emallson/scorecard - Change C55X6B5YBXZ7SVRC4IDCRG6BY5ZW2V6JORGQ2WMQPBAECVLMZOMQC

revocation works

Created by emallson on February 25, 2021

C55X6B5YBXZ7SVRC4IDCRG6BY5ZW2V6JORGQ2WMQPBAECVLMZOMQC

Dependencies

In channels

production

main

test

Change contents

Replacement in server/src/user_auth.rs at line 2 [3.303637]
B:BD[3.303673] → [3.303673:303693]
```
use anyhow::Result;
```
[3.303673]
[3.303693]
```
use anyhow::{anyhow, Result};
```
Insertion in server/src/user_auth.rs at line 6 [3.303637]
[2.57]
[3.303756]
```
use log::error;
```
Insertion in server/src/user_auth.rs at line 8 [3.303637]
[3.303777]
[3.303777]
```
use serde_derive::Deserialize;
use std::collections::HashMap;
```

Insertion in server/src/user_auth.rs at line 11 [3.303637]

[3.303778]

#[derive(Deserialize)]
#[serde(untagged)]
enum TokenResponse {
    Ok(WclToken),
    Err(HashMap<String, String>),
}

Replacement in server/src/user_auth.rs at line 23 [3.303637]
B:BD[3.303898] → [3.303898:303909]
```
    client
```
[3.303898]
[3.303909]
```
    let res = client
```

Replacement in server/src/user_auth.rs at line 32 [3.303637]

B:BD[3.304174] → [3.304174:304255]

        .json::<WclToken>()
        .await
        .map_err(anyhow::Error::from)

[3.304174]

[3.304255]

        .json::<TokenResponse>()
        .await?;
    match res {
        TokenResponse::Ok(token) => Ok(token),
        TokenResponse::Err(err) => {
            error!("an error occurred while refreshing a user token: {:?}", err);
            return Err(anyhow!("unable to refresh token"));
        }
    }

Replacement in server/src/user_auth.rs at line 51 [3.303637]
B:BD[3.304579] → [3.304579:304590]
```
    client
```
[3.304579]
[3.304590]
```
    let res = client
```

Replacement in server/src/user_auth.rs at line 61 [3.303637]

B:BD[3.304886] → [3.304886:304967]

        .json::<WclToken>()
        .await
        .map_err(anyhow::Error::from)

[3.304886]

[3.304967]

        .json::<TokenResponse>()
        .await?;
    match res {
        TokenResponse::Ok(token) => Ok(token),
        TokenResponse::Err(err) => {
            error!("an error occurred while acquiring a user token: {:?}", err);
            return Err(anyhow!("unable to acquire token"));
        }
    }

Replacement in server/src/graphql.rs at line 15 [4.13630]
B:BD[4.13900] → [4.13900:13963]
```
use diesel::r2d2::{ConnectionManager, Pool, PooledConnection};
```
[4.13900]
[4.13990]
```
use diesel::r2d2::{ConnectionManager, Pool};
```

Insertion in server/src/graphql.rs at line 209 [4.13630]

[5.1276]

    }
    /// Whether we have access to private logs for `guild` / `zone`.
    async fn private_access(&self, ctx: &Context<'_>, guild: i32, zone: i32) -> Result<bool> {
        use crate::schema::auth_codes::dsl as auth;
        let Data { conpool, .. } = ctx.data()?;
        Ok(auth::auth_codes
            .filter(auth::team.eq(guild).and(auth::zone.eq(zone)))
            .count()
            .get_result::<i64>(&*conpool.get()?)?
            > 0)

Replacement in server/src/graphql.rs at line 559 [4.13630]

B:BD[3.310714] → [3.310714:310824]

    async fn revoke_team(&self, ctx: &Context<'_>, code: String, team: i64) -> Result<bool> {
        todo!()

[3.310714]

