[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 113/151: wip
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 113/151: wip |
|
Date: |
Tue, 30 Jul 2024 23:38:03 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit 1fbb444ec1d4abba377ba4fce3606d300f4ff138
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Jul 24 16:23:45 2024 +0200
wip
---
src/exchange/taler-exchange-httpd.c | 33 -----
src/exchange/taler-exchange-httpd.h | 6 -
src/exchange/taler-exchange-httpd_common_kyc.c | 136 ++++++++++++++------
src/exchange/taler-exchange-httpd_common_kyc.h | 2 +-
src/exchangedb/0005-reserves_in.sql | 45 +++++++
src/exchangedb/Makefile.am | 1 +
.../exchange_do_insert_kyc_attributes.sql | 13 +-
src/exchangedb/pg_insert_kyc_attributes.c | 17 ++-
src/exchangedb/pg_insert_kyc_attributes.h | 14 ++-
src/exchangedb/pg_lookup_active_legitimization.c | 66 ++++++++++
src/exchangedb/pg_lookup_active_legitimization.h | 49 ++++++++
src/exchangedb/plugin_exchangedb_postgres.c | 3 +
src/include/taler_exchangedb_plugin.h | 33 ++++-
src/include/taler_kyclogic_lib.h | 137 +++++++++++++++++++++
src/kyclogic/kyclogic_api.c | 76 ++++++++++++
15 files changed, 542 insertions(+), 89 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd.c
b/src/exchange/taler-exchange-httpd.c
index 510d36bac..a120cf47d 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -180,23 +180,11 @@ static char *toplevel_redirect_url;
*/
char *TEH_currency;
-/**
- * Name of the KYC-AML-trigger evaluation binary.
- */
-char *TEH_kyc_aml_trigger;
-
/**
* Option set to #GNUNET_YES if rewards are enabled.
*/
int TEH_enable_rewards;
-/**
- * What is the largest amount we allow a peer to
- * merge into a reserve before always triggering
- * an AML check?
- */
-struct TALER_Amount TEH_aml_threshold;
-
/**
* Our base URL.
*/
@@ -2167,17 +2155,6 @@ exchange_serve_process_config (void)
"valid relative time expected");
return GNUNET_SYSERR;
}
- if (GNUNET_OK !=
- GNUNET_CONFIGURATION_get_value_string (TEH_cfg,
- "exchange",
- "KYC_AML_TRIGGER",
- &TEH_kyc_aml_trigger))
- {
- GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
- "exchange",
- "KYC_AML_TRIGGER");
- return GNUNET_SYSERR;
- }
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (TEH_cfg,
"exchange",
@@ -2216,16 +2193,6 @@ exchange_serve_process_config (void)
}
/* currency parser must provide default spec for main currency */
GNUNET_assert (NULL != TEH_cspec);
- if (GNUNET_OK !=
- TALER_config_get_amount (TEH_cfg,
- "exchange",
- "AML_THRESHOLD",
- &TEH_aml_threshold))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- "Need amount in section `exchange' under `AML_THRESHOLD'\n");
- return GNUNET_SYSERR;
- }
if (GNUNET_OK !=
TALER_config_get_amount (TEH_cfg,
"exchange",
diff --git a/src/exchange/taler-exchange-httpd.h
b/src/exchange/taler-exchange-httpd.h
index 7740d2fac..293455af6 100644
--- a/src/exchange/taler-exchange-httpd.h
+++ b/src/exchange/taler-exchange-httpd.h
@@ -41,12 +41,6 @@ extern struct GNUNET_TIME_Relative TEH_max_keys_caching;
*/
extern struct GNUNET_TIME_Relative TEH_reserve_closing_delay;
-/**
- * Name of the KYC-AML-trigger evaluation binary.
- * FIXME: do we keep this?
- */
-extern char *TEH_kyc_aml_trigger;
-
/**
* The exchange's configuration.
*/
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.c
b/src/exchange/taler-exchange-httpd_common_kyc.c
index 141f99841..6b7b3f583 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.c
+++ b/src/exchange/taler-exchange-httpd_common_kyc.c
@@ -80,6 +80,26 @@ struct TEH_KycAmlTrigger
*/
json_t *attributes;
+ /**
+ * Measures this KYC process is responding to.
+ */
+ json_t *jmeasures;
+
+ /**
+ * KYC history of the account.
