satellite/{console,web}: support delete by ID and publicID

Update the delete API key by name and projectID to support project-ID and project-publicID. Issue: https://github.com/storj/storj/issues/5410 Change-Id: I3bd11b9c3ae1ad6ce662dfc18b42779d2e4edf9b
2023-01-05 09:17:16 +00:00 · 2023-01-05 09:17:16 +00:00 · 05c83a5539
commit 05c83a5539
parent 23b92da490
5 changed files with 72 additions and 26 deletions
--- a/satellite/console/consoleweb/consoleapi/apikeys.go
+++ b/satellite/console/consoleweb/consoleapi/apikeys.go
@ -34,6 +34,7 @@ func NewAPIKeys(log *zap.Logger, service *console.Service) *APIKeys {
 }

 // DeleteByNameAndProjectID deletes specific api key by it's name and project ID.
+// ID here may be project.publicID or project.ID.
 func (keys *APIKeys) DeleteByNameAndProjectID(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	var err error
@ -41,15 +42,28 @@ func (keys *APIKeys) DeleteByNameAndProjectID(w http.ResponseWriter, r *http.Req

 	name := r.URL.Query().Get("name")
 	projectIDString := r.URL.Query().Get("projectID")
+	publicIDString := r.URL.Query().Get("publicID")

 	if name == "" {
 		keys.serveJSONError(w, http.StatusBadRequest, err)
 		return
 	}

-	projectID, err := uuid.FromString(projectIDString)
-	if err != nil {
-		keys.serveJSONError(w, http.StatusBadRequest, err)
+	var projectID uuid.UUID
+	if projectIDString != "" {
+		projectID, err = uuid.FromString(projectIDString)
+		if err != nil {
+			keys.serveJSONError(w, http.StatusBadRequest, err)
+			return
+		}
+	} else if publicIDString != "" {
+		projectID, err = uuid.FromString(publicIDString)
+		if err != nil {
+			keys.serveJSONError(w, http.StatusBadRequest, err)
+			return
+		}
+	} else {
+		keys.serveJSONError(w, http.StatusBadRequest, errs.New("Project ID was not provided."))
 		return
 	}

--- a/satellite/console/consoleweb/consoleapi/apikeys_test.go
+++ b/satellite/console/consoleweb/consoleapi/apikeys_test.go
@ -54,18 +54,12 @@ func Test_DeleteAPIKeyByNameAndProjectID(t *testing.T) {
 			Secret:    secret,
 		}

-		created, err := sat.DB.Console().APIKeys().Create(ctx, key.Head(), apikey)
-		require.NoError(t, err)
-
 		// we are using full name as a password
 		tokenInfo, err := sat.API.Console.Service.Token(ctx, console.AuthUser{Email: user.Email, Password: user.FullName})
 		require.NoError(t, err)

 		client := http.Client{}

-		req, err := http.NewRequestWithContext(ctx, "DELETE", "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&projectID="+project.ID.String(), nil)
-		require.NoError(t, err)
-
 		expire := time.Now().AddDate(0, 0, 1)
 		cookie := http.Cookie{
 			Name:    "_tokenKey",
@ -74,19 +68,34 @@ func Test_DeleteAPIKeyByNameAndProjectID(t *testing.T) {
 			Expires: expire,
 		}

-		req.AddCookie(&cookie)
+		deleteTestFunc := func(request *http.Request) func(t *testing.T) {
+			return func(t *testing.T) {
+				created, err := sat.DB.Console().APIKeys().Create(ctx, key.Head(), apikey)
+				require.NoError(t, err)

-		result, err := client.Do(req)
+				request.AddCookie(&cookie)
+
+				result, err := client.Do(request)
+				require.NoError(t, err)
+				require.Equal(t, http.StatusOK, result.StatusCode)
+
+				keyAfterDelete, err := sat.DB.Console().APIKeys().Get(ctx, created.ID)
+				require.Error(t, err)
+				require.Nil(t, keyAfterDelete)
+
+				defer func() {
+					err = result.Body.Close()
+					require.NoError(t, err)
+				}()
+			}
+		}
+
+		req, err := http.NewRequestWithContext(ctx, "DELETE", "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&projectID="+project.ID.String(), nil)
 		require.NoError(t, err)
-		require.Equal(t, http.StatusOK, result.StatusCode)
+		t.Run("delete by name and projectID", deleteTestFunc(req))

