[kyc] put reserve_pub into legitimization_requirements

12 files changed, 53 insertions, 60 deletions

diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c
index 090927ecb..1e956138f 100644
--- a/src/exchange/taler-exchange-httpd_kyc-check.c
+++ b/src/exchange/taler-exchange-httpd_kyc-check.c
@@ -301,7 +301,6 @@ kyc_check (void *cls,
   struct TALER_KYCLOGIC_ProviderDetails *pd;
   enum GNUNET_GenericReturnValue ret;
   struct TALER_PaytoHashP h_payto;
-  struct TALER_ReservePublicKeyP *reserve_pub;
   char *requirements;
   bool satisfied;
 
@@ -310,8 +309,7 @@ kyc_check (void *cls,
     kyp->requirement_row,
     &requirements,
     &kyp->aml_status,
-    &h_payto,
-    &reserve_pub);
+    &h_payto);
   if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@@ -337,7 +335,6 @@ kyc_check (void *cls,
                                            TALER_EC_EXCHANGE_KYC_CHECK_AUTHORIZATION_FAILED,
                                            "h_payto");
     GNUNET_free (requirements);
-    GNUNET_free (reserve_pub);
     return GNUNET_DB_STATUS_HARD_ERROR;
   }
   qs = TALER_KYCLOGIC_check_satisfied (
@@ -357,7 +354,6 @@ kyc_check (void *cls,
                                            TALER_EC_GENERIC_DB_FETCH_FAILED,
                                            "kyc_test_required");
     GNUNET_free (requirements);
-    GNUNET_free (reserve_pub);
     return GNUNET_DB_STATUS_HARD_ERROR;
   }
   if (satisfied)
@@ -366,7 +362,6 @@ kyc_check (void *cls,
                 "KYC requirements `%s' already satisfied\n",
                 requirements);
     GNUNET_free (requirements);
-    GNUNET_free (reserve_pub);
     return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;
   }
 
@@ -386,7 +381,6 @@ kyc_check (void *cls,
                                            TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_GONE,
                                            requirements);
     GNUNET_free (requirements);
-    GNUNET_free (reserve_pub);
     return GNUNET_DB_STATUS_HARD_ERROR;
   }
   GNUNET_free (requirements);
@@ -400,11 +394,8 @@ kyc_check (void *cls,
     kyp->section_name,
     NULL,
     NULL,
-    reserve_pub,
     &kyp->process_row);
 
-  GNUNET_free (reserve_pub);
-
   if (qs < 0)
   {
     if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
diff --git a/src/exchangedb/0002-legitimization_processes.sql b/src/exchangedb/0002-legitimization_processes.sql
index 576527bce..544d58cd2 100644
--- a/src/exchangedb/0002-legitimization_processes.sql
+++ b/src/exchangedb/0002-legitimization_processes.sql
@@ -30,7 +30,6 @@ BEGIN
       ',provider_user_id VARCHAR DEFAULT NULL'
       ',provider_legitimization_id VARCHAR DEFAULT NULL'
       ',finished BOOLEAN DEFAULT (FALSE)'
-      ',reserve_pub BYTEA'
       ',UNIQUE (h_payto, provider_section)'
     ') %s ;'
     ,'legitimization_processes'
@@ -84,12 +83,6 @@ BEGIN
     ,'legitimization_processes'
     ,shard_suffix
   );
-  PERFORM comment_partitioned_column(
-     'If h_payto refers to a reserve, this is its public key, otherwise NULL.'
-    ,'reserve_pub'
-    ,'legitimization_processes'
-    ,shard_suffix
-  );
 END
 $$;
 
