {
|
|
newDescription.Permissions.Access = community.config.CommunityDescription.Permissions.Access
|
|
}
|
|
// Use existing images for the entries that were not updated
|
|
// NOTE: This will NOT allow deletion of the community image; it will need to
|
|
// be handled separately.
|
|
for imageName := range community.config.CommunityDescription.Identity.Images {
|
|
_, exists := newDescription.Identity.Images[imageName]
|
|
if !exists {
|
|
// If no image was set in ToCommunityDescription then Images is nil.
|
|
if newDescription.Identity.Images == nil {
|
|
newDescription.Identity.Images = make(map[string]*protobuf.IdentityImage)
|
|
}
|
|
newDescription.Identity.Images[imageName] = community.config.CommunityDescription.Identity.Images[imageName]
|
|
}
|
|
}
|
|
// TODO: handle delete image (if needed)
|
|
|
|
err = ValidateCommunityDescription(newDescription)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !(community.IsControlNode() || community.hasPermissionToSendCommunityEvent(protobuf.CommunityEvent_COMMUNITY_EDIT)) {
|
|
return nil, ErrNotAuthorized
|
|
}
|
|
|
|
// Edit the community values
|
|
community.Edit(newDescription)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
community.increaseClock()
|
|
} else {
|
|
err := community.addNewCommunityEvent(community.ToCommunityEditCommunityEvent(newDescription))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) RemovePrivateKey(id types.HexBytes) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return community, err
|
|
}
|
|
|
|
if !community.IsControlNode() {
|
|
return community, ErrNotControlNode
|
|
}
|
|
|
|
community.config.PrivateKey = nil
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return community, err
|
|
}
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) ExportCommunity(id types.HexBytes) (*ecdsa.PrivateKey, error) {
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.IsControlNode() {
|
|
return nil, ErrNotControlNode
|
|
}
|
|
|
|
return community.config.PrivateKey, nil
|
|
}
|
|
|
|
func (m *Manager) ImportCommunity(key *ecdsa.PrivateKey, clock uint64) (*Community, error) {
|
|
communityID := crypto.CompressPubkey(&key.PublicKey)
|
|
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil && err != ErrOrgNotFound {
|
|
return nil, err
|
|
}
|
|
|
|
if community == nil {
|
|
createCommunityRequest := requests.CreateCommunity{
|
|
Membership: protobuf.CommunityPermissions_MANUAL_ACCEPT,
|
|
Name: "unknown imported",
|
|
}
|
|
|
|
description, err := createCommunityRequest.ToCommunityDescription()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = ValidateCommunityDescription(description)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
description.Clock = 1
|
|
description.ID = types.EncodeHex(communityID)
|
|
|
|
config := Config{
|
|
ID: &key.PublicKey,
|
|
PrivateKey: key,
|
|
ControlNode: &key.PublicKey,
|
|
ControlDevice: true,
|
|
Logger: m.logger,
|
|
Joined: true,
|
|
JoinedAt: time.Now().Unix(),
|
|
MemberIdentity: m.identity,
|
|
CommunityDescription: description,
|
|
LastOpenedAt: 0,
|
|
}
|
|
|
|
var descriptionEncryptor DescriptionEncryptor
|
|
if m.encryptor != nil {
|
|
descriptionEncryptor = m
|
|
}
|
|
community, err = New(config, m.timesource, descriptionEncryptor, m.mediaServer)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
community.config.PrivateKey = key
|
|
community.config.ControlDevice = true
|
|
}
|
|
|
|
community.Join()
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Save grant for own community
|
|
grant, err := community.BuildGrant(&m.identity.PublicKey, "")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
err = m.persistence.SaveCommunityGrant(community.IDString(), grant, uint64(time.Now().UnixMilli()))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Mark this device as the control node
|
|
syncControlNode := &protobuf.SyncCommunityControlNode{
|
|
Clock: clock,
|
|
InstallationId: m.installationID,
|
|
}
|
|
err = m.SaveSyncControlNode(community.ID(), syncControlNode)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) CreateChat(communityID types.HexBytes, chat *protobuf.CommunityChat, publish bool, thirdPartyID string) (*CommunityChanges, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
chatID := uuid.New().String()
|
|
if thirdPartyID != "" {
|
|
chatID = chatID + thirdPartyID
|
|
}
|
|
|
|
changes, err := community.CreateChat(chatID, chat)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return changes, nil
|
|
}
|
|
|
|
func (m *Manager) EditChat(communityID types.HexBytes, chatID string, chat *protobuf.CommunityChat) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
if strings.HasPrefix(chatID, communityID.String()) {
|
|
chatID = strings.TrimPrefix(chatID, communityID.String())
|
|
}
|
|
|
|
oldChat, err := community.GetChat(chatID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// We can't edit permissions and members with an Edit, so we set to what we had, otherwise they will be lost
|
|
chat.Permissions = oldChat.Permissions
|
|
chat.Members = oldChat.Members
|
|
|
|
changes, err := community.EditChat(chatID, chat)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) DeleteChat(communityID types.HexBytes, chatID string) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Check for channel permissions
|
|
changes := community.emptyCommunityChanges()
|
|
for tokenPermissionID, tokenPermission := range community.tokenPermissions() {
|
|
chats := tokenPermission.ChatIdsAsMap()
|
|
_, hasChat := chats[chatID]
|
|
if !hasChat {
|
|
continue
|
|
}
|
|
|
|
if len(chats) == 1 {
|
|
// Delete channel permission, if there is only one channel
|
|
deletePermissionChanges, err := community.DeleteTokenPermission(tokenPermissionID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
changes.Merge(deletePermissionChanges)
|
|
} else {
|
|
// Remove the channel from the permission, if there are other channels
|
|
delete(chats, chatID)
|
|
|
|
var chatIDs []string
|
|
for chatID := range chats {
|
|
chatIDs = append(chatIDs, chatID)
|
|
}
|
|
tokenPermission.ChatIds = chatIDs
|
|
|
|
updatePermissionChanges, err := community.UpsertTokenPermission(tokenPermission.CommunityTokenPermission)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
changes.Merge(updatePermissionChanges)
|
|
}
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
if strings.HasPrefix(chatID, communityID.String()) {
|
|
chatID = strings.TrimPrefix(chatID, communityID.String())
|
|
}
|
|
|
|
deleteChanges, err := community.DeleteChat(chatID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
changes.Merge(deleteChanges)
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) CreateCategory(request *requests.CreateCommunityCategory, publish bool) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
categoryID := uuid.New().String()
|
|
if request.ThirdPartyID != "" {
|
|
categoryID = categoryID + request.ThirdPartyID
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
for i, cid := range request.ChatIDs {
|
|
if strings.HasPrefix(cid, request.CommunityID.String()) {
|
|
request.ChatIDs[i] = strings.TrimPrefix(cid, request.CommunityID.String())
|
|
}
|
|
}
|
|
|
|
changes, err := community.CreateCategory(categoryID, request.CategoryName, request.ChatIDs)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) EditCategory(request *requests.EditCommunityCategory) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
for i, cid := range request.ChatIDs {
|
|
if strings.HasPrefix(cid, request.CommunityID.String()) {
|
|
request.ChatIDs[i] = strings.TrimPrefix(cid, request.CommunityID.String())
|
|
}
|
|
}
|
|
|
|
changes, err := community.EditCategory(request.CategoryID, request.CategoryName, request.ChatIDs)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) EditChatFirstMessageTimestamp(communityID types.HexBytes, chatID string, timestamp uint32) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
if strings.HasPrefix(chatID, communityID.String()) {
|
|
chatID = strings.TrimPrefix(chatID, communityID.String())
|
|
}
|
|
|
|
changes, err := community.UpdateChatFirstMessageTimestamp(chatID, timestamp)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Advertise changes
|
|
m.publish(&Subscription{Community: community})
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) UpdateChatFirstMessageTimestamp(community *Community, chatID string, timestamp uint32) (*CommunityChanges, error) {
|
|
communityID := community.ID().String()
|
|
chatID = strings.TrimPrefix(chatID, communityID)
|
|
return community.UpdateChatFirstMessageTimestamp(chatID, timestamp)
|
|
}
|
|
|
|
func (m *Manager) ReorderCategories(request *requests.ReorderCommunityCategories) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
changes, err := community.ReorderCategories(request.CategoryID, request.Position)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) ReorderChat(request *requests.ReorderCommunityChat) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
// Remove communityID prefix from chatID if exists
|
|
if strings.HasPrefix(request.ChatID, request.CommunityID.String()) {
|
|
request.ChatID = strings.TrimPrefix(request.ChatID, request.CommunityID.String())
|
|
}
|
|
|
|
changes, err := community.ReorderChat(request.CategoryID, request.ChatID, request.Position)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) DeleteCategory(request *requests.DeleteCommunityCategory) (*Community, *CommunityChanges, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
changes, err := community.DeleteCategory(request.CategoryID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return changes.Community, changes, nil
|
|
}
|
|
|
|
func (m *Manager) GenerateRequestsToJoinForAutoApprovalOnNewOwnership(communityID types.HexBytes, kickedMembers map[string]*protobuf.CommunityMember) ([]*RequestToJoin, error) {
|
|
var requestsToJoin []*RequestToJoin
|
|
clock := uint64(time.Now().Unix())
|
|
for pubKeyStr := range kickedMembers {
|
|
requestToJoin := &RequestToJoin{
|
|
PublicKey: pubKeyStr,
|
|
Clock: clock,
|
|
CommunityID: communityID,
|
|
State: RequestToJoinStateAwaitingAddresses,
|
|
Our: true,
|
|
RevealedAccounts: make([]*protobuf.RevealedAccount, 0),
|
|
}
|
|
|
|
requestToJoin.CalculateID()
|
|
|
|
requestsToJoin = append(requestsToJoin, requestToJoin)
|
|
}
|
|
|
|
return requestsToJoin, m.persistence.SaveRequestsToJoin(requestsToJoin)
|
|
}
|
|
|
|
func (m *Manager) Queue(signer *ecdsa.PublicKey, community *Community, clock uint64, payload []byte) error {
|
|
|
|
m.logger.Info("queuing community", zap.String("id", community.IDString()), zap.String("signer", common.PubkeyToHex(signer)))
|
|
|
|
communityToValidate := communityToValidate{
|
|
id: community.ID(),
|
|
clock: clock,
|
|
payload: payload,
|
|
validateAt: uint64(time.Now().UnixNano()),
|
|
signer: crypto.CompressPubkey(signer),
|
|
}
|
|
err := m.persistence.SaveCommunityToValidate(communityToValidate)
|
|
if err != nil {
|
|
m.logger.Error("failed to save community", zap.Error(err))
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityDescriptionMessage(signer *ecdsa.PublicKey, description *protobuf.CommunityDescription, payload []byte, verifiedOwner *ecdsa.PublicKey, communityShard *protobuf.Shard) (*CommunityResponse, error) {
|
|
m.logger.Debug("HandleCommunityDescriptionMessage", zap.String("communityID", description.ID), zap.Uint64("clock", description.Clock))
|
|
|
|
if signer == nil {
|
|
return nil, errors.New("signer can't be nil")
|
|
}
|
|
|
|
var id []byte
|
|
var err error
|
|
if len(description.ID) != 0 {
|
|
id, err = types.DecodeHex(description.ID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
// Backward compatibility
|
|
id = crypto.CompressPubkey(signer)
|
|
}
|
|
|
|
failedToDecrypt, processedDescription, err := m.preprocessDescription(id, description)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
community, err := m.GetByID(id)
|
|
if err != nil && err != ErrOrgNotFound {
|
|
return nil, err
|
|
}
|
|
|
|
// We don't process failed to decrypt if the whole metadata is encrypted
|
|
// and we joined the community already
|
|
if community != nil && community.Joined() && len(failedToDecrypt) != 0 && processedDescription != nil && len(processedDescription.Members) == 0 {
|
|
return &CommunityResponse{FailedToDecrypt: failedToDecrypt}, nil
|
|
}
|
|
|
|
// We should queue only if the community has a token owner, and the owner has been verified
|
|
hasTokenOwnership := HasTokenOwnership(processedDescription)
|
|
shouldQueue := hasTokenOwnership && verifiedOwner == nil
|
|
|
|
if community == nil {
|
|
pubKey, err := crypto.DecompressPubkey(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var cShard *shard.Shard
|
|
if communityShard == nil {
|
|
cShard = &shard.Shard{Cluster: shard.MainStatusShardCluster, Index: shard.DefaultShardIndex}
|
|
} else {
|
|
cShard = shard.FromProtobuff(communityShard)
|
|
}
|
|
config := Config{
|
|
CommunityDescription: processedDescription,
|
|
Logger: m.logger,
|
|
CommunityDescriptionProtocolMessage: payload,
|
|
MemberIdentity: m.identity,
|
|
ID: pubKey,
|
|
ControlNode: signer,
|
|
Shard: cShard,
|
|
}
|
|
|
|
var descriptionEncryptor DescriptionEncryptor
|
|
if m.encryptor != nil {
|
|
descriptionEncryptor = m
|
|
}
|
|
community, err = New(config, m.timesource, descriptionEncryptor, m.mediaServer)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// A new community, we need to check if we need to validate async.
|
|
// That would be the case if it has a contract. We queue everything and process separately.
