Skip to content

Commit

Permalink
fix: avoid leaking balance info by error message or continue button
Browse files Browse the repository at this point in the history
  • Loading branch information
Syn-McJ committed Aug 18, 2023
1 parent 418ea46 commit 9a85d70
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,10 @@ class EnterAmountFragment : Fragment(R.layout.fragment_enter_amount) {
private set
var didAuthorize: Boolean = false

private val requirePinForBalance by lazy {
requireArguments().getBoolean(ARG_REQUIRE_PIN_MAX_BUTTON)
}

override fun onViewCreated(view: View, savedInstanceState: Bundle?) {
super.onViewCreated(view, savedInstanceState)

Expand Down Expand Up @@ -132,8 +136,12 @@ class EnterAmountFragment : Fragment(R.layout.fragment_enter_amount) {
}
}

viewModel.canContinue.observe(viewLifecycleOwner) {
binding.continueBtn.isEnabled = it
viewModel.canContinue.observe(viewLifecycleOwner) { canContinue ->
binding.continueBtn.isEnabled = if (!didAuthorize && requirePinForBalance) {
viewModel.amount.value?.isPositive ?: false
} else {
canContinue
}
}
}

Expand Down Expand Up @@ -201,7 +209,7 @@ class EnterAmountFragment : Fragment(R.layout.fragment_enter_amount) {
}

private suspend fun onMaxAmountButtonClick() {
if (!didAuthorize && requireArguments().getBoolean(ARG_REQUIRE_PIN_MAX_BUTTON)) {
if (!didAuthorize && requirePinForBalance) {
authManager.authenticate(requireActivity(), false) ?: return
didAuthorize = true
}
Expand Down
12 changes: 9 additions & 3 deletions wallet/src/de/schildbach/wallet/ui/send/SendCoinsFragment.kt
Original file line number Diff line number Diff line change
Expand Up @@ -74,11 +74,13 @@ class SendCoinsFragment: Fragment(R.layout.send_coins_fragment) {
enterAmountFragment?.didAuthorize = value
}

private val requirePinForBalance by lazy {
(requireActivity() as LockScreenActivity).keepUnlocked
}

override fun onViewCreated(view: View, savedInstanceState: Bundle?) {
super.onViewCreated(view, savedInstanceState)

val requirePinForBalance = (requireActivity() as LockScreenActivity).keepUnlocked

binding.titleBar.setNavigationOnClickListener {
requireActivity().finish()
}
Expand Down Expand Up @@ -150,7 +152,11 @@ class SendCoinsFragment: Fragment(R.layout.send_coins_fragment) {
} else if (dryRunException != null) {
errorMessage = when (dryRunException) {
is Wallet.DustySendRequested -> getString(R.string.send_coins_error_dusty_send)
is InsufficientMoneyException -> getString(R.string.send_coins_error_insufficient_money)
is InsufficientMoneyException -> if (!requirePinForBalance || userAuthorizedDuring) {
getString(R.string.send_coins_error_insufficient_money)
} else {
""
}
is Wallet.CouldNotAdjustDownwards -> getString(R.string.send_coins_error_dusty_send)
else -> dryRunException.toString()
}
Expand Down

0 comments on commit 9a85d70

Please sign in to comment.