Add transaction clearing admin endpoint for testing purposes

This adds one new admin endpoint that allows for the deletion of an entire transaction history, for testing purposes only. Testing -------- 1. On a local setup, I sent a cURL command to the new endpoint. The command succeeded and the transaction history was successfully cleared. I purchased a month via LN checkout and verified that transactions were written again as normal. 2. Ran all automated tests which were passing. 3. Ran type check and ensured there are no regressions on the type check 4. Tested sending request with no admin password and an incorrect admin password and ensured that it was rejected and had no side effects to the account Signed-off-by: Daniel D’Aquino <[email protected]> Signed-off-by: William Casarin <[email protected]>
damus-io · Mar 16, 2024 · 03900ce · 03900ce
1 parent 346acfb
commit 03900ce
Showing 1 changed file with 41 additions and 2 deletions.
diff --git a/src/router_config.js b/src/router_config.js
@@ -382,10 +382,49 @@ function config_router(app) {
  invalid_request(res, { error: delete_error })
  return
  }
- 
+
  json_response(res, { success: true })
  })
-
+
+ /**
+ * This route is used to delete a user account transaction history.
+ * This is useful when testing first checkout flows, and we need to reset the user's transaction history.
+ */
+ router.delete('/admin/users/:pubkey/transaction-history', async (req, res) => {
+ const pubkey = req.params.pubkey
+ const body = req.body
+ const admin_password = body.admin_password
+ if (!process.env.ADMIN_PASSWORD) {
+ unauthorized_response(res, 'Admin password not set in the environment variables')
+ return
+ }
+ if (!admin_password) {
+ unauthorized_response(res, 'Missing admin_password')
+ return
+ }
+ if (admin_password != process.env.ADMIN_PASSWORD) {
+ unauthorized_response(res, 'Invalid admin password')
+ return
+ }
+ if (!pubkey) {
+ invalid_request(res, 'Missing pubkey')
+ return
+ }
+ const { account, user_id } = get_account_and_user_id(app, pubkey)
+
+ account.transactions = []
+ account.expiry = null
+ try {
+ put_account(app, pubkey, account)
+ }
+ catch (e) {
+ error("Error when putting account: %s", e.toString())
+ invalid_request(res, { error: e.toString() })
+ return
+ }
+ json_response(res, { success: true })
+ })
+
  /**
  * This route is used to force a specific UUID for a user account.
  *