Merge branch 'main' of https://github.com/manifoldmarkets/manifold

Author: mantikoros

backend/api/src/get-ticket-orders.ts

@@ -0,0 +1,58 @@
+import { type APIHandler } from './helpers/endpoint'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { throwErrorIfNotAdmin } from 'shared/helpers/auth'
+
+export const getTicketOrders: APIHandler<'get-ticket-orders'> = async (
+  { itemId },
+  auth
+) => {
+  throwErrorIfNotAdmin(auth.uid)
+
+  const pg = createSupabaseDirectClient()
+
+  const itemFilter = itemId ? `AND so.item_id = $1` : `AND so.item_id = 'manifest-ticket'`
+  const params = itemId ? [itemId] : []
+
+  const rows = await pg.manyOrNone<{
+    id: string
+    user_id: string
+    username: string
+    display_name: string
+    email: string | null
+    item_id: string
+    price_mana: string
+    status: string
+    created_time: Date
+  }>(
+    `SELECT
+       so.id,
+       so.user_id,
+       u.username,
+       u.data->>'name' as display_name,
+       pu.data->>'email' as email,
+       so.item_id,
+       so.price_mana,
+       so.status,
+       so.created_time
+     FROM shop_orders so
+     JOIN users u ON u.id = so.user_id
+     LEFT JOIN private_users pu ON pu.id = so.user_id
+     WHERE 1=1 ${itemFilter}
+     ORDER BY so.created_time DESC`,
+    params
+  )
+
+  const orders = rows.map((row) => ({
+    id: row.id,
+    userId: row.user_id,
+    username: row.username,
+    displayName: row.display_name ?? row.username,
+    email: row.email,
+    itemId: row.item_id,
+    priceMana: Number(row.price_mana),
+    status: row.status,
+    createdTime: new Date(row.created_time).getTime(),
+  }))
+
+  return { orders, total: orders.length }
+}

backend/api/src/get-ticket-stock.ts

@@ -0,0 +1,27 @@
+import { APIError, type APIHandler } from './helpers/endpoint'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { getShopItem, isTicketItem } from 'common/shop/items'
+
+export const getTicketStock: APIHandler<'get-ticket-stock'> = async ({
+  itemId,
+}) => {
+  const item = getShopItem(itemId)
+  if (!item || !isTicketItem(item)) {
+    throw new APIError(404, 'Ticket item not found')
+  }
+  const maxStock = item.maxStock ?? 0
+
+  const pg = createSupabaseDirectClient()
+  const { count } = await pg.one<{ count: number }>(
+    `SELECT count(*)::int AS count FROM shop_orders
+     WHERE item_id = $1
+     AND status NOT IN ('FAILED', 'REFUNDED', 'CANCELLED')`,
+    [itemId]
+  )
+
+  return {
+    sold: count,
+    maxStock,
+    available: Math.max(0, maxStock - count),
+  }
+}

backend/api/src/get-user-ticket-purchased.ts

@@ -0,0 +1,20 @@
+import { type APIHandler } from './helpers/endpoint'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { getTicketItems } from 'common/shop/items'
+
+export const getUserTicketPurchased: APIHandler<
+  'get-user-ticket-purchased'
+> = async (_props, auth) => {
+  // Returns true if the user has purchased ANY Manifest ticket — all variants
+  // share one purchase slot (early-bird blocks standard and vice versa).
+  const pg = createSupabaseDirectClient()
+  const allTicketIds = getTicketItems().map((t) => t.id)
+  const row = await pg.oneOrNone(
+    `SELECT 1 FROM shop_orders
+     WHERE user_id = $1 AND item_id = ANY($2::text[])
+     AND status NOT IN ('FAILED', 'REFUNDED', 'CANCELLED')
+     LIMIT 1`,
+    [auth.uid, allTicketIds]
+  )
+  return { purchased: !!row }
+}

