wpic-dev/datahub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update api key manage

Browse Source
This commit is contained in:
Nick Zeng
2026-04-20 10:40:48 +08:00
parent 2235deadf1
commit 7898beef5a
8 changed files with 121 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/Controller/Api/V1/AdminApiKeyController.php
+39 -9
View File
@@ -21,18 +21,19 @@ class AdminApiKeyController extends AbstractController
/**
* 管理员列出所有 API Keys
*
* 支持按 user_id、enabled 筛选,关联用户信息
* 支持按 username、email、enabled 筛选,关联用户信息(含 email
*/
#[OA\Get(
path: '/admin/api-keys',
summary: '管理员列出所有 API Keys',
description: '分页列出所有用户的 API Keys,支持按 user_id、enabled 筛选,关联用户基本信息',
description: '分页列出所有用户的 API Keys,支持按 username、email、enabled 筛选,关联用户基本信息',
security: [['bearerAuth' => []]],
tags: ['Admin API Keys'],
parameters: [
new OA\Parameter(name: 'page', in: 'query', required: false, description: '页码,默认 1', schema: new OA\Schema(type: 'integer', default: 1)),
new OA\Parameter(name: 'per_page', in: 'query', required: false, description: '每页条数,默认 15,最大 100', schema: new OA\Schema(type: 'integer', default: 15)),
new OA\Parameter(name: 'user_id', in: 'query', required: false, description: '按用户 ID 筛选', schema: new OA\Schema(type: 'integer')),
new OA\Parameter(name: 'username', in: 'query', required: false, description: '按用户名模糊搜索', schema: new OA\Schema(type: 'string')),
new OA\Parameter(name: 'email', in: 'query', required: false, description: '按邮箱模糊搜索', schema: new OA\Schema(type: 'string')),
new OA\Parameter(name: 'enabled', in: 'query', required: false, description: '按启用状态筛选(0/1', schema: new OA\Schema(type: 'integer', enum: [0, 1])),
],
responses: [
@@ -55,6 +56,7 @@ class AdminApiKeyController extends AbstractController
new OA\Property(property: 'user', properties: [
new OA\Property(property: 'id', type: 'integer'),
new OA\Property(property: 'username', type: 'string'),
new OA\Property(property: 'email', type: 'string'),
new OA\Property(property: 'api_key_enabled', type: 'boolean'),
], type: 'object'),
])),
@@ -71,17 +73,29 @@ class AdminApiKeyController extends AbstractController
#[RequestMapping(path: "", methods: "GET")]
#[Middleware(AuthMiddleware::class)]
#[Middleware(PermissionMiddleware::class)]
public function index(): array
public function index(): ResponseInterface|array
{
if ($forbidden = $this->requireAdmin()) return $forbidden;
$page = (int) $this->request->input('page', 1);
$per_page = min((int) $this->request->input('per_page', 15), 100);
$query = ApiKey::query()->with('user:id,username,api_key_enabled');
$query = ApiKey::query()->with('user:id,username,email,api_key_enabled');
// 按用户 ID 筛选
$user_id = $this->request->input('user_id');
if ($user_id !== null && $user_id !== '') {
$query->where('user_id', (int) $user_id);
// 按用户名模糊搜索
$username = $this->request->input('username');
if ($username !== null && $username !== '') {
$query->whereHas('user', function ($q) use ($username) {
$q->where('username', 'like', '%' . $username . '%');
});
}
// 按邮箱模糊搜索
$email = $this->request->input('email');
if ($email !== null && $email !== '') {
$query->whereHas('user', function ($q) use ($email) {
$q->where('email', 'like', '%' . $email . '%');
});
}
// 按启用状态筛选
@@ -155,6 +169,8 @@ class AdminApiKeyController extends AbstractController
#[Middleware(PermissionMiddleware::class)]
public function toggle(int $id): ResponseInterface|array
{
if ($forbidden = $this->requireAdmin()) return $forbidden;
$api_key = ApiKey::query()->find($id);
if (!$api_key) {
@@ -213,6 +229,8 @@ class AdminApiKeyController extends AbstractController
#[Middleware(PermissionMiddleware::class)]
public function destroy(int $id): ResponseInterface|array
{
if ($forbidden = $this->requireAdmin()) return $forbidden;
$api_key = ApiKey::query()->find($id);
if (!$api_key) {
@@ -229,4 +247,16 @@ class AdminApiKeyController extends AbstractController
'message' => '删除成功',
];
}
private function requireAdmin(): ?ResponseInterface
{
$user = $this->getAuthUser();
if (!$user || !$user->isAdministrator()) {
return $this->response->json([
'code' => 403,
'message' => '仅管理员可访问',
])->withStatus(403);
}
return null;
}
}
frontend/src/constants/__tests__/permissions.spec.ts
+3 -2
View File
@@ -2,11 +2,12 @@ import { describe, it, expect } from 'vitest'
import { ADMIN_ONLY_PATH_PREFIXES, isAdminOnlyPath } from '../permissions'
describe('ADMIN_ONLY_PATH_PREFIXES', () => {
it('contains all 7 admin-only paths', () => {
expect(ADMIN_ONLY_PATH_PREFIXES).toHaveLength(7)
it('contains all 8 admin-only paths', () => {
expect(ADMIN_ONLY_PATH_PREFIXES).toHaveLength(8)
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/users')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/roles')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/route-groups')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/api-keys')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/mq-status')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/failed-messages')
