[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 105/151: fix kyc trigger SQL logic
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 105/151: fix kyc trigger SQL logic |
|
Date: |
Tue, 30 Jul 2024 23:37:55 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit efb46af3eeacdd965097fddfdd7a9fb3dad62603
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Jul 20 22:56:19 2024 +0200
fix kyc trigger SQL logic
---
src/exchange/taler-exchange-aggregator.c | 1 +
src/exchange/taler-exchange-httpd_kyc-wallet.c | 29 +-
src/exchange/taler-exchange-httpd_purses_merge.c | 1 +
src/exchange/taler-exchange-httpd_reserves_close.c | 20 +-
src/exchange/taler-exchange-httpd_reserves_purse.c | 65 +++--
src/exchange/taler-exchange-httpd_withdraw.c | 21 +-
src/exchange/taler-exchange-httpd_withdraw.h | 3 +
src/exchangedb/exchange_do_kycauth_in_insert.sql | 2 +-
.../exchange_do_trigger_kyc_rule_for_account.sql | 65 +++++
src/exchangedb/pg_reserves_get_origin.c | 22 +-
src/exchangedb/pg_reserves_get_origin.h | 4 +-
src/exchangedb/pg_trigger_kyc_rule_for_account.c | 27 +-
src/exchangedb/pg_trigger_kyc_rule_for_account.h | 8 +-
src/exchangedb/procedures.sql.in | 1 +
src/include/taler_exchangedb_plugin.h | 12 +-
src/testing/test_exchange_p2p.c | 314 ++++++++++++---------
src/testing/testing_api_cmd_kyc_check_get.c | 14 +-
17 files changed, 389 insertions(+), 220 deletions(-)
diff --git a/src/exchange/taler-exchange-aggregator.c
b/src/exchange/taler-exchange-aggregator.c
index 8a4c26a15..2139f13bb 100644
--- a/src/exchange/taler-exchange-aggregator.c
+++ b/src/exchange/taler-exchange-aggregator.c
@@ -553,6 +553,7 @@ legitimization_satisfied (struct AggregationUnit *au_active)
jrule = TALER_KYCLOGIC_rule_to_measures (requirement);
qs = db_plugin->trigger_kyc_rule_for_account (
db_plugin->cls,
+ au_active->payto_uri,
&au_active->h_payto,
jrule,
TALER_KYCLOGIC_rule2priority (requirement),
diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c
b/src/exchange/taler-exchange-httpd_kyc-wallet.c
index b0cf9f416..286c67f2b 100644
--- a/src/exchange/taler-exchange-httpd_kyc-wallet.c
+++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c
@@ -57,6 +57,11 @@ struct KycRequestContext
*/
struct TALER_Amount balance;
+ /**
+ * Payto URI of the reserve.
+ */
+ char *payto_uri;
+
};
@@ -119,6 +124,7 @@ wallet_kyc_check (void *cls,
connection,
mhd_ret,
TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE,
+ krc->payto_uri,
&krc->h_payto,
&balance_iterator,
krc);
@@ -168,25 +174,22 @@ TEH_handler_kyc_wallet (
TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID,
NULL);
}
- {
- char *payto_uri;
-
- payto_uri = TALER_reserve_make_payto (TEH_base_url,
- &krc.reserve_pub);
- TALER_payto_hash (payto_uri,
- &krc.h_payto);
- GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "h_payto of wallet %s is %s\n",
- payto_uri,
- TALER_B2S (&krc.h_payto));
- GNUNET_free (payto_uri);
- }
+ krc.payto_uri
+ = TALER_reserve_make_payto (TEH_base_url,
+ &krc.reserve_pub);
+ TALER_payto_hash (krc.payto_uri,
+ &krc.h_payto);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "h_payto of wallet %s is %s\n",
+ krc.payto_uri,
+ TALER_B2S (&krc.h_payto));
ret = TEH_DB_run_transaction (rc->connection,
"check wallet kyc",
TEH_MT_REQUEST_OTHER,
&res,
&wallet_kyc_check,
&krc);
+ GNUNET_free (krc.payto_uri);
if (GNUNET_SYSERR == ret)
return res;
if (krc.kyc.ok)
diff --git a/src/exchange/taler-exchange-httpd_purses_merge.c
b/src/exchange/taler-exchange-httpd_purses_merge.c
index f18b62f5e..0b79ef550 100644
--- a/src/exchange/taler-exchange-httpd_purses_merge.c
+++ b/src/exchange/taler-exchange-httpd_purses_merge.c
@@ -292,6 +292,7 @@ merge_transaction (void *cls,
connection,
mhd_ret,
TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
+ pcc->payto_uri,
&pcc->h_payto,
&amount_iterator,
pcc);
diff --git a/src/exchange/taler-exchange-httpd_reserves_close.c
b/src/exchange/taler-exchange-httpd_reserves_close.c
index f49335653..00c89f146 100644
--- a/src/exchange/taler-exchange-httpd_reserves_close.c
+++ b/src/exchange/taler-exchange-httpd_reserves_close.c
@@ -240,6 +240,7 @@ reserve_close_transaction (void *cls,
connection,
mhd_ret,
TALER_KYCLOGIC_KYC_TRIGGER_RESERVE_CLOSE,
+ rcc->payto_uri,
&rcc->kyc_payto,
&amount_it,
rcc);
@@ -398,10 +399,21 @@ TEH_handler_reserves_close (struct TEH_RequestContext *rc,
return mhd_ret;
}
if (! rcc.kyc.ok)
- return TEH_RESPONSE_reply_kyc_required (rc->connection,
- &rcc.kyc_payto,
- &rcc.kyc);
-
+ {
+ if (0 == rcc.kyc.requirement_row)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (
+ rc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "requirement row not set");
+ }
+ return TEH_RESPONSE_reply_kyc_required (
+ rc->connection,
+ &rcc.kyc_payto,
+ &rcc.kyc);
+ }
return reply_reserve_close_success (rc->connection,
&rcc);
}
diff --git a/src/exchange/taler-exchange-httpd_reserves_purse.c
b/src/exchange/taler-exchange-httpd_reserves_purse.c
index 73778874d..80c160b13 100644
--- a/src/exchange/taler-exchange-httpd_reserves_purse.c
+++ b/src/exchange/taler-exchange-httpd_reserves_purse.c
@@ -107,6 +107,11 @@ struct ReservePurseContext
*/
struct TALER_PaytoHashP h_payto;
+ /**
+ * Payto URI for the reserve.
