Remove unnecessary canviewlogs permission

2025-12-23 01:24:24 +00:00 · 2025-12-04 22:18:29 +01:00
parent d9c666a245
commit 991ce3c678
6 changed files with 14 additions and 20 deletions
--- a/pkg/auth/key.go
+++ b/pkg/auth/key.go
@@ -27,10 +27,9 @@ type APIKey struct {
 }

 type KeyPermission struct {
-	KeyID       int
-	InstanceID  int
-	CanInfer    bool
-	CanViewLogs bool
+	KeyID      int
+	InstanceID int
+	CanInfer   bool
 }

 // GenerateKey generates a cryptographically secure API key with the given prefix
--- a/pkg/database/apikeys.go
+++ b/pkg/database/apikeys.go
@@ -45,10 +45,10 @@ func (db *sqliteDB) CreateKey(ctx context.Context, key *auth.APIKey, permissions
 	if key.PermissionMode == auth.PermissionModePerInstance {
 		for _, perm := range permissions {
 			query := `
-				INSERT INTO key_permissions (key_id, instance_id, can_infer, can_view_logs)
-				VALUES (?, ?, ?, ?)
+				INSERT INTO key_permissions (key_id, instance_id, can_infer)
+				VALUES (?, ?, ?)
 			`
-			_, err := tx.ExecContext(ctx, query, perm.KeyID, perm.InstanceID, perm.CanInfer, perm.CanViewLogs)
+			_, err := tx.ExecContext(ctx, query, key.ID, perm.InstanceID, perm.CanInfer)
 			if err != nil {
 				return fmt.Errorf("failed to insert permission for instance %d: %w", perm.InstanceID, err)
 			}
--- a/pkg/database/migrations/001_initial_schema.up.sql
+++ b/pkg/database/migrations/001_initial_schema.up.sql
@@ -49,7 +49,6 @@ CREATE TABLE IF NOT EXISTS key_permissions (
    key_id INTEGER NOT NULL,
    instance_id INTEGER NOT NULL,
    can_infer INTEGER NOT NULL DEFAULT 0,
-    can_view_logs INTEGER NOT NULL DEFAULT 0,
    PRIMARY KEY (key_id, instance_id),
    FOREIGN KEY (key_id) REFERENCES api_keys (id) ON DELETE CASCADE,
    FOREIGN KEY (instance_id) REFERENCES instances (id) ON DELETE CASCADE
--- a/pkg/database/permissions.go
+++ b/pkg/database/permissions.go
@@ -10,7 +10,7 @@ import (
 // GetPermissions retrieves all permissions for a key
 func (db *sqliteDB) GetPermissions(ctx context.Context, keyID int) ([]auth.KeyPermission, error) {
 	query := `
-		SELECT key_id, instance_id, can_infer, can_view_logs
+		SELECT key_id, instance_id, can_infer
 		FROM key_permissions
 		WHERE key_id = ?
 		ORDER BY instance_id
@@ -25,7 +25,7 @@ func (db *sqliteDB) GetPermissions(ctx context.Context, keyID int) ([]auth.KeyPe
 	var permissions []auth.KeyPermission
 	for rows.Next() {
 		var perm auth.KeyPermission
-		err := rows.Scan(&perm.KeyID, &perm.InstanceID, &perm.CanInfer, &perm.CanViewLogs)
+		err := rows.Scan(&perm.KeyID, &perm.InstanceID, &perm.CanInfer)
 		if err != nil {
 			return nil, fmt.Errorf("failed to scan key permission: %w", err)
 		}
--- a/pkg/server/handlers_auth.go
+++ b/pkg/server/handlers_auth.go
@@ -13,9 +13,8 @@ import (

 // InstancePermission defines the permissions for an API key on a specific instance.
 type InstancePermission struct {
-	InstanceID  int  `json:"instance_id"`
-	CanInfer    bool `json:"can_infer"`
-	CanViewLogs bool `json:"can_view_logs"`
+	InstanceID int  `json:"instance_id"`
+	CanInfer   bool `json:"can_infer"`
 }

 // CreateKeyRequest represents the request body for creating a new API key.
@@ -58,7 +57,6 @@ type KeyPermissionResponse struct {
 	InstanceID   int    `json:"instance_id"`
 	InstanceName string `json:"instance_name"`
 	CanInfer     bool   `json:"can_infer"`
-	CanViewLogs  bool   `json:"can_view_logs"`
 }

 // CreateKey godoc
@@ -153,10 +151,9 @@ func (h *Handler) CreateKey() http.HandlerFunc {
 		var keyPermissions []auth.KeyPermission
 		for _, perm := range req.InstancePermissions {
 			keyPermissions = append(keyPermissions, auth.KeyPermission{
-				KeyID:       0, // Will be set by database after key creation
-				InstanceID:  perm.InstanceID,
-				CanInfer:    perm.CanInfer,
-				CanViewLogs: perm.CanViewLogs,
+				KeyID:      0, // Will be set by database after key creation
+				InstanceID: perm.InstanceID,
+				CanInfer:   perm.CanInfer,
 			})
 		}

@@ -363,7 +360,6 @@ func (h *Handler) GetKeyPermissions() http.HandlerFunc {
 				InstanceID:   perm.InstanceID,
 				InstanceName: instanceNameMap[perm.InstanceID],
 				CanInfer:     perm.CanInfer,
-				CanViewLogs:  perm.CanViewLogs,
 			})
 		}

--- a/pkg/server/routes.go
+++ b/pkg/server/routes.go
@@ -78,7 +78,7 @@ func SetupRouter(handler *Handler) *chi.Mux {
 			r.Get("/", handler.ListNodes()) // List all nodes

 			r.Route("/{name}", func(r chi.Router) {
-				r.Get("/", handler.GetNode())
+				r.Get("/", handler.GetNode()) // Get node details
 			})
 		})