Skip to content

[public-api] Implement delete token #14877

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 23, 2022
Merged

[public-api] Implement delete token #14877

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions components/gitpod-db/go/personal_access_token.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,34 @@ func UpdatePersonalAccessTokenHash(ctx context.Context, conn *gorm.DB, tokenID u
return GetPersonalAccessTokenForUser(ctx, conn, tokenID, userID)
}

func DeletePersonalAccessTokenForUser(ctx context.Context, conn *gorm.DB, tokenID uuid.UUID, userID uuid.UUID) (int64, error) {
if tokenID == uuid.Nil {
return 0, fmt.Errorf("Invalid or empty tokenID")
}

if userID == uuid.Nil {
return 0, fmt.Errorf("Invalid or empty userID")
}

db := conn.WithContext(ctx)

db = db.
Table((&PersonalAccessToken{}).TableName()).
Where("id = ?", tokenID).
Where("userId = ?", userID).
Where("deleted = ?", 0).
Update("deleted", 1)
if db.Error != nil {
return 0, fmt.Errorf("failed to delete token (ID: %s): %v", tokenID.String(), db.Error)
}

if db.RowsAffected == 0 {
return 0, fmt.Errorf("token (ID: %s) for user (ID: %s) does not exist: %w", tokenID, userID, ErrorNotFound)
}

return db.RowsAffected, nil
}

func ListPersonalAccessTokensForUser(ctx context.Context, conn *gorm.DB, userID uuid.UUID, pagination Pagination) (*PaginatedResult[PersonalAccessToken], error) {
if userID == uuid.Nil {
return nil, fmt.Errorf("user ID is a required argument to list personal access tokens for user, got nil")
Expand Down
40 changes: 40 additions & 0 deletions components/gitpod-db/go/personal_access_token_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,46 @@ func TestPersonalAccessToken_UpdateHash(t *testing.T) {
})
}

func TestPersonalAccessToken_Delete(t *testing.T) {
conn := dbtest.ConnectForTests(t)

firstUserId := uuid.New()
secondUserId := uuid.New()

token := dbtest.NewPersonalAccessToken(t, db.PersonalAccessToken{UserID: firstUserId})
token2 := dbtest.NewPersonalAccessToken(t, db.PersonalAccessToken{UserID: secondUserId})

tokenEntries := []db.PersonalAccessToken{token, token2}

dbtest.CreatePersonalAccessTokenRecords(t, conn, tokenEntries...)

t.Run("not matching user", func(t *testing.T) {
count, err := db.DeletePersonalAccessTokenForUser(context.Background(), conn, token.ID, token2.UserID)
require.Error(t, err, db.ErrorNotFound)
require.Equal(t, int64(0), count)
})

t.Run("not matching token", func(t *testing.T) {
count, err := db.DeletePersonalAccessTokenForUser(context.Background(), conn, token2.ID, token.UserID)
require.Error(t, err, db.ErrorNotFound)
require.Equal(t, int64(0), count)
})

t.Run("both token and user don't exist in the DB", func(t *testing.T) {
count, err := db.DeletePersonalAccessTokenForUser(context.Background(), conn, uuid.New(), uuid.New())
require.Error(t, err, db.ErrorNotFound)
require.Equal(t, int64(0), count)
})

t.Run("valid", func(t *testing.T) {
count, err := db.DeletePersonalAccessTokenForUser(context.Background(), conn, token.ID, token.UserID)
require.NoError(t, err)
require.Equal(t, int64(1), count)
_, err = db.GetPersonalAccessTokenForUser(context.Background(), conn, token.ID, token.UserID)
require.Error(t, err, db.ErrorNotFound)
})
}

func TestListPersonalAccessTokensForUser(t *testing.T) {
ctx := context.Background()
conn := dbtest.ConnectForTests(t)
Expand Down
11 changes: 8 additions & 3 deletions components/public-api-server/pkg/apiv1/tokens.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -227,13 +227,18 @@ func (s *TokensService) DeletePersonalAccessToken(ctx context.Context, req *conn
return nil, err
}

_, _, err = s.getUser(ctx, conn)
_, userID, err := s.getUser(ctx, conn)
if err != nil {
return nil, err
}

log.Infof("Handling DeletePersonalAccessToken request for Token ID '%s'", tokenID.String())
return nil, connect.NewError(connect.CodeUnimplemented, errors.New("gitpod.experimental.v1.TokensService.DeletePersonalAccessToken is not implemented"))
_, err = db.DeletePersonalAccessTokenForUser(ctx, s.dbConn, tokenID, userID)
if err != nil {
log.WithError(err).Errorf("failed to delete personal access token (ID: %s) for user %s", tokenID.String(), userID.String())
return nil, connect.NewError(connect.CodeInternal, errors.New("Failed to delete personal access token."))
}

return connect.NewResponse(&v1.DeletePersonalAccessTokenResponse{}), nil
}

func (s *TokensService) getUser(ctx context.Context, conn protocol.APIInterface) (*protocol.User, uuid.UUID, error) {
Expand Down
29 changes: 22 additions & 7 deletions components/public-api-server/pkg/apiv1/tokens_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -513,16 +513,31 @@ func TestTokensService_DeletePersonalAccessToken(t *testing.T) {
require.Equal(t, connect.CodeInvalidArgument, connect.CodeOf(err))
})

t.Run("unimplemented when feature flag enabled", func(t *testing.T) {
serverMock, _, client := setupTokensService(t, withTokenFeatureEnabled)
t.Run("delete token", func(t *testing.T) {
serverMock, dbConn, client := setupTokensService(t, withTokenFeatureEnabled)

serverMock.EXPECT().GetLoggedInUser(gomock.Any()).Return(user, nil)
tokens := dbtest.CreatePersonalAccessTokenRecords(t, dbConn,
dbtest.NewPersonalAccessToken(t, db.PersonalAccessToken{
UserID: uuid.MustParse(user.ID),
}),
)

_, err := client.DeletePersonalAccessToken(context.Background(), connect.NewRequest(&v1.DeletePersonalAccessTokenRequest{
Id: uuid.New().String(),
serverMock.EXPECT().GetLoggedInUser(gomock.Any()).Return(user, nil).Times(3)

_, err := client.GetPersonalAccessToken(context.Background(), connect.NewRequest(&v1.GetPersonalAccessTokenRequest{
Id: tokens[0].ID.String(),
}))
require.NoError(t, err)

require.Equal(t, connect.CodeUnimplemented, connect.CodeOf(err))
_, err = client.DeletePersonalAccessToken(context.Background(), connect.NewRequest(&v1.DeletePersonalAccessTokenRequest{
Id: tokens[0].ID.String(),
}))
require.NoError(t, err)

_, err = client.GetPersonalAccessToken(context.Background(), connect.NewRequest(&v1.GetPersonalAccessTokenRequest{
Id: tokens[0].ID.String(),
}))
require.Error(t, err, fmt.Errorf("Token with ID %s does not exist: not found", tokens[0].ID.String()))
})
}

Expand Down Expand Up @@ -578,7 +593,7 @@ func TestTokensService_Workflow(t *testing.T) {
_, err = client.DeletePersonalAccessToken(ctx, connect.NewRequest(&v1.DeletePersonalAccessTokenRequest{
Id: secondTokenResponse.Msg.GetToken().GetId(),
}))
require.Error(t, err, "currently unimplemented")
require.NoError(t, err)
}

func setupTokensService(t *testing.T, expClient experiments.Client) (*protocol.MockAPIInterface, *gorm.DB, v1connect.TokensServiceClient) {
Expand Down