DGNum/demarches-normaliennes
11
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

can edit api_token to change networks and name

Browse source
This commit is contained in:
simon lehericey 2024-01-26 17:11:00 +01:00
parent 35e9a6e905
commit 5eaa957c31
6 changed files with 129 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/components/profile/api_token_component/api_token_component.html.haml
View file

@ -9,7 +9,14 @@
%div= network_filtering
%div= use_and_expiration
%div
= link_to 'Supprimer',
admin_api_token_path(@api_token),
class: 'fr-btn fr-btn--tertiary-no-outline fr-btn--sm fr-btn--icon-left fr-icon-delete-line',
data: { turbo_method: :delete, confirm: "Confirmez-vous la suppression du jeton « #{@api_token.name} » ?" }
%ul
%li
= link_to 'Modifier',
edit_admin_api_token_path(@api_token),
class: 'fr-btn fr-btn--tertiary-no-outline fr-btn--sm fr-btn--icon-left fr-icon-settings-5-line'
%li
= link_to 'Supprimer',
admin_api_token_path(@api_token),
class: 'fr-btn fr-btn--tertiary-no-outline fr-btn--sm fr-btn--icon-left fr-icon-delete-line',
data: { turbo_method: :delete, confirm: "Confirmez-vous la suppression du jeton « #{@api_token.name} » ?" }

22
app/controllers/administrateurs/api_tokens_controller.rb
View file

@ -3,7 +3,7 @@ module Administrateurs
include ActionView::RecordIdentifier
before_action :authenticate_administrateur!
before_action :set_api_token, only: [:destroy]
before_action :set_api_token, only: [:edit, :update, :destroy]
def nom
@name = name
@ -32,6 +32,26 @@ module Administrateurs
allowed_procedure_ids:, authorized_networks:, expires_at:)
end
def edit
end
def update
if invalid_network?
@invalid_network = true
return render :edit
end
if @api_token.eternal? && networks.empty?
flash[:alert] = "Vous ne pouvez pas supprimer les restrictions d'accès à l'API d'un jeton permanent."
return render :edit
end
@api_token.update!(name:, authorized_networks: networks)
flash[:notice] = "Le jeton d'API a été mis à jour."
redirect_to profil_path
end
def destroy
@api_token.destroy

4
app/models/api_token.rb
View file

@ -89,6 +89,10 @@ class APIToken < ApplicationRecord
expires_at&.past?
end
def eternal?
expires_at.nil?
end
class << self
def generate(administrateur)
plain_token = generate_unique_secure_token

46
app/views/administrateurs/api_tokens/edit.html.haml Normal file
View file

@ -0,0 +1,46 @@
- content_for :title, "Modification du jeton d'API « #{@api_token.name} »"
= render partial: 'administrateurs/breadcrumbs',
locals: { steps: [['Tableau de bord', tableau_de_bord_helper_path],
[t('users.profil.show.profile'), profil_path],
["Jeton dAPI : #{@api_token.name}"]] }
.fr-container.fr-mt-2w
%h1 Modification du jeton d'API « #{@api_token.name} »
= form_with url: admin_api_token_path(@api_token), method: :patch, html: { class: 'fr-mt-2w' } do |f|
.fr-input-group
= f.label :name, class: 'fr-label' do
= t('name', scope: [:administrateurs, :api_tokens, :nom])
%span.fr-hint-text= t('name-hint', scope: [:administrateurs, :api_tokens, :nom])
= f.text_field :name,
class: 'fr-input width-33',
autocomplete: 'off',
autocapitalize: 'off',
autocorrect: 'off',
spellcheck: false,
required: true,
value: @api_token.name
.fr-input-group.fr-mb-4w{
class: class_names('fr-input-group--error': @invalid_network) }
= f.label :name, class: 'fr-label' do
= @api_token.eternal? ? "Entrez au moins 1 réseau autorisé" : "Entrez les adresses ip autorisées"
%span.fr-hint-text adresses réseaux séparées par des espaces. ex: 176.31.79.200 192.168.33.0/24 2001:41d0:304:400::52f/128
= f.text_field :networks,
class: class_names('fr-input': true, 'fr-input--error': @invalid_network),
autocomplete: 'off',
autocapitalize: 'off',
autocorrect: 'off',
spellcheck: false,
required: @api_token.eternal?,
value: @api_token.authorized_networks_for_ui.gsub(/,/, ' ')
- if @invalid_network
%p.fr-error-text vous devez entrer des adresses ipv4 ou ipv6 valides
%ul.fr-btns-group.fr-btns-group--inline
%li
= f.button 'Modifier', type: :submit, class: "fr-btn fr-btn--primary"
%li
= link_to 'Revenir', profil_path, class: "fr-btn fr-btn--secondary"

2
config/routes.rb
View file

@ -662,7 +662,7 @@ Rails.application.routes.draw do
end
end
resources :api_tokens, only: [:create, :destroy] do
resources :api_tokens, only: [:create, :destroy, :edit, :update] do
collection do
get :nom
get :autorisations

46
spec/controllers/administrateurs/api_tokens_controller_spec.rb
View file

@ -93,4 +93,50 @@ describe Administrateurs::APITokensController, type: :controller do
end
end
end
describe 'update' do
let(:token) { APIToken.generate(admin).first }
let(:params) { { name:, networks: } }
let(:name) { 'new name' }
let(:networks) { '118.218.200.200' }
subject { patch :update, params: params.merge(id: token.id) }
context 'nominal' do
before { subject; token.reload }
it 'updates a token' do
expect(token.name).to eq('new name')
expect(token.authorized_networks).to eq([IPAddr.new('118.218.200.200')])
end
end
context 'with bad network' do
let(:networks) { 'bad' }
before { subject; token.reload }
it 'does not update a token' do
expect(token.name).not_to eq('new name')
expect(assigns(:invalid_network)).to be true
expect(response).to render_template(:edit)
end
end
context 'with no network and infinite lifetime' do
before do
token.update!(authorized_networks: [IPAddr.new('118.218.200.200')])
subject
token.reload
end
let(:networks) { '' }
it 'does not update a token' do
expect(token.name).not_to eq('new name')
expect(flash[:alert]).to eq("Vous ne pouvez pas supprimer les restrictions d'accès à l'API d'un jeton permanent.")
expect(response).to render_template(:edit)
end
end
end
end