Skip to content

feat: add flag to see all tokens if owner #6227

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 16 commits into from
Feb 23, 2023
Merged

feat: add flag to see all tokens if owner #6227

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
321252b
added query for tokens by user id
Kira-Pilot Feb 15, 2023
5971367
updated query args
Kira-Pilot Feb 15, 2023
b881ff9
adding owner col
Kira-Pilot Feb 15, 2023
2085d14
fix request params
Kira-Pilot Feb 16, 2023
b3c926b
update-golden-files
Kira-Pilot Feb 16, 2023
3e0757f
added owners col to ls table output
Kira-Pilot Feb 16, 2023
c8c4821
added ttoken translations
Kira-Pilot Feb 17, 2023
1407c87
prettier
Kira-Pilot Feb 17, 2023
43c5301
format table according to arg
Kira-Pilot Feb 20, 2023
23d6eeb
Merge remote-tracking branch 'origin/main' into tokens-ls-all/kira-pilot
Kira-Pilot Feb 20, 2023
b95428d
using slice.Contains
Kira-Pilot Feb 20, 2023
0e81ac9
refactored token state
Kira-Pilot Feb 21, 2023
c22b8a7
cleanup
Kira-Pilot Feb 21, 2023
3f888e9
Merge remote-tracking branch 'origin/main' into tokens-ls-all/kira-pilot
Kira-Pilot Feb 21, 2023
a4f84e3
Merge remote-tracking branch 'origin/main' into tokens-ls-all/kira-pilot
Kira-Pilot Feb 22, 2023
dc106d7
merge conflict
Kira-Pilot Feb 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
updated query args
  • Loading branch information
@Kira-Pilot
Kira-Pilot committed Feb 15, 2023
commit 5971367bfad1d8039a045eaae00a638c2eec4bff
1 change: 1 addition & 0 deletions cli/testdata/coder_tokens_list_--help.golden
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ Flags:
expires at, created at (default [id,last used,expires at,created at])
-h, --help help for list
-o, --output string Output format. Available formats: table, json (default "table")
-a, --all Specifies whether all users' tokens will be listed or not (must have Owner role to see all tokens)

Global Flags:
--global-config coder Path to the global coder config directory.
Expand Down
18 changes: 13 additions & 5 deletions cli/tokens.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,12 @@ func createToken() *cobra.Command {
}

func listTokens() *cobra.Command {
formatter := cliui.NewOutputFormatter(
cliui.TableFormat([]codersdk.APIKey{}, nil),
cliui.JSONFormat(),
var (
all bool
formatter = cliui.NewOutputFormatter(
cliui.TableFormat([]codersdk.APIKey{}, nil),
cliui.JSONFormat(),
)
)

cmd := &cobra.Command{
Expand All @@ -101,9 +104,11 @@ func listTokens() *cobra.Command {
return xerrors.Errorf("create codersdk client: %w", err)
}

keys, err := client.Tokens(cmd.Context(), codersdk.Me)
keys, err := client.Tokens(cmd.Context(), codersdk.Me, codersdk.GetTokensRequest{
All: all,
})
if err != nil {
return xerrors.Errorf("create tokens: %w", err)
return xerrors.Errorf("list tokens: %w", err)
}

if len(keys) == 0 {
Expand All @@ -122,6 +127,9 @@ func listTokens() *cobra.Command {
},
}

cmd.Flags().BoolVarP(&all, "all", "a", false,
"Specifies whether all users' tokens will be listed or not (must have Owner role to see all tokens).")

formatter.AttachFlags(cmd)
return cmd
}
Expand Down
38 changes: 31 additions & 7 deletions coderd/apikey.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,18 +178,42 @@ func (api *API) apiKey(rw http.ResponseWriter, r *http.Request) {
// @Router /users/{user}/keys/tokens [get]
func (api *API) tokens(rw http.ResponseWriter, r *http.Request) {
var (
ctx = r.Context()
ctx = r.Context()
user = httpmw.UserParam(r)
)

keys, err := api.Database.GetAPIKeysByLoginType(ctx, database.LoginTypeToken)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Message: "Internal error fetching API keys.",
Detail: err.Error(),
})
var getTokens codersdk.GetTokensRequest
if !httpapi.Read(ctx, rw, r, &getTokens) {
return
}

var (
keys []database.APIKey
err error
)

