Skip to content

cocalc-api: adding tests, some enhancements, etc. #8601

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 42 commits into
base: master
Choose a base branch
from
Open

cocalc-api: adding tests, some enhancements, etc. #8601

wants to merge 42 commits into from

Conversation

@haraldschilly
Copy link
Contributor

@haraldschilly haraldschilly commented Sep 29, 2025
edited
Loading

  • adding tests
  • enhancements here and there
  • new: deleting a project
  • creating a user via that conat/api/org module shouldn't start a project (it just creates the "first project", though)

@haraldschilly haraldschilly changed the title cocalc-api: adding tests, slight enhancements, etc. cocalc-api: adding tests, some enhancements, etc. Sep 29, 2025
@haraldschilly
cocalc-api: attempt to integrate into CI
b824e3f
@haraldschilly
server/organizations logic: only allow site-admins to promote users t…
d24ec9a 
…o be admins or add existing users to orgs. Org-admins can create new users inside an org, though.
@haraldschilly haraldschilly force-pushed the cocalc-api-20250927 branch 7 times, most recently from a89eb5c to 4090399 Compare September 30, 2025 17:25
@haraldschilly
cocalc-api: fix the CI test
200810a
@haraldschilly
cocalc-api: fix tests, creating accounts started many project servers…
29dc582 
… – which is actually something a mere API call via the org management should not do
@haraldschilly haraldschilly force-pushed the cocalc-api-20250927 branch 2 times, most recently from 2f87541 to 52b2394 Compare October 1, 2025 12:49
@haraldschilly
cocalc-api: introduce a cleanup logic, of tracked accounts, orgs and …
1aed72c 
…projects. (managing an ephemeral database via the API is a bit tricky)
@haraldschilly haraldschilly force-pushed the cocalc-api-20250927 branch 2 times, most recently from c0f75c6 to b5f73cf Compare October 1, 2025 14:02
@haraldschilly haraldschilly force-pushed the cocalc-api-20250927 branch 3 times, most recently from b427600 to 6c49b85 Compare November 19, 2025 16:35
@haraldschilly haraldschilly force-pushed the cocalc-api-20250927 branch 5 times, most recently from dc4396c to 78049b3 Compare November 23, 2025 17:02
@haraldschilly haraldschilly marked this pull request as ready for review November 24, 2025 09:42
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Nov 24, 2025
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

src/packages/server/conat/api/system.ts
Comment on lines +26 to +28
const response: { account_id: string; server_time: number } = {
account_id: account_id ?? "",
server_time: Date.now(),
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Include project scope in system.test response

For project‑scoped API keys the hub endpoint system.test returns only an account_id field, because the handler builds a response from account_id alone and discards any project_id injected by authFirst. This means callers cannot distinguish project‑scoped keys (the Python tests expect project_id to be present) and project tokens are effectively indistinguishable from invalid keys. Please include the provided project_id in the response when the key is project‑scoped.

Useful? React with 👍 / 👎.

Copy link
Contributor Author

@haraldschilly haraldschilly Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only account-based api keys have access, there is no need for injecting a project_id here. At least, I don't see why. In the future, we'll probably revisit this in more detail, though.

@haraldschilly @claude
cocalc-api/test: fix edge cases in api and improve testing
ef5d0ca 
This commit updates the conftest.py test fixtures to properly support both
account-scoped and project-scoped API keys during testing.

The validate_api_key_config fixture now:
- First attempts to detect scope via hub.system.test() (account-scoped keys)
- Falls back to project.system.test() if hub fails (project-scoped keys)
- Reports both errors if both endpoints fail, for better debugging

Also clarifies that the hub endpoint's system.test() is for account-scoped
keys only, with clear comments directing project-scoped key users to the
project endpoint.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

PR-needs review PR-work in progress

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@haraldschilly