diff options
25 files changed, 140 insertions, 34 deletions
| diff --git a/src/exchange/taler-exchange-aggregator.c b/src/exchange/taler-exchange-aggregator.c index 0073d85e..df953ce3 100644 --- a/src/exchange/taler-exchange-aggregator.c +++ b/src/exchange/taler-exchange-aggregator.c @@ -522,6 +522,7 @@ kyc_satisfied (struct AggregationUnit *au_active)      db_plugin->cls,      requirement,      &au_active->h_payto, +    NULL, /* not a reserve */      &au_active->requirement_row);    if (qs < 0)    { diff --git a/src/exchange/taler-exchange-httpd_age-withdraw.c b/src/exchange/taler-exchange-httpd_age-withdraw.c index d0dd2e4f..106feb01 100644 --- a/src/exchange/taler-exchange-httpd_age-withdraw.c +++ b/src/exchange/taler-exchange-httpd_age-withdraw.c @@ -727,6 +727,7 @@ age_withdraw_transaction (void *cls,          TEH_plugin->cls,          kyc_required,          &awc->h_payto, +        &awc->commitment.reserve_pub,          &awc->kyc.requirement_row);      }    } diff --git a/src/exchange/taler-exchange-httpd_aml-decision.c b/src/exchange/taler-exchange-httpd_aml-decision.c index c1439adc..e688b2ba 100644 --- a/src/exchange/taler-exchange-httpd_aml-decision.c +++ b/src/exchange/taler-exchange-httpd_aml-decision.c @@ -165,6 +165,7 @@ make_aml_decision (void *cls,          TEH_plugin->cls,          res,          &dc->h_payto, +        NULL, /* not a reserve */          &requirement_row);        if (qs < 0)        { diff --git a/src/exchange/taler-exchange-httpd_batch-withdraw.c b/src/exchange/taler-exchange-httpd_batch-withdraw.c index 270ee0ca..d60da56e 100644 --- a/src/exchange/taler-exchange-httpd_batch-withdraw.c +++ b/src/exchange/taler-exchange-httpd_batch-withdraw.c @@ -456,6 +456,7 @@ batch_withdraw_transaction (void *cls,        TEH_plugin->cls,        kyc_required,        &wc->h_payto, +      wc->reserve_pub,        &wc->kyc.requirement_row);      GNUNET_free (kyc_required);      if (qs < 0) diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c index 4b78c071..090927ec 100644 --- a/src/exchange/taler-exchange-httpd_kyc-check.c +++ b/src/exchange/taler-exchange-httpd_kyc-check.c @@ -301,6 +301,7 @@ kyc_check (void *cls,    struct TALER_KYCLOGIC_ProviderDetails *pd;    enum GNUNET_GenericReturnValue ret;    struct TALER_PaytoHashP h_payto; +  struct TALER_ReservePublicKeyP *reserve_pub;    char *requirements;    bool satisfied; @@ -309,7 +310,8 @@ kyc_check (void *cls,      kyp->requirement_row,      &requirements,      &kyp->aml_status, -    &h_payto); +    &h_payto, +    &reserve_pub);    if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)    {      GNUNET_log (GNUNET_ERROR_TYPE_INFO, @@ -335,6 +337,7 @@ kyc_check (void *cls,                                             TALER_EC_EXCHANGE_KYC_CHECK_AUTHORIZATION_FAILED,                                             "h_payto");      GNUNET_free (requirements); +    GNUNET_free (reserve_pub);      return GNUNET_DB_STATUS_HARD_ERROR;    }    qs = TALER_KYCLOGIC_check_satisfied ( @@ -354,6 +357,7 @@ kyc_check (void *cls,                                             TALER_EC_GENERIC_DB_FETCH_FAILED,                                             "kyc_test_required");      GNUNET_free (requirements); +    GNUNET_free (reserve_pub);      return GNUNET_DB_STATUS_HARD_ERROR;    }    if (satisfied) @@ -362,6 +366,7 @@ kyc_check (void *cls,                  "KYC requirements `%s' already satisfied\n",                  requirements);      GNUNET_free (requirements); +    GNUNET_free (reserve_pub);      