mirror of
https://github.com/lnbits/lnbits.git
synced 2025-10-03 18:04:36 +02:00
fix add user and admins-WIP remove super user id from API
This commit is contained in:
Tiago Vasconcelos
@@ -235,6 +235,8 @@ async def check_user_exists(usr: UUID4) -> User:
|
|||||||
if (
|
if (
|
||||||
len(settings.lnbits_allowed_users) > 0
|
len(settings.lnbits_allowed_users) > 0
|
||||||
and g().user.id not in settings.lnbits_allowed_users
|
and g().user.id not in settings.lnbits_allowed_users
|
||||||
|
and g().user.id != settings.super_user
|
||||||
|
and g().user.id not in settings.lnbits_admin_users
|
||||||
):
|
):
|
||||||
raise HTTPException(
|
raise HTTPException(
|
||||||
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
|
status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
|
||||||
@@ -251,4 +253,9 @@ async def check_admin(usr: UUID4) -> User:
|
|||||||
detail="User not authorized. No admin privileges.",
|
detail="User not authorized. No admin privileges.",
|
||||||
)
|
)
|
||||||
user.admin = True
|
user.admin = True
|
||||||
|
user.super_user = False
|
||||||
|
if user.id == settings.super_user:
|
||||||
|
user.super_user = True
|
||||||
|
|
||||||
return user
|
return user
|
||||||
|
|
||||||
|
|||||||
@@ -81,4 +81,4 @@ class UpdateSettings(BaseModel, extra=Extra.forbid):
|
|||||||
|
|
||||||
class AdminSettings(UpdateSettings):
|
class AdminSettings(UpdateSettings):
|
||||||
lnbits_allowed_funding_sources: Optional[List[str]]
|
lnbits_allowed_funding_sources: Optional[List[str]]
|
||||||
super_user: Optional[str]
|
super_user: Optional[bool]
|
||||||
|
|||||||
@@ -1,14 +1,14 @@
|
|||||||
<q-tab-panel name="users">
|
<q-tab-panel name="users">
|
||||||
<q-card-section class="q-pa-none">
|
<q-card-section class="q-pa-none">
|
||||||
<h6 class="q-my-none">User Management</h6>
|
<h6 class="q-my-none">User Management</h6>
|
||||||
<br />
|
<!-- <br />
|
||||||
<p class="q-my-none">Super Admin: {{ settings.lnbits_admin_users[0] }}</p>
|
<p class="q-my-none">Super Admin: {{ settings.super_user }}</p> -->
|
||||||
<br />
|
<br />
|
||||||
<div>
|
<div>
|
||||||
<p>Admin Users</p>
|
<p>Admin Users</p>
|
||||||
<q-input
|
<q-input
|
||||||
filled
|
filled
|
||||||
v-model="formData.admin_users_add"
|
v-model="formAddAdmin"
|
||||||
@keydown.enter="addAdminUser"
|
@keydown.enter="addAdminUser"
|
||||||
type="text"
|
type="text"
|
||||||
label="User ID"
|
label="User ID"
|
||||||
@@ -17,16 +17,18 @@
|
|||||||
<q-btn @click="addAdminUser" dense flat icon="add"></q-btn>
|
<q-btn @click="addAdminUser" dense flat icon="add"></q-btn>
|
||||||
</q-input>
|
</q-input>
|
||||||
<div>
|
<div>
|
||||||
|
{%raw%}
|
||||||
<q-chip
|
<q-chip
|
||||||
v-for="user in settings.lnbits_admin_users"
|
v-for="user in formData.lnbits_admin_users"
|
||||||
:key="user"
|
:key="user"
|
||||||
removable
|
removable
|
||||||
@remove="removeAdminUser(user)"
|
@remove="removeAdminUser(user)"
|
||||||
color="primary"
|
color="primary"
|
||||||
text-color="white"
|
text-color="white"
|
||||||
>
|
>
|
||||||
{{ user.id }}
|
{{ user }}
|
||||||
</q-chip>
|
</q-chip>
|
||||||
|
{%endraw%}
|
||||||
</div>
|
</div>
|
||||||
<br />
|
<br />
|
||||||
</div>
|
</div>
|
||||||
@@ -34,7 +36,7 @@
|
|||||||
<p>Allowed Users</p>
|
<p>Allowed Users</p>
|
||||||
<q-input
|
<q-input
|
||||||
filled
|
filled
|
||||||
v-model="formData.allowed_users_add"
|
v-model="formAddUser"
|
||||||
