feat(medusa): PublishableApiKeys CRUD (#2567)

2022-11-14 19:30:24 +01:00
parent d2b1848e52
commit d0809bdf25
15 changed files with 1036 additions and 4 deletions
@@ -37,6 +37,7 @@ export * from "./routes/admin/price-lists"
 export * from "./routes/admin/product-tags"
 export * from "./routes/admin/product-types"
 export * from "./routes/admin/products"
+export * from "./routes/admin/publishable-api-keys"
 export * from "./routes/admin/regions"
 export * from "./routes/admin/return-reasons"
 export * from "./routes/admin/returns"
@@ -20,6 +20,7 @@ import orderRoutes from "./orders"
 import priceListRoutes from "./price-lists"
 import productTagRoutes from "./product-tags"
 import productTypesRoutes from "./product-types"
+import publishableApiKeyRoutes from "./publishable-api-keys"
 import productRoutes from "./products"
 import regionRoutes from "./regions"
 import returnReasonRoutes from "./return-reasons"
@@ -89,6 +90,7 @@ export default (app, container, config) => {
  productRoutes(route, featureFlagRouter)
  productTagRoutes(route)
  productTypesRoutes(route)
+  publishableApiKeyRoutes(route)
  regionRoutes(route, featureFlagRouter)
  returnReasonRoutes(route)
  returnRoutes(route)
@@ -6,8 +6,8 @@ import { IsOptional, IsString } from "class-validator"
 /**
 * @oas [get] /order-edits
 * operationId: "GetOrderEdits"
- * summary: "List an OrderEdit"
- * description: "List a OrderEdit."
+ * summary: "List OrderEdits"
+ * description: "List OrderEdits."
 * x-authenticated: true
 * parameters:
 *   - (query) q {string} Query used for searching order edit internal note.
@@ -0,0 +1,72 @@
+import { Request, Response } from "express"
+import { EntityManager } from "typeorm"
+
+import PublishableApiKeyService from "../../../../services/publishable-api-key"
+
+/**
+ * @oas [post] /publishable-api-keys
+ * operationId: "PostPublishableApiKeys"
+ * summary: "Create a PublishableApiKey"
+ * description: "Creates a PublishableApiKey."
+ * x-authenticated: true
+ * x-codeSamples:
+ *   - lang: JavaScript
+ *     label: JS Client
+ *     source: |
+ *       import Medusa from "@medusajs/medusa-js"
+ *       const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
+ *       // must be previously logged in or use api token
+ *       medusa.admin.publishableApiKey.create()
+ *         .then(({ publishable_api_key }) => {
+ *           console.log(publishable_api_key.id)
+ *         })
+ *   - lang: Shell
+ *     label: cURL
+ *     source: |
+ *       curl --location --request POST 'https://medusa-url.com/admin/publishable-api-keys' \
+ *       --header 'Authorization: Bearer {api_token}'
+ *       -d '{ "created_by": "user_123" }'
+ * security:
+ *   - api_token: []
+ *   - cookie_auth: []
+ * tags:
+ *   - PublishableApiKey
+ * responses:
+ *   200:
+ *     description: OK
+ *     content:
+ *       application/json:
+ *         schema:
+ *           properties:
+ *             publishable_api_key:
+ *               $ref: "#/components/schemas/publishable_api_key"
+ *   "400":
+ *     $ref: "#/components/responses/400_error"
+ *   "401":
+ *     $ref: "#/components/responses/unauthorized"
+ *   "404":
+ *     $ref: "#/components/responses/not_found_error"
+ *   "409":
+ *     $ref: "#/components/responses/invalid_state_error"
+ *   "422":
+ *     $ref: "#/components/responses/invalid_request_error"
+ *   "500":
+ *     $ref: "#/components/responses/500_error"
+ */
+export default async (req: Request, res: Response) => {
+  const publishableApiKeyService = req.scope.resolve(
+    "publishableApiKeyService"
+  ) as PublishableApiKeyService
+
+  const manager = req.scope.resolve("manager") as EntityManager
+
+  const loggedInUserId = (req.user?.id ?? req.user?.userId) as string
+
+  const pubKey = await manager.transaction(async (transactionManager) => {
+    return await publishableApiKeyService
+      .withTransaction(transactionManager)
+      .create({ loggedInUserId })
+  })
+
+  return res.status(200).json({ publishable_api_key: pubKey })
+}
@@ -0,0 +1,76 @@
+import { EntityManager } from "typeorm"
+
+import PublishableApiKeyService from "../../../../services/publishable-api-key"
+
+/**
+ * @oas [delete] /publishable-api-keys/{id}
+ * operationId: "DeletePublishableApiKeysPublishableApiKey"
+ * summary: "Delete a PublishableApiKey"
+ * description: "Deletes a PublishableApiKeys"
+ * x-authenticated: true
+ * parameters:
+ *   - (path) id=* {string} The ID of the PublishableApiKeys to delete.
