mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2024-11-19 09:54:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

A store's guest should be able to manage lightning invoices (Fix #3212) (#3283)

Browse Source
This commit is contained in:
Nicolas Dorier 2022-01-11 17:22:10 +09:00 committed by GitHub
parent 5865fd5022
commit 0017e687db
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
BTCPayServer.Tests/GreenfieldAPITests.cs
View File

@ -608,6 +608,13 @@ namespace BTCPayServer.Tests
Assert.Equal(expectedError, err.APIError.Code);
return err;
}
private async Task<GreenFieldAPIException> AssertPermissionError(string expectedPermission, Func<Task> act)
{
var err = await Assert.ThrowsAsync<GreenFieldAPIException>(async () => await act());
var err2 = Assert.IsType<GreenfieldPermissionAPIError>(err.APIError);
Assert.Equal(expectedPermission, err2.MissingPermission);
return err;
}
[Fact(Timeout = TestTimeout)]
[Trait("Integration", "Integration")]
@ -1514,7 +1521,21 @@ namespace BTCPayServer.Tests
await client.GetLightningNodeInfo(user.StoreId, "BTC");
// But if not admin anymore, nope
await user.MakeAdmin(false);
await AssertAPIError("missing-permission", () => client.GetLightningNodeInfo(user.StoreId, "BTC"));
await AssertPermissionError("btcpay.server.canuseinternallightningnode", () => client.GetLightningNodeInfo(user.StoreId, "BTC"));
// However, even as a guest, you should be able to create an invoice
var guest = tester.NewAccount();
guest.GrantAccess(false);
await user.AddGuest(guest.UserId);
client = await guest.CreateClient(Policies.CanCreateLightningInvoiceInStore);
await client.CreateLightningInvoice(user.StoreId, "BTC", new CreateLightningInvoiceRequest()
{
Amount = LightMoney.Satoshis(1000),
Description = "lol",
Expiry = TimeSpan.FromSeconds(600),
});
client = await guest.CreateClient(Policies.CanUseLightningNodeInStore);
// Can use lightning node is only granted to store's owner
await AssertPermissionError("btcpay.store.canuselightningnode", () => client.GetLightningNodeInfo(user.StoreId, "BTC"));
}
}

6
BTCPayServer.Tests/TestAccount.cs
View File

@ -520,5 +520,11 @@ retry:
Assert.Equal("paid", localInvoice.Status);
});
}
public async Task AddGuest(string userId)
{
var repo = this.parent.PayTester.GetService<StoreRepository>();
await repo.AddStoreUser(StoreId, userId, "Guest");
}
}
}

2
BTCPayServer/Controllers/GreenField/LightningNodeApiController.Store.cs
View File

@ -127,7 +127,7 @@ namespace BTCPayServer.Controllers.GreenField
_lightningNetworkOptions.Value.InternalLightningByCryptoCode.TryGetValue(network.CryptoCode,
out var internalLightningNode))
{
if (!User.IsInRole(Roles.ServerAdmin))
if (!User.IsInRole(Roles.ServerAdmin) && doingAdminThings)
{
throw ErrorShouldBeAdminForInternalNode();
}

2
BTCPayServer/Controllers/GreenField/LightningNodeApiController.cs
View File

@ -248,7 +248,7 @@ namespace BTCPayServer.Controllers.GreenField
}
protected JsonHttpException ErrorShouldBeAdminForInternalNode()
{
return new JsonHttpException(this.CreateAPIError(403, "missing-permission", "The user should be admin to use the internal lightning node"));
return new JsonHttpException(this.CreateAPIPermissionError("btcpay.server.canuseinternallightningnode", "The user should be admin to use the internal lightning node"));
}
private LightningInvoiceData ToModel(LightningInvoice invoice)