Correctly check groups access and upgrade to 0.2 instructions

api_auth_docker/api-sample.properties

@@ -38,6 +38,7 @@ action_ln_newaddr=spender
 action_ots_stamp=spender
 action_ots_getfile=spender
 action_ln_getinvoice=spender
+action_ln_decodebolt11=spender
 action_ln_connectfund=spender
 
 # Admin can do what the spender can do, plus:

api_auth_docker/auth.sh

@@ -106,10 +106,10 @@ verify_group()
   eval ugroups='$ugroups_'$id
   trace "[verify_group] user groups=${ugroups}"
 
-  if [ $context = "s" ]; then
+  if [ ${context} = "s" ]; then
     # static files only accessible by a certain group
     needed_group=${action}
-  elif [ $context = "v0" ]; then
+  elif [ ${context} = "v0" ]; then
     # actual api calls
     # It is so much faster to include the keys here instead of grep'ing the file for key.
     . ./api.properties
@@ -118,10 +118,12 @@ verify_group()
 
   trace "[verify_group] needed_group=${needed_group}"
 
-
-  case "${ugroups}" in
-    *${needed_group}*) trace "[verify_group] Access granted"; return 0 ;;
-  esac
+  # If needed_group is empty, the action was not found in api.propeties.
+  if [ -n "${needed_group}" ]; then
+    case "${ugroups}" in
+      *${needed_group}*) trace "[verify_group] Access granted"; return 0 ;;
+    esac
+  fi
 
   trace "[verify_group] Access NOT granted"
   return 1