add tests and reword setting

BTCPayServer.Tests/GreenfieldAPITests.cs

@@ -31,9 +31,6 @@ namespace BTCPayServer.Tests
     public class GreenfieldAPITests
     {
         public const int TestTimeout = TestUtils.TestTimeout;
-
-        public const string TestApiPath = "api/test/apikey";
-
         public GreenfieldAPITests(ITestOutputHelper helper)
         {
             Logs.Tester = new XUnitLog(helper) { Name = "Tests" };
@@ -247,6 +244,20 @@ namespace BTCPayServer.Tests
                         Password = "afewfoiewiou",
                         IsAdministrator = true
                     }));
+                
+                // If we set DisableNonAdminCreateUserApi = true, it should always fail to create a user unless you are an admin
+                await settings.UpdateSetting(new PoliciesSettings() { LockSubscription = false, DisableNonAdminCreateUserApi = true});
+                await AssertHttpError(403,
+                    async () =>
+                        await unauthClient.CreateUser(
+                            new CreateApplicationUserRequest() {Email = "test9@gmail.com", Password = "afewfoiewiou"}));              
+                await AssertHttpError(403,
+                    async () =>
+                        await user1Client.CreateUser(
+                            new CreateApplicationUserRequest() {Email = "test9@gmail.com", Password = "afewfoiewiou"}));
+                await adminClient.CreateUser(
+                    new CreateApplicationUserRequest() {Email = "test9@gmail.com", Password = "afewfoiewiou"});
+
             }
         }
 

BTCPayServer.Tests/UnitTest1.cs

@@ -35,6 +35,7 @@ using BTCPayServer.Security.Bitpay;
 using BTCPayServer.Services;
 using BTCPayServer.Services.Apps;
 using BTCPayServer.Services.Invoices;
+using BTCPayServer.Services.Mails;
 using BTCPayServer.Services.Rates;
 using BTCPayServer.Tests.Logging;
 using BTCPayServer.U2F.Models;
@@ -3345,5 +3346,57 @@ namespace BTCPayServer.Tests
                 Assert.False(fn.Seen);
             }
         }
+       
+        [Fact(Timeout = TestTimeout)]
+        [Trait("Integration", "Integration")]
+        public async Task EmailSenderTests()
+        {
+            using (var tester = ServerTester.Create(newDb: true))
+            {
+                await tester.StartAsync();
+
+                var acc = tester.NewAccount();
+                acc.GrantAccess(true);
+
+                var settings = tester.PayTester.GetService<SettingsRepository>();
+                var emailSenderFactory = tester.PayTester.GetService<EmailSenderFactory>();
+                
+                Assert.Null(await Assert.IsType<ServerEmailSender>(emailSenderFactory.GetEmailSender()).GetEmailSettings());
+                Assert.Null(await Assert.IsType<StoreEmailSender>(emailSenderFactory.GetEmailSender(acc.StoreId)).GetEmailSettings());
+
+                
+                await settings.UpdateSetting(new PoliciesSettings() { DisableStoresToUseServerEmailSettings = false });
+                await settings.UpdateSetting(new EmailSettings()
+                {
+                 From   = "admin@admin.com",
+                 Login = "admin@admin.com",
+                 Password = "admin@admin.com",
+                 Port = 1234,
+                 Server = "admin.com",
+                 EnableSSL = true
+                });
+                Assert.Equal("admin@admin.com",(await Assert.IsType<ServerEmailSender>(emailSenderFactory.GetEmailSender()).GetEmailSettings()).Login);
+                Assert.Equal("admin@admin.com",(await Assert.IsType<StoreEmailSender>(emailSenderFactory.GetEmailSender(acc.StoreId)).GetEmailSettings()).Login);
+
+                await settings.UpdateSetting(new PoliciesSettings() { DisableStoresToUseServerEmailSettings = true });
+                Assert.Equal("admin@admin.com",(await Assert.IsType<ServerEmailSender>(emailSenderFactory.GetEmailSender()).GetEmailSettings()).Login);
+                Assert.Null(await Assert.IsType<StoreEmailSender>(emailSenderFactory.GetEmailSender(acc.StoreId)).GetEmailSettings());
+
+                Assert.IsType<RedirectToActionResult>(await acc.GetController<StoresController>().Emails(acc.StoreId, new EmailsViewModel(new EmailSettings()
+                {
+                    From   = "store@store.com",
+                    Login = "store@store.com",
+                    Password = "store@store.com",
+                    Port = 1234,
+                    Server = "store.com",
+                    EnableSSL = true
+                }), ""));
+                
+                Assert.Equal("store@store.com",(await Assert.IsType<StoreEmailSender>(emailSenderFactory.GetEmailSender(acc.StoreId)).GetEmailSettings()).Login);
+
+            }
+        }
+        
+        
     }
 }

