Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improve membersURI #812

Open
wants to merge 26 commits into
base: master
Choose a base branch
from

Conversation

Rashmi-278
Copy link
Contributor

@Rashmi-278 Rashmi-278 commented Feb 26, 2024

Fixes #825

Changes proposed in this pull request:

  • Get unique Voters for a Space
  • Import getCombinedMembersAndVoters function in EIP4824 File
  • Include Unique Voters in the members list for a space
  • Change "@context": "http://www.daostar.org/schemas", everywhere to "@context": ["https://www.snapshot.org", https://www.daostar.org/schemas"],

src/helpers/spaces.ts Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
@Rashmi-278 Rashmi-278 requested a review from bonustrack April 22, 2024 14:01
bonustrack
bonustrack approved these changes Apr 29, 2024
Copy link
Member

@bonustrack bonustrack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll review this PR, don't merge yet

.gitignore Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
@bonustrack bonustrack requested a review from ChaituVR May 1, 2024 13:32
@Rashmi-278 Rashmi-278 requested a review from bonustrack May 1, 2024 14:17
pnpm-lock.yaml Outdated Show resolved Hide resolved
@Rashmi-278 Rashmi-278 requested a review from bonustrack May 2, 2024 03:51
src/helpers/spaces.ts Outdated Show resolved Hide resolved
Comment on lines 169 to 171
(SELECT DISTINCT voter AS address
FROM votes
WHERE space = ?)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should limit to 500 voters

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have placed the limit to the Outer Query, using the param, pageSize.
Placing a limit on the inner query would mess up the pagination, wouldn't it?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes but this is taking a lot of time, especially for spaces with a lot of votes, we don't need to read all the distinct voters here, we just need 500 of them,

you can remove pagination from the outer query

Also for admins, moderators and members -> all this data is already available on space object, we don't need to read them from database again,

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We made an improvement on this, now the with cursor filter, if cursor is present, admins, moderators, and members are excluded from the distinct voter list. Also regardless we are not querying admins, moderators and members.

Query now only queries the Votes Table hence eliminating the need for subqueries.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how to use cursor now? you have an example request? i tried few ways but couldn't get it working

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A request should be something like /ens.eth/members?cursor=983434323 ( Cursor Example )

Could you share what message do you get?
Could we get on a call and debug this? As I don't have a way to see whats wrong, its taking longer to close this issue

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like we have to pass address to cursor now, something like http://localhost:3000/api/eip4824/ens.eth/members?cursor=0xB8cb5Bbf2DdD552145336436b2A0FD490aBf88Ca works

@ChaituVR
Copy link
Member

ChaituVR commented May 2, 2024

Apart from above comments, everything looks to be working nicely 👍

src/helpers/spaces.ts Outdated Show resolved Hide resolved
src/helpers/spaces.ts Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
src/eip4824.ts Outdated Show resolved Hide resolved
@ChaituVR ChaituVR self-requested a review July 10, 2024 05:02
src/eip4824.ts Outdated Show resolved Hide resolved
Copy link
Member

@ChaituVR ChaituVR left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tAck

@ChaituVR
Copy link
Member

@bonustrack Looks like we need your approval

Untitled 2

let exclusionClause = '';
if (exclusionList.length > 0) {
const placeholders = exclusionList.map(() => '?').join(', ');
exclusionClause = `AND voter NOT IN (${placeholders})`;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't this be used to inject arbitrary SQL? I think placeholders should be added as params so it get parsed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that would be of concern here because

  1. Placeholders values are not user input values
  2. Placeholder values are either empty lists or space.admins, space.moderators, space.members
  3. params.push(...exclusionList) This pushes the actual exclusion list values (the voters you want to exclude) into the params array, which is passed to the query execution.
  4. const results =await db.queryAsync(query, params); The database library takes care of escaping the values in params, preventing SQL injection.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrading Snapshot's EIP4824 daoURI implementation
3 participants