-
Notifications
You must be signed in to change notification settings - Fork 76
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Community: View&Post token-permitted channel input is not locked when requirements do not match #14117
Community: View&Post token-permitted channel input is not locked when requirements do not match #14117
Comments
@jrainville sounds like 2.29? |
Nah, that should be RC. It used to work in 2.27 though |
@cammellos you self-assigned because you know what is going on? From the video, it feels like the backend code is ok. Or at least the canPost code works, because it doesn't send. |
@jrainville I assigned myself since I was looking on similar issue on mobile status-im/status-mobile#19363 , but if anyone wants in the meantime to look into it, i will unassign myself, it might be 2 different issues |
Hi there, I managed to reproduce the issue easily by following the steps. ...
_sendChatMessage
DBG 2024-03-25 12:48:37.185-07:00 [threadpool task thread] initiating task topics="task-threadpool" tid=422996 file=threadpool.nim:54 messageType=AsyncGetTextURLsToUnfurlTaskArg:ObjectType threadid=422996 task="{\"$type\":\"AsyncGetTextURLsToUnfurlTaskArg:ObjectType\",\"text\":\"plop\",\"requestUuid\":\"e3401975-e89a-4128-9a95-dd12b00d5101\",\"vptr\":93994562982848,\"slot\":\"onAsyncGetTextURLsToUnfurl\",\"tptr\":93994542558448}"
DBG 2024-03-25 12:48:37.185-07:00 NewBE_callPrivateRPC topics="rpc" tid=422996 file=core.nim:27 rpc_method=wakuext_getTextURLsToUnfurl
ERR 2024-03-25 12:48:37.189-07:00 rpc response error topics="rpc" tid=422962 file=core.nim:36 err="\nstatus-go error [methodName:wakuext_sendChatMessage, code:-32000, message:can't post message type '1' on chat '0x03d596865454ef963dfaaa687d4d7972b298874ecd08efa86432f4501cc9cd2a3d845c8962-35ed-490e-99c5-9a8786e0e7bf' ]\n"
ERR 2024-03-25 12:48:37.189-07:00 error doing rpc request topics="rpc" tid=422962 file=core.nim:40 methodName=wakuext_sendChatMessage exception="\nstatus-go error [methodName:wakuext_sendChatMessage, code:-32000, message:can't post message type '1' on chat '0x03d596865454ef963dfaaa687d4d7972b298874ecd08efa86432f4501cc9cd2a3d845c8962-35ed-490e-99c5-9a8786e0e7bf' ]\n"
ERR 2024-03-25 12:48:37.189-07:00 Error sending message topics="chat-service" tid=422962 file=service.nim:567 msg="\nstatus-go error [methodName:wakuext_sendChatMessage, code:-32000, message:can't post message type '1' on chat '0x03d596865454ef963dfaaa687d4d7972b298874ecd08efa86432f4501cc9cd2a3d845c8962-35ed-490e-99c5-9a8786e0e7bf' ]\n"
... Screencast.from.2024-03-25.12.48.29.PM.webm
Please notice the missing members, this needs to be addressed too... in another ticket... |
That means that the backend works correctly and that the addresses were shared correctly. We are just failing to update correctly the permission model so that the UI is blocked. Does a restart fix it? If so, we only need to recalculate the permissions. If not, then we need to improve the calculation to use the selected addresses only. |
EDIT : So the address that was shared was the one that doesn't match the requirements to view and post. So something wrong with the calculations of the permissions in the first place 😕 So going to the analysis now to meet your guidance saying :
. Thanks so much |
Looking at your screenshot, it doesn't look fixed. When you don't have the tokens for a view/post channel, you shouldn't be able to see inside of it. |
I made some tests injecting fake values and could see that the UI is working perfect. The issue is coming from the final calculation of the permission indeed. and this code is the entry point to dive deep https://github.com/status-im/status-go/blob/98c3be55b937582374e60adb651543c5f1348c29/protocol/communities/manager.go#L2884 Based on my latest finding, it seems like when we pass
to the
This means that because of that error, we are unable to retrieve the balance for the addresses provided, therefore we do not validate any permissions. |
We had a discussion with @kounkou One issue we identified is that That's not the correct way, mobile was doing the same and we had the same issue. Access is checked by the control node, as you need encryption keys for example, and those are only sent over once the admin can validate the user has the available tokens, so all the access control should be directed by the admin, rather than the client. There are flags happy to go into more details if needed. |
So the main source of the problem I have identified in the flow of Ethereum Classic (ETC) network : 420
Fantom Opera network (FTM) : 421613
Goerli Testnet : 5 while we expect the following chainIDs Ethereum Mainnet : 1
Optimistic Ethereum (OΞ) network : 10
Arbitrum network : 42161 Solving this issue will help fix the root cause of why we aren't able to fetch balance for an address and therefore not validate the constraints. |
Because I was using a community where the owner token was minted with Goerli, this had misleading effects on my tests. I need to move away from using that community and reperform some tests to make sure I can fix the issue more consistently. |
Currently the PR is WIP. This PR fixes #14117 -[] Detect changes when user edits/create/delete permissions -[] Set the channel permissions at boot -[] Restore write when channel is unlocked
Currently the PR is WIP. This PR fixes #14117 -[] Detect changes when user edits/create/delete permissions -[] Set the channel permissions at boot -[] Restore write when channel is unlocked
Currently the PR is WIP. This PR fixes #14117 and will fix the following use cases - Restore write when channel is unlocked - Set the channel permissions at boot - Detect changes when user - edit permissions - create permissions - delete permissions
Currently the PR is WIP. This PR fixes #14117 and will fix the following use cases - Restore write when channel is unlocked - Set the channel permissions at boot - Detect changes when user - edit permissions - create permissions - delete permissions
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
linking PR : status-im/status-go#5023 |
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
…cked We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
We are now able to lock consistently the channel if we do not have permission to view&post. This PR fixes status-im/status-desktop#14117
@kounkou don't forget to create a cherry-pick for |
Description
As result, member is somewhat joined the community, is able to see a channel and the channel input is not locked. However, posting to the channel do not send the messages (they are not delivered)
Screen.Recording.2024-03-22.at.15.34.42.mov
The text was updated successfully, but these errors were encountered: