Allow Users to be disabled/enabled (#3639)

* Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2025-12-17 22:14:26 +01:00 · 2022-04-26 14:27:35 +02:00
parent 261a3ecee3
commit 273bc78db3
16 changed files with 290 additions and 61 deletions
--- a/BTCPayServer/Controllers/GreenField/GreenfieldUsersController.cs
+++ b/BTCPayServer/Controllers/GreenField/GreenfieldUsersController.cs
@@ -73,7 +73,20 @@ namespace BTCPayServer.Controllers.Greenfield
            }
            return UserNotFound();
        }
+        [Authorize(Policy = Policies.CanModifyServerSettings, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
+        [HttpPost("~/api/v1/users/{idOrEmail}/lock")]
+        public async Task<IActionResult> LockUser(string idOrEmail, LockUserRequest request )
+        {
+            var user = (await _userManager.FindByIdAsync(idOrEmail) ) ?? await _userManager.FindByEmailAsync(idOrEmail);
+            if (user is null)
+            {
+                return UserNotFound();
+            }

+            await _userService.ToggleUser(user.Id, request.Locked ? DateTimeOffset.MaxValue : null);
+            return Ok();
+        }
+        
        [Authorize(Policy = Policies.CanViewUsers, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
        [HttpGet("~/api/v1/users/")]
        public async Task<ActionResult<ApplicationUserData[]>> GetUsers()
@@ -219,7 +232,7 @@ namespace BTCPayServer.Controllers.Greenfield
            }

            // User shouldn't be deleted if it's the only admin
-            if (await IsUserTheOnlyOneAdmin(user))
+            if (await _userService.IsUserTheOnlyOneAdmin(user))
            {
                return Forbid(AuthenticationSchemes.GreenfieldBasic);
            }
@@ -236,21 +249,7 @@ namespace BTCPayServer.Controllers.Greenfield
            return UserService.FromModel(data, roles);
        }

-        private async Task<bool> IsUserTheOnlyOneAdmin()
-        {
-            return await IsUserTheOnlyOneAdmin(await _userManager.GetUserAsync(User));
-        }
-
-        private async Task<bool> IsUserTheOnlyOneAdmin(ApplicationUser user)
-        {
-            var isUserAdmin = await _userService.IsAdminUser(user);
-            if (!isUserAdmin)
-            {
-                return false;
-            }
-
-            return (await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count == 1;
-        }
+       

        private IActionResult UserNotFound()
        {