josh/automatisch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Implement api token removal API endpoint

Browse Source
This commit is contained in:
Faruk AYDIN
2025-04-11 14:07:26 +02:00
parent 4a08ee49da
commit 79d6f66c4e
3 changed files with 65 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
packages/backend/src/controllers/api/v1/admin/api-tokens/delete-api-token.ee.js Normal file
View File

@@ -0,0 +1,11 @@
import ApiToken from '../../../../../models/api-token.ee.js';
export default async (request, response) => {
const apiToken = await ApiToken.query()
.findById(request.params.id)
.throwIfNotFound();
await apiToken.$query().delete();
response.status(204).end();
};

45
packages/backend/src/controllers/api/v1/admin/api-tokens/delete-api-token.ee.test.js Normal file
View File

@@ -0,0 +1,45 @@
import Crypto from 'node:crypto';
import { vi, describe, it, expect, beforeEach } from 'vitest';
import request from 'supertest';
import app from '../../../../../app.js';
import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
import { createRole } from '../../../../../../test/factories/role.js';
import { createApiToken } from '../../../../../../test/factories/api-token.js';
import { createUser } from '../../../../../../test/factories/user.js';
import * as license from '../../../../../helpers/license.ee.js';
describe('DELETE /api/v1/admin/api-tokens/:id', () => {
let adminRole, currentUser, token;
beforeEach(async () => {
vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
adminRole = await createRole({ name: 'Admin' });
currentUser = await createUser({ roleId: adminRole.id });
token = await createAuthTokenByUserId(currentUser.id);
});
it('should delete the api token and return HTTP 204', async () => {
const apiToken = await createApiToken();
await request(app)
.delete(`/api/v1/admin/api-tokens/${apiToken.id}`)
.set('Authorization', token)
.expect(204);
const refetchedApiToken = await apiToken.$query();
expect(refetchedApiToken).toBeUndefined();
});
it('should return HTTP 404 for not existing api token id', async () => {
const notExistingApiTokenId = Crypto.randomUUID();
await request(app)
.delete(`/api/v1/admin/api-tokens/${notExistingApiTokenId}`)
.set('Authorization', token)
.expect(404);
});
});

9
packages/backend/src/routes/api/v1/admin/api-tokens.ee.js
View File

@@ -4,6 +4,7 @@ import { authorizeAdmin } from '../../../../helpers/authorization.js';
import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js'; import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js';
import createApiTokenAction from '../../../../controllers/api/v1/admin/api-tokens/create-api-token.ee.js'; import createApiTokenAction from '../../../../controllers/api/v1/admin/api-tokens/create-api-token.ee.js';
import getApiTokensAction from '../../../../controllers/api/v1/admin/api-tokens/get-api-tokens.ee.js'; import getApiTokensAction from '../../../../controllers/api/v1/admin/api-tokens/get-api-tokens.ee.js';
import deleteApiTokenAction from '../../../../controllers/api/v1/admin/api-tokens/delete-api-token.ee.js';
const router = Router(); const router = Router();
@@ -23,4 +24,12 @@ router.get(
getApiTokensAction getApiTokensAction
); );
router.delete(
'/:id',
authenticateUser,
authorizeAdmin,
checkIsEnterprise,
deleteApiTokenAction
);
export default router; export default router;