diff --git a/controllers/retrieve_secrets.go b/controllers/retrieve_secrets.go index c34dfae..1fad1ba 100644 --- a/controllers/retrieve_secrets.go +++ b/controllers/retrieve_secrets.go @@ -1,10 +1,10 @@ package controllers import ( - "smt/models" - "smt/utils/token" "log" "net/http" + "smt/models" + "smt/utils/token" "github.com/gin-gonic/gin" ) @@ -25,15 +25,7 @@ func RetrieveSecret(c *gin.Context) { log.Printf("RetrieveSecret received JSON input '%v'\n", input) // Get the user and role id of the requestor - user_id, err := token.ExtractTokenID(c) - - if err != nil { - c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) - return - } - - u, err := models.GetUserRoleByID(user_id) - + u, err := models.GetUserRoleFromToken(c) if err != nil { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return @@ -61,7 +53,62 @@ func RetrieveSecret(c *gin.Context) { c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"}) return } +} +func RetrieveSecretByDevicename(c *gin.Context) { + DeviceName := c.Param("devicename") + + if DeviceName == "" { + c.JSON(http.StatusBadRequest, gin.H{"error": "no devicename value specified"}) + return + } + + // Create object based on specified data + s := models.Secret{DeviceName: DeviceName} + //s.DeviceName = DeviceName + + retrieveSpecifiedSecret(&s, c) +} + +func RetrieveSecretByDevicecategory(c *gin.Context) { + DeviceCategory := c.Param("devicecategory") + + if DeviceCategory == "" { + c.JSON(http.StatusBadRequest, gin.H{"error": "no devicecategory value specified"}) + return + } + + // Create object based on specified data + s := models.Secret{DeviceCategory: DeviceCategory} + + retrieveSpecifiedSecret(&s, c) +} + +func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) { + // Get the user and role id of the requestor + u, err := models.GetUserRoleFromToken(c) + if err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) + return + } + s.RoleId = u.RoleId + + results, err := models.GetSecrets(s) + if err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) + return + } + + if len(results) == 1 { + // output results as json + c.JSON(http.StatusOK, gin.H{"message": "success", "data": results}) + } else if len(results) > 1 { + c.JSON(http.StatusBadRequest, gin.H{"error": "found multiple matching secrets"}) + return + } else { + c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"}) + return + } } func RetrieveMultpleSecrets(c *gin.Context) { diff --git a/main.go b/main.go index 2280a62..2814ee1 100644 --- a/main.go +++ b/main.go @@ -152,6 +152,11 @@ func main() { protected.POST("/store", controllers.StoreSecret) protected.POST("/update", controllers.UpdateSecret) + // TODO - support parameters in path + // See https://gin-gonic.com/docs/examples/param-in-path/ + protected.GET("/retrieve/name/:devicename", controllers.RetrieveSecretByDevicename) + protected.GET("/retrieve/category/:devicecategory", controllers.RetrieveSecretByDevicecategory) + // Initializing the server in a goroutine so that // it won't block the graceful shutdown handling below go func() {