Greenfield API: God Mode

When the `ServerManagement` permission is granted, you should be able to do everything in the system. Maybe I should rename it to GodMode as a permission to not have any confusion with managing server settings (currently `ServerManagement`)?
2025-02-22 14:22:40 +01:00 · 2020-03-12 18:43:57 +01:00 · 2020-03-12 18:43:57 +01:00 · 0c065df4bd
commit 0c065df4bd
parent b5664dac81
2 changed files with 23 additions and 7 deletions
--- a/BTCPayServer.Tests/GreenfieldAPITests.cs
+++ b/BTCPayServer.Tests/GreenfieldAPITests.cs
@ -62,8 +62,10 @@ namespace BTCPayServer.Tests
                user.GrantAccess();
                await user.MakeAdmin();
                string apiKeyProfile = await GenerateAPIKey(tester, user, Permissions.ProfileManagement);
+                string apiKeyServer = await GenerateAPIKey(tester, user, Permissions.ServerManagement);
                string apiKeyInsufficient = await GenerateAPIKey(tester, user, Permissions.StoreManagement);
                var clientProfile = new BTCPayServerClient(tester.PayTester.ServerUri, apiKeyProfile);
+                var clientServer = new BTCPayServerClient(tester.PayTester.ServerUri, apiKeyServer);
                var clientInsufficient= new BTCPayServerClient(tester.PayTester.ServerUri, apiKeyInsufficient);
                
                var apiKeyProfileUserData = await clientProfile.GetCurrentUser();
@ -72,6 +74,7 @@ namespace BTCPayServer.Tests
                Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email);

                await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());
+                await clientServer.GetCurrentUser();
            }
        }

--- a/BTCPayServer/Security/APIKeys/APIKeyAuthorizationHandler.cs
+++ b/BTCPayServer/Security/APIKeys/APIKeyAuthorizationHandler.cs
@ -1,4 +1,5 @@
 using System.Linq;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using BTCPayServer.Client;
 using BTCPayServer.Data;
@ -69,20 +70,32 @@ namespace BTCPayServer.Security.APIKeys
                case Policies.CanModifyServerSettings.Key:
                    if (!context.HasPermissions(Permissions.ServerManagement))
                        break;
-                    // For this authorization, we stil check in database because it is super sensitive.
-                    var user = await _userManager.GetUserAsync(context.User);
-                    if (user == null)
-                        break;
-                    if (!await _userManager.IsInRoleAsync(user, Roles.ServerAdmin))
-                        break;
-                    success = true;
+                    // For this authorization, we still check in database because it is super sensitive.
+                    success = await IsUserAdmin(context.User);
                    break;
            }

+            //if you do not have the specific permissions, BUT you have server management, we enable god mode 
+            if (!success && context.HasPermissions(Permissions.ServerManagement) &&
+                requirement.Policy != Policies.CanModifyServerSettings.Key)
+            {
+                success = await IsUserAdmin(context.User);
+            }
+
            if (success)
            {
                context.Succeed(requirement);
            }
        }
+
+        private async Task<bool> IsUserAdmin(ClaimsPrincipal contextUser)
+        {
+            var user = await _userManager.GetUserAsync(contextUser);
+            if (user == null)
+                return false;
+            if (!await _userManager.IsInRoleAsync(user, Roles.ServerAdmin))
+                return false;
+            return true;
+        }
    }
 }