#nullable enable using System; using System.Collections.Generic; using System.Diagnostics.CodeAnalysis; using System.Linq; using System.Threading.Tasks; using BTCPayServer.Abstractions; using BTCPayServer.Abstractions.Extensions; using BTCPayServer.Client.Models; using BTCPayServer.Data; using BTCPayServer.Events; using BTCPayServer.Storage.Services; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc.Localization; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging; namespace BTCPayServer.Services { public class UserService { private readonly IServiceProvider _serviceProvider; private readonly StoredFileRepository _storedFileRepository; private readonly FileService _fileService; private readonly EventAggregator _eventAggregator; private readonly ApplicationDbContextFactory _applicationDbContextFactory; private readonly BTCPayServerSecurityStampValidator.DisabledUsers _disabledUsers; private readonly IEnumerable _loginExtensions; private readonly ILogger _logger; public UserService( IServiceProvider serviceProvider, StoredFileRepository storedFileRepository, FileService fileService, EventAggregator eventAggregator, ApplicationDbContextFactory applicationDbContextFactory, BTCPayServerSecurityStampValidator.DisabledUsers disabledUsers, IEnumerable loginExtensions, ILogger logger) { _serviceProvider = serviceProvider; _storedFileRepository = storedFileRepository; _fileService = fileService; _eventAggregator = eventAggregator; _applicationDbContextFactory = applicationDbContextFactory; _disabledUsers = disabledUsers; _loginExtensions = loginExtensions; _logger = logger; } public record ApplicationUserWithRoles(ApplicationUser User, string[] Roles); public async Task> GetUsersWithRoles() { await using var context = _applicationDbContextFactory.CreateContext(); var res = await context.Users.Select(p => new { User = p, Roles = p.UserRoles.Join(context.Roles, userRole => userRole.RoleId, role => role.Id, (userRole, role) => role.Name).ToArray() }) .ToListAsync(); return res.Select(p => new ApplicationUserWithRoles(p.User, (p.Roles ?? [])!)).ToList(); } public static async Task ForAPI( ApplicationUser data, string?[] roles, CallbackGenerator callbackGenerator, UriResolver uriResolver, HttpRequest request) where T : ApplicationUserData, new() { var blob = data.GetBlob() ?? new UserBlob(); return new T { Id = data.Id, Email = data.Email, EmailConfirmed = data.EmailConfirmed, RequiresEmailConfirmation = data.RequiresEmailConfirmation, Approved = data.Approved, RequiresApproval = data.RequiresApproval, Created = data.Created, Name = blob.Name, Roles = roles, Disabled = data.IsDisabled, ImageUrl = string.IsNullOrEmpty(blob.ImageUrl) ? null : await uriResolver.Resolve(request.GetAbsoluteRootUri(), UnresolvedUri.Create(blob.ImageUrl)), InvitationUrl = string.IsNullOrEmpty(blob.InvitationToken) ? null : callbackGenerator.ForInvitation(data.Id, blob.InvitationToken, request) }; } public class LoginFailure { public LoginFailure(LocalizedString text) { ArgumentNullException.ThrowIfNull(text); Text = text; } public LoginFailure(LocalizedString text, LocalizedHtmlString html) : this(text) { Html = html; } public LocalizedString Text { get; } public LocalizedHtmlString? Html { get; } public override string ToString() => Html?.ToString() ?? Text?.ToString() ?? ""; } public abstract class LoginExtension { public abstract Task Check(CanLoginContext context); } public class CanLoginContext( ApplicationUser? user, IStringLocalizer? stringLocalizer = null, IViewLocalizer? viewLocalizer = null, RequestBaseUrl? baseUrl = null) { public CanLoginContext Clone(ApplicationUser? user) => new(user, stringLocalizer, viewLocalizer, BaseUrl); public IStringLocalizer StringLocalizer { get; } = stringLocalizer ?? NullStringLocalizer.Instance; public IViewLocalizer ViewLocalizer { get; } = viewLocalizer ?? NullViewLocalizer.Instance; public RequestBaseUrl? BaseUrl { get; } = baseUrl; internal readonly ApplicationUser? _user = user; public ApplicationUser User => _user ?? throw new InvalidOperationException("User is not set"); public List Failures { get; } = new(); } public async Task CanLogin(CanLoginContext context) { if (context._user is null) { context.Failures.Add(new LoginFailure(context.StringLocalizer["User not found or invalid password"])); return false; } foreach (var loginExtension in _loginExtensions) { await loginExtension.Check(context); } return !context.Failures.Any(); } public class DefaultLoginExtension : LoginExtension { public override Task