Address PR review feedback on token commands

robzolkos · robzolkos · commit 9b86152630ca · 2026-04-29T21:24:46.000-04:00
- Use requireAuth + requireSDK instead of requireAuthAndAccount: the
  /my/access_tokens endpoint is on the root SDK client (not
  account-scoped), so requiring an account blocks valid users who
  haven't selected one (matches the pattern used by `identity show`).
- Gate the "delete" breadcrumb on a non-empty id so we don't render
  `fizzy token delete ` when the API response has no id.
- E2e: register the cleanup hook before the second t.Fatal check so a
  missing-token-value failure can't strand the created token.
diff --git a/e2e/cli_tests/token_test.go b/e2e/cli_tests/token_test.go
@@ -16,15 +16,15 @@ func TestAccessTokenCRUD(t *testing.T) {
 	if tokenID == "" {
 		t.Fatal("no token ID in create response")
 	}
-	if create.GetDataString("token") == "" {
-		t.Fatal("expected raw token value in create response")
-	}
 	deleted := false
 	t.Cleanup(func() {
 		if !deleted {
 			newHarness(t).Run("token", "delete", tokenID)
 		}
 	})
+	if create.GetDataString("token") == "" {
+		t.Fatal("expected raw token value in create response")
+	}
 
 	list := h.Run("token", "list")
 	assertOK(t, list)
diff --git a/internal/commands/token.go b/internal/commands/token.go
@@ -18,7 +18,10 @@ var tokenListCmd = &cobra.Command{
 	Short: "List personal access tokens",
 	Long:  "Lists your personal access tokens.",
 	RunE: func(cmd *cobra.Command, args []string) error {
-		if err := requireAuthAndAccount(); err != nil {
+		if err := requireAuth(); err != nil {
+			return err
+		}
+		if err := requireSDK(); err != nil {
 			return err
 		}
 
@@ -53,7 +56,10 @@ var tokenCreateCmd = &cobra.Command{
 	Short: "Create a personal access token",
 	Long:  "Creates a new personal access token. The token value is shown once at creation and cannot be retrieved later.",
 	RunE: func(cmd *cobra.Command, args []string) error {
-		if err := requireAuthAndAccount(); err != nil {
+		if err := requireAuth(); err != nil {
+			return err
+		}
+		if err := requireSDK(); err != nil {
 			return err
 		}
 
@@ -82,7 +88,9 @@ var tokenCreateCmd = &cobra.Command{
 
 		breadcrumbs := []Breadcrumb{
 			breadcrumb("list", "fizzy token list", "List tokens"),
-			breadcrumb("delete", fmt.Sprintf("fizzy token delete %s", id), "Delete this token"),
+		}
+		if id != "" {
+			breadcrumbs = append(breadcrumbs, breadcrumb("delete", fmt.Sprintf("fizzy token delete %s", id), "Delete this token"))
 		}
 
 		notice := "Save the token now — it will not be shown again."
@@ -97,7 +105,10 @@ var tokenDeleteCmd = &cobra.Command{
 	Long:  "Deletes a personal access token by ID.",
 	Args:  cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		if err := requireAuthAndAccount(); err != nil {
+		if err := requireAuth(); err != nil {
+			return err
+		}
+		if err := requireSDK(); err != nil {
 			return err
 		}
 
