remove code related to admins resetting a user's actual PIN
This commit is contained in:
parent
26353bdf6e
commit
834f2ce629
GPG Key ID:
7EA3D01708908703
@ -415,87 +415,6 @@ func (h *MenuHandlers) SaveTemporaryPin(ctx context.Context, sym string, input [
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// SaveOthersTemporaryPin allows authorized users to set temporary PINs for blocked numbers.
|
||||
func (h *MenuHandlers) SaveOthersTemporaryPin(ctx context.Context, sym string, input []byte) (resource.Result, error) {
|
||||
var res resource.Result
|
||||
var err error
|
||||
|
||||
store := h.userdataStore
|
||||
sessionId, ok := ctx.Value("SessionId").(string)
|
||||
if !ok {
|
||||
return res, fmt.Errorf("missing session")
|
||||
}
|
||||
|
||||
temporaryPin := string(input)
|
||||
|
||||
// Validate that the input is a 4-digit number.
|
||||
if !pin.IsValidPIN(temporaryPin) {
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// Retrieve the blocked number associated with this session
|
||||
blockedNumber, err := store.ReadEntry(ctx, sessionId, storedb.DATA_BLOCKED_NUMBER)
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to read blockedNumber entry with", "key", storedb.DATA_BLOCKED_NUMBER, "error", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
// Hash the temporary PIN
|
||||
hashedPIN, err := pin.HashPIN(string(temporaryPin))
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to hash temporaryPin", "error", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
// Save the hashed temporary PIN for that blocked number
|
||||
err = store.WriteEntry(ctx, string(blockedNumber), storedb.DATA_TEMPORARY_VALUE, []byte(hashedPIN))
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to write hashed temporaryPin entry with", "key", storedb.DATA_TEMPORARY_VALUE, "value", temporaryPin, "error", err)
|
||||
return res, err
|
||||
}
|
||||
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// CheckBlockedNumPinMisMatch checks if the provided PIN matches a temporary PIN stored for a blocked number.
|
||||
func (h *MenuHandlers) CheckBlockedNumPinMisMatch(ctx context.Context, sym string, input []byte) (resource.Result, error) {
|
||||
res := resource.Result{}
|
||||
flag_pin_mismatch, _ := h.flagManager.GetFlag("flag_pin_mismatch")
|
||||
sessionId, ok := ctx.Value("SessionId").(string)
|
||||
if !ok {
|
||||
return res, fmt.Errorf("missing session")
|
||||
}
|
||||
if string(input) == "0" {
|
||||
res.FlagReset = append(res.FlagReset, flag_pin_mismatch)
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// Get blocked number from storage.
|
||||
store := h.userdataStore
|
||||
blockedNumber, err := store.ReadEntry(ctx, sessionId, storedb.DATA_BLOCKED_NUMBER)
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to read blockedNumber entry with", "key", storedb.DATA_BLOCKED_NUMBER, "error", err)
|
||||
return res, err
|
||||
}
|
||||
// Get Hashed temporary PIN for the blocked number.
|
||||
hashedTemporaryPin, err := store.ReadEntry(ctx, string(blockedNumber), storedb.DATA_TEMPORARY_VALUE)
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to read hashedTemporaryPin entry with", "key", storedb.DATA_TEMPORARY_VALUE, "error", err)
|
||||
return res, err
|
||||
}
|
||||
if len(hashedTemporaryPin) == 0 {
|
||||
logg.ErrorCtxf(ctx, "hashedTemporaryPin is empty", "key", storedb.DATA_TEMPORARY_VALUE)
|
||||
return res, fmt.Errorf("Data error encountered")
|
||||
}
|
||||
|
||||
if pin.VerifyPIN(string(hashedTemporaryPin), string(input)) {
|
||||
res.FlagReset = append(res.FlagReset, flag_pin_mismatch)
|
||||
} else {
|
||||
res.FlagSet = append(res.FlagSet, flag_pin_mismatch)
|
||||
}
|
||||
return res, nil
|
||||
}
|
||||
|
||||
// ResetInvalidPIN resets the invalid PIN flag
|
||||
func (h *MenuHandlers) ResetInvalidPIN(ctx context.Context, sym string, input []byte) (resource.Result, error) {