+ */
+ json_t *kyc_history;
+
+ /**
+ * AML history of the account.
+ */
+ json_t *aml_history;
+
+ /**
+ * KYC measure the client is (trying to) satisfy.
+ */
+ uint32_t measure_index;
+
/**
* response to return to the HTTP client
*/
@@ -89,7 +109,7 @@ struct TEH_KycAmlTrigger
* Handle to an external process that evaluates the
* need to run AML on the account.
*/
- struct TALER_JSON_ExternalConversion *kyc_aml;
+ struct TALER_KYCLOGIC_AmlProgramRunnerHandle *kyc_aml;
/**
* HTTP status code of @e response
@@ -103,51 +123,55 @@ struct TEH_KycAmlTrigger
* Type of a callback that receives a JSON @a result.
*
* @param cls closure of type `struct TEH_KycAmlTrigger *`
- * @param status_type how did the process die
- * @param code termination status code from the process,
- * non-zero if AML checks are required next
- * @param result some JSON result, NULL if we failed to get an JSON output
+ * @param apr AML program result
*/
static void
kyc_aml_finished (void *cls,
- enum GNUNET_OS_ProcessStatusType status_type,
- unsigned long code,
- const json_t *result)
+ const struct TALER_KYCLOGIC_AmlProgramResult *apr)
{
struct TEH_KycAmlTrigger *kat = cls;
enum GNUNET_DB_QueryStatus qs;
size_t eas;
void *ea;
- const char *birthdate;
unsigned int birthday = 0;
struct GNUNET_AsyncScopeSave old_scope;
kat->kyc_aml = NULL;
GNUNET_async_scope_enter (&kat->scope,
&old_scope);
- birthdate = json_string_value (json_object_get (kat->attributes,
- TALER_ATTRIBUTE_BIRTHDATE));
- if ( (TEH_age_restriction_enabled) &&
- (NULL != birthdate) )
+ if (TALER_KYCLOGIC_AMLR_SUCCESS != apr->status)
{
- enum GNUNET_GenericReturnValue ret;
-
- ret = TALER_parse_coarse_date (birthdate,
- &TEH_age_restriction_config.mask,
- &birthday);
+ // FIXME ...
+ GNUNET_break (0); // not implemented!
+ }
+ {
+ const char *birthdate;
- if (GNUNET_OK != ret)
+ birthdate = json_string_value (
+ json_object_get (kat->attributes,
+ TALER_ATTRIBUTE_BIRTHDATE));
+ if ( (TEH_age_restriction_enabled) &&
+ (NULL != birthdate) )
{
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- "Failed to parse birthdate `%s' from KYC attributes\n",
- birthdate);
- if (NULL != kat->response)
- MHD_destroy_response (kat->response);
- kat->http_status = MHD_HTTP_BAD_REQUEST;
- kat->response = TALER_MHD_make_error (
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- TALER_ATTRIBUTE_BIRTHDATE);
- goto RETURN_RESULT;
+ enum GNUNET_GenericReturnValue ret;
+
+ ret = TALER_parse_coarse_date (birthdate,
+ &TEH_age_restriction_config.mask,
+ &birthday);
+
+ if (GNUNET_OK != ret)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Failed to parse birthdate `%s' from KYC attributes\n",
+ birthdate);
+ if (NULL != kat->response)
+ MHD_destroy_response (kat->response);
+ kat->http_status = MHD_HTTP_BAD_REQUEST;
+ kat->response = TALER_MHD_make_error (
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ TALER_ATTRIBUTE_BIRTHDATE);
+ goto RETURN_RESULT;
+ }
}
}
@@ -165,6 +189,11 @@ kyc_aml_finished (void *cls,
kat->provider_user_id,
kat->provider_legitimization_id,
kat->expiration,
+ apr->details.success.account_properties,
+ apr->details.success.new_rules,
+ apr->details.success.to_investigate,
+ apr->details.success.num_events,
+ apr->details.success.events,
eas,