|
|
if shouldQueue {
|
|
return nil, m.Queue(signer, community, processedDescription.Clock, payload)
|
|
}
|
|
} else {
|
|
// only queue if already known control node is different than the signer
|
|
// and if the clock is greater
|
|
shouldQueue = shouldQueue && !common.IsPubKeyEqual(community.ControlNode(), signer) &&
|
|
community.config.CommunityDescription.Clock < processedDescription.Clock
|
|
if shouldQueue {
|
|
return nil, m.Queue(signer, community, processedDescription.Clock, payload)
|
|
}
|
|
}
|
|
|
|
if hasTokenOwnership && verifiedOwner != nil {
|
|
// Override verified owner
|
|
m.logger.Info("updating verified owner",
|
|
zap.String("communityID", community.IDString()),
|
|
zap.String("verifiedOwner", common.PubkeyToHex(verifiedOwner)),
|
|
zap.String("signer", common.PubkeyToHex(signer)),
|
|
zap.String("controlNode", common.PubkeyToHex(community.ControlNode())),
|
|
)
|
|
|
|
// If we are not the verified owner anymore, drop the private key
|
|
if !common.IsPubKeyEqual(verifiedOwner, &m.identity.PublicKey) {
|
|
community.config.PrivateKey = nil
|
|
}
|
|
|
|
// new control node will be set in the 'UpdateCommunityDescription'
|
|
if !common.IsPubKeyEqual(verifiedOwner, signer) {
|
|
return nil, ErrNotAuthorized
|
|
}
|
|
} else if !common.IsPubKeyEqual(community.ControlNode(), signer) {
|
|
return nil, ErrNotAuthorized
|
|
}
|
|
|
|
r, err := m.handleCommunityDescriptionMessageCommon(community, processedDescription, payload, verifiedOwner)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
r.FailedToDecrypt = failedToDecrypt
|
|
return r, nil
|
|
}
|
|
|
|
func (m *Manager) NewHashRatchetKeys(keys []*encryption.HashRatchetInfo) error {
|
|
return m.persistence.InvalidateDecryptedCommunityCacheForKeys(keys)
|
|
}
|
|
|
|
func (m *Manager) preprocessDescription(id types.HexBytes, description *protobuf.CommunityDescription) ([]*CommunityPrivateDataFailedToDecrypt, *protobuf.CommunityDescription, error) {
|
|
decryptedCommunity, err := m.persistence.GetDecryptedCommunityDescription(id, description.Clock)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
if decryptedCommunity != nil {
|
|
return nil, decryptedCommunity, nil
|
|
}
|
|
|
|
response, err := decryptDescription(id, m, description, m.logger)
|
|
if err != nil {
|
|
return response, description, err
|
|
}
|
|
|
|
upgradeTokenPermissions(description)
|
|
|
|
// Workaround for https://github.com/status-im/status-desktop/issues/12188
|
|
hydrateChannelsMembers(description)
|
|
|
|
return response, description, m.persistence.SaveDecryptedCommunityDescription(id, response, description)
|
|
}
|
|
|
|
func (m *Manager) handleCommunityDescriptionMessageCommon(community *Community, description *protobuf.CommunityDescription, payload []byte, newControlNode *ecdsa.PublicKey) (*CommunityResponse, error) {
|
|
prevClock := community.config.CommunityDescription.Clock
|
|
prevResendAccountsClock := community.config.CommunityDescription.ResendAccountsClock
|
|
|
|
changes, err := community.UpdateCommunityDescription(description, payload, newControlNode)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err = m.handleCommunityTokensMetadata(community); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
hasCommunityArchiveInfo, err := m.persistence.HasCommunityArchiveInfo(community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
cdMagnetlinkClock := community.config.CommunityDescription.ArchiveMagnetlinkClock
|
|
if !hasCommunityArchiveInfo {
|
|
err = m.persistence.SaveCommunityArchiveInfo(community.ID(), cdMagnetlinkClock, 0)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
magnetlinkClock, err := m.persistence.GetMagnetlinkMessageClock(community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if cdMagnetlinkClock > magnetlinkClock {
|
|
err = m.persistence.UpdateMagnetlinkMessageClock(community.ID(), cdMagnetlinkClock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
pkString := common.PubkeyToHex(&m.identity.PublicKey)
|
|
if m.tokenManager != nil && description.CommunityTokensMetadata != nil && len(description.CommunityTokensMetadata) > 0 {
|
|
for _, tokenMetadata := range description.CommunityTokensMetadata {
|
|
if tokenMetadata.TokenType != protobuf.CommunityTokenType_ERC20 {
|
|
continue
|
|
}
|
|
|
|
for chainID, address := range tokenMetadata.ContractAddresses {
|
|
_ = m.tokenManager.FindOrCreateTokenByAddress(context.Background(), chainID, gethcommon.HexToAddress(address))
|
|
}
|
|
}
|
|
}
|
|
|
|
// If the community require membership, we set whether we should leave/join the community after a state change
|
|
if community.ManualAccept() || community.AutoAccept() {
|
|
if changes.HasNewMember(pkString) {
|
|
hasPendingRequest, err := m.persistence.HasPendingRequestsToJoinForUserAndCommunity(pkString, changes.Community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
// If there's any pending request, we should join the community
|
|
// automatically
|
|
changes.ShouldMemberJoin = hasPendingRequest
|
|
}
|
|
|
|
if changes.HasMemberLeft(pkString) && community.Joined() {
|
|
softKick := !changes.IsMemberBanned(pkString) &&
|
|
(changes.ControlNodeChanged != nil || prevResendAccountsClock < community.Description().ResendAccountsClock)
|
|
|
|
// If we joined previously the community, that means we have been kicked
|
|
changes.MemberKicked = !softKick
|
|
// soft kick previously joined member on community owner change or on ResendAccountsClock change
|
|
changes.MemberSoftKicked = softKick
|
|
}
|
|
}
|
|
|
|
if description.Clock > prevClock {
|
|
err = m.persistence.DeleteCommunityEvents(community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
community.config.EventsData = nil
|
|
}
|
|
|
|
// Set Joined if we are part of the member list
|
|
if !community.Joined() && community.hasMember(&m.identity.PublicKey) {
|
|
changes.ShouldMemberJoin = true
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// We mark our requests as completed, though maybe we should mark
|
|
// any request for any user that has been added as completed
|
|
if err := m.markRequestToJoinAsAccepted(&m.identity.PublicKey, community); err != nil {
|
|
return nil, err
|
|
}
|
|
// Check if there's a change and we should be joining
|
|
|
|
return &CommunityResponse{
|
|
Community: community,
|
|
Changes: changes,
|
|
}, nil
|
|
}
|
|
|
|
func (m *Manager) signEvents(community *Community) error {
|
|
for i := range community.config.EventsData.Events {
|
|
communityEvent := &community.config.EventsData.Events[i]
|
|
if communityEvent.Signature == nil || len(communityEvent.Signature) == 0 {
|
|
err := communityEvent.Sign(m.identity)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityEventsMessage(signer *ecdsa.PublicKey, message *protobuf.CommunityEventsMessage) (*CommunityResponse, error) {
|
|
if signer == nil {
|
|
return nil, errors.New("signer can't be nil")
|
|
}
|
|
|
|
eventsMessage, err := CommunityEventsMessageFromProtobuf(message)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.communityLock.Lock(eventsMessage.CommunityID)
|
|
defer m.communityLock.Unlock(eventsMessage.CommunityID)
|
|
|
|
community, err := m.GetByID(eventsMessage.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.IsPrivilegedMember(signer) {
|
|
return nil, errors.New("user has not permissions to send events")
|
|
}
|
|
|
|
originCommunity := community.CreateDeepCopy()
|
|
|
|
var lastlyAppliedEvents map[string]uint64
|
|
if community.IsControlNode() {
|
|
lastlyAppliedEvents, err = m.persistence.GetAppliedCommunityEvents(community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
additionalCommunityResponse, err := m.handleCommunityEventsAndMetadata(community, eventsMessage, lastlyAppliedEvents)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Control node applies events and publish updated CommunityDescription
|
|
if community.IsControlNode() {
|
|
appliedEvents := map[string]uint64{}
|
|
if community.config.EventsData != nil {
|
|
for _, event := range community.config.EventsData.Events {
|
|
appliedEvents[event.EventTypeID()] = event.CommunityEventClock
|
|
}
|
|
}
|
|
community.config.EventsData = nil // clear events, they are already applied
|
|
community.increaseClock()
|
|
|
|
if m.keyDistributor != nil {
|
|
encryptionKeyActions := EvaluateCommunityEncryptionKeyActions(originCommunity, community)
|
|
err := m.keyDistributor.Generate(community, encryptionKeyActions)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.UpsertAppliedCommunityEvents(community.ID(), appliedEvents)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
} else {
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
err := m.persistence.SaveCommunityEvents(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return &CommunityResponse{
|
|
Community: community,
|
|
Changes: EvaluateCommunityChanges(originCommunity, community),
|
|
RequestsToJoin: additionalCommunityResponse.RequestsToJoin,
|
|
}, nil
|
|
}
|
|
|
|
func (m *Manager) handleAdditionalAdminChanges(community *Community) (*CommunityResponse, error) {
|
|
communityResponse := CommunityResponse{
|
|
RequestsToJoin: make([]*RequestToJoin, 0),
|
|
}
|
|
|
|
if !(community.IsControlNode() || community.HasPermissionToSendCommunityEvents()) {
|
|
// we're a normal user/member node, so there's nothing for us to do here
|
|
return &communityResponse, nil
|
|
}
|
|
|
|
if community.config.EventsData == nil {
|
|
return &communityResponse, nil
|
|
}
|
|
|
|
handledMembers := map[string]struct{}{}
|
|
|
|
for i := len(community.config.EventsData.Events) - 1; i >= 0; i-- {
|
|
communityEvent := &community.config.EventsData.Events[i]
|
|
if _, handled := handledMembers[communityEvent.MemberToAction]; handled {
|
|
continue
|
|
}
|
|
switch communityEvent.Type {
|
|
case protobuf.CommunityEvent_COMMUNITY_REQUEST_TO_JOIN_ACCEPT:
|
|
handledMembers[communityEvent.MemberToAction] = struct{}{}
|
|
requestsToJoin, err := m.handleCommunityEventRequestAccepted(community, communityEvent)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if requestsToJoin != nil {
|
|
communityResponse.RequestsToJoin = append(communityResponse.RequestsToJoin, requestsToJoin...)
|
|
}
|
|
|
|
case protobuf.CommunityEvent_COMMUNITY_REQUEST_TO_JOIN_REJECT:
|
|
handledMembers[communityEvent.MemberToAction] = struct{}{}
|
|
requestsToJoin, err := m.handleCommunityEventRequestRejected(community, communityEvent)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if requestsToJoin != nil {
|
|
communityResponse.RequestsToJoin = append(communityResponse.RequestsToJoin, requestsToJoin...)
|
|
}
|
|
|
|
default:
|
|
}
|
|
}
|
|
return &communityResponse, nil
|
|
}
|
|
|
|
func (m *Manager) saveOrUpdateRequestToJoin(communityID types.HexBytes, requestToJoin *RequestToJoin) (bool, error) {
|
|
updated := false
|
|
|
|
existingRequestToJoin, err := m.persistence.GetRequestToJoin(requestToJoin.ID)
|
|
if err != nil && err != sql.ErrNoRows {
|
|
return updated, err
|
|
}
|
|
|
|
if existingRequestToJoin != nil {
|
|
// node already knows about this request to join, so let's compare clocks
|
|
// and update it if necessary
|
|
if existingRequestToJoin.Clock <= requestToJoin.Clock {
|
|
pk, err := common.HexToPubkey(existingRequestToJoin.PublicKey)
|
|
if err != nil {
|
|
return updated, err
|
|
}
|
|
err = m.persistence.SetRequestToJoinState(common.PubkeyToHex(pk), communityID, requestToJoin.State)
|
|
if err != nil {
|
|
return updated, err
|
|
}
|
|
updated = true
|
|
}
|
|
} else {
|
|
err := m.persistence.SaveRequestToJoin(requestToJoin)
|
|
if err != nil {
|
|
return updated, err
|
|
}
|
|
}
|
|
|
|
return updated, nil
|
|
}
|
|
|
|
func (m *Manager) handleCommunityEventRequestAccepted(community *Community, communityEvent *CommunityEvent) ([]*RequestToJoin, error) {
|
|
acceptedRequestsToJoin := make([]types.HexBytes, 0)
|
|
|
|
requestsToJoin := make([]*RequestToJoin, 0)
|
|
|
|
signer := communityEvent.MemberToAction
|
|
request := communityEvent.RequestToJoin
|
|
|
|
requestToJoin := &RequestToJoin{
|
|
PublicKey: signer,
|
|
Clock: request.Clock,
|
|
ENSName: request.EnsName,
|
|
CommunityID: request.CommunityId,
|
|
State: RequestToJoinStateAcceptedPending,
|
|
CustomizationColor: multiaccountscommon.IDToColorFallbackToBlue(request.CustomizationColor),
|
|
}
|
|
requestToJoin.CalculateID()
|
|
|
|
existingRequestToJoin, err := m.persistence.GetRequestToJoin(requestToJoin.ID)
|
|
if err != nil && err != sql.ErrNoRows {
|
|
return nil, err
|
|
}
|
|
|
|
if existingRequestToJoin != nil {
|
|
alreadyProcessedByControlNode := existingRequestToJoin.State == RequestToJoinStateAccepted
|
|
if alreadyProcessedByControlNode || existingRequestToJoin.State == RequestToJoinStateCanceled {
|
|
return requestsToJoin, nil
|
|
}
|
|
}
|
|
|
|
requestUpdated, err := m.saveOrUpdateRequestToJoin(community.ID(), requestToJoin)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// If request to join exists in control node, add request to acceptedRequestsToJoin.
|
|
// Otherwise keep the request as RequestToJoinStateAcceptedPending,
|
|
// as privileged users don't have revealed addresses. This can happen if control node received
|
|
// community event message before user request to join.
|
|
if community.IsControlNode() && requestUpdated {
|
|
acceptedRequestsToJoin = append(acceptedRequestsToJoin, requestToJoin.ID)
|
|
}
|
|
|
|
requestsToJoin = append(requestsToJoin, requestToJoin)
|
|
|
|
if community.IsControlNode() {
|
|
m.publish(&Subscription{AcceptedRequestsToJoin: acceptedRequestsToJoin})
|
|
}
|
|
return requestsToJoin, nil
|
|
}
|
|
|
|
func (m *Manager) handleCommunityEventRequestRejected(community *Community, communityEvent *CommunityEvent) ([]*RequestToJoin, error) {
|
|
rejectedRequestsToJoin := make([]types.HexBytes, 0)
|
|
|
|
requestsToJoin := make([]*RequestToJoin, 0)
|
|
|
|
signer := communityEvent.MemberToAction
|
|
request := communityEvent.RequestToJoin
|
|
|
|
requestToJoin := &RequestToJoin{
|
|
PublicKey: signer,
|
|
Clock: request.Clock,
|
|
ENSName: request.EnsName,
|
|
CommunityID: request.CommunityId,
|
|
State: RequestToJoinStateDeclinedPending,
|
|
CustomizationColor: multiaccountscommon.IDToColorFallbackToBlue(request.CustomizationColor),
|
|
}
|
|
requestToJoin.CalculateID()
|
|
|
|
existingRequestToJoin, err := m.persistence.GetRequestToJoin(requestToJoin.ID)
|
|
if err != nil && err != sql.ErrNoRows {
|
|
return nil, err
|
|
}
|
|
|
|
if existingRequestToJoin != nil {
|
|
alreadyProcessedByControlNode := existingRequestToJoin.State == RequestToJoinStateDeclined
|
|
if alreadyProcessedByControlNode || existingRequestToJoin.State == RequestToJoinStateCanceled {
|
|
return requestsToJoin, nil
|
|
}
|
|
}
|
|
|
|
requestUpdated, err := m.saveOrUpdateRequestToJoin(community.ID(), requestToJoin)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
// If request to join exists in control node, add request to rejectedRequestsToJoin.
|
|
// Otherwise keep the request as RequestToJoinStateDeclinedPending,
|
|
// as privileged users don't have revealed addresses. This can happen if control node received
|
|
// community event message before user request to join.