+ * x-codeSamples:
+ *   - lang: JavaScript
+ *     label: JS Client
+ *     source: |
+ *       import Medusa from "@medusajs/medusa-js"
+ *       const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
+ *       // must be previously logged in or use api token
+ *       medusa.admin.publishableApiKey.delete(key_id)
+ *         .then(({ id, object, deleted }) => {
+ *           console.log(id)
+ *         })
+ *   - lang: Shell
+ *     label: cURL
+ *     source: |
+ *       curl --location --request DELETE 'https://medusa-url.com/admin/publishable-api-key/{id}' \
+ *       --header 'Authorization: Bearer {api_token}'
+ * security:
+ *   - api_token: []
+ *   - cookie_auth: []
+ * tags:
+ *   - PublishableApiKey
+ * responses:
+ *   200:
+ *     description: OK
+ *     content:
+ *       application/json:
+ *         schema:
+ *           properties:
+ *             id:
+ *               type: string
+ *               description: The ID of the deleted PublishableApiKey.
+ *             object:
+ *               type: string
+ *               description: The type of the object that was deleted.
+ *               format: publishable_api_key
+ *             deleted:
+ *               type: boolean
+ *               description: Whether the PublishableApiKeys was deleted.
+ *               default: true
+ *   "400":
+ *     $ref: "#/components/responses/400_error"
+ */
+
+export default async (req, res) => {
+  const { id } = req.params
+
+  const publishableApiKeyService: PublishableApiKeyService = req.scope.resolve(
+    "publishableApiKeyService"
+  )
+
+  const manager: EntityManager = req.scope.resolve("manager")
+
+  await manager.transaction(async (transactionManager) => {
+    await publishableApiKeyService
+      .withTransaction(transactionManager)
+      .delete(id)
+  })
+
+  res.status(200).send({
+    id,
+    object: "publishable_api_key",
+    deleted: true,
+  })
+}
@@ -0,0 +1,67 @@
+import { Request, Response } from "express"
+
+import PublishableApiKeyService from "../../../../services/publishable-api-key"
+
+/**
+ * @oas [get] /publishable-api-keys/{id}
+ * operationId: "GetPublishableApiKeysPublishableApiKey"
+ * summary: "Get a Publishable API Key"
+ * description: "Retrieve the Publishable Api Key."
+ * parameters:
+ *   - (path) id=* {string} The ID of the PublishableApiKey.
+ * x-authenticated: true
+ * x-codeSamples:
+ *   - lang: JavaScript
+ *     label: JS Client
+ *     source: |
+ *       import Medusa from "@medusajs/medusa-js"
+ *       const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
+ *       // must be previously logged in or use api token
+ *       medusa.admin.publishableApiKey.retrieve(pubKeyId)
+ *         .then(({ publishable_api_key }) => {
+ *           console.log(publishable_api_key.id)
+ *         })
+ *   - lang: Shell
+ *     label: cURL
+ *     source: |
+ *       curl --location --request GET 'https://medusa-url.com/admin/publishable-api-keys/pubkey_123' \
+ *       --header 'Authorization: Bearer {api_token}'
+ *       -d '{ "created_by": "user_123" }'
+ * security:
+ *   - api_token: []
+ *   - cookie_auth: []
+ * tags:
+ *   - PublishableApiKey
+ * responses:
+ *   200:
+ *     description: OK
+ *     content:
+ *       application/json:
+ *         schema:
+ *           properties:
