Allow deleting api keys after use. (#1206)

This commit is contained in:
Dan Funk 2024-03-14 10:43:14 -04:00 committed by GitHub
parent 5724cf35bd
commit f8f64c3350
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 48 additions and 1 deletions

View File

@ -31,7 +31,7 @@ class ServiceAccountModel(SpiffworkflowBaseDBModel):
api_key_hash: str = db.Column(db.String(255), nullable=False, unique=True, index=True) api_key_hash: str = db.Column(db.String(255), nullable=False, unique=True, index=True)
user = relationship("UserModel", uselist=False, cascade="delete", foreign_keys=[user_id]) # type: ignore user = relationship("UserModel", uselist=False, foreign_keys=[user_id]) # type: ignore
updated_at_in_seconds: int = db.Column(db.Integer) updated_at_in_seconds: int = db.Column(db.Integer)
created_at_in_seconds: int = db.Column(db.Integer) created_at_in_seconds: int = db.Column(db.Integer)

View File

@ -2,6 +2,7 @@ import json
from flask.app import Flask from flask.app import Flask
from flask.testing import FlaskClient from flask.testing import FlaskClient
from spiffworkflow_backend import db
from spiffworkflow_backend.models.user import UserModel from spiffworkflow_backend.models.user import UserModel
from spiffworkflow_backend.services.service_account_service import ServiceAccountService from spiffworkflow_backend.services.service_account_service import ServiceAccountService
from spiffworkflow_backend.services.user_service import UserService from spiffworkflow_backend.services.user_service import UserService
@ -46,3 +47,49 @@ class TestServiceAccounts(BaseTest):
assert response.status_code == 201 assert response.status_code == 201
assert response.json is not None assert response.json is not None
assert response.json["key"] == post_body["key"] assert response.json["key"] == post_body["key"]
def test_send_message_with_service_account(
self,
app: Flask,
client: FlaskClient,
with_db_and_bpmn_file_cleanup: None,
with_super_admin_user: UserModel,
) -> None:
api_key_name = "heyhey"
# Create Service Account
service_account = ServiceAccountService.create_service_account(api_key_name, with_super_admin_user)
# ensure process model is loaded
process_group_id = "test_message_send"
process_model_id = "message_receiver"
bpmn_file_name = "message_receiver.bpmn"
bpmn_file_location = "message_send_one_conversation"
self.create_group_and_model_with_bpmn(
client,
with_super_admin_user,
process_group_id=process_group_id,
process_model_id=process_model_id,
bpmn_file_name=bpmn_file_name,
bpmn_file_location=bpmn_file_location,
)
# Send message with Service Account
message_model_identifier = "Request Approval"
payload = {
"customer_id": "sartography",
"po_number": "1001",
"amount": "One Billion Dollars! Mwhahahahahaha",
"description": "But seriously.",
}
response = client.post(
f"/v1.0/messages/{message_model_identifier}",
content_type="application/json",
headers={"SpiffWorkflow-Api-Key": service_account.api_key},
data=json.dumps(payload),
)
assert response.status_code == 200
# It should be possible to delete the service account after starting a process.
db.session.delete(service_account)
db.session.commit()