diff options
-rw-r--r-- | src/backend/taler-merchant-depositcheck.c | 9 | ||||
-rw-r--r-- | src/backend/taler-merchant-httpd_private-get-instances-ID-kyc.c | 6 | ||||
-rw-r--r-- | src/backend/taler-merchant-kyccheck.c | 18 | ||||
-rw-r--r-- | src/backenddb/Makefile.am | 1 | ||||
-rw-r--r-- | src/backenddb/pg_account_kyc_set_failed.c | 101 | ||||
-rw-r--r-- | src/backenddb/pg_account_kyc_set_failed.h | 51 | ||||
-rw-r--r-- | src/backenddb/pg_account_kyc_set_failed.sql | 100 | ||||
-rw-r--r-- | src/backenddb/plugin_merchantdb_postgres.c | 3 | ||||
-rw-r--r-- | src/backenddb/procedures.sql.in | 1 | ||||
-rw-r--r-- | src/include/taler_merchantdb_plugin.h | 23 | ||||
-rw-r--r-- | src/testing/test_kyc_api.c | 43 |
11 files changed, 318 insertions, 38 deletions
diff --git a/src/backend/taler-merchant-depositcheck.c b/src/backend/taler-merchant-depositcheck.c index ca9c635d..cfcae7d9 100644 --- a/src/backend/taler-merchant-depositcheck.c +++ b/src/backend/taler-merchant-depositcheck.c @@ -414,6 +414,7 @@ deposit_get_cb ( struct ExchangeInteraction *w = cls; struct GNUNET_TIME_Absolute future_retry; + w->dgh = NULL; future_retry = GNUNET_TIME_relative_to_absolute (w->retry_backoff); switch (dr->hr.http_status) @@ -463,19 +464,13 @@ deposit_get_cb ( dr->details.accepted.kyc_ok, TALER_B2S (&w->coin_pub)); now = GNUNET_TIME_timestamp_get (); - /* FIXME: probably should NOT clobber limits, etc, and - ONLY set kyc_ok (always to false?) */ - qs = db_plugin->account_kyc_set_status ( + qs = db_plugin->account_kyc_set_failed ( db_plugin->cls, w->instance_id, &w->h_wire, exchange_url, now, MHD_HTTP_ACCEPTED, - TALER_EC_NONE, - NULL, - NULL, - false, dr->details.accepted.kyc_ok); if (qs < 0) { diff --git a/src/backend/taler-merchant-httpd_private-get-instances-ID-kyc.c b/src/backend/taler-merchant-httpd_private-get-instances-ID-kyc.c index 8883e2a2..8d7f437c 100644 --- a/src/backend/taler-merchant-httpd_private-get-instances-ID-kyc.c +++ b/src/backend/taler-merchant-httpd_private-get-instances-ID-kyc.c @@ -40,13 +40,13 @@ * How long should clients cache a KYC failure response? */ #define EXPIRATION_KYC_FAILURE GNUNET_TIME_relative_multiply ( \ - GNUNET_TIME_UNIT_MINUTES, 5) + GNUNET_TIME_UNIT_MINUTES, 5) /** * How long should clients cache a KYC success response? */ #define EXPIRATION_KYC_SUCCESS GNUNET_TIME_relative_multiply ( \ - GNUNET_TIME_UNIT_HOURS, 1) + GNUNET_TIME_UNIT_HOURS, 1) /** @@ -972,7 +972,7 @@ get_instances_ID_kyc ( &kyc_status_cb, kc); GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "Got status %d\n", + "account_kyc_get_status returned %d records\n", (int) qs); if (qs < 0) { diff --git a/src/backend/taler-merchant-kyccheck.c b/src/backend/taler-merchant-kyccheck.c index 594683cb..036f33e9 100644 --- a/src/backend/taler-merchant-kyccheck.c +++ b/src/backend/taler-merchant-kyccheck.c @@ -35,16 +35,16 @@ * long-polling and do not want to wake up too often. */ #define EXCHANGE_TIMEOUT GNUNET_TIME_relative_multiply ( \ - GNUNET_TIME_UNIT_MINUTES, \ - 30) + GNUNET_TIME_UNIT_MINUTES, \ + 30) /** * How long do we wait between requests if all we wait * for is a change in the