diff --git a/.env.example b/.env.example index 90f746b2a2..1705520ff2 100644 --- a/.env.example +++ b/.env.example @@ -35,6 +35,7 @@ FILE_API_KEY_SOUTHWARK=👻 FILE_API_KEY_EPSOM_EWELL=👻 FILE_API_KEY_MEDWAY=👻 FILE_API_KEY_GATESHEAD=👻 +FILE_API_KEY_DONCASTER=👻 # Editor EDITOR_URL_EXT=http://localhost:3000 diff --git a/api.planx.uk/.env.test.example b/api.planx.uk/.env.test.example index 60ac5e4a5d..becf92fd5d 100644 --- a/api.planx.uk/.env.test.example +++ b/api.planx.uk/.env.test.example @@ -25,6 +25,7 @@ FILE_API_KEY_SOUTHWARK=👻 FILE_API_KEY_EPSOM_EWELL=👻 FILE_API_KEY_MEDWAY=👻 FILE_API_KEY_GATESHEAD=👻 +FILE_API_KEY_DONCASTER=👻 # Editor EDITOR_URL_EXT=example.com diff --git a/api.planx.uk/modules/auth/middleware.ts b/api.planx.uk/modules/auth/middleware.ts index 22e07337c8..1aeb857ea8 100644 --- a/api.planx.uk/modules/auth/middleware.ts +++ b/api.planx.uk/modules/auth/middleware.ts @@ -110,6 +110,10 @@ export const useFilePermission: RequestHandler = (req, _res, next): void => { isEqual( req.headers["api-key"] as string, process.env.FILE_API_KEY_EPSOM_EWELL!, + ) || + isEqual( + req.headers["api-key"] as string, + process.env.FILE_API_KEY_DONCASTER!, ); if (!isAuthenticated) return next({ status: 401, message: "Unauthorised" }); return next(); diff --git a/docker-compose.yml b/docker-compose.yml index 5022927716..8c645b96e6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -130,6 +130,7 @@ services: FILE_API_KEY_EPSOM_EWELL: ${FILE_API_KEY_EPSOM_EWELL} FILE_API_KEY_MEDWAY: ${FILE_API_KEY_MEDWAY} FILE_API_KEY_GATESHEAD: ${FILE_API_KEY_GATESHEAD} + FILE_API_KEY_DONCASTER: ${FILE_API_KEY_DONCASTER} FILE_API_KEY_NEXUS: ${FILE_API_KEY_NEXUS} FILE_API_KEY: ${FILE_API_KEY} GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID} diff --git a/infrastructure/application/Pulumi.production.yaml b/infrastructure/application/Pulumi.production.yaml index 37b51f211c..1fe6f91808 100644 --- a/infrastructure/application/Pulumi.production.yaml +++ b/infrastructure/application/Pulumi.production.yaml @@ -10,6 +10,8 @@ config: secure: AAABAGyTfLujGho+V0tEhFXQRET5FjYK6txyaFTB3gY/VaKzq8yNlocJTAM5nt8mBhF6T+AeQD2GxW63 application:file-api-key-barnet: secure: AAABANMl+fVFsRVGXvJV/aLManXO+TldXVDhp5QH6KGWJoG7O9Ket63zIW1iOiinINWJ2I5OizI= + application:file-api-key-doncaster: + secure: AAABANsIFFm3IsQKbZHe4lEZGsJv3bcK2XOVzd6IiKj+4i/eiILIc7BS0KDQxqLskQ6QCv1sDw04pie8cvAlKqVYWBGmomA2 application:file-api-key-epsom-ewell: secure: AAABANvwhiVRBq8NH7ZqcToUzYn4X+KfC5Wm8WjWUKXT5TuVXqC6zHhVVKFBbmdtKjC4j5M4+bWsLiFO9dO0MLobxLpK7YCE application:file-api-key-gateshead: diff --git a/infrastructure/application/Pulumi.staging.yaml b/infrastructure/application/Pulumi.staging.yaml index 5cc9b010c9..97b43c592a 100644 --- a/infrastructure/application/Pulumi.staging.yaml +++ b/infrastructure/application/Pulumi.staging.yaml @@ -11,6 +11,8 @@ config: secure: AAABAN0LjLOgxCkr5ZqQLn6FkZPcrPlvNG4fbNZ02W2qC1VVYVee/3aToZQuXuokVwnIPNbbe2w= application:file-api-key-barnet: secure: AAABAFpZq81zy3CKFXUgi9oEGIGp7LDVD3TNlYkZD4liX0bxOrmMJYdDpMmyGt4aGARF63nEUmo= + application:file-api-key-doncaster: + secure: AAABAIZjfr4tVG+HG9+83bPYQjgD1hmK5P+SbYpq4qGue07rHA02kciAkTMCyxD5Lzb0WX0K6fm5cvH2tof5mmX7gJGTkMVc application:file-api-key-epsom-ewell: secure: AAABAD1/nlJ2EOEglLiiNsOLbOd3KWCONhNhJAIdZQVnrSRsNIzX2luszOreQf20EYl8AZ4L1TiheqUHSt22e5z1FiLWoCtY application:file-api-key-gateshead: diff --git a/infrastructure/application/index.ts b/infrastructure/application/index.ts index 317d680092..cc389339b6 100644 --- a/infrastructure/application/index.ts +++ b/infrastructure/application/index.ts @@ -381,6 +381,10 @@ export = async () => { name: "FILE_API_KEY_GATESHEAD", value: config.requireSecret("file-api-key-gateshead"), }, + { + name: "FILE_API_KEY_DONCASTER", + value: config.requireSecret("file-api-key-doncaster"), + }, { name: "GOOGLE_CLIENT_ID", value: config.require("google-client-id"),