[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-merchant] branch master updated: add claim token to contract term
|
From: |
gnunet |
|
Subject: |
[taler-merchant] branch master updated: add claim token to contract terms table |
|
Date: |
Wed, 11 Aug 2021 18:48:58 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository merchant.
The following commit(s) were added to refs/heads/master by this push:
new 8cccdca8 add claim token to contract terms table
8cccdca8 is described below
commit 8cccdca8f18a2d0970f46ee49bbb1dc52ffdf6eb
Author: Florian Dold <florian@dold.me>
AuthorDate: Wed Aug 11 18:48:52 2021 +0200
add claim token to contract terms table
---
contrib/merchant-backoffice | 2 +-
src/backend/taler-merchant-httpd_get-orders-ID.c | 3 ++-
.../taler-merchant-httpd_post-orders-ID-claim.c | 3 ++-
.../taler-merchant-httpd_post-orders-ID-paid.c | 3 ++-
.../taler-merchant-httpd_post-orders-ID-pay.c | 3 ++-
.../taler-merchant-httpd_post-orders-ID-refund.c | 3 ++-
...taler-merchant-httpd_private-delete-orders-ID.c | 3 ++-
.../taler-merchant-httpd_private-get-orders-ID.c | 3 ++-
.../taler-merchant-httpd_private-get-orders.c | 3 ++-
...merchant-httpd_private-patch-orders-ID-forget.c | 3 ++-
...-merchant-httpd_private-post-orders-ID-refund.c | 6 +++--
src/backenddb/merchant-0002.sql | 24 ++++++++++++++++++
src/backenddb/plugin_merchantdb_postgres.c | 29 ++++++++++++++++------
src/backenddb/test_merchantdb.c | 6 +++--
src/include/taler_merchantdb_plugin.h | 4 ++-
15 files changed, 75 insertions(+), 23 deletions(-)
diff --git a/contrib/merchant-backoffice b/contrib/merchant-backoffice
index fadde846..4320467d 160000
--- a/contrib/merchant-backoffice
+++ b/contrib/merchant-backoffice
@@ -1 +1 @@
-Subproject commit fadde8464e1da05b60dcc8bb6278a685fc61ca25
+Subproject commit 4320467db1392e5f48a4acd079f7e2a253cf9984
diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c
b/src/backend/taler-merchant-httpd_get-orders-ID.c
index b96f6ba0..08b77fce 100644
--- a/src/backend/taler-merchant-httpd_get-orders-ID.c
+++ b/src/backend/taler-merchant-httpd_get-orders-ID.c
@@ -849,7 +849,8 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh,
hc->instance->settings.id,
order_id,
&god->contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
if (0 > qs)
{
/* single, read-only SQL statements should never cause
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-claim.c
b/src/backend/taler-merchant-httpd_post-orders-ID-claim.c
index 537ea0e1..e9551e3a 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-claim.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-claim.c
@@ -75,7 +75,8 @@ claim_order (const char *instance_id,
instance_id,
order_id,
contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
}
if (0 > qs)
{
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-paid.c
b/src/backend/taler-merchant-httpd_post-orders-ID-paid.c
index 3533a312..c821ed32 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-paid.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-paid.c
@@ -91,7 +91,8 @@ TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
hc->instance->settings.id,
order_id,
&contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
}
if (0 > qs)
{
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
index ca83c99a..419118b8 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
@@ -1678,7 +1678,8 @@ parse_pay (struct MHD_Connection *connection,
hc->instance->settings.id,
pc->order_id,
&contract_terms,
- &pc->order_serial);
+ &pc->order_serial,
+ NULL);
if (0 > qs)
{
/* single, read-only SQL statements should never cause
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-refund.c
b/src/backend/taler-merchant-httpd_post-orders-ID-refund.c
index 27622d63..392f70ed 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-refund.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-refund.c
@@ -573,7 +573,8 @@ TMH_post_orders_ID_refund (const struct TMH_RequestHandler
*rh,
hc->instance->settings.id,
hc->infix,
&contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
if (0 > qs)
{
/* single, read-only SQL statements should never cause
diff --git a/src/backend/taler-merchant-httpd_private-delete-orders-ID.c
b/src/backend/taler-merchant-httpd_private-delete-orders-ID.c
index 057b45c3..b9dd4bc9 100644
--- a/src/backend/taler-merchant-httpd_private-delete-orders-ID.c
+++ b/src/backend/taler-merchant-httpd_private-delete-orders-ID.c
