mirror of
https://github.com/Unleash/unleash.git
synced 2025-03-18 00:19:49 +01:00
chore: return 404 when projectid not found (#4581)
## About the changes Returns Not Found on create and get project api tokens when given a project id that doesn't exist ## Discussion points - This is an extra lookup per execution of the endpoint
This commit is contained in:
parent
ae18c3d6c1
commit
ff346adb94
@ -24,6 +24,7 @@ import {
|
||||
AccessService,
|
||||
ApiTokenService,
|
||||
OpenApiService,
|
||||
ProjectService,
|
||||
ProxyService,
|
||||
} from '../../../services';
|
||||
import { extractUsername } from '../../../util';
|
||||
@ -51,6 +52,8 @@ export class ProjectApiTokenController extends Controller {
|
||||
|
||||
private openApiService: OpenApiService;
|
||||
|
||||
private projectService: ProjectService;
|
||||
|
||||
private logger: Logger;
|
||||
|
||||
constructor(
|
||||
@ -60,12 +63,14 @@ export class ProjectApiTokenController extends Controller {
|
||||
accessService,
|
||||
proxyService,
|
||||
openApiService,
|
||||
projectService,
|
||||
}: Pick<
|
||||
IUnleashServices,
|
||||
| 'apiTokenService'
|
||||
| 'accessService'
|
||||
| 'proxyService'
|
||||
| 'openApiService'
|
||||
| 'projectService'
|
||||
>,
|
||||
) {
|
||||
super(config);
|
||||
@ -73,6 +78,7 @@ export class ProjectApiTokenController extends Controller {
|
||||
this.accessService = accessService;
|
||||
this.proxyService = proxyService;
|
||||
this.openApiService = openApiService;
|
||||
this.projectService = projectService;
|
||||
this.logger = config.getLogger('project-api-token-controller.js');
|
||||
|
||||
this.route({
|
||||
@ -110,7 +116,7 @@ export class ProjectApiTokenController extends Controller {
|
||||
'Endpoint that allows creation of [project API tokens](https://docs.getunleash.io/reference/api-tokens-and-client-keys#api-token-visibility) for the specified project.',
|
||||
responses: {
|
||||
201: resourceCreatedResponseSchema('apiTokenSchema'),
|
||||
...getStandardResponses(400, 401, 403),
|
||||
...getStandardResponses(400, 401, 403, 404),
|
||||
},
|
||||
}),
|
||||
],
|
||||
@ -143,6 +149,8 @@ export class ProjectApiTokenController extends Controller {
|
||||
): Promise<void> {
|
||||
const { user } = req;
|
||||
const { projectId } = req.params;
|
||||
await this.projectService.getProject(projectId); // Validates that the project exists
|
||||
|
||||
const projectTokens = await this.accessibleTokens(user, projectId);
|
||||
this.openApiService.respondWithValidation(
|
||||
200,
|
||||
@ -158,6 +166,8 @@ export class ProjectApiTokenController extends Controller {
|
||||
): Promise<any> {
|
||||
const createToken = await createApiToken.validateAsync(req.body);
|
||||
const { projectId } = req.params;
|
||||
await this.projectService.getProject(projectId); // Validates that the project exists
|
||||
|
||||
const permissionRequired = CREATE_PROJECT_API_TOKEN;
|
||||
const hasPermission = await this.accessService.hasPermission(
|
||||
req.user,
|
||||
|
@ -38,6 +38,7 @@ test('Returns empty list of tokens', async () => {
|
||||
expect(res.body.tokens.length).toBe(0);
|
||||
});
|
||||
});
|
||||
|
||||
test('Returns list of tokens', async () => {
|
||||
const tokenSecret = 'random-secret';
|
||||
|
||||
@ -62,9 +63,9 @@ test('Returns 404 when given non-existant projectId', async () => {
|
||||
return app.request
|
||||
.get('/api/admin/projects/wrong/api-tokens')
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
.expect(404)
|
||||
.expect((res) => {
|
||||
expect(res.body.tokens.length).toBe(0);
|
||||
expect(res.body.tokens).toBe(undefined);
|
||||
});
|
||||
});
|
||||
|
||||
@ -78,7 +79,7 @@ test('fails to create new client token when given wrong project', async () => {
|
||||
environment: 'default',
|
||||
})
|
||||
.set('Content-Type', 'application/json')
|
||||
.expect(400);
|
||||
.expect(404);
|
||||
});
|
||||
|
||||
test('creates new client token', async () => {
|
||||
|
Loading…
Reference in New Issue
Block a user