mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2024-11-19 09:54:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Users API: Add roles (#1914)

Browse Source 
* API: Fix create user response model

* API: Add roles to user data
This commit is contained in:
Dennis Reimann 2020-09-16 14:17:33 +02:00 committed by GitHub
parent 2711f2cb2f
commit 8ba852084e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer.Client/Models/ApplicationUserData.cs
View File

@ -21,5 +21,10 @@ namespace BTCPayServer.Client.Models
/// whether the user needed to verify their email on account creation
/// </summary>
public bool RequiresEmailConfirmation { get; set; }
/// <summary>
/// the roles of the user
/// </summary>
public string[] Roles { get; set; }
}
}

5
BTCPayServer.Tests/GreenfieldAPITests.cs
View File

@ -148,9 +148,12 @@ namespace BTCPayServer.Tests
// We have no admin, so it should work
var user1 = await unauthClient.CreateUser(
new CreateApplicationUserRequest() { Email = "test@gmail.com", Password = "abceudhqw" });
Assert.Empty(user1.Roles);
// We have no admin, so it should work
var user2 = await unauthClient.CreateUser(
new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" });
Assert.Empty(user2.Roles);
// Duplicate email
await AssertValidationError(new[] { "Email" },
@ -164,6 +167,7 @@ namespace BTCPayServer.Tests
Password = "abceudhqw",
IsAdministrator = true
});
Assert.Contains("ServerAdmin", admin.Roles);
// Creating a new user without proper creds is now impossible (unauthorized)
// Because if registration are locked and that an admin exists, we don't accept unauthenticated connection
@ -560,6 +564,7 @@ namespace BTCPayServer.Tests
Assert.NotNull(apiKeyProfileUserData);
Assert.Equal(apiKeyProfileUserData.Id, user.UserId);
Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email);
Assert.Contains("ServerAdmin", apiKeyProfileUserData.Roles);
await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());
await clientServer.GetCurrentUser();

11
BTCPayServer/Controllers/GreenField/UsersController.cs
View File

@ -58,7 +58,7 @@ namespace BTCPayServer.Controllers.GreenField
public async Task<ActionResult<ApplicationUserData>> GetCurrentUser()
{
var user = await _userManager.GetUserAsync(User);
return FromModel(user);
return await FromModel(user);
}
[AllowAnonymous]
@ -152,17 +152,20 @@ namespace BTCPayServer.Controllers.GreenField
}
}
_eventAggregator.Publish(new UserRegisteredEvent() { RequestUri = Request.GetAbsoluteRootUri(), User = user, Admin = request.IsAdministrator is true });
return CreatedAtAction(string.Empty, user);
var model = await FromModel(user);
return CreatedAtAction(string.Empty, model);
}
private static ApplicationUserData FromModel(ApplicationUser data)
private async Task<ApplicationUserData> FromModel(ApplicationUser data)
{
var roles = (await _userManager.GetRolesAsync(data)).ToArray();
return new ApplicationUserData()
{
Id = data.Id,
Email = data.Email,
EmailConfirmed = data.EmailConfirmed,
RequiresEmailConfirmation = data.RequiresEmailConfirmation
RequiresEmailConfirmation = data.RequiresEmailConfirmation,
Roles = roles
};
}
}

12
BTCPayServer/wwwroot/swagger/v1/swagger.template.users.json
View File

@ -117,12 +117,12 @@
"properties": {
"id": {
"type": "string",
"description": "The id of the new user",
"description": "The id of the user",
"nullable": false
},
"email": {
"type": "string",
"description": "The email of the new user",
"description": "The email of the user",
"nullable": false
},
"emailConfirmed": {
@ -132,6 +132,14 @@
"requiresEmailConfirmation": {
"type": "boolean",
"description": "True if the email requires email confirmation to log in"
},
"roles": {
"type": "array",
"nullable": false,
"items": {
"type": "string"
},
"description": "The roles of the user"
}
}
}