@@ -80,7 +80,8 @@ TMH_private_delete_orders_ID (const struct TMH_RequestHandler
*rh,
mi->settings.id,
hc->infix,
NULL,
- &order_serial);
+ &order_serial,
+ NULL);
}
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
return TALER_MHD_reply_with_error (connection,
diff --git a/src/backend/taler-merchant-httpd_private-get-orders-ID.c
b/src/backend/taler-merchant-httpd_private-get-orders-ID.c
index fa685663..33976740 100644
--- a/src/backend/taler-merchant-httpd_private-get-orders-ID.c
+++ b/src/backend/taler-merchant-httpd_private-get-orders-ID.c
@@ -839,7 +839,8 @@ TMH_private_get_orders_ID (const struct TMH_RequestHandler
*rh,
hc->instance->settings.id,
hc->infix,
&gorc->contract_terms,
- &gorc->order_serial);
+ &gorc->order_serial,
+ NULL);
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
{
order_only = true;
diff --git a/src/backend/taler-merchant-httpd_private-get-orders.c
b/src/backend/taler-merchant-httpd_private-get-orders.c
index 5bbcc266..defce83d 100644
--- a/src/backend/taler-merchant-httpd_private-get-orders.c
+++ b/src/backend/taler-merchant-httpd_private-get-orders.c
@@ -294,7 +294,8 @@ add_order (void *cls,
po->instance_id,
order_id,
&contract_terms,
- &os);
+ &os,
+ NULL);
}
else
{
diff --git a/src/backend/taler-merchant-httpd_private-patch-orders-ID-forget.c
b/src/backend/taler-merchant-httpd_private-patch-orders-ID-forget.c
index da56cda2..a158db7c 100644
--- a/src/backend/taler-merchant-httpd_private-patch-orders-ID-forget.c
+++ b/src/backend/taler-merchant-httpd_private-patch-orders-ID-forget.c
@@ -110,7 +110,8 @@ TMH_private_patch_orders_ID_forget (const struct
TMH_RequestHandler *rh,
hc->instance->settings.id,
order_id,
&contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
switch (qs)
{
case GNUNET_DB_STATUS_HARD_ERROR:
diff --git a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
index 6a9b628a..903b542d 100644
--- a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
+++ b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
@@ -129,7 +129,8 @@ TMH_private_post_orders_ID_refund (const struct
TMH_RequestHandler *rh,
hc->instance->settings.id,
hc->infix,
&contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
{
struct GNUNET_JSON_Specification spec[] = {
@@ -272,7 +273,8 @@ TMH_private_post_orders_ID_refund (const struct
TMH_RequestHandler *rh,
hc->instance->settings.id,
hc->infix,
&contract_terms,
- &order_serial);
+ &order_serial,
+ NULL);
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
{
return TALER_MHD_reply_with_error (connection,
diff --git a/src/backenddb/merchant-0002.sql b/src/backenddb/merchant-0002.sql
index 46428dd9..2656fedb 100644
--- a/src/backenddb/merchant-0002.sql
+++ b/src/backenddb/merchant-0002.sql
@@ -14,6 +14,10 @@
-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
--
+-- This file includes migrations up to 0.8.2.
+-- All migrations after that release should
+-- to into a different file.
+
-- Everything in one big transaction
BEGIN;
@@ -59,6 +63,26 @@ ALTER TABLE merchant_transfer_signatures
ALTER COLUMN credit_amount_val SET NOT NULL,
ALTER COLUMN credit_amount_frac SET NOT NULL;
+-- contract terms now also need to check the claim_token,
+-- as we consider the fulfillment_url private
+ALTER TABLE merchant_contract_terms
+ ADD COLUMN claim_token BYTEA;
+UPDATE merchant_contract_terms mct
+ SET claim_token=ord.claim_token
+ FROM merchant_orders ord
+ WHERE mct.order_serial=ord.order_serial;
+-- If the merchant_orders row already has been GCed,
+-- we can't migrate to the correct claim_token anymore.
+-- Instead of setting it to all zeroes (no auth),
+-- we set it to a prefix of the h_contract_terms.
+UPDATE merchant_contract_terms
+ SET claim_token = substring(h_contract_terms for 16)
+ WHERE claim_token IS NULL;
+ALTER TABLE merchant_contract_terms
+ ALTER COLUMN claim_token SET NOT NULL,
+ ADD CHECK (LENGTH(claim_token)=16);
+COMMENT ON COLUMN merchant_contract_terms.claim_token
+ IS 'Token optionally used to access the status of the order. All zeros (not
NULL) if not used';
-- Complete transaction
COMMIT;
diff --git a/src/backenddb/plugin_merchantdb_postgres.c
b/src/backenddb/plugin_merchantdb_postgres.c
index 0001a8e6..780becfb 100644
--- a/src/backenddb/plugin_merchantdb_postgres.c
+++ b/src/backenddb/plugin_merchantdb_postgres.c
@@ -1755,6 +1755,7 @@ postgres_insert_order_lock (void *cls,
* @param order_id order_id used to lookup.
