[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: allow 'admin' to access other customer
From: |
gnunet |
Subject: |
[libeufin] branch master updated: allow 'admin' to access other customers accounts |
Date: |
Fri, 05 Nov 2021 11:47:24 +0100 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new a6661dff allow 'admin' to access other customers accounts
a6661dff is described below
commit a6661dffe23dbf5157167204ccda8855dc1d1d21
Author: ms <ms@taler.net>
AuthorDate: Fri Nov 5 11:46:56 2021 +0100
allow 'admin' to access other customers accounts
---
sandbox/src/main/kotlin/tech/libeufin/sandbox/DB.kt | 3 ++-
sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt | 15 +++++++++------
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/DB.kt
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/DB.kt
index fcb58ed2..b9863704 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/DB.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/DB.kt
@@ -491,7 +491,8 @@ fun dbCreateTables(dbConnectionString: String) {
BankAccountsTable,
BankAccountReportsTable,
BankAccountStatementsTable,
- TalerWithdrawalsTable
+ TalerWithdrawalsTable,
+ DemobankCustomersTable
)
}
}
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
index 35c2f6ba..6ddd9152 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
@@ -1180,7 +1180,10 @@ val sandboxApp: Application.() -> Unit = {
res
} ?: throw notFound("Account '$accountAccessed' not found")
// Check rights.
- if (WITH_AUTH && bankAccount.owner != username) throw
forbidden(
+ if (
+ WITH_AUTH
+ && (bankAccount.owner != username && username !=
"admin")
+ ) throw forbidden(
"Customer '$username' cannot access bank account
'$accountAccessed'"
)
val creditDebitIndicator = if (bankAccount.isDebit) {
@@ -1255,8 +1258,8 @@ val sandboxApp: Application.() -> Unit = {
val checkExist = transaction {
DemobankCustomerEntity.find {
DemobankCustomersTable.username eq req.username
- }
- }.firstOrNull()
+ }.firstOrNull()
+ }
if (checkExist != null) {
throw SandboxError(
HttpStatusCode.Conflict,
@@ -1268,7 +1271,7 @@ val sandboxApp: Application.() -> Unit = {
transaction {
BankAccountEntity.new {
iban = getIban()
- label = req.username + "acct" // multiple accounts
per username not allowed.
+ label = req.username + "-acct" // multiple
accounts per username not allowed.
owner = req.username
this.demoBank = demobank
}
@@ -1305,8 +1308,8 @@ val sandboxApp: Application.() -> Unit = {
body.demobankAccountLabel,
ensureDemobank(call)
)
- if (bankAccount.owner != user) throw forbidden(
- "User cannot access bank account
'${bankAccount.label}'"
+ if ((user != "admin") && (bankAccount.owner != user))
throw forbidden(
+ "User ${bankAccount.owner} cannot access bank
account '${bankAccount.label}'"
)
subscriber.bankAccount = bankAccount
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: allow 'admin' to access other customers accounts,
gnunet <=