From 3898054b1070db0c6be0fa9f6772637069aa34e2 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 2 Feb 2023 14:55:56 +0100 Subject: [PATCH] more work on KYC/AML decision inspection --- .../taler-exchange-httpd_aml-decision-get.c | 11 ++-- .../taler-exchange-httpd_aml-decision.h | 4 +- .../taler-exchange-httpd_aml-decisions-get.c | 51 ++++++++++--------- src/exchangedb/pg_select_aml_process.c | 2 +- src/include/taler_crypto_lib.h | 4 +- src/include/taler_exchange_service.h | 8 +-- src/lib/exchange_api_lookup_aml_decisions.c | 29 +++++++---- 7 files changed, 60 insertions(+), 49 deletions(-) diff --git a/src/exchange/taler-exchange-httpd_aml-decision-get.c b/src/exchange/taler-exchange-httpd_aml-decision-get.c index 0754c0b86..09f9c8e86 100644 --- a/src/exchange/taler-exchange-httpd_aml-decision-get.c +++ b/src/exchange/taler-exchange-httpd_aml-decision-get.c @@ -64,8 +64,10 @@ kyc_attribute_cb ( json_t *kyc_attributes = cls; json_t *attributes; - attributes = NULL; // FIXME - + attributes = TALER_CRYPTO_kyc_attributes_decrypt (&TEH_attribute_key, + enc_attributes, + enc_attributes_size); + GNUNET_break (NULL != attributes); GNUNET_assert ( 0 == json_array_append ( @@ -77,8 +79,9 @@ kyc_attribute_cb ( collection_time), GNUNET_JSON_pack_timestamp ("expiration_time", expiration_time), - GNUNET_JSON_pack_object_steal ("attributes", - attributes) + GNUNET_JSON_pack_allow_null ( + GNUNET_JSON_pack_object_steal ("attributes", + attributes)) ))); } diff --git a/src/exchange/taler-exchange-httpd_aml-decision.h b/src/exchange/taler-exchange-httpd_aml-decision.h index 033db4a89..8af742c0a 100644 --- a/src/exchange/taler-exchange-httpd_aml-decision.h +++ b/src/exchange/taler-exchange-httpd_aml-decision.h @@ -43,13 +43,13 @@ TEH_handler_post_aml_decision ( /** - * Handle a GET "/aml/$OFFICER_PUB/decisions" request. Parses the request + * Handle a GET "/aml/$OFFICER_PUB/decisions/$STATE" request. Parses the request * details, checks the signatures and if appropriately authorized returns * the matching decisions. * * @param rc request context * @param officer_pub public key of the AML officer who made the request - * @param args GET arguments (should be none) + * @param args GET arguments (should be the state) * @return MHD result code */ MHD_RESULT diff --git a/src/exchange/taler-exchange-httpd_aml-decisions-get.c b/src/exchange/taler-exchange-httpd_aml-decisions-get.c index 9f2fae3b7..7c4a137d9 100644 --- a/src/exchange/taler-exchange-httpd_aml-decisions-get.c +++ b/src/exchange/taler-exchange-httpd_aml-decisions-get.c @@ -80,13 +80,12 @@ TEH_handler_aml_decisions_get ( const char *const args[]) { struct TALER_AmlOfficerSignatureP officer_sig; - bool frozen = false; - bool pending = false; - bool normal = false; + enum TALER_AmlDecisionState decision; int delta = -20; unsigned long long start = INT64_MAX; + const char *state_str = args[0]; - if (NULL != args[0]) + if (NULL == state_str) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (rc->connection, @@ -94,6 +93,31 @@ TEH_handler_aml_decisions_get ( TALER_EC_GENERIC_ENDPOINT_UNKNOWN, args[0]); } + if (0 == strcmp (state_str, + "pending")) + decision = TALER_AML_PENDING; + else if (0 == strcmp (state_str, + "frozen")) + decision = TALER_AML_FROZEN; + if (0 == strcmp (state_str, + "normal")) + decision = TALER_AML_NORMAL; + else + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_ENDPOINT_UNKNOWN, + state_str); + } + if (NULL != args[1]) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_ENDPOINT_UNKNOWN, + args[1]); + } { const char *sig_hdr; @@ -122,24 +146,6 @@ TEH_handler_aml_decisions_get ( { const char *p; - p = MHD_lookup_connection_value (rc->connection, - MHD_GET_ARGUMENT_KIND, - "frozen"); - if (NULL != p) - frozen = (0 == strcasecmp (p, - "yes")); - p = MHD_lookup_connection_value (rc->connection, - MHD_GET_ARGUMENT_KIND, - "pending"); - if (NULL != p) - pending = (0 == strcasecmp (p, - "yes")); - p = MHD_lookup_connection_value (rc->connection, - MHD_GET_ARGUMENT_KIND, - "normal"); - if (NULL != p) - normal = (0 == strcasecmp (p, - "yes")); p = MHD_lookup_connection_value (rc->connection, MHD_GET_ARGUMENT_KIND, "start"); @@ -183,7 +189,6 @@ TEH_handler_aml_decisions_get ( { json_t *records; enum GNUNET_DB_QueryStatus qs; - enum TALER_AmlDecisionState decision = 42; // FIXME! records = json_array (); GNUNET_assert (NULL != records); diff --git a/src/exchangedb/pg_select_aml_process.c b/src/exchangedb/pg_select_aml_process.c index c165e230b..6ee0dbeb9 100644 --- a/src/exchangedb/pg_select_aml_process.c +++ b/src/exchangedb/pg_select_aml_process.c @@ -145,7 +145,7 @@ TEH_PG_select_aml_process ( ",status" " FROM aml_status" " WHERE aml_status_serial_id > $2" - " AND $1 = status & $1" + " AND status = $1" " ORDER BY aml_status_serial_id INC" " LIMIT $3"); PREPARE (pg, diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 484f0f225..5f6274919 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -549,7 +549,7 @@ struct TALER_AmlOfficerSignatureP /** - * Bitmask with possible AML decision states. + * Possible AML decision states. */ enum TALER_AmlDecisionState { @@ -557,7 +557,7 @@ enum TALER_AmlDecisionState /** * All AML requirements are currently satisfied. */ - TALER_AML_NONE = 0, + TALER_AML_NORMAL = 0, /** * An AML investigation is pending. diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index c6391647e..277e658e9 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -4384,9 +4384,7 @@ struct TALER_EXCHANGE_LookupAmlDecisions; * @param exchange_url HTTP base URL for the exchange * @param start row number starting point (exclusive rowid) * @param delta number of records to return, negative for descending, positive for ascending from start - * @param filter_frozen true to only return frozen accounts - * @param filter_pending true to only return accounts with pending decisions - * @param filter_normal true to only return accounts where transactions are allowed + * @param state type of AML decisions to return * @param officer_priv private key of the deciding AML officer * @param cb function to call with the exchange's result * @param cb_cls closure for @a cb @@ -4398,9 +4396,7 @@ TALER_EXCHANGE_lookup_aml_decisions ( const char *exchange_url, uint64_t start, int delta, - bool filter_frozen, - bool filter_pending, - bool filter_normal, + enum TALER_AmlDecisionState state, const struct TALER_AmlOfficerPrivateKeyP *officer_priv, TALER_EXCHANGE_LookupAmlDecisionsCallback cb, void *cb_cls); diff --git a/src/lib/exchange_api_lookup_aml_decisions.c b/src/lib/exchange_api_lookup_aml_decisions.c index 308c0f969..fb5bfaa2e 100644 --- a/src/lib/exchange_api_lookup_aml_decisions.c +++ b/src/lib/exchange_api_lookup_aml_decisions.c @@ -166,9 +166,7 @@ TALER_EXCHANGE_lookup_aml_decisions ( const char *exchange_url, uint64_t start, int delta, - bool filter_frozen, - bool filter_pending, - bool filter_normal, + enum TALER_AmlDecisionState state, const struct TALER_AmlOfficerPrivateKeyP *officer_priv, TALER_EXCHANGE_LookupAmlDecisionsCallback cb, void *cb_cls) @@ -178,7 +176,21 @@ TALER_EXCHANGE_lookup_aml_decisions ( struct TALER_AmlOfficerPublicKeyP officer_pub; struct TALER_AmlOfficerSignatureP officer_sig; char arg_str[sizeof (struct TALER_AmlOfficerPublicKeyP) * 2 + 32]; + const char *state_str = NULL; + switch (state) + { + case TALER_AML_NORMAL: + state_str = "normal"; + break; + case TALER_AML_PENDING: + state_str = "pending"; + break; + case TALER_AML_FROZEN: + state_str = "frozen"; + break; + } + GNUNET_assert (NULL != state_str); GNUNET_CRYPTO_eddsa_key_get_public (&officer_priv->eddsa_priv, &officer_pub.eddsa_pub); TALER_officer_aml_query_sign (officer_priv, @@ -195,20 +207,15 @@ TALER_EXCHANGE_lookup_aml_decisions ( *end = '\0'; GNUNET_snprintf (arg_str, sizeof (arg_str), - "/aml/%s/decisions", - pub_str); + "/aml/%s/decisions/%s", + pub_str, + state_str); } lh = GNUNET_new (struct TALER_EXCHANGE_LookupAmlDecisions); lh->decisions_cb = cb; lh->decisions_cb_cls = cb_cls; lh->url = TALER_url_join (exchange_url, arg_str, - "frozen", - filter_frozen ? "yes" : NULL, - "pending", - filter_pending ? "yes" : NULL, - "normal", - filter_normal ? "yes" : NULL, NULL); if (NULL == lh->url) {