spknetwork · sisygoboom · Jun 29, 2024 · Jun 27, 2024 · Jun 27, 2024 · Jun 27, 2024
diff --git a/src/repositories/hive-chain/hive-chain.repository.ts b/src/repositories/hive-chain/hive-chain.repository.ts
@@ -1,4 +1,4 @@
-import { Injectable, Logger } from '@nestjs/common';
+import { BadRequestException, Injectable, Logger } from '@nestjs/common';
 import hiveJsPackage from '@hiveio/hive-js';
 import { AuthorPerm, OperationsArray } from './types';
 import {
@@ -172,11 +172,11 @@ export class HiveChainRepository {
   }
 
   async vote(options: { author: string; permlink: string; voter: string; weight: number }) {
-    if (options.weight < 0 || options.weight > 10_000) {
+    if (options.weight < -10_000 || options.weight > 10_000) {
       this.#logger.error(
         `Vote weight was out of bounds: ${options.weight}. Skipping ${options.author}/${options.permlink}`,
       );
-      return;
+      throw new BadRequestException('Hive vote weight out of bounds. Must be between -10000 and 10000');
     }
     return this._hive.broadcast.vote(
       options,

diff --git a/src/services/api/api.contoller.test.ts b/src/services/api/api.contoller.test.ts
@@ -109,7 +109,7 @@ describe('ApiController', () => {
     await mongod.stop();
   });
 
-  describe('/POST /api/v1/hive/post_comment', () => {
+  describe('/POST /v1/hive/post_comment', () => {
     it('should post a comment to HIVE blockchain', async () => {
       const jwtToken = 'test_jwt_token';
       const body = {
@@ -120,7 +120,7 @@ describe('ApiController', () => {
       };
 
       return request(app.getHttpServer())
-        .post('/api/v1/hive/post_comment')
+        .post('/v1/hive/post_comment')
         .set('Authorization', `Bearer ${jwtToken}`)
         .send(body)
         .expect(201)
@@ -135,13 +135,13 @@ describe('ApiController', () => {
     });
   });
 
-  describe('/POST /api/v1/hive/linkaccount', () => {
+  describe('/POST /v1/hive/linkaccount', () => {
     it('should link a Hive account', async () => {
       const jwtToken = 'test_jwt_token';
       const body = { username: 'test-account' };
 
       return request(app.getHttpServer())
-        .post('/api/v1/hive/linkaccount')
+        .post('/v1/hive/linkaccount')
         .set('Authorization', `Bearer ${jwtToken}`)
         .send(body)
         .expect(201)
@@ -153,12 +153,12 @@ describe('ApiController', () => {
     });
   });
 
-  describe('/GET /api/v1/profile', () => {
+  describe('/GET /v1/profile', () => {
     it('should get the user profile', async () => {
       const jwtToken = 'test_jwt_token';
 
       return request(app.getHttpServer())
-        .get('/api/v1/profile')
+        .get('/v1/profile')
         .set('Authorization', `Bearer ${jwtToken}`)
         .expect(200)
         .then(response => {
@@ -172,7 +172,7 @@ describe('ApiController', () => {
     });
   });
 
-  describe('/GET /api/v1/hive/linked-account/list', () => {
+  describe('/GET /v1/hive/linked-account/list', () => {
     it('should list linked accounts', async () => {
       const jwtToken = 'test_jwt_token';
 
@@ -181,7 +181,7 @@ describe('ApiController', () => {
       await linkedAccountsRepository.verify(link._id);
 
       return request(app.getHttpServer())
-        .get('/api/v1/hive/linked-account/list')
+        .get('/v1/hive/linked-account/list')
         .set('Authorization', `Bearer ${jwtToken}`)
         .expect(200)
         .then(response => {

diff --git a/src/services/api/api.controller.ts b/src/services/api/api.controller.ts
@@ -5,7 +5,6 @@ import {
   Post,
   UseGuards,
   Body,
-  BadRequestException,
   HttpException,
   HttpStatus,
   UseInterceptors,
@@ -14,7 +13,7 @@ import {
 import { AuthGuard } from '@nestjs/passport';
 import { AuthService } from '../auth/auth.service';
 import { v4 as uuid } from 'uuid';
-import { RequireHiveVerify, UserDetailsInterceptor } from './utils';
+import { UserDetailsInterceptor } from './utils';
 import {
   ApiBadRequestResponse,
   ApiBody,
@@ -24,22 +23,24 @@ import {
 } from '@nestjs/swagger';
 import { HiveAccountRepository } from '../../repositories/hive-account/hive-account.repository';
 import { UserRepository } from '../../repositories/user/user.repository';
-import { HiveChainRepository } from '../../repositories/hive-chain/hive-chain.repository';
 import { LinkAccountPostDto } from './dto/LinkAccountPost.dto';
 import { VotePostResponseDto } from './dto/VotePostResponse.dto';
 import { VotePostDto } from './dto/VotePost.dto';
 import { LinkedAccountRepository } from '../../repositories/linked-accounts/linked-account.repository';
 import { EmailService } from '../email/email.service';
 import { parseAndValidateRequest } from '../auth/auth.utils';
+import { HiveService } from '../hive/hive.service';
+import { HiveChainRepository } from '../../repositories/hive-chain/hive-chain.repository';
 
