[API] Delete Token accept names too (#12366)

* Delete Token accept names too * better description Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-28 10:09:33 +02:00 · 2020-08-28 10:09:33 +02:00 · d5b6931dbe
commit d5b6931dbe
parent eb1bf2377b
7 changed files with 77 additions and 20 deletions
--- a/routers/api/v1/user/app.go
+++ b/routers/api/v1/user/app.go
@ -7,7 +7,9 @@ package user

 import (
 	"errors"
+	"fmt"
 	"net/http"
+	"strconv"

 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
@ -41,7 +43,7 @@ func ListAccessTokens(ctx *context.APIContext) {
 	//   "200":
 	//     "$ref": "#/responses/AccessTokenList"

-	tokens, err := models.ListAccessTokens(ctx.User.ID, utils.GetListOptions(ctx))
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID, ListOptions: utils.GetListOptions(ctx)})
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, "ListAccessTokens", err)
 		return
@ -128,15 +130,44 @@ func DeleteAccessToken(ctx *context.APIContext) {
 	//   required: true
 	// - name: token
 	//   in: path
-	//   description: token to be deleted
-	//   type: integer
-	//   format: int64
+	//   description: token to be deleted, identified by ID and if not available by name
+	//   type: string
 	//   required: true
 	// responses:
 	//   "204":
 	//     "$ref": "#/responses/empty"
+	//   "422":
+	//     "$ref": "#/responses/error"
+
+	token := ctx.Params(":id")
+	tokenID, _ := strconv.ParseInt(token, 0, 64)
+
+	if tokenID == 0 {
+		tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{
+			Name:   token,
+			UserID: ctx.User.ID,
+		})
+		if err != nil {
+			ctx.Error(http.StatusInternalServerError, "ListAccessTokens", err)
+			return
+		}
+
+		switch len(tokens) {
+		case 0:
+			ctx.NotFound()
+			return
+		case 1:
+			tokenID = tokens[0].ID
+		default:
+			ctx.Error(http.StatusUnprocessableEntity, "DeleteAccessTokenByID", fmt.Errorf("multible matches for token name '%s'", token))
+			return
+		}
+	}
+	if tokenID == 0 {
+		ctx.Error(http.StatusInternalServerError, "Invalid TokenID", nil)
+		return
+	}

-	tokenID := ctx.ParamsInt64(":id")
 	if err := models.DeleteAccessTokenByID(tokenID, ctx.User.ID); err != nil {
 		if models.IsErrAccessTokenNotExist(err) {
 			ctx.NotFound()
--- a/routers/user/setting/applications.go
+++ b/routers/user/setting/applications.go
@ -80,7 +80,7 @@ func DeleteApplication(ctx *context.Context) {
 }

 func loadApplicationsData(ctx *context.Context) {
-	tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})
 	if err != nil {
 		ctx.ServerError("ListAccessTokens", err)
 		return
--- a/routers/user/setting/security.go
+++ b/routers/user/setting/security.go
@ -71,7 +71,7 @@ func loadSecurityData(ctx *context.Context) {
 		ctx.Data["RequireU2F"] = true
 	}

-	tokens, err := models.ListAccessTokens(ctx.User.ID, models.ListOptions{})
+	tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{UserID: ctx.User.ID})
 	if err != nil {
 		ctx.ServerError("ListAccessTokens", err)
 		return