Switch to a disallowed prefix model instead of a disallowed country code model

This commit is contained in:
Jon Chambers 2021-11-11 17:41:38 -05:00 committed by Jon Chambers
parent 7033a0f68f
commit 2015ba77ca
4 changed files with 18 additions and 21 deletions

View File

@ -7,14 +7,14 @@ package org.whispersystems.textsecuregcm.configuration.dynamic;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.util.Collections; import java.util.Collections;
import java.util.Set; import java.util.List;
public class DynamicPaymentsConfiguration { public class DynamicPaymentsConfiguration {
@JsonProperty @JsonProperty
private Set<String> disallowedCountryCodes = Collections.emptySet(); private List<String> disallowedPrefixes = Collections.emptyList();
public Set<String> getDisallowedCountryCodes() { public List<String> getDisallowedPrefixes() {
return disallowedCountryCodes; return disallowedPrefixes;
} }
} }

View File

@ -19,7 +19,6 @@ import java.util.Locale;
import java.util.Map; import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
import java.util.Optional; import java.util.Optional;
import java.util.Set;
import java.util.UUID; import java.util.UUID;
import java.util.function.Function; import java.util.function.Function;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@ -76,7 +75,6 @@ import org.whispersystems.textsecuregcm.storage.UsernamesManager;
import org.whispersystems.textsecuregcm.storage.VersionedProfile; import org.whispersystems.textsecuregcm.storage.VersionedProfile;
import org.whispersystems.textsecuregcm.util.ExactlySize; import org.whispersystems.textsecuregcm.util.ExactlySize;
import org.whispersystems.textsecuregcm.util.Pair; import org.whispersystems.textsecuregcm.util.Pair;
import org.whispersystems.textsecuregcm.util.Util;
import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.model.DeleteObjectRequest; import software.amazon.awssdk.services.s3.model.DeleteObjectRequest;
@ -137,13 +135,14 @@ public class ProfileController {
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON)
public Response setProfile(@Auth AuthenticatedAccount auth, @Valid CreateProfileRequest request) { public Response setProfile(@Auth AuthenticatedAccount auth, @Valid CreateProfileRequest request) {
final Set<String> disallowedPaymentsCountryCodes = if (StringUtils.isNotBlank(request.getPaymentAddress())) {
dynamicConfigurationManager.getConfiguration().getPaymentsConfiguration().getDisallowedCountryCodes(); final boolean hasDisallowedPrefix =
dynamicConfigurationManager.getConfiguration().getPaymentsConfiguration().getDisallowedPrefixes().stream()
.anyMatch(prefix -> auth.getAccount().getNumber().startsWith(prefix));
if (StringUtils.isNotBlank(request.getPaymentAddress()) && if (hasDisallowedPrefix) {
disallowedPaymentsCountryCodes.contains(Util.getCountryCode(auth.getAccount().getNumber()))) { return Response.status(Status.FORBIDDEN).build();
}
return Response.status(Status.FORBIDDEN).build();
} }
Optional<VersionedProfile> currentProfile = profilesManager.get(auth.getAccount().getUuid(), request.getVersion()); Optional<VersionedProfile> currentProfile = profilesManager.get(auth.getAccount().getUuid(), request.getVersion());

View File

@ -272,20 +272,20 @@ class DynamicConfigurationTest {
final DynamicConfiguration emptyConfig = final DynamicConfiguration emptyConfig =
DynamicConfigurationManager.parseConfiguration(emptyConfigYaml, DynamicConfiguration.class).orElseThrow(); DynamicConfigurationManager.parseConfiguration(emptyConfigYaml, DynamicConfiguration.class).orElseThrow();
assertTrue(emptyConfig.getPaymentsConfiguration().getDisallowedCountryCodes().isEmpty()); assertTrue(emptyConfig.getPaymentsConfiguration().getDisallowedPrefixes().isEmpty());
} }
{ {
final String paymentsConfigYaml = final String paymentsConfigYaml =
"payments:\n" "payments:\n"
+ " disallowedCountryCodes:\n" + " disallowedPrefixes:\n"
+ " - 44"; + " - +44";
final DynamicPaymentsConfiguration config = final DynamicPaymentsConfiguration config =
DynamicConfigurationManager.parseConfiguration(paymentsConfigYaml, DynamicConfiguration.class).orElseThrow() DynamicConfigurationManager.parseConfiguration(paymentsConfigYaml, DynamicConfiguration.class).orElseThrow()
.getPaymentsConfiguration(); .getPaymentsConfiguration();
assertEquals(Set.of("44"), config.getDisallowedCountryCodes()); assertEquals(List.of("+44"), config.getDisallowedPrefixes());
} }
} }

View File

@ -28,7 +28,6 @@ import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Optional; import java.util.Optional;
import java.util.Set;
import javax.ws.rs.client.Entity; import javax.ws.rs.client.Entity;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
@ -71,7 +70,6 @@ import org.whispersystems.textsecuregcm.storage.VersionedProfile;
import org.whispersystems.textsecuregcm.tests.util.AccountsHelper; import org.whispersystems.textsecuregcm.tests.util.AccountsHelper;
import org.whispersystems.textsecuregcm.tests.util.AuthHelper; import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
import org.whispersystems.textsecuregcm.util.SystemMapper; import org.whispersystems.textsecuregcm.util.SystemMapper;
import org.whispersystems.textsecuregcm.util.Util;
import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.S3Client;
import software.amazon.awssdk.services.s3.model.DeleteObjectRequest; import software.amazon.awssdk.services.s3.model.DeleteObjectRequest;
@ -139,7 +137,7 @@ class ProfileControllerTest {
when(dynamicConfigurationManager.getConfiguration()).thenReturn(dynamicConfiguration); when(dynamicConfigurationManager.getConfiguration()).thenReturn(dynamicConfiguration);
when(dynamicConfiguration.getPaymentsConfiguration()).thenReturn(dynamicPaymentsConfiguration); when(dynamicConfiguration.getPaymentsConfiguration()).thenReturn(dynamicPaymentsConfiguration);
when(dynamicPaymentsConfiguration.getDisallowedCountryCodes()).thenReturn(Collections.emptySet()); when(dynamicPaymentsConfiguration.getDisallowedPrefixes()).thenReturn(Collections.emptyList());
when(rateLimiters.getProfileLimiter()).thenReturn(rateLimiter); when(rateLimiters.getProfileLimiter()).thenReturn(rateLimiter);
when(rateLimiters.getUsernameLookupLimiter()).thenReturn(usernameRateLimiter); when(rateLimiters.getUsernameLookupLimiter()).thenReturn(usernameRateLimiter);
@ -552,8 +550,8 @@ class ProfileControllerTest {
@Test @Test
void testSetProfilePaymentAddressCountryNotAllowed() throws InvalidInputException { void testSetProfilePaymentAddressCountryNotAllowed() throws InvalidInputException {
when(dynamicPaymentsConfiguration.getDisallowedCountryCodes()) when(dynamicPaymentsConfiguration.getDisallowedPrefixes())
.thenReturn(Set.of(Util.getCountryCode(AuthHelper.VALID_NUMBER_TWO))); .thenReturn(List.of(AuthHelper.VALID_NUMBER_TWO.substring(0, 3)));
ProfileKeyCommitment commitment = new ProfileKey(new byte[32]).getCommitment(AuthHelper.VALID_UUID); ProfileKeyCommitment commitment = new ProfileKey(new byte[32]).getCommitment(AuthHelper.VALID_UUID);