lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: disallow navigation to and blocking of anonymous customers

Browse source
This commit is contained in:
José Oliveira 2021-03-01 14:29:07 +00:00 committed by Josh Harvey
parent 830997bce2
commit 4116069bd5
4 changed files with 31 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/customers.js
View file

@ -488,7 +488,7 @@ function getCustomersList () {
*/ */
function getCustomerById (id) { function getCustomerById (id) {
const sql = `select id, authorized_override, days_suspended, front_camera_path, front_camera_override, const sql = `select id, authorized_override, days_suspended, front_camera_path, front_camera_override,
phone, sms_override, id_card_data, id_card_data_override, id_card_data_expiration, phone, name, sms_override, id_card_data, id_card_data_override, id_card_data_expiration,
id_card_photo_path, id_card_photo_override, us_ssn, us_ssn_override, sanctions, sanctions_at, id_card_photo_path, id_card_photo_override, us_ssn, us_ssn_override, sanctions, sanctions_at,
sanctions_override, total_txs, total_spent, created as last_active, fiat as last_tx_fiat, sanctions_override, total_txs, total_spent, created as last_active, fiat as last_tx_fiat,
fiat_code as last_tx_fiat_code, tx_class as last_tx_class fiat_code as last_tx_fiat_code, tx_class as last_tx_class
@ -496,7 +496,7 @@ function getCustomerById (id) {
select c.id, c.authorized_override, select c.id, c.authorized_override,
greatest(0, date_part('day', c.suspended_until - now())) as days_suspended, greatest(0, date_part('day', c.suspended_until - now())) as days_suspended,
c.front_camera_path, c.front_camera_override, c.front_camera_path, c.front_camera_override,
c.phone, c.sms_override, c.id_card_data, c.id_card_data_override, c.id_card_data_expiration, c.phone, c.name, c.sms_override, c.id_card_data, c.id_card_data_override, c.id_card_data_expiration,
c.id_card_photo_path, c.id_card_photo_override, c.us_ssn, c.us_ssn_override, c.sanctions, c.id_card_photo_path, c.id_card_photo_override, c.us_ssn, c.us_ssn_override, c.sanctions,
c.sanctions_at, c.sanctions_override, t.tx_class, t.fiat, t.fiat_code, t.created, c.sanctions_at, c.sanctions_override, t.tx_class, t.fiat, t.fiat_code, t.created,
row_number() over (partition by c.id order by t.created desc) as rn, row_number() over (partition by c.id order by t.created desc) as rn,

1
lib/new-admin/graphql/schema.js
View file

@ -86,6 +86,7 @@ const typeDefs = gql`
frontCameraPath: String frontCameraPath: String
frontCameraOverride: String frontCameraOverride: String
phone: String phone: String
name: String
smsOverride: String smsOverride: String
idCardData: JSONObject idCardData: JSONObject
idCardDataOverride: String idCardDataOverride: String

38
new-lamassu-admin/src/pages/Customers/CustomerProfile.js
View file

@ -27,6 +27,7 @@ import {
import { getFormattedPhone, getName } from './helper' import { getFormattedPhone, getName } from './helper'
const useStyles = makeStyles(styles) const useStyles = makeStyles(styles)
const ANONYMOUS_USER_NAME = 'anonymous'
const GET_CUSTOMER = gql` const GET_CUSTOMER = gql`
query customer($customerId: ID!) { query customer($customerId: ID!) {
@ -37,6 +38,7 @@ const GET_CUSTOMER = gql`
frontCameraPath frontCameraPath
frontCameraOverride frontCameraOverride
phone phone
name
smsOverride smsOverride
idCardData idCardData
idCardDataOverride idCardDataOverride
@ -165,22 +167,26 @@ const CustomerProfile = memo(() => {
locale={locale} locale={locale}
setShowCompliance={() => setShowCompliance(!showCompliance)} setShowCompliance={() => setShowCompliance(!showCompliance)}
/> />
<div> {!loading && customerData.name !== ANONYMOUS_USER_NAME && (
<Label1 className={classes.actionLabel}>Actions</Label1> <div>
<ActionButton <Label1 className={classes.actionLabel}>Actions</Label1>
color="primary" <ActionButton
Icon={blocked ? AuthorizeIcon : BlockIcon} color="primary"
InverseIcon={blocked ? AuthorizeReversedIcon : BlockReversedIcon} Icon={blocked ? AuthorizeIcon : BlockIcon}
onClick={() => InverseIcon={
updateCustomer({ blocked ? AuthorizeReversedIcon : BlockReversedIcon
authorizedOverride: blocked }
? OVERRIDE_AUTHORIZED onClick={() =>
: OVERRIDE_REJECTED updateCustomer({
}) authorizedOverride: blocked
}> ? OVERRIDE_AUTHORIZED
{`${blocked ? 'Authorize' : 'Block'} customer`} : OVERRIDE_REJECTED
</ActionButton> })
</div> }>
{`${blocked ? 'Authorize' : 'Block'} customer`}
</ActionButton>
</div>
)}
</Box> </Box>
</div> </div>
{!showCompliance && ( {!showCompliance && (

9
new-lamassu-admin/src/pages/Transactions/Transactions.js
View file

@ -22,6 +22,7 @@ import { getStatus } from './helper'
const useStyles = makeStyles(mainStyles) const useStyles = makeStyles(mainStyles)
const NUM_LOG_RESULTS = 1000 const NUM_LOG_RESULTS = 1000
const ANONYMOUS_USER_NAME = 'anonymous'
const GET_TRANSACTIONS_CSV = gql` const GET_TRANSACTIONS_CSV = gql`
query transactions($limit: Int, $from: Date, $until: Date) { query transactions($limit: Int, $from: Date, $until: Date) {
@ -109,9 +110,11 @@ const Transactions = () => {
view: it => ( view: it => (
<div className={classes.flexWrapper}> <div className={classes.flexWrapper}>
<div className={classes.overflowTd}>{getCustomerDisplayName(it)}</div> <div className={classes.overflowTd}>{getCustomerDisplayName(it)}</div>
<div onClick={() => redirect(it.customerId)}> {getCustomerDisplayName(it) !== ANONYMOUS_USER_NAME && (
<CustomerLinkIcon className={classes.customerLinkIcon} /> <div onClick={() => redirect(it.customerId)}>
</div> <CustomerLinkIcon className={classes.customerLinkIcon} />
</div>
)}
</div> </div>
) )
}, },