mirror of
https://github.com/Unleash/unleash.git
synced 2025-08-27 13:49:10 +02:00
fix: permissions should allow to access client token types (#10543)
Internally token types are still identified as CLIENT, therefore when we filter the ones we're allowed to see, we should still consider them as CLIENT tokens not BACKEND tokens. This is internal until we can fully remove CLIENT with the next major.
This commit is contained in:
parent
750a32f0e9
commit
8cb11f69df
@ -83,7 +83,7 @@ const permissionToTokenType: (permission: string) => ApiTokenType | undefined =
|
||||
UPDATE_CLIENT_API_TOKEN,
|
||||
].includes(permission)
|
||||
) {
|
||||
return ApiTokenType.BACKEND;
|
||||
return ApiTokenType.CLIENT;
|
||||
} else if (ADMIN === permission) {
|
||||
return ApiTokenType.ADMIN;
|
||||
} else {
|
||||
|
@ -67,7 +67,7 @@ test('editor users should only get client or frontend tokens', async () => {
|
||||
projects: [],
|
||||
tokenName: 'test',
|
||||
secret: '*:environment.1234',
|
||||
type: ApiTokenType.BACKEND,
|
||||
type: ApiTokenType.CLIENT,
|
||||
});
|
||||
|
||||
await stores.apiTokenStore.insert({
|
||||
@ -92,7 +92,7 @@ test('editor users should only get client or frontend tokens', async () => {
|
||||
.expect(200)
|
||||
.expect((res) => {
|
||||
expect(res.body.tokens.length).toBe(2);
|
||||
expect(res.body.tokens[0].type).toBe(ApiTokenType.BACKEND);
|
||||
expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
|
||||
expect(res.body.tokens[1].type).toBe(ApiTokenType.FRONTEND);
|
||||
});
|
||||
|
||||
@ -126,7 +126,7 @@ test('viewer users should not be allowed to fetch tokens', async () => {
|
||||
projects: [],
|
||||
tokenName: 'test',
|
||||
secret: '*:environment.1234',
|
||||
type: ApiTokenType.BACKEND,
|
||||
type: ApiTokenType.CLIENT,
|
||||
});
|
||||
|
||||
await stores.apiTokenStore.insert({
|
||||
@ -462,7 +462,7 @@ describe('Fine grained API token permissions', () => {
|
||||
projects: [],
|
||||
tokenName: 'client',
|
||||
secret: '*:environment.client_secret_1234',
|
||||
type: ApiTokenType.BACKEND,
|
||||
type: ApiTokenType.CLIENT,
|
||||
});
|
||||
|
||||
await stores.apiTokenStore.insert({
|
||||
@ -485,7 +485,7 @@ describe('Fine grained API token permissions', () => {
|
||||
.expect(200)
|
||||
.expect((res) => {
|
||||
expect(res.body.tokens).toHaveLength(1);
|
||||
expect(res.body.tokens[0].type).toBe(ApiTokenType.BACKEND);
|
||||
expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
|
||||
});
|
||||
await destroy();
|
||||
});
|
||||
@ -521,7 +521,7 @@ describe('Fine grained API token permissions', () => {
|
||||
projects: [],
|
||||
tokenName: 'client',
|
||||
secret: '*:environment.client_secret_4321',
|
||||
type: ApiTokenType.BACKEND,
|
||||
type: ApiTokenType.CLIENT,
|
||||
});
|
||||
|
||||
await stores.apiTokenStore.insert({
|
||||
@ -579,7 +579,7 @@ describe('Fine grained API token permissions', () => {
|
||||
projects: [],
|
||||
tokenName: 'client',
|
||||
secret: '*:environment.client_secret_4321',
|
||||
type: ApiTokenType.BACKEND,
|
||||
type: ApiTokenType.CLIENT,
|
||||
});
|
||||
await stores.apiTokenStore.insert({
|
||||
environment: '',
|
||||
|
Loading…
Reference in New Issue
Block a user