+ */
+ char *payto_uri;
+
/**
* KYC status of the operation.
*/
@@ -202,6 +207,7 @@ purse_transaction (void *cls,
connection,
mhd_ret,
TALER_KYCLOGIC_KYC_TRIGGER_P2P_RECEIVE,
+ rpc->payto_uri,
&rpc->h_payto,
&amount_iterator,
rpc);
@@ -544,34 +550,30 @@ TEH_handler_reserves_purse (
return MHD_YES; /* failure */
}
}
+ rpc.payto_uri
+ = TALER_reserve_make_payto (TEH_base_url,
+ reserve_pub);
+ TALER_payto_hash (rpc.payto_uri,
+ &rpc.h_payto);
+ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
+ if (GNUNET_OK !=
+ TALER_wallet_purse_merge_verify (rpc.payto_uri,
+ rpc.merge_timestamp,
+ &rpc.pd.purse_pub,
+ &rpc.merge_pub,
+ &rpc.merge_sig))
{
- char *payto_uri;
-
- payto_uri = TALER_reserve_make_payto (TEH_base_url,
- reserve_pub);
- TALER_payto_hash (payto_uri,
- &rpc.h_payto);
- TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
- if (GNUNET_OK !=
- TALER_wallet_purse_merge_verify (payto_uri,
- rpc.merge_timestamp,
- &rpc.pd.purse_pub,
- &rpc.merge_pub,
- &rpc.merge_sig))
- {
- MHD_RESULT ret;
+ MHD_RESULT ret;
- GNUNET_break_op (0);
- GNUNET_JSON_parse_free (spec);
- ret = TALER_MHD_reply_with_error (
- connection,
- MHD_HTTP_FORBIDDEN,
- TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_SIGNATURE_INVALID,
- payto_uri);
- GNUNET_free (payto_uri);
- return ret;
- }
- GNUNET_free (payto_uri);
+ GNUNET_break_op (0);
+ GNUNET_JSON_parse_free (spec);
+ ret = TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_FORBIDDEN,
+ TALER_EC_EXCHANGE_RESERVES_PURSE_MERGE_SIGNATURE_INVALID,
+ rpc.payto_uri);
+ GNUNET_free (rpc.payto_uri);
+ return ret;
}
GNUNET_assert (GNUNET_OK ==
TALER_amount_set_zero (TEH_currency,
@@ -582,6 +584,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_BEFORE_NOW,
@@ -591,6 +594,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_EXCHANGE_RESERVES_PURSE_EXPIRATION_IS_NEVER,
@@ -604,6 +608,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING,
@@ -617,6 +622,7 @@ TEH_handler_reserves_purse (
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Cannot purse purse: global fees not configured!\n");
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_EXCHANGE_GENERIC_GLOBAL_FEES_MISSING,
@@ -639,6 +645,7 @@ TEH_handler_reserves_purse (
/* rpc.purse_fee is below gf.fees.purse! */
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_EXCHANGE_RESERVES_PURSE_FEE_TOO_LOW,
@@ -657,6 +664,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (
connection,
MHD_HTTP_FORBIDDEN,
@@ -677,6 +685,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break_op (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (
connection,
MHD_HTTP_FORBIDDEN,
@@ -693,6 +702,7 @@ TEH_handler_reserves_purse (
{
TALER_LOG_WARNING ("Invalid signature on /reserves/$PID/purse request\n");
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_FORBIDDEN,
TALER_EC_EXCHANGE_PURSE_ECONTRACT_SIGNATURE_INVALID,
@@ -705,6 +715,7 @@ TEH_handler_reserves_purse (
{
GNUNET_break (0);
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return TALER_MHD_reply_with_error (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
TALER_EC_GENERIC_DB_START_FAILED,
@@ -724,9 +735,11 @@ TEH_handler_reserves_purse (
&rpc))
{
GNUNET_JSON_parse_free (spec);
+ GNUNET_free (rpc.payto_uri);
return mhd_ret;
}
}
+ GNUNET_free (rpc.payto_uri);
if (! rpc.kyc.ok)
return TEH_RESPONSE_reply_kyc_required (connection,
diff --git a/src/exchange/taler-exchange-httpd_withdraw.c
b/src/exchange/taler-exchange-httpd_withdraw.c
index bfaae5b36..e521e71e5 100644
--- a/src/exchange/taler-exchange-httpd_withdraw.c
+++ b/src/exchange/taler-exchange-httpd_withdraw.c
