StyAndCo/zappyzep
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add support for API permission expiry

Browse source
This commit is contained in:
Dragory 2021-09-05 13:53:46 +03:00
parent 2b8f75b91b
commit 947a49761e
No known key found for this signature in database
GPG key ID: 5F387BA66DF8AAC1
5 changed files with 42 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
backend/src/api/start.ts
View file

@ -6,6 +6,7 @@ import { initAuth } from "./auth";
import { initDocs } from "./docs"; import { initDocs } from "./docs";
import { initGuildsAPI } from "./guilds"; import { initGuildsAPI } from "./guilds";
import { clientError, error, notFound } from "./responses"; import { clientError, error, notFound } from "./responses";
import { startBackgroundTasks } from "./tasks";
const app = express(); const app = express();
@ -47,3 +48,5 @@ app.use((req, res, next) => {
const port = (process.env.PORT && parseInt(process.env.PORT, 10)) || 3000; const port = (process.env.PORT && parseInt(process.env.PORT, 10)) || 3000;
app.listen(port, "0.0.0.0", () => console.log(`API server listening on port ${port}`)); // tslint:disable-line app.listen(port, "0.0.0.0", () => console.log(`API server listening on port ${port}`)); // tslint:disable-line
startBackgroundTasks();

10
backend/src/api/tasks.ts Normal file
View file

@ -0,0 +1,10 @@
import { ApiPermissionAssignments } from "../data/ApiPermissionAssignments";
import { MINUTES } from "../utils";
export function startBackgroundTasks() {
// Clear expired API permissions every minute
const apiPermissions = new ApiPermissionAssignments();
setInterval(() => {
apiPermissions.clearExpiredPermissions();
}, 1 * MINUTES);
}

8
backend/src/data/ApiPermissionAssignments.ts
View file

@ -55,4 +55,12 @@ export class ApiPermissionAssignments extends BaseRepository {
removeUser(guildId, userId) { removeUser(guildId, userId) {
return this.apiPermissions.delete({ guild_id: guildId, type: ApiPermissionTypes.User, target_id: userId }); return this.apiPermissions.delete({ guild_id: guildId, type: ApiPermissionTypes.User, target_id: userId });
} }
async clearExpiredPermissions() {
await this.apiPermissions
.createQueryBuilder()
.where("expires_at IS NOT NULL")
.andWhere("expires_at <= NOW()")
.delete();
}
} }

3
backend/src/data/entities/ApiPermissionAssignment.ts
View file

@ -18,6 +18,9 @@ export class ApiPermissionAssignment {
@Column("simple-array") @Column("simple-array")
permissions: string[]; permissions: string[];
@Column()
expires_at: string;
@ManyToOne( @ManyToOne(
type => ApiUserInfo, type => ApiUserInfo,
userInfo => userInfo.permissionAssignments, userInfo => userInfo.permissionAssignments,

18
backend/src/migrations/1630837386329-AddExpiresAtToApiPermissions.ts Normal file
View file

@ -0,0 +1,18 @@
import { MigrationInterface, QueryRunner, TableColumn } from "typeorm";
export class AddExpiresAtToApiPermissions1630837386329 implements MigrationInterface {
public async up(queryRunner: QueryRunner): Promise<void> {
await queryRunner.addColumns("api_permissions", [
new TableColumn({
name: "expires_at",
type: "boolean",
isNullable: true,
default: null,
}),
]);
}
public async down(queryRunner: QueryRunner): Promise<void> {
await queryRunner.dropColumn("api_permissions", "expires_at");
}
}