enhance fine grain permissions (#5502)

Co-authored-by: d11n <mail@dennisreimann.de>
2025-12-17 22:14:26 +01:00 · 2023-12-01 09:12:02 +01:00
parent 2c94a87be4
commit 605741182d
22 changed files with 167 additions and 71 deletions
--- a/BTCPayServer/Controllers/UIStoresController.cs
+++ b/BTCPayServer/Controllers/UIStoresController.cs
@@ -37,6 +37,7 @@ using StoreData = BTCPayServer.Data.StoreData;

 namespace BTCPayServer.Controllers
 {
+   
    [Route("stores")]
    [Authorize(AuthenticationSchemes = AuthenticationSchemes.Cookie)]
    [Authorize(Policy = Policies.CanModifyStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
@@ -127,6 +128,30 @@ namespace BTCPayServer.Controllers
        {
            get; set;
        }
+        
+        [AllowAnonymous]
+        [HttpGet("{storeId}/index")]
+        public async Task<IActionResult> Index(string storeId)
+        {
+            var userId = _UserManager.GetUserId(User);
+            if(userId is null)
+                return Forbid();
+            var store = await _Repo.FindStore(storeId, _UserManager.GetUserId(User));
+            if (store is null)
+            {
+                return Forbid();
+            }
+            if (store.GetPermissionSet(userId).Contains(Policies.CanModifyStoreSettings, storeId))
+            {
+                return RedirectToAction("Dashboard", new { storeId });
+            }
+            if (store.GetPermissionSet(userId).Contains(Policies.CanViewInvoices, storeId))
+            {
+                return RedirectToAction("ListInvoices", "UIInvoice", new { storeId });
+            }
+            HttpContext.SetStoreData(store);
+            return View();
+        }

        [HttpGet]
        [Route("{storeId}/users")]