valitydev/capi-v2
14
0
Fork 0
mirror of https://github.com/valitydev/capi-v2.git synced 2024-11-06 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPS-272: Removes party id checks (#30)

Browse Source 
* Removes checks in operations `CapturePayment`, `CreateRefund`,
  `GetPayout`, `GetWebhookByID` and `DeleteWebhookByID`
* Adds support for `GetWebhooksForParty` operation with `partyID`
  request parameter
* Removes obosolete test
  `capi_base_api_token_tests_SUITE:get_payout_fail/1`
* Adds test `get_webhooks_for_party/2` and upgrades swag deps
This commit is contained in:
Aleksey Kashapov 2023-03-15 10:11:44 +03:00 committed by GitHub
parent dbb2039c30
commit 635e0b2f42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 48 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
apps/capi/src/capi_handler_payments.erl
View File

@ -144,8 +144,8 @@ prepare(OperationID = 'GetPaymentByExternalID', Req, Context) ->
prepare(OperationID = 'CapturePayment', Req, Context) ->
InvoiceID = maps:get('invoiceID', Req),
PaymentID = maps:get('paymentID', Req),
PartyID = capi_handler_utils:get_party_id(Context),
Invoice = get_invoice_by_id(InvoiceID, Context),
PartyID = Invoice#payproc_Invoice.invoice#domain_Invoice.owner_id,
Authorize = fun() ->
Prototypes = [
{operation, #{id => OperationID, invoice => InvoiceID, payment => PaymentID}},
@ -253,6 +253,8 @@ prepare(OperationID = 'CreateRefund', Req, Context) ->
InvoiceID = maps:get('invoiceID', Req),
PaymentID = maps:get('paymentID', Req),
RefundParams = maps:get('RefundParams', Req),
Invoice = get_invoice_by_id(InvoiceID, Context),
PartyID = Invoice#payproc_Invoice.invoice#domain_Invoice.owner_id,
Authorize = fun() ->
Prototypes = [
{operation, #{id => OperationID, invoice => InvoiceID, payment => PaymentID}},
@ -263,7 +265,7 @@ prepare(OperationID = 'CreateRefund', Req, Context) ->
Process = fun() ->
try
ok = validate_refund(RefundParams),
create_refund(InvoiceID, PaymentID, RefundParams, Context, OperationID)
create_refund(PartyID, InvoiceID, PaymentID, RefundParams, Context, OperationID)
of
{ok, Refund} ->
{ok, {201, #{}, capi_handler_decoder_invoicing:decode_refund(Refund)}};
@ -702,10 +704,8 @@ encode_processing_deadline(Deadline) ->
default_processing_deadline() ->
genlib_app:env(capi, default_processing_deadline, ?DEFAULT_PROCESSING_DEADLINE).
create_refund(InvoiceID, PaymentID, RefundParams0, Context, BenderPrefix) ->
PartyID = capi_handler_utils:get_party_id(Context),
create_refund(PartyID, InvoiceID, PaymentID, RefundParams0, Context, BenderPrefix) ->
RefundParams = RefundParams0#{<<"invoiceID">> => InvoiceID, <<"paymentID">> => PaymentID},
ExternalID = maps:get(<<"externalID">>, RefundParams, undefined),
IdempotentKey = {BenderPrefix, PartyID, ExternalID},
Identity = capi_bender:make_identity(capi_feature_schemas:refund(), RefundParams),
@ -715,9 +715,9 @@ create_refund(InvoiceID, PaymentID, RefundParams0, Context, BenderPrefix) ->
%% We put `invoice_id` and `payment_id` in a context here because `get_refund_by_external_id/3` needs it to work
CtxData = #{<<"invoice_id">> => InvoiceID, <<"payment_id">> => PaymentID},
RefundID = capi_bender:gen_sequence(IdempotentKey, Identity, SequenceID, SequenceParams, WoodyCtx, CtxData),
refund_payment(RefundID, InvoiceID, PaymentID, RefundParams, Context).
refund_payment(PartyID, RefundID, InvoiceID, PaymentID, RefundParams, Context).
refund_payment(RefundID, InvoiceID, PaymentID, RefundParams, Context) ->
refund_payment(PartyID, RefundID, InvoiceID, PaymentID, RefundParams, Context) ->
ExternalID = maps:get(<<"externalID">>, RefundParams, undefined),
Allocation = maps:get(<<"allocation">>, RefundParams, undefined),
PartyID = capi_handler_utils:get_party_id(Context),

