diff options
| author | Antoine A <> | 2023-12-07 14:24:18 +0000 |
|---|---|---|
| committer | Antoine A <> | 2023-12-07 14:24:18 +0000 |
| commit | c773a508a3281fb5d46cb67deea2b19069106ee1 (patch) | |
| tree | 50abf00b3e4740ec279fa5962e9615856b69987b | |
| parent | 467711b15cc899d37e777ffbe096f95c25f6b82b (diff) | |
| download | libeufin-c773a508a3281fb5d46cb67deea2b19069106ee1.tar.gz libeufin-c773a508a3281fb5d46cb67deea2b19069106ee1.tar.bz2 libeufin-c773a508a3281fb5d46cb67deea2b19069106ee1.zip | |
Add sanity checks
| -rw-r--r-- | bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt | 13 | ||||
| -rw-r--r-- | bank/src/test/kotlin/CoreBankApiTest.kt | 17 |
2 files changed, 28 insertions, 2 deletions
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt b/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt index 0b91f360..e5a87768 100644 --- a/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt +++ b/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt @@ -143,7 +143,7 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq // Prohibit reserved usernames: if (RESERVED_ACCOUNTS.contains(req.username)) throw conflict( - "Username '${req.username}' is reserved.", + "Username '${req.username}' is reserved", TalerErrorCode.BANK_RESERVED_USERNAME_CONFLICT ) @@ -153,6 +153,11 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq TalerErrorCode.BANK_NON_ADMIN_PATCH_DEBT_LIMIT ) + if (req.username == "exchange" && !req.is_taler_exchange) + throw conflict( + "'exchange' account must be a taler exchange account", + TalerErrorCode.END + ) val internalPayto = req.payto_uri ?: req.internal_payto_uri ?: IbanPayTo(genIbanPaytoUri()) val contactData = req.contact_data ?: req.challenge_contact_data @@ -178,6 +183,12 @@ suspend fun patchAccount(db: Database, ctx: BankConfig, req: AccountReconfigurat req.debit_threshold?.run { ctx.checkRegionalCurrency(this) } val contactData = req.contact_data ?: req.challenge_contact_data + if (username == "admin" && req.is_public == true) + throw conflict( + "'admin' account cannot be public", + TalerErrorCode.END + ) + return db.account.reconfig( login = username, name = req.name, diff --git a/bank/src/test/kotlin/CoreBankApiTest.kt b/bank/src/test/kotlin/CoreBankApiTest.kt index 233de89d..85a780dc 100644 --- a/bank/src/test/kotlin/CoreBankApiTest.kt +++ b/bank/src/test/kotlin/CoreBankApiTest.kt @@ -229,7 +229,6 @@ class CoreBankAccountsApiTest { pwAuth("admin") }.assertOk() } - // Reserved account RESERVED_ACCOUNTS.forEach { @@ -242,6 +241,15 @@ class CoreBankAccountsApiTest { }.assertConflict(TalerErrorCode.BANK_RESERVED_USERNAME_CONFLICT) } + // Non exchange account + client.post("/accounts") { + json { + "username" to "exchange" + "password" to "password" + "name" to "Exchange" + } + }.assertConflict(TalerErrorCode.END) + // Testing login conflict client.post("/accounts") { json(req) { @@ -439,6 +447,13 @@ class CoreBankAccountsApiTest { assert(obj.is_public) assert(!obj.is_taler_exchange) } + + // Admin cannot be public + client.patchA("/accounts/admin") { + json { + "is_public" to true + } + }.assertConflict(TalerErrorCode.END) } // Test admin-only account patch |