diff --git a/cmd/hf/main.go b/cmd/hf/main.go index cbea4e5..783be85 100644 --- a/cmd/hf/main.go +++ b/cmd/hf/main.go @@ -341,6 +341,11 @@ func handleUserCommand(subCmd string, args []string) { output.Error("usage: hf user delete ") } commands.RunUserDelete(filtered[0], tokenFlag) + case "reset-apikey": + if len(filtered) < 1 { + output.Error("usage: hf user reset-apikey ") + } + commands.RunUserResetAPIKey(filtered[0], tokenFlag) default: output.Errorf("hf user %s is not implemented yet", subCmd) } diff --git a/internal/commands/user.go b/internal/commands/user.go index 8381a5d..c2c36d4 100644 --- a/internal/commands/user.go +++ b/internal/commands/user.go @@ -390,3 +390,45 @@ func RunUserDelete(username, tokenFlag string) { } fmt.Printf("user deleted: %s\n", username) } + +// resetAPIKeyResponse matches the backend reset-apikey response. +type resetAPIKeyResponse struct { + UserID int `json:"user_id"` + Username string `json:"username"` + APIKey string `json:"api_key"` + Message string `json:"message"` +} + +// RunUserResetAPIKey implements `hf user reset-apikey `. +func RunUserResetAPIKey(username, tokenFlag string) { + token := ResolveToken(tokenFlag) + cfg, err := config.Load() + if err != nil { + output.Errorf("config error: %v", err) + } + c := client.New(cfg.BaseURL, token) + data, err := c.Post("/users/"+username+"/reset-apikey", nil) + if err != nil { + output.Errorf("failed to reset API key: %v", err) + } + + if output.JSONMode { + var raw json.RawMessage + if err := json.Unmarshal(data, &raw); err != nil { + output.Errorf("invalid JSON response: %v", err) + } + output.PrintJSON(raw) + return + } + + var r resetAPIKeyResponse + if err := json.Unmarshal(data, &r); err != nil { + fmt.Printf("API key reset for: %s\n", username) + return + } + output.PrintKeyValue( + "username", r.Username, + "api-key", r.APIKey, + "message", r.Message, + ) +} diff --git a/internal/help/leaf.go b/internal/help/leaf.go index 9a771c8..8eba619 100644 --- a/internal/help/leaf.go +++ b/internal/help/leaf.go @@ -114,6 +114,7 @@ func leafHelpSpec(group, cmd string) (leafHelp, bool) { "user/activate": {Summary: "Activate a user", Usage: []string{"hf user activate "}, Flags: authFlagHelp()}, "user/deactivate": {Summary: "Deactivate a user", Usage: []string{"hf user deactivate "}, Flags: authFlagHelp()}, "user/delete": {Summary: "Delete a user", Usage: []string{"hf user delete "}, Flags: authFlagHelp()}, + "user/reset-apikey": {Summary: "Reset a user's API key", Usage: []string{"hf user reset-apikey "}, Flags: authFlagHelp(), Notes: []string{"The new API key is shown once and cannot be retrieved again."}}, "role/list": {Summary: "List roles", Usage: []string{"hf role list"}, Flags: authFlagHelp()}, "role/get": {Summary: "Show a role by name", Usage: []string{"hf role get "}, Flags: authFlagHelp()}, "role/create": {Summary: "Create a role", Usage: []string{"hf role create --name [--desc ] [--global ]"}, Flags: authFlagHelp()}, diff --git a/internal/help/surface.go b/internal/help/surface.go index 38a9d48..4954209 100644 --- a/internal/help/surface.go +++ b/internal/help/surface.go @@ -40,6 +40,7 @@ func CommandSurface() []Group { {Name: "activate", Description: "Activate a user", Permitted: has(perms, "user.manage")}, {Name: "deactivate", Description: "Deactivate a user", Permitted: has(perms, "user.manage")}, {Name: "delete", Description: "Delete a user", Permitted: has(perms, "user.manage")}, + {Name: "reset-apikey", Description: "Reset a user's API key", Permitted: has(perms, "user.manage")}, }, }, {