feat: add permitted IPs for access key widget (#852)

## Related Issues descope/etc#8168 ## Related PRs | branch | PR | | ------------ | ---------- | | Content | descope/content#663 | ## Description Added Permitted IPs field to access key creation, and a column to the Access Keys Management widget ## Must - [X] Tests - [X] Documentation (if applicable)
descope · Nov 24, 2024 · b2b5bbe · b2b5bbe
1 parent 0b7b7f5
commit b2b5bbe
Show file tree

Hide file tree

Showing 8 changed files with 20 additions and 4 deletions.
diff --git a/packages/widgets/access-key-management-widget/e2e/access-key-management-widget.spec.ts b/packages/widgets/access-key-management-widget/e2e/access-key-management-widget.spec.ts
@@ -146,7 +146,7 @@ test.describe('widget', () => {
     const createAccessKeyNameInput = page.getByText('Name');
     await createAccessKeyNameInput.last().fill('some access key name');
 
-    await page.locator(`id=toggleButton`).last().click();
+    await page.locator(`id=toggleButton`).nth(-2).click();
     await expect(
       page.locator(`text=${mockRoles.roles[0].name}`).last(),
     ).toBeVisible();
@@ -157,7 +157,7 @@ test.describe('widget', () => {
       page.locator(`text=${mockRoles.roles[2].name}`).last(),
     ).toBeVisible();
 
-    await page.locator(`id=toggleButton`).last().click();
+    await page.locator(`id=toggleButton`).nth(-2).click();
 
     // click modal create button
     const createAccessKeyButton = page

diff --git a/packages/widgets/access-key-management-widget/src/lib/widget/api/sdk/createAccessKeySdk.ts b/packages/widgets/access-key-management-widget/src/lib/widget/api/sdk/createAccessKeySdk.ts
@@ -73,14 +73,15 @@ export const createAccessKeySdk = ({
     expiration,
     roleNames,
     userId,
+    permittedIps,
   }) => {
     const expirationTime = new Date();
     expirationTime.setDate(expirationTime.getDate() + +expiration);
     const expireTime =
       expiration[0] === '0' ? 0 : Math.floor(expirationTime.getTime() / 1000);
     if (mock) {
       return accessKey.create(
-        { name, expiration, roleNames, userId },
+        { name, expiration, roleNames, userId, permittedIps },
         expireTime,
       );
     }
@@ -92,6 +93,7 @@ export const createAccessKeySdk = ({
         expireTime,
         roleNames,
         userId,
+        permittedIps,
       },
       {
         queryParams: { tenant },

diff --git a/packages/widgets/access-key-management-widget/src/lib/widget/api/sdk/mocks.ts b/packages/widgets/access-key-management-widget/src/lib/widget/api/sdk/mocks.ts
@@ -20,6 +20,7 @@ const search: (config: SearchAccessKeyConfig) => Promise<AccessKey[]> = async ({
         expireTime: new Date().getTime() / 1000 + 60 * 60 * 24 * 30,
         createdTime: new Date().getTime() / 1000,
         roleNames: [`Role ${i}`],
+        permittedIps: ['127.1.2.3'],
         status: 'active',
         clientId: `Client ID ${i}`,
         boundUserId: `User ${i}`,
@@ -45,7 +46,7 @@ const create: (
   config: CreateAccessKeyConfig,
   expireTime: number,
 ) => Promise<{ cleartext: string; key: AccessKey }> = async (
-  { name, roleNames, userId },
+  { name, roleNames, userId, permittedIps },
   expireTime,
 ) => {
   const i = Math.random().toString(10).substring(15);
@@ -60,6 +61,7 @@ const create: (
         expireTime,
         createdTime: new Date().getTime() / 1000,
         roleNames,
+        permittedIps,
         status: 'active',
         clientId: `Client ID ${i}`,
         boundUserId: userId || `User ${i}`,

diff --git a/packages/widgets/access-key-management-widget/src/lib/widget/api/types.ts b/packages/widgets/access-key-management-widget/src/lib/widget/api/types.ts
@@ -8,6 +8,7 @@ export type AccessKey = {
   id: string;
   name: string;
   roleNames: string[];
+  permittedIps: string[];
   status: string;
   createdTime: number;
   expireTime: number;
@@ -33,6 +34,7 @@ export type CreateAccessKeyConfig = {
   expiration: string;
   roleNames: string[];
   userId: string;
+  permittedIps: string[];
 };
 
 export type ActivateAccessKeyConfig = {

diff --git a/packages/widgets/access-key-management-widget/test/access-key-management-widget.test.ts b/packages/widgets/access-key-management-widget/test/access-key-management-widget.test.ts
@@ -224,6 +224,7 @@ describe('access-key-management-widget', () => {
             name: mockNewAccessKey.name,
             userId: mockNewAccessKey.userId,
             roleNames: mockNewAccessKey.roleNames,
+            permittedIps: mockNewAccessKey.permittedIps,
             expireTime: 0,
           },
           {

