From 02e82a8fdfebdd6d5ff37f661784a589863ade78 Mon Sep 17 00:00:00 2001 From: Tiago Vasconcelos Date: Tue, 6 Dec 2022 16:08:21 +0000 Subject: [PATCH] fix add user and admins-WIP remove super user id from API --- lnbits/decorators.py | 7 +++ lnbits/extensions/admin/models.py | 2 +- .../admin/templates/admin/_tab_users.html | 16 ++++--- .../admin/templates/admin/index.html | 48 +++++++++++-------- lnbits/extensions/admin/views_api.py | 9 ++-- 5 files changed, 52 insertions(+), 30 deletions(-) diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 05019f15c..761e93afd 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -235,6 +235,8 @@ async def check_user_exists(usr: UUID4) -> User: if ( len(settings.lnbits_allowed_users) > 0 and g().user.id not in settings.lnbits_allowed_users + and g().user.id != settings.super_user + and g().user.id not in settings.lnbits_admin_users ): raise HTTPException( status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized." @@ -251,4 +253,9 @@ async def check_admin(usr: UUID4) -> User: detail="User not authorized. No admin privileges.", ) user.admin = True + user.super_user = False + if user.id == settings.super_user: + user.super_user = True + return user + diff --git a/lnbits/extensions/admin/models.py b/lnbits/extensions/admin/models.py index 5793ff2d6..52fb7921f 100644 --- a/lnbits/extensions/admin/models.py +++ b/lnbits/extensions/admin/models.py @@ -81,4 +81,4 @@ class UpdateSettings(BaseModel, extra=Extra.forbid): class AdminSettings(UpdateSettings): lnbits_allowed_funding_sources: Optional[List[str]] - super_user: Optional[str] + super_user: Optional[bool] diff --git a/lnbits/extensions/admin/templates/admin/_tab_users.html b/lnbits/extensions/admin/templates/admin/_tab_users.html index 4ae3f315e..b03b5b197 100644 --- a/lnbits/extensions/admin/templates/admin/_tab_users.html +++ b/lnbits/extensions/admin/templates/admin/_tab_users.html @@ -1,14 +1,14 @@
User Management
-
-

Super Admin: {{ settings.lnbits_admin_users[0] }}

+

Admin Users

+ {%raw%} - {{ user.id }} + {{ user }} + {%endraw%}

@@ -34,7 +36,7 @@

Allowed Users

{% raw %} --> u !== user) + let admin_users = this.formData.lnbits_admin_users + this.formData.lnbits_admin_users = admin_users.filter(u => u !== user) }, addAllowedUser() { - let addUser = this.formData.allowed_users_add - let allowed_users = this.settings.lnbits_allowed_users + let addUser = this.formAddUser + let allowed_users = this.formData.lnbits_allowed_users if (addUser && addUser.length && !allowed_users.includes(addUser)) { - allowed_users.push(addUser) - this.settings.lnbits_allowed_users = allowed_users - this.formData.allowed_users_add = '' + this.formData.lnbits_allowed_users = [...allowed_users, addUser] + this.formAddUser = '' } }, removeAllowedUser(user) { - let allowed_users = this.settings.lnbits_allowed_users - this.settings.lnbits_allowed_users = allowed_users.filter( + let allowed_users = this.formData.lnbits_allowed_users + this.formData.lnbits_allowed_users = allowed_users.filter( u => u !== user ) }, @@ -421,18 +425,21 @@ this.g.user.wallets[0].adminkey ) .then(response => { + this.isSuperUser = response.data.super_user || false this.settings = response.data this.formData = _.clone(this.settings) this.updateFundingData() + console.log(this.settings) }) .catch(function (error) { LNbits.utils.notifyApiError(error) }) }, updateSettings() { - let data = { - ...this.formData - } + let data = _.omit(this.formData, [ + 'super_user', + 'lnbits_allowed_funding_sources' + ]) LNbits.api .request( 'PUT', @@ -441,10 +448,12 @@ data ) .then(response => { + console.log(response) + if (response.status != 200) throw new Error('Request Failed') this.needsRestart = this.settings.lnbits_backend_wallet_class !== - response.data.settings.lnbits_backend_wallet_class - this.settings = response.data.settings + this.formData.lnbits_backend_wallet_class + this.settings = this.formData this.formData = _.clone(this.settings) this.updateFundingData() this.$q.notify({ @@ -454,6 +463,7 @@ }) }) .catch(function (error) { + console.error(error) LNbits.utils.notifyApiError(error) }) }, diff --git a/lnbits/extensions/admin/views_api.py b/lnbits/extensions/admin/views_api.py index 42887aed7..b3b45c337 100644 --- a/lnbits/extensions/admin/views_api.py +++ b/lnbits/extensions/admin/views_api.py @@ -6,6 +6,7 @@ from fastapi.params import Depends from starlette.exceptions import HTTPException from lnbits.core.crud import get_wallet +from lnbits.core.models import User from lnbits.decorators import check_admin from lnbits.extensions.admin import admin_ext from lnbits.extensions.admin.models import AdminSettings, UpdateSettings @@ -27,9 +28,11 @@ async def api_restart_server() -> dict[str, str]: return {"status": "Success"} -@admin_ext.get("/api/v1/settings/", dependencies=[Depends(check_admin)]) -async def api_get_settings() -> Optional[AdminSettings]: - return await get_admin_settings() +@admin_ext.get("/api/v1/settings/") +async def api_get_settings(user: User = Depends(check_admin)) -> Optional[AdminSettings]: + admin_settings = await get_admin_settings() + admin_settings.super_user = user.super_user + return admin_settings @admin_ext.put(