From 2105b44610025de042bdce7af0f900c89010a9f4 Mon Sep 17 00:00:00 2001 From: "nicolas.dorier" Date: Thu, 19 Mar 2020 13:30:53 +0900 Subject: [PATCH] Make sure the create user is respecting the disable-registration settings --- BTCPayServer.Tests/BTCPayServerTester.cs | 8 +++++--- BTCPayServer.Tests/GreenfieldAPITests.cs | 15 ++++++++------- .../Controllers/RestApi/Users/UsersController.cs | 12 +++++++++--- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/BTCPayServer.Tests/BTCPayServerTester.cs b/BTCPayServer.Tests/BTCPayServerTester.cs index a9924cde4..03aa4ef5d 100644 --- a/BTCPayServer.Tests/BTCPayServerTester.cs +++ b/BTCPayServer.Tests/BTCPayServerTester.cs @@ -95,7 +95,8 @@ namespace BTCPayServer.Tests public HashSet Chains { get; set; } = new HashSet(){"BTC"}; public bool UseLightning { get; set; } - + public bool AllowAdminRegistration { get; set; } = true; + public bool DisableRegistration { get; set; } = false; public async Task StartAsync() { if (!Directory.Exists(_Directory)) @@ -137,7 +138,8 @@ namespace BTCPayServer.Tests config.AppendLine($"lbtc.explorer.url={LBTCNBXplorerUri.AbsoluteUri}"); config.AppendLine($"lbtc.explorer.cookiefile=0"); } - config.AppendLine("allow-admin-registration=1"); + if (AllowAdminRegistration) + config.AppendLine("allow-admin-registration=1"); config.AppendLine($"torrcfile={TestUtils.GetTestDataFullPath("Tor/torrc")}"); config.AppendLine($"debuglog=debug.log"); @@ -161,7 +163,7 @@ namespace BTCPayServer.Tests HttpClient = new HttpClient(); HttpClient.BaseAddress = ServerUri; Environment.SetEnvironmentVariable("ASPNETCORE_ENVIRONMENT", "Development"); - var conf = new DefaultConfiguration() { Logger = Logs.LogProvider.CreateLogger("Console") }.CreateConfiguration(new[] { "--datadir", _Directory, "--conf", confPath, "--disable-registration", "false" }); + var conf = new DefaultConfiguration() { Logger = Logs.LogProvider.CreateLogger("Console") }.CreateConfiguration(new[] { "--datadir", _Directory, "--conf", confPath, "--disable-registration", DisableRegistration ? "true" : "false" }); _Host = new WebHostBuilder() .UseConfiguration(conf) .UseContentRoot(FindBTCPayServerDirectory()) diff --git a/BTCPayServer.Tests/GreenfieldAPITests.cs b/BTCPayServer.Tests/GreenfieldAPITests.cs index 8fe50674c..4d3ebb483 100644 --- a/BTCPayServer.Tests/GreenfieldAPITests.cs +++ b/BTCPayServer.Tests/GreenfieldAPITests.cs @@ -61,6 +61,7 @@ namespace BTCPayServer.Tests { using (var tester = ServerTester.Create(newDb: true)) { + tester.PayTester.DisableRegistration = true; await tester.StartAsync(); var unauthClient = new BTCPayServerClient(tester.PayTester.ServerUri); await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest())); @@ -133,8 +134,9 @@ namespace BTCPayServer.Tests [Trait("Integration", "Integration")] public async Task UsersControllerTests() { - using (var tester = ServerTester.Create()) + using (var tester = ServerTester.Create(newDb: true)) { + tester.PayTester.DisableRegistration = true; await tester.StartAsync(); var user = tester.NewAccount(); user.GrantAccess(); @@ -152,12 +154,11 @@ namespace BTCPayServer.Tests await Assert.ThrowsAsync(async () => await clientInsufficient.GetCurrentUser()); await clientServer.GetCurrentUser(); - // TODO: Disabling this check for now because it conflicts with expecation in line 120 - //await Assert.ThrowsAsync(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest() - //{ - // Email = $"{Guid.NewGuid()}@g.com", - // Password = Guid.NewGuid().ToString() - //})); + await Assert.ThrowsAsync(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest() + { + Email = $"{Guid.NewGuid()}@g.com", + Password = Guid.NewGuid().ToString() + })); var newUser = await clientServer.CreateUser(new CreateApplicationUserRequest() { diff --git a/BTCPayServer/Controllers/RestApi/Users/UsersController.cs b/BTCPayServer/Controllers/RestApi/Users/UsersController.cs index 8bd4e26fb..dd5894815 100644 --- a/BTCPayServer/Controllers/RestApi/Users/UsersController.cs +++ b/BTCPayServer/Controllers/RestApi/Users/UsersController.cs @@ -30,6 +30,7 @@ namespace BTCPayServer.Controllers.RestApi.Users private readonly EventAggregator _eventAggregator; private readonly IPasswordValidator _passwordValidator; private readonly RateLimitService _throttleService; + private readonly BTCPayServerOptions _options; private readonly IAuthorizationService _authorizationService; public UsersController(UserManager userManager, BTCPayServerOptions btcPayServerOptions, @@ -37,6 +38,7 @@ namespace BTCPayServer.Controllers.RestApi.Users EventAggregator eventAggregator, IPasswordValidator passwordValidator, NicolasDorier.RateLimits.RateLimitService throttleService, + Configuration.BTCPayServerOptions options, IAuthorizationService authorizationService) { _userManager = userManager; @@ -46,6 +48,7 @@ namespace BTCPayServer.Controllers.RestApi.Users _eventAggregator = eventAggregator; _passwordValidator = passwordValidator; _throttleService = throttleService; + _options = options; _authorizationService = authorizationService; } @@ -140,9 +143,12 @@ namespace BTCPayServer.Controllers.RestApi.Users await _userManager.AddToRoleAsync(user, Roles.ServerAdmin); if (!anyAdmin) { - // automatically lock subscriptions now that we have our first admin - policies.LockSubscription = true; - await _settingsRepository.UpdateSetting(policies); + if (_options.DisableRegistration) + { + // automatically lock subscriptions now that we have our first admin + policies.LockSubscription = true; + await _settingsRepository.UpdateSetting(policies); + } } } _eventAggregator.Publish(new UserRegisteredEvent() {Request = Request, User = user, Admin = request.IsAdministrator is true });