add DELETE route and logic

2025-11-03 03:17:11 +00:00 · 2021-08-31 15:31:54 +02:00 · 2021-08-31 15:31:54 +02:00 · 946d3a0ea3
commit 946d3a0ea3
parent 643f26975d
6 changed files with 140 additions and 0 deletions
--- a/packages/core/admin/server/controllers/tests/api-token.test.js
+++ b/packages/core/admin/server/controllers/tests/api-token.test.js
@ -96,4 +96,55 @@ describe('API Token Controller', () => {
      expect(send).toHaveBeenCalledWith({ data: tokens });
    });
  });
+
+  describe('Delete an API token', () => {
+    const token = {
+      id: 1,
+      name: 'api-token_tests-name',
+      description: 'api-token_tests-description',
+      type: 'read-only',
+    };
+
+    test('Deletes an API token successfully', async () => {
+      const revoke = jest.fn().mockResolvedValue(token);
+      const deleted = jest.fn();
+      const ctx = createContext({ params: { id: token.id } }, { deleted });
+
+      global.strapi = {
+        admin: {
+          services: {
+            'api-token': {
+              revoke,
+            },
+          },
+        },
+      };
+
+      await apiTokenController.revoke(ctx);
+
+      expect(revoke).toHaveBeenCalledWith(token.id);
+      expect(deleted).toHaveBeenCalledWith();
+    });
+
+    test('Does not return an error if the ressource does not exists', async () => {
+      const revoke = jest.fn().mockResolvedValue(null);
+      const deleted = jest.fn();
+      const ctx = createContext({ params: { id: token.id } }, { deleted });
+
+      global.strapi = {
+        admin: {
+          services: {
+            'api-token': {
+              revoke,
+            },
+          },
+        },
+      };
+
+      await apiTokenController.revoke(ctx);
+
+      expect(revoke).toHaveBeenCalledWith(token.id);
+      expect(deleted).toHaveBeenCalledWith();
+    });
+  });
 });
--- a/packages/core/admin/server/controllers/api-token.js
+++ b/packages/core/admin/server/controllers/api-token.js
@ -41,4 +41,13 @@ module.exports = {

    ctx.send({ data: apiTokens });
  },
+
+  async revoke(ctx) {
+    const { id } = ctx.params;
+    const apiTokenService = getService('api-token');
+
+    await apiTokenService.revoke(id);
+
+    ctx.deleted();
+  },
 };
--- a/packages/core/admin/server/routes/api-tokens.js
+++ b/packages/core/admin/server/routes/api-tokens.js
@ -23,4 +23,15 @@ module.exports = [
      ],
    },
  },
+  {
+    method: 'DELETE',
+    path: '/api-tokens/:id',
+    handler: 'api-token.revoke',
+    config: {
+      policies: [
+        'admin::isAuthenticatedAdmin',
+        { name: 'admin::hasPermissions', options: { actions: ['admin::api-tokens.delete'] } },
+      ],
+    },
+  },
 ];
--- a/packages/core/admin/server/services/tests/api-token.test.js
+++ b/packages/core/admin/server/services/tests/api-token.test.js
@ -153,4 +153,43 @@ describe('API Token', () => {
      expect(res).toEqual(tokens);
    });
  });
+
+  describe('revoke', () => {
+    const token = {
+      id: 1,
+      name: 'api-token_tests-name',
+      description: 'api-token_tests-description',
+      type: 'read-only',
+    };
+
+    test('It deletes the token', async () => {
+      const mockedDelete = jest.fn().mockResolvedValue(token);
+
+      global.strapi = {
+        query() {
+          return { delete: mockedDelete };
+        },
+      };
+
+      const res = await apiTokenService.revoke(token.id);
+
+      expect(mockedDelete).toHaveBeenCalledWith({ where: { id: token.id } });
+      expect(res).toEqual(token);
+    });
+
+    test('It returns `null` if the resource does not exists', async () => {
+      const mockedDelete = jest.fn().mockResolvedValue(null);
+
+      global.strapi = {
+        query() {
+          return { delete: mockedDelete };
+        },
+      };
+
+      const res = await apiTokenService.revoke(42);
+
+      expect(mockedDelete).toHaveBeenCalledWith({ where: { id: 42 } });
+      expect(res).toEqual(null);
+    });
+  });
 });
--- a/packages/core/admin/server/services/api-token.js
+++ b/packages/core/admin/server/services/api-token.js
@ -95,10 +95,20 @@ const list = async () => {
  });
 };

+/**
+ * @param {string|number} id
+ *
+ * @returns {Promise<void>}
+ */
+const revoke = async id => {
+  return strapi.query('admin::api-token').delete({ where: { id } });
+};
+
 module.exports = {
  create,
  exists,
  createSaltIfNotDefined,
  hash,
  list,
+  revoke,
 };
--- a/packages/core/admin/server/tests/admin-api-token.test.e2e.js
+++ b/packages/core/admin/server/tests/admin-api-token.test.e2e.js
@ -175,4 +175,24 @@ describe('Admin API Token CRUD (e2e)', () => {
      },
    ]);
  });
+
+  test('7. Deletes a token (successfully)', async () => {
+    const res = await rq({
+      url: '/admin/api-tokens/3',
+      method: 'DELETE',
+    });
+
+    expect(res.statusCode).toBe(204);
+    expect(res.body.data).toBeUndefined();
+  });
+
+  test('8. Does not return an error if the ressource does not exists', async () => {
+    const res = await rq({
+      url: '/admin/api-tokens/42',
+      method: 'DELETE',
+    });
+
+    expect(res.statusCode).toBe(204);
+    expect(res.body.data).toBeUndefined();
+  });
 });