mirror of
https://github.com/btcpayserver/btcpayserver.git
synced 2025-02-20 13:34:37 +01:00
Add "/api/v1/users/me" endpoint
This commit is contained in:
Umar Bolatov
parent
b4076b53e8
commit
d9935ada9d
5 changed files with 56 additions and 11 deletions
|
|
@ -24,7 +24,7 @@ namespace BTCPayServer.Client
|
|||
public const string CanManageNotificationsForUser = "btcpay.user.canmanagenotificationsforuser";
|
||||
public const string CanViewNotificationsForUser = "btcpay.user.canviewnotificationsforuser";
|
||||
public const string CanCreateUser = "btcpay.server.cancreateuser";
|
||||
public const string CanDeleteUser = "btcpay.server.candeleteuser";
|
||||
public const string CanDeleteUser = "btcpay.user.candeleteuser";
|
||||
public const string CanManagePullPayments = "btcpay.store.canmanagepullpayments";
|
||||
public const string Unrestricted = "unrestricted";
|
||||
public static IEnumerable<string> AllPolicies
|
||||
|
|
|
|||
|
|
@ -79,6 +79,21 @@ namespace BTCPayServer.Controllers.GreenField
|
|||
return await FromModel(user);
|
||||
}
|
||||
|
||||
[Authorize(Policy = Policies.CanDeleteUser, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
|
||||
[HttpDelete("~/api/v1/users/me")]
|
||||
public async Task<ActionResult<ApplicationUserData>> DeleteCurrentUser()
|
||||
{
|
||||
// Don't want to allow the user to delete themselves if they are the only admin
|
||||
if (await IsUserTheOnlyOneAdmin()) {
|
||||
return Forbid(AuthenticationSchemes.GreenfieldBasic);
|
||||
}
|
||||
|
||||
var user = await _userManager.GetUserAsync(User);
|
||||
await _userService.DeleteUserAndAssociatedData(user);
|
||||
|
||||
return Ok();
|
||||
}
|
||||
|
||||
[AllowAnonymous]
|
||||
[HttpPost("~/api/v1/users")]
|
||||
public async Task<IActionResult> CreateUser(CreateApplicationUserRequest request, CancellationToken cancellationToken = default)
|
||||
|
|
@ -206,7 +221,7 @@ namespace BTCPayServer.Controllers.GreenField
|
|||
}
|
||||
|
||||
// User shouldn't be deleted if it's the only admin
|
||||
if ((await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count == 1)
|
||||
if (await IsUserTheOnlyOneAdmin(user))
|
||||
{
|
||||
return Forbid(AuthenticationSchemes.GreenfieldBasic);
|
||||
}
|
||||
|
|
@ -245,5 +260,20 @@ namespace BTCPayServer.Controllers.GreenField
|
|||
Created = data.Created
|
||||
};
|
||||
}
|
||||
|
||||
private async Task<bool> IsUserTheOnlyOneAdmin()
|
||||
{
|
||||
return await IsUserTheOnlyOneAdmin(await _userManager.GetUserAsync(User));
|
||||
}
|
||||
|
||||
private async Task<bool> IsUserTheOnlyOneAdmin(ApplicationUser user)
|
||||
{
|
||||
var isUserAdmin = await _userService.IsAdminUser(user);
|
||||
if (!isUserAdmin) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return (await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count == 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -470,7 +470,7 @@ namespace BTCPayServer.Controllers
|
|||
{
|
||||
{BTCPayServer.Client.Policies.Unrestricted, ("Unrestricted access", "The app will have unrestricted access to your account.")},
|
||||
{BTCPayServer.Client.Policies.CanCreateUser, ("Create new users", "The app will be able to create new users on this server.")},
|
||||
{BTCPayServer.Client.Policies.CanDeleteUser, ("Delete users", "The app will be able to delete users on this server.")},
|
||||
{BTCPayServer.Client.Policies.CanDeleteUser, ("Delete user", "The app will be able to delete the user to whom it is assigned. Admin users can delete any user without this permission.")},
|
||||
{BTCPayServer.Client.Policies.CanModifyStoreSettings, ("Modify your stores", "The app will be able to view, modify, delete and create new invoices on all your stores.")},
|
||||
{$"{BTCPayServer.Client.Policies.CanModifyStoreSettings}:", ("Manage selected stores", "The app will be able to view, modify, delete and create new invoices on the selected stores.")},
|
||||
{BTCPayServer.Client.Policies.CanModifyStoreWebhooks, ("Modify stores webhooks", "The app will modify the webhooks of all your stores.")},
|
||||
|
|
|
|||
|
|
@ -93,6 +93,7 @@ namespace BTCPayServer.Security.GreenField
|
|||
case Policies.CanViewNotificationsForUser:
|
||||
case Policies.CanModifyProfile:
|
||||
case Policies.CanViewProfile:
|
||||
case Policies.CanDeleteUser:
|
||||
case Policies.Unrestricted:
|
||||
success = context.HasPermission(Permission.Create(policy), requiredUnscoped);
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -28,6 +28,27 @@
|
|||
"Basic": []
|
||||
}
|
||||
]
|
||||
},
|
||||
"delete": {
|
||||
"tags": [
|
||||
"Users"
|
||||
],
|
||||
"summary": "Deletes user profile",
|
||||
"description": "Deletes user profile and associated user data for user making the request",
|
||||
"operationId": "Users_DeleteCurrentUser",
|
||||
"responses": {
|
||||
"200": {
|
||||
"description": "User and associated data deleted successfully"
|
||||
}
|
||||
},
|
||||
"security": [
|
||||
{
|
||||
"API Key": [
|
||||
"btcpay.user.candeleteuser"
|
||||
],
|
||||
"Basic": []
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"/api/v1/users": {
|
||||
|
|
@ -140,14 +161,7 @@
|
|||
"description": "User with provided ID was not found"
|
||||
}
|
||||
},
|
||||
"security": [
|
||||
{
|
||||
"API Key": [
|
||||
"btcpay.server.candeleteuser"
|
||||
],
|
||||
"Basic": []
|
||||
}
|
||||
]
|
||||
"security": []
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue