lnbits-exts/nostrrelay
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions 2

fix: admin check (#20)

Browse source
This commit is contained in:
Vlad Stan 2024-03-21 11:29:36 +02:00 committed by GitHub
parent 473614f8be
commit 94ae34158c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
views_api.py
View file

@ -7,6 +7,7 @@ from loguru import logger
from pydantic.types import UUID4 from pydantic.types import UUID4
from starlette.responses import JSONResponse from starlette.responses import JSONResponse
from lnbits.core.crud import get_user
from lnbits.core.services import create_invoice from lnbits.core.services import create_invoice
from lnbits.decorators import ( from lnbits.decorators import (
WalletTypeInfo, WalletTypeInfo,
@ -60,7 +61,9 @@ async def api_create_relay(
wallet: WalletTypeInfo = Depends(require_admin_key), wallet: WalletTypeInfo = Depends(require_admin_key),
) -> NostrRelay: ) -> NostrRelay:
if len(data.id): if len(data.id):
await check_admin(UUID4(wallet.wallet.user)) user = await get_user(wallet.wallet.user)
assert user, "User not found."
assert user.admin, "Only admin users can set the relay ID"
else: else:
data.id = urlsafe_short_hash()[:8] data.id = urlsafe_short_hash()[:8]