Merge pull request #2431 from RedisInsight/feature/RI-4767-store-api-keys-locally

#RI-4798, #RI-4767 capi keys storage

Author: vlad-dargel

redisinsight/api/config/ormconfig.ts

@@ -20,6 +20,7 @@ import { FeaturesConfigEntity } from 'src/modules/feature/entities/features-conf
 import { CloudDatabaseDetailsEntity } from 'src/modules/cloud/database/entities/cloud-database-details.entity';
 import migrations from '../migration';
 import * as config from '../src/utils/config';
+import { CloudCapiKeyEntity } from 'src/modules/cloud/capi-key/entity/cloud-capi-key.entity';
 
 const dbConfig = config.get('db');
 
@@ -46,6 +47,7 @@ const ormConfig = {
     FeatureEntity,
     FeaturesConfigEntity,
     CloudDatabaseDetailsEntity,
+    CloudCapiKeyEntity,
   ],
   migrations,
 };

redisinsight/api/migration/1691061058385-cloud-capi-keys.ts

@@ -0,0 +1,14 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class CloudCapiKeys1691061058385 implements MigrationInterface {
+    name = 'CloudCapiKeys1691061058385'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`CREATE TABLE "cloud_capi_key" ("id" varchar PRIMARY KEY NOT NULL, "userId" varchar NOT NULL, "name" varchar NOT NULL, "cloudAccountId" integer NOT NULL, "cloudUserId" integer NOT NULL, "capiKey" varchar, "capiSecret" varchar, "valid" boolean DEFAULT (1), "encryption" varchar, "createdAt" datetime, "lastUsed" datetime, CONSTRAINT "UQ_9de67df9deb5d91c09c03b8d719" UNIQUE ("userId", "cloudAccountId", "cloudUserId"))`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`DROP TABLE "cloud_capi_key"`);
+    }
+
+}

redisinsight/api/migration/index.ts

@@ -36,6 +36,7 @@ import { DatabaseRedisServer1686719451753 } from './1686719451753-database-redis
 import { DatabaseRecommendationUnique1687435940110 } from './1687435940110-database-recommendation-unique';
 import { CloudDatabaseDetails1687166457712 } from './1687166457712-cloud-database-details';
 import { FreeCloudDatabase1688989337247 } from './1688989337247-freeCloudDatabase';
+import { CloudCapiKeys1691061058385 } from './1691061058385-cloud-capi-keys';
 
 export default [
   initialMigration1614164490968,
@@ -76,4 +77,5 @@ export default [
   DatabaseRecommendationUnique1687435940110,
   CloudDatabaseDetails1687166457712,
   FreeCloudDatabase1688989337247,
+  CloudCapiKeys1691061058385,
 ];