[3.310824]

    async fn revoke_team(
        &self,
        ctx: &Context<'_>,
        code: String,
        team: i64,
        zone: i64,
    ) -> Result<bool> {
        use crate::schema::{auth_codes::dsl as auth, teams::dsl as teams};
        let Data {
            client,
            conpool,
            secrets,
            ..
        } = ctx.data()?;
        let token = crate::user_auth::token_for_code(&client, &secrets, &code).await?;
        if !user_validation::privileged_user(&client, &token, team, zone).await? {
            return Ok(false);
        }
        let con = conpool.get()?;
        con.transaction::<_, anyhow::Error, _>(|| {
            // it says team, it means guild.
            diesel::delete(auth::auth_codes.filter(auth::team.eq(team as i32))).execute(&con)?;
            // not liking the extra round-trips here but w/e
            let (guild_name, region, server): (String, String, String) = teams::teams
                .filter(teams::id.eq(team as i32))
                .select((teams::name, teams::region_slug, teams::server_slug))
                .first(&con)?;
            diesel::delete(
                teams::teams.filter(
                    teams::name
                        .eq(guild_name)
                        .and(teams::region_slug.eq(region))
                        .and(teams::server_slug.eq(server)),
                ),
            )
            .execute(&con)?;
            Ok(())
        })?;
        Ok(true)

File addition: 2021-02-25-225454_cascade (drwxr-xr-x)
[4.20326]

File addition: up.sql (-rw-r--r--)

[0.2895]

-- Your SQL goes here
alter table team_stats
drop constraint team_stats_team_fkey,
add constraint team_stats_team_fkey foreign key (team) references teams(id) on delete cascade;
alter table encounter_stats
drop constraint encounter_stats_team_fkey,
add constraint encounter_stats_team_fkey foreign key (team) references teams(id) on delete cascade;
alter table fights
drop constraint fights_log_fkey,
add constraint fights_log_fkey foreign key (log) references logs(iid) on delete cascade;
alter table logs
drop constraint logs_team_fkey,
add constraint logs_team_fkey foreign key (team) references teams(iid) on delete cascade;
alter table raid_nights
drop constraint raid_nights_ts_fkey,
add constraint raid_nights_ts_fkey foreign key (ts) references team_stats(id) on delete cascade;

File addition: down.sql (-rw-r--r--)

[0.2895]

-- This file should undo anything in `up.sql`
alter table team_stats
drop constraint team_stats_team_fkey,
add constraint team_stats_team_fkey foreign key (team) references teams(id);
alter table encounter_stats
drop constraint encounter_stats_team_fkey,
add constraint encounter_stats_team_fkey foreign key (team) references teams(id);
alter table fights
drop constraint fights_log_fkey,
add constraint fights_log_fkey foreign key (log) references logs(iid);
alter table logs
drop constraint logs_team_fkey,
add constraint logs_team_fkey foreign key (team) references teams(iid);
alter table raid_nights
drop constraint raid_nights_ts_fkey,
add constraint raid_nights_ts_fkey foreign key (ts) references team_stats(id);

Replacement in client/src/index.tsx at line 9 [6.532544]
B:BD[6.532981] → [7.533:572]
```
let host = 'prog-stats.emallson.net';
```
[6.532981]
[7.572]
```
import { host } from './config';
```
Deletion in client/src/index.tsx at line 11 [6.532544]
B:BD[7.573] → [7.573:649]
```
if (process.env.NODE_ENV === 'development') {
  host = 'localhost:9998';
}
```

File addition: config.ts (-rw-r--r--)

[6.529116]

export let host = 'prog-stats.emallson.net';
if (process.env.NODE_ENV === 'development') {
  host = 'localhost:9998';
}

Replacement in client/src/Details.tsx at line 9 [6.2758909]
B:BD[8.5238] → [3.313250:313284]
```
import { PreAuth } from './Auth';
```
[8.5238]
[6.2759031]
```
import { PreAuth, RevokeAuth } from './Auth';
```

Replacement in client/src/Details.tsx at line 12 [6.2758909]

B:BD[9.885] → [8.5239:5292]

  query DetailsMeta($guildId: Int!, $teamId: Int!) {

[9.885]

[8.5292]

  query DetailsMeta($guildId: Int!, $teamId: Int!, $zoneId: Int!) {

Insertion in client/src/Details.tsx at line 19 [6.2758909]
[6.2759346]
[6.2759346]
```
    privateAccess(guild: $guildId, zone: $zoneId)
```
Insertion in client/src/Details.tsx at line 163 [6.2758909]
[3.313342]
[6.2760502]
```
  const [showRevoke, setShowRevoke] = useState(false);
```

Replacement in client/src/Details.tsx at line 171 [6.2758909]

∅:D[7.2279] → [8.5885:5946]

B:BD[9.1017] → [8.5885:5946]

    variables: { teamId: tagid || 0, guildId: guildid || 0 }

[7.2279]

