aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-17 14:04:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

clean and remove hack

Browse Source
This commit is contained in:
Kukks
2020-08-28 09:15:08 +02:00
parent 0e07fcc706
commit 6a8dbf49da
2 changed files with 61 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
BTCPayServer.Client/BTCPayServerClient.cs
View File

@@ -103,7 +103,7 @@ namespace BTCPayServer.Client
return request;
}
private static void AppendPayloadToQuery(UriBuilder uri, KeyValuePair<string, object> keyValuePair)
public static void AppendPayloadToQuery(UriBuilder uri, KeyValuePair<string, object> keyValuePair)
{
if (uri.Query.Length > 1)
uri.Query += "&";
@@ -126,7 +126,7 @@ namespace BTCPayServer.Client
uri.Query = uri.Query.Trim('&');
}
private static void AppendPayloadToQuery(UriBuilder uri, Dictionary<string, object> payload)
public static void AppendPayloadToQuery(UriBuilder uri, Dictionary<string, object> payload)
{
if (uri.Query.Length > 1)
uri.Query += "&";

35
BTCPayServer/Controllers/ManageController.APIKeys.cs
View File

@@ -104,8 +104,6 @@ namespace BTCPayServer.Controllers
{
UserId = new[] {_userManager.GetUserId(User)}
});
if (keys.Any())
{
foreach (var key in keys)
{
var blob = key.GetBlob();
@@ -115,8 +113,10 @@ namespace BTCPayServer.Controllers
{
continue;
}
//matched the identifier and authority, but we need to check if what the app is requesting in terms of permissions is enough
var alreadyPresentPermissions = Permission.ToPermissions(blob.Permissions).GroupBy(permission => permission.Policy);
var alreadyPresentPermissions = Permission.ToPermissions(blob.Permissions)
.GroupBy(permission => permission.Policy);
var fail = false;
foreach (var permission in requestPermissions.GroupBy(permission => permission.Policy))
{
@@ -130,16 +130,19 @@ namespace BTCPayServer.Controllers
if (Policies.IsStorePolicy(permission.Key))
{
if (!selectiveStores && permission.Any(permission1 => !string.IsNullOrEmpty(permission1.Scope)))
if (!selectiveStores &&
permission.Any(permission1 => !string.IsNullOrEmpty(permission1.Scope)))
{
TempData.SetStatusMessageModel(new StatusMessageModel()
{
Severity = StatusMessageModel.StatusSeverity.Error,
Message = "Cannot request specific store permission when selectiveStores is not enable"
Message =
"Cannot request specific store permission when selectiveStores is not enable"
});
return RedirectToAction("APIKeys");
}else if (!selectiveStores && presentPermission.Any(permission1 =>
}
else if (!selectiveStores && presentPermission.Any(permission1 =>
!string.IsNullOrEmpty(permission1.Scope)))
{
fail = true;
@@ -157,15 +160,16 @@ namespace BTCPayServer.Controllers
return View("Confirm",
new ConfirmModel()
{
Title = $"Are you sure about exposing your API Key to {applicationName??applicationIdentifier}?",
Description = $"You've previously generated this API Key ({key.Id}) specifically for {applicationName??applicationIdentifier} with the url {redirect}. ",
Title =
$"Are you sure about exposing your API Key to {applicationName ?? applicationIdentifier}?",
Description =
$"You've previously generated this API Key ({key.Id}) specifically for {applicationName ?? applicationIdentifier} with the url {redirect}. ",
ActionUrl = GetRedirectToApplicationUrl(redirect, key),
ButtonClass = "btn-secondary",
Action = "Confirm"
});
}
}
}
var vm = await SetViewModelValues(new AuthorizeApiKeysViewModel()
{
@@ -256,7 +260,7 @@ namespace BTCPayServer.Controllers
case "no":
return RedirectToAction("APIKeys");
case "yes":
var key = await CreateKey(viewModel, (viewModel.ApplicationIdentifier, viewModel.RedirectUrl.Authority));
var key = await CreateKey(viewModel, (viewModel.ApplicationIdentifier, viewModel.RedirectUrl?.Authority));
if (viewModel.RedirectUrl != null)
{
@@ -278,16 +282,11 @@ namespace BTCPayServer.Controllers
{
var uri = new UriBuilder(redirect);
var permissions = key.GetBlob().Permissions;
uri.AppendPayloadToQuery(new Dictionary<string, object>()
{
{"key", key.Id}, {"permissions",permissions}, {"user", key.UserId}
});
//uri builder has bug around string[] params
return uri.Uri.ToStringInvariant().Replace("permissions=System.String%5B%5D",
string.Join("&", permissions.Select(s1 => $"permissions={s1}")), StringComparison.InvariantCulture);
BTCPayServerClient.AppendPayloadToQuery(uri,
new Dictionary<string, object>() {{"key", key.Id}, {"permissions", permissions}, {"user", key.UserId}});
return uri.Uri.AbsoluteUri;
}
[HttpPost]
public async Task<IActionResult> AddApiKey(AddApiKeyViewModel viewModel)
{