backend/api/src/get-users-by-ids.ts

@@ -5,7 +5,7 @@ import { removeNullOrUndefinedProps } from 'common/util/object'
 export const getUsersByIds: APIHandler<'users/by-id'> = async (props) => {
   const pg = createSupabaseDirectClient()
   const users = await pg.manyOrNone(
-    `select id, name, username, data->>'avatarUrl' as "avatarUrl", data->'isBannedFromPosting' as "isBannedFromPosting"
+    `select id, name, username, is_bot as "isBot", data->>'avatarUrl' as "avatarUrl", data->'isBannedFromPosting' as "isBannedFromPosting"
      from users
      where id = any($1)`,
     [props.ids]

backend/api/src/helpers/bets.ts

@@ -10,7 +10,6 @@ import { ContractMetric, isSummary } from 'common/contract-metric'
 import { getUniqueBettorBonusAmount } from 'common/economy'
 import {
   BANNED_TRADING_USER_IDS,
-  BOT_USERNAMES,
   PARTNER_USER_IDS,
 } from 'common/envs/constants'
 import { CandidateBet } from 'common/new-bet'
@@ -456,7 +455,7 @@ export const getUniqueBettorBonusQuery = (
 ) => {
   const { answerId, isRedemption, isApi } = bet
 
-  const isBot = BOT_USERNAMES.includes(bettor.username)
+  const isBot = bettor.isBot ?? false
   const isUnlisted = contract.visibility === 'unlisted'
 
   const answer =

backend/api/src/routes.ts

@@ -54,6 +54,7 @@ import { addOrRemoveTopicFromContract } from './add-topic-to-market'
 import { addOrRemoveTopicFromTopic } from './add-topic-to-topic'
 import { awardBounty } from './award-bounty'
 import { banuser } from './ban-user'
+import { setbotstatus } from './set-bot-status'
 import { blockGroup, unblockGroup } from './block-group'
 import { blockMarket, unblockMarket } from './block-market'
 import { blockUser, unblockUser } from './block-user'
@@ -258,6 +259,10 @@ import { referUser } from './refer-user'
 import { shopCancelSubscription } from './shop-cancel-subscription'
 import { shopPurchase } from './shop-purchase'
 import { shopPurchaseMerch } from './shop-purchase-merch'
+import { shopPurchaseTicket } from './shop-purchase-ticket'
+import { getTicketStock } from './get-ticket-stock'
+import { getTicketOrders } from './get-ticket-orders'
+import { getUserTicketPurchased } from './get-user-ticket-purchased'
 import { shopResetAll } from './shop-reset-all'
 import { shopShippingRates } from './shop-shipping-rates'
 import { shopToggle } from './shop-toggle'
@@ -376,6 +381,7 @@ export const handlers: { [k in APIPath]: APIHandler<k> } = {
   'get-related-markets': getRelatedMarkets,
   'get-related-markets-by-group': getRelatedMarketsByGroup,
   'get-market-context': getMarketContext,
+  'set-bot-status': setbotstatus,
   'ban-user': banuser,
   'dismiss-mod-alert': dismissmodalert,
   'super-ban-user': superBanUser,
@@ -524,6 +530,10 @@ export const handlers: { [k in APIPath]: APIHandler<k> } = {
   'get-shop-stats': getShopStats,
   'shop-purchase': shopPurchase,
   'shop-purchase-merch': shopPurchaseMerch,
+  'shop-purchase-ticket': shopPurchaseTicket,
+  'get-ticket-stock': getTicketStock,
+  'get-ticket-orders': getTicketOrders,
+  'get-user-ticket-purchased': getUserTicketPurchased,
   'shop-shipping-rates': shopShippingRates,
   'shop-reset-all': shopResetAll,
   'shop-toggle': shopToggle,

