gib/GibSend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add domain-based access control for API keys (#198)

Browse Source 
Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Andreas Enemyr
2025-09-10 13:30:37 +02:00
committed by KM Koushik
parent dbc6996d9a
commit 0817b0c7a5
17 changed files with 250 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
apps/web/src/server/api/routers/api.ts
View File

@@ -1,4 +1,6 @@
import { z } from "zod";
import { ApiPermission } from "@prisma/client";
import { TRPCError } from "@trpc/server";
import {
apiKeyProcedure,
@@ -10,13 +12,18 @@ import { addApiKey, deleteApiKey } from "~/server/service/api-service";
export const apiRouter = createTRPCRouter({
createToken: teamProcedure
.input(
z.object({ name: z.string(), permission: z.enum(["FULL", "SENDING"]) })
z.object({
name: z.string(),
permission: z.nativeEnum(ApiPermission),
domainId: z.number().int().positive().optional(),
})
)
.mutation(async ({ ctx, input }) => {
return addApiKey({
return await addApiKey({
name: input.name,
permission: input.permission,
teamId: ctx.team.id,
domainId: input.domainId,
});
}),
@@ -32,6 +39,12 @@ export const apiRouter = createTRPCRouter({
partialToken: true,
lastUsed: true,
createdAt: true,
domainId: true,
domain: {
select: {
name: true,
},
},
},
});