return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS;    } @@ -381,6 +386,7 @@ kyc_check (void *cls,                                             TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_GONE,                                             requirements);      GNUNET_free (requirements); +    GNUNET_free (reserve_pub);      return GNUNET_DB_STATUS_HARD_ERROR;    }    GNUNET_free (requirements); @@ -394,7 +400,11 @@ kyc_check (void *cls,      kyp->section_name,      NULL,      NULL, +    reserve_pub,      &kyp->process_row); + +  GNUNET_free (reserve_pub); +    if (qs < 0)    {      if (GNUNET_DB_STATUS_SOFT_ERROR == qs) diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c b/src/exchange/taler-exchange-httpd_kyc-wallet.c index 77f2dea7..21d07422 100644 --- a/src/exchange/taler-exchange-httpd_kyc-wallet.c +++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c @@ -42,6 +42,11 @@ struct KycRequestContext    struct TALER_PaytoHashP h_payto;    /** +   * The reserve's public key +   */ +  struct TALER_ReservePublicKeyP reserve_pub; + +  /**     * KYC status, with row with the legitimization requirement.     */    struct TALER_EXCHANGEDB_KycStatus kyc; @@ -141,6 +146,7 @@ wallet_kyc_check (void *cls,    qs = TEH_plugin->insert_kyc_requirement_for_account (TEH_plugin->cls,                                                         krc->required,                                                         &krc->h_payto, +                                                       &krc->reserve_pub,                                                         &krc->kyc.requirement_row);    if (qs < 0)    { @@ -170,12 +176,11 @@ TEH_handler_kyc_wallet (  {    struct TALER_ReserveSignatureP reserve_sig;    struct KycRequestContext krc; -  struct TALER_ReservePublicKeyP reserve_pub;    struct GNUNET_JSON_Specification spec[] = {      GNUNET_JSON_spec_fixed_auto ("reserve_sig",                                   &reserve_sig),      GNUNET_JSON_spec_fixed_auto ("reserve_pub", -                                 &reserve_pub), +                                 &krc.reserve_pub),      TALER_JSON_spec_amount ("balance",                              TEH_currency,                              &krc.balance), @@ -195,7 +200,7 @@ TEH_handler_kyc_wallet (    TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;    if (GNUNET_OK != -      TALER_wallet_account_setup_verify (&reserve_pub, +      TALER_wallet_account_setup_verify (&krc.reserve_pub,                                           &krc.balance,                                           &reserve_sig))    { @@ -210,7 +215,7 @@ TEH_handler_kyc_wallet (      char *payto_uri;      payto_uri = TALER_reserve_make_payto (TEH_base_url, -                                          &reserve_pub); +                                          &krc.reserve_pub);      TALER_payto_hash (payto_uri,                        &krc.h_payto);      GNUNET_log (GNUNET_ERROR_TYPE_INFO, diff --git a/src/exchange/taler-exchange-httpd_purses_merge.c b/src/exchange/taler-exchange-httpd_purses_merge.c index 50382687..d1edc49b 100644 --- a/src/exchange/taler-exchange-httpd_purses_merge.c +++ b/src/exchange/taler-exchange-httpd_purses_merge.c @@ -308,6 +308,7 @@ merge_transaction (void *cls,        TEH_plugin->cls,        required,        &pcc->h_payto, +      &pcc->reserve_pub,        &pcc->kyc.requirement_row);      GNUNET_free (required);      if (GNUNET_DB_STATUS_HARD_ERROR == qs) diff --git a/src/exchange/taler-exchange-httpd_reserves_close.c