Skip to content

Commit

Permalink
Merge pull request #3 from JoinColony/prod-proxy-debugging
Browse files Browse the repository at this point in the history 
Updates required after testing
  • Loading branch information
@area
area authored Dec 7, 2023
2 parents d256585 + 1927d95 commit 7d1982e
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 43 deletions.
115 changes: 75 additions & 40 deletions src/routes/graphql/mutations.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,104 +25,139 @@ const hasMutationPermissions = async (
case MutationOperations.CreateUniqueUser:
case MutationOperations.UpdateUserProfile: {
const { input: { id }} = JSON.parse(variables);
return id === userAddress;
return id?.toLowerCase() === userAddress?.toLowerCase();
}
case MutationOperations.CreateTransaction:
case MutationOperations.UpdateTransaction: {
const { input: { from } } = JSON.parse(variables);
return from === userAddress;
return from?.toLowerCase() === userAddress?.toLowerCase();
}
case MutationOperations.CreateUserTokens: {
const { input: { userID } } = JSON.parse(variables);
return userID === userAddress;
return userID?.toLowerCase() === userAddress?.toLowerCase();
}
/*
* Colony
*/
case MutationOperations.CreateUniqueColony: {
const { input: { userId } } = JSON.parse(variables);
return userId === userAddress;
return userId?.toLowerCase() === userAddress?.toLowerCase();
}
case MutationOperations.CreateColonyMetadata:
case MutationOperations.UpdateColonyMetadata: {
const { input: { id: colonyAddress } } = JSON.parse(variables);
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Root}`];
try {
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Root}`];
} catch (error) {
// silent
return false;
}
}
case MutationOperations.CreateWatchedColonies: {
const { input: { userID } } = JSON.parse(variables);
return userID === userAddress;
return userID?.toLowerCase() === userAddress?.toLowerCase();
}
case MutationOperations.DeleteWatchedColonies: {
const { input: { id: relationId } } = JSON.parse(variables);
const data = await tryFetchGraphqlQuery(getWatchedColonies, { relationId });
return data?.userID === userAddress;
try {
const data = await tryFetchGraphqlQuery(getWatchedColonies, { relationId });
return data?.userID?.toLowerCase() === userAddress?.toLowerCase();
} catch (error) {
// silent
return false;
}
}
case MutationOperations.CreateColonyContributor: {
const { input: { contributorAddress } } = JSON.parse(variables);
return contributorAddress === userAddress;
return contributorAddress?.toLowerCase() === userAddress?.toLowerCase();
}
case MutationOperations.UpdateColonyContributor: {
const { input: { id: combinedContributorId } } = JSON.parse(variables);
const [, contributorWalletAddress] = combinedContributorId.split('_');
return contributorWalletAddress === userAddress;
return contributorWalletAddress?.toLowerCase() === userAddress?.toLowerCase();
}
/*
* Domains
*/
case MutationOperations.CreateDomain: {
const { input: { colonyId: colonyAddress } } = JSON.parse(variables);
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Architecture}`];
try {
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Architecture}`];
} catch (error) {
// silent
return false;
}
}
case MutationOperations.CreateDomainMetadata:
case MutationOperations.UpdateDomainMetadata: {
const { input: { id: combinedId } } = JSON.parse(variables);
const [colonyAddress] = combinedId.split('_');
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Architecture}`];
try {
const [colonyAddress] = combinedId.split('_');
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Architecture}`];
} catch (error) {
// silent
return false;
}
}
/*
* Actions, Mutations
*/
case MutationOperations.CreateAnnotation:
case MutationOperations.CreateColonyActionMetadata: {
const { input: { id: actionId } } = JSON.parse(variables);
const data = await tryFetchGraphqlQuery(getColonyAction, { actionId });
return data.initiatorAddress === userAddress;
try {
const data = await tryFetchGraphqlQuery(getColonyAction, { actionId });
return data.initiatorAddress?.toLowerCase() === userAddress?.toLowerCase();
} catch (error) {
// silent
return false;
}
}
/*
* Tokens
*/
case MutationOperations.CreateColonyTokens: {
const { input: { colonyID: colonyAddress } } = JSON.parse(variables);
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Root}`];
}
case MutationOperations.DeleteColonyTokens: {
const { input: { id: tokenColonyId } } = JSON.parse(variables);
const tokenData = await tryFetchGraphqlQuery(getColonyTokens, { tokenColonyId });

if (tokenData?.colonyID) {
try {
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${tokenData.colonyID}_1_${userAddress}_roles` },
{ combinedId: `${colonyAddress}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Root}`];
} catch (error) {
// silent
return false;
}
}
case MutationOperations.DeleteColonyTokens: {
const { input: { id: tokenColonyId } } = JSON.parse(variables);
try {
const tokenData = await tryFetchGraphqlQuery(getColonyTokens, { tokenColonyId });

if (tokenData?.colonyID) {
const data = await tryFetchGraphqlQuery(
getColonyRole,
{ combinedId: `${tokenData.colonyID}_1_${userAddress}_roles` },
);
return !!data[`role_${ColonyRole.Root}`];
}
return false;
} catch (error) {
// silent
return false;
}
return false;
}
/*
* Always allow, it's just updating cache, anybody can trigger it
Expand Down
15 changes: 12 additions & 3 deletions src/server.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,30 @@ import routes from '~routes';
import { getStaticOrigin, isDevMode } from './helpers';
import ExpressSession from './ExpressSession';
import { operationExecutionHandler } from '~routes';
import { Headers } from "~types";

dotenv.config();

const proxyServerInstace = () => {
const proxyServer = express();

proxyServer.use(express.json());
proxyServer.use(function (req, res, next) {
// FIXME WOW THIS IS BAD
if (!isDevMode()){
req.headers[Headers.ForwardedProto] = 'https';
}
next();
});

proxyServer.use(express.json({limit: '1mb'}));

proxyServer.use(cors({
origin: getStaticOrigin,
credentials: true,
}));

proxyServer.set('trust proxy', true);

proxyServer.use(ExpressSession({
name: process.env.COOKIE_NAME,
secret: process.env.COOKIE_SECRET || 'pleasechangemebeforegoingintoproduction',
Expand All @@ -28,8 +39,6 @@ const proxyServerInstace = () => {
cookie: { secure: !isDevMode(), sameSite: true },
}));

proxyServer.set('trust proxy', true);

/*
* @NOTE Handle async GraphQL logic to decide if we allow a operation or not
*/
Expand Down
1 change: 1 addition & 0 deletions src/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ export enum Headers {
Cookie = 'Cookie',
SetCookie = 'Set-Cookie',
ForwardedFor = 'x-forwarded-for',
ForwardedProto = 'x-forwarded-proto',
ApiKey = 'x-api-key',
PoweredBy = 'X-Powered-By',
}
Expand Down

0 comments on commit 7d1982e

Please sign in to comment.