Limit selection to one store

2025-12-18 06:24:24 +01:00 · 2022-06-27 12:21:41 +02:00
parent 2b9cb4a257
commit 1bb35bf545
3 changed files with 18 additions and 24 deletions
--- a/BTCPayServer.Tests/ApiKeysTests.cs
+++ b/BTCPayServer.Tests/ApiKeysTests.cs
@@ -128,7 +128,7 @@ namespace BTCPayServer.Tests
            // No upfront store selection with only server settings
            s.GoToUrl(authUrl);
            Assert.Contains(appidentifier, s.Driver.PageSource);
-            Assert.False(s.Driver.FindElement(By.Id("SpecificStores")).Displayed);
+            Assert.False(s.Driver.FindElement(By.Id("StoreId")).Displayed);
            
            // Now with store settings
            authUrl = BTCPayServerClient.GenerateAuthorizeUri(s.ServerUri,
@@ -137,7 +137,7 @@ namespace BTCPayServer.Tests
            Assert.Contains(appidentifier, s.Driver.PageSource);
            
            // Select a store
-            var select = new SelectElement(s.Driver.FindElement(By.Id("SpecificStores")));
+            var select = new SelectElement(s.Driver.FindElement(By.Id("StoreId")));
            select.SelectByIndex(0);
            s.Driver.FindElement(By.Id("continue")).Click();
            
@@ -162,7 +162,7 @@ namespace BTCPayServer.Tests
            Assert.DoesNotContain("kukksappname", s.Driver.PageSource);

            // Select a store
-            select = new SelectElement(s.Driver.FindElement(By.Id("SpecificStores")));
+            select = new SelectElement(s.Driver.FindElement(By.Id("StoreId")));
            select.SelectByIndex(0);
            s.Driver.FindElement(By.Id("continue")).Click();

--- a/BTCPayServer/Controllers/UIManageController.APIKeys.cs
+++ b/BTCPayServer/Controllers/UIManageController.APIKeys.cs
@@ -300,7 +300,6 @@ namespace BTCPayServer.Controllers

        private void AdjustVMForAuthorization(AuthorizeApiKeysViewModel vm)
        {
-            var storeIds = vm.SpecificStores.ToArray();
            var permissions = vm.Permissions?.Split(';') ?? Array.Empty<string>();
            var permissionsWithStoreIDs = new List<string>();
            
@@ -310,16 +309,13 @@ namespace BTCPayServer.Controllers
            // so that permission for a specific store is parsed correctly
            foreach (var permission in permissions)
            {
-                if (!Policies.IsStorePolicy(permission) || storeIds.Length == 0)
+                if (!Policies.IsStorePolicy(permission) || string.IsNullOrEmpty(vm.StoreId))
                {
                    permissionsWithStoreIDs.Add(permission);
                }
                else
                {
-                    foreach (var t in storeIds)
-                    {
-                        permissionsWithStoreIDs.Add($"{permission}:{t}");
-                    }
+                    permissionsWithStoreIDs.Add($"{permission}:{vm.StoreId}");
                }
            }

@@ -581,7 +577,7 @@ namespace BTCPayServer.Controllers
            public string Permissions { get; set; }
            public string ApiKey { get; set; }
            public bool NeedsStorePermission { get; set; }
-            public List<string> SpecificStores { get; set; } = new ();
+            public string StoreId { get; set; }
        }

        public class ApiKeysViewModel
--- a/BTCPayServer/Views/UIManage/AuthorizeAPIKey.cshtml
+++ b/BTCPayServer/Views/UIManage/AuthorizeAPIKey.cshtml
@@ -3,13 +3,14 @@

@{
    var displayName = Model.ApplicationName ?? Model.ApplicationIdentifier;
+    var store = string.IsNullOrEmpty(Model.StoreId) ? null : Model.Stores.FirstOrDefault(s => s.Id == Model.StoreId);
    var permissions = Permission.ToPermissions(Model.Permissions.Split(';')).GroupBy(permission => permission.Policy);
    ViewData["Title"] = $"Authorize {displayName ?? "Application"}";
    Layout = "_LayoutWizard";
 }

@section Navbar {
-    @if (Model.NeedsStorePermission && Model.SpecificStores.Any())
+    @if (Model.NeedsStorePermission && store != null)
    {
        <form method="post" asp-action="AuthorizeAPIKey" class="back">
            <input type="hidden" asp-for="RedirectUrl" value="@Model.RedirectUrl"/>
@@ -45,7 +46,7 @@
    </header>
    <div asp-validation-summary="All" class="text-danger"></div>
    
-    @if (Model.NeedsStorePermission && !Model.SpecificStores.Any())
+    @if (Model.NeedsStorePermission && store == null)
    {
        @if (!Model.Stores.Any())
        {
@@ -57,9 +58,9 @@
        else
        {
            <div class="form-group">
-                <label asp-for="SpecificStores" class="form-label">Select the stores to grant permission for</label>
-                <select asp-for="SpecificStores" class="form-select" asp-items="@(new SelectList(Model.Stores, nameof(StoreData.Id), nameof(StoreData.StoreName)))" required></select>
-                <span asp-validation-for="SpecificStores" class="text-danger"></span>
+                <label asp-for="StoreId" class="form-label">Select the store to grant permission for</label>
+                <select asp-for="StoreId" class="form-select" asp-items="@(new SelectList(Model.Stores, nameof(StoreData.Id), nameof(StoreData.StoreName)))" required></select>
+                <span asp-validation-for="StoreId" class="text-danger"></span>
            </div>
            <div class="d-flex gap-3">
                <button class="btn btn-primary" name="command" id="continue" type="submit" value="SelectStores">Continue</button>
@@ -69,7 +70,7 @@
    }
    else
    {
-        <select hidden asp-for="SpecificStores" class="form-select" asp-items="@(new SelectList(Model.Stores, nameof(StoreData.Id), nameof(StoreData.StoreName)))"></select>
+        <input type="hidden" asp-for="StoreId" class="form-select"/>
        
        @if (Model.RedirectUrl != null)
        {
@@ -94,15 +95,12 @@
        }
        else
        {
-            if (Model.NeedsStorePermission && Model.SpecificStores.Any())
+            if (Model.NeedsStorePermission)
            {
-                <p class="mb-2">Store-based permissions will be applied for:</p>
-                <ul class="mb-4 ps-3">
-                    @foreach (var storeId in Model.SpecificStores)
-                    {
-                        <li>@Model.Stores.First(s => s.Id == storeId).StoreName</li>
-                    }
-                </ul>
+                <p class="mb-2">
+                    Store-based permissions will be applied for
+                    <strong>@store.StoreName</strong>
+                </p>
            }
            <div class="list-group list-group-flush mt-3">
                @for (var i = 0; i < Model.PermissionValues.Count; i++)