diff options
| author | Christian Blättler <blatc2@bfh.ch> | 2024-06-06 14:01:02 +0200 |
|---|---|---|
| committer | Christian Blättler <blatc2@bfh.ch> | 2024-06-06 14:01:02 +0200 |
| commit | 3fa00294bee477ca58c9195baf39e0397c9b1b6e (patch) | |
| tree | a82b2704fe21069bb41fbc77178eed3e1b45f267 | |
| parent | 84df99d06b0c399cd2b193ad6cf0bab717d0f1dc (diff) | |
only allow creation of token families with validity period in the future
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-post-token-families.c | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/src/backend/taler-merchant-httpd_private-post-token-families.c b/src/backend/taler-merchant-httpd_private-post-token-families.c index f4472c39..001cee84 100644 --- a/src/backend/taler-merchant-httpd_private-post-token-families.c +++ b/src/backend/taler-merchant-httpd_private-post-token-families.c @@ -25,6 +25,7 @@ #include "platform.h" #include "taler-merchant-httpd_private-post-token-families.h" #include "taler-merchant-httpd_helper.h" +#include <gnunet/gnunet_time_lib.h> #include <taler/taler_json_lib.h> @@ -74,6 +75,7 @@ TMH_private_post_token_families (const struct TMH_RequestHandler *rh, struct TMH_MerchantInstance *mi = hc->instance; struct TALER_MERCHANTDB_TokenFamilyDetails details = { 0 }; const char *kind = NULL; + bool no_valid_after = false; enum GNUNET_DB_QueryStatus qs; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_string ("slug", @@ -87,8 +89,10 @@ TMH_private_post_token_families (const struct TMH_RequestHandler *rh, &details.description_i18n), NULL), GNUNET_JSON_spec_string ("kind", &kind), - GNUNET_JSON_spec_timestamp ("valid_after", - &details.valid_after), + GNUNET_JSON_spec_mark_optional ( + GNUNET_JSON_spec_timestamp ("valid_after", + &details.valid_after), + &no_valid_after), GNUNET_JSON_spec_timestamp ("valid_before", &details.valid_before), GNUNET_JSON_spec_relative_time ("duration", @@ -112,6 +116,33 @@ TMH_private_post_token_families (const struct TMH_RequestHandler *rh, } } + struct GNUNET_TIME_Timestamp now = GNUNET_TIME_timestamp_get (); + + if (no_valid_after) { + details.valid_after = now; + } + + /* Ensure that valid_after is before valid_before */ + if (GNUNET_TIME_timestamp_cmp (details.valid_after, >=, details.valid_before)) + { + GNUNET_break (0); + GNUNET_JSON_parse_free (spec); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "valid_before"); + } + + /* Ensure that valid_after is now or in the future */ + if (GNUNET_TIME_timestamp_cmp (details.valid_after, >, now)) + { + GNUNET_break (0); + GNUNET_JSON_parse_free (spec); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "valid_after"); + } if (strcmp (kind, "discount") == 0) details.kind = TALER_MERCHANTDB_TFK_Discount; |