mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-01-18 13:26:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make sure we do not expose lightning services if not admin

Browse Source
This commit is contained in:
nicolas.dorier 2022-07-08 12:41:55 +09:00
parent eec54831ef
commit 8530cf3535
No known key found for this signature in database
GPG Key ID: 6618763EF09186FE
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer/Components/StoreLightningServices/StoreLightningServices.cs
View File

@ -37,7 +37,8 @@ public class StoreLightningServices : ViewComponent
if (vm.Store == null) throw new ArgumentNullException(nameof(vm.Store));
if (vm.CryptoCode == null) throw new ArgumentNullException(nameof(vm.CryptoCode));
if (vm.LightningNodeType != LightningNodeType.Internal) return View(vm);
if (!User.IsInRole(Roles.ServerAdmin)) return View(vm);
var services = _externalServiceOptions.Value.ExternalServices.ToList()
.Where(service => ExternalServices.LightningServiceTypes.Contains(service.Type))
.Select(async service =>
@ -51,7 +52,7 @@ public class StoreLightningServices : ViewComponent
};
try
{
model.Link = await service.GetLink(Request.GetAbsoluteUriNoPathBase(), _btcpayServerOptions.NetworkType);
model.Link = service.GetRedirectLink(Request.GetAbsoluteUriNoPathBase(), _btcpayServerOptions.NetworkType);
}
catch (Exception exception)
{