Update assigned access token API

webprofusion-chrisc · webprofusion-chrisc · commit f875a66357f0 · 2025-01-23T12:54:00.000+08:00
diff --git a/src/Certify.Core/Management/Access/AccessControl.cs b/src/Certify.Core/Management/Access/AccessControl.cs
@@ -477,18 +477,6 @@ public async Task<bool> AddAssignedRole(string contextUserId, AssignedRole r)
             return true;
         }
 
-        public async Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken t)
-        {
-            if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))
-            {
-                await AuditWarning("User {contextUserId} attempted to add an assigned access token without being in required role.", contextUserId);
-                return false;
-            }
-
-            await _store.Add(nameof(AssignedAccessToken), t);
-            return true;
-        }
-
         public async Task<bool> AddResourceAction(string contextUserId, ResourceAction action)
         {
             if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))
@@ -597,26 +585,26 @@ await GetSecurityPrincipleByUsername(contextUserId, passwordCheck.Username) :
             }
         }
 
-        public async Task<List<AccessToken>> GetAccessTokens(string contextUserId)
+        public async Task<List<AssignedAccessToken>> GetAssignedAccessTokens(string contextUserId)
         {
             if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))
             {
-                await AuditWarning("User {contextUserId} attempted to list access tokens without being in required role.", contextUserId);
+                await AuditWarning("User {contextUserId} attempted to list assigned access tokens without being in required role.", contextUserId);
                 return [];
             }
 
-            return await _store.GetItems<AccessToken>(nameof(AccessToken));
+            return await _store.GetItems<AssignedAccessToken>(nameof(AssignedAccessToken));
         }
 
-        public async Task<bool> AddAccessToken(string contextUserId, AccessToken a)
+        public async Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken a)
         {
             if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))
             {
-                await AuditWarning("User {contextUserId} attempted to add an access token without being in required role.", contextUserId);
+                await AuditWarning("User {contextUserId} attempted to add an assigned access token without being in required role.", contextUserId);
                 return false;
             }
 
-            await _store.Add(nameof(AccessToken), a);
+            await _store.Add(nameof(AssignedAccessToken), a);
 
             return true;
         }
diff --git a/src/Certify.Core/Management/Access/IAccessControl.cs b/src/Certify.Core/Management/Access/IAccessControl.cs
@@ -31,8 +31,8 @@ public interface IAccessControl
         Task<bool> AddAssignedRole(string contextUserId, AssignedRole assignedRole);
         Task<bool> AddResourceAction(string contextUserId, ResourceAction action);
 
-        Task<List<AccessToken>> GetAccessTokens(string contextUserId);
-        Task<bool> AddAccessToken(string contextUserId, AccessToken token);
+        Task<List<AssignedAccessToken>> GetAssignedAccessTokens(string contextUserId);
+        Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken token);
         Task<bool> IsInitialized();
     }
 }
diff --git a/src/Certify.Server/Certify.Server.Api.Public.Client/Certify.API.Public.cs b/src/Certify.Server/Certify.Server.Api.Public.Client/Certify.API.Public.cs
@@ -429,22 +429,22 @@ public virtual async System.Threading.Tasks.Task<RoleStatus> GetSecurityPrincipl
         }
 
         /// <summary>
-        /// Get list of API access tokens [Generated]
+        /// Get list of API assigned access tokens [Generated]
         /// </summary>
         /// <returns>OK</returns>
         /// <exception cref="ApiException">A server side error occurred.</exception>
-        public virtual System.Threading.Tasks.Task<System.Collections.Generic.ICollection<AccessToken>> GetAccessTokensAsync()
+        public virtual System.Threading.Tasks.Task<System.Collections.Generic.ICollection<AssignedAccessToken>> GetAssignedAccessTokensAsync()
         {
-            return GetAccessTokensAsync(System.Threading.CancellationToken.None);
+            return GetAssignedAccessTokensAsync(System.Threading.CancellationToken.None);
         }
 