if !getTokens.All {
// get user's tokens only
keys, err = api.Database.GetAPIKeysByUserID(ctx, database.GetAPIKeysByUserIDParams{LoginType: database.LoginTypeToken, UserID: user.ID})
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Message: "Internal error fetching API keys.",
Detail: err.Error(),
})
return
}
} else {
// get the tokens for all users
keys, err = api.Database.GetAPIKeysByLoginType(ctx, database.LoginTypeToken)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Message: "Internal error fetching API keys.",
Detail: err.Error(),
})
return
}
}

keys, err = AuthorizeFilter(api.HTTPAuth, r, rbac.ActionRead, keys)
if err != nil {
httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
Expand Down
10 changes: 5 additions & 5 deletions coderd/apikey_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,15 @@ func TestTokenCRUD(t *testing.T) {
defer cancel()
client := coderdtest.New(t, nil)
_ = coderdtest.CreateFirstUser(t, client)
keys, err := client.Tokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me, codersdk.GetTokensRequest{})
require.NoError(t, err)
require.Empty(t, keys)

res, err := client.CreateToken(ctx, codersdk.Me, codersdk.CreateTokenRequest{})
require.NoError(t, err)
require.Greater(t, len(res.Key), 2)

keys, err = client.Tokens(ctx, codersdk.Me)
keys, err = client.Tokens(ctx, codersdk.Me, codersdk.GetTokensRequest{})
require.NoError(t, err)
require.EqualValues(t, len(keys), 1)
require.Contains(t, res.Key, keys[0].ID)
Expand All @@ -45,7 +45,7 @@ func TestTokenCRUD(t *testing.T) {

err = client.DeleteAPIKey(ctx, codersdk.Me, keys[0].ID)
require.NoError(t, err)
keys, err = client.Tokens(ctx, codersdk.Me)
keys, err = client.Tokens(ctx, codersdk.Me, codersdk.GetTokensRequest{})
require.NoError(t, err)
require.Empty(t, keys)
}
Expand All @@ -64,7 +64,7 @@ func TestTokenScoped(t *testing.T) {
require.NoError(t, err)
require.Greater(t, len(res.Key), 2)

keys, err := client.Tokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me, codersdk.GetTokensRequest{})
require.NoError(t, err)
require.EqualValues(t, len(keys), 1)
require.Contains(t, res.Key, keys[0].ID)
Expand All @@ -83,7 +83,7 @@ func TestTokenDuration(t *testing.T) {
Lifetime: time.Hour * 24 * 7,
})
require.NoError(t, err)
keys, err := client.Tokens(ctx, codersdk.Me)
keys, err := client.Tokens(ctx, codersdk.Me, codersdk.GetTokensRequest{})
require.NoError(t, err)
require.Greater(t, keys[0].ExpiresAt, time.Now().Add(time.Hour*6*24))
require.Less(t, keys[0].ExpiresAt, time.Now().Add(time.Hour*8*24))
Expand Down
4 changes: 3 additions & 1 deletion coderd/coderdtest/authorize.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -347,7 +347,9 @@ func NewAuthTester(ctx context.Context, t *testing.T, client *codersdk.Client, a
})
require.NoError(t, err, "create token")

apiKeys, err := client.Tokens(ctx, admin.UserID.String())
apiKeys, err := client.Tokens(ctx, admin.UserID.String(), codersdk.GetTokensRequest{
All: true,
})
require.NoError(t, err, "get tokens")
apiKey := apiKeys[0]

Expand Down
4 changes: 2 additions & 2 deletions coderd/database/dbauthz/querier.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,8 @@ func (q *querier) GetAPIKeysByLoginType(ctx context.Context, loginType database.
return fetchWithPostFilter(q.auth, q.db.GetAPIKeysByLoginType)(ctx, loginType)
}

func (q *querier) GetTokensByUserID(ctx context.Context, userID uuid.UUID) ([]database.APIKey, error) {
return fetchWithPostFilter(q.auth, q.db.GetTokensByUserID)(ctx, userID)
func (q *querier) GetAPIKeysByUserID(ctx context.Context, params database.GetAPIKeysByUserIDParams) ([]database.APIKey, error) {
return fetchWithPostFilter(q.auth, q.db.GetAPIKeysByUserID)(ctx, database.GetAPIKeysByUserIDParams{LoginType: params.LoginType, UserID: params.UserID})
}

