satellite/console: add delete api keys http endpoint

This change adds an endpoint to delete API keys, similar to GraphQL mutation. Issue: https://github.com/storj/storj/issues/6140 Change-Id: Ia4a808222a057a199d803d8ea6b944c411a4dc8d
2023-08-07 17:27:10 +03:00 · 2023-08-07 17:27:10 +03:00 · 6c3300c522
commit 6c3300c522
parent 5345eadffa
3 changed files with 59 additions and 0 deletions
--- a/satellite/console/consoleweb/consoleapi/apikeys.go
+++ b/satellite/console/consoleweb/consoleapi/apikeys.go
@ -217,6 +217,45 @@ func (keys *APIKeys) GetAllAPIKeyNames(w http.ResponseWriter, r *http.Request) {
 	}
 }

+// DeleteByIDs deletes API keys by given IDs.
+func (keys *APIKeys) DeleteByIDs(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	var err error
+	defer mon.Task()(&ctx)(&err)
+
+	var data struct {
+		IDs []string `json:"ids"`
+	}
+
+	err = json.NewDecoder(r.Body).Decode(&data)
+	if err != nil {
+		keys.serveJSONError(ctx, w, http.StatusBadRequest, err)
+		return
+	}
+
+	var keyIDs []uuid.UUID
+	for _, id := range data.IDs {
+		keyID, err := uuid.FromString(id)
+		if err != nil {
+			keys.serveJSONError(ctx, w, http.StatusBadRequest, err)
+			return
+		}
+
+		keyIDs = append(keyIDs, keyID)
+	}
+
+	err = keys.service.DeleteAPIKeys(ctx, keyIDs)
+	if err != nil {
+		if console.ErrUnauthorized.Has(err) {
+			keys.serveJSONError(ctx, w, http.StatusUnauthorized, err)
+			return
+		}
+
+		keys.serveJSONError(ctx, w, http.StatusInternalServerError, err)
+		return
+	}
+}
+
 // DeleteByNameAndProjectID deletes specific API key by it's name and project ID.
 // ID here may be project.publicID or project.ID.
 func (keys *APIKeys) DeleteByNameAndProjectID(w http.ResponseWriter, r *http.Request) {
--- a/satellite/console/consoleweb/endpoints_test.go
+++ b/satellite/console/consoleweb/endpoints_test.go
@ -463,6 +463,25 @@ func TestAPIKeys(t *testing.T) {
 			require.Contains(t, body, "keyInfo")
 			require.NotNil(t, response.KeyInfo)
 		}
+
+		{ // Delete_APIKeys_By_IDs
+			var response *console.CreateAPIKeyResponse
+			path := "/api-keys/create/" + test.defaultProjectID()
+			resp, body := test.request(http.MethodPost, path,
+				test.toJSON(map[string]interface{}{
+					"name": "testCreatedKey1",
+				}))
+			require.Equal(t, http.StatusOK, resp.StatusCode)
+			require.NoError(t, json.Unmarshal([]byte(body), &response))
+
+			path = "/api-keys/delete-by-ids"
+			resp, body = test.request(http.MethodDelete, path,
+				test.toJSON(map[string]interface{}{
+					"ids": []string{response.KeyInfo.ID.String()},
+				}))
+			require.Equal(t, http.StatusOK, resp.StatusCode)
+			require.Empty(t, body)
+		}
 	})
 }

--- a/satellite/console/consoleweb/server.go
+++ b/satellite/console/consoleweb/server.go
@ -358,6 +358,7 @@ func NewServer(logger *zap.Logger, config Config, service *console.Service, oidc
 	apiKeysRouter.HandleFunc("/create/{projectID}", apiKeysController.CreateAPIKey).Methods(http.MethodPost, http.MethodOptions)
 	apiKeysRouter.HandleFunc("/list-paged", apiKeysController.GetProjectAPIKeys).Methods(http.MethodGet, http.MethodOptions)
 	apiKeysRouter.HandleFunc("/delete-by-name", apiKeysController.DeleteByNameAndProjectID).Methods(http.MethodDelete, http.MethodOptions)
+	apiKeysRouter.HandleFunc("/delete-by-ids", apiKeysController.DeleteByIDs).Methods(http.MethodDelete, http.MethodOptions)
 	apiKeysRouter.HandleFunc("/api-key-names", apiKeysController.GetAllAPIKeyNames).Methods(http.MethodGet, http.MethodOptions)

 	analyticsController := consoleapi.NewAnalytics(logger, service, server.analytics)