aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2026-01-31 11:54:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow users with CanViewPaymentRequests to view payment requests (#5551)

Browse Source
This commit is contained in:
d11n
2023-12-14 12:42:07 +01:00
committed by GitHub
parent 0e2379caa6
commit e3863ac076
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
BTCPayServer/Controllers/UIPaymentRequestController.cs
View File

@@ -26,8 +26,8 @@ using StoreData = BTCPayServer.Data.StoreData;
namespace BTCPayServer.Controllers
{
[Authorize(Policy = Policies.CanModifyStoreSettings, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
[Route("payment-requests")]
[Authorize(Policy = Policies.CanViewPaymentRequests, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
public class UIPaymentRequestController : Controller
{
private readonly UIInvoiceController _InvoiceController;
@@ -69,7 +69,6 @@ namespace BTCPayServer.Controllers
FormDataService = formDataService;
}
[HttpGet("/stores/{storeId}/payment-requests")]
[Authorize(Policy = Policies.CanViewPaymentRequests, AuthenticationSchemes = AuthenticationSchemes.Cookie)]
public async Task<IActionResult> GetPaymentRequests(string storeId, ListPaymentRequestsViewModel model = null)
@@ -363,6 +362,7 @@ namespace BTCPayServer.Controllers
}
[HttpGet("{payReqId}/cancel")]
[AllowAnonymous]
public async Task<IActionResult> CancelUnpaidPendingInvoice(string payReqId, bool redirect = true)
{
var result = await _PaymentRequestService.GetPaymentRequest(payReqId, GetUserId());