From ab49b7740cce2dd930f2707395f868cb608100e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?dni=20=E2=9A=A1?= Date: Mon, 12 Dec 2022 09:43:20 +0100 Subject: [PATCH] add superuser decorator, fix restart route and mypy issue --- lnbits/core/views/admin_api.py | 7 +++---- lnbits/decorators.py | 10 ++++++++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/lnbits/core/views/admin_api.py b/lnbits/core/views/admin_api.py index 0ca8b8e5d..2ceaa4e60 100644 --- a/lnbits/core/views/admin_api.py +++ b/lnbits/core/views/admin_api.py @@ -1,14 +1,13 @@ from http import HTTPStatus from typing import Optional -from fastapi import Body -from fastapi.params import Depends +from fastapi import Body, Depends from starlette.exceptions import HTTPException from lnbits.core.crud import get_wallet from lnbits.core.models import User from lnbits.core.services import update_cached_settings, update_wallet_balance -from lnbits.decorators import check_admin +from lnbits.decorators import check_admin, check_super_user from lnbits.server import server_restart from lnbits.settings import AdminSettings, EditableSetings @@ -19,7 +18,7 @@ from ..crud import delete_admin_settings, get_admin_settings, update_admin_setti @core_app.get( "/admin/api/v1/restart/", status_code=HTTPStatus.OK, - dependencies=[Depends(check_admin)], + dependencies=[Depends(check_super_user)], ) async def api_restart_server() -> dict[str, str]: server_restart.set() diff --git a/lnbits/decorators.py b/lnbits/decorators.py index 0627d5030..e5bc13991 100644 --- a/lnbits/decorators.py +++ b/lnbits/decorators.py @@ -259,3 +259,13 @@ async def check_admin(usr: UUID4) -> User: user.super_user = True return user + + +async def check_super_user(usr: UUID4) -> User: + user = await check_admin(usr) + if user.id != settings.super_user: + raise HTTPException( + status_code=HTTPStatus.UNAUTHORIZED, + detail="User not authorized. No super user privileges.", + ) + return user