satellite/{console, db}: endpoint to get all API key names by project ID

Added new endpoint, service method and DB query to get all API key names by provided project ID. Issue: https://github.com/storj/storj/issues/5693 Change-Id: I62e4e8ae660bd81234b75aa159a472a5aa9d5a48
2023-06-12 15:42:49 +03:00 · 2023-06-12 15:42:49 +03:00 · cc085553c2
commit cc085553c2
parent 00d233bca5
7 changed files with 251 additions and 3 deletions
--- a/satellite/console/apikeys.go
+++ b/satellite/console/apikeys.go
@ -22,6 +22,8 @@ type APIKeys interface {
 	GetByHead(ctx context.Context, head []byte) (*APIKeyInfo, error)
 	// GetByNameAndProjectID retrieves APIKeyInfo for given key name and projectID
 	GetByNameAndProjectID(ctx context.Context, name string, projectID uuid.UUID) (*APIKeyInfo, error)
+	// GetAllNamesByProjectID retrieves all API key names for given projectID
+	GetAllNamesByProjectID(ctx context.Context, projectID uuid.UUID) ([]string, error)
 	// Create creates and stores new APIKeyInfo
 	Create(ctx context.Context, head []byte, info APIKeyInfo) (*APIKeyInfo, error)
 	// Update updates APIKeyInfo in store
--- a/satellite/console/apikeys_test.go
+++ b/satellite/console/apikeys_test.go
@ -160,5 +160,55 @@ func TestApiKeysRepository(t *testing.T) {
 			assert.Error(t, err)
 		})

+		t.Run("GetAllNamesByProjectID success", func(t *testing.T) {
+			project, err = projects.Insert(ctx, &console.Project{
+				Name:        "ProjectName1",
+				Description: "projects description",
+			})
+			assert.NotNil(t, project)
+			assert.NoError(t, err)
+
+			names, err := apikeys.GetAllNamesByProjectID(ctx, project.ID)
+			assert.NoError(t, err)
+			assert.Equal(t, 0, len(names))
+
+			secret, err := macaroon.NewSecret()
+			assert.NoError(t, err)
+
+			key, err := macaroon.NewAPIKey(secret)
+			assert.NoError(t, err)
+
+			key1, err := macaroon.NewAPIKey(secret)
+			assert.NoError(t, err)
+
+			keyInfo := console.APIKeyInfo{
+				Name:      "awesomeKey",
+				ProjectID: project.ID,
+				Secret:    secret,
+				UserAgent: userAgent,
+			}
+
+			keyInfo1 := console.APIKeyInfo{
+				Name:      "awesomeKey1",
+				ProjectID: project.ID,
+				Secret:    secret,
+				UserAgent: userAgent,
+			}
+
+			createdKey, err := apikeys.Create(ctx, key.Head(), keyInfo)
+			assert.NoError(t, err)
+			assert.NotNil(t, createdKey)
+
+			createdKey1, err := apikeys.Create(ctx, key1.Head(), keyInfo1)
+			assert.NoError(t, err)
+			assert.NotNil(t, createdKey1)
+
+			names, err = apikeys.GetAllNamesByProjectID(ctx, project.ID)
+			assert.NoError(t, err)
+			assert.NotNil(t, names)
+			assert.Equal(t, 2, len(names))
+			assert.Equal(t, keyInfo.Name, names[0])
+			assert.Equal(t, keyInfo1.Name, names[1])
+		})
 	})
 }
--- a/satellite/console/consoleweb/consoleapi/apikeys.go
+++ b/satellite/console/consoleweb/consoleapi/apikeys.go
@ -4,6 +4,7 @@
 package consoleapi

 import (
+	"encoding/json"
 	"net/http"

 	"github.com/zeebo/errs"
@ -33,6 +34,41 @@ func NewAPIKeys(log *zap.Logger, service *console.Service) *APIKeys {
 	}
 }

