mirror of
https://github.com/aljazceru/btcpayserver.git
synced 2025-12-18 06:24:24 +01:00
Add "/api/v1/users/me" endpoint
This commit is contained in:
Umar Bolatov
@@ -24,7 +24,7 @@ namespace BTCPayServer.Client
|
|||||||
public const string CanManageNotificationsForUser = "btcpay.user.canmanagenotificationsforuser";
|
public const string CanManageNotificationsForUser = "btcpay.user.canmanagenotificationsforuser";
|
||||||
public const string CanViewNotificationsForUser = "btcpay.user.canviewnotificationsforuser";
|
public const string CanViewNotificationsForUser = "btcpay.user.canviewnotificationsforuser";
|
||||||
public const string CanCreateUser = "btcpay.server.cancreateuser";
|
public const string CanCreateUser = "btcpay.server.cancreateuser";
|
||||||
public const string CanDeleteUser = "btcpay.server.candeleteuser";
|
public const string CanDeleteUser = "btcpay.user.candeleteuser";
|
||||||
public const string CanManagePullPayments = "btcpay.store.canmanagepullpayments";
|
public const string CanManagePullPayments = "btcpay.store.canmanagepullpayments";
|
||||||
public const string Unrestricted = "unrestricted";
|
public const string Unrestricted = "unrestricted";
|
||||||
public static IEnumerable<string> AllPolicies
|
public static IEnumerable<string> AllPolicies
|
||||||
|
|||||||
@@ -79,6 +79,21 @@ namespace BTCPayServer.Controllers.GreenField
|
|||||||
return await FromModel(user);
|
return await FromModel(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Authorize(Policy = Policies.CanDeleteUser, AuthenticationSchemes = AuthenticationSchemes.Greenfield)]
|
||||||
|
[HttpDelete("~/api/v1/users/me")]
|
||||||
|
public async Task<ActionResult<ApplicationUserData>> DeleteCurrentUser()
|
||||||
|
{
|
||||||
|
// Don't want to allow the user to delete themselves if they are the only admin
|
||||||
|
if (await IsUserTheOnlyOneAdmin()) {
|
||||||
|
return Forbid(AuthenticationSchemes.GreenfieldBasic);
|
||||||
|
}
|
||||||
|
|
||||||
|
var user = await _userManager.GetUserAsync(User);
|
||||||
|
await _userService.DeleteUserAndAssociatedData(user);
|
||||||
|
|
||||||
|
return Ok();
|
||||||
|
}
|
||||||
|
|
||||||
[AllowAnonymous]
|
[AllowAnonymous]
|
||||||
[HttpPost("~/api/v1/users")]
|
[HttpPost("~/api/v1/users")]
|
||||||
public async Task<IActionResult> CreateUser(CreateApplicationUserRequest request, CancellationToken cancellationToken = default)
|
public async Task<IActionResult> CreateUser(CreateApplicationUserRequest request, CancellationToken cancellationToken = default)
|
||||||
@@ -206,7 +221,7 @@ namespace BTCPayServer.Controllers.GreenField
|
|||||||
}
|
}
|
||||||
|
|
||||||
// User shouldn't be deleted if it's the only admin
|
// User shouldn't be deleted if it's the only admin
|
||||||
if ((await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count == 1)
|
if (await IsUserTheOnlyOneAdmin(user))
|
||||||
{
|
{
|
||||||
return Forbid(AuthenticationSchemes.GreenfieldBasic);
|
return Forbid(AuthenticationSchemes.GreenfieldBasic);
|
||||||
}
|
}
|
||||||
@@ -245,5 +260,20 @@ namespace BTCPayServer.Controllers.GreenField
|
|||||||
Created = data.Created
|
Created = data.Created
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private async Task<bool> IsUserTheOnlyOneAdmin()
|
||||||
|
{
|
||||||
|
return await IsUserTheOnlyOneAdmin(await _userManager.GetUserAsync(User));
|
||||||
|
}
|
||||||
|
|
||||||
|
private async Task<bool> IsUserTheOnlyOneAdmin(ApplicationUser user)
|
||||||
|
{
|
||||||
|
var isUserAdmin = await _userService.IsAdminUser(user);
|
||||||
|
if (!isUserAdmin) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return (await _userManager.GetUsersInRoleAsync(Roles.ServerAdmin)).Count == 1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -470,7 +470,7 @@ namespace BTCPayServer.Controllers
