-
-
Notifications
You must be signed in to change notification settings - Fork 125
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(api): updated functionality of API key #114
Conversation
☁️ Nx Cloud ReportCI is running/has finished running commands for commit 851a342. As they complete they will appear below. Click to see the status, the terminal output, and the build insights. 📂 See all runs for this CI Pipeline Execution ✅ Successfully ran 4 targetsSent with 💌 from NxCloud. |
PR Description updated to latest commit (8269d62) |
PR Analysis
PR Feedback💡 General suggestions: The PR is well-structured and includes a good amount of detail in the description. The changes appear to be well thought out and implemented. However, it would be beneficial to include more comments in the code to explain the purpose and functionality of new methods and decorators. This would make the code easier to understand and maintain in the future. ✨ Usage guide:Overview:
With a configuration file, use the following template:
See the review usage page for a comprehensive guide on using this tool. |
PR Code Suggestions
✨ Usage guide:Overview:
With a configuration file, use the following template:
See the improve usage page for a more comprehensive guide on using this tool. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## develop #114 +/- ##
============================================
+ Coverage 31.22% 54.01% +22.78%
============================================
Files 54 72 +18
Lines 1156 1346 +190
Branches 210 229 +19
============================================
+ Hits 361 727 +366
+ Misses 795 619 -176
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Quality Gate failedFailed conditions 5.2% Duplication on New Code (required ≤ 3%) |
## 1.0.0 (2024-02-09) ### ⚠ BREAKING CHANGES * **api:** update workspace role mechanism and added functionality to create custom roles ### 🚀 Features * add api-keys module ([abb2863](abb2863)) * add project module ([c96df17](c96df17)) * add project, environment module ([fd5c4d7](fd5c4d7)) * Add RBAC ([b4cb14f](b4cb14f)) * add secret module ([cd79172](cd79172)) * add swagger ([b15dbb0](b15dbb0)) * added the auto assign workflow yaml file ([eadca0c](eadca0c)) * added the auto assign workflow yaml file ([5e1d0f1](5e1d0f1)) * **api:** add user module ([ebfb2ec](ebfb2ec)) * **api:** add workspace module ([504f0db](504f0db)) * **api:** update workspace role mechanism and added functionality to create custom roles ([6144aea](6144aea)) * **api:** updated functionality of API key ([#114](#114)) ([308fbf4](308fbf4)) * AutoCreate Admin On Startup ([#101](#101)) ([32fac3e](32fac3e)) * create user endpoint ([53913f5](53913f5)) * dockerize api ([ce8ee23](ce8ee23)) * dockerize api ([dfbc58e](dfbc58e)) * dockerize api ([63f0a27](63f0a27)) * dockerize api ([265cec0](265cec0)) * dockerize api ([ed595c7](ed595c7)) * dockerize api ([6b756e8](6b756e8)) * finish environment module ([aaf6783](aaf6783)) * husky configured ([77bba02](77bba02)) * invalidate older OTPs ([8ca222a](8ca222a)) * landing page ([e1ec4d1](e1ec4d1)) * **nx-cloud:** setup nx workspace ([#108](#108)) ([cb61d45](cb61d45)) * **oauth:** add github oauth ([5b930a1](5b930a1)) * **oauth:** get 'name' and 'avatar' of the user ([20e8dbf](20e8dbf)) * responsive landing ([97bbb0c](97bbb0c)) ### 🐛 Bug Fixes * **api:** addressed logical errors ([fc14179](fc14179)) * **api:** removed api-keys.types.ts ([2b5b1f8](2b5b1f8)) * **api:** update role based access ([5e3456c](5e3456c)) * fix syntax error in auto-assign.yaml ([e59d410](e59d410)) * indendation errors ([8212d59](8212d59)) * issue auto assign cannot read properties of undefined assignees ([0ecc749](0ecc749)) * **landing-page:** Make mobile responsive ([3fd5a1d](3fd5a1d)), closes [#41](#41) * **landing-page:** Make mobile responsive ([0596473](0596473)), closes [#41](#41) * **landing-page:** Make mobile responsive ([2afaf0d](2afaf0d)), closes [#41](#41) * made images not selectable and undraggable ([b8c200e](b8c200e)) * Merge main and made a small fix ([89b0d71](89b0d71)) * nx run dev:api failing due to DI error ([81c63ca](81c63ca)) * remove hardcoded email from adminUserCreateEmail mail function ([b2b9a9e](b2b9a9e)) * remove pnpm-lock as it is causing issues in pnpm install ([d3b54d8](d3b54d8)) * resolved merge conflict ([7ff7afb](7ff7afb)) * typo ([587f06b](587f06b)) * Update discord link in README.md ([c7e4b5a](c7e4b5a)) * update lockfile ([b6f6e80](b6f6e80)) * update pnpm scripts ([e73a877](e73a877)) * update web workflow ([add46dd](add46dd)) ### 📚 Documentation * Add CHANGELOG.md ([184220e](184220e)) * add docs folder ([e252d68](e252d68)) * Add getting-started.md ([617c346](617c346)) * update CHANGELOG.md ([b01b5ca](b01b5ca)) * Update CONTRIBUTING.md ([7fc895d](7fc895d)) * update DB_URL in .env.example ([325880e](325880e)) * update PULL_REQUEST_TEMPLATE.md ([e091d40](e091d40)) * update README.md ([fb902e5](fb902e5)) * update README.md ([d3d0d86](d3d0d86)) ### 🔧 Miscellaneous Chores * ad start:api script in package.json ([ee3bc19](ee3bc19)) * add `getAllUsers` test ([0b51a02](0b51a02)) * add auto release and commit config ([0fe7d19](0fe7d19)) * add husky pre-commit check ([62bf77e](62bf77e)) * add pr auto tag workflow ([7a44137](7a44137)) * add PR lint ([bb28cb7](bb28cb7)) * add prettier:fix in package.json and husky ([2451301](2451301)) * add release drafter config ([de36d9f](de36d9f)) * add render hook in web to auto-deploy ([b0228d0](b0228d0)) * add semantic release ([af12daa](af12daa)) * add test workflow ([77c49de](77c49de)) * add workflow for CI and deployment of web ([f49b7db](f49b7db)) * adding test command to pre commit ([09805a5](09805a5)) * **api:** update dockerfile entrypoint ([3962beb](3962beb)) * **auth:** loading github module optionally ([#112](#112)) ([9263737](9263737)) * **ci:** add dummy envs to api workflow ([4f6bb44](4f6bb44)) * **ci:** add fly.io ([46bcd22](46bcd22)) * **ci:** fixed broken fly installation ([6ec728f](6ec728f)) * **ci:** integrated codecov ([0daeff3](0daeff3)) * **ci:** moving to gitflow release ([1f86a99](1f86a99)) * **ci:** remove auto tag workflow ([63daab3](63daab3)) * **ci:** update CI deploy stage ([cd3c47e](cd3c47e)) * **ci:** update coverage base path ([92e3620](92e3620)) * **ci:** update release workflow deps ([f2a8243](f2a8243)) * **ci:** update stage deploy condition ([362e0b0](362e0b0)) * **ci:** update workflow ([d59427e](d59427e)) * fix changelog script ([0c8c0ef](0c8c0ef)) * fix changelog script ([78848a0](78848a0)) * house cleaning ([ae73e7a](ae73e7a)) * **lint:** overwrite default eslint rules ([4bfc998](4bfc998)) * **package.json:** update release settings ([9b0e414](9b0e414)) * **release:** 0.1.0-alpha ([f166ee1](f166ee1)) * **release:** 0.1.0-alpha ([867fb08](867fb08)) * **release:** 0.2.0-alpha ([de7726c](de7726c)) * **release:** 1.0.0-alpha.1 [skip ci] ([488dd49](488dd49)), closes [#101](#101) * **release:** 1.0.0-alpha.2 [skip ci] ([ca12cc3](ca12cc3)), closes [#108](#108) [#103](#103) [#106](#106) * remove / for consistancy ([0da0953](0da0953)) * remove duplicate auth service ([f97adf0](f97adf0)) * remove SDK folders ([614c304](614c304)) * remove sdk-node workflow ([655ad27](655ad27)) * remove unused import ([7f189dd](7f189dd)) * remove unwanted package.json ([14cd7ad](14cd7ad)) * rename file ([0aba0f3](0aba0f3)) * replace script with makefile ([a92311e](a92311e)) * replace script with makefile ([62d582d](62d582d)) * resolve comments ([f7562c4](f7562c4)) * update contribution readme with step to auto assign issue ([6459622](6459622)) * update docker push workflow ([e286b1a](e286b1a)) * update docker push workflow ([#103](#103)) ([d562e5a](d562e5a)) * update preset ([004ea3a](004ea3a)) * Update web CI and add Dockerfile for web ([fc9571e](fc9571e)) ### 🔨 Code Refactoring * addressed sonarqube lints ([#106](#106)) ([3df13f8](3df13f8)) * move mock data folder inside common module ([832383e](832383e)) * service functions as suggested ([c1ae78a](c1ae78a)) * user mock data change ([ea5c504](ea5c504))
🎉 This PR is included in version 1.0.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Type
enhancement, bug_fix
Description
RequiredApiKeyAuthorities
decorator for authority checks on various API operations.AuthGuard
to support API key authentication and addedApiKeyGuard
for authority checks.authorities
.Authority
enum values and updated database schema to includeauthorities
field inApiKey
model.Changes walkthrough
18 files
api-key.e2e.spec.ts
Enhance API Key E2E Tests with Authority Checks
apps/api/src/api-key/api-key.e2e.spec.ts
apiKeyValue
variable to store the API key value.authorities
field in API key creation and update payloads.api-key.controller.ts
Secure API Key Operations with Authority Checks
apps/api/src/api-key/controller/api-key.controller.ts
RequiredApiKeyAuthorities
decorator for authority checks onAPI key operations.
AdminGuard
.create.api-key.ts
Update CreateApiKey DTO to Support Authorities
apps/api/src/api-key/dto/create.api-key/create.api-key.ts
expiresAfter
optional and addedauthorities
field toCreateApiKey
DTO.
api-key.service.ts
Implement Authorities Handling in ApiKeyService
apps/api/src/api-key/service/api-key.service.ts
authorities
in API key creation and update.auth.types.ts
Extend AuthenticatedUserContext for API Key Support
apps/api/src/auth/auth.types.ts
AuthenticatedUserContext
to include API key authenticationdetails.
admin.guard.ts
Implement AdminGuard for Admin Role Checks
apps/api/src/auth/guard/admin/admin.guard.ts
AdminGuard
for admin role checks.api-key.guard.ts
Implement ApiKeyGuard for API Key Authority Checks
apps/api/src/auth/guard/api-key/api-key.guard.ts
ApiKeyGuard
for API key authority checks.auth.guard.ts
Enhance AuthGuard for API Key Authentication Support
apps/api/src/auth/guard/auth/auth.guard.ts
AuthGuard
to support API key authentication.forbid-api-key.decorator.ts
Introduce ForbidApiKey Decorator
apps/api/src/decorators/forbid-api-key.decorator.ts
ForbidApiKey
decorator to restrict API key usage.required-api-key-authorities.decorator.ts
Introduce RequiredApiKeyAuthorities Decorator
apps/api/src/decorators/required-api-key-authorities.decorator.ts
RequiredApiKeyAuthorities
decorator for authority checks.environment.controller.ts
Secure Environment Controller with Authority Checks
apps/api/src/environment/controller/environment.controller.ts
RequiredApiKeyAuthorities
decorator to environment controllermethods.
project.controller.ts
Secure Project Controller with Authority Checks
apps/api/src/project/controller/project.controller.ts
RequiredApiKeyAuthorities
decorator to project controllermethods.
secret.controller.ts
Secure Secret Controller with Authority Checks
apps/api/src/secret/controller/secret.controller.ts
RequiredApiKeyAuthorities
decorator to secret controllermethods.
user.controller.ts
Secure User Controller with Authority Checks and API Key Restrictions
apps/api/src/user/controller/user.controller.ts
RequiredApiKeyAuthorities
andForbidApiKey
decorators to usercontroller methods.
workspace-role.controller.ts
Secure WorkspaceRole Controller with Authority Checks
apps/api/src/workspace-role/controller/workspace-role.controller.ts
RequiredApiKeyAuthorities
decorator to workspace-role controllermethods.
workspace.controller.ts
Secure Workspace Controller with Authority Checks
apps/api/src/workspace/controller/workspace.controller.ts
RequiredApiKeyAuthorities
decorator to workspace controllermethods.
