fix: backend tokens mapped to client tokens (#10561)

Edge does not support backend token type, so until then, we need to keep returning backend token type as if they're client token types.
2025-09-01 13:47:27 +02:00 · 2025-08-28 04:57:03 -07:00 · 2025-08-28 04:57:03 -07:00 · 3b467238a5
commit 3b467238a5
parent fa7857dff1
3 changed files with 14 additions and 11 deletions
--- a/src/lib/db/api-token-store.ts
+++ b/src/lib/db/api-token-store.ts
@ -42,7 +42,11 @@ const tokenRowReducer = (acc, tokenRow) => {
        acc[tokenRow.secret] = {
            secret: token.secret,
            tokenName: token.token_name ? token.token_name : token.username,
-            type: token.type.toLowerCase(),
+            // backend token type needs to be supported in Edge before being able to return them in the API
+            type: (token.type === ApiTokenType.BACKEND
+                ? ApiTokenType.CLIENT
+                : token.type
+            ).toLowerCase(),
            project: ALL,
            projects: [ALL],
            environment: token.environment ? token.environment : ALL,
--- a/src/test/e2e/api/admin/api-token.auth.e2e.test.ts
+++ b/src/test/e2e/api/admin/api-token.auth.e2e.test.ts
@ -121,7 +121,7 @@ test('editor users should only get client, backend or frontend tokens', async ()
            expect(res.body.tokens.length).toBe(3);
            expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
            expect(res.body.tokens[1].type).toBe(ApiTokenType.FRONTEND);
-            expect(res.body.tokens[2].type).toBe(ApiTokenType.BACKEND);
+            expect(res.body.tokens[2].type).toBe(ApiTokenType.CLIENT);
        });
 });

@ -229,7 +229,7 @@ describe('Fine grained API token permissions', () => {
                .expect((res) => {
                    expect(res.body.tokens).toHaveLength(2);
                    expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
-                    expect(res.body.tokens[1].type).toBe(ApiTokenType.BACKEND);
+                    expect(res.body.tokens[1].type).toBe(ApiTokenType.CLIENT);
                });
        });
        test('Admin users should be able to see all tokens', async () => {
@ -241,16 +241,15 @@ describe('Fine grained API token permissions', () => {
            expect(status).toBe(200);
            expect(body.tokens).toHaveLength(4);
            [
-                ApiTokenType.ADMIN,
-                ApiTokenType.CLIENT,
-                ApiTokenType.BACKEND,
-                ApiTokenType.FRONTEND,
-            ].forEach((tokenType) => {
+                { tokenType: ApiTokenType.ADMIN, expectedCount: 1 },
+                { tokenType: ApiTokenType.CLIENT, expectedCount: 2 },
+                { tokenType: ApiTokenType.FRONTEND, expectedCount: 1 },
+            ].forEach(({ tokenType, expectedCount }) => {
                expect(
                    body.tokens.filter(
                        (t: { type: string }) => t.type === tokenType,
                    ),
-                ).toHaveLength(1);
+                ).toHaveLength(expectedCount);
            });
        });
        test('Editor users should be able to see all tokens except ADMIN tokens', async () => {
--- a/src/test/e2e/api/admin/api-token.e2e.test.ts
+++ b/src/test/e2e/api/admin/api-token.e2e.test.ts
@ -119,7 +119,7 @@ test.each(['client', 'backend'])(
            .expect(200)
            .expect((res) => {
                expect(res.body.tokens.length).toBe(10);
-                expect(res.body.tokens[2].type).toBe(type);
+                expect(res.body.tokens[2].type).toBe(ApiTokenType.CLIENT);
            });
        await app.request
            .get('/api/admin/api-tokens/default-client')
@ -127,7 +127,7 @@ test.each(['client', 'backend'])(
            .expect(200)
            .expect((res) => {
                expect(res.body.tokens.length).toBe(10);
-                expect(res.body.tokens[2].type).toBe(type);
+                expect(res.body.tokens[2].type).toBe(ApiTokenType.CLIENT);
            });
    },
 );