b/src/exchange/taler-exchange-httpd_reserves_close.c index c84b22da..bcde8088 100644 --- a/src/exchange/taler-exchange-httpd_reserves_close.c +++ b/src/exchange/taler-exchange-httpd_reserves_close.c @@ -272,6 +272,7 @@ reserve_close_transaction (void *cls,          TEH_plugin->cls,          kyc_needed,          &rcc->kyc_payto, +        rcc->reserve_pub,          &rcc->kyc.requirement_row);        GNUNET_free (kyc_needed);        if (GNUNET_DB_STATUS_HARD_ERROR == qs) diff --git a/src/exchange/taler-exchange-httpd_reserves_purse.c b/src/exchange/taler-exchange-httpd_reserves_purse.c index 5e39f810..71cec694 100644 --- a/src/exchange/taler-exchange-httpd_reserves_purse.c +++ b/src/exchange/taler-exchange-httpd_reserves_purse.c @@ -218,6 +218,7 @@ purse_transaction (void *cls,        TEH_plugin->cls,        required,        &rpc->h_payto, +      rpc->reserve_pub,        &rpc->kyc.requirement_row);      GNUNET_free (required);      if (GNUNET_DB_STATUS_HARD_ERROR == qs) diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index 9c8a405c..cbc64141 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -319,6 +319,7 @@ withdraw_transaction (void *cls,          TEH_plugin->cls,          kyc_required,          &wc->h_account_payto, +        &wc->collectable.reserve_pub,          &wc->kyc.requirement_row);        GNUNET_free (kyc_required);        if (GNUNET_DB_STATUS_HARD_ERROR == qs) diff --git a/src/exchangedb/0002-legitimization_processes.sql b/src/exchangedb/0002-legitimization_processes.sql index 4544a02e..576527bc 100644 --- a/src/exchangedb/0002-legitimization_processes.sql +++ b/src/exchangedb/0002-legitimization_processes.sql @@ -29,6 +29,8 @@ BEGIN        ',provider_section VARCHAR NOT NULL'        ',provider_user_id VARCHAR DEFAULT NULL'        ',provider_legitimization_id VARCHAR DEFAULT NULL' +      ',finished BOOLEAN DEFAULT (FALSE)' +      ',reserve_pub BYTEA'        ',UNIQUE (h_payto, provider_section)'      ') %s ;'      ,'legitimization_processes' @@ -76,6 +78,18 @@ BEGIN      ,'legitimization_processes'      ,shard_suffix    ); +  PERFORM comment_partitioned_column( +     'Set to TRUE when the specific legitimization process is finished.' +    ,'finished' +    ,'legitimization_processes' +    ,shard_suffix +  ); +  PERFORM comment_partitioned_column( +     'If h_payto refers to a reserve, this is its public key, otherwise NULL.' +    ,'reserve_pub' +    ,'legitimization_processes' +    ,shard_suffix +  );  END  $$; diff --git a/src/exchangedb/0003-kyc_attributes.sql b/src/exchangedb/0003-kyc_attributes.sql index 18093358..56e274a3 100644 --- a/src/exchangedb/0003-kyc_attributes.sql +++ b/src/exchangedb/0003-kyc_attributes.sql @@ -33,6 +33,7 @@ BEGIN        ',collection_time INT8 NOT NULL'        ',expiration_time INT8 NOT NULL'        ',encrypted_attributes BYTEA NOT NULL' +      ',legitimization_serial INT8 NOT NULL'      ') %s ;'      ,table_name      ,'PARTITION BY HASH (h_payto)' @@ -85,6 +86,12 @@ BEGIN      ,table_name      ,partition_suffix    ); +  PERFORM comment_partitioned_column( +     'Reference the legitimization process for which theses attributes are gathered for.' +    ,'legitimization_serial' +    ,table_name +    ,partition_suffix +  );  END $$;  COMMENT ON FUNCTION create_table_kyc_attributes @@ -106,6 +113,15 @@ BEGIN        ' ADD CONSTRAINT ' || table_name || '_serial_key '          'UNIQUE (kyc_attributes_serial_id)'    ); +  -- The legitimization_serial is a foreign key. +  -- TODO: due to