diff options
Diffstat (limited to 'src/exchange')
| -rw-r--r-- | src/exchange/Makefile.am | 1 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd.c | 6 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_aml-decision.h | 18 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_aml-decisions-get.c | 228 |
4 files changed, 249 insertions, 4 deletions
diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am index ffcfc5e9..bf6b1b1a 100644 --- a/src/exchange/Makefile.am +++ b/src/exchange/Makefile.am @@ -124,6 +124,7 @@ taler_exchange_httpd_SOURCES = \ taler-exchange-httpd.c taler-exchange-httpd.h \ taler-exchange-httpd_auditors.c taler-exchange-httpd_auditors.h \ taler-exchange-httpd_aml-decision.c taler-exchange-httpd_aml-decision.h \ + taler-exchange-httpd_aml-decisions-get.c \ taler-exchange-httpd_batch-deposit.c taler-exchange-httpd_batch-deposit.h \ taler-exchange-httpd_batch-withdraw.c taler-exchange-httpd_batch-withdraw.h \ taler-exchange-httpd_common_deposit.c taler-exchange-httpd_common_deposit.h \ diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 7f49955d..11b2d35f 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -446,14 +446,14 @@ handle_get_aml (struct TEH_RequestContext *rc, AmlOpGetHandler handler; } h[] = { -#if FIXME_AML_GET_DECISIONS_NOT_IMPLEMENTED { .op = "decisions", - .handler = &TEH_handler_get_aml_decisions + .handler = &TEH_handler_aml_decisions_get }, +#if FIXME_AML_GET_DECISIONS_NOT_IMPLEMENTED { .op = "decision", - .handler = &TEH_handler_get_aml_decision + .handler = &TEH_handler_aml_decision_get }, #endif { diff --git a/src/exchange/taler-exchange-httpd_aml-decision.h b/src/exchange/taler-exchange-httpd_aml-decision.h index 8dd3bb3f..e31cfdfa 100644 --- a/src/exchange/taler-exchange-httpd_aml-decision.h +++ b/src/exchange/taler-exchange-httpd_aml-decision.h @@ -26,7 +26,7 @@ /** - * Handle an "/aml/$OFFICER_PUB/decision" request. Parses the decision + * Handle a POST "/aml/$OFFICER_PUB/decision" request. Parses the decision * details, checks the signatures and if appropriately authorized executes * the decision. * @@ -42,4 +42,20 @@ TEH_handler_post_aml_decision ( const json_t *root); +/** + * Handle a GET "/aml/$OFFICER_PUB/decisions" request. Parses the request + * details, checks the signatures and if appropriately authorized returns + * the matching decisions. + * + * @param rc request context + * @param officer_pub public key of the AML officer who made the request + * @param args GET arguments (should be none) + * @return MHD result code + */ +MHD_RESULT +TEH_handler_aml_decisions_get ( + struct TEH_RequestContext *rc, + const struct TALER_AmlOfficerPublicKeyP *officer_pub, + const char *const args[]); + #endif diff --git a/src/exchange/taler-exchange-httpd_aml-decisions-get.c b/src/exchange/taler-exchange-httpd_aml-decisions-get.c new file mode 100644 index 00000000..091e7a67 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_aml-decisions-get.c @@ -0,0 +1,228 @@ +/* + This file is part of TALER + Copyright (C) 2023 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_aml-decisions-get.c + * @brief Return summary information about AML decisions + * @author Christian Grothoff + */ +#include "platform.h" +#include <gnunet/gnunet_util_lib.h> +#include <jansson.h> +#include <microhttpd.h> +#include <pthread.h> +#include "taler_json_lib.h" +#include "taler_mhd_lib.h" +#include "taler_signatures.h" +#include "taler-exchange-httpd.h" +#include "taler_exchangedb_plugin.h" +#include "taler-exchange-httpd_aml-decision.h" +#include "taler-exchange-httpd_metrics.h" + + +/** + * Maximum number of records we return per request. + */ +#define MAX_RECORDS 1024 + +/** + * Return AML status. + * + * @param