         /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
         /// <summary>
-        /// Get list of API access tokens [Generated]
+        /// Get list of API assigned access tokens [Generated]
         /// </summary>
         /// <returns>OK</returns>
         /// <exception cref="ApiException">A server side error occurred.</exception>
-        public virtual async System.Threading.Tasks.Task<System.Collections.Generic.ICollection<AccessToken>> GetAccessTokensAsync(System.Threading.CancellationToken cancellationToken)
+        public virtual async System.Threading.Tasks.Task<System.Collections.Generic.ICollection<AssignedAccessToken>> GetAssignedAccessTokensAsync(System.Threading.CancellationToken cancellationToken)
         {
             var client_ = _httpClient;
             var disposeClient_ = false;
@@ -457,8 +457,8 @@ public virtual async System.Threading.Tasks.Task<RoleStatus> GetSecurityPrincipl
 
                     var urlBuilder_ = new System.Text.StringBuilder();
                     if (!string.IsNullOrEmpty(_baseUrl)) urlBuilder_.Append(_baseUrl);
-                    // Operation Path: "internal/v1/access/token"
-                    urlBuilder_.Append("internal/v1/access/token");
+                    // Operation Path: "internal/v1/access/assignedtoken"
+                    urlBuilder_.Append("internal/v1/access/assignedtoken");
 
                     PrepareRequest(client_, request_, urlBuilder_);
 
@@ -485,7 +485,7 @@ public virtual async System.Threading.Tasks.Task<RoleStatus> GetSecurityPrincipl
                         var status_ = (int)response_.StatusCode;
                         if (status_ == 200)
                         {
-                            var objectResponse_ = await ReadObjectResponseAsync<System.Collections.Generic.ICollection<AccessToken>>(response_, headers_, cancellationToken).ConfigureAwait(false);
+                            var objectResponse_ = await ReadObjectResponseAsync<System.Collections.Generic.ICollection<AssignedAccessToken>>(response_, headers_, cancellationToken).ConfigureAwait(false);
                             if (objectResponse_.Object == null)
                             {
                                 throw new ApiException("Response was null which was not expected.", status_, objectResponse_.Text, headers_, null);
@@ -513,22 +513,22 @@ public virtual async System.Threading.Tasks.Task<RoleStatus> GetSecurityPrincipl
         }
 
         /// <summary>
-        /// Add new access token [Generated]
+        /// Add new assigned access token [Generated]
         /// </summary>
         /// <returns>OK</returns>
         /// <exception cref="ApiException">A server side error occurred.</exception>
-        public virtual System.Threading.Tasks.Task<ActionResult> AddAccessTokenAsync(AccessToken body)
+        public virtual System.Threading.Tasks.Task<ActionResult> AddAssignedAccessTokenAsync(AssignedAccessToken body)
         {
-            return AddAccessTokenAsync(body, System.Threading.CancellationToken.None);
+            return AddAssignedAccessTokenAsync(body, System.Threading.CancellationToken.None);
         }
 
         /// <param name="cancellationToken">A cancellation token that can be used by other objects or threads to receive notice of cancellation.</param>
         /// <summary>
-        /// Add new access token [Generated]
+        /// Add new assigned access token [Generated]
         /// </summary>
         /// <returns>OK</returns>
         /// <exception cref="ApiException">A server side error occurred.</exception>
-        public virtual async System.Threading.Tasks.Task<ActionResult> AddAccessTokenAsync(AccessToken body, System.Threading.CancellationToken cancellationToken)
+        public virtual async System.Threading.Tasks.Task<ActionResult> AddAssignedAccessTokenAsync(AssignedAccessToken body, System.Threading.CancellationToken cancellationToken)
         {
             var client_ = _httpClient;
             var disposeClient_ = false;
@@ -545,8 +545,8 @@ public virtual async System.Threading.Tasks.Task<ActionResult> AddAccessTokenAsy
 
                     var urlBuilder_ = new System.Text.StringBuilder();
                     if (!string.IsNullOrEmpty(_baseUrl)) urlBuilder_.Append(_baseUrl);
-                    // Operation Path: "internal/v1/access/token"
-                    urlBuilder_.Append("internal/v1/access/token");
+                    // Operation Path: "internal/v1/access/assignedtoken"
+                    urlBuilder_.Append("internal/v1/access/assignedtoken");
 
                     PrepareRequest(client_, request_, urlBuilder_);
 
diff --git a/src/Certify.Server/Certify.Server.Core/Certify.Server.Core/Controllers/AccessController.cs b/src/Certify.Server/Certify.Server.Core/Certify.Server.Core/Controllers/AccessController.cs
@@ -117,19 +117,19 @@ public async Task<bool> CheckSecurityPrincipleHasAccess(AccessCheck check)
             return await accessControl.IsAccessTokenAuthorised(GetContextUserId(), tokenCheck.Token, tokenCheck.Check);
         }
 
-        [HttpGet, Route("apitoken/list/")]
-        public async Task<List<AccessToken>> GetAccessTokens()
+        [HttpGet, Route("assignedtoken/list/")]
+        public async Task<List<AssignedAccessToken>> GetAssignedAccessTokens()
         {
             var accessControl = await _certifyManager.GetCurrentAccessControl();
 
-            return await accessControl.GetAccessTokens(GetContextUserId());
+            return await accessControl.GetAssignedAccessTokens(GetContextUserId());
         }
 
-        [HttpPost, Route("apitoken/")]
-        public async Task<Models.Config.ActionResult> AddAccessToken([FromBody] AccessToken token)
+        [HttpPost, Route("assignedtoken/")]
+        public async Task<Models.Config.ActionResult> AddAAssignedccessToken([FromBody] AssignedAccessToken token)
         {
             var accessControl = await _certifyManager.GetCurrentAccessControl();
-            var addResultOk = await accessControl.AddAccessToken(GetContextUserId(), token);
+            var addResultOk = await accessControl.AddAssignedAccessToken(GetContextUserId(), token);
 
             return new Models.Config.ActionResult
             {
diff --git a/src/Certify.SourceGenerators/ApiMethods.cs b/src/Certify.SourceGenerators/ApiMethods.cs
@@ -73,23 +73,23 @@ public static List<GeneratedAPI> GetApiDefinitions()
                         ReturnType = "ICollection<Role>"
                     },
                     new() {
-                         OperationName = "GetAccessTokens",
+                         OperationName = "GetAssignedAccessTokens",
                          OperationMethod = HttpGet,
-                         Comment = "Get list of API access tokens",
+                         Comment = "Get list of API assigned access tokens",
                          PublicAPIController = "Access",
-                         PublicAPIRoute = "token",
-                         ServiceAPIRoute = "access/apitoken/list",
-                         ReturnType = "ICollection<Certify.Models.Hub.AccessToken>"
+                         PublicAPIRoute = "assignedtoken",
+                         ServiceAPIRoute = "access/assignedtoken/list",
+                         ReturnType = "ICollection<Certify.Models.Hub.AssignedAccessToken>"
                      },
                     new() {
-                           OperationName = "AddAccessToken",
+                           OperationName = "AddAssignedAccessToken",
                            OperationMethod = HttpPost,
-                           Comment = "Add new access token",
+                           Comment = "Add new assigned access token",
                            PublicAPIController = "Access",
-                           PublicAPIRoute = "token",
-                           ServiceAPIRoute = "access/apitoken",
+                           PublicAPIRoute = "assignedtoken",
+                           ServiceAPIRoute = "access/assignedtoken",
                            ReturnType = "Models.Config.ActionResult",
-                           Params = new Dictionary<string, string>{{"token", "Certify.Models.Hub.AccessToken" } }
+                           Params = new Dictionary<string, string>{{"token", "Certify.Models.Hub.AssignedAccessToken" } }
                     },
                     new() {
 

Original file line number	Diff line number	Diff line change
`@@ -477,18 +477,6 @@ public async Task<bool> AddAssignedRole(string contextUserId, AssignedRole r)`
`477`	`477`	`return true;`
`478`	`478`	`}`
`479`	`479`
`480`		`- public async Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken t)`
`481`		`- {`
`482`		`- if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))`
`483`		`- {`
`484`		`- await AuditWarning("User {contextUserId} attempted to add an assigned access token without being in required role.", contextUserId);`
`485`		`- return false;`
`486`		`- }`
`487`		`-`
`488`		`- await _store.Add(nameof(AssignedAccessToken), t);`
`489`		`- return true;`
`490`		`- }`
`491`		`-`
`492`	`480`	`public async Task<bool> AddResourceAction(string contextUserId, ResourceAction action)`
`493`	`481`	`{`
`494`	`482`	`if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))`
`@@ -597,26 +585,26 @@ await GetSecurityPrincipleByUsername(contextUserId, passwordCheck.Username) :`
`597`	`585`	`}`
`598`	`586`	`}`
`599`	`587`
`600`		`- public async Task<List<AccessToken>> GetAccessTokens(string contextUserId)`
	`588`	`+ public async Task<List<AssignedAccessToken>> GetAssignedAccessTokens(string contextUserId)`
`601`	`589`	`{`
`602`	`590`	`if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))`
`603`	`591`	`{`
`604`		`- await AuditWarning("User {contextUserId} attempted to list access tokens without being in required role.", contextUserId);`
	`592`	`+ await AuditWarning("User {contextUserId} attempted to list assigned access tokens without being in required role.", contextUserId);`
`605`	`593`	`return [];`
`606`	`594`	`}`
`607`	`595`
`608`		`- return await _store.GetItems<AccessToken>(nameof(AccessToken));`
	`596`	`+ return await _store.GetItems<AssignedAccessToken>(nameof(AssignedAccessToken));`
`609`	`597`	`}`
`610`	`598`
`611`		`- public async Task<bool> AddAccessToken(string contextUserId, AccessToken a)`
	`599`	`+ public async Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken a)`
`612`	`600`	`{`
`613`	`601`	`if (!await IsPrincipleInRole(contextUserId, contextUserId, StandardRoles.Administrator.Id))`
`614`	`602`	`{`
`615`		`- await AuditWarning("User {contextUserId} attempted to add an access token without being in required role.", contextUserId);`
	`603`	`+ await AuditWarning("User {contextUserId} attempted to add an assigned access token without being in required role.", contextUserId);`
`616`	`604`	`return false;`
`617`	`605`	`}`
`618`	`606`
`619`		`- await _store.Add(nameof(AccessToken), a);`
	`607`	`+ await _store.Add(nameof(AssignedAccessToken), a);`
`620`	`608`
`621`	`609`	`return true;`
`622`	`610`	`}`
Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,8 @@ public interface IAccessControl`
`31`	`31`	`Task<bool> AddAssignedRole(string contextUserId, AssignedRole assignedRole);`
`32`	`32`	`Task<bool> AddResourceAction(string contextUserId, ResourceAction action);`
`33`	`33`
`34`		`- Task<List<AccessToken>> GetAccessTokens(string contextUserId);`
`35`		`- Task<bool> AddAccessToken(string contextUserId, AccessToken token);`
	`34`	`+ Task<List<AssignedAccessToken>> GetAssignedAccessTokens(string contextUserId);`
	`35`	`+ Task<bool> AddAssignedAccessToken(string contextUserId, AssignedAccessToken token);`
`36`	`36`	`Task<bool> IsInitialized();`
`37`	`37`	`}`
`38`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -117,19 +117,19 @@ public async Task<bool> CheckSecurityPrincipleHasAccess(AccessCheck check)`
`117`	`117`	`return await accessControl.IsAccessTokenAuthorised(GetContextUserId(), tokenCheck.Token, tokenCheck.Check);`
`118`	`118`	`}`
`119`	`119`
`120`		`- [HttpGet, Route("apitoken/list/")]`
`121`		`- public async Task<List<AccessToken>> GetAccessTokens()`
	`120`	`+ [HttpGet, Route("assignedtoken/list/")]`
	`121`	`+ public async Task<List<AssignedAccessToken>> GetAssignedAccessTokens()`
`122`	`122`	`{`
`123`	`123`	`var accessControl = await _certifyManager.GetCurrentAccessControl();`
`124`	`124`
`125`		`- return await accessControl.GetAccessTokens(GetContextUserId());`
	`125`	`+ return await accessControl.GetAssignedAccessTokens(GetContextUserId());`
`126`	`126`	`}`
`127`	`127`
`128`		`- [HttpPost, Route("apitoken/")]`
`129`		`- public async Task<Models.Config.ActionResult> AddAccessToken([FromBody] AccessToken token)`
	`128`	`+ [HttpPost, Route("assignedtoken/")]`
	`129`	`+ public async Task<Models.Config.ActionResult> AddAAssignedccessToken([FromBody] AssignedAccessToken token)`
`130`	`130`	`{`
`131`	`131`	`var accessControl = await _certifyManager.GetCurrentAccessControl();`
`132`		`- var addResultOk = await accessControl.AddAccessToken(GetContextUserId(), token);`
	`132`	`+ var addResultOk = await accessControl.AddAssignedAccessToken(GetContextUserId(), token);`
`133`	`133`
`134`	`134`	`return new Models.Config.ActionResult`
`135`	`135`	`{`