[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: Use the IBAN as search key for bank ac
From: |
gnunet |
Subject: |
[libeufin] branch master updated: Use the IBAN as search key for bank accounts. |
Date: |
Wed, 29 Apr 2020 22:50:35 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new 26f719d Use the IBAN as search key for bank accounts.
26f719d is described below
commit 26f719d5b4064e4b325a1d25b0b7d69704aa5103
Author: Marcello Stanisci <address@hidden>
AuthorDate: Wed Apr 29 22:49:51 2020 +0200
Use the IBAN as search key for bank accounts.
---
integration-tests/test-ebics.py | 11 ++++++++---
nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt | 16 ++++++++++++++--
nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt | 10 ++++------
nexus/src/test/kotlin/PainGeneration.kt | 1 -
util/src/main/kotlin/JSON.kt | 14 ++++++++++++++
5 files changed, 40 insertions(+), 12 deletions(-)
diff --git a/integration-tests/test-ebics.py b/integration-tests/test-ebics.py
index 695f581..e135899 100755
--- a/integration-tests/test-ebics.py
+++ b/integration-tests/test-ebics.py
@@ -121,12 +121,17 @@ assert(
#6 Prepare a payment (via pure Nexus service)
resp = post(
"http://localhost:5001/users/{}/prepare-payment".format(USERNAME),
- json=dict()
+ json=dict(
+ creditorIban="GB33BUKB20201555555555",
+ creditorBic="BUKBGB22",
+ creditorName="Oliver Smith",
+ debitorIban="FR7630006000011234567890189",
+ debitorBic="AGRIFRPP",
+ debitorName="Jacques LaFayette"
+ )
)
assert(resp.status_code == 200)
-
-
#7 Execute such payment via EBICS
#8 Request history again via EBICS
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
index 6da439f..78fb2f9 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Helpers.kt
@@ -428,12 +428,24 @@ fun subscriberHasRights(subscriber:
EbicsSubscriberEntity, bankAccount: BankAcco
return row != null
}
+fun getBankAccountFromIban(iban: String): BankAccountEntity {
+ return transaction {
+ BankAccountEntity.find {
+ BankAccountsTable.iban eq iban
+ }.firstOrNull() ?: throw NexusError(
+ HttpStatusCode.NotFound,
+ "Bank account with IBAN '$iban' not found"
+ )
+ }
+}
+
/** Check if the nexus user is allowed to use the claimed bank account. */
-fun userHasRights(subscriber: NexusUserEntity, bankAccount:
BankAccountEntity): Boolean {
+fun userHasRights(nexusUser: NexusUserEntity, iban: String): Boolean {
val row = transaction {
+ val bankAccount = getBankAccountFromIban(iban)
UserToBankAccountEntity.find {
UserToBankAccountsTable.bankAccount eq bankAccount.id and
- (UserToBankAccountsTable.nexusUser eq subscriber.id)
+ (UserToBankAccountsTable.nexusUser eq nexusUser.id)
}.firstOrNull()
}
return row != null
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 5094fab..14bd1ea 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -285,19 +285,17 @@ fun main() {
call.respond(ret)
return@get
}
- post("/users/{id}/accounts/prepare-payment") {
+ post("/users/{id}/prepare-payment") {
val nexusUser = extractNexusUser(call.parameters["id"])
+ val pain001data = call.receive<Pain001Data>()
transaction {
- val accountInfo =
expectAcctidTransaction(call.parameters["acctid"])
- if (!userHasRights(nexusUser, accountInfo)) {
+ if (!userHasRights(nexusUser, pain001data.debitorIban)) {
throw NexusError(
HttpStatusCode.BadRequest,
- "Claimed bank account '${accountInfo.id}' doesn't
belong to user '${nexusUser.id.value}'!"
+ "User ${nexusUser.id.value} can't access
${pain001data.debitorIban}"
)
}
-
}
- val pain001data = call.receive<Pain001Data>()
createPain001entity(pain001data, nexusUser)
call.respondText(
"Payment instructions persisted in DB",
diff --git a/nexus/src/test/kotlin/PainGeneration.kt
b/nexus/src/test/kotlin/PainGeneration.kt
index f412db6..0a6e3e1 100644
--- a/nexus/src/test/kotlin/PainGeneration.kt
+++ b/nexus/src/test/kotlin/PainGeneration.kt
@@ -7,7 +7,6 @@ import org.jetbrains.exposed.sql.transactions.transaction
import org.jetbrains.exposed.sql.SchemaUtils
import org.joda.time.DateTime
import tech.libeufin.util.Amount
-import javax.sql.rowset.serial.SerialBlob
diff --git a/util/src/main/kotlin/JSON.kt b/util/src/main/kotlin/JSON.kt
new file mode 100644
index 0000000..db420d8
--- /dev/null
+++ b/util/src/main/kotlin/JSON.kt
@@ -0,0 +1,14 @@
+package tech.libeufin.util
+
+/**
+ * (Very) generic information about one payment. Can be
+ * derived from a CAMT response, or from a prepared PAIN
+ * document.
+ */
+data class RawPayment(
+ val creditorIban: String,
+ val debitorIban: String,
+ val amount: String,
+ val subject: String,
+ val date: String
+)
\ No newline at end of file
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: Use the IBAN as search key for bank accounts.,
gnunet <=