cls closure + * @param row_id current row in AML status table + * @param h_payto account for which the attribute data is stored + * @param threshold currently monthly threshold that would trigger an AML check + * @param status what is the current AML decision + */ +static void +record_cb ( + void *cls, + uint64_t row_id, + const struct TALER_PaytoHashP *h_payto, + const struct TALER_Amount *threshold, + enum TALER_AmlDecisionState status) +{ + json_t *records = cls; + + GNUNET_assert ( + 0 == + json_array_append ( + records, + GNUNET_JSON_PACK ( + GNUNET_JSON_pack_data_auto ("h_payto", + h_payto), + TALER_JSON_pack_amount ("threshold", + threshold), + GNUNET_JSON_pack_int64 ("current_state", + status), + GNUNET_JSON_pack_int64 ("rowid", + row_id) + ))); +} + + +MHD_RESULT +TEH_handler_aml_decisions_get ( + struct TEH_RequestContext *rc, + const struct TALER_AmlOfficerPublicKeyP *officer_pub, + const char *const args[]) +{ + enum GNUNET_GenericReturnValue res; + const char *sig_hdr; + struct TALER_AmlOfficerSignatureP officer_sig; + bool frozen = false; + bool pending = false; + bool normal = false; + int delta = -20; + unsigned long long start = INT64_MAX; + + if (NULL != args[0]) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_ENDPOINT_UNKNOWN, + args[0]); + } + sig_hdr = MHD_lookup_connection_value (rc->connection, + MHD_HEADER_KIND, + TALER_AML_OFFICER_SIGNATURE_HEADER); + if ( (NULL == sig_hdr) || + (GNUNET_OK != + GNUNET_STRINGS_string_to_data (sig_hdr, + strlen (sig_hdr), + &officer_sig, + sizeof (officer_sig))) || + (GNUNET_OK != + TALER_officer_aml_query_verify (officer_pub, + &officer_sig)) ) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_EXCHANGE_GENERIC_AML_OFFICER_GET_SIGNATURE_INVALID, + sig_hdr); + } + TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++; + + { + const char *p; + + p = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "frozen"); + if (NULL != p) + frozen = (0 == strcasecmp (p, + "yes")); + p = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "pending"); + if (NULL != p) + pending = (0 == strcasecmp (p, + "yes")); + p = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "normal"); + if (NULL != p) + normal = (0 == strcasecmp (p, + "yes")); + p = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "start"); + if (NULL != p) + { + char dummy; + + if (1 != sscanf (p, + "%llu%c", + &start, + &dummy)) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "start"); + } + } + p = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "delta"); + if (NULL != p) + { + char dummy; + + if (1 != sscanf (p, + "%d%c", + &delta, + &dummy)) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "delta"); + } + } + } + + { + json_t *records; + enum GNUNET_DB_QueryStatus qs; + enum TALER_AmlDecisionState decision = 42; // FIXME! + + records = json_array (); + GNUNET_assert (NULL != records); + if (INT_MIN == delta) + delta = INT_MIN + 1; + qs = TEH_plugin->select_aml_process (TEH_plugin->cls, + decision, + start, + delta > 0, + GNUNET_MIN (MAX_RECORDS, + delta > 0 ? delta : + -delta), + &record_cb, + records); + switch (qs) + { + case GNUNET_DB_STATUS_HARD_ERROR: + case GNUNET_DB_STATUS_SOFT_ERROR: + json_decref (records); + GNUNET_break (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + NULL); + case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS: + return TALER_MHD_reply_static ( + rc->connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); + case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT: + break; + } + return TALER_MHD_REPLY_JSON_PACK ( + rc->connection, + MHD_HTTP_OK, + GNUNET_JSON_pack_array_steal ("records", + records)); + } +} + + +/* end of taler-exchange-httpd_deposits_get.c */ |