AML investigation status? */ #define AML_FREQ GNUNET_TIME_relative_multiply ( \ - GNUNET_TIME_UNIT_HOURS, \ - 6) + GNUNET_TIME_UNIT_HOURS, \ + 6) /** * How frequently do we check for updates to our KYC status @@ -52,8 +52,8 @@ * frequency, just to ensure we eventually notice. */ #define AML_LOW_FREQ GNUNET_TIME_relative_multiply ( \ - GNUNET_TIME_UNIT_DAYS, \ - 7) + GNUNET_TIME_UNIT_DAYS, \ + 7) /** * How many inquiries do we process concurrently at most. @@ -605,6 +605,12 @@ exchange_check_cb ( GNUNET_SCHEDULER_shutdown (); return; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "account_set_kyc_status (%s, %u, %d) returned %d\n", + i->e->keys->exchange_url, + i->last_http_status, + i->auth_ok, + (int) qs); i->not_first_time = true; } GNUNET_log (GNUNET_ERROR_TYPE_INFO, diff --git a/src/backenddb/Makefile.am b/src/backenddb/Makefile.am index af79c4f6..90105ba9 100644 --- a/src/backenddb/Makefile.am +++ b/src/backenddb/Makefile.am @@ -77,6 +77,7 @@ libtaler_plugin_merchantdb_postgres_la_SOURCES = \ pg_insert_account.h pg_insert_account.c \ pg_update_account.h pg_update_account.c \ pg_insert_deposit_to_transfer.h pg_insert_deposit_to_transfer.c \ + pg_account_kyc_set_failed.h pg_account_kyc_set_failed.c \ pg_increase_refund.h pg_increase_refund.c \ pg_insert_transfer.h pg_insert_transfer.c \ pg_insert_transfer_details.h pg_insert_transfer_details.c \ diff --git a/src/backenddb/pg_account_kyc_set_failed.c b/src/backenddb/pg_account_kyc_set_failed.c new file mode 100644 index 00000000..27b6f703 --- /dev/null +++ b/src/backenddb/pg_account_kyc_set_failed.c @@ -0,0 +1,101 @@ +/* + This file is part of TALER + Copyright (C) 2024 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file backenddb/pg_account_kyc_set_failed.c + * @brief Implementation of the account_kyc_set_failed function for Postgres + * @author Christian Grothoff + */ +#include "platform.h" +#include <taler/taler_error_codes.h> +#include <taler/taler_dbevents.h> +#include <taler/taler_pq_lib.h> +#include "pg_account_kyc_set_failed.h" +#include "pg_helper.h" + + +enum GNUNET_DB_QueryStatus +TMH_PG_account_kyc_set_failed ( + void *cls, + const char *merchant_id, + const struct TALER_MerchantWireHashP *h_wire, + const char *exchange_url, + struct GNUNET_TIME_Timestamp timestamp, + unsigned int exchange_http_status, + bool kyc_ok) +{ + struct PostgresClosure *pg = cls; + struct TALER_MERCHANTDB_MerchantKycStatusChangeEventP ev = { + .header.size = htons (sizeof (ev)), + .header.type = htons (TALER_DBEVENT_MERCHANT_EXCHANGE_KYC_STATUS_CHANGED), + .h_wire = *h_wire + }; + struct GNUNET_DB_EventHeaderP hdr = { + .size = htons (sizeof (hdr)), + .type = htons (TALER_DBEVENT_MERCHANT_KYC_STATUS_CHANGED) + }; + char *notify_s + = GNUNET_PQ_get_event_notify_channel (&ev.header); + char *notify2_s + = GNUNET_PQ_get_event_notify_channel (&hdr); + uint32_t http_status32 = (uint32_t) exchange_http_status; + struct GNUNET_PQ_QueryParam params[] = { + GNUNET_PQ_query_param_string (merchant_id), + GNUNET_PQ_query_param_auto_from_type (h_wire), + GNUNET_PQ_query_param_string (exchange_url), + GNUNET_PQ_query_param_timestamp (×tamp), + GNUNET_PQ_query_param_uint32 (&http_status32), + GNUNET_PQ_query_param_bool (kyc_ok), + GNUNET_PQ_query_param_string (notify_s), + GNUNET_PQ_query_param_string (notify2_s), + GNUNET_PQ_query_param_end + }; + bool no_instance; + bool no_account; + struct GNUNET_PQ_ResultSpec rs[] = { + GNUNET_PQ_result_spec_bool ("no_instance", + &no_instance), + GNUNET_PQ_result_spec_bool ("no_account", + &no_account), + GNUNET_PQ_result_spec_end + }; + enum GNUNET_DB_QueryStatus qs; + + check_connection (pg); + PREPARE (pg, + "account_kyc_set_failed", + "SELECT " + " out_no_instance AS no_instance" + " ,out_no_account AS no_account" + " FROM merchant_do_account_kyc_set_failed" + "($1, $2, $3, $4, $5, $6, $7, $8, $9);"); + qs = GNUNET_PQ_eval_prepared_singleton_select ( + pg->conn, + "account_kyc_set_failed", + params, + rs); + GNUNET_free (notify_s); + GNUNET_free (notify2_s); + if (qs <= 0) + { + GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs); + GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR != qs); + GNUNET_break (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS != qs); + return qs; + } + GNUNET_break (! no_instance); + GNUNET_break (! no_account); + return qs; +} diff --git a/src/backenddb/pg_account_kyc_set_failed.h b/src/backenddb/pg_account_kyc_set_failed.h new file mode 100644 index 00000000..5805e080 --- /dev/null +++ b/src/backenddb/pg_account_kyc_set_failed.h @@ -0,0 +1,51 @@ +/* + This file is part of TALER + Copyright (C) 2024 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file backenddb/pg_account_kyc_set_failed.h + * @brief implementation of the account_kyc_set_failed function for Postgres + * @author Christian Grothoff + */ +#ifndef PG_ACCOUNT_KYC_SET_FAILED_H +#define PG_ACCOUNT_KYC_SET_FAILED_H + +#include <taler/taler_util.h> +#include <taler/taler_json_lib.h> +#include "taler_merchantdb_plugin.h" + + +/** + * Set an instance's account's KYC status to failed. + * + * @param cls closure + * @param merchant_id merchant backend instance ID + * @param h_wire hash of the wire account to check + * @param exchange_url base URL of the exchange to check + * @param timestamp timestamp to store + * @param exchange_http_status HTTP status code returned last by the exchange + * @param kyc_ok current KYC status (should be false) + * @return database result code + */ +enum GNUNET_DB_QueryStatus +TMH_PG_account_kyc_set_failed ( + void *cls, + const char *merchant_id, + const struct TALER_MerchantWireHashP *h_wire, + const char *exchange_url, + struct GNUNET_TIME_Timestamp timestamp, + unsigned int exchange_http_status, + bool kyc_ok); + +#endif diff --git a/src/backenddb/pg_account_kyc_set_failed.sql b/src/backenddb/pg_account_kyc_set_failed.sql new file mode 100644 index 00000000..2b971a79 --- /dev/null +++ b/src/backenddb/pg_account_kyc_set_failed.sql @@ -0,0 +1,100 @@ +-- +-- This file is part of TALER +-- Copyright (C) 2024 Taler Systems SA +-- +-- TALER is free software; you can redistribute it and/or modify it under the +-- terms of the GNU General Public License as published by the Free Software +-- Foundation; either version 3, or (at your