Check(CanLoginContext context) { if (context.User is { EmailConfirmed: false, RequiresEmailConfirmation: true }) context.Failures.Add(new(context.StringLocalizer["You must have a confirmed email to log in."])); if (context.User is { Approved: false, RequiresApproval: true }) context.Failures.Add(new(context.StringLocalizer["Your user account requires approval by an admin before you can log in."])); if (context.User is { IsDisabled: true }) context.Failures.Add(new(context.StringLocalizer["Your user account is currently disabled."])); return Task.CompletedTask; } } public async Task SetUserApproval(string userId, bool approved, string loginLink) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); var user = await userManager.FindByIdAsync(userId); if (user is null || !user.RequiresApproval || user.Approved == approved) { return false; } user.Approved = approved; var succeeded = await userManager.UpdateAsync(user) is { Succeeded: true }; if (succeeded) { _logger.LogInformation("User {Email} is now {Status}", user.Email, approved ? "approved" : "unapproved"); _eventAggregator.Publish(new UserEvent.Approved(user, loginLink)); } else { _logger.LogError("Failed to {Action} user {Email}", approved ? "approve" : "unapprove", user.Email); } return succeeded; } public async Task SetDisabled(string userId, bool disabled) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); var user = await userManager.FindByIdAsync(userId); if (user is null || disabled == user.IsDisabled) return true; if (!user.LockoutEnabled) await userManager.SetLockoutEnabledAsync(user, true); var lockedOutDeadline = disabled ? DateTimeOffset.MaxValue : (DateTimeOffset?)null; var res = await userManager.SetLockoutEndDateAsync(user, lockedOutDeadline); // Without this, the user won't be logged out automatically when his authentication ticket expires if (disabled) { await userManager.UpdateSecurityStampAsync(user); _disabledUsers.Add(userId); } else { _disabledUsers.Remove(userId); } if (res.Succeeded) { _logger.LogInformation("User {Email} is now {Status}", user.Email, (lockedOutDeadline is null ? "unlocked" : "locked")); } else { _logger.LogError("Failed to set lockout for user {Email}", user.Email); } return res.Succeeded; } [Obsolete("Use SetDisabled instead")] public async Task ToggleUser(string userId, DateTimeOffset? lockedOutDeadline) => await SetDisabled(userId, lockedOutDeadline is not null); public async Task IsAdminUser(ApplicationUser user) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); return Roles.HasServerAdmin(await userManager.GetRolesAsync(user)); } public async Task SetAdminUser(string userId, bool enableAdmin) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); var user = await userManager.FindByIdAsync(userId); if (user is null) return false; IdentityResult res; if (enableAdmin) { res = await userManager.AddToRoleAsync(user, Roles.ServerAdmin); } else { res = await userManager.RemoveFromRoleAsync(user, Roles.ServerAdmin); } if (res.Succeeded) { _logger.LogInformation("Successfully set admin status for user {Email}", user.Email); } else { _logger.LogError("Error setting admin status for user {Email}", user.Email); } return res.Succeeded; } public async Task DeleteUserAndAssociatedData(ApplicationUser user) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); var userId = user.Id; var files = await _storedFileRepository.GetFiles(new StoredFileRepository.FilesQuery() { UserIds = new[] { userId }, }); await Task.WhenAll(files.Select(file => _fileService.RemoveFile(file.Id, userId))); user = (await userManager.FindByIdAsync(userId))!; if (user is null) return; var res = await userManager.DeleteAsync(user); if (res.Succeeded) { _logger.LogInformation("User {Email} was successfully deleted", user.Email); } else { _logger.LogError("Failed to delete user {Email}", user.Email); } } public async Task IsUserTheOnlyOneAdmin(CanLoginContext canLoginContext) { using var scope = _serviceProvider.CreateScope(); var userManager = scope.ServiceProvider.GetRequiredService>(); var roles = await userManager.GetRolesAsync(canLoginContext.User); if (!Roles.HasServerAdmin(roles)) { return false; } var adminUsers = await userManager.GetUsersInRoleAsync(Roles.ServerAdmin); var enabledAdminUsers = new List(); foreach (var admin in adminUsers) { var loginContext = canLoginContext.Clone(admin); if (await CanLogin(loginContext)) enabledAdminUsers.Add(admin.Id); } return enabledAdminUsers.Count == 1 && enabledAdminUsers.Contains(canLoginContext.User.Id); } } }