@@ -41,6 +41,7 @@ TEH_legitimization_check (
struct MHD_Connection *connection,
MHD_RESULT *mhd_ret,
enum TALER_KYCLOGIC_KycTriggerEvent et,
+ const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
TALER_KYCLOGIC_KycAmountIterator ai,
void *ai_cls)
@@ -111,13 +112,22 @@ TEH_legitimization_check (
jmeasures = TALER_KYCLOGIC_rule_to_measures (requirement);
qs = TEH_plugin->trigger_kyc_rule_for_account (
TEH_plugin->cls,
+ payto_uri,
h_payto,
jmeasures,
TALER_KYCLOGIC_rule2priority (requirement),
&kyc->requirement_row);
json_decref (jmeasures);
}
- GNUNET_break (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != qs);
+ if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
+ {
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_ec (
+ connection,
+ TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
+ "trigger_kyc_rule_for_account");
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
{
GNUNET_break (0);
@@ -217,12 +227,14 @@ TEH_withdraw_kyc_check (
.withdraw_total = withdraw_total,
.now = now
};
+ char *payto_uri;
/* Check if the money came from a wire transfer */
qs = TEH_plugin->reserves_get_origin (
TEH_plugin->cls,
reserve_pub,
- &wc.h_payto);
+ &wc.h_payto,
+ &payto_uri);
if (qs < 0)
{
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
@@ -238,12 +250,15 @@ TEH_withdraw_kyc_check (
if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
return qs;
*h_payto = wc.h_payto;
- return TEH_legitimization_check (
+ qs = TEH_legitimization_check (
kyc,
connection,
mhd_ret,
TALER_KYCLOGIC_KYC_TRIGGER_AGE_WITHDRAW,
+ payto_uri,
&wc.h_payto,
&withdraw_amount_cb,
&wc);
+ GNUNET_free (payto_uri);
+ return qs;
}
diff --git a/src/exchange/taler-exchange-httpd_withdraw.h
b/src/exchange/taler-exchange-httpd_withdraw.h
index 4af0db50b..129d36d8d 100644
--- a/src/exchange/taler-exchange-httpd_withdraw.h
+++ b/src/exchange/taler-exchange-httpd_withdraw.h
@@ -33,6 +33,8 @@
* @param[out] mhd_ret set if errors were returned
* (only on hard error)
* @param et type of event we are checking
+ * @param payto_uri account we are checking for
+ * @param h_payto hash of @a payto_uri
* @param ai callback to get amounts involved historically
* @param ai_cls closure for @a ai
* @return transaction status, error will have been
@@ -44,6 +46,7 @@ TEH_legitimization_check (
struct MHD_Connection *connection,
MHD_RESULT *mhd_ret,
enum TALER_KYCLOGIC_KycTriggerEvent et,
+ const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
TALER_KYCLOGIC_KycAmountIterator ai,
void *ai_cls);
diff --git a/src/exchangedb/exchange_do_kycauth_in_insert.sql
b/src/exchangedb/exchange_do_kycauth_in_insert.sql
index 94add64ee..63d5cad3b 100644
--- a/src/exchangedb/exchange_do_kycauth_in_insert.sql
+++ b/src/exchangedb/exchange_do_kycauth_in_insert.sql
@@ -15,7 +15,7 @@
--
-CREATE OR REPLACE PROCEDURE exchange_do_kycauth_insert(
+CREATE OR REPLACE PROCEDURE exchange_do_kycauth_in_insert(
IN in_account_pub BYTEA,
IN in_wire_reference INT8,
IN in_credit taler_amount,
diff --git a/src/exchangedb/exchange_do_trigger_kyc_rule_for_account.sql
b/src/exchangedb/exchange_do_trigger_kyc_rule_for_account.sql
new file mode 100644
index 000000000..7fbc0abbe
--- /dev/null
+++ b/src/exchangedb/exchange_do_trigger_kyc_rule_for_account.sql
@@ -0,0 +1,65 @@
+--
+-- This file is part of TALER
+-- Copyright (C) 2014--2022 Taler Systems SA
+--
+-- TALER is free software; you can redistribute it and/or modify it under the
+-- terms of the GNU General Public License as published by the Free Software
+-- Foundation; either version 3, or (at your option) any later version.
