wpic-dev/datahub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update api key manage

Browse Source
This commit is contained in:
Nick Zeng
2026-04-20 10:40:48 +08:00
parent 2235deadf1
commit 7898beef5a
8 changed files with 121 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/Controller/Api/V1/AdminApiKeyController.php
+39 -9
View File
@@ -21,18 +21,19 @@ class AdminApiKeyController extends AbstractController
/** /**
* 管理员列出所有 API Keys * 管理员列出所有 API Keys
* *
* 支持按 user_id、enabled 筛选,关联用户信息 * 支持按 username、email、enabled 筛选,关联用户信息(含 email
*/ */
#[OA\Get( #[OA\Get(
path: '/admin/api-keys', path: '/admin/api-keys',
summary: '管理员列出所有 API Keys', summary: '管理员列出所有 API Keys',
description: '分页列出所有用户的 API Keys,支持按 user_id、enabled 筛选,关联用户基本信息', description: '分页列出所有用户的 API Keys,支持按 username、email、enabled 筛选,关联用户基本信息',
security: [['bearerAuth' => []]], security: [['bearerAuth' => []]],
tags: ['Admin API Keys'], tags: ['Admin API Keys'],
parameters: [ parameters: [
new OA\Parameter(name: 'page', in: 'query', required: false, description: '页码,默认 1', schema: new OA\Schema(type: 'integer', default: 1)), new OA\Parameter(name: 'page', in: 'query', required: false, description: '页码,默认 1', schema: new OA\Schema(type: 'integer', default: 1)),
new OA\Parameter(name: 'per_page', in: 'query', required: false, description: '每页条数,默认 15,最大 100', schema: new OA\Schema(type: 'integer', default: 15)), new OA\Parameter(name: 'per_page', in: 'query', required: false, description: '每页条数,默认 15,最大 100', schema: new OA\Schema(type: 'integer', default: 15)),
new OA\Parameter(name: 'user_id', in: 'query', required: false, description: '按用户 ID 筛选', schema: new OA\Schema(type: 'integer')), new OA\Parameter(name: 'username', in: 'query', required: false, description: '按用户名模糊搜索', schema: new OA\Schema(type: 'string')),
new OA\Parameter(name: 'email', in: 'query', required: false, description: '按邮箱模糊搜索', schema: new OA\Schema(type: 'string')),
new OA\Parameter(name: 'enabled', in: 'query', required: false, description: '按启用状态筛选(0/1', schema: new OA\Schema(type: 'integer', enum: [0, 1])), new OA\Parameter(name: 'enabled', in: 'query', required: false, description: '按启用状态筛选(0/1', schema: new OA\Schema(type: 'integer', enum: [0, 1])),
], ],
responses: [ responses: [
@@ -55,6 +56,7 @@ class AdminApiKeyController extends AbstractController
new OA\Property(property: 'user', properties: [ new OA\Property(property: 'user', properties: [
new OA\Property(property: 'id', type: 'integer'), new OA\Property(property: 'id', type: 'integer'),
new OA\Property(property: 'username', type: 'string'), new OA\Property(property: 'username', type: 'string'),
new OA\Property(property: 'email', type: 'string'),
new OA\Property(property: 'api_key_enabled', type: 'boolean'), new OA\Property(property: 'api_key_enabled', type: 'boolean'),
], type: 'object'), ], type: 'object'),
])), ])),
@@ -71,17 +73,29 @@ class AdminApiKeyController extends AbstractController
#[RequestMapping(path: "", methods: "GET")] #[RequestMapping(path: "", methods: "GET")]
#[Middleware(AuthMiddleware::class)] #[Middleware(AuthMiddleware::class)]
#[Middleware(PermissionMiddleware::class)] #[Middleware(PermissionMiddleware::class)]
public function index(): array public function index(): ResponseInterface|array
{ {
if ($forbidden = $this->requireAdmin()) return $forbidden;
$page = (int) $this->request->input('page', 1); $page = (int) $this->request->input('page', 1);
$per_page = min((int) $this->request->input('per_page', 15), 100); $per_page = min((int) $this->request->input('per_page', 15), 100);
$query = ApiKey::query()->with('user:id,username,api_key_enabled'); $query = ApiKey::query()->with('user:id,username,email,api_key_enabled');
// 按用户 ID 筛选 // 按用户名模糊搜索
$user_id = $this->request->input('user_id'); $username = $this->request->input('username');
if ($user_id !== null && $user_id !== '') { if ($username !== null && $username !== '') {
$query->where('user_id', (int) $user_id); $query->whereHas('user', function ($q) use ($username) {
$q->where('username', 'like', '%' . $username . '%');
});
}
// 按邮箱模糊搜索
$email = $this->request->input('email');
if ($email !== null && $email !== '') {
$query->whereHas('user', function ($q) use ($email) {
$q->where('email', 'like', '%' . $email . '%');
});
} }
// 按启用状态筛选 // 按启用状态筛选
@@ -155,6 +169,8 @@ class AdminApiKeyController extends AbstractController
