View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006975 | Taler | merchant backend | public | 2021-08-04 13:46 | 2021-08-24 16:22 |
| Reporter | Florian Dold | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | git (master) | ||||
| Target Version | 0.8 | Fixed in Version | 0.8 | ||
| Summary | 0006975: backend doesn't check authentication for public order status for refunded order | ||||
| Description | Can be reproduced with the integration test: $ taler-wallet-cli testing run-integrationtests merchant-refund-api [...] requesting order status via 'http://localhost:8083/orders/2021.216-0029CXEC075KM' 200 { refunded: false, refund_pending: false, refund_amount: 'TESTKUDOS:0' } | ||||
| Tags | No tags attached. | ||||
|
|
Fixed by Christian in the merchant. The merchant now returns HTTP 403. The wallet test case also had to be adjusted to expect the correct status code. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-08-04 13:46 | Florian Dold | New Issue | |
| 2021-08-04 13:46 | Florian Dold | Status | new => assigned |
| 2021-08-04 13:46 | Florian Dold | Assigned To | => Christian Grothoff |
| 2021-08-04 17:52 | Florian Dold | Status | assigned => resolved |
| 2021-08-04 17:52 | Florian Dold | Resolution | open => fixed |
| 2021-08-04 17:52 | Florian Dold | Note Added: 0018064 | |
| 2021-08-04 20:46 | Christian Grothoff | Product Version | => git (master) |
| 2021-08-04 20:46 | Christian Grothoff | Fixed in Version | => 0.8 |
| 2021-08-04 20:46 | Christian Grothoff | Target Version | => 0.8 |
| 2021-08-24 16:22 | Christian Grothoff | Status | resolved => closed |
| 2025-03-22 14:09 | Christian Grothoff | Category | mechant backend => merchant backend |