backend/api/src/set-bot-status.ts

@@ -0,0 +1,32 @@
+import { APIError, type APIHandler } from 'api/helpers/endpoint'
+import { isAdminId } from 'common/envs/constants'
+import { trackPublicEvent } from 'shared/analytics'
+import { throwErrorIfNotMod } from 'shared/helpers/auth'
+import { createSupabaseDirectClient } from 'shared/supabase/init'
+import { updateUser } from 'shared/supabase/users'
+import { getUser, log } from 'shared/utils'
+
+export const setbotstatus: APIHandler<'set-bot-status'> = async (
+  props,
+  auth
+) => {
+  const { userId, isBot } = props
+
+  // Allow users to self-mark as bot (one-way only), mods can toggle anyone
+  const isSelfMark = auth.uid === userId && isBot === true
+  if (!isSelfMark) {
+    throwErrorIfNotMod(auth.uid)
+  }
+  if (isAdminId(userId))
+    throw new APIError(403, 'Cannot modify admin bot status')
+
+  const user = await getUser(userId)
+  if (!user) throw new APIError(404, 'User not found')
+
+  const pg = createSupabaseDirectClient()
+  await updateUser(pg, userId, { isBot })
+
+  await trackPublicEvent(auth.uid, 'set bot status', { userId, isBot })
+  log('set bot status', { userId, isBot, by: auth.uid })
+  return { success: true }
+}

backend/api/src/shop-purchase-ticket.ts

@@ -0,0 +1,128 @@
+import { APIError, type APIHandler } from './helpers/endpoint'
+import { runTxnOutsideBetQueue, type TxnData } from 'shared/txn/run-txn'
+import { runTransactionWithRetries } from 'shared/transact-with-retries'
+import { getUser } from 'shared/utils'
+import { getShopItem, getTicketItems, isTicketItem } from 'common/shop/items'
+import { betsQueue } from 'shared/helpers/fn-queue'
+import { getActiveSupporterEntitlements } from 'shared/supabase/entitlements'
+import { getBenefit } from 'common/supporter-config'
+
+export const shopPurchaseTicket: APIHandler<'shop-purchase-ticket'> = async (
+  { itemId },
+  auth
+) => {
+  const item = getShopItem(itemId)
+  if (!item) throw new APIError(404, 'Item not found')
+  if (!isTicketItem(item)) throw new APIError(400, 'Item is not a ticket')
+  if (item.comingSoon) throw new APIError(403, 'This ticket is not yet available')
+  if (!auth) throw new APIError(401, 'Must be logged in')
+
+  // Serialize ALL ticket purchases for this item globally (not per-user) so two
+  // different users racing for the last slot can't both pass the stock check.
+  const { orderId, remainingStock } = await betsQueue.enqueueFn(
+    () =>
+      runTransactionWithRetries(async (tx) => {
+        const user = await getUser(auth.uid, tx)
+        if (!user) throw new APIError(401, 'Your account was not found')
+        if (user.isBannedFromPosting)
+          throw new APIError(403, 'Your account is banned')
+
+        // One-per-user check across ALL ticket variants — buying early-bird
+        // blocks standard (and vice versa). Unique partial index handles the
+        // same-item case; this handles cross-variant.
+        const allTicketIds = getTicketItems().map((t) => t.id)
+        const existing = await tx.oneOrNone(
+          `SELECT item_id FROM shop_orders
+           WHERE user_id = $1 AND item_id = ANY($2::text[])
+           AND status NOT IN ('FAILED', 'REFUNDED', 'CANCELLED')
+           LIMIT 1`,
+          [auth.uid, allTicketIds]
+        )
+        if (existing) {
+          throw new APIError(
+            403,
+            'You have already purchased a Manifest ticket (limit 1 per person)'
+          )
+        }
+
+        // Global stock check. Safe without FOR UPDATE because betsQueue serializes
+        // all ticket purchases for this itemId, and runTransactionWithRetries uses
+        // serializable isolation as a backstop.
+        if (item.maxStock) {
+          const { count } = await tx.one<{ count: number }>(
+            `SELECT count(*)::int AS count FROM shop_orders
+             WHERE item_id = $1
+             AND status NOT IN ('FAILED', 'REFUNDED', 'CANCELLED')`,
+            [itemId]
+          )
+          if (count >= item.maxStock) {
+            throw new APIError(403, 'Sold out — all tickets have been claimed')
+          }
+        }
+
+        const supporterEntitlements = await getActiveSupporterEntitlements(
+          tx,
+          auth.uid
+        )
+        const shopDiscount = getBenefit(
+          supporterEntitlements,
+          'shopDiscount',
+          0
+        )
+        const price =
+          shopDiscount > 0
+            ? Math.floor(item.price * (1 - shopDiscount))
+            : item.price
+
+        if (user.balance < price) {
+          throw new APIError(403, 'Insufficient balance')
+        }
+
+        const discountPct = Math.round(shopDiscount * 100)
+        const description =
+          discountPct > 0
+            ? `Purchased ${item.name} (${discountPct}% supporter discount)`
+            : `Purchased ${item.name}`
+
+        const txnData: TxnData = {
+          category: 'SHOP_PURCHASE',
+          fromType: 'USER',
+          fromId: auth.uid,
+          toType: 'BANK',
+          toId: 'BANK',
+          amount: price,
+          token: 'M$',
+          description,
+          data: { itemId, ticketOrder: true, supporterDiscount: shopDiscount },
+        }
+        const txn = await runTxnOutsideBetQueue(tx, txnData)
+
+        const order = await tx.one<{ id: string }>(
+          `INSERT INTO shop_orders (user_id, item_id, price_mana, txn_id, status)
+           VALUES ($1, $2, $3, $4, 'COMPLETED')
+           RETURNING id`,
+          [auth.uid, itemId, price, txn.id]
+        )
+
+        const { count: newCount } = await tx.one<{ count: number }>(
+          `SELECT count(*)::int AS count FROM shop_orders
+           WHERE item_id = $1
+           AND status NOT IN ('FAILED', 'REFUNDED', 'CANCELLED')`,
+          [itemId]
+        )
+
+        return {
+          orderId: order.id,
+          remainingStock: Math.max(0, (item.maxStock ?? 0) - newCount),
+        }
+      }),
+    [`ticket:${itemId}`]
+  )
+
+  return {
+    success: true,
+    orderId,
+    discountCode: process.env.MANIFEST_DISCOUNT_CODE ?? null,
+    remainingStock,
+  }
+}

