[libeufin] 02/02: cash-out checks

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] 02/02: cash-out checks

From:	gnunet
Subject:	[libeufin] 02/02: cash-out checks
Date:	Tue, 14 Feb 2023 15:04:33 +0100

This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

commit 04a78be85e901b6974434f94b1963472196ec7fc
Author: MS <ms@taler.net>
AuthorDate: Tue Feb 14 15:02:22 2023 +0100

    cash-out checks
    
    Failing if the cash-out address changed between
    creation and confirmation time.
---
 .../main/kotlin/tech/libeufin/sandbox/CircuitApi.kt   | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
index 31ba0274..c1768bf2 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
@@ -233,12 +233,6 @@ fun circuitApi(circuitRoute: Route) {
         // 404 if the operation is not found.
         if (op == null)
             throw notFound("Cash-out operation $operationUuid not found")
-        // 412 if the operation got already confirmed.
-        if (op.status == CashoutOperationStatus.CONFIRMED)
-            throw SandboxError(
-                HttpStatusCode.PreconditionFailed,
-                "Cash-out operation $operationUuid was already confirmed."
-            )
         /**
          * Check the TAN.  Give precedence to the TAN found
          * in the environment, for testing purposes.  If that's
@@ -259,7 +253,20 @@ fun circuitApi(circuitRoute: Route) {
          * NOTE: the funds availability got already checked when this operation
          * was created.  On top of that, the 'wireTransfer()' helper does also
          * check for funds availability.  */
+        val customer = maybeGetCustomer(user ?: throw SandboxError(
+            HttpStatusCode.ServiceUnavailable,
+            "This endpoint isn't served when the authentication is disabled."
+        ))
         transaction {
+            if (op.cashoutAddress != customer?.cashout_address) throw conflict(
+                "Inconsistent cash-out address: ${op.cashoutAddress} vs 
${customer?.cashout_address}"
+            )
+            // 412 if the operation got already confirmed.
+            if (op.status == CashoutOperationStatus.CONFIRMED)
+                throw SandboxError(
+                    HttpStatusCode.PreconditionFailed,
+                    "Cash-out operation $operationUuid was already confirmed."
+                )
             wireTransfer(
                 debitAccount = op.account,
                 creditAccount = "admin",

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libeufin] branch master updated (ed0c2fcc -> 04a78be8), gnunet, 2023/02/14
- [libeufin] 02/02: cash-out checks, gnunet <=
- [libeufin] 01/02: more cash-out data, gnunet, 2023/02/14

Prev by Date: [taler-exchange] branch master updated: begin API change to allow AML officers to trigger KYC process
Next by Date: [libeufin] 01/02: more cash-out data
Previous by thread: [libeufin] branch master updated (ed0c2fcc -> 04a78be8)
Next by thread: [libeufin] 01/02: more cash-out data
Index(es):
- Date
- Thread