feat(auth): ScadaBridge TransportExport excludes inbound API keys (re-arch C4; methods-only, import ignores legacy key sections); keys re-issued per environment

2026-06-02 05:06:40 -04:00
parent d1191fddf9
commit 731cfd3bfc
34 changed files with 212 additions and 190 deletions
@@ -153,17 +153,14 @@ public sealed class EntitySerializer
                    RetryDelay: smtp.RetryDelay,
                    Secrets: secrets);
            }).ToList(),
-            // ApiKey stores only KeyHash already; no plaintext to carve. SecretsBlock
-            // stays null per design — KeyHash is on the public DTO.
-            ApiKeys: aggregate.ApiKeys.Select(k => new ApiKeyDto(
-                Name: k.Name,
-                KeyHash: k.KeyHash,
-                IsEnabled: k.IsEnabled,
-                Secrets: null)).ToList(),
+            // Inbound API keys are not transported between environments (re-arch C4):
+            // the bundle carries API methods only. ApiMethod.ApprovedApiKeyIds is also
+            // excluded — it references keys that aren't in the bundle; method→key scopes
+            // are re-granted per environment via the admin UI/CLI. The legacy ApiKeys
+            // field on the DTO stays null (and is dropped by WhenWritingNull).
            ApiMethods: aggregate.ApiMethods.Select(m => new ApiMethodDto(
                Name: m.Name,
                Script: m.Script,
-                ApprovedApiKeyIds: m.ApprovedApiKeyIds,
                ParameterDefinitions: m.ParameterDefinitions,
                ReturnDefinition: m.ReturnDefinition,
                TimeoutSeconds: m.TimeoutSeconds)).ToList());
@@ -336,21 +333,15 @@ public sealed class EntitySerializer
            })
            .ToList();

-        var apiKeys = content.ApiKeys
-            .Select((dto, ix) =>
-            {
-                var key = ApiKey.FromHash(dto.Name, dto.KeyHash);
-                key.Id = ix + 1;
-                key.IsEnabled = dto.IsEnabled;
-                return key;
-            })
-            .ToList();
-
+        // Inbound API keys are not transported (re-arch C4) — content.ApiKeys is a
+        // legacy field only present on pre-C4 bundles; it is ignored here. The
+        // BundleImporter is responsible for counting and reporting any such keys.
+        // ApiMethod.ApprovedApiKeyIds is likewise not reconstructed: scopes are
+        // re-granted per environment.
        var apiMethods = content.ApiMethods
            .Select((dto, ix) => new ApiMethod(dto.Name, dto.Script)
            {
                Id = ix + 1,
-                ApprovedApiKeyIds = dto.ApprovedApiKeyIds,
                ParameterDefinitions = dto.ParameterDefinitions,
                ReturnDefinition = dto.ReturnDefinition,
                TimeoutSeconds = dto.TimeoutSeconds,
@@ -366,7 +357,6 @@ public sealed class EntitySerializer
            DatabaseConnections: databaseConnections,
            NotificationLists: notificationLists,
            SmtpConfigurations: smtpConfigurations,
-            ApiKeys: apiKeys,
            ApiMethods: apiMethods);
    }
 }