feat(dangerous protections): disable dangerous operations by default
This commit is contained in:
@@ -11,6 +11,7 @@ export interface IBunqConstructorOptions {
|
||||
environment: 'SANDBOX' | 'PRODUCTION';
|
||||
permittedIps?: string[];
|
||||
isOAuthToken?: boolean; // Set to true when using OAuth access token instead of API key
|
||||
dangerousOperations?: boolean; // Set to true to enable dangerous operations like closing accounts
|
||||
}
|
||||
|
||||
/**
|
||||
|
@@ -97,6 +97,12 @@ export class BunqCard {
|
||||
* Update card settings
|
||||
*/
|
||||
public async update(updates: any): Promise<void> {
|
||||
// Check if this is a dangerous operation
|
||||
if ((updates.status === 'CANCELLED' || updates.status === 'BLOCKED') &&
|
||||
!this.bunqAccount.options.dangerousOperations) {
|
||||
throw new Error('Dangerous operations are not enabled. Initialize the BunqAccount with dangerousOperations: true to allow cancelling or blocking cards.');
|
||||
}
|
||||
|
||||
await this.bunqAccount.apiContext.ensureValidSession();
|
||||
|
||||
const cardType = this.type === 'MASTERCARD' ? 'CardCredit' : 'CardDebit';
|
||||
|
@@ -170,6 +170,11 @@ export class BunqMonetaryAccount {
|
||||
* Update account settings
|
||||
*/
|
||||
public async update(updates: any): Promise<void> {
|
||||
// Check if this is a dangerous operation
|
||||
if (updates.status === 'CANCELLED' && !this.bunqAccountRef.options.dangerousOperations) {
|
||||
throw new Error('Dangerous operations are not enabled. Initialize the BunqAccount with dangerousOperations: true to allow cancelling accounts.');
|
||||
}
|
||||
|
||||
await this.bunqAccountRef.apiContext.ensureValidSession();
|
||||
|
||||
const endpoint = `/v1/user/${this.bunqAccountRef.userId}/monetary-account/${this.id}`;
|
||||
@@ -235,6 +240,10 @@ export class BunqMonetaryAccount {
|
||||
* Close this monetary account
|
||||
*/
|
||||
public async close(reason: string): Promise<void> {
|
||||
if (!this.bunqAccountRef.options.dangerousOperations) {
|
||||
throw new Error('Dangerous operations are not enabled. Initialize the BunqAccount with dangerousOperations: true to allow closing accounts.');
|
||||
}
|
||||
|
||||
await this.update({
|
||||
status: 'CANCELLED',
|
||||
sub_status: 'REDEMPTION_VOLUNTARY',
|
||||
|
Reference in New Issue
Block a user