Trading ban

backend/api/src/app.ts

@@ -71,7 +71,8 @@ import {
 } from './get-dashboard-from-slug'
 import { unresolve } from './unresolve'
 import { referuser } from 'api/refer-user'
-import { banuser } from 'api/ban-user'
+import { banUserFromPosting } from 'api/ban-user-from-posting'
+import { banUserFromMana } from './ban-user-from-mana'
 import { updateMarket } from 'api/update-market'
 import { createprivateusermessage } from 'api/create-private-user-message'
 import { createprivateusermessagechannel } from 'api/create-private-user-message-channel'
@@ -192,6 +193,7 @@ import { getUserLimitOrdersWithContracts } from 'api/get-user-limit-orders-with-
 import { getInterestingGroupsFromViews } from 'api/get-interesting-groups-from-views'
 import { completeCashoutSession } from 'api/gidx/complete-cashout-session'
 import { getCashouts } from './get-cashouts'
+import { banUserFromSweepcash } from './ban-user-from-sweepcash'
 
 const allowCorsUnrestricted: RequestHandler = cors({})
 
@@ -512,7 +514,9 @@ app.post('/updatedashboard', ...apiRoute(updatedashboard))
 app.post('/delete-dashboard', ...apiRoute(deletedashboard))
 app.get('/get-news-dashboards', ...apiRoute(getnews))
 app.post('/getdashboardfromslug', ...apiRoute(getdashboardfromslug))
-app.post('/ban-user', ...apiRoute(banuser))
+app.post('/ban-user-from-posting', ...apiRoute(banUserFromPosting))
+app.post('/ban-user-from-mana', ...apiRoute(banUserFromMana))
+app.post('/ban-user-from-sweepcash', ...apiRoute(banUserFromSweepcash))
 app.post('/create-private-user-message', ...apiRoute(createprivateusermessage))
 app.post(
   '/create-private-user-message-channel',

backend/api/src/ban-user-from-mana.ts

@@ -0,0 +1,30 @@
+import { APIError, authEndpoint, validate } from 'api/helpers/endpoint'
+import { z } from 'zod'
+import { trackPublicEvent } from 'shared/analytics'
+import { throwErrorIfNotMod } from 'shared/helpers/auth'
+import { isAdminId } from 'common/envs/constants'
+import { log } from 'shared/utils'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { updateUser } from 'shared/supabase/users'
+
+const bodySchema = z
+  .object({
+    userId: z.string(),
+    unban: z.boolean().optional(),
+  })
+  .strict()
+
+export const banUserFromMana = authEndpoint(async (req, auth) => {
+  const { userId, unban } = validate(bodySchema, req.body)
+  const pg = createSupabaseDirectClient()
+  await throwErrorIfNotMod(auth.uid)
+  if (isAdminId(userId)) throw new APIError(403, 'Cannot ban admin')
+  await trackPublicEvent(auth.uid, 'ban user from trading mana', {
+    userId,
+  })
+  await updateUser(pg, userId, {
+    isBannedFromMana: !unban,
+  })
+  log(`Updated trading ban status for user ${userId}`)
+  return { success: true }
+})

backend/api/src/ban-user.ts → backend/api/src/ban-user-from-posting.ts

@@ -14,15 +14,15 @@ const bodySchema = z
   })
   .strict()
 
-export const banuser = authEndpoint(async (req, auth) => {
+export const banUserFromPosting = authEndpoint(async (req, auth) => {
   const { userId, unban } = validate(bodySchema, req.body)
-  const db = createSupabaseDirectClient()
+  const pg = createSupabaseDirectClient()
   await throwErrorIfNotMod(auth.uid)
   if (isAdminId(userId)) throw new APIError(403, 'Cannot ban admin')
   await trackPublicEvent(auth.uid, 'ban user', {
     userId,
   })
-  await updateUser(db, userId, {
+  await updateUser(pg, userId, {
     isBannedFromPosting: !unban,
   })
   log('updated user')

