Only authorized users can pay bonuses

Ovifer13 · Ovifer13 · commit ba3675f99444 · 2023-06-28T17:06:30.000-04:00
diff --git a/.env.example b/.env.example
@@ -21,6 +21,7 @@ BTCPAYSERVER_WALLET_ID=
 BTCPAYSERVER_SECRET=
 OAUTH_REDIRECT_NEW_USERS=
 OAUTH_REDIRECT_EXISTING_USERS=
+TEMP_AUTHORIZED_SUPERUSER_ID=
 
 # Frontend environment variables (/src)
 # require `REACT_APP_` prefix
diff --git a/api/config/constants.js b/api/config/constants.js
@@ -1,6 +1,7 @@
 require('dotenv').config()
 
 module.exports = {
+    TEMP_AUTHORIZED_SUPERUSER_ID: process.env.TEMP_AUTHORIZED_SUPERUSER_ID,
     GITHUB_OAUTH_URL: 'https://github.com/login/oauth/access_token',
     INVOICELY_CSV_PATH: `${process.env.INVOICELY_CSV_PATH}`,
     SITE_ROOT: process.env.NODE_ENV == 'production'
diff --git a/api/schema/resolvers/PaymentResolver.js b/api/schema/resolvers/PaymentResolver.js
@@ -5,7 +5,7 @@ const bitcoinConversion = require('bitcoin-conversion')
 
 const { validateDatesFormat } = require('../helpers/inputValidation')
 const apiModules = require('../../modules')
-const { DEFAULT_STRIPE_CURRENCY, STRIPE_SUPPORTED_CURRENCIES } = require('../../config/constants')
+const { DEFAULT_STRIPE_CURRENCY, STRIPE_SUPPORTED_CURRENCIES, TEMP_AUTHORIZED_SUPERUSER_ID } = require('../../config/constants')
 const lnd = require('../../handlers/lnd')
 const btcPayServer = require('../../handlers/btcPayServer')
 
@@ -152,74 +152,78 @@ module.exports = {
                 throw new Error('Failed to convert USD to SATS: ', error);
             }
         },
-        sendPayment: async (root, { contributors }, { models }) => {
-            const results = []
-            const onChainAddresses = []
-
-            const contributorIds = contributors.map(c => c.id)
-            const amounts = contributors.map(c => c.amount)
-
-            const reflect = promise => promise.then(
-                value => ({ status: 'fulfilled', value }),
-                error => ({ status: 'rejected', reason: error })
-            )
-            
-            const wallets = await models.Wallet.findAll({
-                where: {
-                    contributor_id: contributorIds
+        sendPayment: async (root, { contributors }, { cookies, models }) => {
+            if (cookies.userSession === TEMP_AUTHORIZED_SUPERUSER_ID) {
+                const results = []
+                const onChainAddresses = []
+    
+                const contributorIds = contributors.map(c => c.id)
+                const amounts = contributors.map(c => c.amount)
+    
+                const reflect = promise => promise.then(
+                    value => ({ status: 'fulfilled', value }),
+                    error => ({ status: 'rejected', reason: error })
+                )
+                
+                const wallets = await models.Wallet.findAll({
+                    where: {
+                        contributor_id: contributorIds
+                    }
+                })
+    
+                const invoices = await Promise.all(wallets.map(async (wallet, i) => {
+                    if (wallet.dataValues.invoice_macaroon) {
+                        const invoice = await lnd.addInvoice(wallet.dataValues.lnd_host, wallet.dataValues.lnd_port, wallet.dataValues.invoice_macaroon, amounts[i])
+                        return invoice.payment_request
+                    } else {
+                        onChainAddresses.push({
+                            address: wallet.dataValues.onchain_address,
+                            amount: amounts[i]
+                        })
+                        return null
+                    }
+                }))
+    
+                if (invoices) {
+                    const lndInvoices = invoices.filter(invoice => invoice !== null)
+        
+                    const payLndInvoices = async () => lndInvoices.map(async invoice => {
+                        return reflect(btcPayServer.payLightningInvoice(invoice))
+                            .then(result => {
+                                return result.status === 'fulfilled' ? result.value : { error: result.reason.message, status: result.status }
+                            })
+                    })
+                    const lndInvocesResults = await Promise.all(await payLndInvoices())
+                    results.push(...lndInvocesResults)
                 }
-            })
-
-            const invoices = await Promise.all(wallets.map(async (wallet, i) => {
-                if (wallet.dataValues.invoice_macaroon) {
-                    const invoice = await lnd.addInvoice(wallet.dataValues.lnd_host, wallet.dataValues.lnd_port, wallet.dataValues.invoice_macaroon, amounts[i])
-                    return invoice.payment_request
-                } else {
-                    onChainAddresses.push({
-                        address: wallet.dataValues.onchain_address,
-                        amount: amounts[i]
+    
+                if (onChainAddresses) {
+                    const payOnChain = async () => onChainAddresses.map(async receiver => {
+                        return reflect(btcPayServer.createOnChainTransaction(receiver.address, String(receiver.amount / 100000000)))
+                            .then(result => {
+                                return result.status === 'fulfilled' ? result.value : { error: result.reason.message, status: result.status }
+                            })
                     })
-                    return null
+                    const onChainResults = await Promise.all(await payOnChain())
+                    results.push(...onChainResults)
                 }
-            }))
-
-            if (invoices) {
-                const lndInvoices = invoices.filter(invoice => invoice !== null)
     