backend/scripts/add-reactivated-to-league.ts

@@ -1,4 +1,3 @@
-import { BOT_USERNAMES } from 'common/envs/constants'
 import { groupBy, mapValues } from 'lodash'
 import { runScript } from 'run-script'
 import {
@@ -37,9 +36,8 @@ const _reassignBots = (pg: SupabaseDirectClient) => {
         cohort = 'bots'
     where user_id in (
         select id from users
-        where username in ($1:csv)
+        where is_bot = true
         limit 40
-    )`,
-    [BOT_USERNAMES]
+    )`
   )
 }

backend/shared/src/generate-leagues.ts

@@ -1,4 +1,4 @@
-import { BOT_USERNAMES, OPTED_OUT_OF_LEAGUES } from 'common/envs/constants'
+import { OPTED_OUT_OF_LEAGUES } from 'common/envs/constants'
 import {
   getCohortSize,
   getDemotionAndPromotionCount,
@@ -50,9 +50,9 @@ export async function generateNextSeason(
     join users on users.id = user_id
     where coalesce(users.data->>'isBannedFromPosting', 'false') = 'false'
     and coalesce(users.data->>'userDeleted', 'false') = 'false'
-    and users.username not in ($2:csv)
+    and users.is_bot = false
     `,
-    [startDate, BOT_USERNAMES]
+    [startDate]
   )
   const activeUserIdsSet = new Set(activeUserIds.map((u) => u.user_id))
 
@@ -218,7 +218,6 @@ export const insertBots = async (pg: SupabaseDirectClient, season: number) => {
 
   // console.log('alreadyAssignedBotIds', alreadyAssignedBotIds)
 
-  const botUsernamesExcludingAcc = BOT_USERNAMES.filter((u) => u !== 'acc')
   const prevBoundaries = await getSeasonStartAndEnd(pg, prevSeason)
   if (!prevBoundaries) {
     log(`Error: Season ${prevSeason} not found in leagues_season_end_times`)
@@ -232,10 +231,11 @@ export const insertBots = async (pg: SupabaseDirectClient, season: number) => {
         where contract_bets.created_time > $1
       )
       select id from users
-      where users.username in ($2:csv)
+      where users.is_bot = true
+      and users.username != 'acc'
       and id in (select user_id from active_user_ids)
     `,
-    [startDate, botUsernamesExcludingAcc],
+    [startDate],
     (r) => r.id
   )