+// GetAllAPIKeyNames returns all api key names by project ID.
+func (keys *APIKeys) GetAllAPIKeyNames(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	var err error
+	defer mon.Task()(&ctx)(&err)
+
+	projectIDString := r.URL.Query().Get("projectID")
+	if projectIDString == "" {
+		keys.serveJSONError(w, http.StatusBadRequest, errs.New("Project ID was not provided."))
+		return
+	}
+
+	projectID, err := uuid.FromString(projectIDString)
+	if err != nil {
+		keys.serveJSONError(w, http.StatusBadRequest, err)
+		return
+	}
+
+	apiKeyNames, err := keys.service.GetAllAPIKeyNamesByProjectID(ctx, projectID)
+	if err != nil {
+		if console.ErrUnauthorized.Has(err) {
+			keys.serveJSONError(w, http.StatusUnauthorized, err)
+			return
+		}
+
+		keys.serveJSONError(w, http.StatusInternalServerError, err)
+		return
+	}
+
+	err = json.NewEncoder(w).Encode(apiKeyNames)
+	if err != nil {
+		keys.log.Error("failed to write json all api key names response", zap.Error(ErrAPIKeysAPI.Wrap(err)))
+	}
+}
+
 // DeleteByNameAndProjectID deletes specific api key by it's name and project ID.
 // ID here may be project.publicID or project.ID.
 func (keys *APIKeys) DeleteByNameAndProjectID(w http.ResponseWriter, r *http.Request) {
--- a/satellite/console/consoleweb/consoleapi/apikeys_test.go
+++ b/satellite/console/consoleweb/consoleapi/apikeys_test.go
@ -4,6 +4,8 @@
 package consoleapi_test

 import (
+	"encoding/json"
+	"io"
 	"net/http"
 	"testing"
 	"time"
@ -90,12 +92,108 @@ func Test_DeleteAPIKeyByNameAndProjectID(t *testing.T) {
 			}
 		}

-		req, err := http.NewRequestWithContext(ctx, "DELETE", "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&projectID="+project.ID.String(), nil)
+		req, err := http.NewRequestWithContext(ctx, http.MethodDelete, "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&projectID="+project.ID.String(), nil)
 		require.NoError(t, err)
 		t.Run("delete by name and projectID", deleteTestFunc(req))

-		req, err = http.NewRequestWithContext(ctx, "DELETE", "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&publicID="+project.PublicID.String(), nil)
+		req, err = http.NewRequestWithContext(ctx, http.MethodDelete, "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/delete-by-name?name="+apikey.Name+"&publicID="+project.PublicID.String(), nil)
 		require.NoError(t, err)
-		t.Run("delete by name and pubicID", deleteTestFunc(req))
+		t.Run("delete by name and publicID", deleteTestFunc(req))
+	})
+}
+
+func Test_GetAllAPIKeyNamesByProjectID(t *testing.T) {
+	testplanet.Run(t, testplanet.Config{
+		SatelliteCount: 1, StorageNodeCount: 0, UplinkCount: 1,
+		Reconfigure: testplanet.Reconfigure{
+			Satellite: func(log *zap.Logger, index int, config *satellite.Config) {
+				config.Console.OpenRegistrationEnabled = true
+				config.Console.RateLimit.Burst = 10
+			},
+		},
+	}, func(t *testing.T, ctx *testcontext.Context, planet *testplanet.Planet) {
+		sat := planet.Satellites[0]
+
+		newUser := console.CreateUser{
+			FullName:  "test_name",
+			ShortName: "",
+			Email:     "apikeytest1@test.test",
+		}
+
+		user, err := sat.AddUser(ctx, newUser, 1)
+		require.NoError(t, err)
+
+		project, err := sat.AddProject(ctx, user.ID, "apikeytest")
+		require.NoError(t, err)
+
+		// we are using full name as a password
+		tokenInfo, err := sat.API.Console.Service.Token(ctx, console.AuthUser{Email: user.Email, Password: user.FullName})
+		require.NoError(t, err)
+
+		client := http.Client{}
+
+		expire := time.Now().AddDate(0, 0, 1)
+		cookie := http.Cookie{
+			Name:    "_tokenKey",
+			Path:    "/",
+			Value:   tokenInfo.Token.String(),
+			Expires: expire,
+		}
+
+		secret, err := macaroon.NewSecret()
+		require.NoError(t, err)
+
+		key, err := macaroon.NewAPIKey(secret)
+		require.NoError(t, err)
+
+		apikey := console.APIKeyInfo{
+			Name:      "test",
+			ProjectID: project.ID,
+			Secret:    secret,
+		}
+
+		secret1, err := macaroon.NewSecret()
+		require.NoError(t, err)
+
+		key1, err := macaroon.NewAPIKey(secret1)
+		require.NoError(t, err)
+
+		apikey1 := console.APIKeyInfo{
+			Name:      "test1",
+			ProjectID: project.ID,
+			Secret:    secret1,
+		}
+
+		created, err := sat.DB.Console().APIKeys().Create(ctx, key.Head(), apikey)
+		require.NoError(t, err)
+
+		created1, err := sat.DB.Console().APIKeys().Create(ctx, key1.Head(), apikey1)
+		require.NoError(t, err)
+
+		request, err := http.NewRequestWithContext(ctx, http.MethodGet, "http://"+planet.Satellites[0].API.Console.Listener.Addr().String()+"/api/v0/api-keys/api-key-names?projectID="+project.ID.String(), nil)
+		require.NoError(t, err)
+
+		request.AddCookie(&cookie)
+
+		result, err := client.Do(request)
+		require.NoError(t, err)
+		require.Equal(t, http.StatusOK, result.StatusCode)
+
+		body, err := io.ReadAll(result.Body)
+		require.NoError(t, err)
+
+		var output []string
+
+		err = json.Unmarshal(body, &output)
+		require.NoError(t, err)
+
+		require.Equal(t, 2, len(output))
+		require.Equal(t, created.Name, output[0])
+		require.Equal(t, created1.Name, output[1])
+
+		defer func() {
+			err = result.Body.Close()
+			require.NoError(t, err)
+		}()
 	})
 }
--- a/satellite/console/consoleweb/server.go
+++ b/satellite/console/consoleweb/server.go
@ -332,6 +332,7 @@ func NewServer(logger *zap.Logger, config Config, service *console.Service, oidc
 	apiKeysRouter := router.PathPrefix("/api/v0/api-keys").Subrouter()
 	apiKeysRouter.Use(server.withAuth)
 	apiKeysRouter.HandleFunc("/delete-by-name", apiKeysController.DeleteByNameAndProjectID).Methods(http.MethodDelete)
+	apiKeysRouter.HandleFunc("/api-key-names", apiKeysController.GetAllAPIKeyNames).Methods(http.MethodGet)

