Add auth.edit_credentials

2025-03-09 21:51:54 +00:00 · 2022-05-17 16:08:12 +03:00 · 2022-05-17 16:08:12 +03:00 · 67cd461145
commit 67cd461145
parent 92b5fc6f9a
3 changed files with 60 additions and 0 deletions
--- a/apiserver/apimodels/auth.py
+++ b/apiserver/apimodels/auth.py
@ -96,6 +96,11 @@ class GetCredentialsResponse(Base):
    credentials = ListField(CredentialsResponse)


+class EditCredentialsRequest(Base):
+    access_key = StringField(required=True)
+    label = StringField()
+
+
 class RevokeCredentialsRequest(Base):
    access_key = StringField(required=True)

--- a/apiserver/schema/services/auth.conf
+++ b/apiserver/schema/services/auth.conf
@ -262,6 +262,38 @@ get_credentials {
    }
 }

+edit_credentials {
+    allow_roles = [ "*" ]
+    internal: false
+    "2.19" {
+        description: """Updates the label of the existing credentials for the authenticated user."""
+        request {
+            type: object
+            required: [ access_key ]
+            properties {
+                access_key {
+                    type: string
+                    description: Existing credentials key
+                }
+                label {
+                    type: string
+                    description: New credentials label
+                }
+            }
+        }
+        response {
+            type: object
+            properties {
+                updated {
+                    description: "Number of credentials updated"
+                    type: integer
+                    enum: [0, 1]
+                }
+            }
+        }
+    }
+}
+
 revoke_credentials {
    allow_roles = [ "*" ]
    internal: false
--- a/apiserver/services/auth.py
+++ b/apiserver/services/auth.py
@ -14,6 +14,7 @@ from apiserver.apimodels.auth import (
    RevokeCredentialsRequest,
    EditUserReq,
    CreateCredentialsRequest,
+    EditCredentialsRequest,
 )
 from apiserver.apimodels.base import UpdateResponse
 from apiserver.bll.auth import AuthBLL
@ -122,6 +123,28 @@ def create_credentials(call: APICall, _, request: CreateCredentialsRequest):
    call.result.data_model = CreateCredentialsResponse(credentials=credentials)


+@endpoint("auth.edit_credentials")
+def edit_credentials(call: APICall, company_id: str, request: EditCredentialsRequest):
+    identity = call.identity
+    access_key = request.access_key
+
+    company_values = [None, company_id]
+    updated = User.objects(
+        id=identity.user,
+        company=company_id,
+        credentials__match={"key": access_key, "company__in": company_values},
+    ).update_one(set__credentials__S__label=request.label)
+    if not updated:
+        raise errors.bad_request.InvalidAccessKey(
+            "invalid user or invalid access key",
+            user=identity.user,
+            access_key=access_key,
+            company=company_id,
+        )
+
+    call.result.data = {"updated": updated}
+
+
@endpoint(
    "auth.revoke_credentials",
    request_data_model=RevokeCredentialsRequest,