-                const payLndInvoices = async () => lndInvoices.map(async invoice => {
-                    return reflect(btcPayServer.payLightningInvoice(invoice))
-                        .then(result => {
-                            return result.status === 'fulfilled' ? result.value : { error: result.reason.message, status: result.status }
-                        })
-                })
-                const lndInvocesResults = await Promise.all(await payLndInvoices())
-                results.push(...lndInvocesResults)
-            }
-
-            if (onChainAddresses) {
-                const payOnChain = async () => onChainAddresses.map(async receiver => {
-                    return reflect(btcPayServer.createOnChainTransaction(receiver.address, String(receiver.amount / 100000000)))
-                        .then(result => {
-                            return result.status === 'fulfilled' ? result.value : { error: result.reason.message, status: result.status }
+                results.map(result => {
+                    if (result && !result.error) {
+                        models.Payment.create({
+                            amount: result.paymentRequest ? result.amount / 1000 : result.amount,
+                            external_uuid: result.paymentRequest ? result.paymentRequest : result.transactionHash,
+                            date_incurred: moment.unix(result.createdAt ? result.createdAt : result.timestamp).utc().format('YYYY-MM-DD'),
+                            external_uuid_type: 'bitcoin',
+                            currency: 'SATS'
                         })
+                    }
                 })
-                const onChainResults = await Promise.all(await payOnChain())
-                results.push(...onChainResults)
+                return results
+            } else {
+                throw new Error('Unathorized user')
             }
 
-            results.map(result => {
-                if (result && !result.error) {
-                    models.Payment.create({
-                        amount: result.paymentRequest ? result.amount / 1000 : result.amount,
-                        external_uuid: result.paymentRequest ? result.paymentRequest : result.transactionHash,
-                        date_incurred: moment.unix(result.createdAt ? result.createdAt : result.timestamp).utc().format('YYYY-MM-DD'),
-                        external_uuid_type: 'bitcoin',
-                        currency: 'SATS'
-                    })
-                }
-            })
-
-            return results
         }
     }
 
diff --git a/srcv2/constants/index.js b/srcv2/constants/index.js
@@ -1,4 +1,5 @@
 export const API_ROOT = process.env.REACT_APP_API_URL
+export const TEMP_AUTHORIZED_SUPERUSER_ID = process.env.TEMP_AUTHORIZED_SUPERUSER_ID
 export const IS_PRODUCTION = process.env.NODE_ENV == 'production' ? true : false
 export const GITHUB_LOGO_URL = 'https://project-trinary.s3.us-east-1.amazonaws.com/images/github-icon.png'
 export const GITHUB_ALT_LOGO_URL = 'https://setlife-solutions.s3.us-east-1.amazonaws.com/images/github-alt-logo.png'
diff --git a/srcv2/pages/ProjectDetailPage.js b/srcv2/pages/ProjectDetailPage.js
@@ -17,6 +17,8 @@ import { getHandle, selectCurrencyInformation } from '../scripts/selectors'
 
 import { sessionUser } from '../reactivities/variables'
 
+import { TEMP_AUTHORIZED_SUPERUSER_ID } from '../constants'
+
 const ProjectDetailPage = (props) => {
 
     const { projectId } = useParams()
@@ -181,7 +183,7 @@ const ProjectDetailPage = (props) => {
                             Active Contributors
                         </p>
                     </div>
-                    {sessionUser().wallet && sessionUser().wallet.invoice_macaroon && sessionUser().github_handle.split('/')[3] == 'otech47' &&
+                    {sessionUser().id === TEMP_AUTHORIZED_SUPERUSER_ID &&
                         <button
                             type='button'
                             className='border-2 border-setlife text-setlife rounded-full py-1 mb-4 w-fit h-fit px-2 ml-auto'

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`export const API_ROOT = process.env.REACT_APP_API_URL`
	`2`	`+export const TEMP_AUTHORIZED_SUPERUSER_ID = process.env.TEMP_AUTHORIZED_SUPERUSER_ID`
`2`	`3`	`export const IS_PRODUCTION = process.env.NODE_ENV == 'production' ? true : false`
`3`	`4`	`export const GITHUB_LOGO_URL = 'https://project-trinary.s3.us-east-1.amazonaws.com/images/github-icon.png'`
`4`	`5`	`export const GITHUB_ALT_LOGO_URL = 'https://setlife-solutions.s3.us-east-1.amazonaws.com/images/github-alt-logo.png'`