aiolabs/lnbits
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1208 from lnbits/fix/adminui/topup

Browse source 
only let super_user brrrr sats
This commit is contained in:
Arc 2022-12-17 09:53:36 +00:00 committed by GitHub
commit 7392b4ee9c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

64
lnbits/core/views/admin_api.py
View file

@ -15,16 +15,6 @@ from .. import core_app
from ..crud import delete_admin_settings, get_admin_settings, update_admin_settings from ..crud import delete_admin_settings, get_admin_settings, update_admin_settings
@core_app.get(
"/admin/api/v1/restart/",
status_code=HTTPStatus.OK,
dependencies=[Depends(check_super_user)],
)
async def api_restart_server() -> dict[str, str]:
server_restart.set()
return {"status": "Success"}
@core_app.get("/admin/api/v1/settings/") @core_app.get("/admin/api/v1/settings/")
async def api_get_settings( async def api_get_settings(
user: User = Depends(check_admin), # type: ignore user: User = Depends(check_admin), # type: ignore
@ -33,26 +23,6 @@ async def api_get_settings(
return admin_settings return admin_settings
@core_app.put(
"/admin/api/v1/topup/",
status_code=HTTPStatus.OK,
dependencies=[Depends(check_admin)],
)
async def api_topup_balance(
id: str = Body(...), amount: int = Body(...)
) -> dict[str, str]:
try:
await get_wallet(id)
except:
raise HTTPException(
status_code=HTTPStatus.FORBIDDEN, detail="wallet does not exist."
)
await update_wallet_balance(wallet_id=id, amount=int(amount))
return {"status": "Success"}
@core_app.put( @core_app.put(
"/admin/api/v1/settings/", "/admin/api/v1/settings/",
status_code=HTTPStatus.OK, status_code=HTTPStatus.OK,
@ -67,8 +37,38 @@ async def api_update_settings(data: EditableSetings):
@core_app.delete( @core_app.delete(
"/admin/api/v1/settings/", "/admin/api/v1/settings/",
status_code=HTTPStatus.OK, status_code=HTTPStatus.OK,
dependencies=[Depends(check_admin)], dependencies=[Depends(check_super_user)],
) )
async def api_delete_settings() -> dict[str, str]: async def api_delete_settings() -> None:
await delete_admin_settings() await delete_admin_settings()
server_restart.set()
@core_app.get(
"/admin/api/v1/restart/",
status_code=HTTPStatus.OK,
dependencies=[Depends(check_super_user)],
)
async def api_restart_server() -> dict[str, str]:
server_restart.set()
return {"status": "Success"}
@core_app.put(
"/admin/api/v1/topup/",
status_code=HTTPStatus.OK,
dependencies=[Depends(check_super_user)],
)
async def api_topup_balance(
id: str = Body(...), amount: int = Body(...)
) -> dict[str, str]:
try:
await get_wallet(id)
except:
raise HTTPException(
status_code=HTTPStatus.FORBIDDEN, detail="wallet does not exist."
)
await update_wallet_balance(wallet_id=id, amount=int(amount))
return {"status": "Success"} return {"status": "Success"}