-		keyAfterDelete, err := sat.DB.Console().APIKeys().Get(ctx, created.ID)
-		require.Error(t, err)
-		require.Nil(t, keyAfterDelete)
-
-		defer func() {
-			err = result.Body.Close()
-			require.NoError(t, err)
-		}()
+		req, err = http.NewRequestWithContext(ctx, "DELETE", "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&publicID="+project.PublicID.String(), nil)
+		require.NoError(t, err)
+		t.Run("delete by name and pubicID", deleteTestFunc(req))
 	})
 }
--- a/satellite/console/service.go
+++ b/satellite/console/service.go
@ -2249,6 +2249,7 @@ func (s *Service) DeleteAPIKeys(ctx context.Context, ids []uuid.UUID) (err error
 }

 // DeleteAPIKeyByNameAndProjectID deletes api key by name and project ID.
+// ID here may be project.publicID or project.ID.
 func (s *Service) DeleteAPIKeyByNameAndProjectID(ctx context.Context, name string, projectID uuid.UUID) (err error) {
 	defer mon.Task()(&ctx)(&err)

@ -2257,12 +2258,12 @@ func (s *Service) DeleteAPIKeyByNameAndProjectID(ctx context.Context, name strin
 		return Error.Wrap(err)
 	}

-	_, err = s.isProjectMember(ctx, user.ID, projectID)
+	isMember, err := s.isProjectMember(ctx, user.ID, projectID)
 	if err != nil {
 		return Error.Wrap(err)
 	}

-	key, err := s.store.APIKeys().GetByNameAndProjectID(ctx, name, projectID)
+	key, err := s.store.APIKeys().GetByNameAndProjectID(ctx, name, isMember.project.ID)
 	if err != nil {
 		return ErrNoAPIKey.New(apiKeyWithNameDoesntExistErrMsg)
 	}
@ -2802,11 +2803,17 @@ func (s *Service) isProjectOwner(ctx context.Context, userID uuid.UUID, projectI
 }

 // isProjectMember checks if the user is a member of given project.
+// projectID can be either private ID or public ID (project.ID/project.PublicID).
 func (s *Service) isProjectMember(ctx context.Context, userID uuid.UUID, projectID uuid.UUID) (_ isProjectMember, err error) {
 	defer mon.Task()(&ctx)(&err)
-	project, err := s.store.Projects().Get(ctx, projectID)
+	var project *Project
+	project, err = s.store.Projects().GetByPublicID(ctx, projectID)
 	if err != nil {
-		return isProjectMember{}, Error.Wrap(err)
+		tempError := err
+		project, err = s.store.Projects().Get(ctx, projectID)
+		if err != nil {
+			return isProjectMember{}, Error.Wrap(errs.Combine(tempError, err))
+		}
 	}

 	memberships, err := s.store.ProjectMembers().GetByMemberID(ctx, userID)
@ -2814,7 +2821,7 @@ func (s *Service) isProjectMember(ctx context.Context, userID uuid.UUID, project
 		return isProjectMember{}, Error.Wrap(err)
 	}

-	membership, ok := findMembershipByProjectID(memberships, projectID)
+	membership, ok := findMembershipByProjectID(memberships, project.ID)
 	if ok {
 		return isProjectMember{
 			project:    project,
--- a/satellite/console/service_test.go
+++ b/satellite/console/service_test.go
@ -325,6 +325,22 @@ func TestService(t *testing.T) {
 				info, err = sat.DB.Console().APIKeys().Get(ctx, createdKey.ID)
 				require.Error(t, err)
 				require.Nil(t, info)
+
+				// test deleting by project.publicID
+				createdKey, err = sat.DB.Console().APIKeys().Create(ctx, key.Head(), apikey)
+				require.NoError(t, err)
+
+				info, err = sat.DB.Console().APIKeys().Get(ctx, createdKey.ID)
+				require.NoError(t, err)
+				require.NotNil(t, info)
+
+				// deleting by project.publicID
+				err = service.DeleteAPIKeyByNameAndProjectID(userCtx2, apikey.Name, up2Pro1.PublicID)
+				require.NoError(t, err)
+
+				info, err = sat.DB.Console().APIKeys().Get(ctx, createdKey.ID)
+				require.Error(t, err)
+				require.Nil(t, info)
 			})
 		})
 }
--- a/web/satellite/src/api/accessGrants.ts
+++ b/web/satellite/src/api/accessGrants.ts
@ -137,7 +137,7 @@ export class AccessGrantsApiGql extends BaseGql implements AccessGrantsApi {
     * @throws Error
     */
    public async deleteByNameAndProjectID(name: string, projectID: string): Promise<void> {
-        const path = `${this.ROOT_PATH}/delete-by-name?name=${name}&projectID=${projectID}`;
+        const path = `${this.ROOT_PATH}/delete-by-name?name=${name}&publicID=${projectID}`;
        const response = await this.client.delete(path);

        if (response.ok || response.status === 204) {