+--
+-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR
+-- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License along with
+-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+--
+
+CREATE OR REPLACE FUNCTION exchange_do_trigger_kyc_rule_for_account(
+ IN in_h_payto BYTEA,
+ IN in_payto_uri TEXT,
+ IN in_now INT8,
+ IN in_jmeasures TEXT,
+ IN in_display_priority INT4,
+ OUT out_legitimization_measure_serial_id INT8)
+LANGUAGE plpgsql
+AS $$
+DECLARE
+ my_access_token BYTEA;
+BEGIN
+
+SELECT
+ access_token
+INTO
+ my_access_token
+FROM wire_targets
+ WHERE wire_target_h_payto=in_h_payto;
+
+IF NOT FOUND
+THEN
+ INSERT INTO wire_targets
+ (payto_uri
+ ,wire_target_h_payto)
+ VALUES
+ (in_payto_uri
+ ,in_h_payto)
+ RETURNING
+ access_token
+ INTO my_access_token;
+END IF;
+
+INSERT INTO legitimization_measures
+ (access_token
+ ,start_time
+ ,jmeasures
+ ,display_priority)
+ VALUES
+ (my_access_token
+ ,in_now
+ ,in_jmeasures
+ ,in_display_priority)
+ RETURNING
+ legitimization_measure_serial_id
+ INTO
+ out_legitimization_measure_serial_id;
+
+END $$;
diff --git a/src/exchangedb/pg_reserves_get_origin.c
b/src/exchangedb/pg_reserves_get_origin.c
index 55d3179d1..2b185cabb 100644
--- a/src/exchangedb/pg_reserves_get_origin.c
+++ b/src/exchangedb/pg_reserves_get_origin.c
@@ -30,7 +30,8 @@ enum GNUNET_DB_QueryStatus
TEH_PG_reserves_get_origin (
void *cls,
const struct TALER_ReservePublicKeyP *reserve_pub,
- struct TALER_PaytoHashP *h_payto)
+ struct TALER_PaytoHashP *h_payto,
+ char **payto_uri)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
@@ -38,20 +39,25 @@ TEH_PG_reserves_get_origin (
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_auto_from_type ("wire_source_h_payto",
- h_payto),
+ GNUNET_PQ_result_spec_auto_from_type (
+ "wire_source_h_payto",
+ h_payto),
+ GNUNET_PQ_result_spec_string (
+ "payto_uri",
+ payto_uri),
GNUNET_PQ_result_spec_end
};
-
PREPARE (pg,
"get_h_wire_source_of_reserve",
"SELECT"
" wire_source_h_payto"
+ ",payto_uri"
" FROM reserves_in"
" WHERE reserve_pub=$1");
- return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
-
"get_h_wire_source_of_reserve",
- params,
- rs);
+ return GNUNET_PQ_eval_prepared_singleton_select (
+ pg->conn,
+ "get_h_wire_source_of_reserve",
+ params,
+ rs);
}
diff --git a/src/exchangedb/pg_reserves_get_origin.h
b/src/exchangedb/pg_reserves_get_origin.h
index 22085d8f0..927c8c139 100644
--- a/src/exchangedb/pg_reserves_get_origin.h
+++ b/src/exchangedb/pg_reserves_get_origin.h
@@ -30,12 +30,14 @@
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param reserve_pub public key of the reserve
* @param[out] h_payto set to hash of the wire source payto://-URI
+ * @param[out] payto_uri set to the wire source payto://-URI
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
TEH_PG_reserves_get_origin (
void *cls,
const struct TALER_ReservePublicKeyP *reserve_pub,
- struct TALER_PaytoHashP *h_payto);
+ struct TALER_PaytoHashP *h_payto,
+ char **payto_uri);
#endif
diff --git a/src/exchangedb/pg_trigger_kyc_rule_for_account.c
b/src/exchangedb/pg_trigger_kyc_rule_for_account.c
index 0caabd4d4..b3be51ecd 100644
--- a/src/exchangedb/pg_trigger_kyc_rule_for_account.c
+++ b/src/exchangedb/pg_trigger_kyc_rule_for_account.c
@@ -29,8 +29,9 @@
enum GNUNET_DB_QueryStatus
TEH_PG_trigger_kyc_rule_for_account (
void *cls,
+ const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
- const json_t *jrule,
+ const json_t *jmeasures,
uint32_t display_priority,
uint64_t *requirement_row)
{
@@ -39,29 +40,27 @@ TEH_PG_trigger_kyc_rule_for_account (
= GNUNET_TIME_absolute_get ();
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (h_payto),
+ GNUNET_PQ_query_param_string (payto_uri),
GNUNET_PQ_query_param_absolute_time (&now),
- TALER_PQ_query_param_json (jrule),
+ TALER_PQ_query_param_json (jmeasures),
GNUNET_PQ_query_param_uint32 (&display_priority),
GNUNET_PQ_query_param_end
};
struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_uint64 ("legitimization_measure_serial_id",
- requirement_row),
+ GNUNET_PQ_result_spec_uint64 (
+ "legitimization_measure_serial_id",
+ requirement_row),
GNUNET_PQ_result_spec_end
};
PREPARE (pg,
"trigger_kyc_rule_for_account",
- "INSERT INTO legitimization_measures"
- "(access_token"
- ",start_time"
- ",jmeasures"
- ",display_priority)"
- " SELECT "
- " access_token,$2,$3,$4"
- " FROM wire_targets"
- " WHERE wire_target_h_payto=$1"
- " RETURNING legitimization_measure_serial_id;");
+ "SELECT"
+ " out_legitimization_measure_serial_id"
+ " AS legitimization_measure_serial_id"
+ " FROM exchange_do_trigger_kyc_rule_for_account"
+ "($1, $2, $3, $4, $5);");
+
return GNUNET_PQ_eval_prepared_singleton_select (
pg->conn,
"trigger_kyc_rule_for_account",
diff --git a/src/exchangedb/pg_trigger_kyc_rule_for_account.h
b/src/exchangedb/pg_trigger_kyc_rule_for_account.h
index bc3bcc377..abc756181 100644
--- a/src/exchangedb/pg_trigger_kyc_rule_for_account.h
+++ b/src/exchangedb/pg_trigger_kyc_rule_for_account.h
@@ -30,8 +30,9 @@
* Insert KYC requirement for @a h_payto account into table.
