Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-02-09 00:18:00 +01:00
Code Issues Projects Releases Wiki Activity

Fixes hangs when sending incorrect parameters to deleteProjectApiToken endpoint (#4579)

Browse Source 
## About the changes
Returns either 400 or 404 when token isn't found or doesn't match single
project must be provided projectId criteria

<!-- Does it close an issue? Multiple? -->
Closes #
Linear 2-1003

## Discussion points
<!-- Anything about the PR you'd like to discuss before it gets merged?
Got any questions or doubts? -->
Is projects.length > 1 a 400?
This commit is contained in:
David Leek 2023-08-28 13:53:32 +02:00 committed by GitHub
parent 873c00a566
commit 95be24996e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/lib/routes/admin-api/project/api-token.ts
View File

@ -130,7 +130,7 @@ export class ProjectApiTokenController extends Controller {
description: `This operation deletes the API token specified in the request URL. If the token doesn't exist, returns an OK response (status code 200).`, description: `This operation deletes the API token specified in the request URL. If the token doesn't exist, returns an OK response (status code 200).`,
responses: { responses: {
200: emptyResponse, 200: emptyResponse,
...getStandardResponses(401, 403), ...getStandardResponses(400, 401, 403, 404),
}, },
}), }),
], ],
@ -213,6 +213,10 @@ export class ProjectApiTokenController extends Controller {
await this.apiTokenService.delete(token, extractUsername(req)); await this.apiTokenService.delete(token, extractUsername(req));
await this.proxyService.deleteClientForProxyToken(token); await this.proxyService.deleteClientForProxyToken(token);
res.status(200).end(); res.status(200).end();
} else if (!storedToken) {
res.status(404).end();
} else {
res.status(400).end();
} }
} }

33
src/test/e2e/api/admin/project/project.api.tokens.e2e.test.ts
View File

@ -113,3 +113,36 @@ test('Deletes existing tokens', async () => {
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.expect(200); .expect(200);
}); });
test('Returns Not Found when deleting non-existing tokens', async () => {
const tokenSecret = 'random-secret';
return app.request
.delete(`/api/admin/projects/default/api-tokens/${tokenSecret}`)
.set('Content-Type', 'application/json')
.expect(404);
});
test('Returns Bad Request when deleting tokens with more than one project', async () => {
const tokenSecret = 'random-secret';
await db.stores.projectStore.create({
id: 'other',
name: 'other',
description: 'other',
mode: 'open',
});
await db.stores.apiTokenStore.insert({
tokenName: 'test',
secret: tokenSecret,
type: ApiTokenType.CLIENT,
environment: 'default',
projects: ['default', 'other'],
});
return app.request
.delete(`/api/admin/projects/default/api-tokens/${tokenSecret}`)
.set('Content-Type', 'application/json')
.expect(400);
});