[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] 02/02: cash-out checks
From: |
gnunet |
Subject: |
[libeufin] 02/02: cash-out checks |
Date: |
Tue, 14 Feb 2023 15:04:33 +0100 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository libeufin.
commit 04a78be85e901b6974434f94b1963472196ec7fc
Author: MS <ms@taler.net>
AuthorDate: Tue Feb 14 15:02:22 2023 +0100
cash-out checks
Failing if the cash-out address changed between
creation and confirmation time.
---
.../main/kotlin/tech/libeufin/sandbox/CircuitApi.kt | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
index 31ba0274..c1768bf2 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
@@ -233,12 +233,6 @@ fun circuitApi(circuitRoute: Route) {
// 404 if the operation is not found.
if (op == null)
throw notFound("Cash-out operation $operationUuid not found")
- // 412 if the operation got already confirmed.
- if (op.status == CashoutOperationStatus.CONFIRMED)
- throw SandboxError(
- HttpStatusCode.PreconditionFailed,
- "Cash-out operation $operationUuid was already confirmed."
- )
/**
* Check the TAN. Give precedence to the TAN found
* in the environment, for testing purposes. If that's
@@ -259,7 +253,20 @@ fun circuitApi(circuitRoute: Route) {
* NOTE: the funds availability got already checked when this operation
* was created. On top of that, the 'wireTransfer()' helper does also
* check for funds availability. */
+ val customer = maybeGetCustomer(user ?: throw SandboxError(
+ HttpStatusCode.ServiceUnavailable,
+ "This endpoint isn't served when the authentication is disabled."
+ ))
transaction {
+ if (op.cashoutAddress != customer?.cashout_address) throw conflict(
+ "Inconsistent cash-out address: ${op.cashoutAddress} vs
${customer?.cashout_address}"
+ )
+ // 412 if the operation got already confirmed.
+ if (op.status == CashoutOperationStatus.CONFIRMED)
+ throw SandboxError(
+ HttpStatusCode.PreconditionFailed,
+ "Cash-out operation $operationUuid was already confirmed."
+ )
wireTransfer(
debitAccount = op.account,
creditAccount = "admin",
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.