func (q *querier) GetAPIKeysLastUsedAfter(ctx context.Context, lastUsed time.Time) ([]database.APIKey, error) {
Expand Down
12 changes: 6 additions & 6 deletions coderd/database/dbauthz/querier_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,15 @@ func (s *MethodTestSuite) TestAPIKey() {
Asserts(a, rbac.ActionRead, b, rbac.ActionRead).
Returns(slice.New(a, b))
}))
s.Run("GetTokensByUserID", s.Subtest(func(db database.Store, check *expects) {
idA := uuid.New()
s.Run("GetAPIKeysByUserID", s.Subtest(func(db database.Store, check *expects) {
idAB := uuid.New()
idC := uuid.New()

keyA, _ := dbgen.APIKey(s.T(), db, database.APIKey{UserID: idA})
keyB, _ := dbgen.APIKey(s.T(), db, database.APIKey{UserID: idA})
_, _ = dbgen.APIKey(s.T(), db, database.APIKey{UserID: idC})
keyA, _ := dbgen.APIKey(s.T(), db, database.APIKey{UserID: idAB, LoginType: database.LoginTypeToken})
keyB, _ := dbgen.APIKey(s.T(), db, database.APIKey{UserID: idAB, LoginType: database.LoginTypeToken})
_, _ = dbgen.APIKey(s.T(), db, database.APIKey{UserID: idC, LoginType: database.LoginTypeToken})

check.Args(idA).
check.Args(database.GetAPIKeysByUserIDParams{LoginType: database.LoginTypeToken, UserID: idAB}).
Asserts(keyA, rbac.ActionRead, keyB, rbac.ActionRead).
Returns(slice.New(keyA, keyB))
}))
Expand Down
4 changes: 2 additions & 2 deletions coderd/database/dbfake/databasefake.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,13 +483,13 @@ func (q *fakeQuerier) GetAPIKeysByLoginType(_ context.Context, t database.LoginT
return apiKeys, nil
}

func (q *fakeQuerier) GetTokensByUserID(_ context.Context, userID uuid.UUID) ([]database.APIKey, error) {
func (q *fakeQuerier) GetAPIKeysByUserID(_ context.Context, params database.GetAPIKeysByUserIDParams) ([]database.APIKey, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()

apiKeys := make([]database.APIKey, 0)
for _, key := range q.apiKeys {
if key.UserID == userID {
if key.UserID == params.UserID && key.LoginType == params.LoginType {
apiKeys = append(apiKeys, key)
}
}
Expand Down
2 changes: 1 addition & 1 deletion coderd/database/querier.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 13 additions & 8 deletions coderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions coderd/database/queries/apikeys.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ SELECT * FROM api_keys WHERE last_used > $1;
-- name: GetAPIKeysByLoginType :many
SELECT * FROM api_keys WHERE login_type = $1;

-- name: GetTokensByUserID :many
SELECT * FROM api_keys WHERE login_type='token' AND user_id = $1;
-- name: GetAPIKeysByUserID :many
SELECT * FROM api_keys WHERE login_type = $1 AND user_id = $2;

-- name: InsertAPIKey :one
INSERT INTO
Expand Down
8 changes: 6 additions & 2 deletions codersdk/apikey.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,13 @@ func (c *Client) CreateAPIKey(ctx context.Context, user string) (GenerateAPIKeyR
return apiKey, json.NewDecoder(res.Body).Decode(&apiKey)
}

type GetTokensRequest struct {
All bool `json:"all"`
}

// Tokens list machine API keys.
func (c *Client) Tokens(ctx context.Context, userID string) ([]APIKey, error) {
res, err := c.Request(ctx, http.MethodGet, fmt.Sprintf("/api/v2/users/%s/keys/tokens", userID), nil)
func (c *Client) Tokens(ctx context.Context, userID string, req GetTokensRequest) ([]APIKey, error) {
res, err := c.Request(ctx, http.MethodGet, fmt.Sprintf("/api/v2/users/%s/keys/tokens", userID), req)
if err != nil {
return nil, err
}
Expand Down
5 changes: 5 additions & 0 deletions site/src/api/typesGenerated.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -379,6 +379,11 @@ export interface GenerateAPIKeyResponse {
readonly key: string
}

// From codersdk/apikey.go
export interface GetTokensRequest {
readonly all: boolean
}

// From codersdk/users.go
export interface GetUsersResponse {
readonly users: User[]
Expand Down