aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-18 14:34:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Censor based on permissions

Browse Source
This commit is contained in:
Kukks
2021-10-01 12:30:00 +02:00
committed by Andrew Camilleri
parent 7cad6302b7
commit a3c2a9ac61
8 changed files with 49 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
BTCPayServer.Tests/GreenfieldAPITests.cs
View File

@@ -1953,6 +1953,7 @@ namespace BTCPayServer.Tests
var admin = tester.NewAccount();
await admin.GrantAccessAsync(true);
var adminClient = await admin.CreateClient(Policies.Unrestricted);
var viewerOnlyClient = await admin.CreateClient(Policies.CanViewStoreSettings);
var store = await adminClient.GetStore(admin.StoreId);
Assert.Empty(await adminClient.GetStorePaymentMethods(store.Id));
@@ -1987,6 +1988,29 @@ namespace BTCPayServer.Tests
VerifyOnChain(methods);
methods = await viewerOnlyClient.GetStorePaymentMethods(store.Id);
VerifyLightning(methods);
await adminClient.UpdateStoreLightningNetworkPaymentMethod(store.Id, "BTC",
new UpdateLightningNetworkPaymentMethodRequest(
tester.GetLightningConnectionString(LightningConnectionType.CLightning, true), true));
methods = await viewerOnlyClient.GetStorePaymentMethods(store.Id);
Assert.True(methods.TryGetValue(new PaymentMethodId("BTC", PaymentTypes.LightningLike).ToStringNormalized(), out var item));
var lightningNetworkPaymentMethodBaseData =Assert.IsType<JObject>(item.Data).ToObject<LightningNetworkPaymentMethodBaseData>();
Assert.Equal("###", lightningNetworkPaymentMethodBaseData.ConnectionString);
methods = await adminClient.GetStorePaymentMethods(store.Id);
Assert.True(methods.TryGetValue(new PaymentMethodId("BTC", PaymentTypes.LightningLike).ToStringNormalized(), out item));
lightningNetworkPaymentMethodBaseData =Assert.IsType<JObject>(item.Data).ToObject<LightningNetworkPaymentMethodBaseData>();
Assert.NotEqual("###", lightningNetworkPaymentMethodBaseData.ConnectionString);
}
}

4
BTCPayServer/Controllers/GreenField/LocalBTCPayServerClient.cs
View File

@@ -878,9 +878,9 @@ namespace BTCPayServer.Controllers.GreenField
return Task.FromResult(GetFromActionResult<PermissionMetadata[]>(_homeController.Permissions()));
}
public override Task<Dictionary<string, GenericPaymentMethodData>> GetStorePaymentMethods(string storeId, bool? enabled = null, CancellationToken token = default)
public override async Task<Dictionary<string, GenericPaymentMethodData>> GetStorePaymentMethods(string storeId, bool? enabled = null, CancellationToken token = default)
{
return Task.FromResult(GetFromActionResult(_storePaymentMethodsController.GetStorePaymentMethods(storeId, enabled)));
return GetFromActionResult(await _storePaymentMethodsController.GetStorePaymentMethods(storeId, enabled));
}
public override async Task<OnChainPaymentMethodDataWithSensitiveData> GenerateOnChainWallet(string storeId, string cryptoCode, GenerateOnChainWalletRequest request,

