Merge branch 'master' of https://github.com/bitcoin-sv/spv-wallet int…

…o BUX-685/SqlInjectionStatic

.github/dependabot.yml

@@ -6,15 +6,30 @@ updates:
     target-branch: "master"
     directory: "/"
     schedule:
-      interval: "daily"
-      time: "10:00"
-      timezone: "UTC"
-    reviewers:
-      - "mrz1836"
-    assignees:
-      - "mrz1836"
+      interval: "weekly"
+      day: "monday"
+    labels:
+      - "dependencies"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "gomod"
+    target-branch: "master"
+    directory: "/engine"
+    schedule:
+      interval: "weekly"
+      day: "monday"
     labels:
-      - "chore"
+      - "dependencies"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "gomod"
+    target-branch: "master"
+    directory: "/models"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    labels:
+      - "dependencies"
     open-pull-requests-limit: 10
 
   # Maintain dependencies for GitHub Actions
@@ -24,12 +39,8 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
-    reviewers:
-      - "mrz1836"
-    assignees:
-      - "mrz1836"
     labels:
-      - "chore"
+      - "dependencies"
     open-pull-requests-limit: 10
 
   # Maintain dependencies for Docker
@@ -39,10 +50,17 @@ updates:
     schedule:
       interval: "weekly"
       day: "monday"
-    reviewers:
-      - "mrz1836"
-    assignees:
-      - "mrz1836"
     labels:
-      - "chore"
+      - "dependencies"
+    open-pull-requests-limit: 10
+
+  # Maintain dependencies for Docker
+  - package-ecosystem: "docker"
+    target-branch: "master"
+    directory: "/release"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    labels:
+      - "dependencies"
     open-pull-requests-limit: 10

actions/contacts/accept.go

@@ -20,7 +20,7 @@ import (
 // @Failure		404	"Contact not found"
 // @Failure		422	"Contact status not awaiting"
 // @Failure		500	"Internal server error"
-// @Router		/v1/contact/accepted [PATCH]
+// @Router		/v1/contact/accepted/{paymail} [PATCH]
 // @Security	x-auth-xpub
 func (a *Action) accept(c *gin.Context) {
 	reqXPubID := c.GetString(auth.ParamXPubHashKey)
@@ -32,7 +32,7 @@ func (a *Action) accept(c *gin.Context) {
 		switch {
 		case errors.Is(err, engine.ErrContactNotFound):
 			c.JSON(http.StatusNotFound, err.Error())
-		case errors.Is(err, engine.ErrContactStatusNotAwaiting):
+		case errors.Is(err, engine.ErrContactIncorrectStatus):
 			c.JSON(http.StatusUnprocessableEntity, err.Error())
 		default:
 			c.JSON(http.StatusInternalServerError, err.Error())

actions/contacts/confirm.go

@@ -0,0 +1,43 @@
+package contacts
+
+import (
+	"errors"
+	"net/http"
+
+	"github.com/bitcoin-sv/spv-wallet/engine"
+	"github.com/bitcoin-sv/spv-wallet/server/auth"
+	"github.com/gin-gonic/gin"
+)
+
+// confirm will confirm contact request
+// Confirm contact godoc
+// @Summary		Confirm contact
+// @Description	Confirm contact. For contact with status "unconfirmed" change status to "confirmed"
+// @Tags		Contact
+// @Produce		json
+// @Param		paymail path string true "Paymail address of the contact the user wants to confirm"
+// @Success		200
+// @Failure		404	"Contact not found"
+// @Failure		422	"Contact status not unconfirmed"
+// @Failure		500	"Internal server error"
+// @Router		/v1/contact/confirmed/{paymail} [PATCH]
+// @Security	x-auth-xpub
+func (a *Action) confirm(c *gin.Context) {
+	reqXPubID := c.GetString(auth.ParamXPubHashKey)
+	paymail := c.Param("paymail")
+
+	err := a.Services.SpvWalletEngine.ConfirmContact(c, reqXPubID, paymail)
+
+	if err != nil {
+		switch {
+		case errors.Is(err, engine.ErrContactNotFound):
+			c.JSON(http.StatusNotFound, err.Error())
+		case errors.Is(err, engine.ErrContactIncorrectStatus):
+			c.JSON(http.StatusUnprocessableEntity, err.Error())
+		default:
+			c.JSON(http.StatusInternalServerError, err.Error())
+		}
+		return
+	}
+	c.Status(http.StatusOK)
+}

actions/contacts/models.go

@@ -23,13 +23,3 @@ func (p *UpsertContact) validate() error {
 
 	return nil
 }
-
-// UpdateContact is the model for updating a contact
-type UpdateContact struct {
-	XPubID   string          `json:"xpub_id"`
-	FullName string          `json:"full_name"`
-	Paymail  string          `json:"paymail"`
-	PubKey   string          `json:"pubKey"`
-	Status   string          `json:"status"`
-	Metadata engine.Metadata `json:"metadata"`
-}

actions/contacts/reject.go

@@ -20,7 +20,7 @@ import (
 // @Failure		404	"Contact not found"
 // @Failure		422	"Contact status not awaiting"
 // @Failure		500	"Internal server error"
-// @Router		/v1/contact/rejected [PATCH]
+// @Router		/v1/contact/rejected/{paymail} [PATCH]
 // @Security	x-auth-xpub
 func (a *Action) reject(c *gin.Context) {
 	reqXPubID := c.GetString(auth.ParamXPubHashKey)
@@ -32,7 +32,7 @@ func (a *Action) reject(c *gin.Context) {
 		switch {
 		case errors.Is(err, engine.ErrContactNotFound):
 			c.JSON(http.StatusNotFound, err.Error())
-		case errors.Is(err, engine.ErrContactStatusNotAwaiting):
+		case errors.Is(err, engine.ErrContactIncorrectStatus):
 			c.JSON(http.StatusUnprocessableEntity, err.Error())
 		default:
 			c.JSON(http.StatusInternalServerError, err.Error())

