fix SQL, fix test configurations

5 files changed, 110 insertions, 32 deletions

diff --git a/src/exchangedb/pg_lookup_pending_legitimization.c b/src/exchangedb/pg_lookup_pending_legitimization.c
index 8fed37e80..11e884349 100644
--- a/src/exchangedb/pg_lookup_pending_legitimization.c
+++ b/src/exchangedb/pg_lookup_pending_legitimization.c
@@ -81,7 +81,7 @@ TEH_PG_lookup_pending_legitimization (
            " LEFT JOIN legitimization_processes lp"
            "   ON (lm.legitimization_measure_serial_id = lp.legitimization_measure_serial_id)"
            " LEFT JOIN kyc_attributes ka"
-           "   ON (ka.legitimization_serial = lp.legitimization_process_serial)"
+           "   ON (ka.legitimization_serial = lp.legitimization_process_serial_id)"
            " WHERE lm.legitimization_measure_serial_id=$1;");
   return GNUNET_PQ_eval_prepared_singleton_select (
     pg->conn,
diff --git a/src/kyclogic/taler-exchange-helper-measure-test-oauth b/src/kyclogic/taler-exchange-helper-measure-test-oauth
index 1249e4959..554a179b6 100755
--- a/src/kyclogic/taler-exchange-helper-measure-test-oauth
+++ b/src/kyclogic/taler-exchange-helper-measure-test-oauth
@@ -22,7 +22,7 @@ echo "Running $0" 1>&2
 
 # This is a KYC measure program that checks the output
 # of an OAuth2 authentication, and if it passed,
-# increases the reserve CLOSE limit to EUR:1000.
+# increases all limits to EUR:1000.
 # (and doesn't impose any other limits)
 
 if [ "${1:-no}" = "--required-context" ]
@@ -69,7 +69,44 @@ jq -n \
        "new_rules" : {
          "new_check" : "info-oauth-test-passed",
          "expiration_time" : { "t_s": $expiration },
-         "rules" : [ {
+         "rules" : [
+         {
+           "operation_type": "WITHDRAW",
+           "threshold" : "EUR:1000",
+           "timeframe" : { "d_us" : 3600000000 },
+           "measures" : [ "verboten" ],
+           "display_priority" : 1,
+           "exposed" : true,
+           "is_and_combinator" : true
+         },
+         {
+           "operation_type": "DEPOSIT",
+           "threshold" : "EUR:1000",
+           "timeframe" : { "d_us" : 3600000000 },
+           "measures" : [ "verboten" ],
+           "display_priority" : 1,
+           "exposed" : true,
+           "is_and_combinator" : true
+         },
+         {
+           "operation_type": "MERGE",
+           "threshold" : "EUR:1000",
+           "timeframe" : { "d_us" : 3600000000 },
+           "measures" : [ "verboten" ],
+           "display_priority" : 1,
+           "exposed" : true,
+           "is_and_combinator" : true
+         },
+         {
+           "operation_type": "BALANCE",
+           "threshold" : "EUR:1000",
+           "timeframe" : { "d_us" : 3600000000 },
+           "measures" : [ "verboten" ],
+           "display_priority" : 1,
+           "exposed" : true,
+           "is_and_combinator" : true
+         },
+         {
            "operation_type": "CLOSE",
            "threshold" : "EUR:1000",
            "timeframe" : { "d_us" : 3600000000 },
@@ -77,7 +114,8 @@ jq -n \
            "display_priority" : 1,
            "exposed" : true,
            "is_and_combinator" : true
-         } ]
+         }
+         ]
        }
      }' < /dev/null
 
diff --git a/src/testing/test_exchange_api.conf b/src/testing/test_exchange_api.conf
index 5ab76eab5..c40ae4b1c 100644
--- a/src/testing/test_exchange_api.conf
+++ b/src/testing/test_exchange_api.conf
@@ -167,7 +167,7 @@ REQUIRES =
 FALLBACK = manual-freeze
 
 [aml-program-oauth-output-check]
-DESCRIPTION = "Validates the output from OAauth2 and then permits the reserve closing to proceed"
+DESCRIPTION = "Validates the output from OAauth2 and then increases all limits to EUR:1000"
 # Command that runs on the output of the OAuth provider
 # to decide what rules should apply next.
 COMMAND = taler-exchange-helper-measure-test-oauth
diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c
index 006c06a11..6557e23c7 100644
--- a/src/testing/test_kyc_api.c
+++ b/src/testing/test_kyc_api.c
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014-2023 Taler Systems SA
+  Copyright (C) 2014-2024 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as
diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf
index 6973aabfa..34e12925a 100644
--- a/src/testing/test_kyc_api.conf
+++ b/src/testing/test_kyc_api.conf
@@ -3,38 +3,78 @@
 @INLINE@ coins-rsa.conf
 @INLINE@ test_exchange_api.conf
 