12
BTCPayServer/Controllers/GreenField/StorePaymentMethodsController.cs
View File

@@ -1,10 +1,12 @@
#nullable enable
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using BTCPayServer.Abstractions.Constants;
using BTCPayServer.Client;
using BTCPayServer.Client.Models;
using BTCPayServer.Data;
using BTCPayServer.Security;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using StoreData = BTCPayServer.Data.StoreData;
@@ -17,20 +19,24 @@ namespace BTCPayServer.Controllers.GreenField
{
private StoreData Store => HttpContext.GetStoreData();
private readonly BTCPayNetworkProvider _btcPayNetworkProvider;
private readonly IAuthorizationService _authorizationService;
public StorePaymentMethodsController(BTCPayNetworkProvider btcPayNetworkProvider)
public StorePaymentMethodsController(BTCPayNetworkProvider btcPayNetworkProvider, IAuthorizationService authorizationService)
{
_btcPayNetworkProvider = btcPayNetworkProvider;
_authorizationService = authorizationService;
}
[Authorize(Policy = Policies.CanViewStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
[HttpGet("~/api/v1/stores/{storeId}/payment-methods")]
public ActionResult<Dictionary<string, GenericPaymentMethodData>> GetStorePaymentMethods(
public async Task<ActionResult<Dictionary<string, GenericPaymentMethodData>>> GetStorePaymentMethods(
string storeId,
[FromQuery] bool? enabled)
{
var storeBlob = Store.GetStoreBlob();
var excludedPaymentMethods = storeBlob.GetExcludedPaymentMethods();
var canModifyStore = (await _authorizationService.AuthorizeAsync(User, null,
new PolicyRequirement(Policies.CanModifyStoreSettings))).Succeeded;;
return Ok(Store.GetSupportedPaymentMethods(_btcPayNetworkProvider)
.Where(method =>
enabled is null || (enabled is false && excludedPaymentMethods.Match(method.PaymentId)))
@@ -40,7 +46,7 @@ namespace BTCPayServer.Controllers.GreenField
{
CryptoCode = method.PaymentId.CryptoCode,
Enabled = enabled.GetValueOrDefault(!excludedPaymentMethods.Match(method.PaymentId)),
Data = method.PaymentId.PaymentType.GetGreenfieldData(method)
Data = method.PaymentId.PaymentType.GetGreenfieldData(method, canModifyStore)
}));
}
}

2
BTCPayServer/Payments/PaymentTypes.Bitcoin.cs
View File

@@ -85,7 +85,7 @@ namespace BTCPayServer.Payments
}
public override string InvoiceViewPaymentPartialName { get; } = "Bitcoin/ViewBitcoinLikePaymentData";
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod)
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod, bool canModifyStore)
{
if (supportedPaymentMethod is DerivationSchemeSettings derivationSchemeSettings)
return new OnChainPaymentMethodBaseData()

12
BTCPayServer/Payments/PaymentTypes.Lightning.cs
View File

@@ -65,12 +65,20 @@ namespace BTCPayServer.Payments
}
public override string InvoiceViewPaymentPartialName { get; } = "Lightning/ViewLightningLikePaymentData";
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod)
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod, bool canModifyStore)
{
if (supportedPaymentMethod is LightningSupportedPaymentMethod lightningSupportedPaymentMethod)
return new LightningNetworkPaymentMethodBaseData()
{
ConnectionString = lightningSupportedPaymentMethod.GetDisplayableConnectionString()
ConnectionString = lightningSupportedPaymentMethod.IsInternalNode
?
lightningSupportedPaymentMethod.GetDisplayableConnectionString()
:
canModifyStore
? lightningSupportedPaymentMethod.GetDisplayableConnectionString()
:
"###"
};
return null;
}

2
BTCPayServer/Payments/PaymentTypes.cs
View File

@@ -81,7 +81,7 @@ namespace BTCPayServer.Payments
Money cryptoInfoDue, string serverUri);
public abstract string InvoiceViewPaymentPartialName { get; }
public abstract object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod);
public abstract object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod, bool canModifyStore);
public virtual bool IsPaymentType(string paymentType)
{

2
BTCPayServer/Services/Altcoins/Ethereum/Payments/EthereumPaymentType.cs
View File

@@ -53,7 +53,7 @@ namespace BTCPayServer.Services.Altcoins.Ethereum.Payments
}
public override string InvoiceViewPaymentPartialName { get; }= "Ethereum/ViewEthereumLikePaymentData";
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod)
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod, bool canModifyStore)
{
if (supportedPaymentMethod is EthereumSupportedPaymentMethod ethereumSupportedPaymentMethod)
{

2
BTCPayServer/Services/Altcoins/Monero/Payments/MoneroPaymentType.cs
View File

@@ -57,7 +57,7 @@ namespace BTCPayServer.Services.Altcoins.Monero.Payments
}
public override string InvoiceViewPaymentPartialName { get; } = "Monero/ViewMoneroLikePaymentData";
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod)
public override object GetGreenfieldData(ISupportedPaymentMethod supportedPaymentMethod, bool canModifyStore)
{
if (supportedPaymentMethod is MoneroSupportedPaymentMethod moneroSupportedPaymentMethod)
{