Describe the bug
Removing access to Usage plan of a group does not revoke the existing API Keys
To Reproduce
Created a Group CR with usage plans in it.
Low Throughput plan --> gives access to petstore
High Throughput plan --> gives access to my nodejs and httpbin apps
Generated API Keys for each API Product.
Modified Group CR to remove High Throughput plan.
As expected, the user is no longer able to generate API Keys for nodejs and httpbin apps. The API Keys generated earlier for nodejs and httpbin API Products still work to access the API. Should not they be deleted to revoke access?
Expected behavior
Access for users in group should reflect the plans that are defined.
Describe the bug Removing access to Usage plan of a group does not revoke the existing API Keys
To Reproduce Created a Group CR with usage plans in it. Low Throughput plan --> gives access to petstore High Throughput plan --> gives access to my nodejs and httpbin apps Generated API Keys for each API Product. Modified Group CR to remove High Throughput plan. As expected, the user is no longer able to generate API Keys for nodejs and httpbin apps. The API Keys generated earlier for nodejs and httpbin API Products still work to access the API. Should not they be deleted to revoke access?
Expected behavior Access for users in group should reflect the plans that are defined.
Additional context Related to https://github.com/solo-io/gloo-portal-issues/issues/139