merchant

Merchant backend to process payments, run by merchants
Log | Files | Refs | Submodules | README | LICENSE
commit cde31c5f6f9e10f2c40303eb1029f9aa5368ea48
parent 676875fd480f759018c688b60073606ef3a2d4af
Author: Christian Grothoff <christian@grothoff.org>
Date:   Tue, 14 Oct 2025 20:02:17 +0200

disable MFA for bank account creation if no bank account is configured so far (#10497)

Diffstat:

Msrc/backend/taler-merchant-httpd_private-post-account.c | 40++++++++++++++++++++++++++++++----------


Msrc/backenddb/pg_select_accounts.c | 7++++---


2 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_private-post-account.c b/src/backend/taler-merchant-httpd_private-post-account.c
@@ -115,24 +115,44 @@ TMH_private_post_account (const struct TMH_RequestHandler *rh,
     TALER_MERCHANT_BANK_auth_free (&auth);
   }
 
+  /* FIXME: might want to do all of the DB interactions below in one transaction... */
   {
-    enum GNUNET_GenericReturnValue ret =
-      TMH_mfa_check_simple (hc,
-                            TALER_MERCHANT_MFA_CO_ACCOUNT_CONFIGURATION,
-                            mi);
+    enum GNUNET_DB_QueryStatus qs;
+    enum GNUNET_GenericReturnValue ret;
 
-    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                "Account creation MFA check returned %d\n",
-                (int) ret);
-    if (GNUNET_OK != ret)
+    qs = TMH_db->select_accounts (TMH_db->cls,
+                                  mi->settings.id,
+                                  NULL,
+                                  NULL);
+    switch (qs)
     {
-      return (GNUNET_NO == ret)
+    case GNUNET_DB_STATUS_SOFT_ERROR:
+    case GNUNET_DB_STATUS_HARD_ERROR:
+      GNUNET_break (0);
+      return TALER_MHD_reply_with_error (connection,
+                                         MHD_HTTP_INTERNAL_SERVER_ERROR,
+                                         TALER_EC_GENERIC_DB_FETCH_FAILED,
+                                         "select_accounts");
+    case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+      /* skip MFA */
+      break;
+    case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
+      ret = TMH_mfa_check_simple (hc,
+                                  TALER_MERCHANT_MFA_CO_ACCOUNT_CONFIGURATION,
+                                  mi);
+
+      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                  "Account creation MFA check returned %d\n",
+                  (int) ret);
+      if (GNUNET_OK != ret)
+      {
+        return (GNUNET_NO == ret)
         ? MHD_YES
         : MHD_NO;
+      }
     }
   }
 
-
   /* convert provided payto URI into internal data structure with salts */
   wm = TMH_setup_wire_account (uri,
                                credit_facade_url,
diff --git a/src/backenddb/pg_select_accounts.c b/src/backenddb/pg_select_accounts.c
@@ -117,9 +117,10 @@ select_account_cb (void *cls,
     acc.payto_uri = payto;
     acc.credit_facade_url = facade_url;
     acc.credit_facade_credentials = credential;
-    lic->cb (lic->cb_cls,
-             no_priv ? NULL : &merchant_priv,
-             &acc);
+    if (NULL != lic->cb)
+      lic->cb (lic->cb_cls,
+               no_priv ? NULL : &merchant_priv,
+               &acc);
     GNUNET_PQ_cleanup_result (rs);
   }
 }