migration.sql
Database Migration for ApiKey Authorities
apps/api/src/prisma/migrations/20240207074807_modify_api_key/migration.sql
Authority
enum and addedauthorities
column toApiKey
table.schema.prisma
Update Prisma Schema for ApiKey Authorities
apps/api/src/prisma/schema.prisma
ApiKey
model to includeauthorities
field.Authority
enum values.6 files
app.module.ts
Register ApiKeyGuard as Global Guard
apps/api/src/app/app.module.ts
ApiKeyGuard
as a global guard.api.yaml
Update GitHub Actions Workflow for API with Codecov v4
.github/workflows/api.yaml
test coverage reports.
web.yaml
Update GitHub Actions Workflow for Web with Codecov Flags
.github/workflows/web.yaml
flags
option to Codecov action and updated to useneeds
fordeploy-stage job.
project.json
Enable Code Coverage for API Tests
apps/api/project.json
coverage directories.
codecov.yml
Configure Codecov with Flags and Coverage Targets
codecov.yml
targets.
package.json
Update NPM Scripts for API Test Coverage
package.json
3 files
admin.guard.spec.ts
Add Tests for AdminGuard
apps/api/src/auth/guard/admin/admin.guard.spec.ts
AdminGuard
.api-key.guard.spec.ts
Add Tests for ApiKeyGuard
apps/api/src/auth/guard/api-key/api-key.guard.spec.ts
ApiKeyGuard
.auth.guard.spec.ts
Add Tests for AuthGuard
apps/api/src/auth/guard/auth/auth.guard.spec.ts
AuthGuard
.1 files
add-hours-to-date.ts
Make Hours Parameter Optional in addHoursToDate
apps/api/src/common/add-hours-to-date.ts
hours
parameter optional inaddHoursToDate
function.✨ Usage guide:
Overview:
The
describe
tool scans the PR code changes, and generates a description for the PR - title, type, summary, walkthrough and labels. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.When commenting, to edit configurations related to the describe tool (
pr_description
section), use the following template:With a configuration file, use the following template:
Enabling\disabling automation
meaning the
describe
tool will run automatically on every PR, will keep the original title, and will add the original user description above the generated description.the tool will replace every marker of the form
pr_agent:marker_name
in the PR description with the relevant content, wheremarker_name
is one of the following:type
: the PR type.summary
: the PR summary.walkthrough
: the PR walkthrough.Note that when markers are enabled, if the original PR description does not contain any markers, the tool will not alter the description at all.
Custom labels
The default labels of the
describe
tool are quite generic: [Bug fix
,Tests
,Enhancement
,Documentation
,Other
].If you specify custom labels in the repo's labels page or via configuration file, you can get tailored labels for your use cases.
Examples for custom labels:
Main topic:performance
- pr_agent:The main topic of this PR is performanceNew endpoint
- pr_agent:A new endpoint was added in this PRSQL query
- pr_agent:A new SQL query was added in this PRDockerfile changes
- pr_agent:The PR contains changes in the DockerfileThe list above is eclectic, and aims to give an idea of different possibilities. Define custom labels that are relevant for your repo and use cases.
Note that Labels are not mutually exclusive, so you can add multiple label categories.
Make sure to provide proper title, and a detailed and well-phrased description for each label, so the tool will know when to suggest it.
Inline File Walkthrough 💎
For enhanced user experience, the
describe
tool can add file summaries directly to the "Files changed" tab in the PR page.This will enable you to quickly understand the changes in each file, while reviewing the code changes (diffs).
To enable inline file summary, set
pr_description.inline_file_summary
in the configuration file, possible values are:'table'
: File changes walkthrough table will be displayed on the top of the "Files changed" tab, in addition to the "Conversation" tab.true
: A collapsable file comment with changes title and a changes summary for each file in the PR.false
(default): File changes walkthrough will be added only to the "Conversation" tab.Utilizing extra instructions
The
describe
tool can be configured with extra instructions, to guide the model to a feedback tailored to the needs of your project.Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Notice that the general structure of the description is fixed, and cannot be changed. Extra instructions can change the content or style of each sub-section of the PR description.
Examples for extra instructions:
Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.
More PR-Agent commands
See the describe usage page for a comprehensive guide on using this tool.