#[Middleware(PermissionMiddleware::class)] #[Middleware(PermissionMiddleware::class)]
public function toggle(int $id): ResponseInterface|array public function toggle(int $id): ResponseInterface|array
{ {
if ($forbidden = $this->requireAdmin()) return $forbidden;
$api_key = ApiKey::query()->find($id); $api_key = ApiKey::query()->find($id);
if (!$api_key) { if (!$api_key) {
@@ -213,6 +229,8 @@ class AdminApiKeyController extends AbstractController
#[Middleware(PermissionMiddleware::class)] #[Middleware(PermissionMiddleware::class)]
public function destroy(int $id): ResponseInterface|array public function destroy(int $id): ResponseInterface|array
{ {
if ($forbidden = $this->requireAdmin()) return $forbidden;
$api_key = ApiKey::query()->find($id); $api_key = ApiKey::query()->find($id);
if (!$api_key) { if (!$api_key) {
@@ -229,4 +247,16 @@ class AdminApiKeyController extends AbstractController
'message' => '删除成功', 'message' => '删除成功',
]; ];
} }
private function requireAdmin(): ?ResponseInterface
{
$user = $this->getAuthUser();
if (!$user || !$user->isAdministrator()) {
return $this->response->json([
'code' => 403,
'message' => '仅管理员可访问',
])->withStatus(403);
}
return null;
}
} }
frontend/src/constants/__tests__/permissions.spec.ts
+3 -2
View File
@@ -2,11 +2,12 @@ import { describe, it, expect } from 'vitest'
import { ADMIN_ONLY_PATH_PREFIXES, isAdminOnlyPath } from '../permissions' import { ADMIN_ONLY_PATH_PREFIXES, isAdminOnlyPath } from '../permissions'
describe('ADMIN_ONLY_PATH_PREFIXES', () => { describe('ADMIN_ONLY_PATH_PREFIXES', () => {
it('contains all 7 admin-only paths', () => { it('contains all 8 admin-only paths', () => {
expect(ADMIN_ONLY_PATH_PREFIXES).toHaveLength(7) expect(ADMIN_ONLY_PATH_PREFIXES).toHaveLength(8)
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/users') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/users')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/roles') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/roles')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/route-groups') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/route-groups')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/api-keys')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/mq-status') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/mq-status')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/failed-messages') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/failed-messages')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/logs/requests') expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/logs/requests')
frontend/src/constants/permissions.ts
+1
View File
@@ -8,6 +8,7 @@ export const ADMIN_ONLY_PATH_PREFIXES: readonly string[] = [
'/users', '/users',
'/roles', '/roles',
'/route-groups', '/route-groups',
'/api-keys',
'/mq-status', '/mq-status',
'/failed-messages', '/failed-messages',
'/logs/requests', '/logs/requests',
frontend/src/pages/api-keys/__tests__/index.spec.ts
+4 -2
View File
@@ -108,7 +108,8 @@ describe('AdminApiKeyPage', () => {
it('重置按钮调用 resetFilters 并 fetchAllKeys', async () => { it('重置按钮调用 resetFilters 并 fetchAllKeys', async () => {
await mountPage() await mountPage()
const store = useAdminApiKeyStore() const store = useAdminApiKeyStore()
store.filters.user_id = 5 store.filters.username = 'testuser'
store.filters.email = 'test@example.com'
vi.mocked(api.get).mockClear() vi.mocked(api.get).mockClear()
setupApi([]) setupApi([])
@@ -119,7 +120,8 @@ describe('AdminApiKeyPage', () => {
btn?.click() btn?.click()
await flushPromises() await flushPromises()
expect(store.filters.user_id).toBeUndefined() expect(store.filters.username).toBeUndefined()
expect(store.filters.email).toBeUndefined()
expect(vi.mocked(api.get)).toHaveBeenCalled() expect(vi.mocked(api.get)).toHaveBeenCalled()
}) })
frontend/src/pages/api-keys/index.vue
+17 -5
View File
@@ -62,12 +62,19 @@ function handleDelete(id: number) {
<!-- 筛选区 --> <!-- 筛选区 -->
<div class="flex gap-3 mb-4 flex-wrap"> <div class="flex gap-3 mb-4 flex-wrap">
<a-input-number <a-input
v-model:value="store.filters.user_id" v-model:value="store.filters.username"
placeholder="用户 ID" placeholder="用户"
:min="1" style="width: 150px"
style="width: 140px"
allow-clear allow-clear
@press-enter="handleSearch"
/>
<a-input
v-model:value="store.filters.email"
placeholder="邮箱"
style="width: 180px"
allow-clear
@press-enter="handleSearch"
/> />
<a-select <a-select
