status-im · cammellos · Jul 14, 2023 · Jul 12, 2023 · Jul 13, 2023
diff --git a/appdatabase/migrations/bindata.go b/appdatabase/migrations/bindata.go
diff --git a/appdatabase/migrationsprevnodecfg/bindata.go b/appdatabase/migrationsprevnodecfg/bindata.go
diff --git a/mailserver/migrations/bindata.go b/mailserver/migrations/bindata.go
diff --git a/multiaccounts/migrations/bindata.go b/multiaccounts/migrations/bindata.go
diff --git a/protocol/anonmetrics/migrations/migrations.go b/protocol/anonmetrics/migrations/migrations.go
diff --git a/protocol/communities/community.go b/protocol/communities/community.go
@@ -723,7 +723,7 @@ func (o *Community) hasMemberPermission(member *protobuf.CommunityMember, permis
 }
 
 func (o *Community) hasPermission(pk *ecdsa.PublicKey, roles map[protobuf.CommunityMember_Roles]bool) bool {
-	if pk == nil || o.config.ID == nil {
+	if pk == nil || o.config == nil || o.config.ID == nil {
 		return false
 	}
 

diff --git a/protocol/communities/community_test.go b/protocol/communities/community_test.go
@@ -61,6 +61,44 @@ func (s *CommunitySuite) SetupTest() {
 
 }
 
+func (s *CommunitySuite) TestHasPermission() {
+	// returns false if empty public key is passed
+	community := &Community{}
+	ownerKey, err := crypto.GenerateKey()
+	s.Require().NoError(err)
+
+	nonMemberKey, err := crypto.GenerateKey()
+	s.Require().NoError(err)
+
+	memberKey, err := crypto.GenerateKey()
+	s.Require().NoError(err)
+
+	s.Require().False(community.hasPermission(nil, adminRolePermissions()))
+
+	// returns false if key is passed, but config is nil
+	s.Require().False(community.hasPermission(&nonMemberKey.PublicKey, adminRolePermissions()))
+
+	// returns true if the user is the owner
+
+	communityDescription := &protobuf.CommunityDescription{}
+	communityDescription.Members = make(map[string]*protobuf.CommunityMember)
+	communityDescription.Members[common.PubkeyToHex(&memberKey.PublicKey)] = &protobuf.CommunityMember{Roles: []protobuf.CommunityMember_Roles{protobuf.CommunityMember_ROLE_ADMIN}}
+
+	community.config = &Config{ID: &ownerKey.PublicKey, CommunityDescription: communityDescription}
+
+	s.Require().True(community.hasPermission(&ownerKey.PublicKey, adminRolePermissions()))
+
+	// return false if user is not a member
+	s.Require().False(community.hasPermission(&nonMemberKey.PublicKey, adminRolePermissions()))
+
+	// return true if user is a member and has permissions
+	s.Require().True(community.hasPermission(&memberKey.PublicKey, adminRolePermissions()))
+
+	// return false if user is a member and does not have permissions
+	s.Require().False(community.hasPermission(&memberKey.PublicKey, ownerRolePermission()))
+
+}
+
 func (s *CommunitySuite) TestInviteUserToOrg() {
 	newMember, err := crypto.GenerateKey()
 	s.Require().NoError(err)

diff --git a/protocol/communities/manager.go b/protocol/communities/manager.go
@@ -1369,6 +1369,10 @@ func (m *Manager) HandleCommunityAdminEvent(signer *ecdsa.PublicKey, adminEvent
 		return nil, err
 	}
 
+	if community == nil {
+		return nil, ErrOrgNotFound
+	}
+
 	if !community.IsMemberAdmin(signer) {
 		return nil, errors.New("user is not an admin")
 	}