New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Project API key create and list #114
Conversation
This pull request has been linked to Shortcut Story #10407: Implement APIKey Resource Create/List Handlers. |
// TODO: Validate the auth token | ||
w.Header().Set("Content-Type", "text/plain") | ||
w.WriteHeader(http.StatusUnauthorized) | ||
w.Write([]byte("missing authorization header")) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated the quarterdeck mock so we can verify that the client is actually sending the authorization token to quarterdeck in tests.
c.JSON(http.StatusNotImplemented, "not implemented yet") | ||
} | ||
|
||
// TODO: Implement by factoring out common code from ProjectAPIKeyCreate |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While reviewing older correspondence, I thought that API Keys would only be created within a project. This is why the client APIKeyCreate was previously removed along with the client info removed (sorry!).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, I think there was (and might still be) some uncertainty about that. I think the original idea was that API keys could be created on either the organization level or within a specific project. It doesn't really matter to quarterdeck however since the projectID is an optional parameter in quarterdeck's CreateAPIKey handler.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! There's only one very small suggestion.
Co-authored-by: Danielle <danielle@rotational.io>
Scope of changes
This implements the project API key create and list handlers in Tenant. Note that there's some more work to be done as mentioned in the TODOs regarding security checks to make sure users are not able to interact with projects they are not a part of.
Fixes SC-10407
Type of change
Acceptance criteria
Describe how reviewers can test this change to be sure that it works correctly. Add a checklist if possible.
Author checklist
Reviewer(s) checklist