aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 14:34:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow Users to be disabled/enabled (#3639)

Browse Source 
* Allow Users to be disabled/enabled

* rebrand to locked for api

* Update BTCPayServer/Views/UIAccount/Lockout.cshtml

Co-authored-by: d11n <mail@dennisreimann.de>

* fix docker compose and an uneeded check in api handler

* fix

* Add enabled user test

Co-authored-by: d11n <mail@dennisreimann.de>
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
This commit is contained in:
Andrew Camilleri
2022-04-26 14:27:35 +02:00
committed by GitHub
parent 261a3ecee3
commit 273bc78db3
16 changed files with 290 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
BTCPayServer/Services/UserService.cs
View File

@@ -7,37 +7,35 @@ using BTCPayServer.Client.Models;
using BTCPayServer.Data;
using BTCPayServer.Services.Stores;
using BTCPayServer.Storage.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
namespace BTCPayServer.Services
{
public class UserService
{
private readonly UserManager<ApplicationUser> _userManager;
private readonly IAuthorizationService _authorizationService;
private readonly StoredFileRepository _storedFileRepository;
private readonly FileService _fileService;
private readonly StoreRepository _storeRepository;
private readonly ApplicationDbContextFactory _applicationDbContextFactory;
private readonly ILogger<UserService> _logger;
public UserService(
UserManager<ApplicationUser> userManager,
IAuthorizationService authorizationService,
StoredFileRepository storedFileRepository,
FileService fileService,
StoreRepository storeRepository,
ApplicationDbContextFactory applicationDbContextFactory
)
ApplicationDbContextFactory applicationDbContextFactory,
ILogger<UserService> logger)
{
_userManager = userManager;
_authorizationService = authorizationService;
_storedFileRepository = storedFileRepository;
_fileService = fileService;
_storeRepository = storeRepository;
_applicationDbContextFactory = applicationDbContextFactory;
_logger = logger;
}
public async Task<List<ApplicationUserData>> GetUsersWithRoles()
@@ -57,10 +55,40 @@ namespace BTCPayServer.Services
EmailConfirmed = data.EmailConfirmed,
RequiresEmailConfirmation = data.RequiresEmailConfirmation,
Created = data.Created,
Roles = roles
Roles = roles,
Disabled = data.LockoutEnabled && data.LockoutEnd is not null && DateTimeOffset.UtcNow < data.LockoutEnd.Value.UtcDateTime
};
}
private bool IsDisabled(ApplicationUser user)
{
return user.LockoutEnabled && user.LockoutEnd is not null &&
DateTimeOffset.UtcNow < user.LockoutEnd.Value.UtcDateTime;
}
public async Task ToggleUser(string userId, DateTimeOffset? lockedOutDeadline)
{
var user = await _userManager.FindByIdAsync(userId);
if (user is null)
{
return;
}
if (lockedOutDeadline is not null)
{
await _userManager.SetLockoutEnabledAsync(user, true);
}
var res = await _userManager.SetLockoutEndDateAsync(user, lockedOutDeadline);
if (res.Succeeded)
{
_logger.LogInformation($"User {user.Id} is now {(lockedOutDeadline is null ? "unlocked" : "locked")}");
}
else
{
_logger.LogError($"Failed to set lockout for user {user.Id}");
}
}
public async Task<bool> IsAdminUser(string userId)
{
return IsRoleAdmin(await _userManager.GetRolesAsync(new ApplicationUser() { Id = userId }));
@@ -89,5 +117,17 @@ namespace BTCPayServer.Services
{
return roles.Contains(Roles.ServerAdmin, StringComparer.Ordinal);
}
public async Task<bool> IsUserTheOnlyOneAdmin(ApplicationUser user)
{
var isUserAdmin = await IsAdminUser(user);
if (!isUserAdmin)
{
return false;
}
return (await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count(applicationUser => !IsDisabled(applicationUser)) == 1;
}
}
}