aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 06:24:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Users API: Add roles (#1914)

Browse Source 
* API: Fix create user response model

* API: Add roles to user data
This commit is contained in:
Dennis Reimann
2020-09-16 14:17:33 +02:00
committed by GitHub
parent 2711f2cb2f
commit 8ba852084e
4 changed files with 29 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer.Client/Models/ApplicationUserData.cs
View File

@@ -21,5 +21,10 @@ namespace BTCPayServer.Client.Models
/// whether the user needed to verify their email on account creation /// whether the user needed to verify their email on account creation
/// </summary> /// </summary>
public bool RequiresEmailConfirmation { get; set; } public bool RequiresEmailConfirmation { get; set; }
/// <summary>
/// the roles of the user
/// </summary>
public string[] Roles { get; set; }
} }
} }

9
BTCPayServer.Tests/GreenfieldAPITests.cs
View File

@@ -148,10 +148,13 @@ namespace BTCPayServer.Tests
// We have no admin, so it should work // We have no admin, so it should work
var user1 = await unauthClient.CreateUser( var user1 = await unauthClient.CreateUser(
new CreateApplicationUserRequest() { Email = "test@gmail.com", Password = "abceudhqw" }); new CreateApplicationUserRequest() { Email = "test@gmail.com", Password = "abceudhqw" });
Assert.Empty(user1.Roles);
// We have no admin, so it should work // We have no admin, so it should work
var user2 = await unauthClient.CreateUser( var user2 = await unauthClient.CreateUser(
new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" }); new CreateApplicationUserRequest() { Email = "test2@gmail.com", Password = "abceudhqw" });
Assert.Empty(user2.Roles);
// Duplicate email // Duplicate email
await AssertValidationError(new[] { "Email" }, await AssertValidationError(new[] { "Email" },
async () => await unauthClient.CreateUser( async () => await unauthClient.CreateUser(
@@ -164,7 +167,8 @@ namespace BTCPayServer.Tests
Password = "abceudhqw", Password = "abceudhqw",
IsAdministrator = true IsAdministrator = true
}); });
Assert.Contains("ServerAdmin", admin.Roles);
// Creating a new user without proper creds is now impossible (unauthorized) // Creating a new user without proper creds is now impossible (unauthorized)
// Because if registration are locked and that an admin exists, we don't accept unauthenticated connection // Because if registration are locked and that an admin exists, we don't accept unauthenticated connection
await AssertHttpError(401, await AssertHttpError(401,
@@ -560,6 +564,7 @@ namespace BTCPayServer.Tests
Assert.NotNull(apiKeyProfileUserData); Assert.NotNull(apiKeyProfileUserData);
Assert.Equal(apiKeyProfileUserData.Id, user.UserId); Assert.Equal(apiKeyProfileUserData.Id, user.UserId);
Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email); Assert.Equal(apiKeyProfileUserData.Email, user.RegisterDetails.Email);
Assert.Contains("ServerAdmin", apiKeyProfileUserData.Roles);
await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser()); await Assert.ThrowsAsync<HttpRequestException>(async () => await clientInsufficient.GetCurrentUser());
await clientServer.GetCurrentUser(); await clientServer.GetCurrentUser();

11
BTCPayServer/Controllers/GreenField/UsersController.cs
View File

@@ -58,7 +58,7 @@ namespace BTCPayServer.Controllers.GreenField
public async Task<ActionResult<ApplicationUserData>> GetCurrentUser() public async Task<ActionResult<ApplicationUserData>> GetCurrentUser()
{ {
var user = await _userManager.GetUserAsync(User); var user = await _userManager.GetUserAsync(User);
return FromModel(user); return await FromModel(user);
} }
[AllowAnonymous] [AllowAnonymous]
@@ -152,17 +152,20 @@ namespace BTCPayServer.Controllers.GreenField
} }
} }
_eventAggregator.Publish(new UserRegisteredEvent() { RequestUri = Request.GetAbsoluteRootUri(), User = user, Admin = request.IsAdministrator is true }); _eventAggregator.Publish(new UserRegisteredEvent() { RequestUri = Request.GetAbsoluteRootUri(), User = user, Admin = request.IsAdministrator is true });
return CreatedAtAction(string.Empty, user); var model = await FromModel(user);
return CreatedAtAction(string.Empty, model);
} }
private static ApplicationUserData FromModel(ApplicationUser data) private async Task<ApplicationUserData> FromModel(ApplicationUser data)
{ {
var roles = (await _userManager.GetRolesAsync(data)).ToArray();
return new ApplicationUserData() return new ApplicationUserData()
{ {
Id = data.Id, Id = data.Id,
Email = data.Email, Email = data.Email,
EmailConfirmed = data.EmailConfirmed, EmailConfirmed = data.EmailConfirmed,
RequiresEmailConfirmation = data.RequiresEmailConfirmation RequiresEmailConfirmation = data.RequiresEmailConfirmation,
Roles = roles
}; };
} }
} }

12
BTCPayServer/wwwroot/swagger/v1/swagger.template.users.json
View File

@@ -117,12 +117,12 @@
"properties": { "properties": {
"id": { "id": {
"type": "string", "type": "string",
"description": "The id of the new user", "description": "The id of the user",
"nullable": false "nullable": false
}, },
"email": { "email": {
"type": "string", "type": "string",
"description": "The email of the new user", "description": "The email of the user",
"nullable": false "nullable": false
}, },
"emailConfirmed": { "emailConfirmed": {
@@ -132,6 +132,14 @@
"requiresEmailConfirmation": { "requiresEmailConfirmation": {
"type": "boolean", "type": "boolean",
"description": "True if the email requires email confirmation to log in" "description": "True if the email requires email confirmation to log in"
},
"roles": {
"type": "array",
"nullable": false,
"items": {
"type": "string"
},
"description": "The roles of the user"
} }
} }
} }