mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
dc9ec7dc91
* Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
80 lines
1.9 KiB
Go
80 lines
1.9 KiB
Go
package api
|
|
|
|
import (
|
|
"github.com/grafana/grafana/pkg/api/dtos"
|
|
"github.com/grafana/grafana/pkg/bus"
|
|
"github.com/grafana/grafana/pkg/components/apikeygen"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"time"
|
|
)
|
|
|
|
func GetAPIKeys(c *models.ReqContext) Response {
|
|
query := models.GetApiKeysQuery{OrgId: c.OrgId}
|
|
|
|
if err := bus.Dispatch(&query); err != nil {
|
|
return Error(500, "Failed to list api keys", err)
|
|
}
|
|
|
|
result := make([]*models.ApiKeyDTO, len(query.Result))
|
|
for i, t := range query.Result {
|
|
var expiration *time.Time = nil
|
|
if t.Expires != nil {
|
|
v := time.Unix(*t.Expires, 0)
|
|
expiration = &v
|
|
}
|
|
result[i] = &models.ApiKeyDTO{
|
|
Id: t.Id,
|
|
Name: t.Name,
|
|
Role: t.Role,
|
|
Expiration: expiration,
|
|
}
|
|
}
|
|
|
|
return JSON(200, result)
|
|
}
|
|
|
|
func DeleteAPIKey(c *models.ReqContext) Response {
|
|
id := c.ParamsInt64(":id")
|
|
|
|
cmd := &models.DeleteApiKeyCommand{Id: id, OrgId: c.OrgId}
|
|
|
|
err := bus.Dispatch(cmd)
|
|
if err != nil {
|
|
return Error(500, "Failed to delete API key", err)
|
|
}
|
|
|
|
return Success("API key deleted")
|
|
}
|
|
|
|
func (hs *HTTPServer) AddAPIKey(c *models.ReqContext, cmd models.AddApiKeyCommand) Response {
|
|
if !cmd.Role.IsValid() {
|
|
return Error(400, "Invalid role specified", nil)
|
|
}
|
|
|
|
if hs.Cfg.ApiKeyMaxSecondsToLive != -1 {
|
|
if cmd.SecondsToLive == 0 {
|
|
return Error(400, "Number of seconds before expiration should be set", nil)
|
|
}
|
|
if cmd.SecondsToLive > hs.Cfg.ApiKeyMaxSecondsToLive {
|
|
return Error(400, "Number of seconds before expiration is greater than the global limit", nil)
|
|
}
|
|
}
|
|
cmd.OrgId = c.OrgId
|
|
|
|
newKeyInfo := apikeygen.New(cmd.OrgId, cmd.Name)
|
|
cmd.Key = newKeyInfo.HashedKey
|
|
|
|
if err := bus.Dispatch(&cmd); err != nil {
|
|
if err == models.ErrInvalidApiKeyExpiration {
|
|
return Error(400, err.Error(), nil)
|
|
}
|
|
return Error(500, "Failed to add API key", err)
|
|
}
|
|
|
|
result := &dtos.NewApiKeyResult{
|
|
Name: cmd.Result.Name,
|
|
Key: newKeyInfo.ClientSecret}
|
|
|
|
return JSON(200, result)
|
|
}
|