From 1b47f85ab7c29ef9b2d44c53bf444dc07f564da6 Mon Sep 17 00:00:00 2001 From: Devansh Purani Date: Mon, 17 Jun 2024 14:22:44 +0530 Subject: [PATCH] fix reader writer unable to get bearer token details Signed-off-by: Devansh Purani --- packages/athena/libs/middleware/middleware.js | 1 + packages/athena/routes/permission_apis.js | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/athena/libs/middleware/middleware.js b/packages/athena/libs/middleware/middleware.js index ddeac180..bf74179c 100644 --- a/packages/athena/libs/middleware/middleware.js +++ b/packages/athena/libs/middleware/middleware.js @@ -93,6 +93,7 @@ module.exports = function (logger, ev, t) { // manage api keys (not valid on SaaS) exports.verify_apiKey_action_session = [eTrack, blockReadOnlyMode, needApiKeyAction, checkAuthentication, permitAction]; exports.verify_apiKey_action_ak = [eTrack, blockReadOnlyMode, needApiKeyAction, allowAkToDoAction]; + exports.verify_apiKey_action_ak_view = [eTrack, blockReadOnlyMode, needViewAction, allowAkToDoAction]; // manage generate bearer token using api key exports.verify_apiKey_bearer_action_session = [eTrack, blockReadOnlyMode, needViewAction, checkAuthentication, permitAction]; diff --git a/packages/athena/routes/permission_apis.js b/packages/athena/routes/permission_apis.js index 5f879e4d..9012ec6c 100644 --- a/packages/athena/routes/permission_apis.js +++ b/packages/athena/routes/permission_apis.js @@ -323,7 +323,7 @@ module.exports = function (logger, ev, t) { } }); }); - app.get('/ak/api/v3/identity/token/:id', t.middleware.verify_apiKey_action_ak, (req, res) => { + app.get('/ak/api/v3/identity/token/:id', t.middleware.verify_apiKey_action_ak_view, (req, res) => { t.permissions_lib.get_access_token(req.params.id, (err, ret) => { if (err) { return res.status(t.ot_misc.get_code(err)).json(err);