backend/api/src/ban-user-from-sweepcash.ts

@@ -0,0 +1,30 @@
+import { APIError, authEndpoint, validate } from 'api/helpers/endpoint'
+import { z } from 'zod'
+import { trackPublicEvent } from 'shared/analytics'
+import { throwErrorIfNotMod } from 'shared/helpers/auth'
+import { isAdminId } from 'common/envs/constants'
+import { log } from 'shared/utils'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { updateUser } from 'shared/supabase/users'
+
+const bodySchema = z
+  .object({
+    userId: z.string(),
+    unban: z.boolean().optional(),
+  })
+  .strict()
+
+export const banUserFromSweepcash = authEndpoint(async (req, auth) => {
+  const { userId, unban } = validate(bodySchema, req.body)
+  const pg = createSupabaseDirectClient()
+  await throwErrorIfNotMod(auth.uid)
+  if (isAdminId(userId)) throw new APIError(403, 'Cannot ban admin')
+  await trackPublicEvent(auth.uid, 'ban user from trading sweepcash', {
+    userId,
+  })
+  await updateUser(pg, userId, {
+    isBannedFromSweepcash: !unban,
+  })
+  log(`Updated trading ban status for user ${userId}`)
+  return { success: true }
+})

backend/api/src/delete-me.ts

@@ -20,7 +20,6 @@ export const deleteMe: APIHandler<'me/delete'> = async (body, auth) => {
   const pg = createSupabaseDirectClient()
   await updateUser(pg, auth.uid, {
     userDeleted: true,
-    isBannedFromPosting: true,
   })
   await updatePrivateUser(pg, auth.uid, {
     email: FieldVal.delete(),

backend/api/src/get-mod-reports.ts

@@ -15,7 +15,9 @@ export const getModReports: APIHandler<'get-mod-reports'> = async () => {
       owner.username as owner_username,
       owner.data->>'avatarUrl' as owner_avatar_url,
       owner.name as owner_name,
-      (owner.data->>'isBannedFromPosting')::boolean as owner_is_banned_from_posting
+      (owner.data->>'isBannedFromPosting')::boolean as owner_is_banned_from_posting,
+      (owner.data->>'isBannedFromMana')::boolean as owner_is_banned_from_mana,
+      (owner.data->>'isBannedFromSweepcash')::boolean as owner_is_banned_from_sweepcash
     from mod_reports mr
     join contract_comments cc on cc.comment_id = mr.comment_id
     join contracts c on c.id = mr.contract_id

backend/api/src/get-user.ts

@@ -22,9 +22,16 @@ export const getLiteUser = async (
 ) => {
   const pg = createSupabaseDirectClient()
   const liteUser = await pg.oneOrNone(
-    `select id, name, username, data->>'avatarUrl' as "avatarUrl", data->'isBannedFromPosting' as "isBannedFromPosting"
-            from users
-            where ${'id' in props ? 'id' : 'username'} = $1`,
+    `select
+      id,
+      name,
+      username,
+      data->>'avatarUrl' as "avatarUrl",
+      (data->>'isBannedFromPosting')::boolean as "isBannedFromPosting",
+      (data->>'isBannedFromMana')::boolean as "isBannedFromMana",
+      (data->>'isBannedFromSweepcash')::boolean as "isBannedFromSweepcash"
+    from users
+    where ${'id' in props ? 'id' : 'username'} = $1`,
     ['id' in props ? props.id : props.username]
   )
   if (!liteUser) throw new APIError(404, 'User not found')