|
|
if community.IsControlNode() && requestUpdated {
|
|
rejectedRequestsToJoin = append(rejectedRequestsToJoin, requestToJoin.ID)
|
|
}
|
|
|
|
requestsToJoin = append(requestsToJoin, requestToJoin)
|
|
|
|
if community.IsControlNode() {
|
|
m.publish(&Subscription{RejectedRequestsToJoin: rejectedRequestsToJoin})
|
|
}
|
|
return requestsToJoin, nil
|
|
}
|
|
|
|
// markRequestToJoinAsAccepted marks all the pending requests to join as completed
|
|
// if we are members
|
|
func (m *Manager) markRequestToJoinAsAccepted(pk *ecdsa.PublicKey, community *Community) error {
|
|
if community.HasMember(pk) {
|
|
return m.persistence.SetRequestToJoinState(common.PubkeyToHex(pk), community.ID(), RequestToJoinStateAccepted)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) markRequestToJoinAsCanceled(pk *ecdsa.PublicKey, community *Community) error {
|
|
return m.persistence.SetRequestToJoinState(common.PubkeyToHex(pk), community.ID(), RequestToJoinStateCanceled)
|
|
}
|
|
|
|
func (m *Manager) markRequestToJoinAsAcceptedPending(pk *ecdsa.PublicKey, community *Community) error {
|
|
return m.persistence.SetRequestToJoinState(common.PubkeyToHex(pk), community.ID(), RequestToJoinStateAcceptedPending)
|
|
}
|
|
|
|
func (m *Manager) DeletePendingRequestToJoin(request *RequestToJoin) error {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
community, err := m.GetByID(request.CommunityID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = m.persistence.DeletePendingRequestToJoin(request.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) UpdateClockInRequestToJoin(id types.HexBytes, clock uint64) error {
|
|
return m.persistence.UpdateClockInRequestToJoin(id, clock)
|
|
}
|
|
|
|
func (m *Manager) SetMuted(id types.HexBytes, muted bool) error {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
return m.persistence.SetMuted(id, muted)
|
|
}
|
|
|
|
func (m *Manager) MuteCommunityTill(communityID []byte, muteTill time.Time) error {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
return m.persistence.MuteCommunityTill(communityID, muteTill)
|
|
}
|
|
func (m *Manager) CancelRequestToJoin(request *requests.CancelRequestToJoinCommunity) (*RequestToJoin, *Community, error) {
|
|
dbRequest, err := m.persistence.GetRequestToJoin(request.ID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(dbRequest.CommunityID)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
pk, err := common.HexToPubkey(dbRequest.PublicKey)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
dbRequest.State = RequestToJoinStateCanceled
|
|
if err := m.markRequestToJoinAsCanceled(pk, community); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return dbRequest, community, nil
|
|
}
|
|
|
|
func (m *Manager) CheckPermissionToJoin(id []byte, addresses []gethcommon.Address) (*CheckPermissionToJoinResponse, error) {
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return m.PermissionChecker.CheckPermissionToJoin(community, addresses)
|
|
}
|
|
|
|
func (m *Manager) accountsSatisfyPermissionsToJoin(
|
|
communityPermissionsPreParsedData map[protobuf.CommunityTokenPermission_Type]*PreParsedCommunityPermissionsData,
|
|
accountsAndChainIDs []*AccountChainIDsCombination) (bool, protobuf.CommunityMember_Roles, error) {
|
|
|
|
if m.accountsHasPrivilegedPermission(communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_TOKEN_MASTER], accountsAndChainIDs) {
|
|
return true, protobuf.CommunityMember_ROLE_TOKEN_MASTER, nil
|
|
}
|
|
if m.accountsHasPrivilegedPermission(communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_ADMIN], accountsAndChainIDs) {
|
|
return true, protobuf.CommunityMember_ROLE_ADMIN, nil
|
|
}
|
|
|
|
preParsedBecomeMemberPermissions := communityPermissionsPreParsedData[protobuf.CommunityTokenPermission_BECOME_MEMBER]
|
|
if preParsedBecomeMemberPermissions != nil {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissions(preParsedBecomeMemberPermissions, accountsAndChainIDs, true)
|
|
if err != nil {
|
|
return false, protobuf.CommunityMember_ROLE_NONE, err
|
|
}
|
|
|
|
return permissionResponse.Satisfied, protobuf.CommunityMember_ROLE_NONE, nil
|
|
}
|
|
|
|
return true, protobuf.CommunityMember_ROLE_NONE, nil
|
|
}
|
|
|
|
func (m *Manager) accountsSatisfyPermissionsToJoinChannels(
|
|
community *Community,
|
|
channelPermissionsPreParsedData map[string]*PreParsedCommunityPermissionsData,
|
|
accountsAndChainIDs []*AccountChainIDsCombination) (map[string]*protobuf.CommunityChat, map[string]*protobuf.CommunityChat, error) {
|
|
|
|
viewChats := make(map[string]*protobuf.CommunityChat)
|
|
viewAndPostChats := make(map[string]*protobuf.CommunityChat)
|
|
|
|
if len(channelPermissionsPreParsedData) == 0 {
|
|
for channelID, channel := range community.config.CommunityDescription.Chats {
|
|
viewAndPostChats[channelID] = channel
|
|
}
|
|
|
|
return viewChats, viewAndPostChats, nil
|
|
}
|
|
|
|
// check which permissions we satisfy and which not
|
|
channelPermissionsCheckResult, err := m.checkChannelsPermissions(channelPermissionsPreParsedData, accountsAndChainIDs, true)
|
|
if err != nil {
|
|
m.logger.Warn("check channel permission failed: %v", zap.Error(err))
|
|
return viewChats, viewAndPostChats, err
|
|
}
|
|
|
|
for channelID, channel := range community.config.CommunityDescription.Chats {
|
|
chatID := community.ChatID(channelID)
|
|
channelPermissionsCheckResult, exists := channelPermissionsCheckResult[chatID]
|
|
|
|
if !exists {
|
|
viewAndPostChats[channelID] = channel
|
|
continue
|
|
}
|
|
|
|
viewAndPostSatisfied, exists := channelPermissionsCheckResult[protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL]
|
|
if exists && viewAndPostSatisfied {
|
|
delete(viewChats, channelID)
|
|
viewAndPostChats[channelID] = channel
|
|
continue
|
|
}
|
|
|
|
viewOnlySatisfied, exists := channelPermissionsCheckResult[protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL]
|
|
if exists && viewOnlySatisfied {
|
|
if _, exists := viewAndPostChats[channelID]; !exists {
|
|
viewChats[channelID] = channel
|
|
}
|
|
}
|
|
}
|
|
|
|
return viewChats, viewAndPostChats, nil
|
|
}
|
|
|
|
func (m *Manager) AcceptRequestToJoin(dbRequest *RequestToJoin) (*Community, error) {
|
|
m.communityLock.Lock(dbRequest.CommunityID)
|
|
defer m.communityLock.Unlock(dbRequest.CommunityID)
|
|
|
|
pk, err := common.HexToPubkey(dbRequest.PublicKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(dbRequest.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
revealedAccounts, err := m.persistence.GetRequestToJoinRevealedAddresses(dbRequest.ID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
accountsAndChainIDs := revealedAccountsToAccountsAndChainIDsCombination(revealedAccounts)
|
|
|
|
communityPermissionsPreParsedData, channelPermissionsPreParsedData := PreParsePermissionsData(community.tokenPermissions())
|
|
|
|
permissionsSatisfied, role, err := m.accountsSatisfyPermissionsToJoin(communityPermissionsPreParsedData, accountsAndChainIDs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !permissionsSatisfied {
|
|
return community, ErrNoPermissionToJoin
|
|
}
|
|
|
|
memberRoles := []protobuf.CommunityMember_Roles{}
|
|
if role != protobuf.CommunityMember_ROLE_NONE {
|
|
memberRoles = []protobuf.CommunityMember_Roles{role}
|
|
}
|
|
|
|
_, err = community.AddMember(pk, memberRoles, dbRequest.Clock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
viewChannels, postChannels, err := m.accountsSatisfyPermissionsToJoinChannels(community, channelPermissionsPreParsedData, accountsAndChainIDs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
for channelID := range viewChannels {
|
|
_, err = community.AddMemberToChat(channelID, pk, memberRoles, protobuf.CommunityMember_CHANNEL_ROLE_VIEWER)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
for channelID := range postChannels {
|
|
_, err = community.AddMemberToChat(channelID, pk, memberRoles, protobuf.CommunityMember_CHANNEL_ROLE_POSTER)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
dbRequest.State = RequestToJoinStateAccepted
|
|
if err := m.markRequestToJoinAsAccepted(pk, community); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
dbRequest.RevealedAccounts = revealedAccounts
|
|
if err = m.shareAcceptedRequestToJoinWithPrivilegedMembers(community, dbRequest); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// if accepted member has a privilege role, share with him requests to join
|
|
memberRole := community.MemberRole(pk)
|
|
if memberRole == protobuf.CommunityMember_ROLE_OWNER || memberRole == protobuf.CommunityMember_ROLE_ADMIN ||
|
|
memberRole == protobuf.CommunityMember_ROLE_TOKEN_MASTER {
|
|
|
|
newPrivilegedMember := make(map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey)
|
|
newPrivilegedMember[memberRole] = []*ecdsa.PublicKey{pk}
|
|
if err = m.ShareRequestsToJoinWithPrivilegedMembers(community, newPrivilegedMember); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
} else if community.hasPermissionToSendCommunityEvent(protobuf.CommunityEvent_COMMUNITY_REQUEST_TO_JOIN_ACCEPT) {
|
|
err := community.addNewCommunityEvent(community.ToCommunityRequestToJoinAcceptCommunityEvent(dbRequest.PublicKey, dbRequest.ToCommunityRequestToJoinProtobuf()))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
dbRequest.State = RequestToJoinStateAcceptedPending
|
|
if err := m.markRequestToJoinAsAcceptedPending(pk, community); err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
return nil, ErrNotAuthorized
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) GetRequestToJoin(ID types.HexBytes) (*RequestToJoin, error) {
|
|
return m.persistence.GetRequestToJoin(ID)
|
|
}
|
|
|
|
func (m *Manager) DeclineRequestToJoin(dbRequest *RequestToJoin) (*Community, error) {
|
|
m.communityLock.Lock(dbRequest.CommunityID)
|
|
defer m.communityLock.Unlock(dbRequest.CommunityID)
|
|
|
|
community, err := m.GetByID(dbRequest.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
adminEventCreated, err := community.DeclineRequestToJoin(dbRequest)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
requestToJoinState := RequestToJoinStateDeclined
|
|
if adminEventCreated {
|
|
requestToJoinState = RequestToJoinStateDeclinedPending // can only be declined by control node
|
|
}
|
|
|
|
dbRequest.State = requestToJoinState
|
|
err = m.persistence.SetRequestToJoinState(dbRequest.PublicKey, dbRequest.CommunityID, requestToJoinState)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) shouldUserRetainDeclined(signer *ecdsa.PublicKey, community *Community, requestClock uint64) (bool, error) {
|
|
requestID := CalculateRequestID(common.PubkeyToHex(signer), types.HexBytes(community.IDString()))
|
|
request, err := m.persistence.GetRequestToJoin(requestID)
|
|
if err != nil {
|
|
if err == sql.ErrNoRows {
|
|
return false, nil
|
|
}
|
|
return false, err
|
|
}
|
|
|
|
return request.ShouldRetainDeclined(requestClock)
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityCancelRequestToJoin(signer *ecdsa.PublicKey, request *protobuf.CommunityCancelRequestToJoin) (*RequestToJoin, error) {
|
|
m.communityLock.Lock(request.CommunityId)
|
|
defer m.communityLock.Unlock(request.CommunityId)
|
|
|
|
community, err := m.GetByID(request.CommunityId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
previousRequestToJoin, err := m.GetRequestToJoinByPkAndCommunityID(signer, community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if request.Clock <= previousRequestToJoin.Clock {
|
|
return nil, ErrInvalidClock
|
|
}
|
|
|
|
retainDeclined, err := m.shouldUserRetainDeclined(signer, community, request.Clock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if retainDeclined {
|
|
return nil, ErrCommunityRequestAlreadyRejected
|
|
}
|
|
|
|
err = m.markRequestToJoinAsCanceled(signer, community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
requestToJoin, err := m.persistence.GetRequestToJoinByPk(common.PubkeyToHex(signer), community.ID(), RequestToJoinStateCanceled)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if community.HasMember(signer) {
|
|
_, err = community.RemoveUserFromOrg(signer)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return requestToJoin, nil
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityRequestToJoin(signer *ecdsa.PublicKey, receiver *ecdsa.PublicKey, request *protobuf.CommunityRequestToJoin) (*Community, *RequestToJoin, error) {
|
|
community, err := m.GetByID(request.CommunityId)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
err = community.ValidateRequestToJoin(signer, request)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
nbPendingRequestsToJoin, err := m.persistence.GetNumberOfPendingRequestsToJoin(community.ID())
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
if nbPendingRequestsToJoin >= maxNbPendingRequestedMembers {
|
|
return nil, nil, errors.New("max number of requests to join reached")
|
|
}
|
|
|
|
requestToJoin := &RequestToJoin{
|
|
PublicKey: common.PubkeyToHex(signer),
|
|
Clock: request.Clock,
|
|
ENSName: request.EnsName,
|
|
CommunityID: request.CommunityId,
|
|
State: RequestToJoinStatePending,
|
|
RevealedAccounts: request.RevealedAccounts,
|
|
CustomizationColor: multiaccountscommon.IDToColorFallbackToBlue(request.CustomizationColor),
|
|
}
|
|
requestToJoin.CalculateID()
|
|
|
|
existingRequestToJoin, err := m.persistence.GetRequestToJoin(requestToJoin.ID)
|
|
if err != nil && err != sql.ErrNoRows {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if existingRequestToJoin == nil {
|
|
err = m.SaveRequestToJoin(requestToJoin)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
} else {
|
|
retainDeclined, err := existingRequestToJoin.ShouldRetainDeclined(request.Clock)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
if retainDeclined {
|
|
return nil, nil, ErrCommunityRequestAlreadyRejected
|
|
}
|
|
|
|
switch existingRequestToJoin.State {
|
|
case RequestToJoinStatePending, RequestToJoinStateDeclined, RequestToJoinStateCanceled:
|
|
// Another request have been received, save request back to pending state
|
|
err = m.SaveRequestToJoin(requestToJoin)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
case RequestToJoinStateAccepted:
|
|
// if member leaved the community and tries to request to join again
|
|
if !community.HasMember(signer) {
|
|
err = m.SaveRequestToJoin(requestToJoin)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
// verify if revealed addresses indeed belong to requester
|
|
for _, revealedAccount := range request.RevealedAccounts {
|
|
recoverParams := account.RecoverParams{
|
|
Message: types.EncodeHex(crypto.Keccak256(crypto.CompressPubkey(signer), community.ID(), requestToJoin.ID)),
|
|
Signature: types.EncodeHex(revealedAccount.Signature),
|
|
}
|
|
|
|
matching, err := m.accountsManager.CanRecover(recoverParams, types.HexToAddress(revealedAccount.Address))
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
if !matching {
|
|
// if ownership of only one wallet address cannot be verified,
|
|
// we mark the request as cancelled and stop
|
|
requestToJoin.State = RequestToJoinStateDeclined
|
|
return community, requestToJoin, nil
|
|
}
|
|
}
|
|
|
|
// Save revealed addresses + signatures so they can later be added
|
|
// to the control node's local table of known revealed addresses
|
|
err = m.persistence.SaveRequestToJoinRevealedAddresses(requestToJoin.ID, requestToJoin.RevealedAccounts)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
if existingRequestToJoin != nil {
|
|
// request to join was already processed by privileged user
|
|
// and waits to get confirmation for its decision
|
|
if existingRequestToJoin.State == RequestToJoinStateDeclinedPending {
|
|
requestToJoin.State = RequestToJoinStateDeclined
|
|
return community, requestToJoin, nil
|
|
} else if existingRequestToJoin.State == RequestToJoinStateAcceptedPending {
|
|
requestToJoin.State = RequestToJoinStateAccepted
|
|
return community, requestToJoin, nil
|
|
|
|
} else if existingRequestToJoin.State == RequestToJoinStateAwaitingAddresses {
|
|
// community ownership changed, accept request automatically
|
|
requestToJoin.State = RequestToJoinStateAccepted
|
|
return community, requestToJoin, nil
|
|
}
|
|
}
|
|
|
|
// Check if we reached the limit, if we did, change the community setting to be On Request
|
|
if community.AutoAccept() && community.MembersCount() >= maxNbMembers {
|
|
community.EditPermissionAccess(protobuf.CommunityPermissions_MANUAL_ACCEPT)
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
}
|
|
|
|
// If user is already a member, then accept request automatically
|
|
// It may happen when member removes itself from community and then tries to rejoin
|
|
// More specifically, CommunityRequestToLeave may be delivered later than CommunityRequestToJoin, or not delivered at all
|
|
acceptAutomatically := community.AutoAccept() || community.HasMember(signer)
|
|
if acceptAutomatically {
|
|
// Don't check permissions here,
|
|
// it will be done further in the processing pipeline.
