refactor: update old api token create apis

Signed-off-by: Pranav C <pranavxc@gmail.com>
2 years ago · 805a5aab57
5 changed files with 25 additions and 15 deletions
--- a/packages/nocodb/src/lib/meta/api/apiTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/apiTokenApis.ts
@ -1,24 +1,35 @@
 import { Request, Response, Router } from 'express';
+import { OrgUserRoles } from '../../../enums/OrgUserRoles';
 import { Tele } from '../../utils/Tele';
+import { NcError } from '../helpers/catchError';
 import ncMetaAclMw from '../helpers/ncMetaAclMw';
 import ApiToken from '../../models/ApiToken';
 import { metaApiMetrics } from '../helpers/apiMetrics';

-export async function apiTokenList(_req: Request, res: Response) {
-  res.json(await ApiToken.list());
+export async function apiTokenList(req: Request, res: Response) {
+  res.json(await ApiToken.list(req['user'].id));
 }
 export async function apiTokenCreate(req: Request, res: Response) {
  Tele.emit('evt', { evt_type: 'apiToken:created' });
-  res.json(await ApiToken.insert(req.body));
+  res.json(await ApiToken.insert({ ...req.body, fk_user_id: req['user'].id }));
 }
 export async function apiTokenDelete(req: Request, res: Response) {
+  const apiToken = await ApiToken.getByToken(req.params.apiTokenId);
+  if (
+    !req['user'].roles.includes(OrgUserRoles.SUPER) &&
+    apiToken.fk_user_id !== req['user'].id
+  ) {
+    NcError.notFound('Token not found');
+  }
  Tele.emit('evt', { evt_type: 'apiToken:deleted' });
+
  // todo: verify token belongs to the user
  res.json(await ApiToken.delete(req.params.token));
 }

 // todo: add reset token api to regenerate token

+// deprecated apis
 const router = Router({ mergeParams: true });

 router.get(
--- a/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
+++ b/packages/nocodb/src/lib/meta/api/orgTokenApis.ts
@ -10,7 +10,7 @@ import { PagedResponseImpl } from '../helpers/PagedResponse';
 import { apiTokenListEE } from './ee/orgTokenApis';

 async function apiTokenList(req, res) {
-  let fk_user_id = req.user.id;
+  const fk_user_id = req.user.id;

  res.json(
    new PagedResponseImpl(
--- a/packages/nocodb/src/lib/meta/api/projectUserApis.ts
+++ b/packages/nocodb/src/lib/meta/api/projectUserApis.ts
@ -64,11 +64,6 @@ async function userInvite(req, res, next): Promise<any> {
        );
      }

-      // todo : provide a different role
-      await User.update(user.id, {
-        roles: OrgUserRoles.VIEWER,
-      });
-
      await ProjectUser.insert({
        project_id: req.params.projectId,
        fk_user_id: user.id,
--- a/packages/nocodb/src/lib/models/ApiToken.ts
+++ b/packages/nocodb/src/lib/models/ApiToken.ts
@ -40,12 +40,14 @@ export default class ApiToken {
    return this.getByToken(token);
  }

-  static async list(ncMeta = Noco.ncMeta) {
-    let tokens = await NocoCache.getList(CacheScope.API_TOKEN, []);
-    if (!tokens.length) {
-      tokens = await ncMeta.metaList(null, null, MetaTable.API_TOKENS);
-      await NocoCache.setList(CacheScope.API_TOKEN, [], tokens);
-    }
+  static async list(userId: string, ncMeta = Noco.ncMeta) {
+    // let tokens = await NocoCache.getList(CacheScope.API_TOKEN, []);
+    // if (!tokens.length) {
+    const tokens = await ncMeta.metaList(null, null, MetaTable.API_TOKENS, {
+      condition: { fk_user_id: userId },
+    });
+    // await NocoCache.setList(CacheScope.API_TOKEN, [], tokens);
+    // }
    return tokens?.map((t) => new ApiToken(t));
  }

--- a/packages/nocodb/src/lib/models/User.ts
+++ b/packages/nocodb/src/lib/models/User.ts
@ -106,6 +106,8 @@ export default class User implements UserType {
        await NocoCache.set(key, o);
      }
    }
+
+    await NocoCache.del(`${CacheScope.USER}:${user.email}`);
    // as <projectId> is unknown, delete user:<email>___<projectId> in cache
    await NocoCache.delAll(CacheScope.USER, `${user.email}___*`);