From 4bea1a65924e22e35ac6b814789c643146926e1c Mon Sep 17 00:00:00 2001
From: Padreug <padreug@aiolabs.dev>
Date: Thu, 21 May 2026 12:29:37 +0200
Subject: [PATCH] feat(activities): TicketApiService.updateEvent +
 admin/auto_approve probes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

`updateEvent` calls PUT /events/{id} with the event's wallet admin key
— mirrors the backend's `require_admin_key` decorator (different key
than the inkey used by createEvent).

Add `isAdmin` and `getAutoApprove` probes so the dialog can decide
whether to show "edit will go back to pending approval" copy. Both
degrade to `false` on failure, which biases the warning toward being
shown when in doubt.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .../activities/services/TicketApiService.ts   | 54 +++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/src/modules/activities/services/TicketApiService.ts b/src/modules/activities/services/TicketApiService.ts
index a9f3975..432771d 100644
--- a/src/modules/activities/services/TicketApiService.ts
+++ b/src/modules/activities/services/TicketApiService.ts
@@ -148,6 +148,60 @@ export class TicketApiService {
     })
   }
 
+  /**
+   * Update an existing event. Requires the event's wallet admin key.
+   * Status is re-derived server-side from admin/auto_approve — a non-
+   * admin owner editing under `auto_approve=false` lands back at
+   * `proposed` regardless of the current state.
+   */
+  async updateEvent(
+    eventId: string,
+    eventData: CreateEventRequest,
+    adminKey: string,
+  ): Promise<TicketedEvent> {
+    return this.request(`/events/api/v1/events/${eventId}`, {
+      method: 'PUT',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-API-KEY': adminKey,
+      },
+      body: JSON.stringify(eventData),
+    })
+  }
+
+  /**
+   * Probe whether the current user has LNbits admin privileges. The
+   * `/all` endpoint is `check_admin`-gated, so a 200 means "admin",
+   * any other response means "not admin".
+   */
+  async isAdmin(adminKey: string): Promise<boolean> {
+    try {
+      await this.request('/events/api/v1/events/all', {
+        method: 'GET',
+        headers: { 'X-API-KEY': adminKey },
+      })
+      return true
+    } catch {
+      return false
+    }
+  }
+
+  /**
+   * Read the extension's auto_approve flag. Admin-only endpoint, so
+   * non-admin callers see false (the safe default for UI gating).
+   */
+  async getAutoApprove(adminKey: string): Promise<boolean> {
+    try {
+      const settings = await this.request('/events/api/v1/events/settings', {
+        method: 'GET',
+        headers: { 'X-API-KEY': adminKey },
+      })
+      return Boolean(settings?.auto_approve)
+    } catch {
+      return false
+    }
+  }
+
   /**
    * Fetch available currencies from LNbits.
    */