|
|
requestToJoin.State = RequestToJoinStateAccepted
|
|
return community, requestToJoin, nil
|
|
}
|
|
}
|
|
|
|
return community, requestToJoin, nil
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityEditSharedAddresses(signer *ecdsa.PublicKey, request *protobuf.CommunityEditSharedAddresses) error {
|
|
m.communityLock.Lock(request.CommunityId)
|
|
defer m.communityLock.Unlock(request.CommunityId)
|
|
|
|
community, err := m.GetByID(request.CommunityId)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if !community.IsControlNode() {
|
|
return ErrNotOwner
|
|
}
|
|
|
|
publicKey := common.PubkeyToHex(signer)
|
|
|
|
if err := community.ValidateEditSharedAddresses(publicKey, request); err != nil {
|
|
return err
|
|
}
|
|
|
|
community.UpdateMemberLastUpdateClock(publicKey, request.Clock)
|
|
// verify if revealed addresses indeed belong to requester
|
|
for _, revealedAccount := range request.RevealedAccounts {
|
|
recoverParams := account.RecoverParams{
|
|
Message: types.EncodeHex(crypto.Keccak256(crypto.CompressPubkey(signer), community.ID())),
|
|
Signature: types.EncodeHex(revealedAccount.Signature),
|
|
}
|
|
|
|
matching, err := m.accountsManager.CanRecover(recoverParams, types.HexToAddress(revealedAccount.Address))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !matching {
|
|
// if ownership of only one wallet address cannot be verified we stop
|
|
return errors.New("wrong wallet address used")
|
|
}
|
|
}
|
|
|
|
err = m.handleCommunityEditSharedAddresses(publicKey, request.CommunityId, request.RevealedAccounts, request.Clock)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
m.publish(&Subscription{Community: community})
|
|
}
|
|
|
|
subscriptionMsg := &CommunityPrivilegedMemberSyncMessage{
|
|
Receivers: community.GetTokenMasterMembers(),
|
|
CommunityPrivilegedUserSyncMessage: &protobuf.CommunityPrivilegedUserSyncMessage{
|
|
Type: protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_MEMBER_EDIT_SHARED_ADDRESSES,
|
|
CommunityId: community.ID(),
|
|
SyncEditSharedAddresses: &protobuf.SyncCommunityEditSharedAddresses{
|
|
PublicKey: common.PubkeyToHex(signer),
|
|
EditSharedAddress: request,
|
|
},
|
|
},
|
|
}
|
|
|
|
m.publish(&Subscription{CommunityPrivilegedMemberSyncMessage: subscriptionMsg})
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) handleCommunityEditSharedAddresses(publicKey string, communityID types.HexBytes, revealedAccounts []*protobuf.RevealedAccount, clock uint64) error {
|
|
requestToJoinID := CalculateRequestID(publicKey, communityID)
|
|
err := m.UpdateClockInRequestToJoin(requestToJoinID, clock)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = m.persistence.RemoveRequestToJoinRevealedAddresses(requestToJoinID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return m.persistence.SaveRequestToJoinRevealedAddresses(requestToJoinID, revealedAccounts)
|
|
}
|
|
|
|
func calculateChainIDsSet(accountsAndChainIDs []*AccountChainIDsCombination, requirementsChainIDs map[uint64]bool) []uint64 {
|
|
|
|
revealedAccountsChainIDs := make([]uint64, 0)
|
|
revealedAccountsChainIDsMap := make(map[uint64]bool)
|
|
|
|
// we want all chainIDs provided by revealed addresses that also exist
|
|
// in the token requirements
|
|
for _, accountAndChainIDs := range accountsAndChainIDs {
|
|
for _, chainID := range accountAndChainIDs.ChainIDs {
|
|
if requirementsChainIDs[chainID] && !revealedAccountsChainIDsMap[chainID] {
|
|
revealedAccountsChainIDsMap[chainID] = true
|
|
revealedAccountsChainIDs = append(revealedAccountsChainIDs, chainID)
|
|
}
|
|
}
|
|
}
|
|
return revealedAccountsChainIDs
|
|
}
|
|
|
|
type CollectiblesByChain = map[uint64]map[gethcommon.Address]thirdparty.TokenBalancesPerContractAddress
|
|
|
|
func (m *Manager) GetOwnedERC721Tokens(walletAddresses []gethcommon.Address, tokenRequirements map[uint64]map[string]*protobuf.TokenCriteria, chainIDs []uint64) (CollectiblesByChain, error) {
|
|
if m.collectiblesManager == nil {
|
|
return nil, errors.New("no collectibles manager")
|
|
}
|
|
|
|
ctx := context.Background()
|
|
|
|
ownedERC721Tokens := make(CollectiblesByChain)
|
|
|
|
for chainID, erc721Tokens := range tokenRequirements {
|
|
|
|
skipChain := true
|
|
for _, cID := range chainIDs {
|
|
if chainID == cID {
|
|
skipChain = false
|
|
}
|
|
}
|
|
|
|
if skipChain {
|
|
continue
|
|
}
|
|
|
|
contractAddresses := make([]gethcommon.Address, 0)
|
|
for contractAddress := range erc721Tokens {
|
|
contractAddresses = append(contractAddresses, gethcommon.HexToAddress(contractAddress))
|
|
}
|
|
|
|
if _, exists := ownedERC721Tokens[chainID]; !exists {
|
|
ownedERC721Tokens[chainID] = make(map[gethcommon.Address]thirdparty.TokenBalancesPerContractAddress)
|
|
}
|
|
|
|
for _, owner := range walletAddresses {
|
|
balances, err := m.collectiblesManager.FetchBalancesByOwnerAndContractAddress(ctx, walletcommon.ChainID(chainID), owner, contractAddresses)
|
|
if err != nil {
|
|
m.logger.Info("couldn't fetch owner assets", zap.Error(err))
|
|
return nil, err
|
|
}
|
|
ownedERC721Tokens[chainID][owner] = balances
|
|
}
|
|
}
|
|
return ownedERC721Tokens, nil
|
|
}
|
|
|
|
func (m *Manager) CheckChannelPermissions(communityID types.HexBytes, chatID string, addresses []gethcommon.Address) (*CheckChannelPermissionsResponse, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if chatID == "" {
|
|
return nil, errors.New(fmt.Sprintf("couldn't check channel permissions, invalid chat id: %s", chatID))
|
|
}
|
|
|
|
viewOnlyPermissions := community.ChannelTokenPermissionsByType(chatID, protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL)
|
|
viewAndPostPermissions := community.ChannelTokenPermissionsByType(chatID, protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL)
|
|
viewOnlyPreParsedPermissions := preParsedCommunityPermissionsData(viewOnlyPermissions)
|
|
viewAndPostPreParsedPermissions := preParsedCommunityPermissionsData(viewAndPostPermissions)
|
|
|
|
allChainIDs, err := m.tokenManager.GetAllChainIDs()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
accountsAndChainIDs := combineAddressesAndChainIDs(addresses, allChainIDs)
|
|
|
|
response, err := m.checkChannelPermissions(viewOnlyPreParsedPermissions, viewAndPostPreParsedPermissions, accountsAndChainIDs, false)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.SaveCheckChannelPermissionResponse(communityID.String(), chatID, response)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return response, nil
|
|
}
|
|
|
|
type CheckChannelPermissionsResponse struct {
|
|
ViewOnlyPermissions *CheckChannelViewOnlyPermissionsResult `json:"viewOnlyPermissions"`
|
|
ViewAndPostPermissions *CheckChannelViewAndPostPermissionsResult `json:"viewAndPostPermissions"`
|
|
}
|
|
|
|
type CheckChannelViewOnlyPermissionsResult struct {
|
|
Satisfied bool `json:"satisfied"`
|
|
Permissions map[string]*PermissionTokenCriteriaResult `json:"permissions"`
|
|
}
|
|
|
|
type CheckChannelViewAndPostPermissionsResult struct {
|
|
Satisfied bool `json:"satisfied"`
|
|
Permissions map[string]*PermissionTokenCriteriaResult `json:"permissions"`
|
|
}
|
|
|
|
func computeViewOnlySatisfied(hasViewOnlyPermissions bool, hasViewAndPostPermissions bool, checkedViewOnlySatisfied bool, checkedViewAndPostSatisified bool) bool {
|
|
if (hasViewAndPostPermissions && !hasViewOnlyPermissions) || (hasViewOnlyPermissions && hasViewAndPostPermissions && checkedViewAndPostSatisified) {
|
|
return checkedViewAndPostSatisified
|
|
} else {
|
|
return checkedViewOnlySatisfied
|
|
}
|
|
}
|
|
|
|
func computeViewAndPostSatisfied(hasViewOnlyPermissions bool, hasViewAndPostPermissions bool, checkedViewAndPostSatisified bool) bool {
|
|
if hasViewOnlyPermissions && !hasViewAndPostPermissions {
|
|
return false
|
|
} else {
|
|
return checkedViewAndPostSatisified
|
|
}
|
|
}
|
|
|
|
func (m *Manager) checkChannelPermissions(viewOnlyPreParsedPermissions *PreParsedCommunityPermissionsData, viewAndPostPreParsedPermissions *PreParsedCommunityPermissionsData, accountsAndChainIDs []*AccountChainIDsCombination, shortcircuit bool) (*CheckChannelPermissionsResponse, error) {
|
|
viewOnlyPermissionsResponse, err := m.PermissionChecker.CheckPermissions(viewOnlyPreParsedPermissions, accountsAndChainIDs, shortcircuit)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
viewAndPostPermissionsResponse, err := m.PermissionChecker.CheckPermissions(viewAndPostPreParsedPermissions, accountsAndChainIDs, shortcircuit)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
hasViewOnlyPermissions := viewOnlyPreParsedPermissions != nil
|
|
hasViewAndPostPermissions := viewAndPostPreParsedPermissions != nil
|
|
|
|
return computeCheckChannelPermissionsResponse(hasViewOnlyPermissions, hasViewAndPostPermissions,
|
|
viewOnlyPermissionsResponse, viewAndPostPermissionsResponse),
|
|
nil
|
|
}
|
|
|
|
func computeCheckChannelPermissionsResponse(hasViewOnlyPermissions bool, hasViewAndPostPermissions bool,
|
|
viewOnlyPermissionsResponse *CheckPermissionsResponse, viewAndPostPermissionsResponse *CheckPermissionsResponse) *CheckChannelPermissionsResponse {
|
|
|
|
response := &CheckChannelPermissionsResponse{
|
|
ViewOnlyPermissions: &CheckChannelViewOnlyPermissionsResult{
|
|
Satisfied: false,
|
|
Permissions: make(map[string]*PermissionTokenCriteriaResult),
|
|
},
|
|
ViewAndPostPermissions: &CheckChannelViewAndPostPermissionsResult{
|
|
Satisfied: false,
|
|
Permissions: make(map[string]*PermissionTokenCriteriaResult),
|
|
},
|
|
}
|
|
|
|
viewOnlySatisfied := !hasViewOnlyPermissions || viewOnlyPermissionsResponse.Satisfied
|
|
viewAndPostSatisfied := !hasViewAndPostPermissions || viewAndPostPermissionsResponse.Satisfied
|
|
|
|
response.ViewOnlyPermissions.Satisfied = computeViewOnlySatisfied(hasViewOnlyPermissions, hasViewAndPostPermissions,
|
|
viewOnlySatisfied, viewAndPostSatisfied)
|
|
if viewOnlyPermissionsResponse != nil {
|
|
response.ViewOnlyPermissions.Permissions = viewOnlyPermissionsResponse.Permissions
|
|
}
|
|
|
|
response.ViewAndPostPermissions.Satisfied = computeViewAndPostSatisfied(hasViewOnlyPermissions, hasViewAndPostPermissions,
|
|
viewAndPostSatisfied)
|
|
|
|
if viewAndPostPermissionsResponse != nil {
|
|
response.ViewAndPostPermissions.Permissions = viewAndPostPermissionsResponse.Permissions
|
|
}
|
|
|
|
return response
|
|
}
|
|
|
|
func (m *Manager) CheckAllChannelsPermissions(communityID types.HexBytes, addresses []gethcommon.Address) (*CheckAllChannelsPermissionsResponse, error) {
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
channels := community.Chats()
|
|
|
|
allChainIDs, err := m.tokenManager.GetAllChainIDs()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
accountsAndChainIDs := combineAddressesAndChainIDs(addresses, allChainIDs)
|
|
|
|
_, channelsPermissionsPreParsedData := PreParsePermissionsData(community.tokenPermissions())
|
|
|
|
channelPermissionsCheckResult := make(map[string]map[protobuf.CommunityTokenPermission_Type]*CheckPermissionsResponse)
|
|
|
|
for permissionId, channelsPermissionPreParsedData := range channelsPermissionsPreParsedData {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissions(channelsPermissionPreParsedData, accountsAndChainIDs, false)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Note: in `PreParsedCommunityPermissionsData` for channels there will be only one permission for channels
|
|
for _, chatId := range channelsPermissionPreParsedData.Permissions[0].ChatIds {
|
|
if _, exists := channelPermissionsCheckResult[chatId]; !exists {
|
|
channelPermissionsCheckResult[chatId] = make(map[protobuf.CommunityTokenPermission_Type]*CheckPermissionsResponse)
|
|
}
|
|
storedPermissionResponse, exists := channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type]
|
|
if !exists {
|
|
channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type] =
|
|
permissionResponse
|
|
} else {
|
|
channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type].Permissions[permissionId] =
|
|
permissionResponse.Permissions[permissionId]
|
|
channelPermissionsCheckResult[chatId][channelsPermissionPreParsedData.Permissions[0].Type].Satisfied =
|
|
storedPermissionResponse.Satisfied || permissionResponse.Satisfied
|
|
}
|
|
}
|
|
}
|
|
|
|
response := &CheckAllChannelsPermissionsResponse{
|
|
Channels: make(map[string]*CheckChannelPermissionsResponse),
|
|
}
|
|
|
|
for channelID := range channels {
|
|
chatId := community.ChatID(channelID)
|
|
|
|
channelCheckPermissionsResponse, exists := channelPermissionsCheckResult[chatId]
|
|
|
|
var channelPermissionsResponse *CheckChannelPermissionsResponse
|
|
if !exists {
|
|
channelPermissionsResponse = computeCheckChannelPermissionsResponse(false, false, nil, nil)
|
|
} else {
|
|
viewPermissionsResponse, viewExists := channelCheckPermissionsResponse[protobuf.CommunityTokenPermission_CAN_VIEW_CHANNEL]
|
|
postPermissionsResponse, postExists := channelCheckPermissionsResponse[protobuf.CommunityTokenPermission_CAN_VIEW_AND_POST_CHANNEL]
|
|
channelPermissionsResponse = computeCheckChannelPermissionsResponse(viewExists, postExists, viewPermissionsResponse, postPermissionsResponse)
|
|
}
|
|
|
|
err = m.persistence.SaveCheckChannelPermissionResponse(community.IDString(), chatId, channelPermissionsResponse)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
response.Channels[chatId] = channelPermissionsResponse
|
|
}
|
|
return response, nil
|
|
}
|
|
|
|
func (m *Manager) GetCheckChannelPermissionResponses(communityID types.HexBytes) (*CheckAllChannelsPermissionsResponse, error) {
|
|
|
|
response, err := m.persistence.GetCheckChannelPermissionResponses(communityID.String())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &CheckAllChannelsPermissionsResponse{Channels: response}, nil