ea,
0 != code);
@@ -209,6 +238,7 @@ TEH_kyc_finished (const struct GNUNET_AsyncScopeId *scope,
void *cb_cls)
{
struct TEH_KycAmlTrigger *kat;
+ enum GNUNET_DB_QueryStatus qs;
kat = GNUNET_new (struct TEH_KycAmlTrigger);
kat->scope = *scope;
@@ -228,14 +258,43 @@ TEH_kyc_finished (const struct GNUNET_AsyncScopeId *scope,
kat->response = response;
kat->cb = cb;
kat->cb_cls = cb_cls;
+ qs = TEH_plugin->lookup_active_legitimization (
+ TEH_plugin->cls,
+ process_row,
+ &kat->measure_index,
+ &kat->jmeasures);
+ switch (qs)
+ {
+ case GNUNET_DB_STATUS_HARD_ERROR:
+ case GNUNET_DB_STATUS_SOFT_ERROR:
+ GNUNET_break (0);
+ TEH_kyc_finished_cancel (kat);
+ return NULL;
+ case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+ GNUNET_break (0);
+ TEH_kyc_finished_cancel (kat);
+ return NULL;
+ case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
+ break;
+ }
+#if FIXME
+ qs = TEH_plugin->lookup_aml_history (
+ TEH_plugin->cls,
+ account_id,
+ &kat->aml_history,
+ &kat->kyc_history);
+#else
+ kat->aml_history = json_array ();
+ kat->kyc_history = json_array ();
+#endf
kat->kyc_aml
- = TALER_JSON_external_conversion_start (
- attributes,
- &kyc_aml_finished,
- kat,
- TEH_kyc_aml_trigger,
- TEH_kyc_aml_trigger,
- NULL);
+ = TALER_KYCLOGIC_run_aml_program (kat->attributes,
+ kat->aml_history,
+ kat->kyc_history,
+ kat->jmeasures,
+ kat->measure_index,
+ &kyc_aml_finished,
+ kat);
if (NULL == kat->kyc_aml)
{
GNUNET_break (0);
@@ -251,13 +310,16 @@ TEH_kyc_finished_cancel (struct TEH_KycAmlTrigger *kat)
{
if (NULL != kat->kyc_aml)
{
- TALER_JSON_external_conversion_stop (kat->kyc_aml);
+ TALER_KYCLOGIC_run_aml_program_cancel (kat->kyc_aml);
kat->kyc_aml = NULL;
}
GNUNET_free (kat->provider_name);
GNUNET_free (kat->provider_user_id);
GNUNET_free (kat->provider_legitimization_id);
+ json_decref (kat->jmeasures);
json_decref (kat->attributes);
+ json_decref (kat->aml_history);
+ json_decref (kat->kyc_history);
if (NULL != kat->response)
{
MHD_destroy_response (kat->response);
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.h
b/src/exchange/taler-exchange-httpd_common_kyc.h
index e391c8d3b..ccf94e9d6 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.h
+++ b/src/exchange/taler-exchange-httpd_common_kyc.h
@@ -59,7 +59,7 @@ struct TEH_KycAmlTrigger;
* in the database. Then call @a cb.
*
* @param scope the HTTP request logging scope
- * @param process_row legitimization process the webhook was about
+ * @param process_row legitimization process the data provided is about
* @param account_id account the webhook was about
* @param provider_name name of the provider with the logic that was run
* @param provider_user_id set to user ID at the provider, or NULL if not
supported or unknown
diff --git a/src/exchangedb/0005-reserves_in.sql
b/src/exchangedb/0005-reserves_in.sql
new file mode 100644
index 000000000..157e52308
--- /dev/null
+++ b/src/exchangedb/0005-reserves_in.sql
@@ -0,0 +1,45 @@
+--
+-- This file is part of TALER
+-- Copyright (C) 2024 Taler Systems SA
+--
+-- TALER is free software; you can redistribute it and/or modify it under the
+-- terms of the GNU General Public License as published by the Free Software
+-- Foundation; either version 3, or (at your option) any later version.
