libeufin

Integration and sandbox testing for FinTech APIs and data formats
Log | Files | Refs | Submodules | README | LICENSE
commit c773a508a3281fb5d46cb67deea2b19069106ee1
parent 467711b15cc899d37e777ffbe096f95c25f6b82b
Author: Antoine A <>
Date:   Thu,  7 Dec 2023 14:24:18 +0000

Add sanity checks

Diffstat:

Mbank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt | 13++++++++++++-


Mbank/src/test/kotlin/CoreBankApiTest.kt | 17++++++++++++++++-


2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt b/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt
@@ -143,7 +143,7 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq
     // Prohibit reserved usernames:
     if (RESERVED_ACCOUNTS.contains(req.username))
         throw conflict(
-            "Username '${req.username}' is reserved.",
+            "Username '${req.username}' is reserved",
             TalerErrorCode.BANK_RESERVED_USERNAME_CONFLICT
         )
 
@@ -153,6 +153,11 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq
             TalerErrorCode.BANK_NON_ADMIN_PATCH_DEBT_LIMIT
         )
 
+    if (req.username == "exchange" && !req.is_taler_exchange)
+        throw conflict(
+            "'exchange' account must be a taler exchange account",
+            TalerErrorCode.END
+        )
 
     val internalPayto = req.payto_uri ?: req.internal_payto_uri ?: IbanPayTo(genIbanPaytoUri())
     val contactData = req.contact_data ?: req.challenge_contact_data
@@ -178,6 +183,12 @@ suspend fun patchAccount(db: Database, ctx: BankConfig, req: AccountReconfigurat
     req.debit_threshold?.run { ctx.checkRegionalCurrency(this) }
     val contactData = req.contact_data ?: req.challenge_contact_data
 
+    if (username == "admin" && req.is_public == true)
+        throw conflict(
+            "'admin' account cannot be public",
+            TalerErrorCode.END
+        )
+
     return db.account.reconfig( 
         login = username,
         name = req.name,
diff --git a/bank/src/test/kotlin/CoreBankApiTest.kt b/bank/src/test/kotlin/CoreBankApiTest.kt
@@ -229,7 +229,6 @@ class CoreBankAccountsApiTest {
                 pwAuth("admin")
             }.assertOk()
         }
-        
 
         // Reserved account
         RESERVED_ACCOUNTS.forEach {
@@ -242,6 +241,15 @@ class CoreBankAccountsApiTest {
             }.assertConflict(TalerErrorCode.BANK_RESERVED_USERNAME_CONFLICT)
         }
 
+        // Non exchange account
+        client.post("/accounts") {
+            json {
+                "username" to "exchange"
+                "password" to "password"
+                "name" to "Exchange"
+            }
+        }.assertConflict(TalerErrorCode.END)
+
         // Testing login conflict
         client.post("/accounts") {
             json(req) {
@@ -439,6 +447,13 @@ class CoreBankAccountsApiTest {
             assert(obj.is_public)
             assert(!obj.is_taler_exchange)
         }
+
+        // Admin cannot be public
+        client.patchA("/accounts/admin") {
+            json {
+                "is_public" to true
+            }
+        }.assertConflict(TalerErrorCode.END)
     }
 
     // Test admin-only account patch