osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

FEATURE: Overhaul of admin API key system (#8284)

Browse Source 
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
This commit is contained in:
David Taylor
2019-11-05 14:10:23 +00:00
committed by GitHub
parent fa2c06da93
commit 52c5cf33f8
46 changed files with 863 additions and 395 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test/javascripts/admin/models/admin-user-test.js.es6
-30
View File
@@ -1,30 +0,0 @@
import AdminUser from "admin/models/admin-user";
import ApiKey from "admin/models/api-key";
QUnit.module("model:admin-user");
QUnit.test("generate key", function(assert) {
assert.expect(2);
var adminUser = AdminUser.create({ id: 333 });
assert.ok(!adminUser.get("api_key"), "it has no api key by default");
return adminUser.generateApiKey().then(function() {
assert.present(adminUser.get("api_key"), "it has an api_key now");
});
});
QUnit.test("revoke key", function(assert) {
assert.expect(2);
var apiKey = ApiKey.create({ id: 1234, key: "asdfasdf" }),
adminUser = AdminUser.create({ id: 333, api_key: apiKey });
assert.equal(
adminUser.get("api_key"),
apiKey,
"it has the api key in the beginning"
);
return adminUser.revokeApiKey().then(function() {
assert.blank(adminUser.get("api_key"), "it cleared the api_key");
});
});