multisig(fix): fix delete multisig account issue (backport #1076) (#1078

) multisig(fix): fix delete multisig account issue (#1076) * multisig(fix): fix delete multisig account issue * chore: fix lint issue * chore (cherry picked from commit 1520345) Co-authored-by: Hemanth Sai <[email protected]>
vitwit · Jan 6, 2024 · bef9702 · bef9702
1 parent 9ece9a9
commit bef9702
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 17 deletions.
diff --git a/frontend/src/app/(routes)/multisig/components/AccountInfo.tsx b/frontend/src/app/(routes)/multisig/components/AccountInfo.tsx
@@ -3,7 +3,7 @@ import { deleteMultisig } from '@/store/features/multisig/multisigSlice';
 import { RootState } from '@/store/store';
 import { MultisigAccount } from '@/types/multisig';
 import { parseBalance } from '@/utils/denom';
-import { formatCoin, formatStakedAmount, isMultisigMember } from '@/utils/util';
+import { formatCoin, formatStakedAmount } from '@/utils/util';
 import Image from 'next/image';
 import { useRouter } from 'next/navigation';
 import React, { useEffect, useState } from 'react';
@@ -57,10 +57,9 @@ const AccountInfo: React.FC<AccountInfoProps> = (props) => {
       denom: coinMinimalDenom,
     },
   ];
-  const isMember = isMultisigMember(
-    multisigAccount.pubkeys || [],
-    walletAddress
-  );
+
+  const isAdmin =
+    multisigAccount?.account?.created_by === (walletAddress || '');
 
   const { txnCounts = {} } = multisigAccounts;
   const actionsRequired = txnCounts?.[address] || 0;
@@ -99,7 +98,7 @@ const AccountInfo: React.FC<AccountInfoProps> = (props) => {
           coinDecimals,
         })}
         chainID={chainID}
-        isMember={isMember}
+        isAdmin={isAdmin}
       />
     </div>
   );
@@ -114,15 +113,15 @@ const AccountDetails = ({
   stakedBalance,
   chainName,
   chainID,
-  isMember,
+  isAdmin,
 }: {
   multisigAccount: MultisigAccount;
   actionsRequired: number;
   balance: string;
   stakedBalance: string;
   chainName: string;
   chainID: string;
-  isMember: boolean;
+  isAdmin: boolean;
 }) => {
   const { account: accountInfo, pubkeys } = multisigAccount;
   const { address, name, created_at, threshold } = accountInfo;
@@ -152,7 +151,7 @@ const AccountDetails = ({
   const authToken = getAuthToken(chainID);
 
   const handleDelete = () => {
-    if (isMember) {
+    if (isAdmin) {
       dispatch(
         deleteMultisig({
           data: { address: multisigAccount?.account?.address },
@@ -233,11 +232,11 @@ const AccountDetails = ({
           <button
             onClick={() => setDeleteDialogOpen(true)}
             className={
-              isMember
+              isAdmin
                 ? 'delete-multisig-btn'
                 : 'delete-multisig-btn btn-disabled'
             }
-            disabled={!isMember}
+            disabled={!isAdmin}
           >
             Delete Multisig
           </button>

diff --git a/server/middleware/auth.go b/server/middleware/auth.go
@@ -28,11 +28,11 @@ func (h *Handler) AuthMiddleware(next echo.HandlerFunc) echo.HandlerFunc {
 			})
 		}
 
-		var userAddess string
+		var userAddress string
 
 		saniSignature := strings.Replace(signature, " ", "+", -1)
 
-		err := h.DB.QueryRow(`SELECT address FROM users where address=$1 and signature=$2`, address, saniSignature).Scan(&userAddess)
+		err := h.DB.QueryRow(`SELECT address FROM users where address=$1 and signature=$2`, address, saniSignature).Scan(&userAddress)
 		if err == sql.ErrNoRows {
 			return c.JSON(http.StatusBadRequest, model.ErrorResponse{
 				Status:  "Unauthorized",
@@ -53,10 +53,11 @@ func (h *Handler) AuthMiddleware(next echo.HandlerFunc) echo.HandlerFunc {
 func (h *Handler) IsMultisigAdmin(next echo.HandlerFunc) echo.HandlerFunc {
 	return func(c echo.Context) error {
 		address := c.QueryParams().Get("address")
+		multisigAddress := c.Param("address")
 
-		var userAddess string
+		var userAddress string
 
-		err := h.DB.QueryRow(`SELECT address FROM multisig_accounts where created_by=$1`, address).Scan(&userAddess)
+		err := h.DB.QueryRow(`SELECT address FROM multisig_accounts where created_by=$1 and address=$2`, address, multisigAddress).Scan(&userAddress)
 		if err == sql.ErrNoRows {
 			return c.JSON(http.StatusBadRequest, model.ErrorResponse{
 				Status:  "Unauthorized",
@@ -79,9 +80,9 @@ func (h *Handler) IsMultisigMember(next echo.HandlerFunc) echo.HandlerFunc {
 		address := c.QueryParams().Get("address")
 		multisigAddress := c.Param("address")
 
-		var userAddess string
+		var userAddress string
 
-		err := h.DB.QueryRow(`SELECT address FROM pubkeys where address=$1 and multisig_address=$2`, address, multisigAddress).Scan(&userAddess)
+		err := h.DB.QueryRow(`SELECT address FROM pubkeys where address=$1 and multisig_address=$2`, address, multisigAddress).Scan(&userAddress)
 		if err == sql.ErrNoRows {
 			return c.JSON(http.StatusBadRequest, model.ErrorResponse{
 				Status:  "Unauthorized",