*
* @param cls closure
- * @param h_payto account that must be KYC'ed
- * @param jrule serialized MeasureSet to put in place
+ * @param payto_uri account that must be KYC'ed
+ * @param h_payto hash of @a payto_uri
+ * @param jmeasures serialized MeasureSet to put in place
* @param display_priority priority of the rule
* @param[out] requirement_row set to legitimization requirement row for this
check
* @return database transaction status
@@ -39,8 +40,9 @@
enum GNUNET_DB_QueryStatus
TEH_PG_trigger_kyc_rule_for_account (
void *cls,
+ const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
- const json_t *jrule,
+ const json_t *jmeasures,
uint32_t display_priority,
uint64_t *requirement_row);
diff --git a/src/exchangedb/procedures.sql.in b/src/exchangedb/procedures.sql.in
index cba356c7e..c1ffc9ad6 100644
--- a/src/exchangedb/procedures.sql.in
+++ b/src/exchangedb/procedures.sql.in
@@ -50,5 +50,6 @@ SET search_path TO exchange;
#include "exchange_do_get_link_data.sql"
#include "exchange_do_batch_coin_known.sql"
#include "exchange_do_kycauth_in_insert.sql"
+#include "exchange_do_trigger_kcy_rule_for_account.sql"
COMMIT;
diff --git a/src/include/taler_exchangedb_plugin.h
b/src/include/taler_exchangedb_plugin.h
index f9fc4e4c2..1bbafe2ed 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -3849,13 +3849,15 @@ struct TALER_EXCHANGEDB_Plugin
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param reserve_pub public key of the reserve
* @param[out] h_payto set to hash of the wire source payto://-URI
+ * @param[out] payto_uri set to the wire source payto://-URI
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
(*reserves_get_origin)(
void *cls,
const struct TALER_ReservePublicKeyP *reserve_pub,
- struct TALER_PaytoHashP *h_payto);
+ struct TALER_PaytoHashP *h_payto,
+ char **payto_uri);
/**
@@ -6799,8 +6801,9 @@ struct TALER_EXCHANGEDB_Plugin
* Insert KYC requirement for @a h_payto account into table.
*
* @param cls closure
- * @param h_payto account that must be KYC'ed
- * @param jrule serialized MeasureSet to put in place
+ * @param payto_uri account that must be KYC'ed
+ * @param h_payto hash of @a payto_uri
+ * @param jmeasures serialized MeasureSet to put in place
* @param display_priority priority of the rule
* @param[out] requirement_row set to legitimization requirement row for
this check
* @return database transaction status
@@ -6808,8 +6811,9 @@ struct TALER_EXCHANGEDB_Plugin
enum GNUNET_DB_QueryStatus
(*trigger_kyc_rule_for_account)(
void *cls,
+ const char *payto_uri,
const struct TALER_PaytoHashP *h_payto,
- const json_t *jrule,
+ const json_t *jmeasures,
uint32_t display_priority,
uint64_t *requirement_row);
diff --git a/src/testing/test_exchange_p2p.c b/src/testing/test_exchange_p2p.c
index 093730ff2..cf31879ac 100644
--- a/src/testing/test_exchange_p2p.c
+++ b/src/testing/test_exchange_p2p.c
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2014--2023 Taler Systems SA
+ Copyright (C) 2014--2024 Taler Systems SA
TALER is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as
@@ -62,7 +62,8 @@ static bool uses_cs;
* @param label label to use for the command.
*/
#define CMD_EXEC_WIREWATCH(label) \
- TALER_TESTING_cmd_exec_wirewatch2 (label, config_file, "exchange-account-2")
+ TALER_TESTING_cmd_exec_wirewatch2 (label, config_file, \
+ "exchange-account-2")
/**
* Execute the taler-exchange-aggregator, closer and transfer commands with
@@ -71,9 +72,9 @@ static bool uses_cs;
* @param label label to use for the command.
*/
#define CMD_EXEC_AGGREGATOR(label) \
- TALER_TESTING_cmd_sleep ("sleep-before-aggregator", 2), \
- TALER_TESTING_cmd_exec_aggregator (label "-aggregator", config_file), \
- TALER_TESTING_cmd_exec_transfer (label "-transfer", config_file)
+ TALER_TESTING_cmd_sleep ("sleep-before-aggregator", 2), \
+ TALER_TESTING_cmd_exec_aggregator (label "-aggregator", config_file), \
+ TALER_TESTING_cmd_exec_transfer (label "-transfer", config_file)
/**
@@ -83,10 +84,10 @@ static bool uses_cs;
* @param label label to use for the command.
* @param amount amount to transfer, i.e. "EUR:1"
*/
-#define CMD_TRANSFER_TO_EXCHANGE(label,amount) \
- TALER_TESTING_cmd_admin_add_incoming (label, amount, \
- &cred.ba, \
- cred.user42_payto)
+#define CMD_TRANSFER_TO_EXCHANGE(label,amount) \
+ TALER_TESTING_cmd_admin_add_incoming (label, amount, \
+ &cred.ba, \
+ cred.user42_payto)
/**
* Main function that will tell the interpreter what commands to
@@ -106,48 +107,56 @@ run (void *cls,
/**
* Move money to the exchange's bank account.
