libeufin

Integration and sandbox testing for FinTech APIs and data formats
Log | Files | Refs | Submodules | README | LICENSE
commit ef1c1f82d3a0f57af680c29279f77c1de683ef55
parent 9d87533ef9e43679ec5e84188042afb6f42283fb
Author: Florian Dold <florian@dold.me>
Date:   Mon, 17 Oct 2022 00:54:01 +0200

sandbox: fix bogus auth check

Diffstat:

Msandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt | 2+-


1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
@@ -1259,7 +1259,7 @@ val sandboxApp: Application.() -> Unit = {
                         call.getUriComponent("account_name"),
                         demobank
                     )
-                    if (maybeOwnedAccount.owner != username) throw unauthorized(
+                    if (maybeOwnedAccount.owner != username && WITH_AUTH) throw unauthorized(
                         "Customer '$username' has no rights over bank account '${maybeOwnedAccount.label}'"
                     )
                     val req = call.receiveJson<WithdrawalRequest>()