@keydown.enter="addAllowedUser"
|
@keydown.enter="addAllowedUser"
|
||||||
type="text"
|
type="text"
|
||||||
label="User ID"
|
label="User ID"
|
||||||
@@ -45,7 +47,7 @@
|
|||||||
<div>
|
<div>
|
||||||
{% raw %}
|
{% raw %}
|
||||||
<q-chip
|
<q-chip
|
||||||
v-for="user in settings.lnbits_allowed_users"
|
v-for="user in formData.lnbits_allowed_users"
|
||||||
:key="user"
|
:key="user"
|
||||||
removable
|
removable
|
||||||
@remove="removeAllowedUser(user)"
|
@remove="removeAllowedUser(user)"
|
||||||
|
|||||||
@@ -39,6 +39,7 @@
|
|||||||
></q-btn> -->
|
></q-btn> -->
|
||||||
<q-btn
|
<q-btn
|
||||||
flat
|
flat
|
||||||
|
v-if="isSuperUser"
|
||||||
label="Reset to defaults"
|
label="Reset to defaults"
|
||||||
color="primary"
|
color="primary"
|
||||||
@click="deleteSettings"
|
@click="deleteSettings"
|
||||||
@@ -130,6 +131,9 @@
|
|||||||
return {
|
return {
|
||||||
settings: {},
|
settings: {},
|
||||||
formData: {},
|
formData: {},
|
||||||
|
formAddAdmin: '',
|
||||||
|
formAddUser: '',
|
||||||
|
isSuperUser: false,
|
||||||
wallet: {},
|
wallet: {},
|
||||||
cancel: {},
|
cancel: {},
|
||||||
topUpDialog: {
|
topUpDialog: {
|
||||||
@@ -337,30 +341,30 @@
|
|||||||
},
|
},
|
||||||
methods: {
|
methods: {
|
||||||
addAdminUser() {
|
addAdminUser() {
|
||||||
let addUser = this.formData.admin_users_add
|
let addUser = this.formAddAdmin
|
||||||
let admin_users = this.settings.lnbits_admin_users
|
let admin_users = this.formData.lnbits_admin_users
|
||||||
if (addUser && addUser.length && !admin_users.includes(addUser)) {
|
if (addUser && addUser.length && !admin_users.includes(addUser)) {
|
||||||
admin_users.push(addUser)
|
//admin_users = [...admin_users, addUser]
|
||||||
this.settings.lnbits_admin_users = admin_users
|
this.formData.lnbits_admin_users = [...admin_users, addUser]
|
||||||
this.formData.admin_users_add = ''
|
this.formAddAdmin = ''
|
||||||
|
//console.log(this.checkChanges)
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
removeAdminUser(user) {
|
removeAdminUser(user) {
|
||||||
let admin_users = this.settings.lnbits_admin_users
|
let admin_users = this.formData.lnbits_admin_users
|
||||||
this.settings.lnbits_admin_users = admin_users.filter(u => u !== user)
|
this.formData.lnbits_admin_users = admin_users.filter(u => u !== user)
|
||||||
},
|
},
|
||||||
addAllowedUser() {
|
addAllowedUser() {
|
||||||
let addUser = this.formData.allowed_users_add
|
let addUser = this.formAddUser
|
||||||
let allowed_users = this.settings.lnbits_allowed_users
|
let allowed_users = this.formData.lnbits_allowed_users
|
||||||
if (addUser && addUser.length && !allowed_users.includes(addUser)) {
|
if (addUser && addUser.length && !allowed_users.includes(addUser)) {
|
||||||
allowed_users.push(addUser)
|
this.formData.lnbits_allowed_users = [...allowed_users, addUser]
|
||||||
this.settings.lnbits_allowed_users = allowed_users
|
this.formAddUser = ''
|
||||||
this.formData.allowed_users_add = ''
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
removeAllowedUser(user) {
|
removeAllowedUser(user) {
|
||||||
let allowed_users = this.settings.lnbits_allowed_users
|
let allowed_users = this.formData.lnbits_allowed_users
|
||||||
this.settings.lnbits_allowed_users = allowed_users.filter(
|
this.formData.lnbits_allowed_users = allowed_users.filter(
|
||||||
u => u !== user
|
u => u !== user
|
||||||
)
|
)
|
||||||
},
|
},
|
||||||
@@ -421,18 +425,21 @@
|