option) any later version. +-- +-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY +-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR +-- A PARTICULAR PURPOSE. See the GNU General Public License for more details. +-- +-- You should have received a copy of the GNU General Public License along with +-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +-- + + +DROP FUNCTION IF EXISTS merchant_do_account_kyc_set_failed; + +CREATE FUNCTION merchant_do_account_kyc_set_failed ( + IN in_merchant_id TEXT, + IN in_h_wire BYTEA, + IN in_exchange_url TEXT, + IN in_timestamp INT8, + IN in_exchange_http_status INT4, + IN in_kyc_ok BOOL, + IN in_notify_str TEXT, + IN in_notify2_str TEXT, + OUT out_no_instance BOOL, + OUT out_no_account BOOL) +LANGUAGE plpgsql +AS $$ +DECLARE + my_merchant_id INT8; + my_account_serial INT8; +BEGIN + +out_no_instance=FALSE; +out_no_account=FALSE; + +-- Which instance are we using? +SELECT merchant_serial + INTO my_merchant_id + FROM merchant_instances + WHERE merchant_id=in_merchant_id; + +IF NOT FOUND +THEN + out_no_instance=TRUE; + RETURN; +END IF; + +SELECT account_serial + INTO my_account_serial + FROM merchant_accounts + WHERE merchant_serial=my_merchant_id + AND h_wire=in_h_wire; + +IF NOT FOUND +THEN + out_no_account=TRUE; + RETURN; +END IF; + +UPDATE merchant_kyc + SET kyc_timestamp=in_timestamp + ,kyc_ok=in_kyc_ok + ,exchange_http_status=in_exchange_http_status + ,exchange_ec_code=0 + WHERE account_serial=my_account_serial + AND exchange_url=in_exchange_url; + +IF NOT FOUND +THEN + + INSERT INTO merchant_kyc + (kyc_timestamp + ,kyc_ok + ,account_serial + ,exchange_url + ,exchange_http_status) + VALUES + (in_timestamp + ,in_kyc_ok + ,my_account_serial + ,in_exchange_url + ,in_exchange_http_status); +END IF; + +EXECUTE FORMAT ( + 'NOTIFY %s' + ,in_notify_str); + +EXECUTE FORMAT ( + 'NOTIFY %s' + ,in_notify2_str); + + +-- Success! +END $$; diff --git a/src/backenddb/plugin_merchantdb_postgres.c b/src/backenddb/plugin_merchantdb_postgres.c index 86dec660..de0b9181 100644 --- a/src/backenddb/plugin_merchantdb_postgres.c +++ b/src/backenddb/plugin_merchantdb_postgres.c @@ -36,6 +36,7 @@ #include "pg_get_kyc_limits.h" #include "pg_delete_otp.h" #include "pg_update_otp.h" +#include "pg_account_kyc_set_failed.h" #include "pg_select_otp.h" #include "pg_select_otp_serial.h" #include "pg_insert_login_token.h" @@ -585,6 +586,8 @@ libtaler_plugin_merchantdb_postgres_init (void *cls) = &TMH_PG_select_category_by_name; plugin->get_kyc_status = &TMH_PG_get_kyc_status; + plugin->account_kyc_set_failed + = &TMH_PG_account_kyc_set_failed; plugin->get_kyc_limits = &TMH_PG_get_kyc_limits; plugin->select_category diff --git a/src/backenddb/procedures.sql.in b/src/backenddb/procedures.sql.in index bdf41934..63215516 100644 --- a/src/backenddb/procedures.sql.in +++ b/src/backenddb/procedures.sql.in @@ -23,5 +23,6 @@ SET search_path TO merchant; #include "pg_insert_transfer_details.sql" #include "pg_update_product.sql" #include "pg_account_kyc_set_status.sql" +#include "pg_account_kyc_set_failed.sql" COMMIT; diff --git a/src/include/taler_merchantdb_plugin.h