nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

test some reusable functions to retrieve secrets in different ways
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2023-04-04 13:26:29 +10:00
parent bf235cdebe
commit 05d7af20c1
2 changed files with 63 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
controllers/retrieve_secrets.go
View File

@@ -1,10 +1,10 @@
package controllers package controllers
import ( import (
"smt/models"
"smt/utils/token"
"log" "log"
"net/http" "net/http"
"smt/models"
"smt/utils/token"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@@ -25,15 +25,7 @@ func RetrieveSecret(c *gin.Context) {
log.Printf("RetrieveSecret received JSON input '%v'\n", input) log.Printf("RetrieveSecret received JSON input '%v'\n", input)
// Get the user and role id of the requestor // Get the user and role id of the requestor
user_id, err := token.ExtractTokenID(c) u, err := models.GetUserRoleFromToken(c)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
u, err := models.GetUserRoleByID(user_id)
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return return
@@ -61,7 +53,62 @@ func RetrieveSecret(c *gin.Context) {
c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"}) c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"})
return return
} }
}
func RetrieveSecretByDevicename(c *gin.Context) {
DeviceName := c.Param("devicename")
if DeviceName == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "no devicename value specified"})
return
}
// Create object based on specified data
s := models.Secret{DeviceName: DeviceName}
//s.DeviceName = DeviceName
retrieveSpecifiedSecret(&s, c)
}
func RetrieveSecretByDevicecategory(c *gin.Context) {
DeviceCategory := c.Param("devicecategory")
if DeviceCategory == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "no devicecategory value specified"})
return
}
// Create object based on specified data
s := models.Secret{DeviceCategory: DeviceCategory}
retrieveSpecifiedSecret(&s, c)
}
func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
// Get the user and role id of the requestor
u, err := models.GetUserRoleFromToken(c)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
s.RoleId = u.RoleId
results, err := models.GetSecrets(s)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
if len(results) == 1 {
// output results as json
c.JSON(http.StatusOK, gin.H{"message": "success", "data": results})
} else if len(results) > 1 {
c.JSON(http.StatusBadRequest, gin.H{"error": "found multiple matching secrets"})
return
} else {
c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"})
return
}
} }
func RetrieveMultpleSecrets(c *gin.Context) { func RetrieveMultpleSecrets(c *gin.Context) {

5
main.go
View File

@@ -152,6 +152,11 @@ func main() {
protected.POST("/store", controllers.StoreSecret) protected.POST("/store", controllers.StoreSecret)
protected.POST("/update", controllers.UpdateSecret) protected.POST("/update", controllers.UpdateSecret)
// TODO - support parameters in path
// See https://gin-gonic.com/docs/examples/param-in-path/
protected.GET("/retrieve/name/:devicename", controllers.RetrieveSecretByDevicename)
protected.GET("/retrieve/category/:devicecategory", controllers.RetrieveSecretByDevicecategory)
// Initializing the server in a goroutine so that // Initializing the server in a goroutine so that
// it won't block the graceful shutdown handling below // it won't block the graceful shutdown handling below
go func() { go func() {