* @param[out] contract_terms where to store the result, NULL to only check
for existence
* @param[out] order_serial set to the order's serial number
+ * @param[out] claim_token set to the claim token, NULL to only check for
existence
* @return transaction status
*/
static enum GNUNET_DB_QueryStatus
@@ -1762,23 +1763,32 @@ postgres_lookup_contract_terms (void *cls,
const char *instance_id,
const char *order_id,
json_t **contract_terms,
- uint64_t *order_serial)
+ uint64_t *order_serial,
+ struct TALER_ClaimTokenP *claim_token)
{
struct PostgresClosure *pg = cls;
+ struct TALER_ClaimTokenP ct;
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_string (instance_id),
GNUNET_PQ_query_param_string (order_id),
GNUNET_PQ_query_param_end
};
- struct GNUNET_PQ_ResultSpec rs[] = {
+ struct GNUNET_PQ_ResultSpec rs[4] = {
/* contract_terms must be first! */
TALER_PQ_result_spec_json ("contract_terms",
contract_terms),
GNUNET_PQ_result_spec_uint64 ("order_serial",
order_serial),
+ GNUNET_PQ_result_spec_auto_from_type ("claim_token",
+ &ct),
GNUNET_PQ_result_spec_end
};
+ if (NULL != claim_token)
+ {
+ *claim_token = ct;
+ }
+
check_connection (pg);
return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
"lookup_contract_terms",
@@ -7648,6 +7658,7 @@ postgres_connect (void *cls)
"SELECT"
" contract_terms"
",order_serial"
+ ",claim_token"
" FROM merchant_contract_terms"
" WHERE order_id=$2"
" AND merchant_serial="
@@ -7666,18 +7677,20 @@ postgres_connect (void *cls)
",creation_time"
",pay_deadline"
",refund_deadline"
- ",fulfillment_url)"
+ ",fulfillment_url"
+ ",claim_token)"
"SELECT"
- " order_serial"
- ",merchant_serial"
- ",order_id"
+ " mo.order_serial"
+ ",mo.merchant_serial"
+ ",mo.order_id"
",$3" /* contract_terms */
",$4" /* h_contract_terms */
- ",creation_time"
+ ",mo.creation_time"
",$5" /* pay_deadline */
",$6" /* refund_deadline */
",$7" /* fulfillment_url */
- "FROM merchant_orders"
+ ",mo.claim_token "
+ "FROM merchant_orders mo"
" WHERE order_id=$2"
" AND merchant_serial="
" (SELECT merchant_serial"
diff --git a/src/backenddb/test_merchantdb.c b/src/backenddb/test_merchantdb.c
index 1e68bcae..818172d9 100644
--- a/src/backenddb/test_merchantdb.c
+++ b/src/backenddb/test_merchantdb.c
@@ -1685,7 +1685,8 @@ test_lookup_contract_terms (const struct InstanceData
*instance,
instance->instance.id,
order->id,
&contract,
- &order_serial))
+ &order_serial,
+ NULL))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Lookup contract terms failed\n");
@@ -2065,7 +2066,8 @@ run_test_orders (struct TestOrders_Closure *cls)
cls->instance.instance.id,
cls->orders[1].id,
&lookup_contract,
- &lookup_order_serial))
+ &lookup_order_serial,
+ NULL))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Lookup contract terms failed\n");
diff --git a/src/include/taler_merchantdb_plugin.h
b/src/include/taler_merchantdb_plugin.h
index d54cafa3..559941b6 100644
--- a/src/include/taler_merchantdb_plugin.h
+++ b/src/include/taler_merchantdb_plugin.h
@@ -1216,6 +1216,7 @@ struct TALER_MERCHANTDB_Plugin
* @param order_id order_id used to lookup.
* @param[out] contract_terms where to store the result, NULL to only check
for existence
* @param[out] order_serial set to the order's serial number
+ * @param[out] claim_token set to the claim token, NULL to only check for
existence
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
@@ -1223,7 +1224,8 @@ struct TALER_MERCHANTDB_Plugin
const char *instance_id,
const char *order_id,
json_t **contract_terms,
- uint64_t *order_serial);
+ uint64_t *order_serial,
+ struct TALER_ClaimTokenP *claim_token);
/**
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-merchant] branch master updated: add claim token to contract terms table,
gnunet <=