|
||||
var res resource.Result
|
||||
|
||||
@ -2906,173 +2906,6 @@ func TestValidateBlockedNumber(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestSaveOthersTemporaryPin(t *testing.T) {
|
||||
sessionId := "session123"
|
||||
blockedNumber := "+254712345678"
|
||||
testPin := "1234"
|
||||
|
||||
ctx, userStore := InitializeTestStore(t)
|
||||
ctx = context.WithValue(ctx, "SessionId", sessionId)
|
||||
|
||||
h := &MenuHandlers{
|
||||
userdataStore: userStore,
|
||||
}
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
sessionId string
|
||||
blockedNumber string
|
||||
testPin string
|
||||
setup func() error // Setup function for each test case
|
||||
expectedError bool
|
||||
verifyResult func(t *testing.T) // Function to verify the result
|
||||
}{
|
||||
{
|
||||
name: "Missing Session ID",
|
||||
sessionId: "", // Empty session ID
|
||||
blockedNumber: blockedNumber,
|
||||
testPin: testPin,
|
||||
setup: nil,
|
||||
expectedError: true,
|
||||
verifyResult: nil,
|
||||
},
|
||||
{
|
||||
name: "Failed to Read Blocked Number",
|
||||
sessionId: sessionId,
|
||||
blockedNumber: blockedNumber,
|
||||
testPin: testPin,
|
||||
setup: func() error {
|
||||
// Do not write the blocked number to simulate a read failure
|
||||
return nil
|
||||
},
|
||||
expectedError: true,
|
||||
verifyResult: nil,
|
||||
},
|
||||
|
||||
{
|
||||
name: "Successfully save hashed PIN",
|
||||
sessionId: sessionId,
|
||||
blockedNumber: blockedNumber,
|
||||
testPin: testPin,
|
||||
setup: func() error {
|
||||
// Write the blocked number to the store
|
||||
return userStore.WriteEntry(ctx, sessionId, storedb.DATA_BLOCKED_NUMBER, []byte(blockedNumber))
|
||||
},
|
||||
expectedError: false,
|
||||
verifyResult: func(t *testing.T) {
|
||||
// Read the stored hashed PIN
|
||||
othersHashedPin, err := userStore.ReadEntry(ctx, blockedNumber, storedb.DATA_TEMPORARY_VALUE)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
// Verify that the stored hashed PIN matches the original PIN
|
||||
if !pin.VerifyPIN(string(othersHashedPin), testPin) {
|
||||
t.Fatal("stored hashed PIN does not match the original PIN")
|
||||
}
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
// Set up the context with the session ID
|
||||
ctx := context.WithValue(context.Background(), "SessionId", tt.sessionId)
|
||||
|
||||
// Run the setup function if provided
|
||||
if tt.setup != nil {
|
||||
err := tt.setup()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
// Call the function under test
|
||||
_, err := h.SaveOthersTemporaryPin(ctx, "save_others_temporary_pin", []byte(tt.testPin))
|
||||
|
||||
// Assert the error
|
||||
if tt.expectedError {
|
||||
assert.Error(t, err)
|
||||
} else {
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
// Verify the result if a verification function is provided
|
||||
if tt.verifyResult != nil {
|
||||
tt.verifyResult(t)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestCheckBlockedNumPinMisMatch(t *testing.T) {
|
||||
sessionId := "session123"
|
||||
blockedNumber := "+254712345678"
|
||||
testPin := "1234"
|
||||
mockState := state.NewState(128)
|
||||
|
||||
ctx, userStore := InitializeTestStore(t)
|
||||
ctx = context.WithValue(ctx, "SessionId", sessionId)
|
||||
|
||||
hashedPIN, err := pin.HashPIN(testPin)
|
||||
if err != nil {
|
||||
logg.ErrorCtxf(ctx, "failed to hash testPin", "error", err)
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
fm, err := NewFlagManager(flagsPath)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
flag_pin_mismatch, _ := fm.GetFlag("flag_pin_mismatch")
|
||||
|
||||
h := &MenuHandlers{
|
||||
userdataStore: userStore,
|
||||
st: mockState,
|
||||
flagManager: fm,
|
||||
}
|
||||
|
||||
// Write initial data to the store
|
||||