diff --git a/src/exchangedb/0002-legitimization_requirements.sql b/src/exchangedb/0002-legitimization_requirements.sql
index 4879b7a27..892556aab 100644
--- a/src/exchangedb/0002-legitimization_requirements.sql
+++ b/src/exchangedb/0002-legitimization_requirements.sql
@@ -25,6 +25,7 @@ BEGIN
     'CREATE TABLE %I'
       '(legitimization_requirement_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY'
       ',h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=32)'
+      ',reserve_pub BYTEA'
       ',required_checks VARCHAR NOT NULL'
       ',UNIQUE (h_payto, required_checks)'
     ') %s ;'
@@ -50,6 +51,12 @@ BEGIN
     ,partition_suffix
   );
   PERFORM comment_partitioned_column(
+     'if h_payto refers to a reserve, this is its public key, NULL otherwise.  It allows to lookup the corresponding reserve when the KYC process is done.'
+    ,'reserve_pub'
+    ,'legitimization_requirements'
+    ,partition_suffix
+  );
+  PERFORM comment_partitioned_column(
      'space-separated list of required checks'
     ,'required_checks'
     ,'legitimization_requirements'
diff --git a/src/exchangedb/exchange_do_insert_kyc_attributes.sql b/src/exchangedb/exchange_do_insert_kyc_attributes.sql
index c80033154..29efde11f 100644
--- a/src/exchangedb/exchange_do_insert_kyc_attributes.sql
+++ b/src/exchangedb/exchange_do_insert_kyc_attributes.sql
@@ -33,6 +33,7 @@ LANGUAGE plpgsql
 AS $$
 DECLARE
    orig_reserve_pub BYTEA;
+   orig_reserve_found BOOLEAN;
 BEGIN
 
 INSERT INTO exchange.kyc_attributes
@@ -42,13 +43,15 @@ INSERT INTO exchange.kyc_attributes
   ,collection_time
   ,expiration_time
   ,encrypted_attributes
+  ,legitimization_serial
  ) VALUES
   (in_h_payto
   ,in_kyc_prox
   ,in_provider_section
   ,in_collection_time_ts
   ,in_expiration_time_ts
-  ,in_enc_attributes);
+  ,in_enc_attributes
+  ,in_process_row);
 
 UPDATE exchange.legitimization_processes
   SET provider_user_id=in_provider_account_id
@@ -56,11 +59,24 @@ UPDATE exchange.legitimization_processes
      ,expiration_time=GREATEST(expiration_time,in_expiration_time)
  WHERE h_payto=in_h_payto
    AND legitimization_process_serial_id=in_process_row
-   AND provider_section=in_provider_section
- RETURNING reserve_pub INTO orig_reserve_pub;
+   AND provider_section=in_provider_section;
 out_ok = FOUND;
 
-UPDATE exchange.reserves SET birthday=in_birthday WHERE reserve_pub=orig_reserve_pub;
+
+-- If the h_payto refers to a reserve in the original requirements
+-- update the originating reserve's birthday.
+SELECT reserve_pub
+  INTO orig_reserve_pub
+  FROM exchange.legitimization_requirements
+ WHERE h_payto=in_h_payto AND NOT reserve_pub IS NULL;
+orig_reserve_found = FOUND;
+
+IF orig_reserve_found
+THEN
+  UPDATE exchange.reserves
+     SET birthday=in_birthday
+   WHERE reserve_pub=orig_reserve_pub;
+END IF;
 