partitioning by h_payto, we can not simply reference +  -- the serial id of the legitimization_processes +  --  EXECUTE FORMAT ( +  --    'ALTER TABLE ' || table_name || +  --    ' ADD CONSTRAINT ' || table_name || '_foreign_legitimization_processes' +  --    ' FOREIGN KEY (legitimization_serial) ' +  --    ' REFERENCES legitimization_processes (legitimization_process_serial_id)' -- ON DELETE CASCADE +  --  );    -- To search similar users (e.g. during AML checks)    EXECUTE FORMAT (      'CREATE INDEX ' || table_name || '_similarity_index ' diff --git a/src/exchangedb/exchange_do_insert_kyc_attributes.sql b/src/exchangedb/exchange_do_insert_kyc_attributes.sql index ae6a6575..c8003315 100644 --- a/src/exchangedb/exchange_do_insert_kyc_attributes.sql +++ b/src/exchangedb/exchange_do_insert_kyc_attributes.sql @@ -31,6 +31,8 @@ CREATE OR REPLACE FUNCTION exchange_do_insert_kyc_attributes(    OUT out_ok BOOLEAN)  LANGUAGE plpgsql  AS $$ +DECLARE +   orig_reserve_pub BYTEA;  BEGIN  INSERT INTO exchange.kyc_attributes @@ -48,20 +50,17 @@ INSERT INTO exchange.kyc_attributes    ,in_expiration_time_ts    ,in_enc_attributes); --- FIXME-Oec: modify to 'return' the reserve_pub here --- (requires of course to modify other code to store --- the reserve pub in the right table in the first place)  UPDATE exchange.legitimization_processes    SET provider_user_id=in_provider_account_id       ,provider_legitimization_id=in_provider_legitimization_id       ,expiration_time=GREATEST(expiration_time,in_expiration_time)   WHERE h_payto=in_h_payto     AND legitimization_process_serial_id=in_process_row -   AND provider_section=in_provider_section; +   AND provider_section=in_provider_section + RETURNING reserve_pub INTO orig_reserve_pub;  out_ok = FOUND; --- FIXME-Oec: update exchange reserve table to store in_birthday here! --- UPDATE exchange.reserves SET birthday=in_birthday WHERE reserve_pub=X; +UPDATE exchange.reserves SET birthday=in_birthday WHERE reserve_pub=orig_reserve_pub;  IF in_require_aml  THEN diff --git a/src/exchangedb/pg_insert_kyc_requirement_for_account.c b/src/exchangedb/pg_insert_kyc_requirement_for_account.c index 2552aae4..b0b38a33 100644 --- a/src/exchangedb/pg_insert_kyc_requirement_for_account.c +++ b/src/exchangedb/pg_insert_kyc_requirement_for_account.c @@ -30,11 +30,15 @@ TEH_PG_insert_kyc_requirement_for_account (    void *cls,    const char *provider_section,    const struct TALER_PaytoHashP *h_payto, +  const struct TALER_ReservePublicKeyP *reserve_pub,    uint64_t *requirement_row)  {    struct PostgresClosure *pg = cls;    struct GNUNET_PQ_QueryParam params[] = {      GNUNET_PQ_query_param_auto_from_type (h_payto), +    (NULL == reserve_pub) +    ? GNUNET_PQ_query_param_null () +    : GNUNET_PQ_query_param_auto_from_type (reserve_pub),      GNUNET_PQ_query_param_string (provider_section),      GNUNET_PQ_query_param_end    }; @@ -48,9 +52,10 @@ TEH_PG_insert_kyc_requirement_for_account (             "insert_legitimization_requirement",             "INSERT INTO legitimization_requirements"             "  (h_payto" +           "  ,reserve_pub"             "  ,required_checks"             "  ) VALUES " -           "  ($1, $2)" +           "  ($1, $2, $3)"             " ON CONFLICT (h_payto,required_checks) "             "   DO UPDATE SET h_payto=$1" /* syntax requirement: dummy op */             " RETURNING legitimization_requirement_serial_id"); diff --git a/src/exchangedb/pg_insert_kyc_requirement_for_account.h b/src/exchangedb/pg_insert_kyc_requirement_for_account.h index c2f03b02..331c8ba0 100644 --- a/src/exchangedb/pg_insert_kyc_requirement_for_account.h +++ b/src/exchangedb/pg_insert_kyc_requirement_for_account.h @@ -32,6 +32,7 @@   * @param cls closure   * @param provider_section provider that must be checked   * @param h_payto account that must be KYC'ed + * @param reserve_pub if the account is a reserve, its public key.  