1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
unleash.unleash/src/lib/routes/admin-api/api-token-controller.ts

125 lines
3.7 KiB
TypeScript
Raw Normal View History

2021-03-29 19:58:11 +02:00
import { Response } from 'express';
import Controller from '../controller';
import {
ADMIN,
CREATE_API_TOKEN,
DELETE_API_TOKEN,
UPDATE_API_TOKEN,
2021-05-02 20:58:02 +02:00
} from '../../types/permissions';
2021-03-29 19:58:11 +02:00
import { ApiTokenService } from '../../services/api-token-service';
import { Logger } from '../../logger';
2021-03-29 19:58:11 +02:00
import { AccessService } from '../../services/access-service';
import { IAuthRequest } from '../unleash-types';
import User from '../../types/user';
import { IUnleashConfig } from '../../types/option';
import { ApiTokenType } from '../../types/stores/api-token-store';
2021-03-29 19:58:11 +02:00
interface IServices {
apiTokenService: ApiTokenService;
accessService: AccessService;
}
class ApiTokenController extends Controller {
private apiTokenService: ApiTokenService;
private accessService: AccessService;
private logger: Logger;
constructor(config: IUnleashConfig, services: IServices) {
2021-03-29 19:58:11 +02:00
super(config);
this.apiTokenService = services.apiTokenService;
this.accessService = services.accessService;
this.logger = config.getLogger('api-token-controller.js');
this.get('/', this.getAllApiTokens);
this.post('/', this.createApiToken, CREATE_API_TOKEN);
this.put('/:token', this.updateApiToken, UPDATE_API_TOKEN);
this.delete('/:token', this.deleteApiToken, DELETE_API_TOKEN);
}
2021-05-03 19:33:26 +02:00
private async isTokenAdmin(user: User) {
if (user.isAPI) {
return user.permissions.includes(ADMIN);
2021-03-29 19:58:11 +02:00
}
return this.accessService.hasPermission(user, UPDATE_API_TOKEN);
2021-03-29 19:58:11 +02:00
}
async getAllApiTokens(req: IAuthRequest, res: Response): Promise<void> {
const { user } = req;
const isAdmin = await this.isTokenAdmin(user);
2021-03-29 19:58:11 +02:00
const tokens = await this.apiTokenService.getAllTokens();
if (isAdmin) {
res.json({ tokens });
} else {
const filteredTokens = tokens.filter(
(t) => !(t.type === ApiTokenType.ADMIN),
2021-03-29 19:58:11 +02:00
);
res.json({ tokens: filteredTokens });
}
}
async createApiToken(req: IAuthRequest, res: Response): Promise<any> {
const { username, type, expiresAt } = req.body;
if (!username || !type) {
this.logger.error(req.body);
return res.status(400).send();
}
const tokenType =
type.toLowerCase() === 'admin'
? ApiTokenType.ADMIN
: ApiTokenType.CLIENT;
try {
const token = await this.apiTokenService.creteApiToken({
type: tokenType,
username,
expiresAt,
});
return res.status(201).json(token);
} catch (error) {
this.logger.error('error creating api-token', error);
return res.status(500);
}
}
async deleteApiToken(req: IAuthRequest, res: Response): Promise<void> {
const { token } = req.params;
try {
await this.apiTokenService.delete(token);
res.status(200).end();
} catch (error) {
this.logger.error('error creating api-token', error);
res.status(500);
}
}
async updateApiToken(req: IAuthRequest, res: Response): Promise<any> {
const { token } = req.params;
const { expiresAt } = req.body;
if (!expiresAt) {
this.logger.error(req.body);
return res.status(400).send();
}
try {
await this.apiTokenService.updateExpiry(token, expiresAt);
return res.status(200).end();
} catch (error) {
this.logger.error('error creating api-token', error);
return res.status(500);
}
}
}
module.exports = ApiTokenController;
export default ApiTokenController;