+ *             publishable_api_key:
+ *               $ref: "#/components/schemas/publishable_api_key"
+ *   "400":
+ *     $ref: "#/components/responses/400_error"
+ *   "401":
+ *     $ref: "#/components/responses/unauthorized"
+ *   "404":
+ *     $ref: "#/components/responses/not_found_error"
+ *   "409":
+ *     $ref: "#/components/responses/invalid_state_error"
+ *   "422":
+ *     $ref: "#/components/responses/invalid_request_error"
+ *   "500":
+ *     $ref: "#/components/responses/500_error"
+ */
+export default async (req: Request, res: Response) => {
+  const { id } = req.params
+
+  const publishableApiKeyService = req.scope.resolve(
+    "publishableApiKeyService"
+  ) as PublishableApiKeyService
+
+  const pubKey = await publishableApiKeyService.retrieve(id)
+
+  return res.json({ publishable_api_key: pubKey })
+}
@@ -0,0 +1,56 @@
+import { Router } from "express"
+
+import { isFeatureFlagEnabled } from "../../../middlewares/feature-flag-enabled"
+import PublishableAPIKeysFeatureFlag from "../../../../loaders/feature-flags/publishable-api-keys"
+import middlewares, { transformQuery } from "../../../middlewares"
+import { GetPublishableApiKeysParams } from "./list-publishable-api-keys"
+import { PublishableApiKey } from "../../../../models"
+import { DeleteResponse, PaginatedResponse } from "../../../../types/common"
+
+const route = Router()
+
+export default (app) => {
+  app.use(
+    "/publishable-api-keys",
+    isFeatureFlagEnabled(PublishableAPIKeysFeatureFlag.key),
+    route
+  )
+
+  route.post(
+    "/",
+    middlewares.wrap(require("./create-publishable-api-key").default)
+  )
+
+  route.get(
+    "/:id",
+    middlewares.wrap(require("./get-publishable-api-key").default)
+  )
+
+  route.delete(
+    "/:id",
+    middlewares.wrap(require("./delete-publishable-api-key").default)
+  )
+
+  route.post(
+    "/:id/revoke",
+    middlewares.wrap(require("./revoke-publishable-api-key").default)
+  )
+
+  route.get(
+    "/",
+    transformQuery(GetPublishableApiKeysParams, {
+      isList: true,
+    }),
+    middlewares.wrap(require("./list-publishable-api-keys").default)
+  )
+}
+
+export type AdminPublishableApiKeysRes = {
+  publishable_api_key: PublishableApiKey
+}
+export type AdminPublishableApiKeysListRes = PaginatedResponse & {
+  publishable_api_keys: PublishableApiKey[]
+}
+export type AdminPublishableApiKeyDeleteRes = DeleteResponse
+
+export * from "./list-publishable-api-keys"
@@ -0,0 +1,87 @@
+import { Request, Response } from "express"
+import { IsOptional, IsString } from "class-validator"
+
+import { extendedFindParamsMixin } from "../../../../types/common"
+import PublishableApiKeyService from "../../../../services/publishable-api-key"
+
+/**
+ * @oas [get] /publishable-api-keys
+ * operationId: "GetPublishableApiKeys"
+ * summary: "List PublishableApiKeys"
+ * description: "List PublishableApiKeys."
+ * x-authenticated: true
+ * parameters:
+ *   - (query) order_id {string} List publishable keys by id.
+ *   - (query) limit=20 {number} The number of items in the response
+ *   - (query) offset=0 {number} The offset of items in response
+ *   - (query) expand {string} Comma separated list of relations to include in the results.
+ *   - (query) fields {string} Comma separated list of fields to include in the results.
