sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-11 19:44:35 +00:00
Code Issues Projects Releases Wiki Activity

feat: add an api endpoint for admin to get list of client ids

Browse Source
This commit is contained in:
Sabir Hassan
2023-04-04 23:57:01 +05:00
parent a433786011
commit 6ffaa7e9e2
4 changed files with 160 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
api/public/swagger.yaml
View File

@@ -758,6 +758,27 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/ClientPayload' $ref: '#/components/schemas/ClientPayload'
get:
operationId: GetAllClients
responses:
'200':
description: Ok
content:
application/json:
schema:
items:
$ref: '#/components/schemas/ClientPayload'
type: array
examples:
'Example 1':
value: [{clientId: someClientID1234, clientSecret: someRandomCryptoString, accessTokenExpiration: 86400}, {clientId: someOtherClientID, clientSecret: someOtherRandomCryptoString, accessTokenExpiration: 86400}]
summary: 'Admin only task. Returns the list of all the clients *'
tags:
- Client
security:
-
bearerAuth: []
parameters: []
/SASjsApi/code/execute: /SASjsApi/code/execute:
post: post:
operationId: ExecuteCode operationId: ExecuteCode

34
api/src/controllers/client.ts
View File

@@ -1,4 +1,4 @@
import { Security, Route, Tags, Example, Post, Body } from 'tsoa' import { Security, Route, Tags, Example, Post, Body, Get } from 'tsoa'
import Client, { import Client, {
ClientPayload, ClientPayload,
@@ -29,6 +29,28 @@ export class ClientController {
): Promise<ClientPayload> { ): Promise<ClientPayload> {
return createClient(body) return createClient(body)
} }
/**
* @summary Admin only task. Returns the list of all the clients
*/
@Example<ClientPayload[]>([
{
clientId: 'someClientID1234',
clientSecret: 'someRandomCryptoString',
accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
},
{
clientId: 'someOtherClientID',
clientSecret: 'someOtherRandomCryptoString',
accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
}
])
@Get('/')
public async getAllClients(): Promise<ClientPayload[]> {
return getAllClients()
}
} }
const createClient = async (data: ClientPayload): Promise<ClientPayload> => { const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
@@ -60,3 +82,13 @@ const createClient = async (data: ClientPayload): Promise<ClientPayload> => {
refreshTokenExpiration: savedClient.refreshTokenExpiration refreshTokenExpiration: savedClient.refreshTokenExpiration
} }
} }
const getAllClients = async (): Promise<ClientPayload[]> => {
return Client.find({}).select({
_id: 0,
clientId: 1,
clientSecret: 1,
accessTokenExpiration: 1,
refreshTokenExpiration: 1
})
}

16
api/src/routes/api/client.ts
View File

@@ -1,6 +1,7 @@
import express from 'express' import express from 'express'
import { ClientController } from '../../controllers' import { ClientController } from '../../controllers'
import { registerClientValidation } from '../../utils' import { registerClientValidation } from '../../utils'
import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
const clientRouter = express.Router() const clientRouter = express.Router()
@@ -17,4 +18,19 @@ clientRouter.post('/', async (req, res) => {
} }
}) })
clientRouter.get(
'/',
authenticateAccessToken,
verifyAdmin,
async (req, res) => {
const controller = new ClientController()
try {
const response = await controller.getAllClients()
res.send(response)
} catch (err: any) {
res.status(403).send(err.toString())
}
}
)
export default clientRouter export default clientRouter

106
api/src/routes/api/spec/client.spec.ts
View File

@@ -5,6 +5,7 @@ import request from 'supertest'
import appPromise from '../../../app' import appPromise from '../../../app'
import { UserController, ClientController } from '../../../controllers/' import { UserController, ClientController } from '../../../controllers/'
import { generateAccessToken, saveTokensInDB } from '../../../utils' import { generateAccessToken, saveTokensInDB } from '../../../utils'
import { NUMBER_OF_SECONDS_IN_A_DAY } from '../../../model/Client'
const client = { const client = {
clientId: 'someclientID', clientId: 'someclientID',
@@ -26,6 +27,7 @@ describe('client', () => {
let app: Express let app: Express
let con: Mongoose let con: Mongoose
let mongoServer: MongoMemoryServer let mongoServer: MongoMemoryServer
let adminAccessToken: string
const userController = new UserController() const userController = new UserController()
const clientController = new ClientController() const clientController = new ClientController()
@@ -34,6 +36,18 @@ describe('client', () => {
mongoServer = await MongoMemoryServer.create() mongoServer = await MongoMemoryServer.create()
con = await mongoose.connect(mongoServer.getUri()) con = await mongoose.connect(mongoServer.getUri())
const dbUser = await userController.createUser(adminUser)
adminAccessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.id
})
await saveTokensInDB(
dbUser.id,
client.clientId,
adminAccessToken,
'refreshToken'
)
}) })
afterAll(async () => { afterAll(async () => {
@@ -43,22 +57,6 @@ describe('client', () => {
}) })
describe('create', () => { describe('create', () => {
let adminAccessToken: string
beforeAll(async () => {
const dbUser = await userController.createUser(adminUser)
adminAccessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.id
})
await saveTokensInDB(
dbUser.id,
client.clientId,
adminAccessToken,
'refreshToken'
)
})
afterEach(async () => { afterEach(async () => {
const collections = mongoose.connection.collections const collections = mongoose.connection.collections
const collection = collections['clients'] const collection = collections['clients']
@@ -157,4 +155,80 @@ describe('client', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
}) })
describe('get', () => {
afterEach(async () => {
const collections = mongoose.connection.collections
const collection = collections['clients']
await collection.deleteMany({})
})
it('should respond with an array of all clients', async () => {
await clientController.createClient(newClient)
await clientController.createClient({
clientId: 'clientID',
clientSecret: 'clientSecret'
})
const res = await request(app)
.get('/SASjsApi/client')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
const expected = [
{
clientId: 'newClientID',
clientSecret: 'newClientSecret',
accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
},
{
clientId: 'clientID',
clientSecret: 'clientSecret',
accessTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY,
refreshTokenExpiration: NUMBER_OF_SECONDS_IN_A_DAY * 30
}
]
expect(res.body).toEqual(expected)
})
it('should respond with Unauthorized if access token is not present', async () => {
const res = await request(app).get('/SASjsApi/client').send().expect(401)
expect(res.text).toEqual('Unauthorized')
expect(res.body).toEqual({})
})
it('should respond with Forbideen if access token is not of an admin account', async () => {
const user = {
displayName: 'User 2',
username: 'username2',
password: '12345678',
isAdmin: false,
isActive: true
}
const dbUser = await userController.createUser(user)
const accessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.id
})
await saveTokensInDB(
dbUser.id,
client.clientId,
accessToken,
'refreshToken'
)
const res = await request(app)
.get('/SASjsApi/client')
.auth(accessToken, { type: 'bearer' })
.send()
.expect(401)
expect(res.text).toEqual('Admin account required')
expect(res.body).toEqual({})
})
})
}) })