|
|
}
|
|
|
|
type CheckAllChannelsPermissionsResponse struct {
|
|
Channels map[string]*CheckChannelPermissionsResponse `json:"channels"`
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityRequestToJoinResponse(signer *ecdsa.PublicKey, request *protobuf.CommunityRequestToJoinResponse) (*RequestToJoin, error) {
|
|
if len(request.CommunityDescriptionProtocolMessage) > 0 {
|
|
description, err := unmarshalCommunityDescriptionMessage(request.CommunityDescriptionProtocolMessage, signer)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
_, err = m.HandleCommunityDescriptionMessage(signer, description, request.CommunityDescriptionProtocolMessage, nil, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
m.communityLock.Lock(request.CommunityId)
|
|
defer m.communityLock.Unlock(request.CommunityId)
|
|
|
|
pkString := common.PubkeyToHex(&m.identity.PublicKey)
|
|
|
|
community, err := m.GetByID(request.CommunityId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if community.Encrypted() && len(request.Grant) > 0 {
|
|
_, err = m.HandleCommunityGrant(community, request.Grant, request.Clock)
|
|
if err != nil && err != ErrGrantOlder && err != ErrGrantExpired {
|
|
m.logger.Error("Error handling a community grant", zap.Error(err))
|
|
}
|
|
}
|
|
|
|
if request.Accepted {
|
|
err = m.markRequestToJoinAsAccepted(&m.identity.PublicKey, community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
err = m.persistence.SetRequestToJoinState(pkString, community.ID(), RequestToJoinStateDeclined)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return m.persistence.GetRequestToJoinByPkAndCommunityID(pkString, community.ID())
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityRequestToLeave(signer *ecdsa.PublicKey, proto *protobuf.CommunityRequestToLeave) error {
|
|
requestToLeave := NewRequestToLeave(common.PubkeyToHex(signer), proto)
|
|
if err := m.persistence.SaveRequestToLeave(requestToLeave); err != nil {
|
|
return err
|
|
}
|
|
|
|
// Ensure corresponding requestToJoin clock is older than requestToLeave
|
|
requestToJoin, err := m.persistence.GetRequestToJoin(requestToLeave.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if requestToJoin.Clock > requestToLeave.Clock {
|
|
return ErrOldRequestToLeave
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func UnwrapCommunityDescriptionMessage(payload []byte) (*ecdsa.PublicKey, *protobuf.CommunityDescription, error) {
|
|
|
|
applicationMetadataMessage := &protobuf.ApplicationMetadataMessage{}
|
|
err := proto.Unmarshal(payload, applicationMetadataMessage)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
if applicationMetadataMessage.Type != protobuf.ApplicationMetadataMessage_COMMUNITY_DESCRIPTION {
|
|
return nil, nil, ErrInvalidMessage
|
|
}
|
|
signer, err := utils.RecoverKey(applicationMetadataMessage)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
description := &protobuf.CommunityDescription{}
|
|
|
|
err = proto.Unmarshal(applicationMetadataMessage.Payload, description)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return signer, description, nil
|
|
}
|
|
|
|
func (m *Manager) JoinCommunity(id types.HexBytes, forceJoin bool) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if !forceJoin && community.Joined() {
|
|
// Nothing to do, we are already joined
|
|
return community, ErrOrgAlreadyJoined
|
|
}
|
|
community.Join()
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) SpectateCommunity(id types.HexBytes) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
community.Spectate()
|
|
if err = m.persistence.SaveCommunity(community); err != nil {
|
|
return nil, err
|
|
}
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) GetMagnetlinkMessageClock(communityID types.HexBytes) (uint64, error) {
|
|
return m.persistence.GetMagnetlinkMessageClock(communityID)
|
|
}
|
|
|
|
func (m *Manager) GetCommunityRequestToJoinClock(pk *ecdsa.PublicKey, communityID string) (uint64, error) {
|
|
communityIDBytes, err := types.DecodeHex(communityID)
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
|
|
joinClock, err := m.persistence.GetRequestToJoinClockByPkAndCommunityID(common.PubkeyToHex(pk), communityIDBytes)
|
|
|
|
if errors.Is(err, sql.ErrNoRows) {
|
|
return 0, nil
|
|
} else if err != nil {
|
|
return 0, err
|
|
}
|
|
|
|
return joinClock, nil
|
|
}
|
|
|
|
func (m *Manager) GetRequestToJoinByPkAndCommunityID(pk *ecdsa.PublicKey, communityID []byte) (*RequestToJoin, error) {
|
|
return m.persistence.GetRequestToJoinByPkAndCommunityID(common.PubkeyToHex(pk), communityID)
|
|
}
|
|
|
|
func (m *Manager) UpdateCommunityDescriptionMagnetlinkMessageClock(communityID types.HexBytes, clock uint64) error {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByIDString(communityID.String())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
community.config.CommunityDescription.ArchiveMagnetlinkClock = clock
|
|
return m.persistence.SaveCommunity(community)
|
|
}
|
|
|
|
func (m *Manager) UpdateMagnetlinkMessageClock(communityID types.HexBytes, clock uint64) error {
|
|
return m.persistence.UpdateMagnetlinkMessageClock(communityID, clock)
|
|
}
|
|
|
|
func (m *Manager) UpdateLastSeenMagnetlink(communityID types.HexBytes, magnetlinkURI string) error {
|
|
return m.persistence.UpdateLastSeenMagnetlink(communityID, magnetlinkURI)
|
|
}
|
|
|
|
func (m *Manager) GetLastSeenMagnetlink(communityID types.HexBytes) (string, error) {
|
|
return m.persistence.GetLastSeenMagnetlink(communityID)
|
|
}
|
|
|
|
func (m *Manager) LeaveCommunity(id types.HexBytes) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community.RemoveOurselvesFromOrg(&m.identity.PublicKey)
|
|
community.Leave()
|
|
|
|
if err = m.persistence.SaveCommunity(community); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
// Same as LeaveCommunity, but we have an option to stay spectating
|
|
func (m *Manager) KickedOutOfCommunity(id types.HexBytes, spectateMode bool) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community.RemoveOurselvesFromOrg(&m.identity.PublicKey)
|
|
community.Leave()
|
|
if spectateMode {
|
|
community.Spectate()
|
|
}
|
|
|
|
if err = m.persistence.SaveCommunity(community); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) AddMemberOwnerToCommunity(communityID types.HexBytes, pk *ecdsa.PublicKey) (*Community, error) {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
_, err = community.AddMember(pk, []protobuf.CommunityMember_Roles{protobuf.CommunityMember_ROLE_OWNER}, community.Clock())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) RemoveUserFromCommunity(id types.HexBytes, pk *ecdsa.PublicKey) (*Community, error) {
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
_, err = community.RemoveUserFromOrg(pk)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) UnbanUserFromCommunity(request *requests.UnbanUserFromCommunity) (*Community, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
id := request.CommunityID
|
|
publicKey, err := common.HexToPubkey(request.User.String())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
_, err = community.UnbanUserFromCommunity(publicKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) AddRoleToMember(request *requests.AddRoleToMember) (*Community, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
id := request.CommunityID
|
|
publicKey, err := common.HexToPubkey(request.User.String())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.hasMember(publicKey) {
|
|
return nil, ErrMemberNotFound
|
|
}
|
|
|
|
_, err = community.AddRoleToMember(publicKey, request.Role)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) RemoveRoleFromMember(request *requests.RemoveRoleFromMember) (*Community, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
id := request.CommunityID
|
|
publicKey, err := common.HexToPubkey(request.User.String())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.hasMember(publicKey) {
|
|
return nil, ErrMemberNotFound
|
|
}
|
|
|
|
_, err = community.RemoveRoleFromMember(publicKey, request.Role)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) BanUserFromCommunity(request *requests.BanUserFromCommunity) (*Community, error) {
|
|
m.communityLock.Lock(request.CommunityID)
|
|
defer m.communityLock.Unlock(request.CommunityID)
|
|
|
|
id := request.CommunityID
|
|
|
|
publicKey, err := common.HexToPubkey(request.User.String())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
_, err = community.BanUserFromCommunity(publicKey, &protobuf.CommunityBanInfo{DeleteAllMessages: request.DeleteAllMessages})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
err = m.saveAndPublish(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) dbRecordBundleToCommunity(r *CommunityRecordBundle) (*Community, error) {
|
|
var descriptionEncryptor DescriptionEncryptor
|
|
if m.encryptor != nil {
|
|
descriptionEncryptor = m
|
|
}
|
|
|
|
initializer := func(community *Community) error {
|
|
_, description, err := m.preprocessDescription(community.ID(), community.config.CommunityDescription)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
community.config.CommunityDescription = description
|
|
|
|
if community.config.EventsData != nil {
|
|
eventsDescription, err := unmarshalCommunityDescriptionMessage(community.config.EventsData.EventsBaseCommunityDescription, community.ControlNode())
|
|
if err != nil {
|
|
m.logger.Error("invalid EventsBaseCommunityDescription", zap.Error(err))
|
|
}
|
|
if eventsDescription != nil && eventsDescription.Clock == community.Clock() {
|
|
community.applyEvents()
|
|
}
|
|
}
|
|
|
|
if m.transport != nil && m.transport.WakuVersion() == 2 {
|
|
topic := community.PubsubTopic()
|
|
privKey, err := m.transport.RetrievePubsubTopicKey(topic)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
community.config.PubsubTopicPrivateKey = privKey
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
return recordBundleToCommunity(
|
|
r,
|
|
m.identity,
|
|
m.installationID,
|
|
m.logger,
|
|
m.timesource,
|
|
descriptionEncryptor,
|
|
m.mediaServer,
|
|
initializer,
|
|
)
|
|
}
|
|
|
|
func (m *Manager) GetByID(id []byte) (*Community, error) {
|
|
community, err := m.persistence.GetByID(&m.identity.PublicKey, id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if community == nil {
|
|
return nil, ErrOrgNotFound
|
|
}
|
|
return community, nil
|
|
}
|
|
|
|
func (m *Manager) GetByIDString(idString string) (*Community, error) {
|
|
id, err := types.DecodeHex(idString)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return m.GetByID(id)
|
|
}
|
|
|
|
func (m *Manager) GetCommunityShard(communityID types.HexBytes) (*shard.Shard, error) {
|
|
return m.persistence.GetCommunityShard(communityID)
|
|
}
|
|
|
|
func (m *Manager) SaveCommunityShard(communityID types.HexBytes, shard *shard.Shard, clock uint64) error {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
return m.persistence.SaveCommunityShard(communityID, shard, clock)
|
|
}
|
|
|
|
func (m *Manager) DeleteCommunityShard(communityID types.HexBytes) error {
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
return m.persistence.DeleteCommunityShard(communityID)
|
|
}
|
|
|
|
func (m *Manager) SaveRequestToJoinRevealedAddresses(requestID types.HexBytes, revealedAccounts []*protobuf.RevealedAccount) error {
|
|
return m.persistence.SaveRequestToJoinRevealedAddresses(requestID, revealedAccounts)
|
|
}
|
|
|
|
func (m *Manager) RemoveRequestToJoinRevealedAddresses(requestID types.HexBytes) error {
|
|
return m.persistence.RemoveRequestToJoinRevealedAddresses(requestID)
|
|
}
|
|
|
|
func (m *Manager) SaveRequestToJoinAndCommunity(requestToJoin *RequestToJoin, community *Community) (*Community, *RequestToJoin, error) {
|
|
if err := m.persistence.SaveRequestToJoin(requestToJoin); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
community.config.RequestedToJoinAt = uint64(time.Now().Unix())
|
|
community.AddRequestToJoin(requestToJoin)
|
|
|
|
// Save revealed addresses to our own table so that we can retrieve them later when editing
|
|
if err := m.SaveRequestToJoinRevealedAddresses(requestToJoin.ID, requestToJoin.RevealedAccounts); err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, requestToJoin, nil
|
|
}
|
|
|
|
func (m *Manager) CreateRequestToJoin(request *requests.RequestToJoinCommunity, customizationColor multiaccountscommon.CustomizationColor) *RequestToJoin {
|
|
clock := uint64(time.Now().Unix())
|
|
requestToJoin := &RequestToJoin{
|
|
PublicKey: common.PubkeyToHex(&m.identity.PublicKey),
|
|
Clock: clock,
|
|
ENSName: request.ENSName,
|
|
CommunityID: request.CommunityID,
|
|
State: RequestToJoinStatePending,
|
|
Our: true,
|
|
RevealedAccounts: make([]*protobuf.RevealedAccount, 0),
|
|
CustomizationColor: customizationColor,
|
|
ShareFutureAddresses: request.ShareFutureAddresses,
|
|
}
|
|
|
|
requestToJoin.CalculateID()
|
|
|
|
addSignature := len(request.Signatures) == len(request.AddressesToReveal)
|
|
for i := range request.AddressesToReveal {
|
|
revealedAcc := &protobuf.RevealedAccount{
|
|
Address: request.AddressesToReveal[i],
|
|
IsAirdropAddress: types.HexToAddress(request.AddressesToReveal[i]) == types.HexToAddress(request.AirdropAddress),
|
|
}
|
|
|
|
if addSignature {
|
|
revealedAcc.Signature = request.Signatures[i]
|
|
}
|
|
|
|
requestToJoin.RevealedAccounts = append(requestToJoin.RevealedAccounts, revealedAcc)
|
|
}
|
|
|
|
return requestToJoin
|
|
}
|
|
|
|
func (m *Manager) SaveRequestToJoin(request *RequestToJoin) error {
|
|
return m.persistence.SaveRequestToJoin(request)
|
|
}