redisinsight/api/src/__mocks__/cloud-capi-key.ts

@@ -0,0 +1,47 @@
+import { CloudCapiAuthDto } from 'src/modules/cloud/common/dto';
+import { CloudCapiKey, ICloudApiCapiAccessKey, ICloudApiCapiKey } from 'src/modules/cloud/capi-key/model';
+import { mockServer } from 'src/__mocks__/server';
+
+export const mockCloudCapiAuthDto: CloudCapiAuthDto = {
+  capiKey: 'capi_key',
+  capiSecret: 'capi_secret_key',
+};
+
+export const mockCloudApiCapiAccessKey: ICloudApiCapiAccessKey = {
+  accessKey: mockCloudCapiAuthDto.capiKey,
+};
+
+export const mockCloudApiCapiKey: ICloudApiCapiKey = {
+  id: 3001,
+  name: 'capi-key-name',
+  user_account: 40131,
+  secret_key: mockCloudCapiAuthDto.capiSecret,
+};
+
+export const mockCloudCapiKey = Object.assign(new CloudCapiKey(), {
+  id: '56070e1e-cc50-41c2-b695-585405736af4',
+  name: `RedisInsight-${mockServer.id.slice(0, 13)}-1577836800000`,
+  userId: '84cece4b-b074-49be-88e0-44c5f3f59123',
+  cloudUserId: 10001,
+  cloudAccountId: 20001,
+  capiKey: mockCloudCapiAuthDto.capiKey,
+  capiSecret: mockCloudCapiAuthDto.capiSecret,
+  valid: true,
+  createdAt: new Date('2020-01-01T00:00:00.000Z'),
+  lastUsed: new Date(),
+});
+
+export const mockCloudCapiKeyApiProvider = jest.fn(() => ({
+  enableCapi: jest.fn().mockResolvedValue(mockCloudApiCapiAccessKey.accessKey),
+  createCapiKey: jest.fn().mockResolvedValue(mockCloudApiCapiKey),
+}));
+
+export const mockCloudCapiKeyService = jest.fn(() => ({
+  getCapiCredentials: jest.fn().mockResolvedValue(mockCloudCapiAuthDto),
+  handleCapiKeyUnauthorizedError: jest.fn().mockImplementation((e) => e),
+}));
+
+export const mockCloudCapiKeyAnalytics = jest.fn(() => ({
+  sendCloudAccountKeyGenerated: jest.fn(),
+  sendCloudAccountKeyGenerationFailed: jest.fn(),
+}));

redisinsight/api/src/__mocks__/cloud-user.ts

@@ -2,16 +2,15 @@ import {
   CloudAccountInfo,
   CloudUser,
   CloudUserAccount,
-  ICloudApiAccount, ICloudApiCapiAccessKey,
-  ICloudApiCapiKey,
+  ICloudApiAccount,
   ICloudApiCsrfToken,
   ICloudApiUser,
   ICloudCapiAccount,
 } from 'src/modules/cloud/user/models';
-import { CloudCapiAuthDto } from 'src/modules/cloud/common/dto';
 import { ICloudApiCredentials } from 'src/modules/cloud/common/models';
 import config from 'src/utils/config';
 import { classToPlain } from 'class-transformer';
+import { mockCloudApiCapiAccessKey, mockCloudCapiAuthDto } from 'src/__mocks__/cloud-capi-key';
 
 const serverConfig = config.get('server');
 
@@ -51,11 +50,6 @@ export const mockCloudUserCapiService = jest.fn(() => ({
 }));
 
 // ======================================= API =======================================
-export const mockCloudCapiAuthDto: CloudCapiAuthDto = {
-  capiKey: 'capi_key',
-  capiSecret: 'capi_secret_key',
-};
-
 export const mockCloudCapiHeaders = {
   headers: {
     'x-api-key': mockCloudCapiAuthDto.capiKey,
@@ -64,10 +58,6 @@ export const mockCloudCapiHeaders = {
   },
 };
 
-export const mockCloudApiCapiAccessKey: ICloudApiCapiAccessKey = {
-  accessKey: mockCloudCapiAuthDto.capiKey,
-};
-
 export const mockCloudApiCsrfToken: ICloudApiCsrfToken = {
   csrf_token: 'csrf_p6vA6A5tF36Jf6twH2cBOqtt7n',
 };
@@ -91,13 +81,6 @@ export const mockCloudUserAccount = Object.assign(new CloudUserAccount(), {
 //   name: mockCloudCapiAccount2.name,
 // });
 
-export const mockCloudApiCapiKey: ICloudApiCapiKey = {
-  id: 3001,
-  name: 'capi-key-name',
-  user_account: mockCloudUserAccount.id,
-  secret_key: mockCloudCapiAuthDto.capiSecret,
-};
-
 export const mockCloudApiHeaders = {
   headers: {
     authorization: `Bearer ${mockCloudApiAuthDto.accessToken}`,

redisinsight/api/src/__mocks__/index.ts

@@ -24,6 +24,7 @@ export * from './database-recommendation';
 export * from './feature';
 export * from './triggered-functions';
 export * from './cloud-autodiscovery';
+export * from './cloud-capi-key';
 export * from './cloud-database';
 export * from './cloud-subscription';
 export * from './cloud-task';

