Refactored groupPermissions

libs/model/src/community/CreateGroup.command.ts

@@ -1,10 +1,11 @@
 import { InvalidState, type Command } from '@hicommonwealth/core';
 import * as schemas from '@hicommonwealth/schemas';
+import { ForumActionsEnum } from '@hicommonwealth/schemas';
 import { Op } from 'sequelize';
-import { models, sequelize } from '../database';
+import { models } from '../database';
 import { isCommunityAdminOrModerator } from '../middleware';
 import { mustNotExist } from '../middleware/guards';
-import { GroupAttributes } from '../models';
+import { GroupAttributes, GroupPermissionAttributes } from '../models';
 
 export const MAX_GROUPS_PER_COMMUNITY = 20;
 export const Errors = {
@@ -55,21 +56,19 @@ export function CreateGroup(): Command<typeof schemas.CreateGroup> {
             { transaction },
           );
           if (topicsToAssociate.length > 0) {
-            // add group to all specified topics
-            await models.Topic.update(
-              {
-                group_ids: sequelize.fn(
-                  'array_append',
-                  sequelize.col('group_ids'),
-                  group.id,
-                ),
-              },
+            const permissions = topicsToAssociate.map((topic) => ({
+              group_id: group.id,
+              topic_id: topic.id,
+              allowed_actions: models.sequelize.literal(
+                `ARRAY[${Object.values(ForumActionsEnum)
+                  .map((value) => `'${value}'`)
+                  .join(', ')}]::"enum_GroupPermissions_allowed_actions"[]`,
+              ),
+            }));
+
+            await models.GroupPermission.bulkCreate(
+              permissions as unknown as GroupPermissionAttributes[],
               {
-                where: {
-                  id: {
-                    [Op.in]: topicsToAssociate.map(({ id }) => id!),
-                  },
-                },
                 transaction,
               },
             );

libs/model/src/models/associations.ts

@@ -87,7 +87,9 @@ export const buildAssociations = (db: DB) => {
     asMany: 'threads',
     onUpdate: 'CASCADE',
     onDelete: 'SET NULL',
-  }).withMany(db.ContestTopic);
+  })
+    .withMany(db.ContestTopic)
+    .withMany(db.GroupPermission);
 
   db.Thread.withMany(db.Poll)
     .withMany(db.ContestAction, {

libs/model/src/models/group.ts

@@ -2,13 +2,15 @@ import { Group } from '@hicommonwealth/schemas';
 import Sequelize from 'sequelize';
 import z from 'zod';
 import type { CommunityAttributes } from './community';
+import { GroupPermissionAttributes } from './groupPermission';
 import type { MembershipAttributes } from './membership';
 import type { ModelInstance } from './types';
 
 export type GroupAttributes = z.infer<typeof Group> & {
   // associations
   community?: CommunityAttributes;
   memberships?: MembershipAttributes[];
+  groupPermissions?: GroupPermissionAttributes[];
 };
 
 export type GroupInstance = ModelInstance<GroupAttributes>;

libs/model/src/models/groupPermission.ts

@@ -27,6 +27,11 @@ export default (
         type: Sequelize.ARRAY(Sequelize.STRING),
         allowNull: false,
       },
+      topic_id: {
+        type: Sequelize.INTEGER,
+        allowNull: false,
+        primaryKey: true,
+      },
     },
     {
       tableName: 'GroupPermissions',

libs/model/src/models/index.ts

@@ -62,6 +62,7 @@ export * from './discord_bot_config';
 export * from './email_update_token';
 export * from './evmEventSource';
 export * from './group';
+export * from './groupPermission';
 export * from './lastProcessedEvmBlock';
 export * from './membership';
 export * from './notification';

libs/model/src/models/topic.ts

@@ -16,7 +16,6 @@ export type TopicAttributes = {
   updated_at?: Date;
   deleted_at?: Date;
   default_offchain_template?: string;
-  group_ids?: number[];
   telegram?: string;
 
   // associations
@@ -57,11 +56,6 @@ export default (
         allowNull: true,
       },
       channel_id: { type: Sequelize.STRING, allowNull: true },
-      group_ids: {
-        type: Sequelize.ARRAY(Sequelize.INTEGER),
-        allowNull: false,
-        defaultValue: [],
-      },
       telegram: { type: Sequelize.STRING, allowNull: true },
     },
     {

libs/schemas/src/entities/group-permission.schemas.ts

@@ -1,19 +1,20 @@
 import { z } from 'zod';
 import { PG_INT } from '../utils';
 
