auth: users must be registered before being able to send a message

Author: Jeff Yanta

auth/rpc/messaging.go

@@ -9,21 +9,24 @@ import (
 
 	codedata "github.com/code-payments/code-server/pkg/code/data"
 
+	"github.com/code-payments/flipchat-server/account"
 	"github.com/code-payments/flipchat-server/chat"
 	"github.com/code-payments/flipchat-server/intent"
 	"github.com/code-payments/flipchat-server/messaging"
 )
 
 // todo: this needs more extensive testing
 type MessagingAuthorizer struct {
+	accounts account.Store
 	chats    chat.Store
 	intents  intent.Store
 	messages messaging.MessageStore
 	codeData codedata.Provider
 }
 
-func NewMessagingRpcAuthorizer(chats chat.Store, intents intent.Store, messages messaging.MessageStore, codeData codedata.Provider) *MessagingAuthorizer {
+func NewMessagingRpcAuthorizer(accounts account.Store, chats chat.Store, intents intent.Store, messages messaging.MessageStore, codeData codedata.Provider) *MessagingAuthorizer {
 	return &MessagingAuthorizer{
+		accounts: accounts,
 		chats:    chats,
 		intents:  intents,
 		messages: messages,
@@ -52,6 +55,24 @@ func (a *MessagingAuthorizer) CanSendMessage(ctx context.Context, chatID *common
 		return false, "", err
 	}
 
+	isRegistered, err := a.accounts.IsRegistered(ctx, userID)
+	if err != nil {
+		return false, "", err
+	} else if !isRegistered {
+		return false, "user is not registered", nil
+	}
+
+	member, err := a.chats.GetMember(ctx, chatID, userID)
+	if err == chat.ErrMemberNotFound {
+		return false, "not a chat member", nil
+	} else if err != nil {
+		return false, "", err
+	}
+
+	if member.IsMuted {
+		return false, "chat member is muted", nil
+	}
+
 	isOwner := chatMd.Owner != nil && bytes.Equal(chatMd.Owner.Value, userID.Value)
 
 	// todo: individual handlers for different content types
@@ -197,17 +218,6 @@ func (a *MessagingAuthorizer) CanSendMessage(ctx context.Context, chatID *common
 		return false, "chat is closed", nil
 	}
 
-	member, err := a.chats.GetMember(ctx, chatID, userID)
-	if err == chat.ErrMemberNotFound {
-		return false, "not a chat member", nil
-	} else if err != nil {
-		return false, "", err
-	}
-
-	if member.IsMuted {
-		return false, "chat member is muted", nil
-	}
-
 	if !isOwner && !member.HasSendPermission && requiresListenerPayment {
 		if paymentIntent == nil {
 			return false, "payment not provided", nil

messaging/tests/server.go

@@ -78,7 +78,7 @@ func testServerHappy(
 	serv := messaging.NewServer(
 		log,
 		authz,
-		auth_rpc.NewMessagingRpcAuthorizer(chatsDB, intents, messageDB, codeData),
+		auth_rpc.NewMessagingRpcAuthorizer(accountStore, chatsDB, intents, messageDB, codeData),
 		accountStore,
 		intents,
 		messageDB,
@@ -103,6 +103,8 @@ func testServerHappy(
 	otherKeyPair := model.MustGenerateKeyPair()
 	_, _ = accountStore.Bind(ctx, ownerUserID, ownerKeyPair.Proto())
 	_, _ = accountStore.Bind(ctx, otherUserID, otherKeyPair.Proto())
+	require.NoError(t, accountStore.SetRegistrationFlag(ctx, ownerUserID, true))
+	require.NoError(t, accountStore.SetRegistrationFlag(ctx, otherUserID, true))
 	_, err := chatsDB.CreateChat(ctx, &chatpb.Metadata{
 		ChatId: chatID,
 		Type:   chatpb.Metadata_GROUP,
@@ -658,6 +660,7 @@ func testServerHappy(
 			listenerUserID := model.MustGenerateUserID()
 			listenerKeyPair := model.MustGenerateKeyPair()
 			_, _ = accountStore.Bind(ctx, listenerUserID, listenerKeyPair.Proto())
+			require.NoError(t, accountStore.SetRegistrationFlag(ctx, listenerUserID, true))
 			require.NoError(t, chatsDB.AddMember(ctx, chatID, chat.Member{
 				UserID:            listenerUserID,
 				HasSendPermission: false,
@@ -902,7 +905,7 @@ func testServerDuplicateStreams(
 	serv := messaging.NewServer(
 		log,
 		authz,
-		auth_rpc.NewMessagingRpcAuthorizer(chatsDB, intents, messageDB, codeData),
+		auth_rpc.NewMessagingRpcAuthorizer(accountStore, chatsDB, intents, messageDB, codeData),
 		accountStore,
 		intents,
 		messageDB,