* fix: return 403 when unauthenticated user accesses an archived invoice receipt
* refactor: simplify archived invoice access check with pattern matching
* Return 404 for unauthorized users accessing archived invoice
Co-authored-by: d11n <mail@dennisreimann.de>
* feat: add archived invoice validation for unauthenticated access in Checkout and GetStatus
* test: add test case for unauthorized access to archived invoice returning not found
* test: add unauthorized checkout test for archived invoice
* Commenting code and adding test case for GetStatus
---------
Co-authored-by: d11n <mail@dennisreimann.de>
Co-authored-by: rockstardev <5191402+rockstardev@users.noreply.github.com>
* Invoices: Allow admin to see invoices of users
Fixes#6489. As discussed with @TChukwuleta, this succeeds and closes#6497.
* Invoices: Allow admin to see invoices of users
Fixes#6489. As discussed with @TChukwuleta, this succeeds and closes#6497.
* Update controller to allow admin access for basic invoice actions
* Fix divisibility in invoice details of lightning amounts
This PR will show 11 decimal in the invoice details for BTC amount
of lightning payment methods.
It also hacks around the fact that some
lightning clients don't create the requested amount of sats, which
resulted in over or under payments. (Blink not supporting msats, and
strike)
Now, In that case, a payment method fee (which can be negative) called tweak fee
will be added to the prompt.
We are also hiding this tweak fee from the user in the checkout page in
order to not disturb the UI with inconsequential fee of 0.000000001 sats.
* Only show 8 digits in checkout, even if amount is 11 digits
This is for the checkout page to properly redirect paid invoices with no payment methods (e.g. free invoices with zero amount) to either the receipt page or redirect URL. Only fall back to 404 if there is neither.
Fixes#6123.
* Search: Display text filters in search input
This changes the search text input to also display the filters, which don't have a special UI (e.g. dropdown). Those filters (e.g. orderid) were not displayed before and hence could not be reset.
Fixes#5984.
* Add and fix test
* Remove deprecated CSS options
Closes#5945.
* Greenfield: Add brandColor to store APIs
Closes#5946.
* Migrate file IDs to URLs
Closes#5953.
* Greenfield: Add CSS and logo URL to store settings API
Closes#5945.
* Add migration test
* Store and Server branding can reference file's via fileid:ID
* Add PaymentSoundUrl to Store API
---------
Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
* Support pluginable rate providers
This PR allows plugins to provide custom rate providers, that can be contextual to a store. For example, if you use the upcoming fiat offramp plugin, or the Blink plugin, you'll probably want to configure the fetch the rates from them since they are determining the actual fiat rrate to you. However, they require API keys. This PR enables these scenarios, even much more advanced ones, but for example:
* Install fiat offramp plugin
* Configure it
* You can now use the fiat offramp rate provider (no additional config steps beyond selecting the rate source from the select, or maybe the plugin would automatically set it for you once configured)
* Apply suggestions from code review
* Simplify
* Do not use BackgroundFetcherRateProvider for contextual rate prov
---------
Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
Once more an improvement for the receipt, which also fixes#5882:
- Unify data displayed on the web and print version
- Split cart and additional data and ensure additional data is displayed
- Do not display extra subtotal row if there are no tips or discounts
- Make PosData partial more universal and backwards-compatible by using case insensitive key lookups
* Prevent payment request to be created when a wallet is not set up
* Created an extension method for store wallet checks
* fix for invoice and payment request selenium test
* refactoring payment request controller
* removing unused variable
* Unify behaviour across controllers
---------
Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
* Store Branding: Refactoring and logo as favicon
- Encapsulates store branding properties into their own view model
- Uses the logo as favicon on public pages
* Refactorings
* Updates
