diff --git a/keyserver/src/creators/farcaster-channel-tag-creator.js b/keyserver/src/creators/farcaster-channel-tag-creator.js index 3f990cfba..9b3b0110c 100644 --- a/keyserver/src/creators/farcaster-channel-tag-creator.js +++ b/keyserver/src/creators/farcaster-channel-tag-creator.js @@ -1,162 +1,169 @@ // @flow import uuid from 'uuid'; -import { - DISABLE_TAGGING_FARCASTER_CHANNEL, - farcasterChannelTagBlobHash, -} from 'lib/shared/community-utils.js'; +import { farcasterChannelTagBlobHash } from 'lib/shared/community-utils.js'; import type { CreateOrUpdateFarcasterChannelTagRequest, CreateOrUpdateFarcasterChannelTagResponse, } from 'lib/types/community-types.js'; +import { threadPermissions } from 'lib/types/thread-permission-types.js'; import { ServerError } from 'lib/utils/errors.js'; import { dbQuery, SQL, MYSQL_DUPLICATE_ENTRY_FOR_KEY_ERROR_CODE, } from '../database/database.js'; import { fetchCommunityInfos } from '../fetchers/community-fetchers.js'; +import { checkThreadPermission } from '../fetchers/thread-permission-fetchers.js'; import { uploadBlob, assignHolder, download, deleteBlob, type BlobOperationResult, type BlobDownloadResult, } from '../services/blob.js'; import { Viewer } from '../session/viewer.js'; import { thisKeyserverID } from '../user/identity.js'; async function createOrUpdateFarcasterChannelTag( viewer: Viewer, request: CreateOrUpdateFarcasterChannelTagRequest, ): Promise { - if (DISABLE_TAGGING_FARCASTER_CHANNEL) { - throw new ServerError('internal_error'); - } + const permissionPromise = checkThreadPermission( + viewer, + request.commCommunityID, + threadPermissions.MANAGE_FARCASTER_CHANNEL_TAGS, + ); - const [communityInfos, blobDownload, keyserverID] = await Promise.all([ - fetchCommunityInfos(viewer, [request.commCommunityID]), - getFarcasterChannelTagBlob(request.farcasterChannelID), - thisKeyserverID(), - ]); + const [hasPermission, communityInfos, blobDownload, keyserverID] = + await Promise.all([ + permissionPromise, + fetchCommunityInfos(viewer, [request.commCommunityID]), + getFarcasterChannelTagBlob(request.farcasterChannelID), + thisKeyserverID(), + ]); + + if (!hasPermission) { + throw new ServerError('invalid_credentials'); + } if (communityInfos.length !== 1) { throw new ServerError('invalid_parameters'); } if (blobDownload.found) { throw new ServerError('already_in_use'); } const communityID = `${keyserverID}|${request.commCommunityID}`; const blobHolder = uuid.v4(); const blobResult = await uploadFarcasterChannelTagBlob( communityID, request.farcasterChannelID, blobHolder, ); if (!blobResult.success) { if (blobResult.reason === 'HASH_IN_USE') { throw new ServerError('already_in_use'); } else { throw new ServerError('unknown_error'); } } const query = SQL` START TRANSACTION; SELECT farcaster_channel_id, blob_holder INTO @currentFarcasterChannelID, @currentBlobHolder FROM communities WHERE id = ${request.commCommunityID} FOR UPDATE; UPDATE communities SET farcaster_channel_id = ${request.farcasterChannelID}, blob_holder = ${blobHolder} WHERE id = ${request.commCommunityID}; COMMIT; SELECT @currentFarcasterChannelID AS oldFarcasterChannelID, @currentBlobHolder AS oldBlobHolder; `; try { const [transactionResult] = await dbQuery(query, { multipleStatements: true, }); const selectResult = transactionResult.pop(); const [{ oldFarcasterChannelID, oldBlobHolder }] = selectResult; if (oldFarcasterChannelID && oldBlobHolder) { await deleteBlob( { hash: farcasterChannelTagBlobHash(oldFarcasterChannelID), holder: oldBlobHolder, }, true, ); } } catch (error) { await deleteBlob( { hash: farcasterChannelTagBlobHash(request.farcasterChannelID), holder: blobHolder, }, true, ); if (error.errno === MYSQL_DUPLICATE_ENTRY_FOR_KEY_ERROR_CODE) { throw new ServerError('already_in_use'); } throw new ServerError('invalid_parameters'); } return { commCommunityID: request.commCommunityID, farcasterChannelID: request.farcasterChannelID, }; } function getFarcasterChannelTagBlob( secret: string, ): Promise { const hash = farcasterChannelTagBlobHash(secret); return download(hash); } async function uploadFarcasterChannelTagBlob( commCommunityID: string, farcasterChannelID: string, holder: string, ): Promise { const payload = { commCommunityID, farcasterChannelID, }; const payloadString = JSON.stringify(payload); const hash = farcasterChannelTagBlobHash(farcasterChannelID); const blob = new Blob([payloadString]); const uploadResult = await uploadBlob(blob, hash); if (!uploadResult.success) { return uploadResult; } return await assignHolder({ holder, hash }); } export { createOrUpdateFarcasterChannelTag, uploadFarcasterChannelTagBlob }; diff --git a/keyserver/src/deleters/farcaster-channel-tag-deleters.js b/keyserver/src/deleters/farcaster-channel-tag-deleters.js index 0ab4ce518..334e5fbb1 100644 --- a/keyserver/src/deleters/farcaster-channel-tag-deleters.js +++ b/keyserver/src/deleters/farcaster-channel-tag-deleters.js @@ -1,61 +1,66 @@ // @flow -import { - DISABLE_TAGGING_FARCASTER_CHANNEL, - farcasterChannelTagBlobHash, -} from 'lib/shared/community-utils.js'; +import { farcasterChannelTagBlobHash } from 'lib/shared/community-utils.js'; import type { DeleteFarcasterChannelTagRequest } from 'lib/types/community-types'; +import { threadPermissions } from 'lib/types/thread-permission-types.js'; import { ServerError } from 'lib/utils/errors.js'; import { dbQuery, SQL } from '../database/database.js'; +import { checkThreadPermission } from '../fetchers/thread-permission-fetchers.js'; import { deleteBlob } from '../services/blob.js'; import type { Viewer } from '../session/viewer'; async function deleteFarcasterChannelTag( viewer: Viewer, request: DeleteFarcasterChannelTagRequest, ): Promise { - if (DISABLE_TAGGING_FARCASTER_CHANNEL) { - throw new ServerError('internal_error'); + const hasPermission = await checkThreadPermission( + viewer, + request.commCommunityID, + threadPermissions.MANAGE_FARCASTER_CHANNEL_TAGS, + ); + + if (!hasPermission) { + throw new ServerError('invalid_credentials'); } const query = SQL` START TRANSACTION; SELECT blob_holder INTO @currentBlobHolder FROM communities WHERE id = ${request.commCommunityID} AND farcaster_channel_id = ${request.farcasterChannelID} FOR UPDATE; UPDATE communities SET farcaster_channel_id = NULL, blob_holder = NULL WHERE id = ${request.commCommunityID} AND farcaster_channel_id = ${request.farcasterChannelID}; COMMIT; SELECT @currentBlobHolder AS blobHolder; `; const [transactionResult] = await dbQuery(query, { multipleStatements: true, }); const selectResult = transactionResult.pop(); const [row] = selectResult; if (row?.blobHolder) { await deleteBlob( { hash: farcasterChannelTagBlobHash(request.farcasterChannelID), holder: row.blobHolder, }, true, ); } } export { deleteFarcasterChannelTag }; diff --git a/lib/shared/community-utils.js b/lib/shared/community-utils.js index c4852f8aa..581838b5c 100644 --- a/lib/shared/community-utils.js +++ b/lib/shared/community-utils.js @@ -1,9 +1,7 @@ // @flow -const DISABLE_TAGGING_FARCASTER_CHANNEL = true; - function farcasterChannelTagBlobHash(farcasterChannelID: string): string { return `farcaster_channel_tag_${farcasterChannelID}`; } -export { DISABLE_TAGGING_FARCASTER_CHANNEL, farcasterChannelTagBlobHash }; +export { farcasterChannelTagBlobHash }; diff --git a/native/components/community-actions-button.react.js b/native/components/community-actions-button.react.js index a96073760..bac714ff3 100644 --- a/native/components/community-actions-button.react.js +++ b/native/components/community-actions-button.react.js @@ -1,197 +1,199 @@ // @flow import { useActionSheet } from '@expo/react-native-action-sheet'; import { useNavigation } from '@react-navigation/native'; import * as React from 'react'; import { TouchableOpacity, View } from 'react-native'; import { useSafeAreaInsets } from 'react-native-safe-area-context'; import { primaryInviteLinksSelector } from 'lib/selectors/invite-links-selectors.js'; -import { DISABLE_TAGGING_FARCASTER_CHANNEL } from 'lib/shared/community-utils.js'; import { useThreadHasPermission } from 'lib/shared/thread-utils.js'; import type { ThreadInfo } from 'lib/types/minimally-encoded-thread-permissions-types.js'; import { threadPermissions } from 'lib/types/thread-permission-types.js'; import { threadTypes } from 'lib/types/thread-types-enum.js'; import { useCurrentUserFID } from 'lib/utils/farcaster-utils.js'; -import { usingCommServicesAccessToken } from 'lib/utils/services-utils.js'; import SWMansionIcon from './swmansion-icon.react.js'; import { CommunityRolesScreenRouteName, InviteLinkNavigatorRouteName, ManagePublicLinkRouteName, RolesNavigatorRouteName, ViewInviteLinksRouteName, TagFarcasterChannelNavigatorRouteName, TagFarcasterChannelRouteName, } from '../navigation/route-names.js'; import { useSelector } from '../redux/redux-utils.js'; import { useStyles } from '../themes/colors.js'; type Props = { +community: ThreadInfo, }; function CommunityActionsButton(props: Props): React.Node { const { community } = props; const inviteLink = useSelector(primaryInviteLinksSelector)[community.id]; const { navigate } = useNavigation(); const fid = useCurrentUserFID(); const navigateToInviteLinksView = React.useCallback(() => { if (!inviteLink || !community) { return; } navigate<'InviteLinkNavigator'>(InviteLinkNavigatorRouteName, { screen: ViewInviteLinksRouteName, params: { community, }, }); }, [community, inviteLink, navigate]); const navigateToManagePublicLinkView = React.useCallback(() => { navigate<'InviteLinkNavigator'>(InviteLinkNavigatorRouteName, { screen: ManagePublicLinkRouteName, params: { community, }, }); }, [community, navigate]); const navigateToCommunityRolesScreen = React.useCallback(() => { navigate<'RolesNavigator'>(RolesNavigatorRouteName, { screen: CommunityRolesScreenRouteName, params: { threadInfo: community, }, }); }, [community, navigate]); const navigateToTagFarcasterChannel = React.useCallback(() => { navigate<'TagFarcasterChannelNavigator'>( TagFarcasterChannelNavigatorRouteName, { screen: TagFarcasterChannelRouteName, params: { communityID: community.id, }, }, ); }, [community.id, navigate]); const insets = useSafeAreaInsets(); const activeTheme = useSelector(state => state.globalThemeInfo.activeTheme); const styles = useStyles(unboundStyles); const canManageLinks = useThreadHasPermission( community, threadPermissions.MANAGE_INVITE_LINKS, ); const canChangeRoles = useThreadHasPermission( community, threadPermissions.CHANGE_ROLE, ); + const canManageFarcasterChannelTag = useThreadHasPermission( + community, + threadPermissions.MANAGE_FARCASTER_CHANNEL_TAGS, + ); const { showActionSheetWithOptions } = useActionSheet(); const actions = React.useMemo(() => { if (!community) { return null; } const result = []; if (canManageLinks) { result.push({ label: 'Manage invite links', action: navigateToManagePublicLinkView, }); } if (inviteLink) { result.push({ label: 'Invite link', action: navigateToInviteLinksView, }); } if (canChangeRoles) { result.push({ label: 'Manage roles', action: navigateToCommunityRolesScreen, }); } const canTagFarcasterChannel = - !DISABLE_TAGGING_FARCASTER_CHANNEL && + canManageFarcasterChannelTag && fid && - community.type !== threadTypes.GENESIS && - (usingCommServicesAccessToken || __DEV__); + community.type !== threadTypes.GENESIS; if (canTagFarcasterChannel) { result.push({ label: 'Tag Farcaster channel', action: navigateToTagFarcasterChannel, }); } if (result.length > 0) { return result; } return null; }, [ community, canManageLinks, inviteLink, canChangeRoles, + canManageFarcasterChannelTag, fid, navigateToManagePublicLinkView, navigateToInviteLinksView, navigateToCommunityRolesScreen, navigateToTagFarcasterChannel, ]); const openActionSheet = React.useCallback(() => { if (!actions) { return; } const options = [...actions.map(a => a.label), 'Cancel']; showActionSheetWithOptions( { options, cancelButtonIndex: options.length - 1, containerStyle: { paddingBottom: insets.bottom, }, userInterfaceStyle: activeTheme ?? 'dark', }, selectedIndex => { if (selectedIndex !== undefined && selectedIndex < actions.length) { actions[selectedIndex].action(); } }, ); }, [actions, activeTheme, insets.bottom, showActionSheetWithOptions]); let button = null; if (actions) { button = ( ); } return {button}; } const unboundStyles = { button: { color: 'drawerItemLabelLevel0', }, container: { width: 22, }, }; export default CommunityActionsButton;