MCPcopy Index your code
hub / github.com/rilldata/rill / RevokeRepresentativeAuthTokens

Method RevokeRepresentativeAuthTokens

admin/server/users.go:373–400  ·  view source on GitHub ↗
(ctx context.Context, req *adminv1.RevokeRepresentativeAuthTokensRequest)

Source from the content-addressed store, hash-verified

371}
372
373func (s *Server) RevokeRepresentativeAuthTokens(ctx context.Context, req *adminv1.RevokeRepresentativeAuthTokensRequest) (*adminv1.RevokeRepresentativeAuthTokensResponse, error) {
374 claims := auth.GetClaims(ctx)
375
376 if !claims.Superuser(ctx) {
377 return nil, status.Error(codes.PermissionDenied, "only superusers can manage representative auth tokens")
378 }
379
380 // Error if authenticated as anything other than a user
381 if claims.OwnerType() != auth.OwnerTypeUser {
382 return nil, status.Error(codes.Unauthenticated, "not authenticated as a user")
383 }
384
385 u, err := s.admin.DB.FindUserByEmail(ctx, req.Email)
386 if err != nil {
387 return nil, err
388 }
389
390 observability.AddRequestAttributes(ctx,
391 attribute.String("args.user_id", u.ID),
392 )
393
394 err = s.admin.DB.DeleteUserAuthTokensByUserAndRepresentingUser(ctx, claims.OwnerID(), u.ID)
395 if err != nil {
396 return nil, err
397 }
398
399 return &adminv1.RevokeRepresentativeAuthTokensResponse{}, nil
400}
401
402// IssueRepresentativeAuthToken returns the temporary auth token for representing email
403func (s *Server) IssueRepresentativeAuthToken(ctx context.Context, req *adminv1.IssueRepresentativeAuthTokenRequest) (*adminv1.IssueRepresentativeAuthTokenResponse, error) {

Callers

nothing calls this directly

Calls 9

GetClaimsFunction · 0.92
AddRequestAttributesFunction · 0.92
SuperuserMethod · 0.65
OwnerTypeMethod · 0.65
FindUserByEmailMethod · 0.65
StringMethod · 0.65
OwnerIDMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected