From 0f89e9f54a67409315a2e49c541f11c5e02b653a Mon Sep 17 00:00:00 2001
From: Marko Milic <marko.milic@md-softwaredesign.de>
Date: Mon, 1 Aug 2016 15:02:21 +0200
Subject: [PATCH 1/3] Closes #107 - Need internal guard on Internal (Kafka)
 getBankAccounts Set of Requeted IDs must match the set of Returned IDs

---
 src/main/scala/code/api/util/APIUtil.scala                 | 2 ++
 src/main/scala/code/api/v2_0_0/APIMethods200.scala         | 7 +++++--
 .../scala/code/bankconnectors/KafkaMappedConnector.scala   | 6 ++++++
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/main/scala/code/api/util/APIUtil.scala b/src/main/scala/code/api/util/APIUtil.scala
index 114e4010d..a8863d162 100644
--- a/src/main/scala/code/api/util/APIUtil.scala
+++ b/src/main/scala/code/api/util/APIUtil.scala
@@ -106,6 +106,8 @@ object ErrorMessages {
   val InvalidAccountType = "OBP-30108: Invalid Account Type."
   val InitialBalanceMustBeZero = "OBP-30109: Initial Balance of Account must be Zero (0)."
 
+  val InvalidGetBankAccountsConnectorResponse = "OBP-30201: Connector did not return the set of accounts we requested."
+
 
 
   // Transaction related messages:
diff --git a/src/main/scala/code/api/v2_0_0/APIMethods200.scala b/src/main/scala/code/api/v2_0_0/APIMethods200.scala
index d84a0ab32..f54bb3e8c 100644
--- a/src/main/scala/code/api/v2_0_0/APIMethods200.scala
+++ b/src/main/scala/code/api/v2_0_0/APIMethods200.scala
@@ -234,8 +234,11 @@ trait APIMethods200 {
       //get public accounts for all banks
       case "accounts" :: "public" :: Nil JsonGet json => {
         user =>
-          val publicAccountsJson = bankAccountBasicListToJson(BankAccount.publicAccounts, Empty)
-          Full(successJsonResponse(publicAccountsJson))
+          for {
+            publicAccountsJson <- tryo{bankAccountBasicListToJson(BankAccount.publicAccounts, Empty)} ?~ "Could not get accounts."
+          } yield {
+            Full(successJsonResponse(publicAccountsJson))
+          }
       }
     }
 
diff --git a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
index 368a976d8..2ed54b2ac 100644
--- a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
+++ b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
@@ -290,6 +290,12 @@ object KafkaMappedConnector extends Connector with CreateViewImpls with Loggable
     val r = {
       cachedAccounts.getOrElseUpdate( argList.toString, () => process(reqId, "getBankAccounts", argList).extract[List[KafkaInboundAccount]])
     }
+    // Check does the response data match the requested data
+    val accRes = for(row <- r) yield {
+      (BankId(row.bank), AccountId(row.id))
+    }
+    if ((accRes.toSet diff accts.toSet).size > 0) throw new Exception(ErrorMessages.InvalidGetBankAccountsConnectorResponse)
+
     r.map { t => new KafkaBankAccount(t) }
   }
 

From 1b71f5b3213dc42f5b8f833f6bf2fb9d500962e4 Mon Sep 17 00:00:00 2001
From: Marko Milic <marko.milic@md-softwaredesign.de>
Date: Mon, 1 Aug 2016 16:08:45 +0200
Subject: [PATCH 2/3] Closes #108 - Need internal guard on Internal (Kafka)
 getBankAccount so the returned accountID matches the requested accountID

---
 src/main/scala/code/api/util/APIUtil.scala                   | 1 +
 .../scala/code/bankconnectors/KafkaMappedConnector.scala     | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/src/main/scala/code/api/util/APIUtil.scala b/src/main/scala/code/api/util/APIUtil.scala
index a8863d162..e3112fa05 100644
--- a/src/main/scala/code/api/util/APIUtil.scala
+++ b/src/main/scala/code/api/util/APIUtil.scala
@@ -107,6 +107,7 @@ object ErrorMessages {
   val InitialBalanceMustBeZero = "OBP-30109: Initial Balance of Account must be Zero (0)."
 
   val InvalidGetBankAccountsConnectorResponse = "OBP-30201: Connector did not return the set of accounts we requested."
+  val InvalidGetBankAccountConnectorResponse = "OBP-30202: Connector did not return the account we requested."
 
 
 
diff --git a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
index 2ed54b2ac..95cf5a8bb 100644
--- a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
+++ b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
@@ -274,6 +274,11 @@ object KafkaMappedConnector extends Connector with CreateViewImpls with Loggable
     val r = {
       cachedAccount.getOrElseUpdate( argList.toString, () => process(reqId, "getBankAccount", argList).extract[KafkaInboundAccount])
     }
+    // Check does the response data match the requested data
+    val accResp = List((BankId(r.bank), AccountId(r.id))).toSet
+    val acc = List((bankId, accountID)).toSet
+    if ((accResp diff acc).size > 0) throw new Exception(ErrorMessages.InvalidGetBankAccountConnectorResponse)
+
     Full(new KafkaBankAccount(r))
   }
 

From 2d1f7696de0f96cb4ab6391912c30cfb771bcad0 Mon Sep 17 00:00:00 2001
From: Marko Milic <marko.milic@md-softwaredesign.de>
Date: Mon, 1 Aug 2016 16:42:49 +0200
Subject: [PATCH 3/3] Closes #106 - Need internal guard on Kafka get
 transaction by id

---
 src/main/scala/code/api/util/APIUtil.scala                    | 1 +
 src/main/scala/code/bankconnectors/KafkaMappedConnector.scala | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/src/main/scala/code/api/util/APIUtil.scala b/src/main/scala/code/api/util/APIUtil.scala
index e3112fa05..5db572496 100644
--- a/src/main/scala/code/api/util/APIUtil.scala
+++ b/src/main/scala/code/api/util/APIUtil.scala
@@ -108,6 +108,7 @@ object ErrorMessages {
 
   val InvalidGetBankAccountsConnectorResponse = "OBP-30201: Connector did not return the set of accounts we requested."
   val InvalidGetBankAccountConnectorResponse = "OBP-30202: Connector did not return the account we requested."
+  val InvalidGetTransactionConnectorResponse = "OBP-30203: Connector did not return the transaction we requested."
 
 
 
diff --git a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
index 95cf5a8bb..dd67242d5 100644
--- a/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
+++ b/src/main/scala/code/bankconnectors/KafkaMappedConnector.scala
@@ -224,6 +224,8 @@ object KafkaMappedConnector extends Connector with CreateViewImpls with Loggable
     // Since result is single account, we need only first list entry
     implicit val formats = net.liftweb.json.DefaultFormats
     val r = process(reqId, "getTransaction", argList).extract[KafkaInboundTransaction]
+    // Check does the response data match the requested data
+    if (transactionId.value != r.id) throw new Exception(ErrorMessages.InvalidGetTransactionConnectorResponse)
     createNewTransaction(r)
   }