From f8d96e9d0d2bdfa9afd39c8f91fac17e87c96378 Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Mon, 3 Feb 2025 12:09:43 +0800 Subject: [PATCH] :sparkles: 3rd client able to create transaction --- pkg/internal/server/api/index.go | 1 + pkg/internal/server/api/order_api.go | 2 +- pkg/internal/server/api/transaction_api.go | 51 ++++++++++++++++++++++ 3 files changed, 53 insertions(+), 1 deletion(-) diff --git a/pkg/internal/server/api/index.go b/pkg/internal/server/api/index.go index 97353ab..fb37732 100644 --- a/pkg/internal/server/api/index.go +++ b/pkg/internal/server/api/index.go @@ -17,6 +17,7 @@ func MapAPIs(app *fiber.App, baseURL string) { { transaction.Get("/me", getTransaction) transaction.Get("/:id", getTransactionByID) + transaction.Post("/", makeTransaction) } order := api.Group("/orders").Name("Order API") diff --git a/pkg/internal/server/api/order_api.go b/pkg/internal/server/api/order_api.go index 2ddb1a7..78155ca 100644 --- a/pkg/internal/server/api/order_api.go +++ b/pkg/internal/server/api/order_api.go @@ -56,7 +56,7 @@ func createOrder(c *fiber.Ctx) error { // System client, spec payee was not allowed if client.AccountID != nil && data.PayeeID != nil { var payee models.Wallet - if err := database.C.Where("id = ?", data.PayeeID).First(&payee).Error; err != nil { + if err := database.C.Where("id = ? AND account_id = ?", data.PayeeID, client.AccountID).First(&payee).Error; err != nil { return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("payee id %d not found", data.PayeeID)) } else { order.Payee = &payee diff --git a/pkg/internal/server/api/transaction_api.go b/pkg/internal/server/api/transaction_api.go index 1a3bc90..1c3c551 100644 --- a/pkg/internal/server/api/transaction_api.go +++ b/pkg/internal/server/api/transaction_api.go @@ -1,9 +1,15 @@ package api import ( + "fmt" + "git.solsynth.dev/hypernet/nexus/pkg/nex/sec" + "git.solsynth.dev/hypernet/passport/pkg/authkit" "git.solsynth.dev/hypernet/wallet/pkg/internal/database" + "git.solsynth.dev/hypernet/wallet/pkg/internal/gap" "git.solsynth.dev/hypernet/wallet/pkg/internal/models" + "git.solsynth.dev/hypernet/wallet/pkg/internal/server/exts" + "git.solsynth.dev/hypernet/wallet/pkg/internal/services" "github.com/gofiber/fiber/v2" ) @@ -62,3 +68,48 @@ func getTransactionByID(c *fiber.Ctx) error { return c.JSON(transaction) } + +func makeTransaction(c *fiber.Ctx) error { + var data struct { + ClientID string `json:"client_id" validate:"required"` + ClientSecret string `json:"client_secret" validate:"required"` + Remark string `json:"remark" validate:"required"` + Amount float64 `json:"amount" validate:"required"` + PayeeID *uint `json:"payee_id"` + PayerID *uint `json:"payer_id"` + } + + if err := exts.BindAndValidate(c, &data); err != nil { + return err + } + + // Validating client + client, err := authkit.GetThirdClientByAlias(gap.Nx, data.ClientID, &data.ClientSecret) + if err != nil { + return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("could not get client info: %v", err)) + } + + // System client, spec payee was not allowed + var payee, payer *models.Wallet + if client.AccountID != nil && data.PayeeID != nil { + if err := database.C.Where("id = ? AND account_id = ?", data.PayeeID, client.AccountID).First(&payee).Error; err != nil { + return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("payee id %d not found", data.PayeeID)) + } + } + if data.PayerID != nil { + if err := database.C.Where("id = ?", data.PayerID).First(&payer).Error; err != nil { + return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("payer id %d not found", data.PayerID)) + } + } + + if payee == nil && payer == nil { + return fiber.NewError(fiber.StatusBadRequest, "payee and payer cannot be both blank") + } + + tran, err := services.MakeTransaction(data.Amount, data.Remark, payer, payee) + if err != nil { + return fiber.NewError(fiber.StatusBadRequest, err.Error()) + } + + return c.JSON(tran) +}