redisinsight/api/src/__mocks__/server.ts

@@ -1,5 +1,11 @@
 import { Server } from 'src/modules/server/models/server';
 import { ServerEntity } from 'src/modules/server/entities/server.entity';
+import { mockControlGroup, mockControlNumber } from 'src/__mocks__/feature';
+import { EncryptionStrategy } from 'src/modules/encryption/models';
+import config from 'src/utils/config';
+import { GetServerInfoResponse } from 'src/modules/server/dto/server.dto';
+
+const SERVER_CONFIG = config.get('server');
 
 export const mockServerId = 'a77b23c1-7816-4ea4-b61f-d37a0f805ser';
 
@@ -13,7 +19,25 @@ export const mockServerEntity = Object.assign(new ServerEntity(), {
   createDateTime: mockServer.createDateTime,
 });
 
+export const mockGetServerInfoResponse = Object.assign(new GetServerInfoResponse(), {
+  ...mockServer,
+  appVersion: SERVER_CONFIG.appVersion,
+  osPlatform: process.platform,
+  buildType: SERVER_CONFIG.buildType,
+  appType: SERVER_CONFIG.buildType,
+  controlGroup: mockControlGroup,
+  controlNumber: mockControlNumber,
+  encryptionStrategies: [
+    EncryptionStrategy.PLAIN,
+    EncryptionStrategy.KEYTAR,
+  ],
+});
+
 export const mockServerRepository = jest.fn(() => ({
   exists: jest.fn().mockResolvedValue(true),
   getOrCreate: jest.fn().mockResolvedValue(mockServer),
 }));
+
+export const mockServerService = jest.fn(() => ({
+  getInfo: jest.fn().mockResolvedValue(mockGetServerInfoResponse),
+}));

redisinsight/api/src/app.module.ts

@@ -16,7 +16,6 @@ import { BulkActionsModule } from 'src/modules/bulk-actions/bulk-actions.module'
 import { ClusterMonitorModule } from 'src/modules/cluster-monitor/cluster-monitor.module';
 import { DatabaseAnalysisModule } from 'src/modules/database-analysis/database-analysis.module';
 import { TriggeredFunctionsModule } from 'src/modules/triggered-functions/triggered-functions.module';
-import { ServerModule } from 'src/modules/server/server.module';
 import { LocalDatabaseModule } from 'src/local-database.module';
 import { CoreModule } from 'src/core.module';
 import { AutodiscoveryModule } from 'src/modules/autodiscovery/autodiscovery.module';
@@ -40,7 +39,6 @@ const PATH_CONFIG = config.get('dir_path');
   imports: [
     LocalDatabaseModule,
     CoreModule,
-    ServerModule.register(),
     RouterModule.forRoutes(routes),
     AutodiscoveryModule,
     RedisEnterpriseModule,

redisinsight/api/src/common/middlewares/single-user-auth.middleware.ts

@@ -19,7 +19,11 @@ export class SingleUserAuthMiddleware implements NestMiddleware {
       await this.sessionService.createSession(plainToClass(Session, {
         id: DEFAULT_SESSION_ID,
         userId: DEFAULT_USER_ID,
-        data: {},
+        data: {
+          cloud: {
+            accessToken: process.env.MOCK_AKEY || undefined,
+          },
+        },
       }));
     }
 

redisinsight/api/src/constants/custom-error-codes.ts

@@ -13,6 +13,9 @@ export enum CustomErrorCodes {
   CloudOauthUnknownAuthorizationRequest = 11_007,
   CloudOauthUnexpectedError = 11_008,
   CloudOauthMissedRequiredData = 11_009,
+  CloudCapiUnauthorized = 11_021,
+  CloudCapiKeyUnauthorized = 11_022,
+  CloudCapiKeyNotFound = 11_023,
 
   // Cloud Job errors [11100, 11199]
   CloudJobUnexpectedError = 11_100,