[API] Delete Token accept names too (#12366)

6543 · zeripath · lafriks · web-flow · commit d5b6931dbeff · 2020-08-28T11:09:33.000+03:00
* Delete Token accept names too

* better description

Co-authored-by: zeripath &lt;art27@cantab.net&gt;
Co-authored-by: Lauris BH &lt;lauris@nix.lv&gt;
diff --git a/integrations/api_token_test.go b/integrations/api_token_test.go
@@ -37,6 +37,19 @@ func TestAPICreateAndDeleteToken(t *testing.T) {
 	MakeRequest(t, req, http.StatusNoContent)
 
 	models.AssertNotExistsBean(t, &models.AccessToken{ID: newAccessToken.ID})
+
+	req = NewRequestWithJSON(t, "POST", "/api/v1/users/user1/tokens", map[string]string{
+		"name": "test-key-2",
+	})
+	req = AddBasicAuthHeader(req, user.Name)
+	resp = MakeRequest(t, req, http.StatusCreated)
+	DecodeJSON(t, resp, &newAccessToken)
+
+	req = NewRequestf(t, "DELETE", "/api/v1/users/user1/tokens/%s", newAccessToken.Name)
+	req = AddBasicAuthHeader(req, user.Name)
+	MakeRequest(t, req, http.StatusNoContent)
+
+	models.AssertNotExistsBean(t, &models.AccessToken{ID: newAccessToken.ID})
 }
 
 // TestAPIDeleteMissingToken ensures that error is thrown when token not found
diff --git a/models/token.go b/models/token.go
@@ -82,16 +82,27 @@ func AccessTokenByNameExists(token *AccessToken) (bool, error) {
 	return x.Table("access_token").Where("name = ?", token.Name).And("uid = ?", token.UID).Exist()
 }
 
+// ListAccessTokensOptions contain filter options
+type ListAccessTokensOptions struct {
+	ListOptions
+	Name   string
+	UserID int64
+}
+
 // ListAccessTokens returns a list of access tokens belongs to given user.
-func ListAccessTokens(uid int64, listOptions ListOptions) ([]*AccessToken, error) {
-	sess := x.
-		Where("uid=?", uid).
-		Desc("id")
+func ListAccessTokens(opts ListAccessTokensOptions) ([]*AccessToken, error) {
+	sess := x.Where("uid=?", opts.UserID)
+
+	if len(opts.Name) != 0 {
+		sess = sess.Where("name=?", opts.Name)
+	}
+
+	sess = sess.Desc("id")
 
-	if listOptions.Page != 0 {
-		sess = listOptions.setSessionPagination(sess)
+	if opts.Page != 0 {
+		sess = opts.setSessionPagination(sess)
 
-		tokens := make([]*AccessToken, 0, listOptions.PageSize)
+		tokens := make([]*AccessToken, 0, opts.PageSize)
 		return tokens, sess.Find(&tokens)
 	}
 
diff --git a/models/token_test.go b/models/token_test.go
@@ -83,7 +83,7 @@ func TestGetAccessTokenBySHA(t *testing.T) {
 
 func TestListAccessTokens(t *testing.T) {
 	assert.NoError(t, PrepareTestDatabase())
-	tokens, err := ListAccessTokens(1, ListOptions{})
+	tokens, err := ListAccessTokens(ListAccessTokensOptions{UserID: 1})
 	assert.NoError(t, err)
 	if assert.Len(t, tokens, 2) {
 		assert.Equal(t, int64(1), tokens[0].UID)
@@ -92,14 +92,14 @@ func TestListAccessTokens(t *testing.T) {
 		assert.Contains(t, []string{tokens[0].Name, tokens[1].Name}, "Token B")
 	}
 
-	tokens, err = ListAccessTokens(2, ListOptions{})
+	tokens, err = ListAccessTokens(ListAccessTokensOptions{UserID: 2})
 	assert.NoError(t, err)
 	if assert.Len(t, tokens, 1) {
 		assert.Equal(t, int64(2), tokens[0].UID)
 		assert.Equal(t, "Token A", tokens[0].Name)
 	}
 
-	tokens, err = ListAccessTokens(100, ListOptions{})
+	tokens, err = ListAccessTokens(ListAccessTokensOptions{UserID: 100})
 	assert.NoError(t, err)
 	assert.Empty(t, tokens)
 }
diff --git a/routers/api/v1/user/app.go b/routers/api/v1/user/app.go
@@ -7,7 +7,9 @@ package user
 
 import (
 	"errors"
+	"fmt"
 	"net/http"
+	"strconv"
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
@@ -41,7 +43,7 @@ func ListAccessTokens(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/AccessTokenList"
 
