From 13b0f87e7de6ee09ebaed6ea036fa39f15e55c54 Mon Sep 17 00:00:00 2001 From: Nathan Coad Date: Mon, 3 Apr 2023 11:12:50 +1000 Subject: [PATCH] updates --- README.md | 14 ++++++++++++++ controllers/store_secrets.go | 12 ++++++++++++ 2 files changed, 26 insertions(+) diff --git a/README.md b/README.md index 3732e50..499662f 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,8 @@ POST `/api/secret/store` Must be logged in to execute this command. Role of current user cannot be a ReadOnly role. Secret will be stored with the RoleId of the currently logged in user. Either deviceName or deviceCategory can be blank but not both. +If a secret exists for this RoleId and matching deviceName and deviceCategory then an error will be generated. + #### Retrieve GET `/api/secret/retrieve` @@ -112,3 +114,15 @@ Either deviceName or deviceCategory can be specified (or both). Wildcards are su 2. The underscore _ wildcard matches any single character. #### Update +POST `/api/secret/update` + +``` +{ + "deviceName": "", + "deviceCategory": "", + "userName": "", + "secretValue": "" +} +``` + +Users with ReadOnly role will receive Forbidden error when calling this API endpoint. The values specified in deviceName and deviceCategory must match exactly one existing secret record for the RoleId of the currently logged in user. \ No newline at end of file diff --git a/controllers/store_secrets.go b/controllers/store_secrets.go index ebb5903..2c3adc4 100644 --- a/controllers/store_secrets.go +++ b/controllers/store_secrets.go @@ -102,6 +102,7 @@ func UpdateSecret(c *gin.Context) { // Populate fields s := models.Secret{} + s.UserName = input.UserName s.DeviceName = input.DeviceName s.DeviceCategory = input.DeviceCategory @@ -128,6 +129,17 @@ func UpdateSecret(c *gin.Context) { // Set the secret id with the one retrieved from the database s.SecretId = checkExists[0].SecretId + // check for empty fields in the update request and update from the existing record + if s.UserName == "" { + s.UserName = checkExists[0].UserName + } + if s.DeviceCategory == "" { + s.DeviceCategory = checkExists[0].DeviceCategory + } + if s.DeviceName == "" { + s.DeviceName = checkExists[0].DeviceName + } + // Encrypt secret s.Secret = input.SecretValue _, err = s.EncryptSecret()