Commit Graph

96 Commits

Author SHA1 Message Date
Nicolas Dorier
04b8eafacb
Run dotnet format (#3244) 2021-12-31 16:59:02 +09:00
d11n
e2d0b7c5f7
Store centric UI: Part 3 (#3224)
* Set store context in cookie

* Fix page id usages in view

* Move Pay Button to nav

* Move integrations to plugins nav

* Store switch links to wallet if present

* Test fixes

* Nav fixes

* Fix altcoin view

* Main nav updates

* Wallet setttings nav update

* Move storeId cookie fallback to cookie auth handler

* View fixes

* Test fixes

* Fix profile check

* Rename integrations nav extension point to store-integrations-nav-list

* Allow strings for Active page/category for plugins

* Make invoice list filter based on store context

* Do not set context if we are running authorizer through tag helper

* Fix test and unfiltered invoices

* Add permission helper for wallet links

* Add sanity checks for payment requests and invoices

* Store context in home controller

* Fix PayjoinViaUI test

* Store context for notifications

* Minor UI improvements

* Store context for userstores and vault controller

* Bring back integrations page

* Rename notifications nav pages file

* Fix user stores controller policies

* Controller policy fixes from code review

* CookieAuthHandler: Simplify CanViewInvoices case

* Revert "Controller policy fixes from code review"

This reverts commit 97e8b8379c.

* Simplify LayoutSimple

* Fix CanViewInvoices condition

Co-authored-by: Kukks <evilkukka@gmail.com>
2021-12-31 16:36:38 +09:00
Nicolas Dorier
ed5b159fb6
Use ArgumentNullException.ThrowIfNull everywhere (#3239) 2021-12-28 17:39:54 +09:00
Nicolas Dorier
02419dcdd1
Migrate to .net6.0 (#3198) 2021-12-27 13:15:43 +09:00
d11n
4a66c91cac
Fix app permissions (#3227)
* Fix app permissions

As pointed out by @nicolasdorier [here](https://github.com/btcpayserver/btcpayserver/pull/3205#issuecomment-999437555).

* Fix for login codes view

* Ensure app belongs to store
2021-12-26 12:20:46 +09:00
Dennis Reimann
3a59e2a5c4 Cache resolved store items in HTTP context 2021-12-21 09:24:09 +01:00
Nicolas Dorier
c68141119c
[Greenfield] Send forbid 403 rather than empty results on /api/v1/stores (#3215) 2021-12-19 01:01:54 +09:00
Wouter Samaey
6de4f6a3ac
Mention the missing API permission in the response of a Greenfield request (#3195)
* Mention the missing API permission in the response header or body

* Fixes + Added a unit test. 1 TODO remains.

* Added MissingPermissionDescription to the error

* Update BTCPayServer.Tests/GreenfieldAPITests.cs

Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>

* Fix tests

* [GreenField]: Make sure we are sending fully typed errors

Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2021-12-16 23:04:06 +09:00
d11n
f8e6b51e9d
Store-centric UI (#3091)
* Update layout structure and header

* Implement store selector

* Simplify homepage

* Update layout

* Use dropdown for store selector

* Hide global nav in store context

* Horizontal section nav

* Remove outer section and container from content views

* Update nav

* Set store context for invoice and payment request lists

* Test fixes

* Persist menu collapse state on client-side

* MainNav as view component

* Update app routes to incorporate store context

* Test fixes

* Display ticker for altcoins build only

* Plugins nav

* Incorporate category for active page as well

* Update invoice icon

* Add apps list to nav

* Add store context to app type controllers

* Incorporate id for active page as well

* Test fixes

* AppsController cleanup

* Nav: Display only apps for the current store

* Remove leftover from merge

* Nav styles optimization

* Left-align content container

* Increase sidebar padding on desktop

* Use min-width for store selector menu

* Store settings nav update

* Update app and payment request routes

* Test fixes

* Refactor MainNav component to use StoresController

* Set store context for invoice actions

* Cleanups

* Remove CurrentStore checks

The response will be "Access denied" in case the CookieAuthorizationHandler cannot resolve the store.