28
apps/capi/src/capi_handler_payouts.erl
View File

@ -15,23 +15,16 @@
Req :: capi_handler:request_data(),
Context :: capi_handler:processing_context()
) -> {ok, capi_handler:request_state()} | {error, noimpl}.
prepare(OperationID, Req, Context) when OperationID =:= 'GetPayout' ->
prepare(OperationID = 'GetPayout', Req, Context) ->
PayoutID = maps:get('payoutID', Req),
PartyID = capi_handler_utils:get_party_id(Context),
OperationContext = #{
id => OperationID,
party => PartyID,
payout => PayoutID
},
Payout =
case capi_handler_utils:service_call({payouts, 'GetPayout', {PayoutID}}, Context) of
{ok, Result} ->
case check_party_in_payout(PartyID, Result) of
true ->
Result;
false ->
undefined
end;
Result;
{exception, #payouts_NotFound{}} ->
undefined
end,
@ -51,7 +44,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'GetPayout' ->
{ok, {200, #{}, decode_payout(Payout, PayoutTool)}}
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'CreatePayout' ->
prepare(OperationID = 'CreatePayout', Req, Context) ->
PayoutParams = maps:get('PayoutParams', Req),
UserID = capi_handler_utils:get_user_id(Context),
PartyID = maps:get(<<"partyID">>, PayoutParams, UserID),
@ -81,7 +74,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'CreatePayout' ->
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutTools' ->
prepare(OperationID = 'GetPayoutTools', Req, Context) ->
PartyID = capi_handler_utils:get_party_id(Context),
OperationContext = #{
id => OperationID,
@ -99,7 +92,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutTools' ->
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolByID' ->
prepare(OperationID = 'GetPayoutToolByID', Req, Context) ->
PartyID = capi_handler_utils:get_party_id(Context),
OperationContext = #{
id => OperationID,
@ -121,7 +114,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolByID' ->
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolsForParty' ->
prepare(OperationID = 'GetPayoutToolsForParty', Req, Context) ->
PartyID = maps:get('partyID', Req),
OperationContext = #{
id => OperationID,
@ -140,7 +133,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolsForParty'
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolByIDForParty' ->
prepare(OperationID = 'GetPayoutToolByIDForParty', Req, Context) ->
PartyID = maps:get('partyID', Req),
OperationContext = #{
id => OperationID,
@ -162,7 +155,7 @@ prepare(OperationID, Req, Context) when OperationID =:= 'GetPayoutToolByIDForPar
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare(OperationID, Req, Context) when OperationID =:= 'GetScheduleByRef' ->
prepare(OperationID = 'GetScheduleByRef', Req, Context) ->
OperationContext = #{
id => OperationID
},
@ -183,11 +176,6 @@ prepare(_OperationID, _Req, _Context) ->
%%
check_party_in_payout(PartyID, #payouts_Payout{party_id = PartyID}) ->
true;
check_party_in_payout(_PartyID, _) ->
false.
get_schedule_by_id(ScheduleID, Context) ->
Ref = {business_schedule, #domain_BusinessScheduleRef{id = ScheduleID}},
capi_domain:get(Ref, Context).

