aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 22:44:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make sure the create user is respecting the disable-registration settings

Browse Source
This commit is contained in:
nicolas.dorier
2020-03-19 13:30:53 +09:00
parent ab74013a05
commit 2105b44610
3 changed files with 22 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
BTCPayServer.Tests/BTCPayServerTester.cs
View File

@@ -95,7 +95,8 @@ namespace BTCPayServer.Tests
public HashSet<string> Chains { get; set; } = new HashSet<string>(){"BTC"}; public HashSet<string> Chains { get; set; } = new HashSet<string>(){"BTC"};
public bool UseLightning { get; set; } public bool UseLightning { get; set; }
public bool AllowAdminRegistration { get; set; } = true;
public bool DisableRegistration { get; set; } = false;
public async Task StartAsync() public async Task StartAsync()
{ {
if (!Directory.Exists(_Directory)) if (!Directory.Exists(_Directory))
@@ -137,7 +138,8 @@ namespace BTCPayServer.Tests
config.AppendLine($"lbtc.explorer.url={LBTCNBXplorerUri.AbsoluteUri}"); config.AppendLine($"lbtc.explorer.url={LBTCNBXplorerUri.AbsoluteUri}");
config.AppendLine($"lbtc.explorer.cookiefile=0"); config.AppendLine($"lbtc.explorer.cookiefile=0");
} }
config.AppendLine("allow-admin-registration=1"); if (AllowAdminRegistration)
config.AppendLine("allow-admin-registration=1");
config.AppendLine($"torrcfile={TestUtils.GetTestDataFullPath("Tor/torrc")}"); config.AppendLine($"torrcfile={TestUtils.GetTestDataFullPath("Tor/torrc")}");
config.AppendLine($"debuglog=debug.log"); config.AppendLine($"debuglog=debug.log");
@@ -161,7 +163,7 @@ namespace BTCPayServer.Tests
HttpClient = new HttpClient(); HttpClient = new HttpClient();
HttpClient.BaseAddress = ServerUri; HttpClient.BaseAddress = ServerUri;
Environment.SetEnvironmentVariable("ASPNETCORE_ENVIRONMENT", "Development"); Environment.SetEnvironmentVariable("ASPNETCORE_ENVIRONMENT", "Development");
var conf = new DefaultConfiguration() { Logger = Logs.LogProvider.CreateLogger("Console") }.CreateConfiguration(new[] { "--datadir", _Directory, "--conf", confPath, "--disable-registration", "false" }); var conf = new DefaultConfiguration() { Logger = Logs.LogProvider.CreateLogger("Console") }.CreateConfiguration(new[] { "--datadir", _Directory, "--conf", confPath, "--disable-registration", DisableRegistration ? "true" : "false" });
_Host = new WebHostBuilder() _Host = new WebHostBuilder()
.UseConfiguration(conf) .UseConfiguration(conf)
.UseContentRoot(FindBTCPayServerDirectory()) .UseContentRoot(FindBTCPayServerDirectory())

15
BTCPayServer.Tests/GreenfieldAPITests.cs
View File

@@ -61,6 +61,7 @@ namespace BTCPayServer.Tests
{ {
using (var tester = ServerTester.Create(newDb: true)) using (var tester = ServerTester.Create(newDb: true))
{ {
tester.PayTester.DisableRegistration = true;
await tester.StartAsync(); await tester.StartAsync();
var unauthClient = new BTCPayServerClient(tester.PayTester.ServerUri); var unauthClient = new BTCPayServerClient(tester.PayTester.ServerUri);
await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest())); await AssertHttpError(400, async () => await unauthClient.CreateUser(new CreateApplicationUserRequest()));
@@ -133,8 +134,9 @@ namespace BTCPayServer.Tests
[Trait("Integration", "Integration")] [Trait("Integration", "Integration")]
public async Task UsersControllerTests() public async Task UsersControllerTests()
{ {
using (var tester = ServerTester.Create()) using (var tester = ServerTester.Create(newDb: true))
{ {
tester.PayTester.DisableRegistration = true;
await tester.StartAsync(); await tester.StartAsync();
var user = tester.NewAccount(); var user = tester.NewAccount();
user.GrantAccess(); user.GrantAccess();
@@ -152,12 +154,11 @@ namespace BTCPayServer.Tests
await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser()); await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());
await clientServer.GetCurrentUser(); await clientServer.GetCurrentUser();
// TODO: Disabling this check for now because it conflicts with expecation in line 120 await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest()
//await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.CreateUser(new CreateApplicationUserRequest() {
//{ Email = $"{Guid.NewGuid()}@g.com",
// Email = $"{Guid.NewGuid()}@g.com", Password = Guid.NewGuid().ToString()
// Password = Guid.NewGuid().ToString() }));
//}));
var newUser = await clientServer.CreateUser(new CreateApplicationUserRequest() var newUser = await clientServer.CreateUser(new CreateApplicationUserRequest()
{ {

12
BTCPayServer/Controllers/RestApi/Users/UsersController.cs
View File

@@ -30,6 +30,7 @@ namespace BTCPayServer.Controllers.RestApi.Users
private readonly EventAggregator _eventAggregator; private readonly EventAggregator _eventAggregator;
private readonly IPasswordValidator<ApplicationUser> _passwordValidator; private readonly IPasswordValidator<ApplicationUser> _passwordValidator;
private readonly RateLimitService _throttleService; private readonly RateLimitService _throttleService;
private readonly BTCPayServerOptions _options;
private readonly IAuthorizationService _authorizationService; private readonly IAuthorizationService _authorizationService;
public UsersController(UserManager<ApplicationUser> userManager, BTCPayServerOptions btcPayServerOptions, public UsersController(UserManager<ApplicationUser> userManager, BTCPayServerOptions btcPayServerOptions,
@@ -37,6 +38,7 @@ namespace BTCPayServer.Controllers.RestApi.Users
EventAggregator eventAggregator, EventAggregator eventAggregator,
IPasswordValidator<ApplicationUser> passwordValidator, IPasswordValidator<ApplicationUser> passwordValidator,
NicolasDorier.RateLimits.RateLimitService throttleService, NicolasDorier.RateLimits.RateLimitService throttleService,
Configuration.BTCPayServerOptions options,
IAuthorizationService authorizationService) IAuthorizationService authorizationService)
{ {
_userManager = userManager; _userManager = userManager;
@@ -46,6 +48,7 @@ namespace BTCPayServer.Controllers.RestApi.Users
_eventAggregator = eventAggregator; _eventAggregator = eventAggregator;
_passwordValidator = passwordValidator; _passwordValidator = passwordValidator;
_throttleService = throttleService; _throttleService = throttleService;
_options = options;
_authorizationService = authorizationService; _authorizationService = authorizationService;
} }
@@ -140,9 +143,12 @@ namespace BTCPayServer.Controllers.RestApi.Users
await _userManager.AddToRoleAsync(user, Roles.ServerAdmin); await _userManager.AddToRoleAsync(user, Roles.ServerAdmin);
if (!anyAdmin) if (!anyAdmin)
{ {
// automatically lock subscriptions now that we have our first admin if (_options.DisableRegistration)
policies.LockSubscription = true; {
await _settingsRepository.UpdateSetting(policies); // automatically lock subscriptions now that we have our first admin
policies.LockSubscription = true;
await _settingsRepository.UpdateSetting(policies);
}
} }
} }
_eventAggregator.Publish(new UserRegisteredEvent() {Request = Request, User = user, Admin = request.IsAdministrator is true }); _eventAggregator.Publish(new UserRegisteredEvent() {Request = Request, User = user, Admin = request.IsAdministrator is true });