|
|
|
|
func (m *Manager) CanceledRequestsToJoinForUser(pk *ecdsa.PublicKey) ([]*RequestToJoin, error) {
|
|
return m.persistence.CanceledRequestsToJoinForUser(common.PubkeyToHex(pk))
|
|
}
|
|
|
|
func (m *Manager) PendingRequestsToJoin() ([]*RequestToJoin, error) {
|
|
return m.persistence.PendingRequestsToJoin()
|
|
}
|
|
|
|
func (m *Manager) PendingRequestsToJoinForUser(pk *ecdsa.PublicKey) ([]*RequestToJoin, error) {
|
|
return m.persistence.RequestsToJoinForUserByState(common.PubkeyToHex(pk), RequestToJoinStatePending)
|
|
}
|
|
|
|
func (m *Manager) PendingRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching pending invitations", zap.String("community-id", id.String()))
|
|
return m.persistence.PendingRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) DeclinedRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching declined invitations", zap.String("community-id", id.String()))
|
|
return m.persistence.DeclinedRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) CanceledRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching canceled invitations", zap.String("community-id", id.String()))
|
|
return m.persistence.CanceledRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) AcceptedRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching canceled invitations", zap.String("community-id", id.String()))
|
|
return m.persistence.AcceptedRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) AcceptedPendingRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
return m.persistence.AcceptedPendingRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) DeclinedPendingRequestsToJoinForCommunity(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
return m.persistence.DeclinedPendingRequestsToJoinForCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) AllNonApprovedCommunitiesRequestsToJoin() ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching all non-approved invitations for all communities")
|
|
return m.persistence.AllNonApprovedCommunitiesRequestsToJoin()
|
|
}
|
|
|
|
func (m *Manager) RequestsToJoinForCommunityAwaitingAddresses(id types.HexBytes) ([]*RequestToJoin, error) {
|
|
m.logger.Info("fetching ownership changed invitations", zap.String("community-id", id.String()))
|
|
return m.persistence.RequestsToJoinForCommunityAwaitingAddresses(id)
|
|
}
|
|
|
|
func (m *Manager) CanPost(pk *ecdsa.PublicKey, communityID string, chatID string, messageType protobuf.ApplicationMetadataMessage_Type) (bool, error) {
|
|
community, err := m.GetByIDString(communityID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return community.CanPost(pk, chatID, messageType)
|
|
}
|
|
|
|
func (m *Manager) IsEncrypted(communityID string) (bool, error) {
|
|
community, err := m.GetByIDString(communityID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
return community.Encrypted(), nil
|
|
}
|
|
|
|
func (m *Manager) IsChannelEncrypted(communityID string, chatID string) (bool, error) {
|
|
community, err := m.GetByIDString(communityID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
channelID := strings.TrimPrefix(chatID, communityID)
|
|
return community.ChannelEncrypted(channelID), nil
|
|
}
|
|
|
|
func (m *Manager) ShouldHandleSyncCommunity(community *protobuf.SyncInstallationCommunity) (bool, error) {
|
|
return m.persistence.ShouldHandleSyncCommunity(community)
|
|
}
|
|
|
|
func (m *Manager) ShouldHandleSyncCommunitySettings(communitySettings *protobuf.SyncCommunitySettings) (bool, error) {
|
|
return m.persistence.ShouldHandleSyncCommunitySettings(communitySettings)
|
|
}
|
|
|
|
func (m *Manager) HandleSyncCommunitySettings(syncCommunitySettings *protobuf.SyncCommunitySettings) (*CommunitySettings, error) {
|
|
id, err := types.DecodeHex(syncCommunitySettings.CommunityId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
settings, err := m.persistence.GetCommunitySettingsByID(id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if settings == nil {
|
|
settings = &CommunitySettings{
|
|
CommunityID: syncCommunitySettings.CommunityId,
|
|
HistoryArchiveSupportEnabled: syncCommunitySettings.HistoryArchiveSupportEnabled,
|
|
Clock: syncCommunitySettings.Clock,
|
|
}
|
|
}
|
|
|
|
if syncCommunitySettings.Clock > settings.Clock {
|
|
settings.CommunityID = syncCommunitySettings.CommunityId
|
|
settings.HistoryArchiveSupportEnabled = syncCommunitySettings.HistoryArchiveSupportEnabled
|
|
settings.Clock = syncCommunitySettings.Clock
|
|
}
|
|
|
|
err = m.persistence.SaveCommunitySettings(*settings)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return settings, nil
|
|
}
|
|
|
|
func (m *Manager) SetSyncClock(id []byte, clock uint64) error {
|
|
return m.persistence.SetSyncClock(id, clock)
|
|
}
|
|
|
|
func (m *Manager) SetPrivateKey(id []byte, privKey *ecdsa.PrivateKey) error {
|
|
return m.persistence.SetPrivateKey(id, privKey)
|
|
}
|
|
|
|
func (m *Manager) GetSyncedRawCommunity(id []byte) (*RawCommunityRow, error) {
|
|
return m.persistence.getSyncedRawCommunity(id)
|
|
}
|
|
|
|
func (m *Manager) GetCommunitySettingsByID(id types.HexBytes) (*CommunitySettings, error) {
|
|
return m.persistence.GetCommunitySettingsByID(id)
|
|
}
|
|
|
|
func (m *Manager) GetCommunitiesSettings() ([]CommunitySettings, error) {
|
|
return m.persistence.GetCommunitiesSettings()
|
|
}
|
|
|
|
func (m *Manager) SaveCommunitySettings(settings CommunitySettings) error {
|
|
return m.persistence.SaveCommunitySettings(settings)
|
|
}
|
|
|
|
func (m *Manager) CommunitySettingsExist(id types.HexBytes) (bool, error) {
|
|
return m.persistence.CommunitySettingsExist(id)
|
|
}
|
|
|
|
func (m *Manager) DeleteCommunitySettings(id types.HexBytes) error {
|
|
return m.persistence.DeleteCommunitySettings(id)
|
|
}
|
|
|
|
func (m *Manager) UpdateCommunitySettings(settings CommunitySettings) error {
|
|
return m.persistence.UpdateCommunitySettings(settings)
|
|
}
|
|
|
|
func (m *Manager) GetOwnedCommunitiesChatIDs() (map[string]bool, error) {
|
|
ownedCommunities, err := m.Controlled()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
chatIDs := make(map[string]bool)
|
|
for _, c := range ownedCommunities {
|
|
if c.Joined() {
|
|
for _, id := range c.ChatIDs() {
|
|
chatIDs[id] = true
|
|
}
|
|
}
|
|
}
|
|
return chatIDs, nil
|
|
}
|
|
|
|
func (m *Manager) StoreWakuMessage(message *types.Message) error {
|
|
return m.persistence.SaveWakuMessage(message)
|
|
}
|
|
|
|
func (m *Manager) StoreWakuMessages(messages []*types.Message) error {
|
|
return m.persistence.SaveWakuMessages(messages)
|
|
}
|
|
|
|
func (m *Manager) GetLatestWakuMessageTimestamp(topics []types.TopicType) (uint64, error) {
|
|
return m.persistence.GetLatestWakuMessageTimestamp(topics)
|
|
}
|
|
|
|
func (m *Manager) GetCommunityToken(communityID string, chainID int, address string) (*community_token.CommunityToken, error) {
|
|
return m.persistence.GetCommunityToken(communityID, chainID, address)
|
|
}
|
|
|
|
func (m *Manager) GetCommunityTokenByChainAndAddress(chainID int, address string) (*community_token.CommunityToken, error) {
|
|
return m.persistence.GetCommunityTokenByChainAndAddress(chainID, address)
|
|
}
|
|
|
|
func (m *Manager) GetCommunityTokens(communityID string) ([]*community_token.CommunityToken, error) {
|
|
return m.persistence.GetCommunityTokens(communityID)
|
|
}
|
|
|
|
func (m *Manager) GetAllCommunityTokens() ([]*community_token.CommunityToken, error) {
|
|
return m.persistence.GetAllCommunityTokens()
|
|
}
|
|
|
|
func (m *Manager) GetCommunityGrant(communityID string) ([]byte, uint64, error) {
|
|
return m.persistence.GetCommunityGrant(communityID)
|
|
}
|
|
|
|
func (m *Manager) ImageToBase64(uri string) string {
|
|
if uri == "" {
|
|
return ""
|
|
}
|
|
file, err := os.Open(uri)
|
|
if err != nil {
|
|
m.logger.Error(err.Error())
|
|
return ""
|
|
}
|
|
defer file.Close()
|
|
|
|
payload, err := ioutil.ReadAll(file)
|
|
if err != nil {
|
|
m.logger.Error(err.Error())
|
|
return ""
|
|
}
|
|
base64img, err := images.GetPayloadDataURI(payload)
|
|
if err != nil {
|
|
m.logger.Error(err.Error())
|
|
return ""
|
|
}
|
|
return base64img
|
|
}
|
|
|
|
func (m *Manager) SaveCommunityToken(token *community_token.CommunityToken, croppedImage *images.CroppedImage) (*community_token.CommunityToken, error) {
|
|
|
|
_, err := m.GetByIDString(token.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if croppedImage != nil && croppedImage.ImagePath != "" {
|
|
bytes, err := images.OpenAndAdjustImage(*croppedImage, true)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
base64img, err := images.GetPayloadDataURI(bytes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
token.Base64Image = base64img
|
|
} else if !images.IsPayloadDataURI(token.Base64Image) {
|
|
// if image is already base64 do not convert (owner and master tokens have already base64 image)
|
|
token.Base64Image = m.ImageToBase64(token.Base64Image)
|
|
}
|
|
|
|
return token, m.persistence.AddCommunityToken(token)
|
|
}
|
|
|
|
func (m *Manager) AddCommunityToken(token *community_token.CommunityToken, clock uint64) (*Community, error) {
|
|
if token == nil {
|
|
return nil, errors.New("Token is absent in database")
|
|
}
|
|
|
|
communityID, err := types.DecodeHex(token.CommunityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
m.communityLock.Lock(communityID)
|
|
defer m.communityLock.Unlock(communityID)
|
|
|
|
community, err := m.GetByID(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if !community.MemberCanManageToken(&m.identity.PublicKey, token) {
|
|
return nil, ErrInvalidManageTokensPermission
|
|
}
|
|
|
|
tokenMetadata := &protobuf.CommunityTokenMetadata{
|
|
ContractAddresses: map[uint64]string{uint64(token.ChainID): token.Address},
|
|
Description: token.Description,
|
|
Image: token.Base64Image,
|
|
Symbol: token.Symbol,
|
|
TokenType: token.TokenType,
|
|
Name: token.Name,
|
|
Decimals: uint32(token.Decimals),
|
|
Version: token.Version,
|
|
}
|
|
_, err = community.AddCommunityTokensMetadata(tokenMetadata)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if community.IsControlNode() && (token.PrivilegesLevel == community_token.MasterLevel || token.PrivilegesLevel == community_token.OwnerLevel) {
|
|
permissionType := protobuf.CommunityTokenPermission_BECOME_TOKEN_OWNER
|
|
if token.PrivilegesLevel == community_token.MasterLevel {
|
|
permissionType = protobuf.CommunityTokenPermission_BECOME_TOKEN_MASTER
|
|
}
|
|
|
|
contractAddresses := make(map[uint64]string)
|
|
contractAddresses[uint64(token.ChainID)] = token.Address
|
|
|
|
tokenCriteria := &protobuf.TokenCriteria{
|
|
ContractAddresses: contractAddresses,
|
|
Type: protobuf.CommunityTokenType_ERC721,
|
|
Symbol: token.Symbol,
|
|
Name: token.Name,
|
|
Amount: "1",
|
|
AmountInWei: "1",
|
|
Decimals: uint64(0),
|
|
}
|
|
|
|
request := &requests.CreateCommunityTokenPermission{
|
|
CommunityID: community.ID(),
|
|
Type: permissionType,
|
|
TokenCriteria: []*protobuf.TokenCriteria{tokenCriteria},
|
|
IsPrivate: true,
|
|
ChatIds: []string{},
|
|
}
|
|
|
|
community, _, err = m.createCommunityTokenPermission(request, community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if token.PrivilegesLevel == community_token.OwnerLevel {
|
|
_, err = m.promoteSelfToControlNode(community, clock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
return community, m.saveAndPublish(community)
|
|
}
|
|
|
|
func (m *Manager) UpdateCommunityTokenState(chainID int, contractAddress string, deployState community_token.DeployState) error {
|
|
return m.persistence.UpdateCommunityTokenState(chainID, contractAddress, deployState)
|
|
}
|
|
|
|
func (m *Manager) UpdateCommunityTokenAddress(chainID int, oldContractAddress string, newContractAddress string) error {
|
|
return m.persistence.UpdateCommunityTokenAddress(chainID, oldContractAddress, newContractAddress)
|
|
}
|
|
|
|
func (m *Manager) UpdateCommunityTokenSupply(chainID int, contractAddress string, supply *bigint.BigInt) error {
|
|
return m.persistence.UpdateCommunityTokenSupply(chainID, contractAddress, supply)
|
|
}
|
|
|
|
func (m *Manager) RemoveCommunityToken(chainID int, contractAddress string) error {
|
|
return m.persistence.RemoveCommunityToken(chainID, contractAddress)
|
|
}
|
|
|
|
func (m *Manager) SetCommunityActiveMembersCount(communityID string, activeMembersCount uint64) error {
|
|
id, err := types.DecodeHex(communityID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
m.communityLock.Lock(id)
|
|
defer m.communityLock.Unlock(id)
|
|
|
|
community, err := m.GetByID(id)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
updated, err := community.SetActiveMembersCount(activeMembersCount)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if updated {
|
|
if err = m.persistence.SaveCommunity(community); err != nil {
|
|
return err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func combineAddressesAndChainIDs(addresses []gethcommon.Address, chainIDs []uint64) []*AccountChainIDsCombination {
|
|
combinations := make([]*AccountChainIDsCombination, 0)
|
|
for _, address := range addresses {
|
|
combinations = append(combinations, &AccountChainIDsCombination{
|
|
Address: address,
|
|
ChainIDs: chainIDs,
|
|
})
|
|
}
|
|
return combinations
|
|
}
|
|
|
|
func revealedAccountsToAccountsAndChainIDsCombination(revealedAccounts []*protobuf.RevealedAccount) []*AccountChainIDsCombination {
|
|
accountsAndChainIDs := make([]*AccountChainIDsCombination, 0)
|
|
for _, revealedAccount := range revealedAccounts {
|
|
accountsAndChainIDs = append(accountsAndChainIDs, &AccountChainIDsCombination{
|
|
Address: gethcommon.HexToAddress(revealedAccount.Address),