15
apps/capi/src/capi_handler_webhooks.erl
View File

@ -40,8 +40,10 @@ prepare('CreateWebhook' = OperationID, Req, Context) ->
end
end,
{ok, #{authorize => Authorize, process => Process}};
prepare('GetWebhooks' = OperationID, _Req, Context) ->
PartyID = capi_handler_utils:get_party_id(Context),
prepare(OperationID, #{'partyID' := PartyID}, Context) when
OperationID =:= 'GetWebhooksForParty';
OperationID =:= 'GetWebhooks'
->
Authorize = fun() ->
Prototypes = [{operation, #{party => PartyID, id => OperationID}}],
Resolution = capi_auth:authorize_operation(Prototypes, Context),
@ -54,6 +56,10 @@ prepare('GetWebhooks' = OperationID, _Req, Context) ->
{ok, {200, #{}, [decode_webhook(V) || V <- Webhooks]}}
end,
{ok, #{authorize => Authorize, process => Process}};
prepare('GetWebhooks' = OperationID, Req, Context) ->
PartyID = capi_handler_utils:get_party_id(Context),
Req1 = maps:put('partyID', PartyID, Req),
prepare(OperationID, Req1, Context);
prepare('GetWebhookByID' = OperationID, Req, Context) ->
WebhookID = maps:get('webhookID', Req),
Webhook =
@ -138,12 +144,9 @@ encode_webhook_id(WebhookID) ->
end.
get_webhook(WebhookID, Context) ->
PartyID = capi_handler_utils:get_party_id(Context),
case capi_handler_utils:service_call({webhook_manager, 'Get', {WebhookID}}, Context) of
{ok, Webhook = #webhooker_Webhook{party_id = PartyID}} ->
{ok, Webhook} ->
{ok, Webhook};
{ok, _Webhook} ->
{exception, #webhooker_WebhookNotFound{}};
{exception, Exception} ->
{exception, Exception}
end.

31
apps/capi/test/capi_base_api_token_tests_SUITE.erl
View File

@ -97,10 +97,10 @@
create_payout/1,
get_payout/1,
create_payout_autorization_error/1,
get_payout_fail/1,
create_webhook_ok_test/1,
create_webhook_limit_exceeded_test/1,
get_webhooks/1,
get_webhooks_for_party/1,
get_webhook_by_id/1,
delete_webhook_by_id/1,
get_categories_ok_test/1,
@ -256,6 +256,7 @@ groups() ->
create_webhook_ok_test,
create_webhook_limit_exceeded_test,
get_webhooks,
get_webhooks_for_party,
get_webhook_by_id,
delete_webhook_by_id,
@ -265,8 +266,7 @@ groups() ->
get_payout_tool_by_id_for_party,
create_payout,
create_payout_autorization_error,
get_payout,
get_payout_fail
get_payout
]}
].
@ -1694,24 +1694,6 @@ get_payout(Config) ->
),
{ok, _} = capi_client_payouts:get_payout(?config(context, Config), ?STRING).
-spec get_payout_fail(config()) -> _.
get_payout_fail(Config) ->
PartyID = <<"Wrong party id">>,
Payout = ?PAYOUT(?WALLET_TOOL, PartyID),
_ = capi_ct_helper:mock_services([{payouts, fun('GetPayout', _) -> {ok, Payout} end}], Config),
_ = capi_ct_helper_bouncer:mock_arbiter(
?assertContextMatches(
#ctx_v1_ContextFragment{
capi = ?CTX_CAPI(?CTX_PAYOUT_OP(<<"GetPayout">>, ?STRING, ?STRING)),
payouts = #ctx_v1_ContextPayouts{
payout = undefined
}
}
),
Config
),
{error, {404, _}} = capi_client_payouts:get_payout(?config(context, Config), ?STRING).
-spec create_webhook_ok_test(config()) -> _.
create_webhook_ok_test(Config) ->
_ = capi_ct_helper:mock_services(
@ -1787,6 +1769,13 @@ get_webhooks(Config) ->
_ = capi_ct_helper_bouncer:mock_assert_party_op_ctx(<<"GetWebhooks">>, ?STRING, Config),
{ok, _} = capi_client_webhooks:get_webhooks(?config(context, Config)).
-spec get_webhooks_for_party(config()) -> _.
get_webhooks_for_party(Config) ->
PartyID = ?STRING,
_ = capi_ct_helper:mock_services([{webhook_manager, fun('GetList', _) -> {ok, [?WEBHOOK]} end}], Config),
_ = capi_ct_helper_bouncer:mock_assert_party_op_ctx(<<"GetWebhooksForParty">>, ?STRING, Config),
{ok, _} = capi_client_webhooks:get_webhooks_for_party(?config(context, Config), PartyID).
-spec get_webhook_by_id(config()) -> _.
get_webhook_by_id(Config) ->
_ = capi_ct_helper:mock_services([{webhook_manager, fun('Get', _) -> {ok, ?WEBHOOK} end}], Config),

