mirror of
https://github.com/matrix-org/dendrite.git
synced 2026-01-16 10:33:11 -06:00
18db428c23
* pass in roomserver API so that we have access to the db * interface to get db info for spaceid and channelid * determine space or channel by querying the room db * Add authorization check to the JOIN endpoint * fix lint errors
178 lines
4.2 KiB
Go
178 lines
4.2 KiB
Go
package zion
|
|
|
|
import (
|
|
_ "embed"
|
|
"os"
|
|
|
|
"github.com/ethereum/go-ethereum/common"
|
|
"github.com/joho/godotenv"
|
|
"github.com/matrix-org/dendrite/authorization"
|
|
roomserver "github.com/matrix-org/dendrite/roomserver/api"
|
|
zion_goerli "github.com/matrix-org/dendrite/zion/contracts/goerli/zion_goerli"
|
|
zion_localhost "github.com/matrix-org/dendrite/zion/contracts/localhost/zion_localhost"
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
const (
|
|
localhostEndpointUrl = "LOCALHOST_ENDPOINT" // .env
|
|
goerliEndpointUrl = "GOERLI_ENDPOINT" // .env
|
|
)
|
|
|
|
//go:embed contracts/localhost/addresses/space-manager.json
|
|
var localhostJson []byte
|
|
|
|
//go:embed contracts/goerli/addresses/space-manager.json
|
|
var goerliJson []byte
|
|
|
|
type ZionAuthorization struct {
|
|
store Store
|
|
spaceManagerLocalhost *zion_localhost.ZionSpaceManagerLocalhost
|
|
spaceManagerGoerli *zion_goerli.ZionSpaceManagerGoerli
|
|
}
|
|
|
|
func NewZionAuthorization(rsAPI roomserver.ClientRoomserverAPI) (authorization.Authorization, error) {
|
|
err := godotenv.Load(".env")
|
|
if err != nil {
|
|
log.Errorln("error loading .env file", err)
|
|
}
|
|
|
|
var auth ZionAuthorization
|
|
|
|
auth.store = NewStore(rsAPI)
|
|
|
|
localhost, err := newZionSpaceManagerLocalhost(os.Getenv(localhostEndpointUrl))
|
|
if err != nil {
|
|
log.Errorln("error instantiating ZionSpaceManagerLocalhost", err)
|
|
}
|
|
auth.spaceManagerLocalhost = localhost
|
|
|
|
goerli, err := newZionSpaceManagerGoerli(os.Getenv(goerliEndpointUrl))
|
|
if err != nil {
|
|
log.Errorln("error instantiating ZionSpaceManagerGoerli", err)
|
|
}
|
|
auth.spaceManagerGoerli = goerli
|
|
|
|
return &auth, nil
|
|
}
|
|
|
|
func (za *ZionAuthorization) IsAllowed(args authorization.AuthorizationArgs) (bool, error) {
|
|
userIdentifier := CreateUserIdentifier(args.UserId)
|
|
|
|
// Find out if roomId is a space or a channel.
|
|
roomInfo := za.store.GetRoomInfo(args.RoomId, userIdentifier)
|
|
|
|
// Owner of the space / channel is always allowed to proceed.
|
|
if roomInfo.IsOwner {
|
|
return true, nil
|
|
}
|
|
|
|
switch userIdentifier.ChainId {
|
|
case 1337, 31337:
|
|
return za.isAllowedLocalhost(roomInfo, userIdentifier.AccountAddress, args.Permission)
|
|
case 5:
|
|
return za.isAllowedGoerli(roomInfo, userIdentifier.AccountAddress, args.Permission)
|
|
default:
|
|
log.Errorf("Unsupported chain id: %d\n", userIdentifier.ChainId)
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
func (za *ZionAuthorization) isAllowedLocalhost(
|
|
roomInfo RoomInfo,
|
|
user common.Address,
|
|
permission authorization.Permission,
|
|
) (bool, error) {
|
|
if za.spaceManagerLocalhost != nil {
|
|
permission := zion_localhost.DataTypesPermission{
|
|
Name: permission.String(),
|
|
}
|
|
|
|
isEntitled, err := za.spaceManagerLocalhost.IsEntitled(
|
|
nil,
|
|
roomInfo.SpaceNetworkId,
|
|
roomInfo.ChannelNetworkId,
|
|
user,
|
|
permission,
|
|
)
|
|
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
return isEntitled, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
func (za *ZionAuthorization) isAllowedGoerli(
|
|
roomInfo RoomInfo,
|
|
user common.Address,
|
|
permission authorization.Permission,
|
|
) (bool, error) {
|
|
if za.spaceManagerGoerli != nil {
|
|
permission := zion_goerli.DataTypesPermission{
|
|
Name: permission.String(),
|
|
}
|
|
|
|
isEntitled, err := za.spaceManagerGoerli.IsEntitled(
|
|
nil,
|
|
roomInfo.SpaceNetworkId,
|
|
roomInfo.ChannelNetworkId,
|
|
user,
|
|
permission,
|
|
)
|
|
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
return isEntitled, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|
|
|
|
func newZionSpaceManagerLocalhost(endpointUrl string) (*zion_localhost.ZionSpaceManagerLocalhost, error) {
|
|
addresses, err := loadSpaceManagerAddresses(localhostJson)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
address := common.HexToAddress(addresses.Spacemanager)
|
|
|
|
client, err := GetEthClient(endpointUrl)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
spaceManager, err := zion_localhost.NewZionSpaceManagerLocalhost(address, client)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return spaceManager, nil
|
|
}
|
|
|
|
func newZionSpaceManagerGoerli(endpointUrl string) (*zion_goerli.ZionSpaceManagerGoerli, error) {
|
|
addresses, err := loadSpaceManagerAddresses(goerliJson)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
address := common.HexToAddress((addresses.Spacemanager))
|
|
|
|
client, err := GetEthClient(endpointUrl)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
spaceManager, err := zion_goerli.NewZionSpaceManagerGoerli(address, client)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return spaceManager, nil
|
|
}
|