BTCPayServer/Controllers/GreenField/UsersController.cs

@@ -104,7 +104,7 @@ namespace BTCPayServer.Controllers.GreenField
             if (request.IsAdministrator is true && !isAdmin)
                 return Forbid(AuthenticationSchemes.GreenfieldBasic);
 
-            if (!isAdmin && (policies.LockSubscription || _themeManager.Policies.DisableUnauthenticatedUserApi))
+            if (!isAdmin && (policies.LockSubscription || _themeManager.Policies.DisableNonAdminCreateUserApi))
             {
                 // If we are not admin and subscriptions are locked, we need to check the Policies.CanCreateUser.Key permission
                 var canCreateUser = (await _authorizationService.AuthorizeAsync(User, null, new PolicyRequirement(Policies.CanCreateUser))).Succeeded;

BTCPayServer/Services/Mails/StoreEmailSender.cs

@@ -12,11 +12,9 @@ namespace BTCPayServer.Services.Mails
                                 IBackgroundJobClient backgroundJobClient,
                                 string storeId) : base(backgroundJobClient)
         {
-            if (storeId == null)
-                throw new ArgumentNullException(nameof(storeId));
+            StoreId = storeId ?? throw new ArgumentNullException(nameof(storeId));
             StoreRepository = storeRepository;
             FallbackSender = fallback;
-            StoreId = storeId;
         }
 
         public StoreRepository StoreRepository { get; }
@@ -31,7 +29,9 @@ namespace BTCPayServer.Services.Mails
             {
                 return emailSettings;
             }
-            return await FallbackSender.GetEmailSettings();
+
+            if (FallbackSender != null) return await FallbackSender?.GetEmailSettings();
+            return null;
         }
     }
 }

BTCPayServer/Services/PoliciesSettings.cs

@@ -30,8 +30,8 @@ namespace BTCPayServer.Services
         public bool DisableInstantNotifications { get; set; }
         [Display(Name = "Disable stores falling back to using the server's email settings")]
         public bool DisableStoresToUseServerEmailSettings { get; set; }
-        [Display(Name = "Disable unauthenticated Create User API")]
-        public bool DisableUnauthenticatedUserApi { get; set; }
+        [Display(Name = "Only allow admins to use the user creation API")]
+        public bool DisableNonAdminCreateUserApi { get; set; }
 
         [Display(Name = "Display app on website root")]
         public string RootAppId { get; set; }

BTCPayServer/Views/Server/Policies.cshtml

@@ -69,9 +69,9 @@
             <span asp-validation-for="DisableStoresToUseServerEmailSettings" class="text-danger"></span>
         </div>
         <div class="form-check">
-            <input asp-for="DisableUnauthenticatedUserApi" type="checkbox" class="form-check-input"/>
-            <label asp-for="DisableUnauthenticatedUserApi" class="form-check-label"></label>
-            <span asp-validation-for="DisableUnauthenticatedUserApi" class="text-danger"></span>
+            <input asp-for="DisableNonAdminCreateUserApi" type="checkbox" class="form-check-input"/>
+            <label asp-for="DisableNonAdminCreateUserApi" class="form-check-label"></label>
+            <span asp-validation-for="DisableNonAdminCreateUserApi" class="text-danger"></span>
         </div>
         @if (ViewBag.UpdateUrlPresent)
         {