[libeufin] 02/02: Fix debit check on withdrawals.

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] 02/02: Fix debit check on withdrawals.

From:	gnunet
Subject:	[libeufin] 02/02: Fix debit check on withdrawals.
Date:	Fri, 13 Jan 2023 14:34:23 +0100

This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

commit 4acefbd1c6bcf1313be312851abe5a4ecf3f178f
Author: MS <ms@taler.net>
AuthorDate: Fri Jan 13 14:33:45 2023 +0100

    Fix debit check on withdrawals.
---
 nexus/src/test/kotlin/SandboxAccessApiTest.kt      | 32 ++++++++++++++++++++++
 .../src/main/kotlin/tech/libeufin/sandbox/Main.kt  | 21 +++-----------
 .../kotlin/tech/libeufin/sandbox/bankAccount.kt    |  1 +
 3 files changed, 37 insertions(+), 17 deletions(-)

diff --git a/nexus/src/test/kotlin/SandboxAccessApiTest.kt 
b/nexus/src/test/kotlin/SandboxAccessApiTest.kt
index bd86734d..d3900906 100644
--- a/nexus/src/test/kotlin/SandboxAccessApiTest.kt
+++ b/nexus/src/test/kotlin/SandboxAccessApiTest.kt
@@ -60,6 +60,38 @@ class SandboxAccessApiTest {
             }
         }
     }
+    @Test
+    fun withdrawWithHighBalance() {
+        withTestDatabase {
+            prepSandboxDb()
+            /**
+             * A problem appeared (Sandbox responding "insufficient funds")
+             * when B - A > T, where B is the balance, A the potential amount
+             * to withdraw and T is the debit threshold for the user.  T is
+             * 1000 here, therefore setting B as 2000 and A as 1 should get
+             * this case tested.
+             */
+            wireTransfer(
+                "admin",
+                "foo",
+                "default",
+                "bring balance to high amount",
+                "TESTKUDOS:2000"
+            )
+            testApplication {
+                this.application(sandboxApp)
+                runBlocking {
+                    // Normal, successful withdrawal.
+                    
client.post("/demobanks/default/access-api/accounts/foo/withdrawals") {
+                        expectSuccess = true
+                        setBody("{\"amount\": \"TESTKUDOS:1\"}")
+                        contentType(ContentType.Application.Json)
+                        basicAuth("foo", "foo")
+                    }
+                }
+            }
+        }
+    }
     // Check successful and failing case due to insufficient funds.
     @Test
     fun debitWithdraw() {
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
index 6bfa80d7..e3a9d01d 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
@@ -1301,23 +1301,10 @@ val sandboxApp: Application.() -> Unit = {
                     val amount = parseAmount(req.amount)
                     if (amount.currency != demobank.currency)
                         throw badRequest("Currency ${amount.currency} differs 
from Demobank's: ${demobank.currency}")
-                    /**
-                     * Check for debit threshold.  That's however also later 
checked
-                     * after the /confirm call.  Username == null case is 
handled above.
-                     */
-                    val pendingBalance = getBalance(username!!, withPending = 
true)
-                    val maxDebt = if (username == "admin") {
-                        demobank.bankDebtLimit
-                    } else demobank.usersDebtLimit
-                    val amountAsNumber = BigDecimal(amount.amount)
-                    if ((pendingBalance - amountAsNumber).abs() > 
BigDecimal.valueOf(maxDebt.toLong())) {
-                        logger.info("User $username would surpass user debit " 
+
-                                "threshold of ${demobank.usersDebtLimit}.  
Rollback Taler withdrawal"
-                        )
-                        throw SandboxError(
-                            HttpStatusCode.Forbidden,
-                            "Insufficient funds."
-                        )
+                    // Check funds are sufficient.
+                    if (maybeDebit(maybeOwnedAccount.label, 
BigDecimal(amount.amount))) {
+                        logger.error("Account ${maybeOwnedAccount.label} would 
surpass debit threshold.  Not withdrawing")
+                        throw SandboxError(HttpStatusCode.PreconditionFailed, 
"Insufficient funds")
                     }
                     val wo: TalerWithdrawalEntity = transaction {
                         TalerWithdrawalEntity.new {
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
index 50963695..d194178c 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
@@ -127,6 +127,7 @@ fun wireTransfer(
     pmtInfId: String? = null
 ): String {
     val parsedAmount = parseAmount(amount)
+    // Potential amount to transfer.
     val amountAsNumber = BigDecimal(parsedAmount.amount)
     if (amountAsNumber == BigDecimal.ZERO)
         throw badRequest("Wire transfers of zero not possible.")

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libeufin] branch master updated (9141b1f0 -> 4acefbd1), gnunet, 2023/01/13
- [libeufin] 01/02: comments, gnunet, 2023/01/13
- [libeufin] 02/02: Fix debit check on withdrawals., gnunet <=

Prev by Date: [libeufin] 01/02: comments
Next by Date: [libeufin] branch master updated (9141b1f0 -> 4acefbd1)
Previous by thread: [libeufin] 01/02: comments
Next by thread: [libeufin] branch master updated: honor API docs
Index(es):
- Date
- Thread