+--
+-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR
+-- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License along with
+-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+--
+
+CREATE FUNCTION foreign_table_reserves_in5()
+RETURNS void
+LANGUAGE plpgsql
+AS $$
+DECLARE
+ table_name TEXT DEFAULT 'reserves_in';
+BEGIN
+ EXECUTE FORMAT (
+ 'ALTER TABLE ' || table_name ||
+ ' ADD CONSTRAINT ' || table_name || '_wire_target_h_payto_foreign'
+ ' FOREIGN KEY (wire_source_h_payto)'
+ ' REFERENCES wire_targets (wire_target_h_payto)'
+ ' ON DELETE RESTRICT'
+ );
+END
+$$;
+
+INSERT INTO exchange_tables
+ (name
+ ,version
+ ,action
+ ,partitioned
+ ,by_range)
+ VALUES
+ ('reserves_in5'
+ ,'exchange-0005'
+ ,'foreign'
+ ,TRUE
+ ,FALSE);
diff --git a/src/exchangedb/Makefile.am b/src/exchangedb/Makefile.am
index ae80a5123..e7619657e 100644
--- a/src/exchangedb/Makefile.am
+++ b/src/exchangedb/Makefile.am
@@ -171,6 +171,7 @@ libtaler_plugin_exchangedb_postgres_la_SOURCES = \
pg_test_aml_officer.h pg_test_aml_officer.c \
pg_lookup_aml_officer.h pg_lookup_aml_officer.c \
pg_lookup_pending_legitimization.h pg_lookup_pending_legitimization.c \
+ pg_lookup_active_legitimization.h pg_lookup_active_legitimization.c \
pg_trigger_aml_process.h pg_trigger_aml_process.c \
pg_insert_aml_decision.h pg_insert_aml_decision.c \
pg_select_aggregation_transient.h pg_select_aggregation_transient.c \
diff --git a/src/exchangedb/exchange_do_insert_kyc_attributes.sql
b/src/exchangedb/exchange_do_insert_kyc_attributes.sql
index 54ab51bbe..8ae2ff0c3 100644
--- a/src/exchangedb/exchange_do_insert_kyc_attributes.sql
+++ b/src/exchangedb/exchange_do_insert_kyc_attributes.sql
@@ -14,7 +14,9 @@
-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
--
-CREATE OR REPLACE FUNCTION exchange_do_insert_kyc_attributes(
+DELETE FUNCTION exchange_do_insert_kyc_attributes
+ IF EXISTS;
+CREATE FUNCTION exchange_do_insert_kyc_attributes(
IN in_process_row INT8,
IN in_h_payto BYTEA,
IN in_birthday INT4,
@@ -24,6 +26,9 @@ CREATE OR REPLACE FUNCTION exchange_do_insert_kyc_attributes(
IN in_collection_time_ts INT8,
IN in_expiration_time INT8,
IN in_expiration_time_ts INT8,
+ IN in_account_properties TEXT, -- FIXME: use!
+ IN in_new_rules TEXT, -- FIXME: use!
+ IN ina_events TEXT[], -- FIXME: use!
IN in_enc_attributes BYTEA,
IN in_require_aml BOOLEAN,
IN in_kyc_completed_notify_s TEXT,
@@ -41,12 +46,14 @@ INSERT INTO exchange.kyc_attributes
,expiration_time
,encrypted_attributes
,legitimization_serial
+ ,trigger_outcome_serial
) VALUES
(in_h_payto
,in_collection_time_ts
,in_expiration_time_ts
,in_enc_attributes
- ,in_process_row);
+ ,in_process_row
+ ,FIXME);
UPDATE legitimization_processes
SET provider_user_id=in_provider_account_id
@@ -102,5 +109,5 @@ INSERT INTO kyc_alerts
END $$;
-COMMENT ON FUNCTION exchange_do_insert_kyc_attributes(INT8, BYTEA, INT4, TEXT,
TEXT, TEXT, INT8, INT8, INT8, BYTEA, BOOL, TEXT)
+COMMENT ON FUNCTION exchange_do_insert_kyc_attributes(INT8, BYTEA, INT4, TEXT,
TEXT, TEXT, INT8, INT8, INT8, TEXT, TEXT, TEXT[], BYTEA, BOOL, TEXT)
IS 'Inserts new KYC attributes and updates the status of the legitimization
process and the AML status for the account';
diff --git a/src/exchangedb/pg_insert_kyc_attributes.c
b/src/exchangedb/pg_insert_kyc_attributes.c
index a72e4e67b..37e833863 100644
--- a/src/exchangedb/pg_insert_kyc_attributes.c
+++ b/src/exchangedb/pg_insert_kyc_attributes.c
@@ -37,9 +37,13 @@ TEH_PG_insert_kyc_attributes (
const char *provider_account_id,
const char *provider_legitimization_id,
struct GNUNET_TIME_Absolute expiration_time,
+ const json_t *account_properties,
+ const json_t *new_rules,
+ bool to_investigate,
+ unsigned int num_events,
+ const char **events,
size_t enc_attributes_size,
- const void *enc_attributes,
- bool require_aml)
+ const void *enc_attributes)
{
struct PostgresClosure *pg = cls;
struct GNUNET_TIME_Timestamp expiration
@@ -72,9 +76,14 @@ TEH_PG_insert_kyc_attributes (
GNUNET_PQ_query_param_timestamp (&collection_time),
GNUNET_PQ_query_param_absolute_time (&expiration_time),
GNUNET_PQ_query_param_timestamp (&expiration),
+ TALER_PQ_query_param_json (account_properties),
+ TALER_PQ_query_param_json (new_rules),
+ GNUNET_PQ_query_param_array_string (pg,
+ num_events,
+ events),
GNUNET_PQ_query_param_fixed_size (enc_attributes,
