refactor:depend_admin_user

2022-12-07 14:56:45 +01:00 · 2022-12-07 14:56:45 +01:00 · 5f4fa61310
commit 5f4fa61310
parent 386e1ec4d9
3 changed files with 23 additions and 20 deletions
--- a/lnbits/core/views/api.py
+++ b/lnbits/core/views/api.py
@ -34,11 +34,12 @@ from lnbits.core.models import Payment, Wallet
 from lnbits.decorators import (
    WalletTypeInfo,
    get_key_type,
+    require_admin_user,
    require_admin_key,
    require_invoice_key,
 )
 from lnbits.helpers import url_for, urlsafe_short_hash
-from lnbits.settings import LNBITS_ADMIN_USERS, LNBITS_SITE_TITLE, WALLET
+from lnbits.settings import LNBITS_SITE_TITLE, WALLET
 from lnbits.utils.exchange_rates import (
    currencies,
    fiat_amount_as_satoshis,
@ -84,12 +85,8 @@ async def api_wallet(wallet: WalletTypeInfo = Depends(get_key_type)):

@core_app.put("/api/v1/wallet/balance/{amount}")
 async def api_update_balance(
-    amount: int, wallet: WalletTypeInfo = Depends(get_key_type)
+    amount: int, wallet: WalletTypeInfo = Depends(require_admin_user)
 ):
-    if wallet.wallet.user not in LNBITS_ADMIN_USERS:
-        raise HTTPException(
-            status_code=HTTPStatus.FORBIDDEN, detail="Not an admin user"
-        )

    payHash = urlsafe_short_hash()
    await create_payment(
@ -687,11 +684,7 @@ async def img(request: Request, data):


@core_app.get("/api/v1/audit")
-async def api_auditor(wallet: WalletTypeInfo = Depends(get_key_type)):
-    if wallet.wallet.user not in LNBITS_ADMIN_USERS:
-        raise HTTPException(
-            status_code=HTTPStatus.FORBIDDEN, detail="Not an admin user"
-        )
+async def api_auditor(wallet: WalletTypeInfo = Depends(require_admin_user)):

    total_balance = await get_total_balance()
    error_message, node_balance = await WALLET.status()
--- a/lnbits/decorators.py
+++ b/lnbits/decorators.py
@ -172,6 +172,23 @@ async def get_key_type(
    )


+async def require_admin_user(
+    r: Request,
+    api_key_header: str = Security(api_key_header),  # type: ignore
+    api_key_query: str = Security(api_key_query),  # type: ignore
+):
+
+    token = api_key_header or api_key_query
+    wallet = await get_key_type(r, token)
+
+    if wallet.wallet.user not in LNBITS_ADMIN_USERS:
+        raise HTTPException(
+            status_code=HTTPStatus.FORBIDDEN, detail="Not an admin user"
+        )
+    else:
+        return wallet
+
+
 async def require_admin_key(
    r: Request,
    api_key_header: str = Security(api_key_header),  # type: ignore
--- a/lnbits/extensions/satspay/views_api.py
+++ b/lnbits/extensions/satspay/views_api.py
@ -1,20 +1,18 @@
 import json
 from http import HTTPStatus

-import httpx
 from fastapi.params import Depends
 from loguru import logger
 from starlette.exceptions import HTTPException

-from lnbits.core.crud import get_wallet
 from lnbits.decorators import (
    WalletTypeInfo,
    get_key_type,
+    require_admin_user,
    require_admin_key,
    require_invoice_key,
 )
 from lnbits.extensions.satspay import satspay_ext
-from lnbits.settings import LNBITS_ADMIN_EXTENSIONS, LNBITS_ADMIN_USERS

 from .crud import (
    check_address_balance,
@ -143,14 +141,9 @@ async def api_charge_balance(charge_id):
@satspay_ext.post("/api/v1/themes/{css_id}")
 async def api_themes_save(
    data: SatsPayThemes,
-    wallet: WalletTypeInfo = Depends(require_invoice_key),
+    wallet: WalletTypeInfo = Depends(require_admin_user),
    css_id: str = None,
 ):
-    if LNBITS_ADMIN_USERS and wallet.wallet.user not in LNBITS_ADMIN_USERS:
-        raise HTTPException(
-            status_code=HTTPStatus.FORBIDDEN,
-            detail="Only server admins can create themes.",
-        )
    if css_id:
        theme = await save_theme(css_id=css_id, data=data)
    else: