Refine API token management UI

This commit is contained in:
Joe Julian
2026-04-01 17:12:16 -07:00
parent 3324eec9ec
commit f205e753e8
3 changed files with 394 additions and 177 deletions
+97
View File
@@ -300,6 +300,103 @@ func TestUIAPITokenPolicyRulesCanBeAddedAndRemoved(t *testing.T) {
}
}
func TestAPITokenStatusSummary(t *testing.T) {
t.Parallel()
expiresAt := time.Date(2026, 4, 1, 15, 4, 5, 0, time.UTC)
revokedAt := time.Date(2026, 4, 2, 12, 0, 0, 0, time.UTC)
tests := []struct {
name string
token apitokens.Token
want string
}{
{
name: "active non expiring",
token: apitokens.Token{},
want: "Active · No expiration · 0 policy rules",
},
{
name: "disabled expiring single rule",
token: apitokens.Token{
Disabled: true,
ExpiresAt: &expiresAt,
Policies: []apitokens.PolicyRule{{}},
},
want: "Disabled · Expires " + expiresAt.Local().Format(time.RFC3339) + " · 1 policy rule",
},
{
name: "revoked overrides disabled",
token: apitokens.Token{
Disabled: true,
RevokedAt: &revokedAt,
Policies: []apitokens.PolicyRule{{}, {}},
},
want: "Revoked · No expiration · 2 policy rules",
},
}
for _, tt := range tests {
tt := tt
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
if got := apiTokenStatusSummary(tt.token); got != tt.want {
t.Fatalf("apiTokenStatusSummary(%#v) = %q, want %q", tt.token, got, tt.want)
}
})
}
}
func TestAPITokenManagementSummaryText(t *testing.T) {
t.Parallel()
token := apitokens.Token{
Name: "Browser Extension",
ClientName: "firefox",
}
if got := apiTokenManagementTitle(apitokens.Token{}, false); got != "Issue API Token" {
t.Fatalf("apiTokenManagementTitle(no selection) = %q, want %q", got, "Issue API Token")
}
if got := apiTokenManagementTitle(token, true); got != "Browser Extension" {
t.Fatalf("apiTokenManagementTitle(%#v) = %q, want %q", token, got, "Browser Extension")
}
if got := apiTokenManagementSubtitle(apitokens.Token{}, false); got != "Create a scoped gRPC credential, then select it here to inspect identity, lifecycle, and policy rules." {
t.Fatalf("apiTokenManagementSubtitle(no selection) = %q, want default management guidance", got)
}
if got := apiTokenManagementSubtitle(token, true); got != "firefox · Active · No expiration · 0 policy rules" {
t.Fatalf("apiTokenManagementSubtitle(%#v) = %q, want %q", token, got, "firefox · Active · No expiration · 0 policy rules")
}
}
func TestPolicyRulePartsFormatsGroupAndEntryResources(t *testing.T) {
t.Parallel()
groupRule := apitokens.PolicyRule{
Effect: apitokens.EffectAllow,
Operation: apitokens.OperationListEntries,
Resource: apitokens.Resource{
Kind: apitokens.ResourceGroup,
Path: []string{"Root", "Internet"},
},
}
entryRule := apitokens.PolicyRule{
Effect: apitokens.EffectDeny,
Operation: apitokens.OperationCopyPassword,
Resource: apitokens.Resource{
Kind: apitokens.ResourceEntry,
EntryID: "vault-console",
},
}
if effect, operation, resource := policyRuleParts(groupRule); effect != "ALLOW" || operation != string(apitokens.OperationListEntries) || resource != "Root / Internet" {
t.Fatalf("policyRuleParts(groupRule) = (%q, %q, %q), want (%q, %q, %q)", effect, operation, resource, "ALLOW", apitokens.OperationListEntries, "Root / Internet")
}
if effect, operation, resource := policyRuleParts(entryRule); effect != "DENY" || operation != string(apitokens.OperationCopyPassword) || resource != "Entry: vault-console" {
t.Fatalf("policyRuleParts(entryRule) = (%q, %q, %q), want (%q, %q, %q)", effect, operation, resource, "DENY", apitokens.OperationCopyPassword, "Entry: vault-console")
}
}
func TestUIAPITokenDetailPanelHandlesMissingRemoveClickables(t *testing.T) {
t.Parallel()