enc_attributes_size),
- GNUNET_PQ_query_param_bool (require_aml),
+ GNUNET_PQ_query_param_bool (to_investigate),
GNUNET_PQ_query_param_string (kyc_completed_notify_s),
GNUNET_PQ_query_param_end
};
@@ -94,7 +103,7 @@ TEH_PG_insert_kyc_attributes (
"SELECT "
" out_ok"
" FROM exchange_do_insert_kyc_attributes "
- "($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12);");
+ "($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14,
$15);");
qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
"insert_kyc_attributes",
params,
diff --git a/src/exchangedb/pg_insert_kyc_attributes.h
b/src/exchangedb/pg_insert_kyc_attributes.h
index 09ebbf04a..e33f3a152 100644
--- a/src/exchangedb/pg_insert_kyc_attributes.h
+++ b/src/exchangedb/pg_insert_kyc_attributes.h
@@ -39,9 +39,13 @@
* @param provider_account_id provider account ID
* @param provider_legitimization_id provider legitimization ID
* @param expiration_time when does the data expire
+ * @param account_properties new account properties
+ * @param new_rules new KYC rules to apply to the account
+ * @param to_investigate true to flag account for investigation
+ * @param num_events length of the @a events array
+ * @param events array of KYC events to trigger
* @param enc_attributes_size number of bytes in @a enc_attributes
* @param enc_attributes encrypted attribute data
- * @param require_aml true to trigger AML
* @return database transaction status
*/
enum GNUNET_DB_QueryStatus
@@ -55,9 +59,13 @@ TEH_PG_insert_kyc_attributes (
const char *provider_account_id,
const char *provider_legitimization_id,
struct GNUNET_TIME_Absolute expiration_time,
+ const json_t *account_properties,
+ const json_t *new_rules,
+ bool to_investigate,
+ unsigned int num_events,
+ const char **events,
size_t enc_attributes_size,
- const void *enc_attributes,
- bool require_aml);
+ const void *enc_attributes);
#endif
diff --git a/src/exchangedb/pg_lookup_active_legitimization.c
b/src/exchangedb/pg_lookup_active_legitimization.c
new file mode 100644
index 000000000..38c95fd4d
--- /dev/null
+++ b/src/exchangedb/pg_lookup_active_legitimization.c
@@ -0,0 +1,66 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2024 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file exchangedb/pg_lookup_pending_legitimization.c
+ * @brief Implementation of the lookup_pending_legitimization function for
Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler_error_codes.h"
+#include "taler_dbevents.h"
+#include "taler_pq_lib.h"
+#include "pg_lookup_active_legitimization.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+TEH_PG_lookup_active_legitimization (
+ void *cls,
+ uint64_t legitimization_process_serial_id,
+ uint32_t *measure_index,
+ json_t **jmeasures)
+{
+ struct PostgresClosure *pg = cls;
+ struct GNUNET_PQ_QueryParam params[] = {
+ GNUNET_PQ_query_param_uint64 (&legitimization_process_serial_id),
+ GNUNET_PQ_query_param_end
+ };
+ struct GNUNET_PQ_ResultSpec rs[] = {
+ TALER_PQ_result_spec_json (
+ "jmeasures",
+ jmeasures),
+ GNUNET_PQ_result_spec_uint32 (
+ "measure_index",
+ measure_index),
+ GNUNET_PQ_result_spec_end
+ };
+
+ PREPARE (pg,
+ "lookup_active_legitimization",
+ "SELECT "
+ " lm.jmeasures"
+ ",lp.measure_index"
+ " FROM legitimization_processes lp"
+ " JOIN legitimization_measures lm"
+ " USING (legitimization_measure_serial_id)"
+ " WHERE lp.legitimization_process_serial_id=$1"
+ " AND NOT lm.is_finished;");
+ return GNUNET_PQ_eval_prepared_singleton_select (
+ pg->conn,
+ "lookup_active_legitimization",
+ params,
+ rs);
+}
diff --git a/src/exchangedb/pg_lookup_active_legitimization.h
b/src/exchangedb/pg_lookup_active_legitimization.h
new file mode 100644
index 000000000..f7bce41cb
--- /dev/null
+++ b/src/exchangedb/pg_lookup_active_legitimization.h
@@ -0,0 +1,49 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2024 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file exchangedb/pg_lookup_active_legitimization.h
+ * @brief implementation of the lookup_active_legitimization function for
Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_LOOKUP_ACTIVE_LEGITIMIZATION_H
+#define PG_LOOKUP_ACTIVE_LEGITIMIZATION_H
+
+#include "taler_util.h"
+#include "taler_json_lib.h"
+#include "taler_exchangedb_plugin.h"
+
+
+/**
+ * Lookup measure data for an active legitimization process.