|
|
ChainIDs: revealedAccount.ChainIds,
|
|
})
|
|
}
|
|
return accountsAndChainIDs
|
|
}
|
|
|
|
func (m *Manager) accountsHasPrivilegedPermission(preParsedCommunityPermissionData *PreParsedCommunityPermissionsData, accounts []*AccountChainIDsCombination) bool {
|
|
if preParsedCommunityPermissionData != nil {
|
|
permissionResponse, err := m.PermissionChecker.CheckPermissions(preParsedCommunityPermissionData, accounts, true)
|
|
if err != nil {
|
|
m.logger.Warn("check privileged permission failed: %v", zap.Error(err))
|
|
return false
|
|
}
|
|
return permissionResponse.Satisfied
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (m *Manager) SaveAndPublish(community *Community) error {
|
|
return m.saveAndPublish(community)
|
|
}
|
|
|
|
func (m *Manager) saveAndPublish(community *Community) error {
|
|
err := m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if community.IsControlNode() {
|
|
m.publish(&Subscription{Community: community})
|
|
return nil
|
|
}
|
|
|
|
if community.HasPermissionToSendCommunityEvents() {
|
|
err := m.signEvents(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = m.persistence.SaveCommunityEvents(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
m.publish(&Subscription{CommunityEventsMessage: community.toCommunityEventsMessage()})
|
|
return nil
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) GetRevealedAddresses(communityID types.HexBytes, memberPk string) ([]*protobuf.RevealedAccount, error) {
|
|
logger := m.logger.Named("GetRevealedAddresses")
|
|
|
|
requestID := CalculateRequestID(memberPk, communityID)
|
|
response, err := m.persistence.GetRequestToJoinRevealedAddresses(requestID)
|
|
|
|
revealedAddresses := make([]string, len(response))
|
|
for i, acc := range response {
|
|
revealedAddresses[i] = acc.Address
|
|
}
|
|
logger.Debug("Revealed addresses", zap.Any("Addresses:", revealedAddresses))
|
|
|
|
return response, err
|
|
}
|
|
|
|
func (m *Manager) handleCommunityTokensMetadata(community *Community) error {
|
|
communityID := community.IDString()
|
|
communityTokens := community.CommunityTokensMetadata()
|
|
|
|
if len(communityTokens) == 0 {
|
|
return nil
|
|
}
|
|
for _, tokenMetadata := range communityTokens {
|
|
for chainID, address := range tokenMetadata.ContractAddresses {
|
|
exists, err := m.persistence.HasCommunityToken(communityID, address, int(chainID))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !exists {
|
|
// Fetch community token to make sure it's stored in the DB, discard result
|
|
communityToken, err := m.FetchCommunityToken(community, tokenMetadata, chainID, address)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = m.persistence.AddCommunityToken(communityToken)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) HandleCommunityGrant(community *Community, grant []byte, clock uint64) (uint64, error) {
|
|
_, oldClock, err := m.GetCommunityGrant(community.IDString())
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
|
|
if oldClock >= clock {
|
|
return 0, ErrGrantOlder
|
|
}
|
|
|
|
verifiedGrant, err := community.VerifyGrantSignature(grant)
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
|
|
if !bytes.Equal(verifiedGrant.MemberId, crypto.CompressPubkey(&m.identity.PublicKey)) {
|
|
return 0, ErrGrantMemberPublicKeyIsDifferent
|
|
}
|
|
|
|
return clock - oldClock, m.persistence.SaveCommunityGrant(community.IDString(), grant, clock)
|
|
}
|
|
|
|
func (m *Manager) FetchCommunityToken(community *Community, tokenMetadata *protobuf.CommunityTokenMetadata, chainID uint64, contractAddress string) (*community_token.CommunityToken, error) {
|
|
communityID := community.IDString()
|
|
|
|
communityToken := &community_token.CommunityToken{
|
|
CommunityID: communityID,
|
|
Address: contractAddress,
|
|
TokenType: tokenMetadata.TokenType,
|
|
Name: tokenMetadata.Name,
|
|
Symbol: tokenMetadata.Symbol,
|
|
Description: tokenMetadata.Description,
|
|
Transferable: true,
|
|
RemoteSelfDestruct: false,
|
|
ChainID: int(chainID),
|
|
DeployState: community_token.Deployed,
|
|
Base64Image: tokenMetadata.Image,
|
|
Decimals: int(tokenMetadata.Decimals),
|
|
Version: tokenMetadata.Version,
|
|
}
|
|
|
|
switch tokenMetadata.TokenType {
|
|
case protobuf.CommunityTokenType_ERC721:
|
|
contractData, err := m.communityTokensService.GetCollectibleContractData(chainID, contractAddress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
communityToken.Supply = contractData.TotalSupply
|
|
communityToken.Transferable = contractData.Transferable
|
|
communityToken.RemoteSelfDestruct = contractData.RemoteBurnable
|
|
communityToken.InfiniteSupply = contractData.InfiniteSupply
|
|
|
|
case protobuf.CommunityTokenType_ERC20:
|
|
contractData, err := m.communityTokensService.GetAssetContractData(chainID, contractAddress)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
communityToken.Supply = contractData.TotalSupply
|
|
communityToken.InfiniteSupply = contractData.InfiniteSupply
|
|
}
|
|
|
|
communityToken.PrivilegesLevel = getPrivilegesLevel(chainID, contractAddress, community.TokenPermissions())
|
|
|
|
return communityToken, nil
|
|
}
|
|
|
|
func getPrivilegesLevel(chainID uint64, tokenAddress string, tokenPermissions map[string]*CommunityTokenPermission) community_token.PrivilegesLevel {
|
|
for _, permission := range tokenPermissions {
|
|
if permission.Type == protobuf.CommunityTokenPermission_BECOME_TOKEN_MASTER || permission.Type == protobuf.CommunityTokenPermission_BECOME_TOKEN_OWNER {
|
|
for _, tokenCriteria := range permission.TokenCriteria {
|
|
value, exist := tokenCriteria.ContractAddresses[chainID]
|
|
if exist && value == tokenAddress {
|
|
if permission.Type == protobuf.CommunityTokenPermission_BECOME_TOKEN_OWNER {
|
|
return community_token.OwnerLevel
|
|
}
|
|
return community_token.MasterLevel
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return community_token.CommunityLevel
|
|
}
|
|
|
|
func (m *Manager) ValidateCommunityPrivilegedUserSyncMessage(message *protobuf.CommunityPrivilegedUserSyncMessage) error {
|
|
if message == nil {
|
|
return errors.New("invalid CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
|
|
if message.CommunityId == nil || len(message.CommunityId) == 0 {
|
|
return errors.New("invalid CommunityId in CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
|
|
switch message.Type {
|
|
case protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ACCEPT_REQUEST_TO_JOIN:
|
|
fallthrough
|
|
case protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_REJECT_REQUEST_TO_JOIN:
|
|
if message.RequestToJoin == nil || len(message.RequestToJoin) == 0 {
|
|
return errors.New("invalid request to join in CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
|
|
for _, requestToJoinProto := range message.RequestToJoin {
|
|
if len(requestToJoinProto.CommunityId) == 0 {
|
|
return errors.New("no communityId in request to join in CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
}
|
|
case protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ALL_SYNC_REQUESTS_TO_JOIN:
|
|
if message.SyncRequestsToJoin == nil || len(message.SyncRequestsToJoin) == 0 {
|
|
return errors.New("invalid sync requests to join in CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
case protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_MEMBER_EDIT_SHARED_ADDRESSES:
|
|
if message.SyncEditSharedAddresses == nil || len(message.CommunityId) == 0 ||
|
|
len(message.SyncEditSharedAddresses.PublicKey) == 0 || message.SyncEditSharedAddresses.EditSharedAddress == nil {
|
|
return errors.New("invalid edit shared adresses in CommunityPrivilegedUserSyncMessage message")
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) createCommunityTokenPermission(request *requests.CreateCommunityTokenPermission, community *Community) (*Community, *CommunityChanges, error) {
|
|
if community == nil {
|
|
return nil, nil, ErrOrgNotFound
|
|
}
|
|
|
|
tokenPermission := request.ToCommunityTokenPermission()
|
|
tokenPermission.Id = uuid.New().String()
|
|
changes, err := community.UpsertTokenPermission(&tokenPermission)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return community, changes, nil
|
|
|
|
}
|
|
|
|
func (m *Manager) RemoveUsersWithoutRevealedAccounts(community *Community, clock uint64) (*CommunityChanges, error) {
|
|
membersAccounts, err := m.persistence.GetCommunityRequestsToJoinRevealedAddresses(community.ID())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
myPk := common.PubkeyToHex(&m.identity.PublicKey)
|
|
membersToRemove := []string{}
|
|
for pk := range community.Members() {
|
|
if myPk == pk {
|
|
continue
|
|
}
|
|
if _, exists := membersAccounts[pk]; !exists {
|
|
membersToRemove = append(membersToRemove, pk)
|
|
}
|
|
}
|
|
|
|
if len(membersToRemove) > 0 {
|
|
community.SetResendAccountsClock(clock)
|
|
}
|
|
|
|
return community.RemoveMembersFromOrg(membersToRemove), nil
|
|
}
|
|
|
|
func (m *Manager) PromoteSelfToControlNode(community *Community, clock uint64) (*CommunityChanges, error) {
|
|
if community == nil {
|
|
return nil, ErrOrgNotFound
|
|
}
|
|
|
|
m.communityLock.Lock(community.ID())
|
|
defer m.communityLock.Unlock(community.ID())
|
|
|
|
ownerChanged, err := m.promoteSelfToControlNode(community, clock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if ownerChanged {
|
|
return community.RemoveAllUsersFromOrg(), m.saveAndPublish(community)
|
|
}
|
|
|
|
// if control node device was changed, check that we own all members revealed accounts
|
|
// members without revealed accounts will be soft kicked
|
|
changes, err := m.RemoveUsersWithoutRevealedAccounts(community, clock)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return changes, m.saveAndPublish(community)
|
|
}
|
|
|
|
func (m *Manager) promoteSelfToControlNode(community *Community, clock uint64) (bool, error) {
|
|
ownerChanged := false
|
|
community.setPrivateKey(m.identity)
|
|
if !community.ControlNode().Equal(&m.identity.PublicKey) {
|
|
ownerChanged = true
|
|
community.setControlNode(&m.identity.PublicKey)
|
|
}
|
|
|
|
// Mark this device as the control node
|
|
syncControlNode := &protobuf.SyncCommunityControlNode{
|
|
Clock: clock,
|
|
InstallationId: m.installationID,
|
|
}
|
|
|
|
err := m.SaveSyncControlNode(community.ID(), syncControlNode)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
community.config.ControlDevice = true
|
|
|
|
if exists := community.HasMember(&m.identity.PublicKey); !exists {
|
|
ownerRole := []protobuf.CommunityMember_Roles{protobuf.CommunityMember_ROLE_OWNER}
|
|
_, err = community.AddMember(&m.identity.PublicKey, ownerRole, community.Clock())
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
for channelID := range community.Chats() {
|
|
_, err = community.AddMemberToChat(channelID, &m.identity.PublicKey, ownerRole, protobuf.CommunityMember_CHANNEL_ROLE_POSTER)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
}
|
|
} else {
|
|
_, err = community.AddRoleToMember(&m.identity.PublicKey, protobuf.CommunityMember_ROLE_OWNER)
|
|
}
|
|
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
err = m.handleCommunityEvents(community)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
community.increaseClock()
|
|
|
|
return ownerChanged, nil
|
|
}
|
|
|
|
func (m *Manager) handleCommunityEventsAndMetadata(community *Community, eventsMessage *CommunityEventsMessage,
|
|
lastlyAppliedEvents map[string]uint64) (*CommunityResponse, error) {
|
|
err := community.processEvents(eventsMessage, lastlyAppliedEvents)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
additionalCommunityResponse, err := m.handleAdditionalAdminChanges(community)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if err = m.handleCommunityTokensMetadata(community); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return additionalCommunityResponse, err
|
|
}
|
|
|
|
func (m *Manager) handleCommunityEvents(community *Community) error {
|
|
if community.config.EventsData == nil {
|
|
return nil
|
|
}
|
|
|
|
lastlyAppliedEvents, err := m.persistence.GetAppliedCommunityEvents(community.ID())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = m.handleCommunityEventsAndMetadata(community, community.toCommunityEventsMessage(), lastlyAppliedEvents)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
appliedEvents := map[string]uint64{}
|
|
if community.config.EventsData != nil {
|
|
for _, event := range community.config.EventsData.Events {
|
|
appliedEvents[event.EventTypeID()] = event.CommunityEventClock
|
|
}
|
|
}
|
|
|
|
community.config.EventsData = nil // clear events, they are already applied
|
|
community.increaseClock()
|
|
|
|
err = m.persistence.SaveCommunity(community)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = m.persistence.UpsertAppliedCommunityEvents(community.ID(), appliedEvents)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
m.publish(&Subscription{Community: community})
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) ShareRequestsToJoinWithPrivilegedMembers(community *Community, privilegedMembers map[protobuf.CommunityMember_Roles][]*ecdsa.PublicKey) error {
|
|
if len(privilegedMembers) == 0 {
|
|
return nil
|
|
}
|
|
|
|
requestsToJoin, err := m.GetCommunityRequestsToJoinWithRevealedAddresses(community.ID())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
var syncRequestsWithoutRevealedAccounts []*protobuf.SyncCommunityRequestsToJoin
|
|
var syncRequestsWithRevealedAccounts []*protobuf.SyncCommunityRequestsToJoin
|
|
for _, request := range requestsToJoin {
|
|
// if shared request to join is not approved by control node - do not send revealed accounts.
