feat: block pay invoice (#2727)

lnbits/core/services.py

@@ -491,8 +491,10 @@ async def check_time_limit_between_transactions(conn, wallet_id):
 
 async def check_wallet_daily_withdraw_limit(conn, wallet_id, amount_msat):
     limit = settings.lnbits_wallet_limit_daily_max_withdraw
-    if not limit or limit <= 0:
+    if not limit:
         return
+    if limit < 0:
+        raise ValueError("It is not allowed to spend funds from this server.")
 
     payments = await get_payments(
         since=int(time.time()) - 60 * 60 * 24,

lnbits/static/i18n/en.js

@@ -194,7 +194,7 @@ window.localisation.en = {
   rate_limiter: 'Rate Limiter',
   wallet_limiter: 'Wallet Limiter',
   wallet_limit_max_withdraw_per_day:
-    'Max daily wallet withdrawal in sats (0 to disable)',
+    'Max daily wallet withdrawal in sats (0 for no limit, -1 to block withdrawal)',
   wallet_max_ballance: 'Wallet max balance in sats (0 to disable)',
   wallet_limit_secs_between_trans:
     'Min secs between transactions per wallet (0 to disable)',

lnbits/static/i18n/pi.js

@@ -197,7 +197,7 @@ window.localisation.pi = {
   rate_limiter: 'Rate Limiter',
   wallet_limiter: 'Pouch Limitar',
   wallet_limit_max_withdraw_per_day:
-    'Max daily wallet withdrawal in sats (0 ter disable)',
+    'Max daily wallet withdrawal in sats (0 for no limit, -1 to block withdrawal)',
   wallet_max_ballance: 'Purse max heaviness in sats (0 fer scuttle)',
   wallet_limit_secs_between_trans:
     "Min secs 'tween transactions per wallet (0 to disable)",

tests/api/test_auth.py

@@ -450,7 +450,6 @@ async def test_alan_change_password_auth_threshold_expired(
     access_token = response.json().get("access_token")
     assert access_token is not None
 
-    initial_update_threshold = settings.auth_credetials_update_threshold
     settings.auth_credetials_update_threshold = 1
     time.sleep(1.1)
     response = await http_client.put(
@@ -465,8 +464,6 @@ async def test_alan_change_password_auth_threshold_expired(
         },
     )
 
-    settings.auth_credetials_update_threshold = initial_update_threshold
-
     assert response.status_code == 403, "Treshold expired."
     assert (
         response.json().get("detail") == "You can only update your credentials"
@@ -837,7 +834,6 @@ async def test_alan_change_pubkey_auth_threshold_expired(
     access_token = response.json().get("access_token")
     assert access_token is not None
 
-    initial_update_threshold = settings.auth_credetials_update_threshold
     settings.auth_credetials_update_threshold = 1
     time.sleep(1.1)
     response = await http_client.put(
@@ -849,8 +845,6 @@ async def test_alan_change_pubkey_auth_threshold_expired(
         },
     )
 
-    settings.auth_credetials_update_threshold = initial_update_threshold
-
     assert response.status_code == 403, "Treshold expired."
     assert (
         response.json().get("detail") == "You can only update your credentials"
@@ -1001,7 +995,6 @@ async def test_reset_password_auth_threshold_expired(
     reset_key = await api_users_reset_password(user_alan.id)
     assert reset_key, "Reset key created."
 
-    initial_update_threshold = settings.auth_credetials_update_threshold
     settings.auth_credetials_update_threshold = 1
     time.sleep(1.1)
     response = await http_client.put(
@@ -1013,8 +1006,6 @@ async def test_reset_password_auth_threshold_expired(
         },
     )
 
-    settings.auth_credetials_update_threshold = initial_update_threshold
-
     assert response.status_code == 403, "Treshold expired."
     assert (
         response.json().get("detail") == "You can only update your credentials"

tests/conftest.py

@@ -24,7 +24,7 @@ from lnbits.core.models import CreateInvoice, PaymentState
 from lnbits.core.services import create_user_account, update_wallet_balance
 from lnbits.core.views.payment_api import api_payments_create_invoice
 from lnbits.db import DB_TYPE, SQLITE, Database
-from lnbits.settings import settings
+from lnbits.settings import AuthMethods, settings
 from tests.helpers import (
     get_random_invoice_data,
 )
@@ -37,6 +37,24 @@ settings.lnbits_extensions_default_install = []
 settings.lnbits_extensions_deactivate_all = True
 
 
+@pytest.fixture(autouse=True)
+def run_before_and_after_tests():
+    """Fixture to execute asserts before and after a test is run"""
+    ##### BEFORE TEST RUN #####
+
+    settings.lnbits_allow_new_accounts = True
+    settings.auth_allowed_methods = AuthMethods.all()
+    settings.auth_credetials_update_threshold = 120
+    settings.lnbits_reserve_fee_percent = 1
+    settings.lnbits_reserve_fee_min = 2000
+    settings.lnbits_service_fee = 0
+    settings.lnbits_wallet_limit_daily_max_withdraw = 0
+
+    yield  # this is where the testing happens
+
+    ##### AFTER TEST RUN #####
+
+
 @pytest_asyncio.fixture(scope="session")
 def event_loop():
     loop = asyncio.get_event_loop()

tests/unit/test_services_wallet_limit.py

@@ -0,0 +1,36 @@
+import pytest
+
+from lnbits.core.services import check_wallet_daily_withdraw_limit
+from lnbits.settings import settings
+
+
+@pytest.mark.asyncio
+async def test_no_wallet_limit():
+    settings.lnbits_wallet_limit_daily_max_withdraw = 0
+    result = await check_wallet_daily_withdraw_limit(
+        conn=None, wallet_id="333333", amount_msat=0
+    )
+
+    assert result is None, "No limit set."
+
+
+@pytest.mark.asyncio
+async def test_wallet_limit_but_no_payments():
+    settings.lnbits_wallet_limit_daily_max_withdraw = 5
+    result = await check_wallet_daily_withdraw_limit(
+        conn=None, wallet_id="333333", amount_msat=0
+    )
+
+    assert result is None, "Limit not reqached."
+
+
+@pytest.mark.asyncio
+async def test_no_wallet_spend_allowed():
+    settings.lnbits_wallet_limit_daily_max_withdraw = -1
+
+    with pytest.raises(
+        ValueError, match="It is not allowed to spend funds from this server."
+    ):
+        await check_wallet_daily_withdraw_limit(
+            conn=None, wallet_id="333333", amount_msat=0
+        )