v-model:value="enabledFilter" v-model:value="enabledFilter"
@@ -100,6 +107,7 @@ function handleDelete(id: number) {
> >
<template #bodyCell="{ column, record }"> <template #bodyCell="{ column, record }">
<template v-if="column.key === 'user'"> <template v-if="column.key === 'user'">
<div>
<span>{{ (record as ApiKeyRecord).user?.username ?? record.user_id }}</span> <span>{{ (record as ApiKeyRecord).user?.username ?? record.user_id }}</span>
<a-tooltip <a-tooltip
v-if="(record as ApiKeyRecord).user?.api_key_enabled === false" v-if="(record as ApiKeyRecord).user?.api_key_enabled === false"
@@ -107,6 +115,10 @@ function handleDelete(id: number) {
> >
<a-tag color="red" class="ml-1">已停用</a-tag> <a-tag color="red" class="ml-1">已停用</a-tag>
</a-tooltip> </a-tooltip>
</div>
<div v-if="(record as ApiKeyRecord).user?.email" class="text-xs text-gray-400">
{{ (record as ApiKeyRecord).user!.email }}
</div>
</template> </template>
<template v-else-if="column.key === 'prefix'"> <template v-else-if="column.key === 'prefix'">
frontend/src/stores/__tests__/admin-api-key.spec.ts
+41 -1
View File
@@ -22,7 +22,7 @@ describe('useAdminApiKeyStore', () => {
vi.restoreAllMocks() vi.restoreAllMocks()
}) })
describe('fetchAllKeys — enabled 查询参数契约', () => { describe('fetchAllKeys — 查询参数契约', () => {
it('enabled=true 应序列化为 1(后端期望 integer 0/1', async () => { it('enabled=true 应序列化为 1(后端期望 integer 0/1', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage) vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
@@ -60,6 +60,46 @@ describe('useAdminApiKeyStore', () => {
expect.objectContaining({ enabled: undefined }), expect.objectContaining({ enabled: undefined }),
) )
}) })
it('username 过滤器应传递给后端', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.username = 'testuser'
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ username: 'testuser' }),
)
})
it('email 过滤器应传递给后端', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.email = 'test@example.com'
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ email: 'test@example.com' }),
)
})
it('空字符串过滤器应转换为 undefined', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.username = ''
store.filters.email = ''
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ username: undefined, email: undefined }),
)
})
}) })
describe('toggleUserApiKeyEnabled — 请求体字段名契约', () => { describe('toggleUserApiKeyEnabled — 请求体字段名契约', () => {
frontend/src/stores/admin-api-key.ts
+6 -3
View File
@@ -10,7 +10,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
total: 0, total: 0,
}) })
const filters = reactive<AdminApiKeyFilters>({ const filters = reactive<AdminApiKeyFilters>({
user_id: undefined, username: undefined,
email: undefined,
enabled: undefined, enabled: undefined,
}) })
@@ -20,7 +21,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
const data = await api.get<PaginatedData<ApiKeyRecord>>('/api/v1/admin/api-keys', { const data = await api.get<PaginatedData<ApiKeyRecord>>('/api/v1/admin/api-keys', {
page: pagination.page, page: pagination.page,
per_page: pagination.per_page, per_page: pagination.per_page,
user_id: filters.user_id, username: filters.username || undefined,
email: filters.email || undefined,
enabled: filters.enabled === undefined ? undefined : filters.enabled ? 1 : 0, enabled: filters.enabled === undefined ? undefined : filters.enabled ? 1 : 0,
}) })
keys.value = data.items keys.value = data.items
@@ -66,7 +68,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
} }
function resetFilters() { function resetFilters() {
filters.user_id = undefined filters.username = undefined
filters.email = undefined
filters.enabled = undefined filters.enabled = undefined
pagination.page = 1 pagination.page = 1
} }
frontend/src/types/api.ts
+3 -2
View File
@@ -315,7 +315,7 @@ export interface ApiKeyRecord {
expires_at: string | null expires_at: string | null
enabled: boolean enabled: boolean
created_at: string created_at: string
user?: { id: number; username: string; api_key_enabled?: boolean } user?: { id: number; username: string; email?: string; api_key_enabled?: boolean }
} }
export interface ApiKeyCreateParams { export interface ApiKeyCreateParams {
@@ -329,7 +329,8 @@ export interface ApiKeyCreateResult {
} }
export interface AdminApiKeyFilters { export interface AdminApiKeyFilters {
user_id: number | undefined username: string | undefined
email: string | undefined
enabled: boolean | undefined enabled: boolean | undefined
} }