feat: add get_all_runner_status to WASM client and use it to show real runner status in dropdown

2025-11-11 15:09:19 +01:00
parent 2ca593510c
commit 285199edac
7 changed files with 49 additions and 529 deletions
--- a/core/src/openrpc.rs
+++ b/core/src/openrpc.rs
@@ -1023,6 +1023,20 @@ impl SupervisorRpcServer for Arc<Mutex<Supervisor>> {
            return Err(ErrorObject::owned(-32603, "Admin permissions required", None::<()>));
        }
        
+        // Check if this is an admin key being deleted
+        if supervisor.is_admin_key(&key_to_remove).await {
+            // Count remaining admin keys
+            let admin_keys = supervisor.list_api_keys_by_scope(crate::auth::ApiKeyScope::Admin).await;
+            
+            if admin_keys.len() <= 1 {
+                return Err(ErrorObject::owned(
+                    -32603, 
+                    "Cannot delete the last admin key", 
+                    None::<()>
+                ));
+            }
+        }
+        
        Ok(supervisor.remove_api_key(&key_to_remove).await.is_some())
    }
    
@@ -1115,6 +1129,12 @@ where
    }

    fn call(&mut self, req: hyper::Request<B>) -> Self::Future {
+        // Log all headers for debugging
+        debug!("🔍 Incoming request headers:");
+        for (name, value) in req.headers() {
+            debug!("  {}: {:?}", name, value);
+        }
+        
        // Extract Authorization header
        let api_key = req.headers()
            .get("authorization")
@@ -1122,6 +1142,12 @@ where
            .and_then(|h| h.strip_prefix("Bearer "))
            .map(|s| s.to_string());
        
+        if let Some(ref key) = api_key {
+            debug!("✅ Found Authorization header with key: {}...", &key[..key.len().min(8)]);
+        } else {
+            debug!("❌ No Authorization header found in request");
+        }
+        
        // Store in thread-local
        set_current_api_key(api_key);
        
@@ -1141,10 +1167,16 @@ pub async fn start_http_openrpc_server(
    let http_addr: SocketAddr = format!("{}:{}", bind_address, port).parse()?;
    
    // Configure CORS to allow requests from the admin UI
+    // Note: Authorization header must be explicitly listed, not covered by Any
+    use tower_http::cors::AllowHeaders;
    let cors = CorsLayer::new()
        .allow_origin(Any)
-        .allow_headers(Any)
-        .allow_methods(Any);
+        .allow_headers(AllowHeaders::list([
+            hyper::header::CONTENT_TYPE,
+            hyper::header::AUTHORIZATION,
+        ]))
+        .allow_methods(Any)
+        .expose_headers(Any);
    
    // Build HTTP middleware stack with auth extraction
    let http_middleware = tower::ServiceBuilder::new()