+ *
+ * @param cls closure
+ * @param legitimization_process_serial_id
+ * row in legitimization_processes table to access
+ * @param[out] measure_index set to the measure the
+ * process is trying to satisfy
+ * @param[out] jmeasures set to the legitimization
+ * measures that were put on the account
+ * @return database transaction status
+ */
+enum GNUNET_DB_QueryStatus
+TEH_PG_lookup_active_legitimization (
+ void *cls,
+ uint64_t legitimization_process_serial_id,
+ uint32_t *measure_index,
+ json_t **jmeasures);
+
+
+#endif
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c
b/src/exchangedb/plugin_exchangedb_postgres.c
index c9ea6a752..3587ed2e0 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -54,6 +54,7 @@
#include "pg_lookup_kyc_status_by_token.h"
#include "pg_lookup_serial_by_table.h"
#include "pg_lookup_pending_legitimization.h"
+#include "pg_lookup_active_legitimization.h"
#include "pg_select_account_merges_above_serial_id.h"
#include "pg_select_all_purse_decisions_above_serial_id.h"
#include "pg_select_purse.h"
@@ -749,6 +750,8 @@ libtaler_plugin_exchangedb_postgres_init (void *cls)
= &TEH_PG_lookup_denomination_key;
plugin->lookup_pending_legitimization
= &TEH_PG_lookup_pending_legitimization;
+ plugin->lookup_active_legitimization
+ = &TEH_PG_lookup_active_legitimization;
plugin->insert_auditor_denom_sig
= &TEH_PG_insert_auditor_denom_sig;
plugin->select_auditor_denom_sig
diff --git a/src/include/taler_exchangedb_plugin.h
b/src/include/taler_exchangedb_plugin.h
index bfd048bd9..3d49a1a6a 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -7084,6 +7084,11 @@ struct TALER_EXCHANGEDB_Plugin
* @param provider_account_id provider account ID
* @param provider_legitimization_id provider legitimization ID
* @param expiration_time when does the data expire
+ * @param account_properties new account properties
+ * @param new_rules new KYC rules to apply to the account
+ * @param to_investigate true to flag account for investigation
+ * @param num_events length of the @a events array
+ * @param events array of KYC events to trigger
* @param enc_attributes_size number of bytes in @a enc_attributes
* @param enc_attributes encrypted attribute data
* @param require_aml true to trigger AML
@@ -7100,9 +7105,13 @@ struct TALER_EXCHANGEDB_Plugin
const char *provider_account_id,
const char *provider_legitimization_id,
struct GNUNET_TIME_Absolute expiration_time,
+ const json_t *account_properties,
+ const json_t *new_rules,
+ bool to_investigate,
+ unsigned int num_events,
+ const char **events,
size_t enc_attributes_size,
- const void *enc_attributes,
- bool require_aml);
+ const void *enc_attributes);
/**
@@ -7327,6 +7336,26 @@ struct TALER_EXCHANGEDB_Plugin
json_t **jmeasures);
+ /**
+ * Lookup measure data for an active legitimization process.