*/
- CMD_TRANSFER_TO_EXCHANGE ("create-reserve-1",
- "EUR:5.04"),
- CMD_TRANSFER_TO_EXCHANGE ("create-reserve-2",
- "EUR:5.01"),
- TALER_TESTING_cmd_reserve_poll ("poll-reserve-1",
- "create-reserve-1",
- "EUR:5.04",
- GNUNET_TIME_UNIT_MINUTES,
- MHD_HTTP_OK),
- TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-1",
- "EUR:5.04",
- cred.user42_payto,
- cred.exchange_payto,
- "create-reserve-1"),
- TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-2",
- "EUR:5.01",
- cred.user42_payto,
- cred.exchange_payto,
- "create-reserve-2"),
+ CMD_TRANSFER_TO_EXCHANGE (
+ "create-reserve-1",
+ "EUR:5.04"),
+ CMD_TRANSFER_TO_EXCHANGE (
+ "create-reserve-2",
+ "EUR:5.01"),
+ TALER_TESTING_cmd_reserve_poll (
+ "poll-reserve-1",
+ "create-reserve-1",
+ "EUR:5.04",
+ GNUNET_TIME_UNIT_MINUTES,
+ MHD_HTTP_OK),
+ TALER_TESTING_cmd_check_bank_admin_transfer (
+ "check-create-reserve-1",
+ "EUR:5.04",
+ cred.user42_payto,
+ cred.exchange_payto,
+ "create-reserve-1"),
+ TALER_TESTING_cmd_check_bank_admin_transfer (
+ "check-create-reserve-2",
+ "EUR:5.01",
+ cred.user42_payto,
+ cred.exchange_payto,
+ "create-reserve-2"),
/**
* Make a reserve exist, according to the previous
* transfer.
*/
CMD_EXEC_WIREWATCH ("wirewatch-1"),
- TALER_TESTING_cmd_reserve_poll_finish ("finish-poll-reserve-1",
- GNUNET_TIME_UNIT_SECONDS,
- "poll-reserve-1"),
+ TALER_TESTING_cmd_reserve_poll_finish (
+ "finish-poll-reserve-1",
+ GNUNET_TIME_UNIT_SECONDS,
+ "poll-reserve-1"),
/**
* Withdraw EUR:5.
*/
- TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1",
- "create-reserve-1",
- "EUR:5",
- 0, /* age restriction off */
- MHD_HTTP_OK),
+ TALER_TESTING_cmd_withdraw_amount (
+ "withdraw-coin-1",
+ "create-reserve-1",
+ "EUR:5",
+ 0, /* age restriction off */
+ MHD_HTTP_OK),
/**
* Check the reserve is depleted.
*/
- TALER_TESTING_cmd_status ("status-1",
- "create-reserve-1",
- "EUR:0.03",
- MHD_HTTP_OK),
+ TALER_TESTING_cmd_status (
+ "status-1",
+ "create-reserve-1",
+ "EUR:0.03",
+ MHD_HTTP_OK),
TALER_TESTING_cmd_end ()
};
struct TALER_TESTING_Command push[] = {
@@ -338,10 +347,12 @@ run (void *cls,
"withdraw-coin-1",
"EUR:2.01",
NULL),
- TALER_TESTING_cmd_sleep ("sleep",
- 2 /* seconds */),
- TALER_TESTING_cmd_exec_expire ("exec-expire",
- config_file),
+ TALER_TESTING_cmd_sleep (
+ "sleep",
+ 2 /* seconds */),
+ TALER_TESTING_cmd_exec_expire (
+ "exec-expire",
+ config_file),
TALER_TESTING_cmd_purse_poll_finish (
"push-merge-purse-poll-finish-expire",
GNUNET_TIME_relative_multiply (
@@ -371,56 +382,65 @@ run (void *cls,
TALER_TESTING_cmd_end ()
};
struct TALER_TESTING_Command reserves[] = {
- CMD_TRANSFER_TO_EXCHANGE ("create-reserve-100",
- "EUR:1.04"),
- TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-100",
- "EUR:1.04",
- cred.user42_payto,
- cred.exchange_payto,
- "create-reserve-100"),
- CMD_TRANSFER_TO_EXCHANGE ("create-reserve-101",
- "EUR:1.04"),
- TALER_TESTING_cmd_check_bank_admin_transfer ("check-create-reserve-101",
- "EUR:1.04",
- cred.user42_payto,
- cred.exchange_payto,
- "create-reserve-101"),
+ CMD_TRANSFER_TO_EXCHANGE (
+ "create-reserve-100",
+ "EUR:1.04"),
+ TALER_TESTING_cmd_check_bank_admin_transfer (
+ "check-create-reserve-100",
+ "EUR:1.04",
+ cred.user42_payto,
+ cred.exchange_payto,
+ "create-reserve-100"),
+ CMD_TRANSFER_TO_EXCHANGE (
+ "create-reserve-101",
+ "EUR:1.04"),
+ TALER_TESTING_cmd_check_bank_admin_transfer (
+ "check-create-reserve-101",
+ "EUR:1.04",
+ cred.user42_payto,
+ cred.exchange_payto,
+ "create-reserve-101"),
CMD_EXEC_WIREWATCH ("wirewatch-100"),
- TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-100",
- "create-reserve-100",
- "EUR:1",
- 0, /* age restriction off */
- MHD_HTTP_OK),
- TALER_TESTING_cmd_reserve_open ("reserve-open-101-fail",
- "create-reserve-101",
- "EUR:0",
