accounts: disallow requests after critical errors

Author: ViktorTigerstrom

accounts/checkers_test.go

@@ -85,6 +85,10 @@ func (m *mockService) RemovePayment(hash lntypes.Hash) error {
 	return nil
 }
 
+func (*mockService) IsRunning() bool {
+	return true
+}
+
 var _ Service = (*mockService)(nil)
 
 // TestAccountChecker makes sure all round trip checkers can be instantiated

accounts/interceptor.go

@@ -52,6 +52,17 @@ func (s *InterceptorService) Intercept(ctx context.Context,
 	s.requestMtx.Lock()
 	defer s.requestMtx.Unlock()
 
+	// If the account service is not running, we reject all requests.
+	// Note that this is by no means a guarantee that the account service
+	// will be running throughout processing the request, but at least we
+	// can stop requests early if the service was already disabled when the
+	// request came in.
+	if !s.IsRunning() {
+		return mid.RPCErrString(
+			req, "the account service has been stopped",
+		)
+	}
+
 	mac := &macaroon.Macaroon{}
 	err := mac.UnmarshalBinary(req.RawMacaroon)
 	if err != nil {

accounts/interface.go

@@ -160,6 +160,12 @@ var (
 	ErrNotSupportedWithAccounts = errors.New("this RPC call is not " +
 		"supported with restricted account macaroons")
 
+	// ErrAccountServiceDisabled is the error that is returned when the
+	// account service has been disabled due to an error being thrown
+	// in the service that cannot be recovered from.
+	ErrAccountServiceDisabled = errors.New("the account service has been " +
+		"stopped")
+
 	// MacaroonPermissions are the permissions required for an account
 	// macaroon.
 	MacaroonPermissions = []bakery.Op{{
@@ -240,4 +246,7 @@ type Service interface {
 	// longer needs to be tracked. The payment is certain to never succeed,
 	// so we never need to debit the amount from the account.
 	RemovePayment(hash lntypes.Hash) error
+
+	// IsRunning returns true if the service can be used.
+	IsRunning() bool
 }

accounts/rpcserver.go

@@ -53,6 +53,10 @@ func (s *RPCServer) CreateAccount(ctx context.Context,
 	log.Infof("[createaccount] label=%v, balance=%d, expiration=%d",
 		req.Label, req.AccountBalance, req.ExpirationDate)
 
+	if !s.service.IsRunning() {
+		return nil, ErrAccountServiceDisabled
+	}
+
 	var (
 		balanceMsat    lnwire.MilliSatoshi
 		expirationDate time.Time
@@ -115,6 +119,10 @@ func (s *RPCServer) UpdateAccount(_ context.Context,
 	log.Infof("[updateaccount] id=%s, label=%v, balance=%d, expiration=%d",
 		req.Id, req.Label, req.AccountBalance, req.ExpirationDate)
 
+	if !s.service.IsRunning() {
+		return nil, ErrAccountServiceDisabled
+	}
+
 	accountID, err := s.findAccount(req.Id, req.Label)
 	if err != nil {
 		return nil, err
@@ -138,6 +146,10 @@ func (s *RPCServer) ListAccounts(context.Context,
 
 	log.Info("[listaccounts]")
 
+	if !s.service.IsRunning() {
+		return nil, ErrAccountServiceDisabled
+	}
+
 	// Retrieve all accounts from the macaroon account store.
 	accts, err := s.service.Accounts()
 	if err != nil {
@@ -163,6 +175,10 @@ func (s *RPCServer) AccountInfo(_ context.Context,
 
 	log.Infof("[accountinfo] id=%v, label=%v", req.Id, req.Label)
 
+	if !s.service.IsRunning() {
+		return nil, ErrAccountServiceDisabled
+	}
+
 	accountID, err := s.findAccount(req.Id, req.Label)
 	if err != nil {
 		return nil, err
@@ -183,6 +199,10 @@ func (s *RPCServer) RemoveAccount(_ context.Context,
 
 	log.Infof("[removeaccount] id=%v, label=%v", req.Id, req.Label)
 
+	if !s.service.IsRunning() {
+		return nil, ErrAccountServiceDisabled
+	}
+
 	accountID, err := s.findAccount(req.Id, req.Label)
 	if err != nil {
 		return nil, err