|
|
// revealed accounts will be sent as soon as control node accepts request to join
|
|
if request.State != RequestToJoinStateAccepted {
|
|
request.RevealedAccounts = []*protobuf.RevealedAccount{}
|
|
}
|
|
syncRequestsWithRevealedAccounts = append(syncRequestsWithRevealedAccounts, request.ToSyncProtobuf())
|
|
requestProtoWithoutAccounts := request.ToSyncProtobuf()
|
|
requestProtoWithoutAccounts.RevealedAccounts = []*protobuf.RevealedAccount{}
|
|
syncRequestsWithoutRevealedAccounts = append(syncRequestsWithoutRevealedAccounts, requestProtoWithoutAccounts)
|
|
}
|
|
|
|
syncMsgWithoutRevealedAccounts := &protobuf.CommunityPrivilegedUserSyncMessage{
|
|
Type: protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ALL_SYNC_REQUESTS_TO_JOIN,
|
|
CommunityId: community.ID(),
|
|
SyncRequestsToJoin: syncRequestsWithoutRevealedAccounts,
|
|
}
|
|
|
|
syncMsgWitRevealedAccounts := &protobuf.CommunityPrivilegedUserSyncMessage{
|
|
Type: protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ALL_SYNC_REQUESTS_TO_JOIN,
|
|
CommunityId: community.ID(),
|
|
SyncRequestsToJoin: syncRequestsWithRevealedAccounts,
|
|
}
|
|
|
|
subscriptionMsg := &CommunityPrivilegedMemberSyncMessage{}
|
|
|
|
for role, members := range privilegedMembers {
|
|
if len(members) == 0 {
|
|
continue
|
|
}
|
|
|
|
subscriptionMsg.Receivers = members
|
|
|
|
switch role {
|
|
case protobuf.CommunityMember_ROLE_ADMIN:
|
|
subscriptionMsg.CommunityPrivilegedUserSyncMessage = syncMsgWithoutRevealedAccounts
|
|
case protobuf.CommunityMember_ROLE_OWNER:
|
|
continue
|
|
case protobuf.CommunityMember_ROLE_TOKEN_MASTER:
|
|
subscriptionMsg.CommunityPrivilegedUserSyncMessage = syncMsgWitRevealedAccounts
|
|
}
|
|
|
|
m.publish(&Subscription{CommunityPrivilegedMemberSyncMessage: subscriptionMsg})
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) shareAcceptedRequestToJoinWithPrivilegedMembers(community *Community, requestToJoin *RequestToJoin) error {
|
|
pk, err := common.HexToPubkey(requestToJoin.PublicKey)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
acceptedRequestsToJoinWithoutRevealedAccounts := make(map[string]*protobuf.CommunityRequestToJoin)
|
|
acceptedRequestsToJoinWithRevealedAccounts := make(map[string]*protobuf.CommunityRequestToJoin)
|
|
|
|
acceptedRequestsToJoinWithRevealedAccounts[requestToJoin.PublicKey] = requestToJoin.ToCommunityRequestToJoinProtobuf()
|
|
|
|
revealedAccounts := requestToJoin.RevealedAccounts
|
|
requestToJoin.RevealedAccounts = make([]*protobuf.RevealedAccount, 0)
|
|
acceptedRequestsToJoinWithoutRevealedAccounts[requestToJoin.PublicKey] = requestToJoin.ToCommunityRequestToJoinProtobuf()
|
|
// Set back the revealed accounts
|
|
requestToJoin.RevealedAccounts = revealedAccounts
|
|
|
|
msgWithRevealedAccounts := &protobuf.CommunityPrivilegedUserSyncMessage{
|
|
Type: protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ACCEPT_REQUEST_TO_JOIN,
|
|
CommunityId: community.ID(),
|
|
RequestToJoin: acceptedRequestsToJoinWithRevealedAccounts,
|
|
}
|
|
|
|
msgWithoutRevealedAccounts := &protobuf.CommunityPrivilegedUserSyncMessage{
|
|
Type: protobuf.CommunityPrivilegedUserSyncMessage_CONTROL_NODE_ACCEPT_REQUEST_TO_JOIN,
|
|
CommunityId: community.ID(),
|
|
RequestToJoin: acceptedRequestsToJoinWithoutRevealedAccounts,
|
|
}
|
|
|
|
// do not sent to ourself and to the accepted user
|
|
skipMembers := make(map[string]struct{})
|
|
skipMembers[common.PubkeyToHex(&m.identity.PublicKey)] = struct{}{}
|
|
skipMembers[common.PubkeyToHex(pk)] = struct{}{}
|
|
|
|
subscriptionMsg := &CommunityPrivilegedMemberSyncMessage{}
|
|
|
|
fileredPrivilegedMembers := community.GetFilteredPrivilegedMembers(skipMembers)
|
|
for role, members := range fileredPrivilegedMembers {
|
|
if len(members) == 0 {
|
|
continue
|
|
}
|
|
|
|
subscriptionMsg.Receivers = members
|
|
|
|
switch role {
|
|
case protobuf.CommunityMember_ROLE_ADMIN:
|
|
subscriptionMsg.CommunityPrivilegedUserSyncMessage = msgWithoutRevealedAccounts
|
|
case protobuf.CommunityMember_ROLE_OWNER:
|
|
fallthrough
|
|
case protobuf.CommunityMember_ROLE_TOKEN_MASTER:
|
|
subscriptionMsg.CommunityPrivilegedUserSyncMessage = msgWithRevealedAccounts
|
|
}
|
|
|
|
m.publish(&Subscription{CommunityPrivilegedMemberSyncMessage: subscriptionMsg})
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) GetCommunityRequestsToJoinWithRevealedAddresses(communityID types.HexBytes) ([]*RequestToJoin, error) {
|
|
return m.persistence.GetCommunityRequestsToJoinWithRevealedAddresses(communityID)
|
|
}
|
|
|
|
func (m *Manager) SaveCommunity(community *Community) error {
|
|
return m.persistence.SaveCommunity(community)
|
|
}
|
|
|
|
func (m *Manager) CreateCommunityTokenDeploymentSignature(ctx context.Context, chainID uint64, addressFrom string, communityID string) ([]byte, error) {
|
|
community, err := m.GetByIDString(communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if !community.IsControlNode() {
|
|
return nil, ErrNotControlNode
|
|
}
|
|
digest, err := m.communityTokensService.DeploymentSignatureDigest(chainID, addressFrom, communityID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return crypto.Sign(digest, community.PrivateKey())
|
|
}
|
|
|
|
func (m *Manager) GetSyncControlNode(id types.HexBytes) (*protobuf.SyncCommunityControlNode, error) {
|
|
return m.persistence.GetSyncControlNode(id)
|
|
}
|
|
|
|
func (m *Manager) SaveSyncControlNode(id types.HexBytes, syncControlNode *protobuf.SyncCommunityControlNode) error {
|
|
return m.persistence.SaveSyncControlNode(id, syncControlNode.Clock, syncControlNode.InstallationId)
|
|
}
|
|
|
|
func (m *Manager) SetSyncControlNode(id types.HexBytes, syncControlNode *protobuf.SyncCommunityControlNode) error {
|
|
existingSyncControlNode, err := m.GetSyncControlNode(id)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if existingSyncControlNode == nil || existingSyncControlNode.Clock < syncControlNode.Clock {
|
|
return m.SaveSyncControlNode(id, syncControlNode)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (m *Manager) GetCommunityRequestToJoinWithRevealedAddresses(pubKey string, communityID types.HexBytes) (*RequestToJoin, error) {
|
|
return m.persistence.GetCommunityRequestToJoinWithRevealedAddresses(pubKey, communityID)
|
|
}
|
|
|
|
func (m *Manager) SafeGetSignerPubKey(chainID uint64, communityID string) (string, error) {
|
|
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
|
defer cancel()
|
|
|
|
return m.ownerVerifier.SafeGetSignerPubKey(ctx, chainID, communityID)
|
|
}
|
|
|
|
func (m *Manager) GetCuratedCommunities() (*CuratedCommunities, error) {
|
|
return m.persistence.GetCuratedCommunities()
|
|
}
|
|
|
|
func (m *Manager) SetCuratedCommunities(communities *CuratedCommunities) error {
|
|
return m.persistence.SetCuratedCommunities(communities)
|
|
}
|
|
|
|
func (m *Manager) encryptCommunityDescriptionImpl(groupID []byte, d *protobuf.CommunityDescription) (string, []byte, error) {
|
|
payload, err := proto.Marshal(d)
|
|
if err != nil {
|
|
return "", nil, err
|
|
}
|
|
|
|
encryptedPayload, ratchet, newSeqNo, err := m.encryptor.EncryptWithHashRatchet(groupID, payload)
|
|
if err == encryption.ErrNoEncryptionKey {
|
|
_, err := m.encryptor.GenerateHashRatchetKey(groupID)
|
|
if err != nil {
|
|
return "", nil, err
|
|
}
|
|
encryptedPayload, ratchet, newSeqNo, err = m.encryptor.EncryptWithHashRatchet(groupID, payload)
|
|
if err != nil {
|
|
return "", nil, err
|
|
}
|
|
|
|
} else if err != nil {
|
|
return "", nil, err
|
|
}
|
|
|
|
keyID, err := ratchet.GetKeyID()
|
|
if err != nil {
|
|
return "", nil, err
|
|
}
|
|
|
|
m.logger.Debug("encrypting community description",
|
|
zap.Any("community", d),
|
|
zap.String("groupID", types.Bytes2Hex(groupID)),
|
|
zap.String("keyID", types.Bytes2Hex(keyID)))
|
|
|
|
keyIDSeqNo := fmt.Sprintf("%s%d", hex.EncodeToString(keyID), newSeqNo)
|
|
|
|
return keyIDSeqNo, encryptedPayload, nil
|
|
}
|
|
|
|
func (m *Manager) encryptCommunityDescription(community *Community, d *protobuf.CommunityDescription) (string, []byte, error) {
|
|
return m.encryptCommunityDescriptionImpl(community.ID(), d)
|
|
}
|
|
|
|
func (m *Manager) encryptCommunityDescriptionChannel(community *Community, channelID string, d *protobuf.CommunityDescription) (string, []byte, error) {
|
|
return m.encryptCommunityDescriptionImpl([]byte(community.IDString()+channelID), d)
|
|
}
|
|
|
|
// TODO: add collectiblesManager to messenger intance
|
|
func (m *Manager) GetCollectiblesManager() CollectiblesManager {
|
|
return m.collectiblesManager
|
|
}
|
|
|
|
type DecryptCommunityResponse struct {
|
|
Decrypted bool
|
|
Description *protobuf.CommunityDescription
|
|
KeyID []byte
|
|
GroupID []byte
|
|
}
|
|
|
|
func (m *Manager) decryptCommunityDescription(keyIDSeqNo string, d []byte) (*DecryptCommunityResponse, error) {
|
|
const hashHexLength = 64
|
|
if len(keyIDSeqNo) <= hashHexLength {
|
|
return nil, errors.New("invalid keyIDSeqNo")
|
|
}
|
|
|
|
keyID, err := hex.DecodeString(keyIDSeqNo[:hashHexLength])
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
seqNo, err := strconv.ParseUint(keyIDSeqNo[hashHexLength:], 10, 32)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
decryptedPayload, err := m.encryptor.DecryptWithHashRatchet(keyID, uint32(seqNo), d)
|
|
if err == encryption.ErrNoRatchetKey {
|
|
return &DecryptCommunityResponse{
|
|
KeyID: keyID,
|
|
}, err
|
|
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var description protobuf.CommunityDescription
|
|
err = proto.Unmarshal(decryptedPayload, &description)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
decryptCommunityResponse := &DecryptCommunityResponse{
|
|
Decrypted: true,
|
|
KeyID: keyID,
|
|
Description: &description,
|
|
}
|
|
return decryptCommunityResponse, nil
|
|
}
|
|
|
|
// GetPersistence returns the instantiated *Persistence used by the Manager
|
|
func (m *Manager) GetPersistence() *Persistence {
|
|
return m.persistence
|
|
}
|
|
|
|
func ToLinkPreveiwThumbnail(image images.IdentityImage) (*common.LinkPreviewThumbnail, error) {
|
|
thumbnail := &common.LinkPreviewThumbnail{}
|
|
|
|
if image.IsEmpty() {
|
|
return nil, nil
|
|
}
|
|
|
|
width, height, err := images.GetImageDimensions(image.Payload)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to get image dimensions: %w", err)
|
|
}
|
|
|
|
dataURI, err := image.GetDataURI()
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to get data uri: %w", err)
|
|
}
|
|
|
|
thumbnail.Width = width
|
|
thumbnail.Height = height
|
|
thumbnail.DataURI = dataURI
|
|
return thumbnail, nil
|
|
}
|
|
|
|
func (c *Community) ToStatusLinkPreview() (*common.StatusCommunityLinkPreview, error) {
|
|
communityLinkPreview := &common.StatusCommunityLinkPreview{}
|
|
if image, ok := c.Images()[images.SmallDimName]; ok {
|
|
thumbnail, err := ToLinkPreveiwThumbnail(images.IdentityImage{Payload: image.Payload})
|
|
if err != nil {
|
|
c.config.Logger.Warn("unfurling status link: failed to set community thumbnail", zap.Error(err))
|
|
}
|
|
communityLinkPreview.Icon = *thumbnail
|
|
}
|
|
|
|
if image, ok := c.Images()[images.BannerIdentityName]; ok {
|
|
thumbnail, err := ToLinkPreveiwThumbnail(images.IdentityImage{Payload: image.Payload})
|
|
if err != nil {
|
|
c.config.Logger.Warn("unfurling status link: failed to set community thumbnail", zap.Error(err))
|
|
}
|
|
communityLinkPreview.Banner = *thumbnail
|
|
}
|
|
|
|
communityLinkPreview.CommunityID = c.IDString()
|
|
communityLinkPreview.DisplayName = c.Name()
|
|
communityLinkPreview.Description = c.DescriptionText()
|
|
communityLinkPreview.MembersCount = uint32(c.MembersCount())
|
|
communityLinkPreview.Color = c.Color()
|
|
|
|
return communityLinkPreview, nil
|
|
}
|
|
|
|
func (m *Manager) determineChannelsForHRKeysRequest(c *Community, now int64) ([]string, error) {
|
|
result := []string{}
|
|
|
|
channelsWithMissingKeys := func() map[string]struct{} {
|
|
r := map[string]struct{}{}
|
|
for id := range c.Chats() {
|
|
if c.HasMissingEncryptionKey(id) {
|
|
r[id] = struct{}{}
|
|
}
|
|
}
|
|
return r
|
|
}()
|
|
|
|
if len(channelsWithMissingKeys) == 0 {
|
|
return result, nil
|
|
}
|
|
|
|
requests, err := m.persistence.GetEncryptionKeyRequests(c.ID(), channelsWithMissingKeys)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
for channelID := range channelsWithMissingKeys {
|
|
request, ok := requests[channelID]
|
|
if !ok {
|
|
// If there's no prior request, ask for encryption key now
|
|
result = append(result, channelID)
|
|
continue
|
|
}
|
|
|
|
// Exponential backoff formula: initial delay * 2^(requestCount - 1)
|
|
initialDelay := int64(10 * 60 * 1000) // 10 minutes in milliseconds
|
|
backoffDuration := initialDelay * (1 << (request.requestedCount - 1))
|
|
nextRequestTime := request.requestedAt + backoffDuration
|
|
|
|
if now >= nextRequestTime {
|
|
result = append(result, channelID)
|
|
}
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
type CommunityWithChannelIDs struct {
|
|
Community *Community
|
|
ChannelIDs []string
|
|
}
|
|
|
|
// DetermineChannelsForHRKeysRequest identifies channels in a community that
|
|
// should ask for encryption keys based on their current state and past request records,
|
|
// as determined by exponential backoff.
|
|
func (m *Manager) DetermineChannelsForHRKeysRequest() ([]*CommunityWithChannelIDs, error) {
|
|
communities, err := m.Joined()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
result := []*CommunityWithChannelIDs{}
|
|
now := time.Now().UnixMilli()
|
|
|
|
for _, c := range communities {
|
|
if c.IsControlNode() {
|
|
continue
|
|
}
|
|
|
|
channelsToRequest, err := m.determineChannelsForHRKeysRequest(c, now)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if len(channelsToRequest) > 0 {
|
|
result = append(result, &CommunityWithChannelIDs{
|
|
Community: c,
|
|
ChannelIDs: channelsToRequest,
|
|
})
|
|
}
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
func (m *Manager) updateEncryptionKeysRequests(communityID types.HexBytes, channelIDs []string, now int64) error {
|
|
return m.persistence.UpdateAndPruneEncryptionKeyRequests(communityID, channelIDs, now)
|
|
}
|
|
|
|
func (m *Manager) UpdateEncryptionKeysRequests(communityID types.HexBytes, channelIDs []string) error {
|
|
return m.updateEncryptionKeysRequests(communityID, channelIDs, time.Now().UnixMilli())
|
|
}
|
|
|
|
func unmarshalCommunityDescriptionMessage(signedDescription []byte, signerPubkey *ecdsa.PublicKey) (*protobuf.CommunityDescription, error) {
|
|
metadata := &protobuf.ApplicationMetadataMessage{}
|
|
|
|
err := proto.Unmarshal(signedDescription, metadata)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if metadata.Type != protobuf.ApplicationMetadataMessage_COMMUNITY_DESCRIPTION {
|
|
return nil, ErrInvalidMessage
|
|
}
|
|
|
|
signer, err := utils.RecoverKey(metadata)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if signer == nil {
|
|
return nil, errors.New("CommunityDescription does not contain the control node signature")
|
|
}
|
|
|
|
if !signer.Equal(signerPubkey) {
|
|
return nil, errors.New("CommunityDescription was not signed by an owner")
|
|
}
|
|
|
|
description := &protobuf.CommunityDescription{}
|
|
|
|
err = proto.Unmarshal(metadata.Payload, description)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return description, nil
|
|
}
|