Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-09-01 13:47:27 +02:00
Code Issues Projects Releases Wiki Activity

fix: permissions should allow to access client token types (#10543)

Browse Source 
Internally token types are still identified as CLIENT, therefore when we
filter the ones we're allowed to see, we should still consider them as
CLIENT tokens not BACKEND tokens. This is internal until we can fully
remove CLIENT with the next major.
This commit is contained in:
Gastón Fournier 2025-08-26 09:33:21 -07:00 committed by GitHub
parent 750a32f0e9
commit 8cb11f69df
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/lib/routes/admin-api/api-token.ts
View File

@ -83,7 +83,7 @@ const permissionToTokenType: (permission: string) => ApiTokenType | undefined =
UPDATE_CLIENT_API_TOKEN, UPDATE_CLIENT_API_TOKEN,
].includes(permission) ].includes(permission)
) { ) {
return ApiTokenType.BACKEND; return ApiTokenType.CLIENT;
} else if (ADMIN === permission) { } else if (ADMIN === permission) {
return ApiTokenType.ADMIN; return ApiTokenType.ADMIN;
} else { } else {

14
src/test/e2e/api/admin/api-token.auth.e2e.test.ts
View File

@ -67,7 +67,7 @@ test('editor users should only get client or frontend tokens', async () => {
projects: [], projects: [],
tokenName: 'test', tokenName: 'test',
secret: '*:environment.1234', secret: '*:environment.1234',
type: ApiTokenType.BACKEND, type: ApiTokenType.CLIENT,
}); });
await stores.apiTokenStore.insert({ await stores.apiTokenStore.insert({
@ -92,7 +92,7 @@ test('editor users should only get client or frontend tokens', async () => {
.expect(200) .expect(200)
.expect((res) => { .expect((res) => {
expect(res.body.tokens.length).toBe(2); expect(res.body.tokens.length).toBe(2);
expect(res.body.tokens[0].type).toBe(ApiTokenType.BACKEND); expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
expect(res.body.tokens[1].type).toBe(ApiTokenType.FRONTEND); expect(res.body.tokens[1].type).toBe(ApiTokenType.FRONTEND);
}); });
@ -126,7 +126,7 @@ test('viewer users should not be allowed to fetch tokens', async () => {
projects: [], projects: [],
tokenName: 'test', tokenName: 'test',
secret: '*:environment.1234', secret: '*:environment.1234',
type: ApiTokenType.BACKEND, type: ApiTokenType.CLIENT,
}); });
await stores.apiTokenStore.insert({ await stores.apiTokenStore.insert({
@ -462,7 +462,7 @@ describe('Fine grained API token permissions', () => {
projects: [], projects: [],
tokenName: 'client', tokenName: 'client',
secret: '*:environment.client_secret_1234', secret: '*:environment.client_secret_1234',
type: ApiTokenType.BACKEND, type: ApiTokenType.CLIENT,
}); });
await stores.apiTokenStore.insert({ await stores.apiTokenStore.insert({
@ -485,7 +485,7 @@ describe('Fine grained API token permissions', () => {
.expect(200) .expect(200)
.expect((res) => { .expect((res) => {
expect(res.body.tokens).toHaveLength(1); expect(res.body.tokens).toHaveLength(1);
expect(res.body.tokens[0].type).toBe(ApiTokenType.BACKEND); expect(res.body.tokens[0].type).toBe(ApiTokenType.CLIENT);
}); });
await destroy(); await destroy();
}); });
@ -521,7 +521,7 @@ describe('Fine grained API token permissions', () => {
projects: [], projects: [],
tokenName: 'client', tokenName: 'client',
secret: '*:environment.client_secret_4321', secret: '*:environment.client_secret_4321',
type: ApiTokenType.BACKEND, type: ApiTokenType.CLIENT,
}); });
await stores.apiTokenStore.insert({ await stores.apiTokenStore.insert({
@ -579,7 +579,7 @@ describe('Fine grained API token permissions', () => {
projects: [], projects: [],
tokenName: 'client', tokenName: 'client',
secret: '*:environment.client_secret_4321', secret: '*:environment.client_secret_4321',
type: ApiTokenType.BACKEND, type: ApiTokenType.CLIENT,
}); });
await stores.apiTokenStore.insert({ await stores.apiTokenStore.insert({
environment: '', environment: '',