Gets api key tests working again

nucleuscloud · Dec 13, 2024 · a54f93c · a54f93c
1 parent c86698e
commit a54f93c
Show file tree

Hide file tree

Showing 2 changed files with 449 additions and 455 deletions.
diff --git a/backend/services/mgmt/v1alpha1/api-key-service/api-keys.go b/backend/services/mgmt/v1alpha1/api-key-service/api-keys.go
@@ -58,18 +58,17 @@ func (s *Service) GetAccountApiKey(
 		return nil, err
 	}
 
-	user, err := s.userdataclient.GetUser(ctx)
-	if err != nil {
-		return nil, err
-	}
-
 	apiKey, err := s.db.Q.GetAccountApiKeyById(ctx, s.db.Db, apiKeyUuid)
 	if err != nil && !neosyncdb.IsNoRows(err) {
 		return nil, err
 	} else if err != nil && neosyncdb.IsNoRows(err) {
 		return nil, nucleuserrors.NewNotFound("unable to find api key")
 	}
 
+	user, err := s.userdataclient.GetUser(ctx)
+	if err != nil {
+		return nil, err
+	}
 	if err := user.EnforceAccount(ctx, userdata.NewIdentifier(neosyncdb.UUIDString(apiKey.AccountID)), rbac.AccountAction_View); err != nil {
 		return nil, err
 	}
@@ -186,21 +185,20 @@ func (s *Service) DeleteAccountApiKey(
 		return nil, err
 	}
 
-	user, err := s.userdataclient.GetUser(ctx)
-	if err != nil {
-		return nil, err
-	}
-	if user.IsApiKey() {
-		return nil, nucleuserrors.NewUnauthorized("api key user cannot delete api keys")
-	}
-
 	apiKey, err := s.db.Q.GetAccountApiKeyById(ctx, s.db.Db, apiKeyUuid)
 	if err != nil && !neosyncdb.IsNoRows(err) {
 		return nil, err
 	} else if err != nil && neosyncdb.IsNoRows(err) {
 		return connect.NewResponse(&mgmtv1alpha1.DeleteAccountApiKeyResponse{}), nil
 	}
 
+	user, err := s.userdataclient.GetUser(ctx)
+	if err != nil {
+		return nil, err
+	}
+	if user.IsApiKey() {
+		return nil, nucleuserrors.NewUnauthorized("api key user cannot delete api keys")
+	}
 	if err := user.EnforceAccount(ctx, userdata.NewIdentifier(neosyncdb.UUIDString(apiKey.AccountID)), rbac.AccountAction_Edit); err != nil {
 		return nil, err
 	}