sonot
/
PteroTheme
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix API key creation logic

This commit is contained in:
Dane Everitt 2020-03-28 16:06:36 -07:00
parent ff49165447
commit e4e5dea6b8
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
3 changed files with 68 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Models/ApiKey.php
View File

@ -53,7 +53,7 @@ class ApiKey extends Validable
* @var array * @var array
*/ */
protected $casts = [ protected $casts = [
'allowed_ips' => 'json', 'allowed_ips' => 'array',
'user_id' => 'int', 'user_id' => 'int',
'r_' . AdminAcl::RESOURCE_USERS => 'int', 'r_' . AdminAcl::RESOURCE_USERS => 'int',
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int', 'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'int',
@ -99,7 +99,8 @@ class ApiKey extends Validable
'identifier' => 'required|string|size:16|unique:api_keys,identifier', 'identifier' => 'required|string|size:16|unique:api_keys,identifier',
'token' => 'required|string', 'token' => 'required|string',
'memo' => 'required|nullable|string|max:500', 'memo' => 'required|nullable|string|max:500',
'allowed_ips' => 'nullable|json', 'allowed_ips' => 'nullable|array',
'allowed_ips.*' => 'string',
'last_used_at' => 'nullable|date', 'last_used_at' => 'nullable|date',
'r_' . AdminAcl::RESOURCE_USERS => 'integer|min:0|max:3', 'r_' . AdminAcl::RESOURCE_USERS => 'integer|min:0|max:3',
'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'integer|min:0|max:3', 'r_' . AdminAcl::RESOURCE_ALLOCATIONS => 'integer|min:0|max:3',

7
app/Models/Validable.php
View File

@ -140,7 +140,12 @@ abstract class Validable extends Model
} }
return $this->getValidator()->setData( return $this->getValidator()->setData(
$this->toArray() // Trying to do self::toArray() here will leave out keys based on the whitelist/blacklist
// for that model. Doing this will return all of the attributes in a format that can
// properly be validated.
$this->addCastAttributesToArray(
$this->getAttributes(), $this->getMutatedAttributes()
)
)->passes(); )->passes();
} }
} }

113
resources/scripts/components/dashboard/AccountApiContainer.tsx
View File

@ -46,62 +46,67 @@ export default () => {
}; };
return ( return (
<div className={'my-10 flex'}> <div className={'my-10'}>
<FlashMessageRender byKey={'account'} className={'mb-4'}/> <FlashMessageRender byKey={'account'} className={'mb-4'}/>
<ContentBox title={'Create API Key'} className={'flex-1'}> <div className={'flex'}>
<CreateApiKeyForm onKeyCreated={key => setKeys(s => ([...s!, key]))}/> <ContentBox title={'Create API Key'} className={'flex-1'}>
</ContentBox> <CreateApiKeyForm onKeyCreated={key => setKeys(s => ([ ...s!, key ]))}/>
<ContentBox title={'API Keys'} className={'ml-10 flex-1'}> </ContentBox>
<SpinnerOverlay visible={loading}/> <ContentBox title={'API Keys'} className={'ml-10 flex-1'}>
{deleteIdentifier && <SpinnerOverlay visible={loading}/>
<ConfirmationModal {deleteIdentifier &&
title={'Confirm key deletion'} <ConfirmationModal
buttonText={'Yes, delete key'} title={'Confirm key deletion'}
visible={true} buttonText={'Yes, delete key'}
onConfirmed={() => { visible={true}
doDeletion(deleteIdentifier); onConfirmed={() => {
setDeleteIdentifier(''); doDeletion(deleteIdentifier);
}} setDeleteIdentifier('');
onDismissed={() => setDeleteIdentifier('')} }}
> onDismissed={() => setDeleteIdentifier('')}
Are you sure you wish to delete this API key? All requests using it will immediately be >
invalidated and will fail. Are you sure you wish to delete this API key? All requests using it will immediately be
</ConfirmationModal> invalidated and will fail.
} </ConfirmationModal>
{ }
keys.length === 0 ? {
<p className={'text-center text-sm'}> keys.length === 0 ?
{loading ? 'Loading...' : 'No API keys exist for this account.'} <p className={'text-center text-sm'}>
</p> {loading ? 'Loading...' : 'No API keys exist for this account.'}
: </p>
keys.map(key => ( :
<div key={key.identifier} className={'grey-row-box bg-neutral-600 mb-2 flex items-center'}> keys.map(key => (
<FontAwesomeIcon icon={faKey} className={'text-neutral-300'}/> <div
<div className={'ml-4 flex-1'}> key={key.identifier}
<p className={'text-sm'}>{key.description}</p> className={'grey-row-box bg-neutral-600 mb-2 flex items-center'}
<p className={'text-2xs text-neutral-300 uppercase'}>
Last
used: {key.lastUsedAt ? format(key.lastUsedAt, 'MMM Do, YYYY HH:mm') : 'Never'}
</p>
</div>
<p className={'text-sm ml-4'}>
<code className={'font-mono py-1 px-2 bg-neutral-900 rounded'}>
{key.identifier}
</code>
</p>
<button
className={'ml-4 p-2 text-sm'}
onClick={() => setDeleteIdentifier(key.identifier)}
> >
<FontAwesomeIcon <FontAwesomeIcon icon={faKey} className={'text-neutral-300'}/>
icon={faTrashAlt} <div className={'ml-4 flex-1'}>
className={'text-neutral-400 hover:text-red-400 transition-colors duration-150'} <p className={'text-sm'}>{key.description}</p>
/> <p className={'text-2xs text-neutral-300 uppercase'}>
</button> Last
</div> used: {key.lastUsedAt ? format(key.lastUsedAt, 'MMM Do, YYYY HH:mm') : 'Never'}
)) </p>
} </div>
</ContentBox> <p className={'text-sm ml-4'}>
<code className={'font-mono py-1 px-2 bg-neutral-900 rounded'}>
{key.identifier}
</code>
</p>
<button
className={'ml-4 p-2 text-sm'}
onClick={() => setDeleteIdentifier(key.identifier)}
>
<FontAwesomeIcon
icon={faTrashAlt}
className={'text-neutral-400 hover:text-red-400 transition-colors duration-150'}
/>
</button>
</div>
))
}
</ContentBox>
</div>
</div> </div>
); );
}; };