+ * x-codeSamples:
+ *   - lang: JavaScript
+ *     label: JS Client
+ *     source: |
+ *       import Medusa from "@medusajs/medusa-js"
+ *       const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
+ *       // must be previously logged in or use api token
+ *       medusa.admin.publishableApiKeys.list()
+ *         .then(({ publishable_api_keys }) => {
+ *           console.log(publishable_api_keys)
+ *         })
+ *   - lang: Shell
+ *     label: cURL
+ *     source: |
+ *       curl --location --request GET 'https://medusa-url.com/admin/publishable-api-keys' \
+ *       --header 'Authorization: Bearer {api_token}'
+ * security:
+ *   - api_token: []
+ *   - cookie_auth: []
+ * tags:
+ *   - PublishableApiKeys
+ * responses:
+ *   200:
+ *     description: OK
+ *     content:
+ *       application/json:
+ *         schema:
+ *           properties:
+ *             publishable_api_keys:
+ *               type: array
+ *               $ref: "#/components/schemas/publishable_api_key"
+ *   "400":
+ *     $ref: "#/components/responses/400_error"
+ *   "401":
+ *     $ref: "#/components/responses/unauthorized"
+ *   "404":
+ *     $ref: "#/components/responses/not_found_error"
+ *   "409":
+ *     $ref: "#/components/responses/invalid_state_error"
+ *   "422":
+ *     $ref: "#/components/responses/invalid_request_error"
+ *   "500":
+ *     $ref: "#/components/responses/500_error"
+ */
+export default async (req: Request, res: Response) => {
+  const publishableApiKeyService: PublishableApiKeyService = req.scope.resolve(
+    "publishableApiKeyService"
+  )
+
+  const { filterableFields, listConfig } = req
+  const { skip, take } = listConfig
+
+  const [pubKeys, count] = await publishableApiKeyService.listAndCount(
+    filterableFields,
+    listConfig
+  )
+
+  return res.json({
+    publishable_api_keys: pubKeys,
+    count,
+    limit: take,
+    offset: skip,
+  })
+}
+
+export class GetPublishableApiKeysParams extends extendedFindParamsMixin({
+  limit: 20,
+  offset: 0,
+}) {}
@@ -0,0 +1,78 @@
+import { Request, Response } from "express"
+import { EntityManager } from "typeorm"
+
+import PublishableApiKeyService from "../../../../services/publishable-api-key"
+
+/**
+ * @oas [post] /publishable-api-keys/{id}/revoke
+ * operationId: "PostPublishableApiKeysPublishableApiKeyRevoke"
+ * summary: "Revoke a PublishableApiKey"
+ * description: "Revokes a PublishableApiKey."
+ * parameters:
+ *   - (path) id=* {string} The ID of the PublishableApiKey.
+ * x-authenticated: true
+ * x-codeSamples:
+ *   - lang: JavaScript
+ *     label: JS Client
+ *     source: |
+ *       import Medusa from "@medusajs/medusa-js"
+ *       const medusa = new Medusa({ baseUrl: MEDUSA_BACKEND_URL, maxRetries: 3 })
+ *       // must be previously logged in or use api token
+ *       medusa.admin.publishableApiKey.revoke()
+ *         .then(({ publishable_api_key }) => {
+ *           console.log(publishable_api_key.id)
+ *         })
+ *   - lang: Shell
+ *     label: cURL
+ *     source: |
+ *       curl --location --request POST 'https://medusa-url.com/admin/publishable-api-keys/pubkey_123/revoke' \
+ *       --header 'Authorization: Bearer {api_token}'
+ *       -d '{ "created_by": "user_123", "revoked_by": "user_123" }'
+ * security:
+ *   - api_token: []
+ *   - cookie_auth: []
+ * tags:
+ *   - PublishableApiKey
+ * responses:
+ *   200:
+ *     description: OK
+ *     content:
+ *       application/json:
+ *         schema:
+ *           properties:
+ *             publishable_api_key:
+ *               $ref: "#/components/schemas/publishable_api_key"
+ *   "400":
+ *     $ref: "#/components/responses/400_error"
+ *   "401":
+ *     $ref: "#/components/responses/unauthorized"
+ *   "404":
+ *     $ref: "#/components/responses/not_found_error"
+ *   "409":
+ *     $ref: "#/components/responses/invalid_state_error"
+ *   "422":
+ *     $ref: "#/components/responses/invalid_request_error"
+ *   "500":
+ *     $ref: "#/components/responses/500_error"
+ */
+export default async (req: Request, res: Response) => {
+  const { id } = req.params
+
+  const publishableApiKeyService = req.scope.resolve(
+    "publishableApiKeyService"
+  ) as PublishableApiKeyService
+
+  const manager = req.scope.resolve("manager") as EntityManager
+
+  const loggedInUserId = (req.user?.id ?? req.user?.userId) as string
+
+  const pubKey = await manager.transaction(async (transactionManager) => {
+    const publishableApiKeyServiceTx =
+      publishableApiKeyService.withTransaction(transactionManager)
+
+    await publishableApiKeyServiceTx.revoke(id, { loggedInUserId })
+    return await publishableApiKeyServiceTx.retrieve(id)
+  })
+
+  return res.json({ publishable_api_key: pubKey })
+}