backend/api/src/place-bet.ts

@@ -16,11 +16,15 @@ import { Answer } from 'common/answer'
 import { CpmmState, getCpmmProbability } from 'common/calculate-cpmm'
 import { ValidatedAPIParams } from 'common/api/schema'
 import { onCreateBets } from 'api/on-create-bet'
+<<<<<<< trading-ban
+import { isAdminId, TWOMBA_ENABLED } from 'common/envs/constants'
+=======
 import {
   BANNED_TRADING_USER_IDS,
   isAdminId,
   TWOMBA_ENABLED,
 } from 'common/envs/constants'
+>>>>>>> main
 import * as crypto from 'crypto'
 import { formatMoneyWithDecimals } from 'common/util/format'
 import {
@@ -294,7 +298,15 @@ export const fetchContractBetDataAndValidate = async (
       contract.token === 'CASH' ? bet.cash_balance : bet.balance,
     ])
   )
+
   const unfilledBetUserIds = Object.keys(balanceByUserId)
+  if (
+    (isAdminId(uid) && contract.token === 'CASH') ||
+    (user.isBannedFromSweepcash && contract.token === 'CASH')
+  ) {
+    throw new APIError(403, 'Banned from trading on sweepstakes markets.')
+  }
+
   const balance = contract.token === 'CASH' ? user.cashBalance : user.balance
   if (amount !== undefined && balance < amount)
     throw new APIError(403, 'Insufficient balance.')
@@ -307,11 +319,16 @@ export const fetchContractBetDataAndValidate = async (
       'You must be kyc verified to trade on sweepstakes markets.'
     )
   }
+<<<<<<< trading-ban
+  if (user.userDeleted) {
+    throw new APIError(403, 'You are banned or deleted.')
+=======
   if (isAdminId(user.id) && contract.token === 'CASH' && isProd()) {
     throw new APIError(403, 'Admins cannot trade on sweepstakes markets.')
   }
   if (BANNED_TRADING_USER_IDS.includes(user.id) || user.userDeleted) {
     throw new APIError(403, 'You are banned or deleted. And not #blessed.')
+>>>>>>> main
   }
   log(
     `Loaded user ${user.username} with id ${user.id} betting on slug ${contract.slug} with contract id: ${contract.id}.`
@@ -322,7 +339,12 @@ export const fetchContractBetDataAndValidate = async (
   log(
     `Loaded user ${user.username} with id ${user.id} betting on slug ${contract.slug} with contract id: ${contract.id}.`
   )
-
+  if (user.isBannedFromMana && contract.token !== 'CASH') {
+    throw new APIError(403, 'You are banned from trading mana (or deleted).')
+  }
+  log(
+    `Loaded user ${user.username} with id ${user.id} betting on slug ${contract.slug} with contract id: ${contract.id}.`
+  )
   return {
     user,
     contract,

common/src/api/user-types.ts

@@ -8,6 +8,8 @@ export type DisplayUser = {
   username: string
   avatarUrl: string
   isBannedFromPosting?: boolean
+  isBannedFromMana?: boolean
+  isBannedFromSweepcash?: boolean
 }
 
 export type FullUser = User & {

common/src/envs/constants.ts

@@ -267,13 +267,6 @@ export const VERIFIED_USERNAMES = [
   'DanHendrycks',
 ]
 
-export const BANNED_TRADING_USER_IDS = [
-  'zgCIqq8AmRUYVu6AdQ9vVEJN8On1', //firstuserhere aka _deleted_
-  'LIBAoi7tpqeNLYM1xxJ1QJBQqW32', //lastuserhere
-  'p3ADzwIUS3fk0ka80XYEE3OM3S32', //PC
-  '4JuXgDx47xPagH5mcLDqLzUSN5g2', // BTE
-]
-
 export const PARTNER_USER_IDS: string[] = [
   'sTUV8ejuM2byukNZp7qKP2OKXMx2', // NFL
   'rFJu0EIdR6RP8d1vHKSh62pbnbH2', // SimonGrayson

common/src/mod-report.ts

@@ -17,5 +17,7 @@ export type ModReport = {
   owner_username: string
   owner_avatar_url: string
   owner_is_banned_from_posting: boolean
+  owner_is_banned_from_mana: boolean
+  owner_is_banned_from_sweepcash: boolean
   owner_name: string
 }

common/src/user.ts

@@ -63,6 +63,8 @@ export type User = {
   hasSeenLoanModal?: boolean
   hasSeenContractFollowModal?: boolean
   isBannedFromPosting?: boolean
+  isBannedFromMana?: boolean
+  isBannedFromSweepcash?: boolean
   userDeleted?: boolean
   optOutBetWarnings?: boolean
   freeQuestionsCreated?: number

web/components/auth-context.tsx

@@ -7,11 +7,7 @@ import { createUser } from 'web/lib/api/api'
 import { randomString } from 'common/util/random'
 import { identifyUser, setUserProperty } from 'web/lib/service/analytics'
 import { useStateCheckEquality } from 'web/hooks/use-state-check-equality'
-import {
-  AUTH_COOKIE_NAME,
-  BANNED_TRADING_USER_IDS,
-  TEN_YEARS_SECS,
-} from 'common/envs/constants'
+import { AUTH_COOKIE_NAME, TEN_YEARS_SECS } from 'common/envs/constants'
 import { getCookie, setCookie } from 'web/lib/util/cookie'
 import {
   type PrivateUser,
@@ -114,12 +110,13 @@ export function AuthProvider(props: {
   useEffect(() => {
     if (authUser) {
       if (
-        BANNED_TRADING_USER_IDS.includes(authUser.user.id) ||
+        (authUser.user.isBannedFromPosting &&
+          authUser.user.isBannedFromMana) && authUser.user.isBannedFromSweepcash ||
         authUser.user.userDeleted
       ) {
         const message = authUser.user.userDeleted
           ? 'You have deleted the account associated with this email. To restore your account please email [email protected]'
-          : 'You are banned from trading. To learn more please email [email protected]'
+          : 'You are banned from Manifold. To learn more please email [email protected]'
 
