PUT /me/tokens: Return crate_scopes and endpoint_scopes fields too

src/models/token.rs

@@ -154,6 +154,8 @@ mod tests {
                     .and_hms_opt(14, 23, 12),
             )
             .unwrap(),
+            crate_scopes: None,
+            endpoint_scopes: None,
         };
         let json = serde_json::to_string(&tok).unwrap();
         assert_some!(json

src/tests/routes/me/tokens/create.rs

@@ -1,17 +1,13 @@
+use crate::util::insta::{self, assert_yaml_snapshot};
 use crate::util::{RequestHelper, TestApp};
 use cargo_registry::models::token::{CrateScope, EndpointScope};
 use cargo_registry::models::ApiToken;
-use cargo_registry::views::EncodableApiTokenWithToken;
 use diesel::prelude::*;
 use http::StatusCode;
+use serde_json::Value;
 
 static NEW_BAR: &[u8] = br#"{ "api_token": { "name": "bar" } }"#;
 
-#[derive(Deserialize)]
-struct NewResponse {
-    api_token: EncodableApiTokenWithToken,
-}
-
 #[test]
 fn create_token_logged_out() {
     let (_, anon) = TestApp::init().empty();
@@ -63,9 +59,14 @@ fn create_token_exceeded_tokens_per_user() {
 fn create_token_success() {
     let (app, _, user) = TestApp::init().with_user();
 
-    let json: NewResponse = user.put("/api/v1/me/tokens", NEW_BAR).good();
-    assert_eq!(json.api_token.name, "bar");
-    assert!(!json.api_token.token.is_empty());
+    let response = user.put::<()>("/api/v1/me/tokens", NEW_BAR);
+    assert_eq!(response.status(), StatusCode::OK);
+    assert_yaml_snapshot!(response.into_json(), {
+        ".api_token.id" => insta::any_id_redaction(),
+        ".api_token.created_at" => "[datetime]",
+        ".api_token.last_used_at" => "[datetime]",
+        ".api_token.token" => insta::api_token_redaction(),
+    });
 
     let tokens: Vec<ApiToken> =
         app.db(|conn| assert_ok!(ApiToken::belonging_to(user.as_model()).load(conn)));
@@ -80,21 +81,22 @@ fn create_token_success() {
 #[test]
 fn create_token_multiple_have_different_values() {
     let (_, _, user) = TestApp::init().with_user();
-    let first: NewResponse = user.put("/api/v1/me/tokens", NEW_BAR).good();
-    let second: NewResponse = user.put("/api/v1/me/tokens", NEW_BAR).good();
+    let first: Value = user.put("/api/v1/me/tokens", NEW_BAR).good();
+    let second: Value = user.put("/api/v1/me/tokens", NEW_BAR).good();
 
-    assert_ne!(first.api_token.token, second.api_token.token);
+    assert_eq!(first["api_token"]["name"], second["api_token"]["name"]);
+    assert_ne!(first["api_token"]["token"], second["api_token"]["token"]);
 }
 
 #[test]
 fn create_token_multiple_users_have_different_values() {
     let (app, _, user1) = TestApp::init().with_user();
-    let first_token: NewResponse = user1.put("/api/v1/me/tokens", NEW_BAR).good();
+    let first: Value = user1.put("/api/v1/me/tokens", NEW_BAR).good();
 
     let user2 = app.db_new_user("bar");
-    let second_token: NewResponse = user2.put("/api/v1/me/tokens", NEW_BAR).good();
+    let second: Value = user2.put("/api/v1/me/tokens", NEW_BAR).good();
 
-    assert_ne!(first_token.api_token.token, second_token.api_token.token);
+    assert_ne!(first["api_token"]["token"], second["api_token"]["token"]);
 }
 
 #[test]
@@ -123,11 +125,14 @@ fn create_token_with_scopes() {
         }
     });
 
-    let json: NewResponse = user
-        .put("/api/v1/me/tokens", &serde_json::to_vec(&json).unwrap())
-        .good();
-    assert_eq!(json.api_token.name, "bar");
-    assert!(!json.api_token.token.is_empty());
+    let response = user.put::<()>("/api/v1/me/tokens", &serde_json::to_vec(&json).unwrap());
+    assert_eq!(response.status(), StatusCode::OK);
+    assert_yaml_snapshot!(response.into_json(), {
+        ".api_token.id" => insta::any_id_redaction(),
+        ".api_token.created_at" => "[datetime]",
+        ".api_token.last_used_at" => "[datetime]",
+        ".api_token.token" => insta::api_token_redaction(),
+    });
 
     let tokens: Vec<ApiToken> =
         app.db(|conn| assert_ok!(ApiToken::belonging_to(user.as_model()).load(conn)));
@@ -160,11 +165,14 @@ fn create_token_with_null_scopes() {
         }
     });
 
