fix(user): revoke stale users expired grants

apps/api/src/billing/services/balances/balances.service.ts

@@ -62,7 +62,7 @@ export class BalancesService {
 
   async retrieveDeploymentLimit(userWallet: Pick<UserWalletOutput, "address">): Promise<number> {
     const masterWalletAddress = await this.masterWallet.getFirstAddress();
-    const depositDeploymentGrant = await this.authzHttpService.getDepositDeploymentGrantsForGranterAndGrantee(masterWalletAddress, userWallet.address);
+    const depositDeploymentGrant = await this.authzHttpService.getValidDepositDeploymentGrantsForGranterAndGrantee(masterWalletAddress, userWallet.address);
 
     if (!depositDeploymentGrant || depositDeploymentGrant.authorization.spend_limit.denom !== this.config.DEPLOYMENT_GRANT_DENOM) {
       return 0;

apps/api/src/billing/services/managed-user-wallet/managed-user-wallet.service.ts

@@ -124,7 +124,7 @@ export class ManagedUserWalletService {
       messages.push(this.rpcMessageService.getRevokeAllowanceMsg(params));
     }
 
-    if (await this.authzHttpService.hasValidDepositDeploymentGrant(params.granter, params.grantee)) {
+    if (await this.authzHttpService.hasDepositDeploymentGrant(params.granter, params.grantee)) {
       revokeSummary.deploymentGrant = true;
       messages.push(this.rpcMessageService.getRevokeDepositDeploymentGrantMsg(params));
     }

apps/api/test/functional/start-trial.spec.ts

@@ -44,7 +44,7 @@ describe("start trial", () => {
       const userWallet = await userWalletsQuery.findFirst({ where: eq(userWalletsTable.userId, userId) });
       const masterWalletAddress = await resolveWallet("MANAGED").getFirstAddress();
       const allowances = await Promise.all([
-        authzHttpService.getDepositDeploymentGrantsForGranterAndGrantee(masterWalletAddress, userWallet.address),
+        authzHttpService.getValidDepositDeploymentGrantsForGranterAndGrantee(masterWalletAddress, userWallet.address),
         authzHttpService.getValidFeeAllowancesForGrantee(userWallet.address)
       ]);
 

apps/deploy-web/src/queries/useBalancesQuery.ts

@@ -20,7 +20,7 @@ async function getBalances(apiEndpoint: string, address?: string): Promise<Balan
 
   const [balanceResponse, deploymentGrant, activeDeploymentsResponse] = await Promise.all([
     axios.get<RestApiBalancesResponseType>(ApiUrlService.balance(apiEndpoint, address)),
-    authzHttpService.getDepositDeploymentGrantsForGranterAndGrantee(browserEnvConfig.NEXT_PUBLIC_MASTER_WALLET_ADDRESS, address),
+    authzHttpService.getValidDepositDeploymentGrantsForGranterAndGrantee(browserEnvConfig.NEXT_PUBLIC_MASTER_WALLET_ADDRESS, address),
     loadWithPagination<RpcDeployment[]>(ApiUrlService.deploymentList(apiEndpoint, address, true), "deployments", 1000)
   ]);
 

apps/deploy-web/src/queries/useExactDeploymentGrantsQuery.ts

@@ -7,7 +7,7 @@ export function useExactDeploymentGrantsQuery(granter: string, grantee: string,
   const allowanceHttpService = useAuthZService();
   return useQuery(
     QueryKeys.getDeploymentGrantsKey(granter, grantee),
-    () => allowanceHttpService.getDepositDeploymentGrantsForGranterAndGrantee(granter, grantee),
+    () => allowanceHttpService.getValidDepositDeploymentGrantsForGranterAndGrantee(granter, grantee),
     {
       enabled
     }

packages/http-sdk/src/authz/authz-http.service.ts

@@ -80,6 +80,18 @@ export class AuthzHttpService extends HttpService {
   }
 
   async getDepositDeploymentGrantsForGranterAndGrantee(granter: string, grantee: string): Promise<ExactDepositDeploymentGrant | undefined> {
+    const response = this.extractData(
+      await this.get<DepositDeploymentGrantResponse<ExactDepositDeploymentGrant>>("cosmos/authz/v1beta1/grants", {
+        params: {
+          grantee: grantee,
+          granter: granter
+        }
+      })
+    );
+    return response.grants.find(grant => this.isDepositDeploymentGrant(grant));
+  }
+
+  async getValidDepositDeploymentGrantsForGranterAndGrantee(granter: string, grantee: string): Promise<ExactDepositDeploymentGrant | undefined> {
     const response = this.extractData(
       await this.get<DepositDeploymentGrantResponse<ExactDepositDeploymentGrant>>("cosmos/authz/v1beta1/grants", {
         params: {
@@ -101,10 +113,14 @@ export class AuthzHttpService extends HttpService {
     return feeAllowances.some(allowance => allowance.granter === granter);
   }
 
-  async hasValidDepositDeploymentGrant(granter: string, grantee: string) {
+  async hasDepositDeploymentGrant(granter: string, grantee: string) {
     return !!(await this.getDepositDeploymentGrantsForGranterAndGrantee(granter, grantee))
   }
 
+  async hasValidDepositDeploymentGrant(granter: string, grantee: string) {
+    return !!(await this.getValidDepositDeploymentGrantsForGranterAndGrantee(granter, grantee))
+  }
+
   async paginateDepositDeploymentGrants(
     options: ({ granter: string } | { grantee: string }) & { limit: number },
     cb: (page: DepositDeploymentGrantResponse["grants"]) => Promise<void>
@@ -140,11 +156,15 @@ export class AuthzHttpService extends HttpService {
     return result;
   }
 
-  private isValidFeeAllowance({ allowance }: FeeAllowance) {
-    return allowance["@type"] === this.FEE_ALLOWANCE_TYPE && (!allowance.expiration || isFuture(new Date(allowance.expiration)));
+  private isValidFeeAllowance(allowance: FeeAllowance) {
+    return (!allowance.allowance.expiration || isFuture(new Date(allowance.allowance.expiration)));
+  }
+
+  private isValidDepositDeploymentGrant(grant: ExactDepositDeploymentGrant) {
+    return this.isDepositDeploymentGrant(grant) && (!grant.expiration || isFuture(new Date(grant.expiration)));
   }
 
-  private isValidDepositDeploymentGrant({ authorization, expiration }: ExactDepositDeploymentGrant) {
-    return authorization["@type"] === this.DEPOSIT_DEPLOYMENT_GRANT_TYPE && (!expiration || isFuture(new Date(expiration)));
+  private isDepositDeploymentGrant({ authorization }: ExactDepositDeploymentGrant) {
+    return authorization["@type"] === this.DEPOSIT_DEPLOYMENT_GRANT_TYPE;
   }
 }