Project API key create and list #114
Conversation
|
This pull request has been linked to Shortcut Story #10407: Implement APIKey Resource Create/List Handlers. |
| // TODO: Validate the auth token | ||
| w.Header().Set("Content-Type", "text/plain") | ||
| w.WriteHeader(http.StatusUnauthorized) | ||
| w.Write([]byte("missing authorization header")) |
There was a problem hiding this comment.
Updated the quarterdeck mock so we can verify that the client is actually sending the authorization token to quarterdeck in tests.
| c.JSON(http.StatusNotImplemented, "not implemented yet") | ||
| } | ||
|
|
||
| // TODO: Implement by factoring out common code from ProjectAPIKeyCreate |
There was a problem hiding this comment.
While reviewing older correspondence, I thought that API Keys would only be created within a project. This is why the client APIKeyCreate was previously removed along with the client info removed (sorry!).
There was a problem hiding this comment.
Right, I think there was (and might still be) some uncertainty about that. I think the original idea was that API keys could be created on either the organization level or within a specific project. It doesn't really matter to quarterdeck however since the projectID is an optional parameter in quarterdeck's CreateAPIKey handler.
Co-authored-by: Danielle <danielle@rotational.io>
Scope of changes
This implements the project API key create and list handlers in Tenant. Note that there's some more work to be done as mentioned in the TODOs regarding security checks to make sure users are not able to interact with projects they are not a part of.
Fixes SC-10407
Type of change
Acceptance criteria
Describe how reviewers can test this change to be sure that it works correctly. Add a checklist if possible.
Author checklist
Reviewer(s) checklist