- GNUNET_TIME_UNIT_YEARS,
- 5, /* min purses */
- MHD_HTTP_PAYMENT_REQUIRED,
- NULL,
- NULL),
- TALER_TESTING_cmd_reserve_open ("reserve-open-101-ok-a",
- "create-reserve-101",
- "EUR:0.01",
- GNUNET_TIME_UNIT_MONTHS,
- 1, /* min purses */
- MHD_HTTP_OK,
- NULL,
- NULL),
- TALER_TESTING_cmd_status ("status-101-open-paid",
- "create-reserve-101",
- "EUR:1.03",
- MHD_HTTP_OK),
- TALER_TESTING_cmd_reserve_open ("reserve-open-101-ok-b",
- "create-reserve-101",
- "EUR:0",
- GNUNET_TIME_UNIT_MONTHS,
- 2, /* min purses */
- MHD_HTTP_OK,
- "withdraw-coin-100",
- "EUR:0.03", /* 0.02 for the reserve open,
0.01 for deposit fee */
- NULL,
- NULL),
+ TALER_TESTING_cmd_withdraw_amount (
+ "withdraw-coin-100",
+ "create-reserve-100",
+ "EUR:1",
+ 0, /* age restriction off */
+ MHD_HTTP_OK),
+ TALER_TESTING_cmd_reserve_open (
+ "reserve-open-101-fail",
+ "create-reserve-101",
+ "EUR:0",
+ GNUNET_TIME_UNIT_YEARS,
+ 5, /* min purses */
+ MHD_HTTP_PAYMENT_REQUIRED,
+ NULL,
+ NULL),
+ TALER_TESTING_cmd_reserve_open (
+ "reserve-open-101-ok-a",
+ "create-reserve-101",
+ "EUR:0.01",
+ GNUNET_TIME_UNIT_MONTHS,
+ 1, /* min purses */
+ MHD_HTTP_OK,
+ NULL,
+ NULL),
+ TALER_TESTING_cmd_status (
+ "status-101-open-paid",
+ "create-reserve-101",
+ "EUR:1.03",
+ MHD_HTTP_OK),
+ TALER_TESTING_cmd_reserve_open (
+ "reserve-open-101-ok-b",
+ "create-reserve-101",
+ "EUR:0",
+ GNUNET_TIME_UNIT_MONTHS,
+ 2, /* min purses */
+ MHD_HTTP_OK,
+ "withdraw-coin-100",
+ "EUR:0.03", /* 0.02 for the reserve open, 0.01 for deposit fee */
+ NULL,
+ NULL),
/* Use purse creation with purse quota here */
TALER_TESTING_cmd_purse_create_with_reserve (
"purse-create-with-reserve-101-a",
@@ -446,51 +466,71 @@ run (void *cls,
false /* pay purse fee */,
GNUNET_TIME_UNIT_MINUTES, /* expiration */
"create-reserve-101"),
- TALER_TESTING_cmd_reserve_get_attestable ("reserve-101-attestable",
- "create-reserve-101",
- MHD_HTTP_NOT_FOUND,
- NULL),
- TALER_TESTING_cmd_reserve_get_attestable ("reserve-101-attest",
- "create-reserve-101",
- MHD_HTTP_NOT_FOUND,
- "nx-attribute-name",
- NULL),
- TALER_TESTING_cmd_oauth ("start-oauth-service",
- 6666),
- TALER_TESTING_cmd_reserve_close ("reserve-101-close-kyc",
- "create-reserve-101",
- /* 42b => not to origin */
-
"payto://x-taler-bank/localhost/42?receiver-name=42b",
- MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS),
-
- TALER_TESTING_cmd_check_kyc_get ("check-kyc-close-pending",
- "reserve-101-close-kyc",
- MHD_HTTP_ACCEPTED),
- TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-close-kyc",
- "reserve-101-close-kyc",
- "kyc-provider-test-oauth2",
- "pass",
- MHD_HTTP_SEE_OTHER),
- TALER_TESTING_cmd_check_kyc_get ("check-kyc-close-ok",
- "reserve-101-close-kyc",
- MHD_HTTP_NO_CONTENT),
+ TALER_TESTING_cmd_reserve_get_attestable (
+ "reserve-101-attestable",
+ "create-reserve-101",
+ MHD_HTTP_NOT_FOUND,
+ NULL),
+ TALER_TESTING_cmd_reserve_get_attestable (
+ "reserve-101-attest",
+ "create-reserve-101",
+ MHD_HTTP_NOT_FOUND,
+ "nx-attribute-name",
+ NULL),
+ TALER_TESTING_cmd_oauth (
+ "start-oauth-service",
+ 6666),
+ TALER_TESTING_cmd_reserve_close (
+ "reserve-101-close-kyc",
+ "create-reserve-101",
+ /* 42b => not to origin */
+ "payto://x-taler-bank/localhost/42?receiver-name=42b",
+ MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS),
+ TALER_TESTING_cmd_admin_add_kycauth (
+ "setup-account-key",
+ "EUR:0.01",
+ &cred.ba,
+ "payto://x-taler-bank/localhost/42?receiver-name=42b",
+ NULL /* create new key */),
+ CMD_EXEC_WIREWATCH (
+ "import-kyc-account"),
+ TALER_TESTING_cmd_check_kyc_get (
+ "check-kyc-close-pending",
+ "reserve-101-close-kyc",
+ "setup-account-key",
+ MHD_HTTP_ACCEPTED),
+ TALER_TESTING_cmd_proof_kyc_oauth2 (
+ "proof-close-kyc",
+ "reserve-101-close-kyc",
+ "kyc-provider-test-oauth2",