-	tokens, err := models.ListAccessTokens(ctx.User.ID, utils.GetListOptions(ctx))
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID, ListOptions: utils.GetListOptions(ctx)})
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "ListAccessTokens", err)
 		return
@@ -128,15 +130,44 @@ func DeleteAccessToken(ctx *context.APIContext) {
 	//   required: true
 	// - name: token
 	//   in: path
-	//   description: token to be deleted
-	//   type: integer
-	//   format: int64
+	//   description: token to be deleted, identified by ID and if not available by name
+	//   type: string
 	//   required: true
 	// responses:
 	//   "204":
 	//     "$ref": "#/responses/empty"
+	//   "422":
+	//     "$ref": "#/responses/error"
+
+	token := ctx.Params(":id")
+	tokenID, _ := strconv.ParseInt(token, 0, 64)
+
+	if tokenID == 0 {
+		tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{
+			Name:   token,
+			UserID: ctx.User.ID,
+		})
+		if err != nil {
+			ctx.Error(http.StatusInternalServerError, "ListAccessTokens", err)
+			return
+		}
+
+		switch len(tokens) {
+		case 0:
+			ctx.NotFound()
+			return
+		case 1:
+			tokenID = tokens[0].ID
+		default:
+			ctx.Error(http.StatusUnprocessableEntity, "DeleteAccessTokenByID", fmt.Errorf("multible matches for token name '%s'", token))
+			return
+		}
+	}
+	if tokenID == 0 {
+		ctx.Error(http.StatusInternalServerError, "Invalid TokenID", nil)
+		return
+	}
 
-	tokenID := ctx.ParamsInt64(":id")
 	if err := models.DeleteAccessTokenByID(tokenID, ctx.User.ID); err != nil {
 		if models.IsErrAccessTokenNotExist(err) {
 			ctx.NotFound()
diff --git a/routers/user/setting/applications.go b/routers/user/setting/applications.go
@@ -80,7 +80,7 @@ func DeleteApplication(ctx *context.Context) {
 }
 
 func loadApplicationsData(ctx *context.Context) {
-	tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})
 	if err != nil {
 		ctx.ServerError("ListAccessTokens", err)
 		return
diff --git a/routers/user/setting/security.go b/routers/user/setting/security.go
@@ -71,7 +71,7 @@ func loadSecurityData(ctx *context.Context) {
 		ctx.Data["RequireU2F"] = true
 	}
 
-	tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})
 	if err != nil {
 		ctx.ServerError("ListAccessTokens", err)
 		return
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
@@ -10635,9 +10635,8 @@
             "required": true
           },
           {
-            "type": "integer",
-            "format": "int64",
-            "description": "token to be deleted",
+            "type": "string",
+            "description": "token to be deleted, identified by ID and if not available by name",
             "name": "token",
             "in": "path",
             "required": true
@@ -10646,6 +10645,9 @@
         "responses": {
           "204": {
             "$ref": "#/responses/empty"
+          },
+          "422": {
+            "$ref": "#/responses/error"
           }
         }
       }

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@ func DeleteApplication(ctx *context.Context) {`
`80`	`80`	`}`
`81`	`81`
`82`	`82`	`func loadApplicationsData(ctx *context.Context) {`
`83`		`- tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})`
	`83`	`+ tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})`
`84`	`84`	`if err != nil {`
`85`	`85`	`ctx.ServerError("ListAccessTokens", err)`
`86`	`86`	`return`
Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ func loadSecurityData(ctx *context.Context) {`
`71`	`71`	`ctx.Data["RequireU2F"] = true`
`72`	`72`	`}`
`73`	`73`
`74`		`- tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})`
	`74`	`+ tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})`
`75`	`75`	`if err != nil {`
`76`	`76`	`ctx.ServerError("ListAccessTokens", err)`
`77`	`77`	`return`
Original file line number	Diff line number	Diff line change
`@@ -10635,9 +10635,8 @@`
`10635`	`10635`	`"required": true`
`10636`	`10636`	`},`
`10637`	`10637`	`{`
`10638`		`- "type": "integer",`
`10639`		`- "format": "int64",`
`10640`		`- "description": "token to be deleted",`
	`10638`	`+ "type": "string",`
	`10639`	`+ "description": "token to be deleted, identified by ID and if not available by name",`
`10641`	`10640`	`"name": "token",`
`10642`	`10641`	`"in": "path",`
`10643`	`10642`	`"required": true`
`@@ -10646,6 +10645,9 @@`
`10646`	`10645`	`"responses": {`
`10647`	`10646`	`"204": {`
`10648`	`10647`	`"$ref": "#/responses/empty"`
	`10648`	`+ },`
	`10649`	`+ "422": {`
	`10650`	`+ "$ref": "#/responses/error"`
`10649`	`10651`	`}`
`10650`	`10652`	`}`
`10651`	`10653`	`}`