+ *
+ * @param cls closure
+ * @param legitimization_process_serial_id
+ * row in legitimization_processes table to access
+ * @param[out] measure_index set to the measure the
+ * process is trying to satisfy
+ * @param[out] jmeasures set to the legitimization
+ * measures that were put on the account
+ * @return database transaction status
+ */
+ enum GNUNET_DB_QueryStatus
+ (*lookup_active_legitimization) (
+ void *cls,
+ uint64_t legitimization_process_serial_id,
+ uint32_t *measure_index,
+ json_t **jmeasures);
+
+
/**
* Insert an AML decision. Inserts into AML history and insert or updates AML
* status.
diff --git a/src/include/taler_kyclogic_lib.h b/src/include/taler_kyclogic_lib.h
index db62e41ee..c3145db3e 100644
--- a/src/include/taler_kyclogic_lib.h
+++ b/src/include/taler_kyclogic_lib.h
@@ -611,4 +611,141 @@ TALER_KYCLOGIC_get_measure_configuration (
json_t **pprograms,
json_t **pchecks);
+
+/**
+ * Handle to manage a running AML program.
+ */
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle;
+
+
+/**
+ * Result from running an AML program.
+ */
+struct TALER_KYCLOGIC_AmlProgramResult
+{
+ /**
+ * Possible outcomes from running the AML program.
+ */
+ enum
+ {
+ /**
+ * The AML program completed successfully.
+ */
+ TALER_KYCLOGIC_AMLR_SUCCESS,
+
+ /**
+ * The AML program failed.
+ */
+ TALER_KYCLOGIC_AMLR_FAILURE
+
+ } status;
+
+ /**
+ * Detailed results depending on @e status.
+ */
+ union
+ {
+ /**
+ * Results if @e status is #TALER_KYCLOGIC_AMLR_SUCCESS.
+ */
+ struct
+ {
+ /**
+ * New account properties to set for the account.
+ */
+ const json_t *account_properties;
+
+ /**
+ * Array of events to trigger.
+ */
+ const char **events;
+
+ /**
+ * New AML/KYC rules to apply to the account.
+ */
+ const json_t *new_rules;
+
+ /**
+ * Length of the @e events array.
+ */
+ unsigned int num_events;
+
+ /**
+ * True if AML staff should investigate the account.
+ */
+ bool to_investigate;
+ } success;
+
+ /**
+ * Results if @e status is #TALER_KYCLOGIC_AMLR_FAILURE.
+ */
+ struct
+ {
+ /**
+ * Human-readable error message describing the
+ * failure (for logging).
+ */
+ const char *error_message;
+
+ /**
+ * Error code for the failure.
+ */
+ enum TALER_ErrorCode ec;
+
+ } failure;
+
+ } details;
+
+};
+
+
+/**
+ * Type of function called after AML program was run.
+ *
+ * @param cls closure
+ * @param apr result of the AML program.
+ */
+typedef void
+(*TALER_KYCLOGIC_AmlProgramResultCallback) (
+ void *cls,
+ const struct TALER_KYCLOGIC_AmlProgramResult *apr);
+
+
+/**
+ * Run AML program based on @a jmeasures using
+ * the the given inputs.
+ *
+ * @param attributes KYC attributes newly obtained
+ * @param aml_history AML history of the account
+ * @param kyc_history KYC history of the account
+ * @param jmeasures current KYC/AML rules to apply;
+ * they determine also the AML program and
+ * provide the context
+ * @param measure_index which KYC measure yielded the
+ * @a attributes
+ * @param aprc function to call with the result
+ * @param aprc_cls closure for @a aprc
+ * @return NULL if @a jmeasures is invalid for the
+ * selected @a measure_index or @a attributes
+ */
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle *
+TALER_KYCLOGIC_run_aml_program (
+ const json_t *attributes,
+ const json_t *aml_history,
+ const json_t *kyc_history,
+ const json_t *jmeasures,
+ unsigned int measure_index,
+ TALER_KYCLOGIC_AmlProgramResultCallback aprc,
+ void *aprc_cls);
+
+
+/**
+ * Cancel running AML program.
+ *
+ * @param[in] aprh handle of program to cancel
+ */
+void
+TALER_KYCLOGIC_run_aml_program_cancel (
+ struct TALER_KYCLOGIC_AmlProgramRunnerHandle *aprh);
+
#endif
diff --git a/src/kyclogic/kyclogic_api.c b/src/kyclogic/kyclogic_api.c
index b698a4cbd..1c2bc13f8 100644
--- a/src/kyclogic/kyclogic_api.c
+++ b/src/kyclogic/kyclogic_api.c
@@ -2845,4 +2845,80 @@ TALER_KYCLOGIC_check_to_provider (const char *check_name)
}
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle
+{
+ /**
+ * Function to call back with the result.
