Add copy trading authorization checks in LiveTradingBotGrain and StartCopyTradingCommandHandler. Integrated IKaigenService to verify user ownership of master strategy keys before allowing copy trading. Enhanced error handling and logging for authorization verification.

2025-11-16 22:11:54 +07:00
parent 2baa2e173c
commit c229212acd
4 changed files with 149 additions and 19 deletions
--- a/src/Managing.Application/Bots/Grains/LiveTradingBotGrain.cs
+++ b/src/Managing.Application/Bots/Grains/LiveTradingBotGrain.cs
@@ -29,6 +29,7 @@ public class LiveTradingBotGrain : Grain, ILiveTradingBotGrain, IRemindable
    private readonly IPersistentState<TradingBotGrainState> _state;
    private readonly ILogger<LiveTradingBotGrain> _logger;
    private readonly IServiceScopeFactory _scopeFactory;
+    private readonly IKaigenService _kaigenService;
    private TradingBotBase? _tradingBot;
    private IDisposable? _timer;
    private string _reminderName = "RebootReminder";
@@ -38,11 +39,13 @@ public class LiveTradingBotGrain : Grain, ILiveTradingBotGrain, IRemindable
        [PersistentState("live-trading-bot", "bot-store")]
        IPersistentState<TradingBotGrainState> state,
        ILogger<LiveTradingBotGrain> logger,
-        IServiceScopeFactory scopeFactory)
+        IServiceScopeFactory scopeFactory,
+        IKaigenService kaigenService)
    {
        _logger = logger;
        _scopeFactory = scopeFactory;
        _state = state;
+        _kaigenService = kaigenService;
    }

    public override async Task OnActivateAsync(CancellationToken cancellationToken)
@@ -505,6 +508,35 @@ public class LiveTradingBotGrain : Grain, ILiveTradingBotGrain, IRemindable
                return;
            }

+            // Check if copy trading authorization is still valid
+            if (_state.State.Config.IsForCopyTrading && _state.State.Config.MasterBotIdentifier.HasValue)
+            {
+                try
+                {
+                    var ownedKeys = await _kaigenService.GetOwnedKeysAsync(_state.State.User);
+                    var hasMasterStrategyKey = ownedKeys.Items.Any(key =>
+                        string.Equals(key.AgentName, _state.State.Config.MasterBotIdentifier.Value.ToString(), StringComparison.OrdinalIgnoreCase) &&
+                        key.Owned >= 1);
+
+                    if (!hasMasterStrategyKey)
+                    {
+                        _logger.LogWarning(
+                            "Copy trading bot {GrainId} no longer has authorization for master strategy {MasterBotId}. Stopping bot.",
+                            this.GetPrimaryKey(), _state.State.Config.MasterBotIdentifier.Value);
+
+                        await StopAsync("Copy trading authorization revoked - user no longer owns keys for master strategy");
+                        return;
+                    }
+                }
+                catch (Exception ex)
+                {
+                    _logger.LogError(ex,
+                        "Failed to verify copy trading authorization for bot {GrainId} with master strategy {MasterBotId}. Continuing execution.",
+                        this.GetPrimaryKey(), _state.State.Config.MasterBotIdentifier.Value);
+                    SentrySdk.CaptureException(ex);
+                }
+            }
+
            if (_tradingBot.Positions.Any(p => p.Value.IsOpen() || p.Value.Status.Equals(PositionStatus.New)))
            {
                _logger.LogInformation(
--- a/src/Managing.Application/ManageBot/StartCopyTradingCommandHandler.cs
+++ b/src/Managing.Application/ManageBot/StartCopyTradingCommandHandler.cs
@@ -7,6 +7,7 @@ using Managing.Domain.Accounts;
 using Managing.Domain.Bots;
 using MediatR;
 using static Managing.Common.Enums;
+using System;

 namespace Managing.Application.ManageBot
 {
@@ -15,13 +16,15 @@ namespace Managing.Application.ManageBot
        private readonly IAccountService _accountService;
        private readonly IGrainFactory _grainFactory;
        private readonly IBotService _botService;
+        private readonly IKaigenService _kaigenService;

        public StartCopyTradingCommandHandler(
-            IAccountService accountService, IGrainFactory grainFactory, IBotService botService)
+            IAccountService accountService, IGrainFactory grainFactory, IBotService botService, IKaigenService kaigenService)
        {
            _accountService = accountService;
            _grainFactory = grainFactory;
            _botService = botService;
+            _kaigenService = kaigenService;
        }

        public async Task<string> Handle(StartCopyTradingCommand request, CancellationToken cancellationToken)
@@ -40,11 +43,18 @@ namespace Managing.Application.ManageBot
                throw new ArgumentException($"Master bot with identifier {request.MasterBotIdentifier} not found");
            }

-            // Verify the user owns the master bot keys
-            // if (masterBot.User?.Name != request.User.Name)
-            // {
-            //     throw new UnauthorizedAccessException("You don't have permission to copy trades from this bot");
-            // }
+            // Verify the user owns the keys of the master strategy
+            var ownedKeys = await _kaigenService.GetOwnedKeysAsync(request.User);
+            var hasMasterStrategyKey = ownedKeys.Items.Any(key =>
+                string.Equals(key.AgentName, request.MasterBotIdentifier.ToString(), StringComparison.OrdinalIgnoreCase) &&
+                key.Owned >= 1);
+
+            if (!hasMasterStrategyKey)
+            {
+                throw new UnauthorizedAccessException(
+                    $"You don't own the keys for the master strategy '{request.MasterBotIdentifier}'. " +
+                    "You must own at least 1 key for this strategy to copy trade from it.");
+            }

            // Get the master bot configuration
            var masterConfig = await _botService.GetBotConfig(request.MasterBotIdentifier);