-export enum PermissionEnum {
+export enum ForumActionsEnum {
   CREATE_THREAD = 'CREATE_THREAD',
   CREATE_COMMENT = 'CREATE_COMMENT',
   CREATE_THREAD_REACTION = 'CREATE_THREAD_REACTION',
   CREATE_COMMENT_REACTION = 'CREATE_COMMENT_REACTION',
   UPDATE_POLL = 'UPDATE_POLL',
 }
 
-export type GroupPermissionAction = keyof typeof PermissionEnum;
+export type ForumActions = keyof typeof ForumActionsEnum;
 
 export const GroupPermission = z.object({
   group_id: PG_INT.optional(),
-  allowed_actions: z.array(z.nativeEnum(PermissionEnum)),
+  allowed_actions: z.array(z.nativeEnum(ForumActionsEnum)),
+  topic_id: PG_INT.optional(),
 
   created_at: z.coerce.date().optional(),
   updated_at: z.coerce.date().optional(),

libs/schemas/src/entities/topic.schemas.ts

@@ -12,6 +12,5 @@ export const Topic = z.object({
   default_offchain_template: z.string().nullish(),
   order: PG_INT.nullish(),
   channel_id: z.string().max(255).nullish(),
-  group_ids: z.array(PG_INT).default([]),
   default_offchain_template_backup: z.string().nullish(),
 });

packages/commonwealth/client/scripts/hooks/useForumActionGated.ts

@@ -0,0 +1,58 @@
+import { ForumActions } from '@hicommonwealth/schemas';
+import { useRefreshMembershipQuery } from '../state/api/groups';
+
+type UseAllowedGroupsParams = {
+  communityId: string;
+  address: string;
+  topicId?: number;
+};
+
+export type UseForumActionGatedResponse = Map<number, ForumActions[]>;
+
+export const useForumActionGated = ({
+  communityId,
+  address,
+  topicId,
+}: UseAllowedGroupsParams): UseForumActionGatedResponse => {
+  const { data: memberships = [] } = useRefreshMembershipQuery({
+    communityId,
+    address,
+    topicId: topicId?.toString(),
+    apiEnabled: !!address,
+  });
+
+  if (memberships.length === 0) {
+    return new Map();
+  }
+
+  const flatMemberships = memberships
+    .flatMap((m) =>
+      m.topicIds.map((t) => ({
+        topic_id: t,
+        allowedActions: m.allowedActions,
+      })),
+    )
+    .map((g) => [g.topic_id, g.allowedActions]) as unknown as [
+    number,
+    ForumActions[],
+  ][];
+
+  const topicIdToIsAllowedMap: Map<number, ForumActions[]> = new Map(
+    flatMemberships,
+  );
+
+  // Each map entry represents a topic and associated forumActions they are allowed to perform. We want to find for
+  // each topic, the set union of all associated forumActions to get the actions that the address can perform.
+  topicIdToIsAllowedMap.forEach((value, key) => {
+    const oldAllowList = topicIdToIsAllowedMap.get(key);
+    if (!oldAllowList) {
+      topicIdToIsAllowedMap.set(key, Array.from(new Set(value)));
+    }
+    topicIdToIsAllowedMap.set(
+      key,
+      Array.from(new Set([...(oldAllowList as []), ...(value as [])])),
+    );
+  });
+
+  return topicIdToIsAllowedMap;
+};

packages/commonwealth/client/scripts/models/Group.ts

@@ -24,6 +24,7 @@ interface APIResponseFormat {
       token_id?: string;
     };
   }[];
+  GroupPermissions?: { Topic: unknown }[];
   topics: any[];
   memberships: any[];
   updated_at: string;
@@ -49,7 +50,7 @@ class Group {
     updated_at,
     metadata,
     requirements,
-    topics,
+    GroupPermissions,
     memberships,
   }: APIResponseFormat) {
     this.id = id;
@@ -59,7 +60,7 @@ class Group {
     this.name = metadata.name;
     this.description = metadata.description;
     this.requirements = requirements;
-    this.topics = topics;
+    this.topics = GroupPermissions?.map((p) => p.Topic) ?? [];
     this.members = memberships;
     // @ts-expect-error StrictNullChecks
     this.requirementsToFulfill = metadata.required_requirements;