-[kyc-provider-test-oauth2]
-LOGIC = oauth2
-KYC_OAUTH2_VALIDITY = forever
-KYC_OAUTH2_TOKEN_URL = http://localhost:6666/oauth/v2/token
-KYC_OAUTH2_AUTHORIZE_URL = http://localhost:6666/oauth/v2/login
-KYC_OAUTH2_INFO_URL = http://localhost:6666/api/user/me
-KYC_OAUTH2_CLIENT_ID = taler-exchange
-KYC_OAUTH2_CLIENT_SECRET = exchange-secret
-KYC_OAUTH2_POST_URL = http://example.com/
-KYC_OAUTH2_CONVERTER_HELPER = taler-exchange-kyc-oauth2-test-converter.sh
-# Outputs from this check
-OUTPUTS = full_name birthdate
-
-[kyc-legitimization-balance-high]
-OPERATION_TYPE = BALANCE
-REQUIRED_CHECKS = DUMMY
-THRESHOLD = EUR:8
 
-[kyc-legitimization-deposit-any]
+# This rule requests that the users passes KYC
+# when withdrawing funds.
+[kyc-rule-withdraw]
+ENABLED = YES
+# This is a public rule.
+EXPOSED = YES
+# All checks listed must be done (well, there is only one...)
+IS_AND_COMBINATOR = YES
+# This happens if we withdraw digital cash.
+OPERATION_TYPE = WITHDRAW
+# Threshold is 10.
+THRESHOLD = EUR:10
+TIMEFRAME = 1d
+# If the rule is triggered, ask the user to provide
+# personal data via OAuth2
+NEXT_MEASURES = run-oauth
+
+
+# This rule requests that the users passes KYC
+# when depositing digital cash.
+[kyc-rule-deposit]
+ENABLED = YES
+# This is a public rule.
+EXPOSED = YES
+# All checks listed must be done (well, there is only one...)
+IS_AND_COMBINATOR = YES
+# This happens if we deposit digital cash.
 OPERATION_TYPE = DEPOSIT
-REQUIRED_CHECKS = DUMMY
+# Threshold is 0, so any amount.
 THRESHOLD = EUR:0
+# Timeframe doesn't exactly matter with a threshold of EUR:0.
 TIMEFRAME = 1d
+# If the rule is triggered, ask the user to provide
+# personal data via OAuth2
+NEXT_MEASURES = run-oauth
 
-[kyc-legitimization-withdraw]
-OPERATION_TYPE = WITHDRAW
-REQUIRED_CHECKS = DUMMY
-THRESHOLD = EUR:10
-TIMEFRAME = 1d
 
-[kyc-legitimization-merge]
+# This rule requests that the users passes KYC
+# when receiving p2p payments.
+[kyc-rule-merge]
+ENABLED = YES
+# This is a public rule.
+EXPOSED = YES
+# All checks listed must be done (well, there is only one...)
+IS_AND_COMBINATOR = YES
+# This happens if when a purse is merged.
 OPERATION_TYPE = MERGE
-REQUIRED_CHECKS = DUMMY
+# Threshold is 0, so any amount.
 THRESHOLD = EUR:0
+# Timeframe doesn't exactly matter with a threshold of EUR:0.
+TIMEFRAME = 1d
+# If the rule is triggered, ask the user to provide
+# personal data via OAuth2
+NEXT_MEASURES = run-oauth
+
+
+
+# This rule requests that the users passes KYC
+# when the wallet balance is too high.
+[kyc-rule-balance]
+ENABLED = YES
+# This is a public rule.
+EXPOSED = YES
+# All checks listed must be done (well, there is only one...)
+IS_AND_COMBINATOR = YES
+# This happens if a wallet balance gets too high.
+OPERATION_TYPE = BALANCE
+# Threshold is 8.
+THRESHOLD = EUR:8
+# Timeframe doesn't exactly matter for BALANCE...
 TIMEFRAME = 1d
+# If the rule is triggered, ask the user to provide
+# personal data via OAuth2
+NEXT_MEASURES = run-oauth