* Remove unnecessary store context setters

* Test fix
2021-12-11 12:32:23 +09:00
Andrew Camilleri
fd75008499
Allow pull payments for store guests (#3128) 2021-12-08 00:40:24 +09:00
Kukks
0cd7380af0 Make CSP accessible to plugins 2021-09-27 08:45:55 +02:00
d11n
aac87539ae
Fix pay button CSP issue when using modal (#2872)
* Fix pay button CSP issue when using modal

Fixes #2864.

* Use event handler, refactor csp tags

* Fix script indentation

* Fix onsubmit event handler integration

Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
2021-09-12 20:31:35 +09:00
nicolas.dorier
ad7b62fa3d
Fix CSP when there is a theme 2021-09-10 00:14:26 +09:00
Nicolas Dorier
fc4e47cec6
Add CSP at the website level (#2863) 2021-09-09 21:51:28 +09:00
Andrew Camilleri
ba165ddd4f
Local Greenfield Client for Plugins (#2410)
* wip

* Local GreenField Client for Plugins

* support notification handlers being missing

* Initial support for scoped btcpay client

* test out scoped local client

* wip

* small fix

* Throw exception if using local greenfield client and it has not been implemented yet

* adapt based on new changes in BTCPay

* update

* fix tests

* Allow Local client to bypass authorization handler

* Add Misc endpoints to Local API Client

* Add new endpoints

* Apply code review changes
2021-07-27 21:11:47 +09:00
Umar Bolatov
d9935ada9d
Add "/api/v1/users/me" endpoint 2021-06-02 20:02:29 -07:00
Andrew Camilleri
5fe3c1c61f
U2fremove (#2496)
* Remove U2F support and JS

* fix final changes

* fix more final stuff
2021-04-28 16:22:09 +09:00
Andrew Camilleri
02bf5afe0b
Migrate existing U2F to Fido2 (#2484)
* Migrate existing U2F to Fido2

This seamlessly switches all u2f registrations over to the new FIDO2 support. Please note that I have not yet added a way to drop the u2f DB and its UI so that we can test the migration works properly for all.

* add testing logic

* fix u2f tests

* remove duplicate status message

* fix test and namespaces

* fix test
2021-04-28 13:14:15 +09:00
nicolas.dorier
af9d896510
Do not use Random 2021-03-23 17:53:23 +09:00
Andrew Camilleri
0652e30c30
GreenField: Notifications API (#2055)
* GreenField: Notifications API

This refactors notifications so that we dont have a bunch of duplicated direct access to db contexts in controllers and then introduces new endpoints to fetch/toggle seen/remove  notifications of the current user.

* add tests + docs

* fix test

* pr changes

* fix permission json
2020-12-11 23:11:08 +09:00
Kukks
179520a211 Plugins: Allow creation of independent DbContexts
This allows plugins to create custom dbcontexts, which would be namespaced in the scheme with a prefix. Migrations are supported too and the table would be prefixed too
2020-11-18 12:27:26 +01:00
Andrew Camilleri
5979fe5eef
BTCPay Extensions Part 2 (#2001)
* BTCPay Extensions Part 2

This PR cleans up the extension system a bit in that:
 * It renames the test extension to a more uniform name
 * Allows yo uto have system extensions, which are extensions but bundled by default with the release (and cannot be removed)
 * Adds a tool to help you generate an extension package from a csproj
 * Refactors the UI extension points to a view component
 * Moves some more interfaces to the Abstractions csproj

* Rename to plugins
2020-10-21 14:02:20 +02:00
Kukks
1cb3e5f98c Set roles when authenticating via greenfield
fixes #1855
2020-09-08 11:22:32 +02:00
Kukks
0e07fcc706 fixes and adapt 2020-08-28 09:00:14 +02:00
Kukks
7ca74aeea7 Add API Keys Application identifier
This lets the authorize api key screen redirect to the defined url  and provide it with the user id, permissions granted and the key.