diff --git a/packages/widgets/access-key-management-widget/test/mocks/createAccessKeyModalMock.ts b/packages/widgets/access-key-management-widget/test/mocks/createAccessKeyModalMock.ts
@@ -9,6 +9,7 @@ export default `
     <span data-name="Never" data-id="0">Never</span>
   </descope-combo-box>
   <descope-multi-select-combo-box bordered="true" data-id="roles-multiselect" full-width="true" id="rolesInput" item-label-path="data-name" item-value-path="data-id" label="Roles" name="roleNames" size="sm" allow-custom-value="false" clear-button-visible="true"></descope-multi-select-combo-box>
+  <descope-multi-select-combo-box bordered="true" data-id="ips-multiselect" full-width="true" id="ipsInput" item-label-path="data-name" item-value-path="data-id" label="Permitted IPs" name="permittedIps" size="sm" allow-custom-value="true" clear-button-visible="true"></descope-multi-select-combo-box>
   <descope-container data-editor-type="container" direction="row" id="buttonsContainer" st-horizontal-padding="0rem" st-vertical-padding="0rem" st-align-items="start" st-justify-content="flex-end" st-background-color="#ffffff00" st-host-width="100%" st-gap="0rem">
     <descope-button data-id="modal-cancel" data-testid="create-access-key-modal-cancel" data-type="button" formNoValidate="false" full-width="false" id="createAccessKeyCancelButton" shape="" size="xs" variant="link" mode="primary" square="false">Cancel</descope-button>
     <descope-button data-id="modal-submit" data-testid="create-access-key-modal-submit" data-type="button" formNoValidate="false" full-width="false" id="createAccessKeySubmitButton" shape="" size="xs" variant="contained" mode="primary" square="false">Create</descope-button>

diff --git a/packages/widgets/access-key-management-widget/test/mocks/mockAccessKeys.ts b/packages/widgets/access-key-management-widget/test/mocks/mockAccessKeys.ts
@@ -11,6 +11,7 @@ export const mockAccessKeys: Record<string, AccessKey[]> = {
       clientId: 'Client id 1',
       createdBy: 'created by 1',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -23,6 +24,7 @@ export const mockAccessKeys: Record<string, AccessKey[]> = {
       clientId: 'Client id 2',
       createdBy: 'created by 2',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -35,6 +37,7 @@ export const mockAccessKeys: Record<string, AccessKey[]> = {
       clientId: 'Client id 3',
       createdBy: 'created by 3',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -52,6 +55,7 @@ export const mockAccessKeysWithNonEditable: Record<string, AccessKey[]> = {
       clientId: 'Client id 1',
       createdBy: 'created by 1',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -64,6 +68,7 @@ export const mockAccessKeysWithNonEditable: Record<string, AccessKey[]> = {
       clientId: 'Client id 2',
       createdBy: 'created by 2',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -76,6 +81,7 @@ export const mockAccessKeysWithNonEditable: Record<string, AccessKey[]> = {
       clientId: 'Client id 3',
       createdBy: 'created by 3',
       roleNames: [],
+      permittedIps: [],
       createdTime: new Date().getTime(),
       expireTime: new Date().getTime(),
       status: 'active',
@@ -90,6 +96,7 @@ export const mockNewAccessKey: CreateAccessKeyConfig = {
   expiration: '0',
   userId: 'some user id',
   roleNames: ['aa', 'bb'],
+  permittedIps: ['127.1.2.3'],
 };
 
 export const mockRoles = {

diff --git a/packages/widgets/access-key-management-widget/test/mocks/rootMock.ts b/packages/widgets/access-key-management-widget/test/mocks/rootMock.ts
@@ -19,6 +19,7 @@ export default `
     </descope-grid-custom-column>
     <descope-grid-text-column header="Expiration Time" path="expireTimeFormatted" resizable="true" sortable="true"></descope-grid-text-column>
     <descope-grid-text-column header="Roles" path="roleNames" resizable="true"></descope-grid-text-column>
+    <descope-grid-text-column header="Permitted IPs" path="permittedIps" resizable="true"></descope-grid-text-column>
     <descope-grid-text-column header="Created By" path="createdBy" resizable="true" sortable="true"></descope-grid-text-column>
     <descope-grid-text-column header="Created Time" path="createdTimeFormatted" resizable="true" sortable="true"></descope-grid-text-column>
     <descope-grid-text-column header="Bound To User" path="boundUserId" resizable="true" sortable="true"></descope-grid-text-column>