Greenfield: Admins can create/delete API keys of any user (#4680)

* Greenfield: Admins can create/delete API keys of any user * Greenfield: Improve doc for scoped apikey (Close #4673) * Fix permissions hierarchy * Update BTCPayServer.Client/Permissions.cs * Fix tests --------- Co-authored-by: Andrew Camilleri <evilkukka@gmail.com>
2025-12-17 14:04:26 +01:00 · 2023-02-24 16:19:03 +09:00
parent d14dafc871
commit 4ae05272c3
13 changed files with 401 additions and 169 deletions
--- a/BTCPayServer/Controllers/UIManageController.APIKeys.cs
+++ b/BTCPayServer/Controllers/UIManageController.APIKeys.cs
@@ -509,6 +509,7 @@ namespace BTCPayServer.Controllers
                    {Policies.Unrestricted, ("Unrestricted access", "The app will have unrestricted access to your account.")},
                    {Policies.CanViewUsers, ("View users", "The app will be able to see all users on this server.")},
                    {Policies.CanCreateUser, ("Create new users", "The app will be able to create new users on this server.")},
+                    {Policies.CanManageUsers, ("Manage users", "The app will be able to create/delete API keys for users.")},
                    {Policies.CanDeleteUser, ("Delete user", "The app will be able to delete the user to whom it is assigned. Admin users can delete any user without this permission.")},
                    {Policies.CanModifyStoreSettings, ("Modify your stores", "The app will be able to manage invoices on all your stores and modify their settings.")},
                    {$"{Policies.CanModifyStoreSettings}:", ("Manage selected stores", "The app will be able to manage invoices on the selected stores and modify their settings.")},