[6.2760687]

    variables: { teamId: tagid || 0, guildId: guildid || 0, zoneId: tier || 0 }

Insertion in client/src/Details.tsx at line 231 [6.2758909]

[3.313561]

        {data && data.privateAccess && <div><button className="underline" onClick={() => setShowRevoke(true)}>Revoke Private Access</button></div>}

Insertion in client/src/Details.tsx at line 234 [6.2758909]

[3.313677]

[6.2761968]

      <RevokeAuth zone={tier} guild={guildid} open={showRevoke} close={() => setShowRevoke(false)}/>

Insertion in client/src/Auth.tsx at line 5 [3.313689]
[3.313867]
[3.313867]
```
import { host } from './config';
Modal.setAppElement("#root");
```

Replacement in client/src/Auth.tsx at line 10 [3.313689]

B:BD[3.313926] → [3.313926:314013]

const REDIRECT_URI = `${process.env.PUBLIC_URL || 'http://localhost:3000'}/authorize`;

[3.313926]

[3.314013]

const REDIRECT_URI = `${host}/authorize`;

Replacement in client/src/Auth.tsx at line 12 [3.313689]

B:BD[3.314014] → [3.314014:314062]

function redirect(team: number, zone: number) {

[3.314014]

[3.314062]

function redirect(team: number, zone: number, kind: 'authorize' | 'revoke') {

Replacement in client/src/Auth.tsx at line 18 [3.313689]

B:BD[3.314180] → [3.314180:314274]

  window.localStorage.setItem('auth_state', JSON.stringify({ state, pathname, team, zone }));

[3.314180]

[3.314274]

  window.localStorage.setItem('auth_state', JSON.stringify({ state, pathname, team, zone, kind }));

Insertion in client/src/Auth.tsx at line 22 [3.313689]

[3.314497]


interface Props { open: boolean; close: () => void; guild: number; zone: number; }

Replacement in client/src/Auth.tsx at line 25 [3.313689]

B:BD[3.314498] → [3.314498:314622]

export function PreAuth({ open, close, guild, zone }: { open: boolean; close: () => void; guild: number; zone: number; }) {

[3.314498]

[3.314622]

const modalStyle = {content: { top: 'calc(50% - 20em)', bottom: 'auto', left: 'calc(50% - 20em)', width: 'min(40em, 90vw)' }};
export function PreAuth({ open, close, guild, zone }: Props) {

Replacement in client/src/Auth.tsx at line 29 [3.313689]

B:BD[3.314633] → [3.314633:314812]

    <Modal isOpen={open} contentLabel="Authorization Required" style={{content: { top: 'calc(50% - 20em)', bottom: 'auto', left: 'calc(50% - 20em)', width: 'min(40em, 90vw)' }}}>

[3.314633]

[3.314812]

    <Modal isOpen={open} contentLabel="Authorization Required" style={modalStyle}>

Replacement in client/src/Auth.tsx at line 44 [3.313689]

B:BD[3.315991] → [3.315991:316183]

        <button onClick={redirect.bind(null, guild, zone)} className="py-2 px-4 bg-blue-200 font-bold rounded-lg shadow-md hover:bg-blue-300 focus:outline-none focus:ring-2">Continue</button>

[3.315991]

[3.316183]

        <button onClick={redirect.bind(null, guild, zone, 'authorize')} className="py-2 px-4 bg-blue-200 font-bold rounded-lg shadow-md hover:bg-blue-300 focus:outline-none focus:ring-2">Continue</button>

Insertion in client/src/Auth.tsx at line 50 [3.313689]

[3.316220]

export function RevokeAuth({ open, close, guild, zone }: Props) {
  return (
    <Modal isOpen={open} contentLabel="Revoke Access?" style={modalStyle}>
      <header className="mb-2">
        <legend className="font-serif text-2xl">Revoke Private Log Access</legend>
      </header>
      <p>
        In order to revoke access to private logs, you will need to grant access via WarcraftLogs so that we can verify your identity.
      </p>
      <p className="mt-2">
        After verification, all data related to this <strong>guild</strong> will be deleted.
      </p>
      <footer className="grid gap-4 justify-end grid-flow-col mt-2">
        <button className="underline" onClick={close}>Cancel</button>
        <button onClick={redirect.bind(null, guild, zone, 'revoke')} className="py-2 px-4 bg-red-200 font-bold rounded-lg shadow-md hover:bg-red-300 focus:outline-none focus:ring-2">Revoke Access</button>
      </footer>
    </Modal>
  )
}

