chore: fix

isomerpages · Jun 28, 2024 · f8d7ece · f8d7ece
1 parent ec780f9
commit f8d7ece
Show file tree

Hide file tree

Showing 2 changed files with 84 additions and 81 deletions.
diff --git a/src/services/admin/RepairService.ts b/src/services/admin/RepairService.ts
@@ -2,7 +2,7 @@ import path from "path"
 
 import { fromPromise, ResultAsync } from "neverthrow"
 
-import { lock } from "@utils/mutex-utils"
+import { lock, unlock } from "@utils/mutex-utils"
 
 import { EFS_VOL_PATH_STAGING_LITE } from "@root/constants"
 import GitFileSystemError from "@root/errors/GitFileSystemError"
@@ -61,4 +61,11 @@ export class RepairService {
         )
     )
   }
+
+  unlockRepo(repoName: string) {
+    return ResultAsync.fromPromise(
+      unlock(repoName),
+      (err) => `Failed to unlock repo with error: ${err}`
+    )
+  }
 }
diff --git a/support/routes/v2/isobot/index.ts b/support/routes/v2/isobot/index.ts
@@ -4,7 +4,6 @@ import {
   Middleware,
   SlackCommandMiddlewareArgs,
 } from "@slack/bolt"
-import { RequestHandler } from "express"
 import { okAsync } from "neverthrow"
 
 import { repairService } from "@common/index"
@@ -32,8 +31,57 @@ const bot = new App({
   receiver: botReceiver,
 })
 
-const cloneRepoCommmand = bot.command(
+const validateIsomerUser: Middleware<SlackCommandMiddlewareArgs> = async ({
+  payload,
+  client,
+  next,
+}) => {
+  // NOTE: Not calling `client.get` again - repeated work and also
+  // we only have a 3s window to ACK slack (haven't ack yet)
+  if (!ISOMER_USERS_ID.some((userId) => userId === payload.user_id)) {
+    await client.chat.postEphemeral({
+      channel: payload.channel,
+      user: payload.user_id,
+      text: `Sorry @${payload.user_id}, only Isomer members are allowed to use this command!`,
+    })
+    await client.chat.postMessage({
+      channel: BOT_AUDIT_CHANNEL_ID,
+      text: `Attempted access by @${payload.user_id}`,
+    })
+    throw new Error("Non-isomer member")
+  }
+
+  next()
+}
+
+// TODO: add in validation for user once downstream is merged
+bot.command("/whitelist", async ({ payload, respond, ack }) => {
+  await ack()
+
+  try {
+    await botService.whitelistEmails(payload.text)
+    respond("Emails whitelisted successfully")
+  } catch (e) {
+    logger.error({ error: e })
+    respond("Failed to whitelist emails")
+  }
+})
+
+bot.command("/siteup", async ({ payload, respond, ack }) => {
+  await ack()
+
+  const validatedDomain = botService.getValidatedDomain(payload.text)
+  if (!validatedDomain)
+    return respond(
+      `Sorry, \`${payload.text}\` is not a valid domain name. Please try again with a valid one instead.`
+    )
+
+  return botService.dnsChecker(payload).map((response) => respond(response))
+})
+
+bot.command(
   "/clone",
+  validateIsomerUser,
   async ({ command, ack, respond, payload, client }) => {
     await ack()
 
@@ -70,8 +118,9 @@ const cloneRepoCommmand = bot.command(
   }
 )
 
-const lockRepoCommand = bot.command(
+bot.command(
   "/lock",
+  validateIsomerUser,
   async ({ command, ack, respond, payload, client }) => {
     await ack()
 
@@ -101,93 +150,40 @@ const lockRepoCommand = bot.command(
 
     return repairService
       .lockRepo(repo, lockTimeSeconds)
-      .map((repo) => {
+      .map((lockedRepo) =>
         respond(
-          `${repo} was successfully locked for ${lockTimeMinutes} minutes!`
+          `${lockedRepo} was successfully locked for ${lockTimeMinutes} minutes!`
         )
-      })
+      )
       .mapErr((e) => respond(`${e} occurred while attempting to lock repo`))
   }
 )
 
-const handleWhitelistEmails: RequestHandler<
-  {},
-  { message: string },
-  SlackPayload,
-  {},
-  {}
-> = async (req, res) => {
-  console.log(req.headers)
-  const slackTimestamp = req.headers["x-slack-request-timestamp"] as string
-  const slackSig = req.headers["x-slack-signature"] as string
-
-  if (!slackTimestamp || !slackSig)
-    return res.send({ message: "Missing header/signature" })
-
-  const isVerifiedMessage = botService.verifySignature(
-    slackSig,
-    slackTimestamp,
-    req.body
-  )
-  if (!isVerifiedMessage) return res.send({ message: "Invalid signature" })
-
-  try {
-    await botService.whitelistEmails(payload.text)
-    respond("Emails whitelisted successfully")
-  } catch (e) {
-    logger.error({ error: e })
-    respond("Failed to whitelist emails")
-  }
-})
-
-bot.command("/siteup", async ({ payload, respond, ack }) => {
-  await ack()
-
-  const validatedDomain = botService.getValidatedDomain(payload.text)
-  if (!validatedDomain)
-    return respond(
-      `Sorry, \`${payload.text}\` is not a valid domain name. Please try again with a valid one instead.`
-    )
-
-  return botService.dnsChecker(payload).map((response) => respond(response))
-})
-const addUserContext: Middleware<SlackCommandMiddlewareArgs> = async ({
-  payload,
-  client,
-  context,
-  next,
-}) => {
-  const user = await client.users.info({
-    user: payload.user_id,
-  })
+bot.command(
+  "/unlock",
+  validateIsomerUser,
+  async ({ command, ack, respond, payload, client }) => {
+    await ack()
 
-  context.user = user
+    const HELP_TEXT =
+      "Usage: `/unlock <github_repo_name>`. This unlocks a previously locked repo. Has no effect if the repo is already unlocked"
+    const tokens = command.text.split(" ")
+    // NOTE: Invariant maintained:
+    // 1. token at index 0 is always the github repository
+    const repo = tokens[0]
 
-  await next()
-}
+    if (repo === "help" || repo === "h" || repo === "-help") {
+      return respond(HELP_TEXT)
+    }
 
-const validateIsomerUser: Middleware<SlackCommandMiddlewareArgs> = async ({
-  payload,
-  client,
-  next,
-}) => {
-  // NOTE: Not calling `client.get` again - repeated work and also
-  // we only have a 3s window to ACK slack (haven't ack yet)
-  if (!ISOMER_USERS_ID.some((userId) => userId === payload.user_id)) {
-    await client.chat.postEphemeral({
-      channel: payload.channel,
-      user: payload.user_id,
-      text: `Sorry @${payload.user_id}, only Isomer members are allowed to use this command!`,
-    })
     await client.chat.postMessage({
       channel: BOT_AUDIT_CHANNEL_ID,
-      text: `Attempted access by @${payload.user_id}`,
+      text: `${payload.user_id} attempting to unlock repo: ${repo}`,
     })
-    throw new Error("Non-isomer member")
-  }
 
-  next()
-}
-
-// FIXME: update this to proper signature
-// bot.command("/whitelist-emails", handleWhitelistEmails)
+    return repairService
+      .unlockRepo(repo)
+      .map(() => respond(`repo: ${repo} was successfully unlocked!`))
+      .mapErr(respond)
+  }
+)