From a334decd1cef4567da5441398366e4951aac0d3c Mon Sep 17 00:00:00 2001
From: Austin Chen <akrolsmir@gmail.com>
Date: Thu, 24 Feb 2022 01:42:23 -0800
Subject: [PATCH] Whitelist admins and new users by email

---
 common/access.ts             | 14 ++++++++++++++
 functions/src/create-user.ts |  4 ++++
 web/hooks/use-admin.ts       | 12 ++++--------
 3 files changed, 22 insertions(+), 8 deletions(-)
 create mode 100644 common/access.ts

diff --git a/common/access.ts b/common/access.ts
new file mode 100644
index 00000000..acd894b1
--- /dev/null
+++ b/common/access.ts
@@ -0,0 +1,14 @@
+export function isWhitelisted(email?: string) {
+  return true
+  // e.g. return email.endsWith('@theoremone.co') || isAdmin(email)
+}
+
+export function isAdmin(email: string) {
+  const ADMINS = [
+    'akrolsmir@gmail.com', // Austin
+    'jahooma@gmail.com', // James
+    'taowell@gmail.com', // Stephen
+    'manticmarkets@gmail.com', // Manifold
+  ]
+  return ADMINS.includes(email)
+}
diff --git a/functions/src/create-user.ts b/functions/src/create-user.ts
index 13c880f3..f583abe4 100644
--- a/functions/src/create-user.ts
+++ b/functions/src/create-user.ts
@@ -14,6 +14,7 @@ import {
   cleanUsername,
 } from '../../common/util/clean-username'
 import { sendWelcomeEmail } from './emails'
+import { isWhitelisted } from '../../common/access'
 
 export const createUser = functions
   .runWith({ minInstances: 1 })
@@ -32,6 +33,9 @@ export const createUser = functions
     const fbUser = await admin.auth().getUser(userId)
 
     const email = fbUser.email
+    if (!isWhitelisted(email)) {
+      return { status: 'error', message: `${email} is not whitelisted` }
+    }
     const emailName = email?.replace(/@.*$/, '')
 
     const rawName = fbUser.displayName || emailName || 'User' + randomString(4)
diff --git a/web/hooks/use-admin.ts b/web/hooks/use-admin.ts
index 733f73f6..bbeaf59c 100644
--- a/web/hooks/use-admin.ts
+++ b/web/hooks/use-admin.ts
@@ -1,12 +1,8 @@
-import { useUser } from './use-user'
+import { isAdmin } from '../../common/access'
+import { usePrivateUser, useUser } from './use-user'
 
 export const useAdmin = () => {
   const user = useUser()
-  const adminIds = [
-    'igi2zGXsfxYPgB0DJTXVJVmwCOr2', // Austin
-    '5LZ4LgYuySdL1huCWe7bti02ghx2', // James
-    'tlmGNz9kjXc2EteizMORes4qvWl2', // Stephen
-    'IPTOzEqrpkWmEzh6hwvAyY9PqFb2', // Manifold
-  ]
-  return adminIds.includes(user?.id || '')
+  const privateUser = usePrivateUser(user?.id)
+  return isAdmin(privateUser?.email || '')
 }