|
|||||||
{
|
{
|
||||||
{BTCPayServer.Client.Policies.Unrestricted, ("Unrestricted access", "The app will have unrestricted access to your account.")},
|
{BTCPayServer.Client.Policies.Unrestricted, ("Unrestricted access", "The app will have unrestricted access to your account.")},
|
||||||
{BTCPayServer.Client.Policies.CanCreateUser, ("Create new users", "The app will be able to create new users on this server.")},
|
{BTCPayServer.Client.Policies.CanCreateUser, ("Create new users", "The app will be able to create new users on this server.")},
|
||||||
{BTCPayServer.Client.Policies.CanDeleteUser, ("Delete users", "The app will be able to delete users on this server.")},
|
{BTCPayServer.Client.Policies.CanDeleteUser, ("Delete user", "The app will be able to delete the user to whom it is assigned. Admin users can delete any user without this permission.")},
|
||||||
{BTCPayServer.Client.Policies.CanModifyStoreSettings, ("Modify your stores", "The app will be able to view, modify, delete and create new invoices on all your stores.")},
|
{BTCPayServer.Client.Policies.CanModifyStoreSettings, ("Modify your stores", "The app will be able to view, modify, delete and create new invoices on all your stores.")},
|
||||||
{$"{BTCPayServer.Client.Policies.CanModifyStoreSettings}:", ("Manage selected stores", "The app will be able to view, modify, delete and create new invoices on the selected stores.")},
|
{$"{BTCPayServer.Client.Policies.CanModifyStoreSettings}:", ("Manage selected stores", "The app will be able to view, modify, delete and create new invoices on the selected stores.")},
|
||||||
{BTCPayServer.Client.Policies.CanModifyStoreWebhooks, ("Modify stores webhooks", "The app will modify the webhooks of all your stores.")},
|
{BTCPayServer.Client.Policies.CanModifyStoreWebhooks, ("Modify stores webhooks", "The app will modify the webhooks of all your stores.")},
|
||||||
|
|||||||
@@ -93,6 +93,7 @@ namespace BTCPayServer.Security.GreenField
|
|||||||
case Policies.CanViewNotificationsForUser:
|
case Policies.CanViewNotificationsForUser:
|
||||||
case Policies.CanModifyProfile:
|
case Policies.CanModifyProfile:
|
||||||
case Policies.CanViewProfile:
|
case Policies.CanViewProfile:
|
||||||
|
case Policies.CanDeleteUser:
|
||||||
case Policies.Unrestricted:
|
case Policies.Unrestricted:
|
||||||
success = context.HasPermission(Permission.Create(policy), requiredUnscoped);
|
success = context.HasPermission(Permission.Create(policy), requiredUnscoped);
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -28,6 +28,27 @@
|
|||||||
"Basic": []
|
"Basic": []
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"delete": {
|
||||||
|
"tags": [
|
||||||
|
"Users"
|
||||||
|
],
|
||||||
|
"summary": "Deletes user profile",
|
||||||
|
"description": "Deletes user profile and associated user data for user making the request",
|
||||||
|
"operationId": "Users_DeleteCurrentUser",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "User and associated data deleted successfully"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"security": [
|
||||||
|
{
|
||||||
|
"API Key": [
|
||||||
|
"btcpay.user.candeleteuser"
|
||||||
|
],
|
||||||
|
"Basic": []
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/api/v1/users": {
|
"/api/v1/users": {
|
||||||
@@ -140,14 +161,7 @@
|
|||||||
"description": "User with provided ID was not found"
|
"description": "User with provided ID was not found"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"security": [
|
"security": []
|
||||||
{
|
|
||||||
"API Key": [
|
|
||||||
"btcpay.server.candeleteuser"
|
|
||||||
],
|
|
||||||
"Basic": []
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user