feat: use token address when checking authorizations

package.json

@@ -42,6 +42,7 @@
     "@typescript-eslint/eslint-plugin": "5.21.0",
     "@typescript-eslint/parser": "5.21.0",
     "@well-known-components/env-config-provider": "^1.1.1",
+    "@well-known-components/http-server": "^1.1.6",
     "eslint": "8.14.0",
     "eslint-config-prettier": "8.5.0",
     "eslint-plugin-prettier": "4.0.0",
@@ -51,13 +52,13 @@
     "typescript": "^4.7.3"
   },
   "dependencies": {
-    "@dcl/block-indexer": "^1.1.1-4056737184.commit-2112891",
+    "@dcl/block-indexer": "^1.1.0",
     "@dcl/content-hash-tree": "^1.1.4",
     "@dcl/hashing": "1.1.3",
     "@dcl/schemas": "^6.13.4",
     "@dcl/urn-resolver": "2.0.3",
-    "@well-known-components/interfaces": "1.3.0",
-    "@well-known-components/thegraph-component": "^1.2.0",
+    "@well-known-components/interfaces": "^1.3.0",
+    "@well-known-components/thegraph-component": "^1.4.3",
     "ms": "2.1.3",
     "sharp": "^0.30.6"
   },

src/types.ts

@@ -178,6 +178,16 @@ export type ContentValidatorComponents = {
 export type SubgraphAccessCheckerComponents = Pick<ContentValidatorComponents, 'logs' | 'externalCalls'> & {
   theGraphClient: TheGraphClient
   subGraphs: SubGraphs
+  tokenAddresses: TokenAddresses
+}
+
+/**
+ * Required Smart Contract addresses.
+ * @public
+ */
+export type TokenAddresses = {
+  estate: EthAddress
+  land: EthAddress
 }
 
 /**

src/validations/access/subgraph/scenes.ts

@@ -45,8 +45,9 @@ type Authorization = {
 export function createSceneValidateFn({
   externalCalls,
   subGraphs,
-  logs
-}: Pick<SubgraphAccessCheckerComponents, 'externalCalls' | 'logs' | 'subGraphs'>) {
+  logs,
+  tokenAddresses
+}: Pick<SubgraphAccessCheckerComponents, 'externalCalls' | 'logs' | 'subGraphs' | 'tokenAddresses'>) {
   const logger = logs.getLogger('scenes access validator')
 
   const SCENE_LOOKBACK_TIME = ms('5m')
@@ -55,15 +56,17 @@ export function createSceneValidateFn({
     const getAuthorizations = async (
       owner: EthAddress,
       operator: EthAddress,
-      timestamp: Timestamp
+      timestamp: Timestamp,
+      tokenAddress: EthAddress
     ): Promise<Authorization[]> => {
       const query = `
-          query GetAuthorizations($owner: String!, $operator: String!, $timestamp: Int!) {
+          query GetAuthorizations($owner: String!, $operator: String!, $timestamp: Int!, $tokenAddress: String!) {
               authorizations(
                       where: {
                           owner: $owner,
                           operator: $operator,
-                          createdAt_lte: $timestamp
+                          createdAt_lte: $timestamp,
+                          tokenAddress: $tokenAddress
                       },
                       orderBy: timestamp,
                       orderDirection: desc
@@ -76,7 +79,8 @@ export function createSceneValidateFn({
       const variables = {
         owner,
         operator,
-        timestamp: Math.floor(timestamp / 1000) // js(ms) -> UNIX(s)
+        timestamp: Math.floor(timestamp / 1000), // js(ms) -> UNIX(s)
+        tokenAddress
       }
 
       try {
@@ -215,13 +219,19 @@ export function createSceneValidateFn({
     const hasAccessThroughAuthorizations = async (
       owner: EthAddress,
       ethAddress: EthAddress,
-      timestamp: Timestamp
+      timestamp: Timestamp,
+      tokenAddress: EthAddress
     ): Promise<boolean> => {
       /* You also get access if you received:
        *   - an authorization with isApproved and type Operator, ApprovalForAll or UpdateManager
        * at that time
        */
-      const authorizations = await getAuthorizations(owner.toLowerCase(), ethAddress.toLowerCase(), timestamp)
+      const authorizations = await getAuthorizations(
+        owner.toLowerCase(),
+        ethAddress.toLowerCase(),
+        timestamp,
+        tokenAddress.toLowerCase()
+      )
 
       const firstOperatorAuthorization = authorizations.find((authorization) => authorization.type === 'Operator')
       const firstApprovalForAllAuthorization = authorizations.find(
@@ -261,7 +271,7 @@ export function createSceneValidateFn({
       if (estate) {
         return (
           (await hasAccessThroughFirstLevelAuthorities(estate, ethAddress)) ||
-          (await hasAccessThroughAuthorizations(estate.owners[0].address, ethAddress, timestamp))
+          (await hasAccessThroughAuthorizations(estate.owners[0].address, ethAddress, timestamp, tokenAddresses.estate))
         )
       }
       throw new Error(`Couldn\'t find the state ${estateId}`)
@@ -287,7 +297,12 @@ export function createSceneValidateFn({
 
         return (
           (await hasAccessThroughFirstLevelAuthorities(parcel, ethAddress)) ||
-          (await hasAccessThroughAuthorizations(parcel.owners[0].address, ethAddress, timestamp)) ||
+          (await hasAccessThroughAuthorizations(
+            parcel.owners[0].address,
+            ethAddress,
+            timestamp,
+            tokenAddresses.land
+          )) ||
           (belongsToEstate && (await isEstateUpdateAuthorized(parcel.estates[0].estateId, timestamp, ethAddress)))
         )
       }

test/unit/subgraph-access-checker/mock.ts

@@ -1,4 +1,4 @@
-import { SubgraphAccessCheckerComponents, SubGraphs, ValidateFn } from '../../../src'
+import { SubgraphAccessCheckerComponents, SubGraphs, TokenAddresses, ValidateFn } from '../../../src'
 import { createEmoteValidateFn, createWearableValidateFn } from '../../../src/validations/access/common/items'
 import {
   createV1andV2collectionAssetValidateFn,
@@ -50,11 +50,13 @@ export const buildSubgraphAccessCheckerComponents = (
   const subGraphs = provided?.subGraphs ?? buildSubGraphs()
   const theGraphClient =
     provided?.theGraphClient ?? createTheGraphClient({ logs: basicComponents.logs, subGraphs, ...provided })
+  const tokenAddresses = provided?.tokenAddresses ?? buildTokenAddresses()
 
   return {
     ...basicComponents,
     theGraphClient,
-    subGraphs
+    subGraphs,
+    tokenAddresses
   }
 }
 
@@ -239,3 +241,7 @@ export function buildEmoteValidateFn(components: SubgraphAccessCheckerComponents
 
   return createEmoteValidateFn(components, v1andV2collectionAssetValidateFn, thirdPartyAssetValidateFn)
 }
+
+export function buildTokenAddresses(): TokenAddresses {
+  return { land: 'asd', estate: 'asd' }
+}