diff options
| author | Christian Grothoff <christian@grothoff.org> | 2024-04-29 20:19:51 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2024-07-29 12:18:39 +0200 |
| commit | 04f022bec738568e887fee41d3ecdc445649ff02 (patch) | |
| tree | add6a77395c47584f2f1090e5323b7fd33af3088 /src | |
| parent | 262092382a12dd698304265a9a364419859532bc (diff) | |
fix FTBFS of exchange_api_add_aml_decision.c
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/taler_crypto_lib.h | 1 | ||||
| -rw-r--r-- | src/include/taler_exchange_service.h | 119 | ||||
| -rw-r--r-- | src/lib/exchange_api_add_aml_decision.c | 110 |
3 files changed, 206 insertions, 24 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 9b842e570..5ee4df01c 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -2550,6 +2550,7 @@ TALER_officer_aml_query_verify ( * @param h_payto payto URI hash of the account the * decision is about * @param new_rules new KYC rules to apply to the account + * Must be a "LegitimizationRuleSet". * @param officer_priv private key of AML officer * @param[out] officer_sig where to write the signature */ diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index 2efc8db37..87f146dd7 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -36,7 +36,7 @@ * Version of the Taler Exchange API, in hex. * Thus 0.8.4-1 = 0x00080401. */ -#define TALER_EXCHANGE_API_VERSION 0x00100000 +#define TALER_EXCHANGE_API_VERSION 0x00100001 /* ********************* /keys *********************** */ @@ -4534,7 +4534,7 @@ struct TALER_EXCHANGE_KycInfoHandle * TALER_EXCHANGE_kyc_info ( struct GNUNET_CURL_Context *ctx, const char *url, - const struct GNUNET_CRYPTO_AccountAccessTokenP *token, + const struct TALER_AccountAccessTokenP *token, const char *if_none_match, struct GNUNET_TIME_Relative timeout, TALER_EXCHANGE_KycStatusCallback cb, @@ -6096,6 +6096,107 @@ typedef void /** + * Information about a possible measure. + */ +struct TALER_EXCHANGE_MeasureInformation +{ + /** + * Name of the measure. + */ + const char *measure_name; + + /** + * Name of the check triggered by the measure. + */ + const char *check_name; + + /** + * Name of the AML program to run after the measure. + */ + const char *prog_name; + + /** + * Context for the check and the AML program. + */ + const json_t *context; +}; + + +/** + * Rule that applies for an account, specifies the + * trigger and measures to apply. + */ +struct TALER_EXCHANGE_AccountRule +{ + + /** + * Timeframe over which the @e threshold is computed. + */ + struct GNUNET_TIME_Relative timeframe; + + /** + * The maximum amount transacted within the given @e timeframe for the + * specified @e operation_type. + */ + struct TALER_Amount threshold; + + /** + * Array of names of measures to apply. + * Names listed can be original measures or + * custom measures from the AmlOutcome. + */ + const char **measures; + + /** + * Length of the @e measures array. + */ + unsigned int num_measures; + + /** + * If multiple rules apply to the same account + * at the same time, the number with the highest + * rule determines which set of measures will + * be activated and thus become visible for the + * user. + */ + uint32_t display_priority; + + /** + * Operation type for which the restriction applies. + */ + enum TALER_KYCLOGIC_KycTriggerEvent operation_type; + + /** + * True if crossing this limit is categorically not + * allowed. The @e measures array will be ignored + * in this case. + */ + bool verboten; + + /** + * True if the rule (specifically, operation_type, + * threshold, timeframe) and the general nature of + * the measures (verboten or approval required) + * should be exposed to the client. + * Defaults to "false" if not set. + */ + bool exposed; + + /** + * True if all the measures will eventually need to + * be satisfied, false if any of the measures should + * do. Primarily used by the SPA to indicate how + * the measures apply when showing them to the user; + * in the end, AML programs will decide after each + * measure what to do next. + * Default (if missing) is false. + */ + bool is_and_combinator; + +}; + + +/** * Inform the exchange that an AML decision has been taken. * * @param ctx the context @@ -6103,9 +6204,12 @@ typedef void * @param h_payto payto URI hash of the account the * decision is about * @param decision_time when was the decision made + * @param successor_measure measure to activate after @a expiration_time if no rule applied * @param expiration_time when do the new rules expire - * @param num_limits length of the @a limits array - * @param limits new limits for the account + * @param num_rules length of the @a rules array + * @param rules new rules for the account + * @param num_measures length of the @a measures array + * @param measures possible custom measures * @param properties properties for the account * @param keep_investigating true to keep the investigation open * @param justification human-readable justification @@ -6120,9 +6224,12 @@ TALER_EXCHANGE_add_aml_decision ( const char *url, const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Timestamp decision_time, + const char *successor_measure, struct GNUNET_TIME_Timestamp expiration_time, - unsigned int num_limits, - const struct TALER_EXCHANGE_AccountLimit limits[static num_limits], + unsigned int num_rules, + const struct TALER_EXCHANGE_AccountRule *rules, + unsigned int num_measures, + const struct TALER_EXCHANGE_MeasureInformation *measures, const json_t *properties, bool keep_investigating, const char *justification, diff --git a/src/lib/exchange_api_add_aml_decision.c b/src/lib/exchange_api_add_aml_decision.c index 342e1e3dc..ccdc5751e 100644 --- a/src/lib/exchange_api_add_aml_decision.c +++ b/src/lib/exchange_api_add_aml_decision.c @@ -127,12 +127,17 @@ struct TALER_EXCHANGE_AddAmlDecision * TALER_EXCHANGE_add_aml_decision ( struct GNUNET_CURL_Context *ctx, const char *url, - const char *justification, - struct GNUNET_TIME_Timestamp decision_time, - const struct TALER_Amount *new_threshold, const struct TALER_PaytoHashP *h_payto, - enum TALER_AmlDecisionState new_state, - const json_t *kyc_requirements, + struct GNUNET_TIME_Timestamp decision_time, + const char *successor_measure, + struct GNUNET_TIME_Timestamp expiration_time, + unsigned int num_rules, + const struct TALER_EXCHANGE_AccountRule *rules, + unsigned int num_measures, + const struct TALER_EXCHANGE_MeasureInformation *measures, + const json_t *properties, + bool keep_investigating, + const char *justification, const struct TALER_AmlOfficerPrivateKeyP *officer_priv, TALER_EXCHANGE_AddAmlDecisionCallback cb, void *cb_cls) @@ -142,15 +147,86 @@ TALER_EXCHANGE_add_aml_decision ( struct TALER_EXCHANGE_AddAmlDecision *wh; CURL *eh; json_t *body; + json_t *new_rules; + json_t *jrules; + json_t *jmeasures; + + jrules = json_array (); + GNUNET_assert (NULL != jrules); + for (unsigned int i = 0; i<num_rules; i++) + { + const struct TALER_EXCHANGE_AccountRule *al = &rules[i]; + json_t *rule; + json_t *ameasures; + + ameasures = json_array (); + GNUNET_assert (NULL != ameasures); + for (unsigned int j = 0; j<al->num_measures; j++) + GNUNET_assert (0 == + json_array_append_new (ameasures, + json_string (al->measures[j]))); + rule = GNUNET_JSON_PACK ( + GNUNET_JSON_pack_string ("operation_type", + TALER_KYCLOGIC_kyc_trigger2s (al->operation_type) + ), + TALER_JSON_pack_amount ("threshold", + &al->threshold), + GNUNET_JSON_pack_time_rel ("timeframe", + al->timeframe), + GNUNET_JSON_pack_array_steal ("measures", + ameasures), + GNUNET_JSON_pack_bool ("exposed", + al->exposed), + GNUNET_JSON_pack_bool ("is_and_combinator", + al->is_and_combinator), + GNUNET_JSON_pack_uint64 ("display_priority", + al->display_priority) + ); + GNUNET_break (0 == + json_array_append_new (jrules, + rule)); + } + + jmeasures = json_object (); + GNUNET_assert (NULL != jmeasures); + for (unsigned int i = 0; i<num_measures; i++) + { + const struct TALER_EXCHANGE_MeasureInformation *mi = &measures[i]; + json_t *measure; + + measure = GNUNET_JSON_PACK ( + GNUNET_JSON_pack_string ("check_name", + mi->check_name), + GNUNET_JSON_pack_string ("prog_name", + mi->prog_name), + GNUNET_JSON_pack_allow_null ( + GNUNET_JSON_pack_object_incref ("context", + (json_t *) mi->context)) + ); + GNUNET_break (0 == + json_object_set_new (jmeasures, + mi->measure_name, + measure)); + } + + new_rules = GNUNET_JSON_PACK ( + GNUNET_JSON_pack_timestamp ("expiration_time", + expiration_time), + GNUNET_JSON_pack_allow_null ( + GNUNET_JSON_pack_string ("successor_measure", + successor_measure)), + GNUNET_JSON_pack_array_steal ("rules", + jrules), + GNUNET_JSON_pack_array_steal ("custom_measures", + jmeasures) + ); GNUNET_CRYPTO_eddsa_key_get_public (&officer_priv->eddsa_priv, &officer_pub.eddsa_pub); TALER_officer_aml_decision_sign (justification, decision_time, - new_threshold, h_payto, - new_state, - kyc_requirements, + new_rules, officer_priv, &officer_sig); wh = GNUNET_new (struct TALER_EXCHANGE_AddAmlDecision); @@ -181,24 +257,22 @@ TALER_EXCHANGE_add_aml_decision ( GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Could not construct request URL.\n"); GNUNET_free (wh); + json_decref (new_rules); return NULL; } body = GNUNET_JSON_PACK ( GNUNET_JSON_pack_string ("justification", justification), - GNUNET_JSON_pack_data_auto ("officer_sig", - &officer_sig), GNUNET_JSON_pack_data_auto ("h_payto", h_payto), - GNUNET_JSON_pack_uint64 ("new_state", - (uint32_t) new_state), - GNUNET_JSON_pack_allow_null ( - GNUNET_JSON_pack_array_incref ("kyc_requirements", - (json_t *) kyc_requirements)), - TALER_JSON_pack_amount ("new_threshold", - new_threshold), + GNUNET_JSON_pack_object_steal ("new_rules", + new_rules), + GNUNET_JSON_pack_bool ("keep_investigating", + keep_investigating), GNUNET_JSON_pack_timestamp ("decision_time", - decision_time)); + decision_time), + GNUNET_JSON_pack_data_auto ("officer_sig", + &officer_sig)); eh = TALER_EXCHANGE_curl_easy_get_ (wh->url); if ( (NULL == eh) || (GNUNET_OK != |