commit 32dbdd699207b0472b95e92c10158e47625848f4
parent e018bf140908c0860b512a2691ac7c3c4433f3c1
Author: Florian Dold <florian@dold.me>
Date: Tue, 2 Dec 2025 13:04:53 +0100
fix /paid request
Do not allow client to change choice of paid order
Diffstat:
2 files changed, 22 insertions(+), 17 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-paid.c b/src/backend/taler-merchant-httpd_post-orders-ID-paid.c
@@ -91,7 +91,7 @@ TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
const char *order_id = hc->infix;
struct TALER_MerchantSignatureP merchant_sig;
const char *session_id;
- int16_t choice_index;
+ int16_t db_choice_index;
struct TALER_PrivateContractHashP hct;
json_t *contract_terms;
const char *fulfillment_url;
@@ -105,15 +105,10 @@ TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
&hct),
GNUNET_JSON_spec_string ("session_id",
&session_id),
- GNUNET_JSON_spec_mark_optional (
- GNUNET_JSON_spec_int16 ("choice_index",
- &choice_index),
- NULL),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
- choice_index = -1;
res = TALER_MHD_parse_json_data (connection,
hc->request_body,
spec);
@@ -141,13 +136,21 @@ TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
TMH_db->preflight (TMH_db->cls);
{
uint64_t order_serial;
+ bool paid;
+ bool wired;
+ bool session_matches;
- qs = TMH_db->lookup_contract_terms (TMH_db->cls,
- hc->instance->settings.id,
- order_id,
- &contract_terms,
- &order_serial,
- NULL);
+ qs = TMH_db->lookup_contract_terms3 (TMH_db->cls,
+ hc->instance->settings.id,
+ order_id,
+ NULL,
+ &contract_terms,
+ &order_serial,
+ &paid,
+ &wired,
+ &session_matches,
+ NULL,
+ &db_choice_index);
}
if (0 > qs)
{
@@ -201,15 +204,16 @@ TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
= json_string_value (json_object_get (contract_terms,
"fulfillment_url"));
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Marking contract %s with %s/%s as paid\n",
+ "Marking contract %s with %s/%s as paid under choice %d\n",
order_id,
session_id,
- fulfillment_url);
+ fulfillment_url,
+ (int) db_choice_index);
qs = TMH_db->mark_contract_paid (TMH_db->cls,
hc->instance->settings.id,
&hct,
session_id,
- choice_index);
+ db_choice_index);
/* If the order was paid already, we get qs == 0. */
if (0 > qs)
{
diff --git a/src/backend/taler-merchant-httpd_private-get-orders-ID.c b/src/backend/taler-merchant-httpd_private-get-orders-ID.c
@@ -652,10 +652,11 @@ phase_fetch_contract (struct GetOrderRequestContext *gorc)
if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs)
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "Order %s is %s (%s) according to database\n",
+ "Order %s is %s (%s) according to database, choice %d\n",
hc->infix,
gorc->paid ? "paid" : "unpaid",
- gorc->wired ? "wired" : "unwired");
+ gorc->wired ? "wired" : "unwired",
+ (int) gorc->choice_index);
gorc->phase++;
return;
}