 	analyticsController := consoleapi.NewAnalytics(logger, service, server.analytics)
 	analyticsRouter := router.PathPrefix("/api/v0/analytics").Subrouter()
--- a/satellite/console/service.go
+++ b/satellite/console/service.go
@ -2409,6 +2409,28 @@ func (s *Service) DeleteAPIKeys(ctx context.Context, ids []uuid.UUID) (err error
 	return Error.Wrap(err)
 }

+// GetAllAPIKeyNamesByProjectID returns all api key names by project ID.
+func (s *Service) GetAllAPIKeyNamesByProjectID(ctx context.Context, projectID uuid.UUID) (names []string, err error) {
+	defer mon.Task()(&ctx)(&err)
+
+	user, err := s.getUserAndAuditLog(ctx, "get all api key names by project ID", zap.String("projectID", projectID.String()))
+	if err != nil {
+		return nil, Error.Wrap(err)
+	}
+
+	isMember, err := s.isProjectMember(ctx, user.ID, projectID)
+	if err != nil {
+		return nil, Error.Wrap(err)
+	}
+
+	names, err = s.store.APIKeys().GetAllNamesByProjectID(ctx, isMember.project.ID)
+	if err != nil {
+		return nil, Error.Wrap(err)
+	}
+
+	return names, nil
+}
+
 // DeleteAPIKeyByNameAndProjectID deletes api key by name and project ID.
 // ID here may be project.publicID or project.ID.
 func (s *Service) DeleteAPIKeyByNameAndProjectID(ctx context.Context, name string, projectID uuid.UUID) (err error) {
--- a/satellite/satellitedb/apikeys.go
+++ b/satellite/satellitedb/apikeys.go
@ -162,6 +162,45 @@ func (keys *apikeys) GetByNameAndProjectID(ctx context.Context, name string, pro
 	return fromDBXAPIKey(ctx, dbKey)
 }

+// GetAllNamesByProjectID implements satellite.APIKeys.
+func (keys *apikeys) GetAllNamesByProjectID(ctx context.Context, projectID uuid.UUID) ([]string, error) {
+	var err error
+	defer mon.Task()(&ctx)(&err)
+
+	query := keys.db.Rebind(`
+		SELECT ak.name
+		FROM api_keys ak
+		WHERE ak.project_id = ?
+		ORDER BY ` + sanitizedAPIKeyOrderColumnName(console.KeyName) + `
+		` + sanitizeOrderDirectionName(console.Ascending),
+	)
+
+	rows, err := keys.db.QueryContext(ctx, query, projectID[:])
+	if err != nil {
+		return nil, err
+	}
+	defer func() { err = errs.Combine(err, rows.Close()) }()
+
+	names := make([]string, 0)
+	for rows.Next() {
+		var name string
+
+		err = rows.Scan(&name)
+		if err != nil {
+			return nil, err
+		}
+
+		names = append(names, name)
+	}
+
+	err = rows.Err()
+	if err != nil {
+		return nil, err
+	}
+
+	return names, nil
+}
+
 // Create implements satellite.APIKeys.
 func (keys *apikeys) Create(ctx context.Context, head []byte, info console.APIKeyInfo) (_ *console.APIKeyInfo, err error) {
 	defer mon.Task()(&ctx)(&err)