         firebaseLogout().then(() => {
           alert(message)

web/components/buttons/user-settings-button.tsx

@@ -22,7 +22,11 @@ import {
   Referrals,
   useReferralCount,
 } from 'web/components/buttons/referrals-button'
-import { banUser } from 'web/lib/api/api'
+import {
+  banUserFromPosting,
+  banUserFromMana,
+  banUserFromSweepcash,
+} from 'web/lib/api/api'
 import SuperBanControl from '../SuperBanControl'
 import { buildArray } from 'common/util/array'
 import { AccountSettings } from '../profile/settings'
@@ -80,19 +84,50 @@ export function UserSettingButton(props: { user: User }) {
             <div className="mb-2 flex flex-wrap justify-between">
               <Title className={'!mb-0'}>{name}</Title>
               {(isAdmin || isTrusted) && (
-                <Row className="gap-2">
+                <Row className="mt-2 gap-2">
                   <SuperBanControl userId={userId} />
                   <Button
                     color={'red'}
                     size="xs"
                     onClick={() => {
-                      banUser({
+                      banUserFromPosting({
                         userId,
                         unban: user.isBannedFromPosting ?? false,
                       })
                     }}
                   >
-                    {user.isBannedFromPosting ? 'Banned' : 'Ban User'}
+                    {user.isBannedFromPosting
+                      ? 'Banned (posting)'
+                      : 'Ban Posting'}
+                  </Button>
+
+                  <Button
+                    color={'red'}
+                    size="xs"
+                    onClick={() => {
+                      banUserFromMana({
+                        userId,
+                        unban: user.isBannedFromMana ?? false,
+                      })
+                    }}
+                  >
+                    {user.isBannedFromMana
+                      ? 'Banned (mana)'
+                      : 'Ban Mana Trading'}
+                  </Button>
+                  <Button
+                    color={'red'}
+                    size="xs"
+                    onClick={() => {
+                      banUserFromSweepcash({
+                        userId,
+                        unban: user.isBannedFromSweepcash ?? false,
+                      })
+                    }}
+                  >
+                    {user.isBannedFromSweepcash
+                      ? 'Banned (sweepcash)'
+                      : 'Ban Sweepcash Trading'}
                   </Button>
                 </Row>
               )}

web/components/mod-report-item.tsx

@@ -50,8 +50,18 @@ const ModReportItem: React.FC<ReportItemProps> = ({
                   avatarUrl={report.owner_avatar_url || ''}
                   size="sm"
                 />
+
                 <UserLink user={owner} className="text-ink-800 ml-2" />
-                {report.owner_is_banned_from_posting && <BannedBadge />}
+                {(report.owner_is_banned_from_posting ||
+                  report.owner_is_banned_from_mana) || report.owner_is_banned_from_sweepcash && (
+                  <span className="ml-1.5">
+                    <BannedBadge
+                      isBannedFromPosting={report.owner_is_banned_from_posting}
+                      isBannedFromMana={report.owner_is_banned_from_mana}
+                      isBannedFromSweepcash={report.owner_is_banned_from_sweepcash}
+                    />
+                  </span>
+                )}
               </div>
             </UserHovercard>
             <Row className="ml-2">commented:</Row>

web/components/profile/blocked-user.tsx

@@ -39,7 +39,13 @@ export function BlockedUser(props: { user: User; privateUser: PrivateUser }) {
                   {user.name}
                   {' (Blocked) '}
                   {<UserBadge userId={user.id} username={user.username} />}
-                  {user.isBannedFromPosting && <BannedBadge />}
+                  <span className="ml-1.5">
+                    <BannedBadge
+                      isBannedFromPosting={user.isBannedFromPosting ?? false}
+                      isBannedFromMana={user.isBannedFromMana ?? false}
+                      isBannedFromSweepcash={user.isBannedFromSweepcash ?? false}
+                    />
+                  </span>
                 </span>
                 <Row className="sm:text-md items-center gap-x-3 text-sm ">
                   <span className={' text-ink-400'}>@{user.username}</span>