 IF in_require_aml
 THEN
diff --git a/src/exchangedb/pg_insert_kyc_requirement_for_account.c b/src/exchangedb/pg_insert_kyc_requirement_for_account.c
index b0b38a336..95f695297 100644
--- a/src/exchangedb/pg_insert_kyc_requirement_for_account.c
+++ b/src/exchangedb/pg_insert_kyc_requirement_for_account.c
@@ -36,9 +36,9 @@ TEH_PG_insert_kyc_requirement_for_account (
   struct PostgresClosure *pg = cls;
   struct GNUNET_PQ_QueryParam params[] = {
     GNUNET_PQ_query_param_auto_from_type (h_payto),
-    (NULL == reserve_pub)
-    ? GNUNET_PQ_query_param_null ()
-    : GNUNET_PQ_query_param_auto_from_type (reserve_pub),
+    (NULL ==  reserve_pub)
+      ? GNUNET_PQ_query_param_null ()
+      : GNUNET_PQ_query_param_auto_from_type (reserve_pub),
     GNUNET_PQ_query_param_string (provider_section),
     GNUNET_PQ_query_param_end
   };
@@ -52,7 +52,7 @@ TEH_PG_insert_kyc_requirement_for_account (
            "insert_legitimization_requirement",
            "INSERT INTO legitimization_requirements"
            "  (h_payto"
-           "  ,reserve_pub"
+           "   ,reserve_pub"
            "  ,required_checks"
            "  ) VALUES "
            "  ($1, $2, $3)"
diff --git a/src/exchangedb/pg_insert_kyc_requirement_process.c b/src/exchangedb/pg_insert_kyc_requirement_process.c
index ddd765b99..97b82eff6 100644
--- a/src/exchangedb/pg_insert_kyc_requirement_process.c
+++ b/src/exchangedb/pg_insert_kyc_requirement_process.c
@@ -33,7 +33,6 @@ TEH_PG_insert_kyc_requirement_process (
   const char *provider_section,
   const char *provider_account_id,
   const char *provider_legitimization_id,
-  const struct TALER_ReservePublicKeyP *reserve_pub,
   uint64_t *process_row)
 {
   struct PostgresClosure *pg = cls;
@@ -46,9 +45,6 @@ TEH_PG_insert_kyc_requirement_process (
     (NULL != provider_legitimization_id)
     ? GNUNET_PQ_query_param_string (provider_legitimization_id)
     : GNUNET_PQ_query_param_null (),
-    (NULL != reserve_pub)
-    ? GNUNET_PQ_query_param_auto_from_type (reserve_pub)
-    : GNUNET_PQ_query_param_null (),
     GNUNET_PQ_query_param_end
   };
   struct GNUNET_PQ_ResultSpec rs[] = {
@@ -65,14 +61,12 @@ TEH_PG_insert_kyc_requirement_process (
            "  ,provider_section"
            "  ,provider_user_id"
            "  ,provider_legitimization_id"
-           "  ,reserve_pub"
            "  ) VALUES "
-           "  ($1, $2, $3, $4, $5)"
+           "  ($1, $2, $3, $4)"
            " ON CONFLICT (h_payto,provider_section) "
            "   DO UPDATE SET"
            "      provider_user_id=$3"
            "     ,provider_legitimization_id=$4"
-           "     ,reserve_pub=$5"
            " RETURNING legitimization_process_serial_id");
   return GNUNET_PQ_eval_prepared_singleton_select (
     pg->conn,
diff --git a/src/exchangedb/pg_insert_kyc_requirement_process.h b/src/exchangedb/pg_insert_kyc_requirement_process.h
index af90b8c14..df21db8cd 100644
--- a/src/exchangedb/pg_insert_kyc_requirement_process.h
+++ b/src/exchangedb/pg_insert_kyc_requirement_process.h
@@ -34,7 +34,6 @@
  * @param provider_section provider that must be checked
  * @param provider_account_id provider account ID
  * @param provider_legitimization_id provider legitimization ID
- * @param reserve_pub if the processes is related to a reserve, the reserve's public key, NULL otherwise
  * @param[out] process_row row the process is stored under
  * @return database transaction status
  */
@@ -45,7 +44,6 @@ TEH_PG_insert_kyc_requirement_process (
   const char *provider_section,
   const char *provider_account_id,
   const char *provider_legitimization_id,
-  const struct TALER_ReservePublicKeyP *reserve_pub,
   uint64_t *process_row);
 