-    let json: NewResponse = user
-        .put("/api/v1/me/tokens", &serde_json::to_vec(&json).unwrap())
-        .good();
-    assert_eq!(json.api_token.name, "bar");
-    assert!(!json.api_token.token.is_empty());
+    let response = user.put::<()>("/api/v1/me/tokens", &serde_json::to_vec(&json).unwrap());
+    assert_eq!(response.status(), StatusCode::OK);
+    assert_yaml_snapshot!(response.into_json(), {
+        ".api_token.id" => insta::any_id_redaction(),
+        ".api_token.created_at" => "[datetime]",
+        ".api_token.last_used_at" => "[datetime]",
+        ".api_token.token" => insta::api_token_redaction(),
+    });
 
     let tokens: Vec<ApiToken> =
         app.db(|conn| assert_ok!(ApiToken::belonging_to(user.as_model()).load(conn)));

src/tests/routes/me/tokens/snapshots/all__routes__me__tokens__create__create_token_success.snap

@@ -0,0 +1,14 @@
+---
+source: src/tests/routes/me/tokens/create.rs
+expression: response.into_json()
+---
+api_token:
+  crate_scopes: ~
+  created_at: "[datetime]"
+  endpoint_scopes: ~
+  id: "[id]"
+  last_used_at: "[datetime]"
+  name: bar
+  revoked: false
+  token: "[token]"
+

src/tests/routes/me/tokens/snapshots/all__routes__me__tokens__create__create_token_with_null_scopes.snap

@@ -0,0 +1,14 @@
+---
+source: src/tests/routes/me/tokens/create.rs
+expression: response.into_json()
+---
+api_token:
+  crate_scopes: ~
+  created_at: "[datetime]"
+  endpoint_scopes: ~
+  id: "[id]"
+  last_used_at: "[datetime]"
+  name: bar
+  revoked: false
+  token: "[token]"
+

src/tests/routes/me/tokens/snapshots/all__routes__me__tokens__create__create_token_with_scopes.snap

@@ -0,0 +1,17 @@
+---
+source: src/tests/routes/me/tokens/create.rs
+expression: response.into_json()
+---
+api_token:
+  crate_scopes:
+    - tokio
+    - tokio-*
+  created_at: "[datetime]"
+  endpoint_scopes:
+    - publish-update
+  id: "[id]"
+  last_used_at: "[datetime]"
+  name: bar
+  revoked: false
+  token: "[token]"
+

src/tests/util/insta.rs

@@ -13,3 +13,10 @@ pub fn any_id_redaction() -> insta::internals::Redaction {
         "[id]"
     })
 }
+
+pub fn api_token_redaction() -> insta::internals::Redaction {
+    insta::dynamic_redaction(move |value, _path| {
+        assert!(assert_some!(value.as_str()).starts_with("cio"));
+        "[token]"
+    })
+}

src/views.rs

@@ -2,6 +2,7 @@ use chrono::NaiveDateTime;
 use url::Url;
 
 use crate::github;
+use crate::models::token::{CrateScope, EndpointScope};
 use crate::models::{
     Category, Crate, CrateOwnerInvitation, CreatedApiToken, Dependency, DependencyKind, Keyword,
     Owner, ReverseDependency, Team, TopVersions, User, Version, VersionDownload,
@@ -467,7 +468,7 @@ impl From<Team> for EncodableTeam {
 /// The serialization format for the `ApiToken` model with its token value.
 /// This should only be used when initially creating a new token to minimize
 /// the chance of token leaks.
-#[derive(Deserialize, Serialize, Debug)]
+#[derive(Serialize, Debug)]
 pub struct EncodableApiTokenWithToken {
     pub id: i32,
     pub name: String,
@@ -477,6 +478,10 @@ pub struct EncodableApiTokenWithToken {
     pub created_at: NaiveDateTime,
     #[serde(with = "rfc3339::option")]
     pub last_used_at: Option<NaiveDateTime>,
+    /// `None` or a list of crate scope patterns (see RFC #2947)
+    pub crate_scopes: Option<Vec<CrateScope>>,
+    /// A list of endpoint scopes or `None` for the `legacy` endpoint scope (see RFC #2947)
+    pub endpoint_scopes: Option<Vec<EndpointScope>>,
 }
 
 impl From<CreatedApiToken> for EncodableApiTokenWithToken {
@@ -488,6 +493,8 @@ impl From<CreatedApiToken> for EncodableApiTokenWithToken {
             revoked: token.model.revoked,
             created_at: token.model.created_at,
             last_used_at: token.model.last_used_at,
+            crate_scopes: token.model.crate_scopes,
+            endpoint_scopes: token.model.endpoint_scopes,
         }
     }
 }