-@Controller('/api/v1')
+@Controller('/v1')
 export class ApiController {
-  readonly #logger = new Logger();
+  readonly #logger: Logger = new Logger(ApiController.name);
 
   constructor(
     private readonly authService: AuthService,
     private readonly hiveAccountRepository: HiveAccountRepository,
     private readonly userRepository: UserRepository,
+    private readonly hiveService: HiveService,
     private readonly hiveChainRepository: HiveChainRepository,
     //private readonly delegatedAuthorityRepository: DelegatedAuthorityRepository,
     private readonly linkedAccountsRepository: LinkedAccountRepository,
@@ -293,6 +294,15 @@ export class ApiController {
     return { ok: true };
   }
 
+  @ApiHeader({
+    name: 'Authorization',
+    description: 'JWT Authorization',
+    required: true,
+    schema: {
+      example:
+        'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
+    },
+  })
   @ApiOperation({
     summary: 'Votes on a piece of HIVE content using logged in account',
   })
@@ -301,31 +311,19 @@ export class ApiController {
     type: VotePostResponseDto,
   })
   @UseGuards(AuthGuard('jwt'))
-  @UseGuards(RequireHiveVerify)
+  @UseInterceptors(UserDetailsInterceptor)
   @Post(`/hive/vote`)
-  async votePost(@Body() data: VotePostDto) {
-    const { author, permlink } = data;
-    // const delegatedAuth = await this.delegatedAuthorityRepository.findOne({
-    //   to: 'threespeak.beta',
-    //   from:
-    // })
-    // TODO: get hive username from auth
-    const delegatedAuth = true;
-    const voter = 'vaultec';
-    if (delegatedAuth) {
-      try {
-        // console.log(out)
-        return this.hiveChainRepository.vote({ author, permlink, voter, weight: 500 });
-      } catch (ex) {
-        console.log(ex);
-        console.log(ex.message);
-        throw new BadRequestException(ex.message);
-      }
-      // await appContainer.self
-    } else {
-      throw new BadRequestException(`Missing posting autority on HIVE account 'vaultec'`, {
-        description: 'HIVE_MISSING_POSTING_AUTHORITY',
-      });
-    }
+  async votePost(@Body() data: VotePostDto, @Request() req: any) {
+    const parsedRequest = parseAndValidateRequest(req, this.#logger);
+    const { author, permlink, weight, votingAccount } = data;
+
+    return await this.hiveService.vote({
+      sub: parsedRequest.user.sub,
+      votingAccount,
+      author,
+      permlink,
+      weight,
+      network: parsedRequest.user.network,
+    });
   }
 }
diff --git a/src/services/api/api.module.ts b/src/services/api/api.module.ts
@@ -7,16 +7,17 @@ import { HiveAccountModule } from '../../repositories/hive-account/hive-account.
 import { HiveChainModule } from '../../repositories/hive-chain/hive-chain.module';
 import { EmailModule } from '../email/email.module';
 import { LinkedAccountModule } from '../../repositories/linked-accounts/linked-account.module';
-import { RequireHiveVerify } from './utils';
 import { JwtModule } from '@nestjs/jwt';
 import { ConfigModule, ConfigService } from '@nestjs/config';
+import { HiveModule } from '../hive/hive.module';
 
 @Module({
   imports: [
     AuthModule,
     UserModule,
     HiveAccountModule,
     HiveChainModule,
+    HiveModule,
     LinkedAccountModule,
     EmailModule,
     JwtModule.registerAsync({
@@ -29,6 +30,6 @@ import { ConfigModule, ConfigService } from '@nestjs/config';
     }),
   ],
   controllers: [ApiController],
-  providers: [RequireHiveVerify],
+  providers: [],
 })
 export class ApiModule {}
diff --git a/src/services/api/dto/VotePost.dto.ts b/src/services/api/dto/VotePost.dto.ts
@@ -1,13 +1,28 @@
 import { ApiProperty } from '@nestjs/swagger';
+import { IsNotEmpty } from 'class-validator';
 
 export class VotePostDto {
+  @IsNotEmpty()
   @ApiProperty({
     default: 'sagarkothari88',
   })
   author: string;
 
+  @IsNotEmpty()
   @ApiProperty({
     default: 'actifit-sagarkothari88-20230211t122818265z',
   })
   permlink: string;
+
+  @IsNotEmpty()
+  @ApiProperty({
+    default: 10000,
+  })
+  weight: number;
+
+  @IsNotEmpty()
+  @ApiProperty({
+    default: 'test',
+  })
+  votingAccount: string;
 }
diff --git a/src/services/api/middleware.ts b/src/services/api/middleware.ts
diff --git a/src/services/api/utils.ts b/src/services/api/utils.ts
@@ -9,21 +9,6 @@ import { JwtService } from '@nestjs/jwt';
 import { Observable } from 'rxjs';
 import { User } from '../auth/auth.types';
 