+ */
+ TALER_KYCLOGIC_AmlProgramResultCallback aprc;
+
+ /**
+ * Closure for @e aprc.
+ */
+ void *aprc_cls;
+
+ /**
+ * Handle to an external process.
+ */
+ struct TALER_JSON_ExternalConversion *proc;
+
+};
+
+/**
+ * Function that that receives a JSON @a result from
+ * the AML program.
+ *
+ * @param cls closure of type `struct TALER_KYCLOGIC_AmlProgramRunnerHandle`
+ * @param status_type how did the process die
+ * @param code termination status code from the process,
+ * non-zero if AML checks are required next
+ * @param result some JSON result, NULL if we failed to get an JSON output
+ */
+static void
+aml_prog_finished (void *cls,
+ enum GNUNET_OS_ProcessStatusType status_type,
+ unsigned long code,
+ const json_t *result)
+{
+ struct TALER_KYCLOGIC_AmlProgramRunnerHandle *aprh = cls;
+
+ // FIXME
+}
+
+
+struct TALER_KYCLOGIC_AmlProgramRunnerHandle *
+TALER_KYCLOGIC_run_aml_program (
+ const json_t *attributes,
+ const json_t *aml_history,
+ const json_t *kyc_history,
+ const json_t *jmeasures,
+ unsigned int measure_index,
+ TALER_KYCLOGIC_AmlProgramResultCallback aprc,
+ void *aprc_cls)
+{
+ struct TALER_KYCLOGIC_AmlProgramRunnerHandle *aprh;
+
+ aprh = GNUNET_new (struct TALER_KYCLOGIC_AmlProgramRunnerHandle);
+ aprh->aprc = aprc;
+ aprh->aprc_cls aprc_cls;
+
+ // FIXME ...
+ return arph;
+}
+
+
+void
+TALER_KYCLOGIC_run_aml_program_cancel (
+ struct TALER_KYCLOGIC_AmlProgramRunnerHandle *aprh)
+{
+
+ if (NULL != aprh->prog)
+ {
+ TALER_JSON_external_conversion_stop (aprh->prog);
+ aprh->prog = NULL;
+ }
+ GNUNET_free (aprh);
+}
+
+
/* end of kyclogic_api.c */
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] 35/151: fix FTBFS, (continued)
- [taler-exchange] 35/151: fix FTBFS, gnunet, 2024/07/30
- [taler-exchange] 79/151: -bump gana, gnunet, 2024/07/30
- [taler-exchange] 89/151: -improve logging, gnunet, 2024/07/30
- [taler-exchange] 80/151: -fix FTBFS of new kyc-start logic, gnunet, 2024/07/30
- [taler-exchange] 90/151: pass h_payto, gnunet, 2024/07/30
- [taler-exchange] 106/151: -fixing minor bugs, gnunet, 2024/07/30
- [taler-exchange] 59/151: -implement GET "/aml/$PUB/attributes/$H_PAYTO", gnunet, 2024/07/30
- [taler-exchange] 95/151: -fix auditor insanity, gnunet, 2024/07/30
- [taler-exchange] 53/151: work on kyc-info endpoint, gnunet, 2024/07/30
- [taler-exchange] 44/151: -bump gana, gnunet, 2024/07/30
- [taler-exchange] 113/151: wip,
gnunet <=
- [taler-exchange] 105/151: fix kyc trigger SQL logic, gnunet, 2024/07/30
- [taler-exchange] 110/151: add new CMDs for KYC info+start, gnunet, 2024/07/30
- [taler-exchange] 69/151: -towards form uploads (incomplete), gnunet, 2024/07/30
- [taler-exchange] 94/151: -work on tests, gnunet, 2024/07/30
- [taler-exchange] 28/151: -add kyc data back for lookup_transfer_by_deposit, gnunet, 2024/07/30
- [taler-exchange] 100/151: more parsing, config template, gnunet, 2024/07/30
- [taler-exchange] 99/151: parse more of check configuration, gnunet, 2024/07/30
- [taler-exchange] 129/151: -fix SQL bugs, gnunet, 2024/07/30
- [taler-exchange] 120/151: -misc bugfixes, gnunet, 2024/07/30
- [taler-exchange] 121/151: first test passes, party, gnunet, 2024/07/30