support edit access keys attributes (#406)

asafshen · web-flow · commit b8a2ee973ba1 · 2025-03-14T10:38:03.000+02:00
* allow nil permitted IPs

* more
diff --git a/examples/managementCli/src/index.ts b/examples/managementCli/src/index.ts
@@ -289,6 +289,8 @@ program
   .description('Create a new access key')
   .argument('<name>', 'Access key name')
   .argument('<expire-time>', 'Access key expiration time')
+  .option('--description <value>', 'Access key description')
+  .option('--permitted-ips <ips>', 'Permitted IPs', (val) => val?.split(','))
   .option(
     '-t, --tenants <t1,t2>',
     `Access key's tenant IDs`,
@@ -305,6 +307,10 @@ program
         expireTime,
         undefined,
         options.tenants?.map((tenantId: string) => ({ tenantId })),
+        undefined,
+        undefined,
+        options.description,
+        options.permittedIps,
       ),
     );
   });
@@ -315,8 +321,20 @@ program
   .description('Update an access key')
   .argument('<id>', 'Access key ID')
   .argument('<name>', 'Access key name')
-  .action(async (id, name) => {
-    handleSdkRes(await sdk.management.accessKey.update(id, name));
+  .option('--description <value>', 'Access key description')
+  .option('--permitted-ips <ips>', 'Permitted IPs', (val) => val?.split(','))
+  .action(async (id, name, options) => {
+    handleSdkRes(
+      await sdk.management.accessKey.update(
+        id,
+        name,
+        options.description,
+        undefined,
+        undefined,
+        undefined,
+        options.permittedIps,
+      ),
+    );
   });
 
 // access-key-delete
diff --git a/lib/management/accesskey.test.ts b/lib/management/accesskey.test.ts
@@ -150,11 +150,23 @@ describe('Management Access Keys', () => {
         'id',
         'name',
         'description',
+        ['r1', 'r2'],
+        undefined,
+        { k1: 'v1' },
+        ['1.2.3.4'],
       );
 
       expect(mockHttpClient.post).toHaveBeenCalledWith(
         apiPaths.accessKey.update,
-        { id: 'id', name: 'name', description: 'description' },
+        {
+          id: 'id',
+          name: 'name',
+          description: 'description',
+          roleNames: ['r1', 'r2'],
+          keyTenants: undefined,
+          customClaims: { k1: 'v1' },
+          permittedIps: ['1.2.3.4'],
+        },
         { token: 'key' },
       );
 
diff --git a/lib/management/accesskey.ts b/lib/management/accesskey.ts
@@ -17,7 +17,7 @@ const withAccessKey = (sdk: CoreSdk, managementKey?: string) => ({
    * @param name Access key name
    * @param expireTime When the access key expires. Keep at 0 to make it indefinite.
    * @param roles Optional roles in the project. Does not apply for multi-tenants
-   * @param keyTenants Optional associated tenants for this key and its roles for each.
+   * @param tenants Optional associated tenants for this key and its roles for each.
    * @param userId Optional bind this access key to a specific user.
    * @param customClaims Optional map of claims and their values that will be present in the JWT.
    * @param description Optional free text description
@@ -28,7 +28,7 @@ const withAccessKey = (sdk: CoreSdk, managementKey?: string) => ({
     name: string,
     expireTime: number,
     roles?: string[],
-    keyTenants?: AssociatedTenant[],
+    tenants?: AssociatedTenant[],
     userId?: string,
     customClaims?: Record<string, any>,
     description?: string,
@@ -41,7 +41,7 @@ const withAccessKey = (sdk: CoreSdk, managementKey?: string) => ({
           name,
           expireTime,
           roleNames: roles,
-          keyTenants,
+          keyTenants: tenants,
           userId,
           customClaims,
           description,
@@ -78,13 +78,33 @@ const withAccessKey = (sdk: CoreSdk, managementKey?: string) => ({
    * @param id Access key ID to load
    * @param name The updated access key name
    * @param description Optional updated access key description
+   * @param roles Optional roles in the project. Does not apply for multi-tenants
+   * @param tenants Optional associated tenants for this key and its roles for each.
+   * @param customClaims Optional map of claims and their values that will be present in the JWT.
+   * @param permittedIps Optional list of IP addresses or CIDR ranges that are allowed to use this access key.
    * @returns The updated access key
    */
-  update: (id: string, name: string, description?: string): Promise<SdkResponse<AccessKey>> =>
+  update: (
+    id: string,
+    name: string,
+    description?: string,
+    roles?: string[],
+    tenants?: AssociatedTenant[],
+    customClaims?: Record<string, any>,
+    permittedIps?: string[],
+  ): Promise<SdkResponse<AccessKey>> =>
     transformResponse<SingleKeyResponse, AccessKey>(
       sdk.httpClient.post(
         apiPaths.accessKey.update,
-        { id, name, description },
+        {
+          id,
+          name,
+          description,
+          roleNames: roles,
+          keyTenants: tenants,
+          customClaims,
+          permittedIps,
+        },
         { token: managementKey },
       ),
       (data) => data.key,
