Api v1.15.0 (#1589)

* fix(chalice): fixed projectKey-APIKey validation logic

api/auth/auth_project.py

@@ -28,8 +28,7 @@ class ProjectAuthorizer:
             current_project = projects.get_by_project_key(project_key=value)
 
         if current_project is None:
-            logger.debug("project not found")
-            logger.debug(value)
+            logger.debug(f"unauthorized project {self.project_identifier}:{value}")
             raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="project not found.")
         else:
             current_project = schemas.CurrentProjectContext(projectId=current_project["projectId"],

ee/api/auth/auth_project.py

@@ -29,10 +29,15 @@ class ProjectAuthorizer:
             current_project = projects.get_project(tenant_id=current_user.tenant_id, project_id=value)
         elif self.project_identifier == "projectKey":
             current_project = projects.get_by_project_key(value)
+            if current_project is not None \
+                    and request.state.authorizer_identity == "jwt" \
+                    and projects.is_authorized(project_id=current_project["projectId"],
+                                               tenant_id=current_user.tenant_id,
+                                               user_id=user_id):
+                current_project = None
 
         if current_project is None:
-            logger.debug("unauthorized project")
-            logger.debug(value)
+            logger.debug(f"unauthorized project {self.project_identifier}:{value}")
             raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="unauthorized project.")
         else:
             current_project = schemas.CurrentProjectContext(projectId=current_project["projectId"],