packages/commonwealth/client/scripts/state/api/groups/refreshMembership.ts

@@ -1,3 +1,4 @@
+import { ForumActions } from '@hicommonwealth/schemas';
 import { useQuery } from '@tanstack/react-query';
 import axios from 'axios';
 import { ApiEndpoints, SERVER_URL } from 'state/api/config';
@@ -9,13 +10,14 @@ interface RefreshMembershipProps {
   communityId: string;
   address: string;
   topicId?: string;
+  allowedActions?: ForumActions;
   apiEnabled?: boolean;
 }
 
 export interface Memberships {
   groupId: number;
   topicIds: number[];
-  isAllowed: boolean;
+  allowedActions: ForumActions;
   rejectReason?: string;
 }
 
@@ -35,7 +37,7 @@ const refreshMembership = async ({
   return response?.data?.result?.map((r) => ({
     groupId: r.groupId,
     topicIds: r.topicIds,
-    isAllowed: r.allowed,
+    allowedActions: r.allowed,
     rejectReason: r.rejectReason,
   }));
 };
@@ -44,10 +46,17 @@ const useRefreshMembershipQuery = ({
   communityId,
   address,
   topicId,
+  allowedActions,
   apiEnabled = true,
 }: RefreshMembershipProps) => {
   return useQuery({
-    queryKey: [ApiEndpoints.REFRESH_MEMBERSHIP, communityId, address, topicId],
+    queryKey: [
+      ApiEndpoints.REFRESH_MEMBERSHIP,
+      communityId,
+      address,
+      topicId,
+      allowedActions,
+    ],
     queryFn: () => refreshMembership({ communityId, address, topicId }),
     enabled: apiEnabled,
     staleTime: REFRESH_MEMBERSHIP_STALE_TIME,

packages/commonwealth/client/scripts/utils/Permissions.ts

@@ -1,7 +1,8 @@
-import { ExtendedCommunity } from '@hicommonwealth/schemas';
+import { ExtendedCommunity, ForumActionsEnum } from '@hicommonwealth/schemas';
 import { Role } from '@hicommonwealth/shared';
 import app from 'state';
 import { z } from 'zod';
+import { UseForumActionGatedResponse } from '../hooks/useForumActionGated';
 import Thread from '../models/Thread';
 import { userStore } from '../state/ui/user';
 
@@ -77,6 +78,51 @@ const isThreadAuthor = (thread: Thread) => {
   );
 };
 
+type AllowedPermissions = {
+  canCreateThread: boolean;
+  canCreateComment: boolean;
+  canReactToThread: boolean;
+  canReactToComment: boolean;
+  canUpdatePoll: boolean;
+};
+
+// The idea here is that we pass in the response from useForumActionGated. This returns a map of
+// topic_id -> allowed permissions. If the topic_id is not included then all permissions are valid (true)
+export const canPerformAction = (
+  allowedActions: UseForumActionGatedResponse,
+  isAdmin: boolean,
+  topicId?: number,
+): AllowedPermissions => {
+  const allowedActionsForTopic = allowedActions.get(topicId ?? 0);
+  if (isAdmin || !topicId || !allowedActionsForTopic) {
+    return {
+      canCreateThread: true,
+      canCreateComment: true,
+      canReactToThread: true,
+      canReactToComment: true,
+      canUpdatePoll: true,
+    };
+  }
+
+  return {
+    canCreateThread: allowedActionsForTopic.includes(
+      ForumActionsEnum.CREATE_THREAD,
+    ),
+    canCreateComment: allowedActionsForTopic.includes(
+      ForumActionsEnum.CREATE_COMMENT,
+    ),
+    canReactToThread: allowedActionsForTopic.includes(
+      ForumActionsEnum.CREATE_THREAD_REACTION,
+    ),
+    canReactToComment: allowedActionsForTopic.includes(
+      ForumActionsEnum.CREATE_COMMENT_REACTION,
+    ),
+    canUpdatePoll: allowedActionsForTopic.includes(
+      ForumActionsEnum.UPDATE_POLL,
+    ),
+  };
+};
+
 export default {
   isSiteAdmin,
   isCommunityMember,