(user: LoggedInUser, page: number = -1, limit: number = -1)
| 107 | * Non-admin users can only view API keys whose permissions are a subset of their own permissions |
| 108 | */ |
| 109 | const getAllApiKeys = async (user: LoggedInUser, page: number = -1, limit: number = -1) => { |
| 110 | try { |
| 111 | const appServer = getRunningExpressApp() |
| 112 | const queryBuilder = appServer.AppDataSource.getRepository(ApiKey) |
| 113 | .createQueryBuilder('api_key') |
| 114 | .orderBy('api_key.updatedDate', 'DESC') |
| 115 | if (page > 0 && limit > 0) { |
| 116 | queryBuilder.skip((page - 1) * limit) |
| 117 | queryBuilder.take(limit) |
| 118 | } |
| 119 | queryBuilder.andWhere('api_key.workspaceId = :workspaceId', { workspaceId: user.activeWorkspaceId }) |
| 120 | const allKeys = await queryBuilder.getMany() |
| 121 | |
| 122 | // Filter keys based on user permissions |
| 123 | let filteredKeys = allKeys |
| 124 | if (!user.isOrganizationAdmin) { |
| 125 | // Non-admin users can only see API keys whose permissions are a subset of their own |
| 126 | filteredKeys = allKeys.filter((key) => { |
| 127 | // Check if all key permissions are included in user permissions |
| 128 | return key.permissions.every((permission: string) => user.permissions.includes(permission)) |
| 129 | }) |
| 130 | } |
| 131 | |
| 132 | const keysWithChatflows = await addChatflowsCount(filteredKeys) |
| 133 | |
| 134 | if (page > 0 && limit > 0) { |
| 135 | return { total: filteredKeys.length, data: keysWithChatflows } |
| 136 | } else { |
| 137 | return keysWithChatflows |
| 138 | } |
| 139 | } catch (error) { |
| 140 | throw new InternalFlowiseError(StatusCodes.INTERNAL_SERVER_ERROR, `Error: apikeyService.getAllApiKeys - ${getErrorMessage(error)}`) |
| 141 | } |
| 142 | } |
| 143 | |
| 144 | const getApiKey = async (apiKey: string) => { |
| 145 | try { |
no test coverage detected