+ "pass",
+ MHD_HTTP_SEE_OTHER),
+ TALER_TESTING_cmd_check_kyc_get (
+ "check-kyc-close-ok",
+ "reserve-101-close-kyc",
+ "setup-account-key",
+ MHD_HTTP_NO_CONTENT),
/* Now it should pass */
- TALER_TESTING_cmd_reserve_close ("reserve-101-close",
- "create-reserve-101",
- /* 42b => not to origin */
-
"payto://x-taler-bank/localhost/42?receiver-name=42b",
- MHD_HTTP_OK),
- TALER_TESTING_cmd_exec_closer ("close-reserves-101",
- config_file,
- "EUR:1.02",
- "EUR:0.01",
- "create-reserve-101"),
- TALER_TESTING_cmd_exec_transfer ("close-reserves-101-transfer",
- config_file),
- TALER_TESTING_cmd_status ("reserve-101-closed-status",
- "create-reserve-101",
- "EUR:0",
- MHD_HTTP_OK),
+ TALER_TESTING_cmd_reserve_close (
+ "reserve-101-close",
+ "create-reserve-101",
+ /* 42b => not to origin */
+ "payto://x-taler-bank/localhost/42?receiver-name=42b",
+ MHD_HTTP_OK),
+ TALER_TESTING_cmd_exec_closer (
+ "close-reserves-101",
+ config_file,
+ "EUR:1.02",
+ "EUR:0.01",
+ "create-reserve-101"),
+ TALER_TESTING_cmd_exec_transfer (
+ "close-reserves-101-transfer",
+ config_file),
+ TALER_TESTING_cmd_status (
+ "reserve-101-closed-status",
+ "create-reserve-101",
+ "EUR:0",
+ MHD_HTTP_OK),
TALER_TESTING_cmd_end ()
};
diff --git a/src/testing/testing_api_cmd_kyc_check_get.c
b/src/testing/testing_api_cmd_kyc_check_get.c
index 062a7c9eb..4ad620553 100644
--- a/src/testing/testing_api_cmd_kyc_check_get.c
+++ b/src/testing/testing_api_cmd_kyc_check_get.c
@@ -144,8 +144,9 @@ check_kyc_run (void *cls,
return;
}
if (GNUNET_OK !=
- TALER_TESTING_get_trait_legi_requirement_row (res_cmd,
- &requirement_row))
+ TALER_TESTING_get_trait_legi_requirement_row (
+ res_cmd,
+ &requirement_row))
{
GNUNET_break (0);
TALER_TESTING_interpreter_fail (kcg->is);
@@ -230,10 +231,11 @@ check_kyc_traits (void *cls,
struct TALER_TESTING_Command
-TALER_TESTING_cmd_check_kyc_get (const char *label,
- const char *payment_target_reference,
- const char *account_reference,
- unsigned int expected_response_code)
+TALER_TESTING_cmd_check_kyc_get (
+ const char *label,
+ const char *payment_target_reference,
+ const char *account_reference,
+ unsigned int expected_response_code)
{
struct KycCheckGetState *kcg;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] 79/151: -bump gana, (continued)
- [taler-exchange] 79/151: -bump gana, gnunet, 2024/07/30
- [taler-exchange] 89/151: -improve logging, gnunet, 2024/07/30
- [taler-exchange] 80/151: -fix FTBFS of new kyc-start logic, gnunet, 2024/07/30
- [taler-exchange] 90/151: pass h_payto, gnunet, 2024/07/30
- [taler-exchange] 106/151: -fixing minor bugs, gnunet, 2024/07/30
- [taler-exchange] 59/151: -implement GET "/aml/$PUB/attributes/$H_PAYTO", gnunet, 2024/07/30
- [taler-exchange] 95/151: -fix auditor insanity, gnunet, 2024/07/30
- [taler-exchange] 53/151: work on kyc-info endpoint, gnunet, 2024/07/30
- [taler-exchange] 44/151: -bump gana, gnunet, 2024/07/30
- [taler-exchange] 113/151: wip, gnunet, 2024/07/30
- [taler-exchange] 105/151: fix kyc trigger SQL logic,
gnunet <=
- [taler-exchange] 110/151: add new CMDs for KYC info+start, gnunet, 2024/07/30
- [taler-exchange] 69/151: -towards form uploads (incomplete), gnunet, 2024/07/30
- [taler-exchange] 94/151: -work on tests, gnunet, 2024/07/30
- [taler-exchange] 28/151: -add kyc data back for lookup_transfer_by_deposit, gnunet, 2024/07/30
- [taler-exchange] 100/151: more parsing, config template, gnunet, 2024/07/30
- [taler-exchange] 99/151: parse more of check configuration, gnunet, 2024/07/30
- [taler-exchange] 129/151: -fix SQL bugs, gnunet, 2024/07/30
- [taler-exchange] 120/151: -misc bugfixes, gnunet, 2024/07/30
- [taler-exchange] 121/151: first test passes, party, gnunet, 2024/07/30
- [taler-exchange] 143/151: investigate..., gnunet, 2024/07/30