b/src/include/taler_merchantdb_plugin.h index 72641a46..cdd5aacd 100644 --- a/src/include/taler_merchantdb_plugin.h +++ b/src/include/taler_merchantdb_plugin.h @@ -1845,6 +1845,29 @@ struct TALER_MERCHANTDB_Plugin /** + * Set an instance's account's KYC status to failed. + * + * @param cls closure + * @param merchant_id merchant backend instance ID + * @param h_wire hash of the wire account to check + * @param exchange_url base URL of the exchange to check + * @param timestamp timestamp to store + * @param exchange_http_status HTTP status code returned last by the exchange + * @param kyc_ok current KYC status (should be false) + * @return database result code + */ + enum GNUNET_DB_QueryStatus + (*account_kyc_set_failed) ( + void *cls, + const char *merchant_id, + const struct TALER_MerchantWireHashP *h_wire, + const char *exchange_url, + struct GNUNET_TIME_Timestamp timestamp, + unsigned int exchange_http_status, + bool kyc_ok); + + + /** * Lookup all of the products the given instance has configured. * * @param cls closure diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c index a60f965a..f4f87552 100644 --- a/src/testing/test_kyc_api.c +++ b/src/testing/test_kyc_api.c @@ -101,9 +101,9 @@ static char *merchant_url_i1a; * @param label label to use for the command. */ #define CMD_EXEC_AGGREGATOR(label) \ - TALER_TESTING_cmd_exec_aggregator_with_kyc (label "-aggregator", \ - CONFIG_FILE), \ - TALER_TESTING_cmd_exec_transfer (label "-transfer", CONFIG_FILE) + TALER_TESTING_cmd_exec_aggregator_with_kyc (label "-aggregator", \ + CONFIG_FILE), \ + TALER_TESTING_cmd_exec_transfer (label "-transfer", CONFIG_FILE) /** * Execute the taler-exchange-wirewatch command with @@ -112,10 +112,10 @@ static char *merchant_url_i1a; * @param label label to use for the command. */ #define CMD_EXEC_WIREWATCH(label) \ - TALER_TESTING_cmd_exec_wirewatch2 ( \ - label, \ - CONFIG_FILE, \ - "exchange-account-exchange") + TALER_TESTING_cmd_exec_wirewatch2 ( \ + label, \ + CONFIG_FILE, \ + "exchange-account-exchange") /** @@ -211,6 +211,20 @@ run (void *cls, MHD_HTTP_OK, "create-proposal-1", NULL), + TALER_TESTING_cmd_merchant_get_instance ( + "get-default-instance", + merchant_url, + NULL, + MHD_HTTP_OK, + "instance-create-default-setup"), + TALER_TESTING_cmd_admin_add_kycauth ( + "merchant-kyc-auth-transfer", + "EUR:0.01", + &cred.ba, + merchant_payto, + "get-default-instance"), + CMD_EXEC_WIREWATCH ( + "import-kyc-account-withdraw"), TALER_TESTING_cmd_merchant_pay_order ( "deposit-simple", merchant_url, @@ -247,22 +261,7 @@ run (void *cls, TALER_TESTING_cmd_depositcheck ( "deposit-check", CONFIG_FILE), - TALER_TESTING_cmd_merchant_get_instance ( - "get-default-instance", - merchant_url, - NULL, - MHD_HTTP_OK, - "instance-create-default-setup"), - TALER_TESTING_cmd_admin_add_kycauth ( - "merchant-kyc-auth-transfer", - "EUR:0.01", - &cred.ba, - merchant_payto, - "get-default-instance"), - CMD_EXEC_WIREWATCH ( - "import-kyc-account-withdraw"), /* Now we should get a status of pending */ - // FIXME: currently runs into timeout! TALER_TESTING_cmd_merchant_kyc_get ( "kyc-pending", merchant_url, |