mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-02-20 13:34:37 +01:00
Code Issues Projects Releases Packages Wiki Activity

Allow users with CanViewPaymentRequests to view payment requests (#5551)

Browse source
This commit is contained in:
d11n 2023-12-14 12:42:07 +01:00 committed by GitHub
parent 0e2379caa6
commit e3863ac076
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
BTCPayServer/Controllers/UIPaymentRequestController.cs
View file

@ -26,8 +26,8 @@ using StoreData = BTCPayServer.Data.StoreData;
namespace BTCPayServer.Controllers
{
[Authorize(Policy = Policies.CanModifyStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
[Route("payment-requests")]
[Authorize(Policy = Policies.CanViewPaymentRequests, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
public class UIPaymentRequestController : Controller
{
private readonly UIInvoiceController _InvoiceController;
@ -69,7 +69,6 @@ namespace BTCPayServer.Controllers
FormDataService = formDataService;
}
[HttpGet("/stores/{storeId}/payment-requests")]
[Authorize(Policy = Policies.CanViewPaymentRequests, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
public async Task<IActionResult> GetPaymentRequests(string storeId, ListPaymentRequestsViewModel model = null)
@ -363,6 +362,7 @@ namespace BTCPayServer.Controllers
}
[HttpGet("{payReqId}/cancel")]
[AllowAnonymous]
public async Task<IActionResult> CancelUnpaidPendingInvoice(string payReqId, bool redirect = true)
{
var result = await _PaymentRequestService.GetPaymentRequest(payReqId, GetUserId());