-@Injectable()
-export class RequireHiveVerify implements CanActivate {
-  canActivate(context: ExecutionContext): boolean | Promise<boolean> | Observable<boolean> {
-    const args = context.getArgs();
-
-    const { body } = args[0];
-    // console.log('RequireHiveVerify guard', {
-    //     body,
-    //     user: args[0].user
-    // })
-
-    return true;
-  }
-}
-
 @Injectable()
 export class UserDetailsInterceptor implements NestInterceptor {
   constructor(private readonly jwtService: JwtService) {}

diff --git a/src/services/auth/auth.utils.ts b/src/services/auth/auth.utils.ts
@@ -1,5 +1,11 @@
 import { HttpException, HttpStatus, Logger } from '@nestjs/common';
-import { UserRequest, interceptedRequestSchema } from './auth.types';
+import {
+  AccountType,
+  Network,
+  UserRequest,
+  accountTypes,
+  interceptedRequestSchema,
+} from './auth.types';
 
 export function parseAndValidateRequest(request: unknown, logger: Logger): UserRequest {
   let parsedRequest: UserRequest;
@@ -11,3 +17,25 @@ export function parseAndValidateRequest(request: unknown, logger: Logger): UserR
   }
   return parsedRequest;
 }
+
+export function parseSub(sub: string): {
+  accountType: AccountType;
+  account: string;
+  network: Network;
+} {
+  const [accountType, account, network] = sub.split('/');
+
+  if (!accountTypes.includes(accountType as AccountType)) {
+    throw new Error(`Invalid account type: ${accountType}`);
+  }
+
+  if (!network.includes(network as Network)) {
+    throw new Error(`Invalid network: ${network}`);
+  }
+
+  return {
+    accountType: accountType as AccountType,
+    account,
+    network: network as Network,
+  };
+}
diff --git a/src/services/hive/hive.service.test.ts b/src/services/hive/hive.service.test.ts
@@ -3,7 +3,7 @@ import { Test } from '@nestjs/testing';
 import { HiveChainModule } from '../../repositories/hive-chain/hive-chain.module';
 import { HiveAccountModule } from '../../repositories/hive-account/hive-account.module';
 import { MongoMemoryServer } from 'mongodb-memory-server';
-import { INestApplication, Module, ValidationPipe } from '@nestjs/common';
+import { INestApplication, Module, UnauthorizedException, ValidationPipe } from '@nestjs/common';
 import { TestingModule } from '@nestjs/testing';
 import crypto from 'crypto';
 import { HiveModule } from './hive.module';
@@ -78,4 +78,62 @@ describe('AuthController', () => {
       await expect(hiveService.requestHiveAccount('madeupusername77', sub)).rejects.toThrow('Http Exception');
     })
   })
+
+  describe('Vote on a hive post', () => {
+    it('Votes on a post when a hive user is logged in and the vote is authorised', async () => {
+      const sub = 'singleton/sisygoboom/hive';
+      const response = await hiveService.vote({ votingAccount: 'sisygoboom', sub, network: 'hive', author: 'ned', permlink: 'sa', weight: 10000 })
+
+      expect(response).toEqual({
+        block_num: 123456,
+        expired: false,
+        id: "mock_id",
+        trx_num: 789,
+      })
+    });
+
+    it('Fails when attempting to vote from a different hive account which has not been linked', async () => {
+      const sub = 'singleton/username1/hive';
+
+      await expect(hiveService.vote({ votingAccount: 'username2', sub, network: 'hive', author: 'ned', permlink: 'sa', weight: 10000 }))
+        .rejects
+        .toThrow(UnauthorizedException);
+    });
+
+    it('Votes on a post when a hive user is logged in and attepts to vote from a linked account', async () => {
+      const sub = 'singleton/username1/hive';
+      await hiveService.insertCreated('username2', sub);
+      const response = await hiveService.vote({ votingAccount: 'username2', sub, network: 'hive', author: 'ned', permlink: 'sa', weight: 10000 })
+
+      expect(response).toEqual({
+        block_num: 123456,
+        expired: false,
+        id: "mock_id",
+        trx_num: 789,
+      })
+    });
+
+    it('Votes on a post when a did user is logged in and attepts to vote from a linked account', async () => {
+      const sub = 'singleton/username1/did';
+      await hiveService.insertCreated('username2', sub);
+      const response = await hiveService.vote({ votingAccount: 'username2', sub, network: 'did', author: 'ned', permlink: 'sa', weight: 10000 })
+
+      expect(response).toEqual({
+        block_num: 123456,
+        expired: false,
+        id: "mock_id",
+        trx_num: 789,
+      })
+    });
+
+    it('Throws an error when a vote weight is invalid', async () => {
+      const sub = 'singleton/sisygoboom/hive';
+      await expect(hiveService.vote({ votingAccount: 'sisygoboom', sub, network: 'hive', author: 'ned', permlink: 'sa', weight: 10001 }))
+      .rejects
+      .toThrow();
+      await expect(hiveService.vote({ votingAccount: 'sisygoboom', sub, network: 'hive', author: 'ned', permlink: 'sa', weight: -10001 }))
+      .rejects
+      .toThrow();
+    });
+  })
 });