FEATURE: Overhaul of admin API key system (#8284)

- Allow revoking keys without deleting them - Auto-revoke keys after a period of no use (default 6 months) - Allow multiple keys per user - Allow attaching a description to each key, for easier auditing - Log changes to keys in the staff action log - Move all key management to one place, and improve the UI
2025-02-25 18:55:32 -06:00 · 2019-11-05 14:10:23 +00:00
parent fa2c06da93
commit 52c5cf33f8
46 changed files with 863 additions and 395 deletions
--- a/test/javascripts/admin/models/admin-user-test.js.es6
+++ b/test/javascripts/admin/models/admin-user-test.js.es6
@@ -1,30 +0,0 @@
-import AdminUser from "admin/models/admin-user";
-import ApiKey from "admin/models/api-key";
-
-QUnit.module("model:admin-user");
-
-QUnit.test("generate key", function(assert) {
-  assert.expect(2);
-
-  var adminUser = AdminUser.create({ id: 333 });
-  assert.ok(!adminUser.get("api_key"), "it has no api key by default");
-  return adminUser.generateApiKey().then(function() {
-    assert.present(adminUser.get("api_key"), "it has an api_key now");
-  });
-});
-
-QUnit.test("revoke key", function(assert) {
-  assert.expect(2);
-
-  var apiKey = ApiKey.create({ id: 1234, key: "asdfasdf" }),
-    adminUser = AdminUser.create({ id: 333, api_key: apiKey });
-
-  assert.equal(
-    adminUser.get("api_key"),
-    apiKey,
-    "it has the api key in the beginning"
-  );
-  return adminUser.revokeApiKey().then(function() {
-    assert.blank(adminUser.get("api_key"), "it cleared the api_key");
-  });
-});
--- a/test/javascripts/helpers/create-pretender.js.es6
+++ b/test/javascripts/helpers/create-pretender.js.es6
@@ -611,8 +611,6 @@ export default function() {
      });
    });

-    this.post("/admin/users/:user_id/generate_api_key", success);
-    this.delete("/admin/users/:user_id/revoke_api_key", success);
    this.delete("/admin/users/:user_id.json", () =>
      response(200, { deleted: true })
    );