* Introduce archive pull payment permission
* Add show qr option on pull payments
* Fix test
* update docs
* fix test
* Minor UI updates
* Update wording
---------
Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
* Adapt cookie auth to work with same API permission system
* Handle unscoped store permission case
* Do not consider Unscoped as a valid policy
* Add tests
* Refactor permissions scopes
---------
Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
* Greenfield: Admins can create/delete API keys of any user
* Greenfield: Improve doc for scoped apikey (Close#4673)
* Fix permissions hierarchy
* Update BTCPayServer.Client/Permissions.cs
* Fix tests
---------
Co-authored-by: Andrew Camilleri <evilkukka@gmail.com>
* Plugins: Add authorization hook
Makes the `PolicyRequirement` available to plugins.
Adds a filter hook to the authorization handlers, so that plugins can extend and leverage the existing authorization policies and permissions.
* Update to pass back and forth handle class
* WIP New APIs for dealing with custodians/exchanges
* Simplified things
* More API refinements + index.html file for quick viewing
* Finishing touches on spec
* Switched cryptoCode to paymentMethod as this allows us to differentiate between onchain and lightning
* Moved draft API docs to "/docs-draft"
* WIP baby steps
* Added DB migration for CustodianAccountData
* Rough but working POST /v1/api/custodian-account + GET /v1/api/custodian
* WIP + early Kraken API client
* Moved service registration to proper location
* Working create + list custodian accounts + permissions + WIP Kraken client
* Kraken API Balances call is working
* Added asset balances to response
* List Custodian Accounts call does not load assetBalances by default, because it can fail. Can be requested when needed.
* Call to get the details of 1 specific custodian account
* Added permissions to swagger
* Added "tradableAssetPairs" to Kraken custodian response + cache the tradable pairs in memory for 24 hours
* Removed unused file
* WIP + Moved files to better locations
* Updated docs
* Working API endpoint to get info on a trade (same response as creating a new trade)
* Working API endpoints for Deposit + Trade + untested Withdraw
* Delete custodian account
* Trading works, better error handling, cleanup
* Working withdrawals + New endpoint for getting bid/ask prices
* Completed withdrawals + new endpoint for getting info on a past withdrawal to simplify testing, Enums are output as strings,
* Better error handling when withdrawing to a wrong destination
* WithdrawalAddressName in config is now a string per currency (dictionary)
* Added TODOs
* Only show the custodian account "config" to users who are allowed
* Added the new permissions to the API Keys UI
* Renamed KrakenClient to KrakenExchange
* WIP Kraken Config Form
* Removed files for UI again, will make separate PR later
* Fixed docs + Refactored to use PaymentMethod more + Added "name" to custodian account + Using cancelationToken everywhere
* Updated withdrawal info docs
* First unit test
* Complete tests for /api/v1/custodians and /api/v1/custodian-accounts endpoints + Various improvements and fixes
* Mock custodian and more exceptions
* Many more tests + cleanup, moved files to better locations
* More tests
* WIP more tests
* Greenfield API tests complete
* Added missing "Name" column
* Cleanup, TODOs and beginning of Kraken Tests
* Added Kraken tests using public endpoints + handling of "SATS" currency
* Added 1st mocked Kraken API call: GetAssetBalancesAsync
* Added assert for bad config
* Mocked more Kraken API responses + added CreationDate to withdrawal response
* pr review club changes
* Make Kraken Custodian a plugin
* Re-added User-Agent header as it is required
* Fixed bug in market trade on Kraken using a percentage as qty
* A short delay so Kraken has the time to execute the market order and we don't fetch the details too quickly.
* Merged the draft swagger into the main swagger since it didn't work anymore
* Fixed API permissions test
* Removed 2 TODOs
* Fixed unit test
* Remove Kraken Api as it should be separate opt-in plugin
* Flatten namespace hierarchy and use InnerExeption instead of OriginalException
* Remove useless line
* Make sure account is from a specific store
* Proper error if custodian code not found
* Remove various warnings
* Remove various warnings
* Handle CustodianApiException through an exception filter
* Store custodian-account blob directly
* Remove duplications, transform methods into property
* Improve docs tags
* Make sure the custodianCode saved is canonical
* Fix test
Co-authored-by: Wouter Samaey <wouter.samaey@storefront.be>
Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
SInce CanModifyServerSettings can trivially modify any policy around lightning node sharing, it should automatically have access to the lightning node usage perm
* GreenField: Notifications API
This refactors notifications so that we dont have a bunch of duplicated direct access to db contexts in controllers and then introduces new endpoints to fetch/toggle seen/remove notifications of the current user.
* add tests + docs
* fix test
* pr changes
* fix permission json
* GreenField: Cross-implemenation Lightning Node API
* switch to hard unrsstricted check
* fix
* set LightningPrivateRouteHints in swagger + stores api
* add priv route hint
* rename models and add swagger defs to models
* GreenField: Payment Requests CRUD
* fixes
* fix swagger
* fix swag
* rebase fixes
* Add new permissions for payment requests
* Adapt PR to archive
* fix tst
* add to contains policxy
* make decimals returned as string due to avoid shitty language parsing issues
* do not register decimal json converter as global
* fix cultureinfo for json covnerter
* pr changes
* add json convertet test
* fix json test
* fix rebase
Builds on #1368
This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later)
It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later)