expect(ADMIN_ONLY_PATH_PREFIXES).toContain('/logs/requests')
frontend/src/constants/permissions.ts
+1
View File
@@ -8,6 +8,7 @@ export const ADMIN_ONLY_PATH_PREFIXES: readonly string[] = [
'/users',
'/roles',
'/route-groups',
'/api-keys',
'/mq-status',
'/failed-messages',
'/logs/requests',
frontend/src/pages/api-keys/__tests__/index.spec.ts
+4 -2
View File
@@ -108,7 +108,8 @@ describe('AdminApiKeyPage', () => {
it('重置按钮调用 resetFilters 并 fetchAllKeys', async () => {
await mountPage()
const store = useAdminApiKeyStore()
store.filters.user_id = 5
store.filters.username = 'testuser'
store.filters.email = 'test@example.com'
vi.mocked(api.get).mockClear()
setupApi([])
@@ -119,7 +120,8 @@ describe('AdminApiKeyPage', () => {
btn?.click()
await flushPromises()
expect(store.filters.user_id).toBeUndefined()
expect(store.filters.username).toBeUndefined()
expect(store.filters.email).toBeUndefined()
expect(vi.mocked(api.get)).toHaveBeenCalled()
})
frontend/src/pages/api-keys/index.vue
+17 -5
View File
@@ -62,12 +62,19 @@ function handleDelete(id: number) {
<!-- 筛选区 -->
<div class="flex gap-3 mb-4 flex-wrap">
<a-input-number
v-model:value="store.filters.user_id"
placeholder="用户 ID"
:min="1"
style="width: 140px"
<a-input
v-model:value="store.filters.username"
placeholder="用户"
style="width: 150px"
allow-clear
@press-enter="handleSearch"
/>
<a-input
v-model:value="store.filters.email"
placeholder="邮箱"
style="width: 180px"
allow-clear
@press-enter="handleSearch"
/>
<a-select
v-model:value="enabledFilter"
@@ -100,6 +107,7 @@ function handleDelete(id: number) {
>
<template #bodyCell="{ column, record }">
<template v-if="column.key === 'user'">
<div>
<span>{{ (record as ApiKeyRecord).user?.username ?? record.user_id }}</span>
<a-tooltip
v-if="(record as ApiKeyRecord).user?.api_key_enabled === false"
@@ -107,6 +115,10 @@ function handleDelete(id: number) {
>
<a-tag color="red" class="ml-1">已停用</a-tag>
</a-tooltip>
</div>
<div v-if="(record as ApiKeyRecord).user?.email" class="text-xs text-gray-400">
{{ (record as ApiKeyRecord).user!.email }}
</div>
</template>
<template v-else-if="column.key === 'prefix'">
frontend/src/stores/__tests__/admin-api-key.spec.ts
+41 -1
View File
@@ -22,7 +22,7 @@ describe('useAdminApiKeyStore', () => {
vi.restoreAllMocks()
})
describe('fetchAllKeys — enabled 查询参数契约', () => {
describe('fetchAllKeys — 查询参数契约', () => {
it('enabled=true 应序列化为 1(后端期望 integer 0/1', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
@@ -60,6 +60,46 @@ describe('useAdminApiKeyStore', () => {
expect.objectContaining({ enabled: undefined }),
)
})
it('username 过滤器应传递给后端', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.username = 'testuser'
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ username: 'testuser' }),
)
})
it('email 过滤器应传递给后端', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.email = 'test@example.com'
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ email: 'test@example.com' }),
)
})
it('空字符串过滤器应转换为 undefined', async () => {
vi.mocked(api.get).mockResolvedValueOnce(emptyPage)
const store = useAdminApiKeyStore()
store.filters.username = ''
store.filters.email = ''
await store.fetchAllKeys()
expect(api.get).toHaveBeenCalledWith(
'/api/v1/admin/api-keys',
expect.objectContaining({ username: undefined, email: undefined }),
)
})
})
describe('toggleUserApiKeyEnabled — 请求体字段名契约', () => {
frontend/src/stores/admin-api-key.ts
+6 -3
View File
@@ -10,7 +10,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
total: 0,
})
const filters = reactive<AdminApiKeyFilters>({
user_id: undefined,
username: undefined,
email: undefined,
enabled: undefined,
})
@@ -20,7 +21,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
const data = await api.get<PaginatedData<ApiKeyRecord>>('/api/v1/admin/api-keys', {
page: pagination.page,
per_page: pagination.per_page,
user_id: filters.user_id,
username: filters.username || undefined,
email: filters.email || undefined,
enabled: filters.enabled === undefined ? undefined : filters.enabled ? 1 : 0,
})
keys.value = data.items
@@ -66,7 +68,8 @@ export const useAdminApiKeyStore = defineStore('admin-api-key', () => {
}
function resetFilters() {
filters.user_id = undefined
filters.username = undefined
filters.email = undefined
filters.enabled = undefined
pagination.page = 1
}
frontend/src/types/api.ts
+3 -2
View File
@@ -315,7 +315,7 @@ export interface ApiKeyRecord {
expires_at: string | null
enabled: boolean
created_at: string
user?: { id: number; username: string; api_key_enabled?: boolean }
user?: { id: number; username: string; email?: string; api_key_enabled?: boolean }
}
export interface ApiKeyCreateParams {
@@ -329,7 +329,8 @@ export interface ApiKeyCreateResult {
}
export interface AdminApiKeyFilters {
user_id: number | undefined
username: string | undefined
email: string | undefined
enabled: boolean | undefined
}