Merge pull request #6594 from nocodb/nc-refactor/allow-only-one-token-per-user

refactor: allow only one token per user

packages/nc-gui/components/account/Token.vue

@@ -2,7 +2,7 @@
 import type { VNodeRef } from '@vue/runtime-core'
 import { message } from 'ant-design-vue'
 import type { ApiTokenType, RequestParams } from 'nocodb-sdk'
-import { extractSdkResponseErrorMsg, ref, useApi, useCopy, useNuxtApp } from '#imports'
+import { extractSdkResponseErrorMsg, isEeUI, ref, useApi, useCopy, useNuxtApp } from '#imports'
 
 const { api, isLoading } = useApi()
 
@@ -164,21 +164,25 @@ const handleCancel = () => {
     <div class="max-w-[810px] mx-auto p-4" data-testid="nc-token-list">
       <div class="py-2 flex gap-4 items-center justify-between">
         <h6 class="text-2xl my-4 text-left font-bold">{{ $t('title.apiTokens') }}</h6>
-        <NcButton
-          :disabled="showNewTokenModal"
-          class="!rounded-md"
-          data-testid="nc-token-create"
-          size="middle"
-          type="primary"
-          @click="showNewTokenModal = true"
-        >
-          <span class="hidden md:block">
-            {{ $t('title.addNewToken') }}
-          </span>
-          <span class="flex items-center justify-center md:hidden">
-            <component :is="iconMap.plus" />
-          </span>
-        </NcButton>
+        <NcTooltip :disabled="!(isEeUI && tokens.length)">
+          <template #title>{{ $t('labels.tokenLimit') }}</template>
+          <NcButton
+            :disabled="showNewTokenModal || (isEeUI && tokens.length)"
+            class="!rounded-md"
+            data-testid="nc-token-create"
+            size="middle"
+            type="primary"
+            tooltip="bottom"
+            @click="showNewTokenModal = true"
+          >
+            <span class="hidden md:block">
+              {{ $t('title.addNewToken') }}
+            </span>
+            <span class="flex items-center justify-center md:hidden">
+              <component :is="iconMap.plus" />
+            </span>
+          </NcButton>
+        </NcTooltip>
       </div>
       <span>{{ $t('msg.apiTokenCreate') }}</span>
       <div class="w-full mt-5 rounded-md h-136 overflow-y-scroll">

packages/nc-gui/lang/en.json

@@ -388,6 +388,7 @@
     }
   },
   "labels": {
+    "tokenLimit": "Only one token per user is allowed",
     "duplicateAttachment": "File with name {filename} already attached",
     "toAddress": "To Address",
     "subject": "Subject",

packages/nocodb/src/helpers/catchError.ts

@@ -415,6 +415,8 @@ export default function (
         return res.status(400).json({ msg: e.message, errors: e.errors });
       } else if (e instanceof UnprocessableEntity) {
         return res.status(422).json({ msg: e.message });
+      } else if (e instanceof NotAllowed) {
+        return res.status(405).json({ msg: e.message });
       }
       next(e);
     }
@@ -423,6 +425,8 @@ export default function (
 
 export class BadRequest extends Error {}
 
+export class NotAllowed extends Error {}
+
 export class Unauthorized extends Error {}
 
 export class Forbidden extends Error {}
@@ -476,4 +480,8 @@ export class NcError {
   static unprocessableEntity(message = 'Unprocessable entity') {
     throw new UnprocessableEntity(message);
   }
+
+  static notAllowed(message = 'Not allowed') {
+    throw new NotAllowed(message);
+  }
 }

packages/nocodb/src/services/api-tokens.service.ts

@@ -9,7 +9,7 @@ import { ApiToken } from '~/models';
 
 @Injectable()
 export class ApiTokensService {
-  constructor(private readonly appHooksService: AppHooksService) {}
+  constructor(protected readonly appHooksService: AppHooksService) {}
 
   async apiTokenList(param: { userId: string }) {
     return await ApiToken.list(param.userId);

packages/nocodb/src/services/org-tokens.service.ts

@@ -10,7 +10,7 @@ import { ApiToken } from '~/models';
 
 @Injectable()
 export class OrgTokensService {
-  constructor(private readonly appHooksService: AppHooksService) {}
+  constructor(protected readonly appHooksService: AppHooksService) {}
 
   async apiTokenList(param: { user: User; query: any }) {
     const fk_user_id = param.user.id;