|||||||
this.g.user.wallets[0].adminkey
|
this.g.user.wallets[0].adminkey
|
||||||
)
|
)
|
||||||
.then(response => {
|
.then(response => {
|
||||||
|
this.isSuperUser = response.data.super_user || false
|
||||||
this.settings = response.data
|
this.settings = response.data
|
||||||
this.formData = _.clone(this.settings)
|
this.formData = _.clone(this.settings)
|
||||||
this.updateFundingData()
|
this.updateFundingData()
|
||||||
|
console.log(this.settings)
|
||||||
})
|
})
|
||||||
.catch(function (error) {
|
.catch(function (error) {
|
||||||
LNbits.utils.notifyApiError(error)
|
LNbits.utils.notifyApiError(error)
|
||||||
})
|
})
|
||||||
},
|
},
|
||||||
updateSettings() {
|
updateSettings() {
|
||||||
let data = {
|
let data = _.omit(this.formData, [
|
||||||
...this.formData
|
'super_user',
|
||||||
}
|
'lnbits_allowed_funding_sources'
|
||||||
|
])
|
||||||
LNbits.api
|
LNbits.api
|
||||||
.request(
|
.request(
|
||||||
'PUT',
|
'PUT',
|
||||||
@@ -441,10 +448,12 @@
|
|||||||
data
|
data
|
||||||
)
|
)
|
||||||
.then(response => {
|
.then(response => {
|
||||||
|
console.log(response)
|
||||||
|
if (response.status != 200) throw new Error('Request Failed')
|
||||||
this.needsRestart =
|
this.needsRestart =
|
||||||
this.settings.lnbits_backend_wallet_class !==
|
this.settings.lnbits_backend_wallet_class !==
|
||||||
response.data.settings.lnbits_backend_wallet_class
|
this.formData.lnbits_backend_wallet_class
|
||||||
this.settings = response.data.settings
|
this.settings = this.formData
|
||||||
this.formData = _.clone(this.settings)
|
this.formData = _.clone(this.settings)
|
||||||
this.updateFundingData()
|
this.updateFundingData()
|
||||||
this.$q.notify({
|
this.$q.notify({
|
||||||
@@ -454,6 +463,7 @@
|
|||||||
})
|
})
|
||||||
})
|
})
|
||||||
.catch(function (error) {
|
.catch(function (error) {
|
||||||
|
console.error(error)
|
||||||
LNbits.utils.notifyApiError(error)
|
LNbits.utils.notifyApiError(error)
|
||||||
})
|
})
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ from fastapi.params import Depends
|
|||||||
from starlette.exceptions import HTTPException
|
from starlette.exceptions import HTTPException
|
||||||
|
|
||||||
from lnbits.core.crud import get_wallet
|
from lnbits.core.crud import get_wallet
|
||||||
|
from lnbits.core.models import User
|
||||||
from lnbits.decorators import check_admin
|
from lnbits.decorators import check_admin
|
||||||
from lnbits.extensions.admin import admin_ext
|
from lnbits.extensions.admin import admin_ext
|
||||||
from lnbits.extensions.admin.models import AdminSettings, UpdateSettings
|
from lnbits.extensions.admin.models import AdminSettings, UpdateSettings
|
||||||
@@ -27,9 +28,11 @@ async def api_restart_server() -> dict[str, str]:
|
|||||||
return {"status": "Success"}
|
return {"status": "Success"}
|
||||||
|
|
||||||
|
|
||||||
@admin_ext.get("/api/v1/settings/", dependencies=[Depends(check_admin)])
|
@admin_ext.get("/api/v1/settings/")
|
||||||
async def api_get_settings() -> Optional[AdminSettings]:
|
async def api_get_settings(user: User = Depends(check_admin)) -> Optional[AdminSettings]:
|
||||||
return await get_admin_settings()
|
admin_settings = await get_admin_settings()
|
||||||
|
admin_settings.super_user = user.super_user
|
||||||
|
return admin_settings
|
||||||
|
|
||||||
|
|
||||||
@admin_ext.put(
|
@admin_ext.put(
|
||||||
|
|||||||
Reference in New Issue
Block a user