tabshift/payload
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: disable api key checkbox does not remove api key (#6017)

Browse Source
This commit is contained in:
Dan Ribbens
2024-04-25 09:39:09 -04:00
committed by GitHub
parent 881119ba3a
commit 0ffdcc685f
5 changed files with 116 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/auth/e2e.spec.ts
View File

@@ -1,6 +1,7 @@
import type { Page } from '@playwright/test'
import { expect, test } from '@playwright/test'
import { v4 as uuid } from 'uuid'
import payload from '../../packages/payload/src'
import { initPageConsoleErrorCatch, login, saveDocAndAssert } from '../helpers'
@@ -82,6 +83,7 @@ describe('auth', () => {
user = await payload.create({
collection: apiKeysSlug,
data: {
apiKey: uuid(),
enableAPIKey: true,
},
})
@@ -117,7 +119,7 @@ describe('auth', () => {
const response = await fetch(`${apiURL}/${apiKeysSlug}/me`, {
headers: {
...headers,
Authorization: `${slug} API-Key ${user.apiKey}`,
Authorization: `${apiKeysSlug} API-Key ${user.apiKey}`,
},
}).then((res) => res.json())

94
test/auth/int.spec.ts
View File

@@ -1,5 +1,6 @@
import { GraphQLClient } from 'graphql-request'
import jwtDecode from 'jwt-decode'
import { v4 as uuid } from 'uuid'
import type { User } from '../../packages/payload/src/auth'
@@ -7,7 +8,7 @@ import payload from '../../packages/payload/src'
import configPromise from '../collections-graphql/config'
import { devUser } from '../credentials'
import { initPayloadTest } from '../helpers/configHelpers'
import { namedSaveToJWTValue, saveToJWTKey, slug } from './shared'
import { apiKeysSlug, namedSaveToJWTValue, saveToJWTKey, slug } from './shared'
require('isomorphic-fetch')
@@ -680,5 +681,96 @@ describe('Auth', () => {
expect(fail.status).toStrictEqual(404)
})
it('should not remove an API key from a user when updating other fields', async () => {
const apiKey = uuid()
const user = await payload.create({
collection: 'api-keys',
data: {
apiKey,
enableAPIKey: true,
},
})
const updatedUser = await payload.update({
id: user.id,
collection: 'api-keys',
data: {
enableAPIKey: true,
},
})
const userResult = await payload.find({
collection: 'api-keys',
where: {
id: {
equals: user.id,
},
},
})
expect(updatedUser.apiKey).toStrictEqual(user.apiKey)
expect(userResult.docs[0].apiKey).toStrictEqual(user.apiKey)
})
it('should disable api key after updating apiKey: null', async () => {
const apiKey = uuid()
const user = await payload.create({
collection: apiKeysSlug,
data: {
apiKey,
enableAPIKey: true,
},
})
const updatedUser = await payload.update({
id: user.id,
collection: apiKeysSlug,
data: {
apiKey: null,
},
})
// use the api key in a fetch to assert that it is disabled
const response = await fetch(`${apiUrl}/${apiKeysSlug}/me`, {
headers: {
...headers,
Authorization: `${apiKeysSlug} API-Key ${apiKey}`,
},
}).then((res) => res.json())
expect(updatedUser.apiKey).toBeNull()
expect(response.user).toBeNull()
})
it('should disable api key after updating with enableAPIKey:false', async () => {
const apiKey = uuid()
const user = await payload.create({
collection: apiKeysSlug,
data: {
apiKey,
enableAPIKey: true,
},
})
const updatedUser = await payload.update({
id: user.id,
collection: apiKeysSlug,
data: {
enableAPIKey: false,
},
})
// use the api key in a fetch to assert that it is disabled
const response = await fetch(`${apiUrl}/${apiKeysSlug}/me`, {
headers: {
...headers,
Authorization: `${apiKeysSlug} API-Key ${apiKey}`,
},
}).then((res) => res.json())
expect(updatedUser.apiKey).toStrictEqual(apiKey)
expect(response.user).toBeNull()
})
})
})