MCPcopy Index your code
hub / github.com/coder/coder / TestExpireAPIKey

Function TestExpireAPIKey

coderd/apikey_test.go:549–701  ·  view source on GitHub ↗

nolint:tparallel,paralleltest // Subtests share the same coderdtest instance and auditor.

(t *testing.T)

Source from the content-addressed store, hash-verified

547
548//nolint:tparallel,paralleltest // Subtests share the same coderdtest instance and auditor.
549func TestExpireAPIKey(t *testing.T) {
550 t.Parallel()
551
552 auditor := audit.NewMock()
553 adminClient := coderdtest.New(t, &coderdtest.Options{Auditor: auditor})
554 admin := coderdtest.CreateFirstUser(t, adminClient)
555 memberClient, member := coderdtest.CreateAnotherUser(t, adminClient, admin.OrganizationID)
556
557 t.Run("OwnerCanExpireOwnToken", func(t *testing.T) {
558 ctx := testutil.Context(t, testutil.WaitLong)
559
560 // Create a token.
561 res, err := adminClient.CreateToken(ctx, codersdk.Me, codersdk.CreateTokenRequest{
562 Lifetime: time.Hour * 24 * 7,
563 })
564 require.NoError(t, err)
565 keyID := strings.Split(res.Key, "-")[0]
566
567 // Verify the token is not expired.
568 key, err := adminClient.APIKeyByID(ctx, codersdk.Me, keyID)
569 require.NoError(t, err)
570 require.True(t, key.ExpiresAt.After(dbtime.Now()))
571
572 auditor.ResetLogs()
573
574 // Expire the token.
575 err = adminClient.ExpireAPIKey(ctx, codersdk.Me, keyID)
576 require.NoError(t, err)
577
578 // Verify the token is expired.
579 key, err = adminClient.APIKeyByID(ctx, codersdk.Me, keyID)
580 require.NoError(t, err)
581 require.True(t, key.ExpiresAt.Before(dbtime.Now()))
582
583 // Verify audit log.
584 als := auditor.AuditLogs()
585 require.Len(t, als, 1)
586 require.Equal(t, database.AuditActionWrite, als[0].Action)
587 require.Equal(t, database.ResourceTypeApiKey, als[0].ResourceType)
588 require.Equal(t, admin.UserID.String(), als[0].UserID.String())
589 })
590
591 t.Run("AdminCanExpireOtherUsersToken", func(t *testing.T) {
592 ctx := testutil.Context(t, testutil.WaitLong)
593
594 // Create a token for the member.
595 res, err := memberClient.CreateToken(ctx, codersdk.Me, codersdk.CreateTokenRequest{
596 Lifetime: time.Hour * 24 * 7,
597 })
598 require.NoError(t, err)
599 keyID := strings.Split(res.Key, "-")[0]
600
601 // Admin expires the member's token.
602 err = adminClient.ExpireAPIKey(ctx, member.ID.String(), keyID)
603 require.NoError(t, err)
604
605 // Verify the token is expired.
606 key, err := memberClient.APIKeyByID(ctx, codersdk.Me, keyID)

Callers

nothing calls this directly

Calls 15

StatusCodeMethod · 0.95
NewMockFunction · 0.92
NewFunction · 0.92
CreateFirstUserFunction · 0.92
CreateAnotherUserFunction · 0.92
ContextFunction · 0.92
NowFunction · 0.92
CreateTokenMethod · 0.80
APIKeyByIDMethod · 0.80
ResetLogsMethod · 0.80
ExpireAPIKeyMethod · 0.80
DeleteAPIKeyMethod · 0.80

Tested by

no test coverage detected