err = userStore.WriteEntry(ctx, sessionId, storedb.DATA_BLOCKED_NUMBER, []byte(blockedNumber))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
err = userStore.WriteEntry(ctx, blockedNumber, storedb.DATA_TEMPORARY_VALUE, []byte(hashedPIN))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
input []byte
|
||||
expectedResult resource.Result
|
||||
}{
|
||||
{
|
||||
name: "Successful PIN match",
|
||||
input: []byte(testPin),
|
||||
expectedResult: resource.Result{
|
||||
FlagReset: []uint32{flag_pin_mismatch},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "PIN mismatch",
|
||||
input: []byte("1345"),
|
||||
expectedResult: resource.Result{
|
||||
FlagSet: []uint32{flag_pin_mismatch},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
res, err := h.CheckBlockedNumPinMisMatch(ctx, "sym", tt.input)
|
||||
|
||||
assert.NoError(t, err)
|
||||
assert.Equal(t, tt.expectedResult, res)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestGetCurrentProfileInfo(t *testing.T) {
|
||||
sessionId := "session123"
|
||||
ctx, store := InitializeTestStore(t)
|
||||
|
||||
@ -110,12 +110,10 @@ func (ls *LocalHandlerService) GetHandler(accountService remote.AccountService)
|
||||
ls.DbRs.AddLocalFunc("set_voucher", appHandlers.SetVoucher)
|
||||
ls.DbRs.AddLocalFunc("get_voucher_details", appHandlers.GetVoucherDetails)
|
||||
ls.DbRs.AddLocalFunc("reset_valid_pin", appHandlers.ResetValidPin)
|
||||
ls.DbRs.AddLocalFunc("check_pin_mismatch", appHandlers.CheckBlockedNumPinMisMatch)
|
||||
ls.DbRs.AddLocalFunc("validate_blocked_number", appHandlers.ValidateBlockedNumber)
|
||||
ls.DbRs.AddLocalFunc("retrieve_blocked_number", appHandlers.RetrieveBlockedNumber)
|
||||
ls.DbRs.AddLocalFunc("reset_unregistered_number", appHandlers.ResetUnregisteredNumber)
|
||||
ls.DbRs.AddLocalFunc("reset_others_pin", appHandlers.ResetOthersPin)
|
||||
ls.DbRs.AddLocalFunc("save_others_temporary_pin", appHandlers.SaveOthersTemporaryPin)
|
||||
ls.DbRs.AddLocalFunc("get_current_profile_info", appHandlers.GetCurrentProfileInfo)
|
||||
ls.DbRs.AddLocalFunc("check_transactions", appHandlers.CheckTransactions)
|
||||
ls.DbRs.AddLocalFunc("get_transactions", appHandlers.GetTransactionsList)
|
||||
|
||||
@ -1 +0,0 @@
|
||||
Please confirm new PIN for: {{.retrieve_blocked_number}}
|
||||
@ -1,14 +0,0 @@
|
||||
CATCH incorrect_pin flag_incorrect_pin 1
|
||||
RELOAD retrieve_blocked_number
|
||||
MAP retrieve_blocked_number
|
||||
CATCH invalid_others_pin flag_valid_pin 0
|
||||
CATCH pin_reset_result flag_account_authorized 1
|
||||
LOAD save_others_temporary_pin 6
|
||||
RELOAD save_others_temporary_pin
|
||||
MOUT back 0
|
||||
HALT
|
||||
INCMP _ 0
|
||||
LOAD check_pin_mismatch 6
|
||||
RELOAD check_pin_mismatch
|
||||
CATCH others_pin_mismatch flag_pin_mismatch 1
|
||||
INCMP pin_entry *
|
||||
@ -1 +0,0 @@
|
||||
Tafadhali thibitisha PIN mpya ya: {{.retrieve_blocked_number}}
|
||||
@ -1 +0,0 @@
|
||||
Please enter new PIN for: {{.retrieve_blocked_number}}
|
||||
@ -1,9 +0,0 @@
|
||||
LOAD retrieve_blocked_number 0
|
||||
RELOAD retrieve_blocked_number
|
||||
MAP retrieve_blocked_number
|
||||
MOUT back 0
|
||||
HALT
|
||||
LOAD verify_new_pin 6
|
||||
RELOAD verify_new_pin
|
||||
INCMP _ 0
|
||||
INCMP * confirm_others_new_pin
|
||||
@ -1 +0,0 @@
|
||||
Tafadhali weka PIN mpya ya: {{.retrieve_blocked_number}}
|
||||
@ -1 +0,0 @@
|
||||
The PIN you have entered is invalid.Please try a 4 digit number instead.
|
||||
@ -1,5 +0,0 @@
|
||||
MOUT retry 1
|
||||
MOUT quit 9
|
||||
HALT
|
||||
INCMP enter_others_new_pin 1
|
||||
INCMP quit 9
|
||||
@ -1 +0,0 @@
|
||||
The PIN you have entered is not a match
|
||||
@ -1,6 +0,0 @@
|
||||
MOUT retry 1
|
||||
MOUT quit 9
|
||||
HALT
|
||||
INCMP _ 1
|
||||
INCMP quit 9
|
||||
INCMP . *
|
||||
@ -1 +0,0 @@
|
||||
PIN uliyoweka hailingani.Jaribu tena.
|
||||
Loading…
Reference in New Issue
Block a user