This also allows apps to match existing api keys generated for it specifically using the application identifier, and if matched, presented with a confirmation page before redirection.
2020-08-28 09:00:13 +02:00
Kukks
4b392ad70a fail auth on incorrect basic auth value
fixes #1713
2020-07-13 08:35:13 +02:00
rockstardev
f88c02cccd Removing unused usings, readonly fields where possible 2020-06-28 22:07:48 -05:00
rockstardev
b6c7af32de Cleaning up bom from cs files 2020-06-28 21:44:35 -05:00
nicolas.dorier
51514252b6
Run dotnet format 2020-06-28 17:55:27 +09:00
Nicolas Dorier
dbb2924ccc
Fix: Create store could be called with a scoped store's modify apikey (#1696) 2020-06-27 15:34:03 +09:00
nicolas.dorier
16b5f70e4b
Fix permission on store's lightning server 2020-06-26 16:20:34 +09:00
Nicolas Dorier
8230a408ac
Add pull payment feature (#1639) 2020-06-24 10:34:09 +09:00
nicolas.dorier
f40a8853f6
Require Owner role to the store for modifying store via Greenfield 2020-06-12 18:26:20 +09:00
Andrew Camilleri
1e3f62718d
GreenField: Cross-implemenation Lightning Node API (#1566)
* GreenField: Cross-implemenation Lightning Node API

* switch to hard unrsstricted check

* fix

* set LightningPrivateRouteHints in swagger + stores api

* add priv route hint

* rename models and add swagger defs to models
2020-05-29 09:00:13 +09:00
Andrew Camilleri
5b3b96b372
GreenField: Payment Requests CRUD (#1430)
* GreenField: Payment Requests CRUD

* fixes

* fix swagger

* fix swag

* rebase fixes

* Add new permissions for payment requests

* Adapt PR to archive

* fix tst

* add to contains policxy

* make decimals returned as string due to avoid shitty language parsing issues

* do not register decimal json converter as global

* fix cultureinfo for json covnerter

* pr changes

* add json convertet test

* fix json test

* fix rebase
2020-05-20 02:59:23 +09:00
Kukks
b7c0e049b5 fix bug in permission store selector 2020-04-22 15:05:13 +02:00
Kukks
c6d75de3d7 GreenField: Switch to Blob for API Keys 2020-04-02 09:32:22 +02:00
nicolas.dorier
6d7b57ea3b
A api key can always revoke itself, add a route to delete any api key 2020-03-27 14:46:51 +09:00
nicolas.dorier
d219ba5d32
Split the greenfield authhandler in two classes 2020-03-27 13:06:41 +09:00
nicolas.dorier
afdee9d8a2
Move directories, rename controllers 2020-03-27 12:58:45 +09:00
nicolas.dorier
76818fa385
Rename API Keys folder to GreenField 2020-03-27 12:44:21 +09:00
nicolas.dorier
a926a5eedf
Fix warning 2020-03-26 22:56:30 +09:00
Kukks
56ba834ca2 Consolidate auth into one 2020-03-23 16:46:49 +01:00
Kukks
f8f358ebdb add to client, fix tests and doc 2020-03-20 17:14:47 +01:00
Kukks
9d99c32305 add basic auth for greenfield 2020-03-20 14:07:31 +01:00
nicolas.dorier
ad4dbdad6d
Fix the PermissionJsonConverter 2020-03-20 19:57:00 +09:00
nicolas.dorier
a0e638d500
Switch from System.Text.Json to Newtonsoft, typify the BTCPayServer.Client 2020-03-20 14:01:51 +09:00
nicolas.dorier
318d826694
Rename Permissions.Can.. to Policies.Can.. 2020-03-20 13:41:47 +09:00
nicolas.dorier
29a807696b
Refactor permissions of GreenField 2020-03-19 23:43:51 +09:00
Kukks
6e1f3989e8 remove special case 2020-03-18 08:10:35 +01:00