Maybe NULL   * @param[out] requirement_row set to legitimization requirement row for this check   * @return database transaction status   */ @@ -40,6 +41,7 @@ TEH_PG_insert_kyc_requirement_for_account (    void *cls,    const char *provider_section,    const struct TALER_PaytoHashP *h_payto, +  const struct TALER_ReservePublicKeyP *reserve_pub,    uint64_t *requirement_row);  #endif diff --git a/src/exchangedb/pg_insert_kyc_requirement_process.c b/src/exchangedb/pg_insert_kyc_requirement_process.c index f1ea5b49..ddd765b9 100644 --- a/src/exchangedb/pg_insert_kyc_requirement_process.c +++ b/src/exchangedb/pg_insert_kyc_requirement_process.c @@ -24,6 +24,7 @@  #include "taler_pq_lib.h"  #include "pg_insert_kyc_requirement_process.h"  #include "pg_helper.h" +#include <gnunet/gnunet_pq_lib.h>  enum GNUNET_DB_QueryStatus  TEH_PG_insert_kyc_requirement_process ( @@ -32,6 +33,7 @@ TEH_PG_insert_kyc_requirement_process (    const char *provider_section,    const char *provider_account_id,    const char *provider_legitimization_id, +  const struct TALER_ReservePublicKeyP *reserve_pub,    uint64_t *process_row)  {    struct PostgresClosure *pg = cls; @@ -44,6 +46,9 @@ TEH_PG_insert_kyc_requirement_process (      (NULL != provider_legitimization_id)      ? GNUNET_PQ_query_param_string (provider_legitimization_id)      : GNUNET_PQ_query_param_null (), +    (NULL != reserve_pub) +    ? GNUNET_PQ_query_param_auto_from_type (reserve_pub) +    : GNUNET_PQ_query_param_null (),      GNUNET_PQ_query_param_end    };    struct GNUNET_PQ_ResultSpec rs[] = { @@ -60,12 +65,14 @@ TEH_PG_insert_kyc_requirement_process (             "  ,provider_section"             "  ,provider_user_id"             "  ,provider_legitimization_id" +           "  ,reserve_pub"             "  ) VALUES " -           "  ($1, $2, $3, $4)" +           "  ($1, $2, $3, $4, $5)"             " ON CONFLICT (h_payto,provider_section) "             "   DO UPDATE SET"             "      provider_user_id=$3"             "     ,provider_legitimization_id=$4" +           "     ,reserve_pub=$5"             " RETURNING legitimization_process_serial_id");    return GNUNET_PQ_eval_prepared_singleton_select (      pg->conn, diff --git a/src/exchangedb/pg_insert_kyc_requirement_process.h b/src/exchangedb/pg_insert_kyc_requirement_process.h index df21db8c..af90b8c1 100644 --- a/src/exchangedb/pg_insert_kyc_requirement_process.h +++ b/src/exchangedb/pg_insert_kyc_requirement_process.h @@ -34,6 +34,7 @@   * @param provider_section provider that must be checked   * @param provider_account_id provider account ID   * @param provider_legitimization_id provider legitimization ID + * @param reserve_pub if the processes is related to a reserve, the reserve's public key, NULL otherwise   * @param[out] process_row row the process is stored under   * @return database transaction status   */ @@ -44,6 +45,7 @@ TEH_PG_insert_kyc_requirement_process (    const char *provider_section,    const char *provider_account_id,    const char *provider_legitimization_id, +  const struct TALER_ReservePublicKeyP *reserve_pub,    uint64_t *process_row);  #endif diff --git a/src/exchangedb/pg_lookup_kyc_requirement_by_row.c b/src/exchangedb/pg_lookup_kyc_requirement_by_row.c index 6f9d7678..a167c045 100644 --- a/src/exchangedb/pg_lookup_kyc_requirement_by_row.c +++ b/src/exchangedb/pg_lookup_kyc_requirement_by_row.c @@ -31,7 +31,8 @@ TEH_PG_lookup_kyc_requirement_by_row (    uint64_t requirement_row,    char **requirements,    enum TALER_AmlDecisionState *aml_status, -  struct TALER_PaytoHashP *h_payto) +  struct TALER_PaytoHashP *h_payto, +  struct TALER_ReservePublicKeyP **reserve_pub)  {    struct PostgresClosure *pg = cls;    uint32_t status = TALER_AML_NORMAL; @@ -39,12 +40,19 @@ TEH_PG_lookup_kyc_requirement_by_row (      GNUNET_PQ_query_param_uint64 (&requirement_row),      GNUNET_PQ_query_param_end    }; +  bool no_reserve_pub; +  struct TALER_ReservePublicKeyP *rp = +    GNUNET_new (struct TALER_ReservePublicKeyP);    struct GNUNET_PQ_ResultSpec rs[] = {      GNUNET_PQ_result_spec_string ("required_checks",                                    requirements),      GNUNET_PQ_result_spec_auto_from_type ("h_payto",                                            h_payto),      GNUNET_PQ_result_spec_allow_null ( +      GNUNET_PQ_result_spec_auto_from_type ("reserve_pub", +                                            rp), +      &no_reserve_pub), +    GNUNET_PQ_result_spec_allow_null (        GNUNET_PQ_result_spec_uint32 ("status",                                      &status),        NULL), @@ -57,6 +65,7 @@ TEH_PG_lookup_kyc_requirement_by_row (             "SELECT "             " lr.required_checks"             ",lr.h_payto" +           ",lr.reserve_pub"             ",aml.status"             " FROM legitimization_requirements lr"             " LEFT JOIN aml_status aml USING (h_payto)" @@ -67,5 +76,11 @@ TEH_PG_lookup_kyc_requirement_by_row (      params,      rs);    *aml_status = (enum TALER_AmlDecisionState) status; +  if (no_reserve_pub) +  { +    GNUNET_free (rp); +    rp = NULL; +  } +  *reserve_pub = rp;    return qs;  } diff --git a/src/exchangedb/pg_lookup_kyc_requirement_by_row.h b/src/exchangedb/pg_lookup_kyc_requirement_by_row.h index 3d223c98..54759f93 100644 --- a/src/exchangedb/pg_lookup_kyc_requirement_by_row.h +++ b/src/exchangedb/pg_lookup_kyc_requirement_by_row.h @@ -34,6 +34,7 @@   * @param[out] requirements provider that must be checked   * @param[out] aml_status set to the AML status of the account   * @param[out] h_payto account that must be KYC'ed + * @param[out] reserve_pub if account is a reserve, its public key, NULL otherwise. Must be freed by caller   * @return database transaction status   */  enum GNUNET_DB_QueryStatus @@ -42,6 +43,7 @@ TEH_PG_lookup_kyc_requirement_by_row (    uint64_t requirement_row,    char **requirements,    enum TALER_AmlDecisionState *aml_status, -  struct TALER_PaytoHashP *h_payto); +  struct TALER_PaytoHashP *h_payto, +  struct TALER_ReservePublicKeyP **reserve_pub);  #endif diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 1b1a657c..581ed8ef 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -6536,6 +6536,7 @@ struct TALER_EXCHANGEDB_Plugin     * @param cls closure     * @param requirements requirements that must be checked     * @param h_payto account that must be KYC'ed +   * @þaram reserve_pub if the account is a reserve, its public key, NULL otherwise     * @param[out] requirement_row set to legitimization requirement row for this check     * @return database transaction status     */ @@ -6544,6 +6545,7 @@ struct