Replacement in client/src/Auth.tsx at line 76 [3.313689]

B:BD[3.316370] → [3.316370:316611]

export default function Auth() {
  const query = new URLSearchParams(useLocation().search);
  const state = JSON.parse(window.localStorage.getItem('auth_state') || '{}');
  const nonce = query.get('state');
  const code = query.get('code');

[3.316370]

[3.316611]

const REVOKE = gql`
  mutation Revoke($team: Int!, $code: String!, $zone: Int!) {
    revokeTeam(code: $code, team: $team, zone: $zone)
  }
`;
interface AuthProps {
  code: string;
  team: number;
  zone: number;
  pathname: string;
}

Replacement in client/src/Auth.tsx at line 89 [3.313689]

B:BD[3.316612] → [3.316612:316721]

  const [storeCode, { data, loading, error }] = useMutation(STORE_CODE, { onError: (e) => console.log(e) });

[3.316612]

[3.316721]

function RequestAccess({ code, team, zone, pathname }: AuthProps) {
  console.log(code, team, zone);
  const [storeCode, { called, data, loading, error }] = useMutation(STORE_CODE, { onError: (e) => console.log(e) });
  console.log(called);

Replacement in client/src/Auth.tsx at line 94 [3.313689]

B:BD[3.316741] → [3.316741:316856]

    if(code && state.state === nonce) {
      setTimeout(() => storeCode({ variables: { code, ...state }}), 1000);

[3.316741]

[3.316856]

    if(!called) {
      storeCode({ variables: { code, team, zone }});

Replacement in client/src/Auth.tsx at line 97 [3.313689]

B:BD[3.316862] → [2.1878:1939]

  }, []); // eslint-disable-line react-hooks/exhaustive-deps

[3.316862]

[3.316872]

  }, [code, team, zone]); // eslint-disable-line react-hooks/exhaustive-deps
  if(loading) {
    return <div>Loading...</div>;
  }
  if(error) {
    return <div>Error: {error.message}</div>;
  }

Replacement in client/src/Auth.tsx at line 107 [3.313689]

B:BD[3.316873] → [3.316873:316964]

  if(!code || state.state !== nonce) {
    return <div>Invalid authorization state.</div>;

[3.316873]

[3.316964]

  if(data && data.storeCode) {
    return <Redirect to={pathname} />;
  } else if(data) {
    return <div>You do not have access to private or unlisted logs for that guild.</div>;

Insertion in client/src/Auth.tsx at line 112 [3.313689]

[3.316968]


  return <div></div>;
}
function RevokeAccess({ code, team, zone }: AuthProps) {
  const [revokeTeam, { called, data, loading, error }] = useMutation(REVOKE, { onError: (e) => console.log(e) });
  useEffect(() => {
    if(!called) {
      revokeTeam({ variables: { code, team, zone }});
    }
  }, [code, team, zone]) // eslint-disable-line react-hooks/exhaustive-deps

Replacement in client/src/Auth.tsx at line 132 [3.313689]

B:BD[3.317089] → [3.317089:317165]

  if(data && data.storeCode) {
    return <Redirect to={state.pathname} />;

[3.317089]

[3.317165]

  if(data && data.revokeTeam) {
    return <div>Team data has been deleted.</div>;

Insertion in client/src/Auth.tsx at line 139 [3.313689]
[3.317302]
[3.317302]

Insertion in client/src/Auth.tsx at line 141 [3.313689]

[3.317304]


export default function Auth() {
  const query = new URLSearchParams(useLocation().search);
  const state = JSON.parse(window.localStorage.getItem('auth_state') || '{}');
  const nonce = query.get('state');
  const code = query.get('code');
  if(!code || state.state !== nonce) {
    return <div>Invalid authorization state.</div>;
  }
  switch(state.kind) {
    case 'revoke':
    return <RevokeAccess code={code} team={state.team} zone={state.zone} pathname={state.pathname} />;
    case 'authorize':
    return <RequestAccess code={code} team={state.team} zone={state.zone} pathname={state.pathname} />;
    default:
    return null;
  }
}

revocation works

Dependencies

In channels

Change contents

Replacement in server/src/user_auth.rs at line 2 [3.303637]

Insertion in server/src/user_auth.rs at line 6 [3.303637]

Insertion in server/src/user_auth.rs at line 8 [3.303637]