 #endif
diff --git a/src/exchangedb/pg_insert_records_by_table.c b/src/exchangedb/pg_insert_records_by_table.c
index a8b71759c..ebac7cee0 100644
--- a/src/exchangedb/pg_insert_records_by_table.c
+++ b/src/exchangedb/pg_insert_records_by_table.c
@@ -229,7 +229,7 @@ irbt_cb_table_legitimization_processes (struct PostgresClosure *pg,
            ",provider_user_id"
            ",provider_legitimization_id"
            ") VALUES "
-           "($1, $2, $3, $4, $5, $6);");
+           "($1, $3, $4, $5, $6, %7);");
   return GNUNET_PQ_eval_prepared_non_select (pg->conn,
                                              "insert_into_table_legitimization_processes",
                                              params);
@@ -251,6 +251,10 @@ irbt_cb_table_legitimization_requirements (struct PostgresClosure *pg,
     GNUNET_PQ_query_param_uint64 (&td->serial),
     GNUNET_PQ_query_param_auto_from_type (
       &td->details.legitimization_requirements.h_payto),
+    td->details.legitimization_requirements.no_reserve_pub
+      ? GNUNET_PQ_query_param_null ()
+      : GNUNET_PQ_query_param_auto_from_type (
+      &td->details.legitimization_requirements.reserve_pub),
     GNUNET_PQ_query_param_string (
       td->details.legitimization_requirements.required_checks),
     GNUNET_PQ_query_param_end
@@ -261,6 +265,7 @@ irbt_cb_table_legitimization_requirements (struct PostgresClosure *pg,
            "INSERT INTO legitimization_requirements"
            "(legitimization_requirement_serial_id"
            ",h_payto"
+           ",reserve_pub"
            ",required_checks"
            ") VALUES "
            "($1, $2, $3);");
diff --git a/src/exchangedb/pg_lookup_kyc_requirement_by_row.c b/src/exchangedb/pg_lookup_kyc_requirement_by_row.c
index a167c0458..6f9d76786 100644
--- a/src/exchangedb/pg_lookup_kyc_requirement_by_row.c
+++ b/src/exchangedb/pg_lookup_kyc_requirement_by_row.c
@@ -31,8 +31,7 @@ TEH_PG_lookup_kyc_requirement_by_row (
   uint64_t requirement_row,
   char **requirements,
   enum TALER_AmlDecisionState *aml_status,
-  struct TALER_PaytoHashP *h_payto,
-  struct TALER_ReservePublicKeyP **reserve_pub)
+  struct TALER_PaytoHashP *h_payto)
 {
   struct PostgresClosure *pg = cls;
   uint32_t status = TALER_AML_NORMAL;
@@ -40,19 +39,12 @@ TEH_PG_lookup_kyc_requirement_by_row (
     GNUNET_PQ_query_param_uint64 (&requirement_row),
     GNUNET_PQ_query_param_end
   };
-  bool no_reserve_pub;
-  struct TALER_ReservePublicKeyP *rp =
-    GNUNET_new (struct TALER_ReservePublicKeyP);
   struct GNUNET_PQ_ResultSpec rs[] = {
     GNUNET_PQ_result_spec_string ("required_checks",
                                   requirements),
     GNUNET_PQ_result_spec_auto_from_type ("h_payto",
                                           h_payto),
     GNUNET_PQ_result_spec_allow_null (
-      GNUNET_PQ_result_spec_auto_from_type ("reserve_pub",
-                                            rp),
-      &no_reserve_pub),
-    GNUNET_PQ_result_spec_allow_null (
       GNUNET_PQ_result_spec_uint32 ("status",
                                     &status),
       NULL),
@@ -65,7 +57,6 @@ TEH_PG_lookup_kyc_requirement_by_row (
            "SELECT "
            " lr.required_checks"
            ",lr.h_payto"
-           ",lr.reserve_pub"
            ",aml.status"
            " FROM legitimization_requirements lr"
            " LEFT JOIN aml_status aml USING (h_payto)"
@@ -76,11 +67,5 @@ TEH_PG_lookup_kyc_requirement_by_row (
     params,
     rs);
   *aml_status = (enum TALER_AmlDecisionState) status;
-  if (no_reserve_pub)
-  {
-    GNUNET_free (rp);
-    rp = NULL;
-  }
-  *reserve_pub = rp;
   return qs;
 }
diff --git a/src/exchangedb/pg_lookup_kyc_requirement_by_row.h b/src/exchangedb/pg_lookup_kyc_requirement_by_row.h
index 54759f932..3d223c985 100644
--- a/src/exchangedb/pg_lookup_kyc_requirement_by_row.h
+++ b/src/exchangedb/pg_lookup_kyc_requirement_by_row.h
@@ -34,7 +34,6 @@
  * @param[out] requirements provider that must be checked
  * @param[out] aml_status set to the AML status of the account
  * @param[out] h_payto account that must be KYC'ed
- * @param[out] reserve_pub if account is a reserve, its public key, NULL otherwise. Must be freed by caller
  * @return database transaction status
  */
 enum GNUNET_DB_QueryStatus
@@ -43,7 +42,6 @@ TEH_PG_lookup_kyc_requirement_by_row (
   uint64_t requirement_row,
   char **requirements,
   enum TALER_AmlDecisionState *aml_status,
-  struct TALER_PaytoHashP *h_payto,
-  struct TALER_ReservePublicKeyP **reserve_pub);
+  struct TALER_PaytoHashP *h_payto);
 