actions/contacts/routes.go

@@ -17,13 +17,14 @@ func NewHandler(appConfig *config.AppConfig, services *config.AppServices) route
 	action := &Action{actions.Action{AppConfig: appConfig, Services: services}}
 
 	apiEndpoints := routes.APIEndpointsFunc(func(router *gin.RouterGroup) {
-		contactGroup := router.Group("/contact")
-		contactGroup.PUT("/:paymail", action.upsert)
-		contactGroup.PATCH("", action.update)
-		contactGroup.PATCH("/accepted/:paymail", action.accept)
-		contactGroup.PATCH("/rejected/:paymail", action.reject)
-		contactsGroup := router.Group("/contacts")
-		contactsGroup.GET("", action.search)
+		group := router.Group("/contact")
+		group.PUT("/:paymail", action.upsert)
+
+		group.PATCH("/accepted/:paymail", action.accept)
+		group.PATCH("/rejected/:paymail", action.reject)
+		group.PATCH("/confirmed/:paymail", action.confirm)
+
+		group.POST("search", action.search)
 	})
 
 	return apiEndpoints

actions/contacts/routes_test.go

@@ -17,7 +17,8 @@ func (ts *TestSuite) TestContactsRegisterRoutes() {
 			{"PUT", "/" + config.APIVersion + "/contact/:paymail"},
 			{"PATCH", "/" + config.APIVersion + "/contact/accepted/:paymail"},
 			{"PATCH", "/" + config.APIVersion + "/contact/rejected/:paymail"},
-			{"GET", "/" + config.APIVersion + "/contacts"},
+			{"PATCH", "/" + config.APIVersion + "/contact/confirmed/:paymail"},
+			{"POST", "/" + config.APIVersion + "/contact/search"},
 		}
 
 		ts.Router.Routes()

actions/contacts/search.go

@@ -4,9 +4,7 @@ import (
 	"net/http"
 
 	"github.com/bitcoin-sv/spv-wallet/actions"
-	"github.com/bitcoin-sv/spv-wallet/engine"
 	"github.com/bitcoin-sv/spv-wallet/mappings"
-	"github.com/bitcoin-sv/spv-wallet/models"
 	"github.com/bitcoin-sv/spv-wallet/server/auth"
 	"github.com/gin-gonic/gin"
 )
@@ -25,42 +23,29 @@ import (
 // @Success		200 {object} []models.Contact "List of contacts"
 // @Failure		400	"Bad request - Error while parsing SearchRequestParameters from request body"
 // @Failure 	500	"Internal server error - Error while searching for contacts"
-// @Router		/v1/contacts [get]
+// @Router		/v1/contact/search [POST]
 // @Security	x-auth-xpub
 func (a *Action) search(c *gin.Context) {
 	reqXPubID := c.GetString(auth.ParamXPubHashKey)
 
-	params := c.Request.URL.Query()
-
-	queryParams, metadata, _, err := actions.GetSearchQueryParameters(c)
+	queryParams, metadata, conditions, err := actions.GetSearchQueryParameters(c)
 	if err != nil {
 		c.JSON(http.StatusExpectationFailed, err.Error())
 		return
 	}
 
-	dbConditions := make(map[string]interface{})
-
-	for key, value := range params {
-		dbConditions[key] = value
-	}
-
-	dbConditions["xpub_id"] = reqXPubID
-
-	var contacts []*engine.Contact
-	if contacts, err = a.Services.SpvWalletEngine.GetContacts(
+	contacts, err := a.Services.SpvWalletEngine.GetContacts(
 		c.Request.Context(),
+		reqXPubID,
 		metadata,
-		&dbConditions,
+		*conditions,
 		queryParams,
-	); err != nil {
-		c.JSON(http.StatusExpectationFailed, err.Error())
-		return
-	}
+	)
 
-	contactContracts := make([]*models.Contact, 0)
-	for _, contact := range contacts {
-		contactContracts = append(contactContracts, mappings.MapToContactContract(contact))
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, err.Error())
+		return
 	}
 
-	c.JSON(http.StatusOK, contactContracts)
+	c.JSON(http.StatusOK, mappings.MapToContactContracts(contacts))
 }

config.example.yaml

@@ -95,7 +95,7 @@ nodes:
     # gorillapool can be used as well
     # - arc_url: https://arc.gorillapool.io
     # - token: ""
-    - arc_url: https://api.taal.com/arc
+    - arc_url: https://arc.taal.com
       token: mainnet_06770f425eb00298839a24a49cbdc02c
   # use fee quotes for transaction fee calculation
   use_fee_quotes: true

config/defaults.go

@@ -128,7 +128,7 @@ func getNodesDefaults() *NodesConfig {
 		Callback:     getCallbackDefaults(),
 		Apis: []*MinerAPI{
 			{
-				ArcURL:  "https://api.taal.com/arc",
+				ArcURL:  "https://arc.taal.com",
 				Token:   "mainnet_06770f425eb00298839a24a49cbdc02c",
 				MinerID: "03ad780153c47df915b3d2e23af727c68facaca4facd5f155bf5018b979b9aeb83",
 			},