TALER_EXCHANGEDB_Plugin      void *cls,      const char *requirements,      const struct TALER_PaytoHashP *h_payto, +    const struct TALER_ReservePublicKeyP *reserve_pub,      uint64_t *requirement_row); @@ -6555,6 +6557,7 @@ struct TALER_EXCHANGEDB_Plugin     * @param provider_section provider that must be checked     * @param provider_account_id provider account ID     * @param provider_legitimization_id provider legitimization ID +   * @param reserve_pub if the KYC process is related to a reserve, its public key, NULL otherwise     * @param[out] process_row row the process is stored under     * @return database transaction status     */ @@ -6565,6 +6568,7 @@ struct TALER_EXCHANGEDB_Plugin      const char *provider_section,      const char *provider_account_id,      const char *provider_legitimization_id, +    const struct TALER_ReservePublicKeyP *reserve_pub,      uint64_t *process_row); @@ -6600,6 +6604,7 @@ struct TALER_EXCHANGEDB_Plugin     * @param[out] requirements space-separated list of requirements     * @param[out] aml_status set to the AML status of the account     * @param[out] h_payto account that must be KYC'ed +   * @param[out] reserve_pub if the account is a reserve, its public key, NULL otherwise.  Must be freed by caller.     * @return database transaction status     */    enum GNUNET_DB_QueryStatus @@ -6608,7 +6613,8 @@ struct TALER_EXCHANGEDB_Plugin      uint64_t requirement_row,      char **requirements,      enum TALER_AmlDecisionState *aml_status, -    struct TALER_PaytoHashP *h_payto); +    struct TALER_PaytoHashP *h_payto, +    struct TALER_ReservePublicKeyP **reserve_pub);    /** diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c index c9e5d8dc..babbf4ac 100644 --- a/src/kyclogic/plugin_kyclogic_oauth2.c +++ b/src/kyclogic/plugin_kyclogic_oauth2.c @@ -922,6 +922,9 @@ data2attributes (const struct TALER_KYCLOGIC_ProviderDetails *pd,                  JSON_INDENT (2));      return NULL;    } +  GNUNET_log (GNUNET_ERROR_TYPE_INFO, +              "XXXXXXXX plugin_kyc_logic SETTING ATTERIBUTES TO\n\t%s\n", +              json_dumps (data, JSON_INDENT (2)));    ret = json_loadb (attr_data,                      attr_size,                      JSON_REJECT_DUPLICATES, diff --git a/src/testing/test_exchange_api_age_restriction.c b/src/testing/test_exchange_api_age_restriction.c index 2e62b7c7..0aaa7bbf 100644 --- a/src/testing/test_exchange_api_age_restriction.c +++ b/src/testing/test_exchange_api_age_restriction.c @@ -257,18 +257,18 @@ run (void *cls,     * Test with age-withdraw, after kyc process has set a birthdate     */    struct TALER_TESTING_Command age_withdraw[] = { -    CMD_TRANSFER_TO_EXCHANGE ("create-reserve-1", +    CMD_TRANSFER_TO_EXCHANGE ("create-reserve-kyc-1",                                "EUR:20.02"),      TALER_TESTING_cmd_check_bank_admin_transfer (        "check-create-reserve-1",        "EUR:20.02",        cred.user42_payto,        cred.exchange_payto, -      "create-reserve-1"), +      "create-reserve-kyc-1"),      CMD_EXEC_WIREWATCH ("wirewatch-age-withdraw-1"),      TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-lacking-kyc", -                                       "create-reserve-1", -                                       "EUR:5", +                                       "create-reserve-kyc-1", +                                       "EUR:10",                                         0, /* age restriction off */                                         MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS),      TALER_TESTING_cmd_check_kyc_get ("check-kyc-withdraw", @@ -280,16 +280,10 @@ run (void *cls,                                          "pass",                                          MHD_HTTP_SEE_OTHER),      TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-with-kyc", -                                       "create-reserve-1", -                                       "EUR:5", +                                       "create-reserve-kyc-1", +                                       "EUR:10",                                         0, /* age restriction off */ -                                       MHD_HTTP_OK), -    /* Attestations above are bound to the originating *bank* account, -       not to the reserve (!). Hence, they are NOT found here! */ -    TALER_TESTING_cmd_reserve_get_attestable ("reserve-get-attestable", -                                              "create-reserve-1", -                                              MHD_HTTP_NOT_FOUND, -                                              NULL), +                                       MHD_HTTP_CONFLICT),      TALER_TESTING_cmd_end (),    }; diff --git a/src/testing/test_exchange_api_age_restriction.conf b/src/testing/test_exchange_api_age_restriction.conf index 37e7fc30..12bf45c3 100644 --- a/src/testing/test_exchange_api_age_restriction.conf +++ b/src/testing/test_exchange_api_age_restriction.conf @@ -23,7 +23,7 @@ HTTP_PORT = 8082  [exchange]  TERMS_ETAG = tos  PRIVACY_ETAG = 0 -AML_THRESHOLD = EUR:1000000 +AML_THRESHOLD = EUR:10  PORT = 8081  MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG  DB = postgres @@ -80,12 +80,29 @@ KYC_OAUTH2_CLIENT_SECRET = exchange-secret  KYC_OAUTH2_POST_URL = http://example.com/  KYC_OAUTH2_ATTRIBUTE_TEMPLATE = "{"full_name":"{{last_name}}, {{first_name}}","birthdate":"{{birthdate}}"}" +[kyc-legitimization-balance-high] +OPERATION_TYPE = BALANCE +REQUIRED_CHECKS = DUMMY +THRESHOLD = EUR:20 + +[kyc-legitimization-deposit-any] +OPERATION_TYPE = DEPOSIT +REQUIRED_CHECKS = DUMMY +THRESHOLD = EUR:10 +TIMEFRAME = 1d +  [kyc-legitimization-withdraw]  OPERATION_TYPE = WITHDRAW  REQUIRED_CHECKS = DUMMY  THRESHOLD = EUR:15  TIMEFRAME = 1d +[kyc-legitimization-merge] +OPERATION_TYPE = MERGE +REQUIRED_CHECKS = DUMMY +THRESHOLD = EUR:15 +TIMEFRAME = 1d +  [exchange-extension-age_restriction]  ENABLED = YES diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf index 90343990..7a212623 100644 --- a/src/testing/test_kyc_api.conf +++ b/src/testing/test_kyc_api.conf @@ -31,7 +31,7 @@ TIMEFRAME = 1d  [kyc-legitimization-withdraw]  OPERATION_TYPE = WITHDRAW  REQUIRED_CHECKS = DUMMY -THRESHOLD = EUR:8 +THRESHOLD = EUR:10  TIMEFRAME = 1d  [kyc-legitimization-merge] diff --git a/src/testing/testing_api_cmd_withdraw.c b/src/testing/testing_api_cmd_withdraw.c index cf0b4998..8873c240 100644 --- a/src/testing/testing_api_cmd_withdraw.c +++ b/src/testing/testing_api_cmd_withdraw.c @@ -283,9 +283,10 @@ reserve_withdraw_cb (void *cls,          return;        }      } -    TALER_TESTING_unexpected_status (is, -                                     wr->hr.http_status, -                                     ws->expected_response_code); +    TALER_TESTING_unexpected_status_with_body (is, +                                               wr->hr.http_status, +                                               ws->expected_response_code, +                                               wr->hr.reply);      return;    }    switch (wr->hr.http_status) | 