 #endif
diff --git a/src/exchangedb/pg_lookup_records_by_table.c b/src/exchangedb/pg_lookup_records_by_table.c
index 7862335ac..aec8cb61e 100644
--- a/src/exchangedb/pg_lookup_records_by_table.c
+++ b/src/exchangedb/pg_lookup_records_by_table.c
@@ -29,6 +29,7 @@
 #include "taler_pq_lib.h"
 #include "pg_lookup_records_by_table.h"
 #include "pg_helper.h"
+#include <gnunet/gnunet_pq_lib.h>
 
 
 /**
@@ -313,6 +314,11 @@ lrbt_cb_table_legitimization_requirements (void *cls,
       GNUNET_PQ_result_spec_auto_from_type (
         "h_payto",
         &td.details.legitimization_requirements.h_payto),
+      GNUNET_PQ_result_spec_allow_null (
+        GNUNET_PQ_result_spec_auto_from_type (
+          "reserve_pub",
+          &td.details.legitimization_requirements.reserve_pub),
+        &td.details.legitimization_requirements.no_reserve_pub),
       GNUNET_PQ_result_spec_string (
         "required_checks",
         &td.details.legitimization_requirements.required_checks),
@@ -2908,6 +2914,7 @@ TEH_PG_lookup_records_by_table (void *cls,
               "SELECT"
               " legitimization_process_serial_id AS serial"
               ",h_payto"
+              ",reserve_pub"
               ",expiration_time"
               ",provider_section"
               ",provider_user_id"
@@ -2922,6 +2929,7 @@ TEH_PG_lookup_records_by_table (void *cls,
               "SELECT"
               " legitimization_requirement_serial_id AS serial"
               ",h_payto"
+              ",reserve_pub"
               ",required_checks"
               " FROM legitimization_requirements"
               " WHERE legitimization_requirement_serial_id > $1"
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index 581ed8ef1..df051e867 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -366,6 +366,8 @@ struct TALER_EXCHANGEDB_TableData
     struct
     {
       struct TALER_PaytoHashP h_payto;
+      struct TALER_ReservePublicKeyP reserve_pub;
+      bool no_reserve_pub;
       char *required_checks;
     } legitimization_requirements;
 
@@ -6536,7 +6538,7 @@ struct TALER_EXCHANGEDB_Plugin
    * @param cls closure
    * @param requirements requirements that must be checked
    * @param h_payto account that must be KYC'ed
-   * @þaram reserve_pub if the account is a reserve, its public key, NULL otherwise
+   * @param reserve_pub if account is a reserve, its public key, NULL otherwise
    * @param[out] requirement_row set to legitimization requirement row for this check
    * @return database transaction status
    */
@@ -6557,7 +6559,6 @@ struct TALER_EXCHANGEDB_Plugin
    * @param provider_section provider that must be checked
    * @param provider_account_id provider account ID
    * @param provider_legitimization_id provider legitimization ID
-   * @param reserve_pub if the KYC process is related to a reserve, its public key, NULL otherwise
    * @param[out] process_row row the process is stored under
    * @return database transaction status
    */
@@ -6568,7 +6569,6 @@ struct TALER_EXCHANGEDB_Plugin
     const char *provider_section,
     const char *provider_account_id,
     const char *provider_legitimization_id,
-    const struct TALER_ReservePublicKeyP *reserve_pub,
     uint64_t *process_row);
 
 
@@ -6604,7 +6604,6 @@ struct TALER_EXCHANGEDB_Plugin
    * @param[out] requirements space-separated list of requirements
    * @param[out] aml_status set to the AML status of the account
    * @param[out] h_payto account that must be KYC'ed
-   * @param[out] reserve_pub if the account is a reserve, its public key, NULL otherwise.  Must be freed by caller.
    * @return database transaction status
    */
   enum GNUNET_DB_QueryStatus
@@ -6613,8 +6612,7 @@ struct TALER_EXCHANGEDB_Plugin
     uint64_t requirement_row,
     char **requirements,
     enum TALER_AmlDecisionState *aml_status,
-    struct TALER_PaytoHashP *h_payto,
-    struct TALER_ReservePublicKeyP **reserve_pub);
+    struct TALER_PaytoHashP *h_payto);
 
 
   /**