5
apps/capi/test/capi_bouncer_data.hrl
View File

@ -93,10 +93,9 @@
webhook = ?CTX_ENTITY(WebhookID)
}).
-define(CTX_PAYOUT_OP(ID, PayoutID, PartyID), #ctx_v1_CommonAPIOperation{
-define(CTX_PAYOUT_OP(ID, PayoutID), #ctx_v1_CommonAPIOperation{
id = ID,
payout = ?CTX_ENTITY(PayoutID),
party = ?CTX_ENTITY(PartyID)
payout = ?CTX_ENTITY(PayoutID)
}).
-define(CTX_SEARCH_OP(ID, PartyID, ShopID, InvoiceID, PaymentID),

2
apps/capi/test/capi_ct_helper_bouncer.erl
View File

@ -173,7 +173,7 @@ mock_assert_payout_op_ctx(Op, PayoutID, PartyID, ContractID, ShopID, Config) ->
mock_arbiter(
?assertContextMatches(
#ctx_v1_ContextFragment{
capi = ?CTX_CAPI(?CTX_PAYOUT_OP(Op, PayoutID, PartyID)),
capi = ?CTX_CAPI(?CTX_PAYOUT_OP(Op, PayoutID)),
payouts = #ctx_v1_ContextPayouts{
payout = ?CTX_PAYOUT(PayoutID, PartyID, ContractID, ShopID)
}

9
apps/capi_client/src/capi_client_webhooks.erl
View File

@ -1,10 +1,12 @@
-module(capi_client_webhooks).
-export([get_webhooks/1]).
-export([get_webhooks_for_party/2]).
-export([create_webhook/2]).
-export([get_webhook_by_id/2]).
-export([delete_webhook_by_id/2]).
-type party_id() :: dmsl_domain_thrift:'PartyID'().
-type webhook_id() :: binary().
-type webhook_params() :: map().
-type webhook() :: map().
@ -16,6 +18,13 @@ get_webhooks(Context) ->
Response = swag_client_webhooks_api:get_webhooks(Url, PreparedParams, Opts),
capi_client_lib:handle_response(Response).
-spec get_webhooks_for_party(context(), party_id()) -> {ok, [webhook()]} | {error, term()}.
get_webhooks_for_party(Context, PartyID) ->
Params = #{binding => #{<<"partyID">> => PartyID}},
{Url, PreparedParams, Opts} = capi_client_lib:make_request(Context, Params),
Response = swag_client_webhooks_api:get_webhooks_for_party(Url, PreparedParams, Opts),
capi_client_lib:handle_response(Response).
-spec create_webhook(context(), webhook_params()) -> {ok, webhook()} | {error, term()}.
create_webhook(Context, Params) ->
{Url, PreparedParams, Opts} = capi_client_lib:make_request(Context, #{body => Params}),

4
rebar.lock
View File

@ -119,11 +119,11 @@
{<<"ssl_verify_fun">>,{pkg,<<"ssl_verify_fun">>,<<"1.1.6">>},2},
{<<"swag_client">>,
{git,"https://github.com/valitydev/swag-payments",
{ref,"ba5219fab460373881178c98b85addb16829d383"}},
{ref,"1f1327d6a09af117f45fae21165153654bc218bf"}},
0},
{<<"swag_server">>,
{git,"https://github.com/valitydev/swag-payments",
{ref,"5d8696a4e68cf54b45e750905e30d5a003d80e61"}},
{ref,"37bfe31fd663bf928a111a4619cafd31559c6f8f"}},
0},
{<<"thrift">>,
{git,"https://github.com/valitydev/thrift_erlang.git",