From b1d13a2d897147de8290a03e624efe4000dc9aa7 Mon Sep 17 00:00:00 2001 From: Adrian Carolli Date: Thu, 11 Jan 2018 16:30:55 -0500 Subject: [PLT-7793] Add /users/tokens/search endpoint (#8088) * Add /users/tokens/search endpoint + tests * Fix check-style * Unnecessary deletion --- api4/user.go | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'api4/user.go') diff --git a/api4/user.go b/api4/user.go index cd26b00e3..a664acfac 100644 --- a/api4/user.go +++ b/api4/user.go @@ -60,6 +60,7 @@ func (api *API) InitUser() { api.BaseRoutes.User.Handle("/tokens", api.ApiSessionRequired(createUserAccessToken)).Methods("POST") api.BaseRoutes.User.Handle("/tokens", api.ApiSessionRequired(getUserAccessTokensForUser)).Methods("GET") api.BaseRoutes.Users.Handle("/tokens", api.ApiSessionRequired(getUserAccessTokens)).Methods("GET") + api.BaseRoutes.Users.Handle("/tokens/search", api.ApiSessionRequired(searchUserAccessTokens)).Methods("POST") api.BaseRoutes.Users.Handle("/tokens/{token_id:[A-Za-z0-9]+}", api.ApiSessionRequired(getUserAccessToken)).Methods("GET") api.BaseRoutes.Users.Handle("/tokens/revoke", api.ApiSessionRequired(revokeUserAccessToken)).Methods("POST") api.BaseRoutes.Users.Handle("/tokens/disable", api.ApiSessionRequired(disableUserAccessToken)).Methods("POST") @@ -1241,6 +1242,30 @@ func createUserAccessToken(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(accessToken.ToJson())) } +func searchUserAccessTokens(c *Context, w http.ResponseWriter, r *http.Request) { + if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + props := model.UserAccessTokenSearchFromJson(r.Body) + if props == nil { + c.SetInvalidParam("user_access_token_search") + return + } + + if len(props.Term) == 0 { + c.SetInvalidParam("term") + return + } + accessTokens, err := c.App.SearchUserAccessTokens(props.Term) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(model.UserAccessTokenListToJson(accessTokens))) +} + func getUserAccessTokens(c *Context, w http.ResponseWriter, r *http.Request) { if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) -- cgit v1.2.3-1-g7c22