feat(auth)!: ScadaBridge retire SQL Server ApiKey entity + ApprovedApiKeyIds + legacy hashing; EF migration RetireInboundApiKeyStore; re-issue runbook + CHANGELOG (re-arch C5/E) — BREAKING: X-API-Key -> Bearer sbk_, keys re-issued
This commit is contained in:
Joseph Doherty
@@ -2058,9 +2058,10 @@ public sealed class BundleImporter : IBundleImporter
|
||||
}
|
||||
case ResolutionAction.Overwrite when existing is not null:
|
||||
existing.Script = dto.Script;
|
||||
// ApprovedApiKeyIds is NOT overwritten from a bundle (re-arch C4):
|
||||
// method→key scopes are re-granted per environment and any value on
|
||||
// the target row is preserved across an import.
|
||||
// Method→key scopes are not transported (re-arch C4) and the
|
||||
// ApprovedApiKeyIds column was dropped with the SQL Server ApiKey
|
||||
// entity (re-arch C5): scopes are re-granted per environment in the
|
||||
// shared ZB.MOM.WW.Auth.ApiKeys store, never via an imported bundle.
|
||||
existing.ParameterDefinitions = dto.ParameterDefinitions;
|
||||
existing.ReturnDefinition = dto.ReturnDefinition;
|
||||
existing.TimeoutSeconds = dto.TimeoutSeconds;
|
||||
@@ -2086,8 +2087,10 @@ public sealed class BundleImporter : IBundleImporter
|
||||
|
||||
private static ApiMethod BuildApiMethod(ApiMethodDto dto, string? overrideName)
|
||||
{
|
||||
// ApprovedApiKeyIds is intentionally left at its default (null): keys are not
|
||||
// transported (re-arch C4) and method→key scopes are re-granted per environment.
|
||||
// Method→key scopes are not transported (re-arch C4); the ApprovedApiKeyIds
|
||||
// column that once carried them was dropped with the SQL Server ApiKey entity
|
||||
// (re-arch C5). Scopes are re-granted per environment in the shared
|
||||
// ZB.MOM.WW.Auth.ApiKeys store.
|
||||
return new ApiMethod(overrideName ?? dto.Name, dto.Script)
|
||||
{
|
||||
ParameterDefinitions = dto.ParameterDefinitions,
|
||||
|
||||
Reference in New Issue
Block a user