From 1b1ac50a618ce99b7038bd68128cedea06e8b5bc Mon Sep 17 00:00:00 2001 From: Nathan Coad Date: Tue, 9 Jan 2024 21:45:45 +1100 Subject: [PATCH] fix bug with UserName --- README.md | 10 ++++++---- models/secret.go | 3 ++- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 63ca7ac..13ea923 100644 --- a/README.md +++ b/README.md @@ -6,18 +6,20 @@ Build Date: `{BUILDTIME}` Build Hash: `{SHA1VER}` +Written by Nathan Coad (nathan.coad@dell.com) + ## Overview -Provide REST API to store and retrieve secrets with associated username, device name and optionally device class. Secret is stored in sqlite database once encrypted using an AES256 block cipher wrapped in Galois Counter Mode with the standard nonce length. +Provide REST API to store and retrieve secrets with associated username, device name and optionally device class. Secrets are stored in sqlite database once encrypted using an AES256 block cipher wrapped in Galois Counter Mode with the standard nonce length. All secret operations (Create, Read, Update or Delete) require successful authentication. A JWT token is returned upon login, which must be provided for all other operations. -Multiple user roles are supported, with each user only able to access secrets matching their user role. One exception is the built in administrator role that is able to access all secrets. - -Written by Nathan Coad (nathan.coad@dell.com) +Users must be a member of a single group. Groups can have access to multiple safes. Groups can have read-only or read-write access to safes. Only users with an admin role can perform user-related operations such as creating users or groups, or creating/deleting safes. Users and groups can be either locally defined or sourced from LDAP lookups. ## Installation +Only tested on x64 Linux, but code should compile on other platforms. + 1. Copy binary to chosen location, eg /srv/smt/smt 2. Create .env file in same directory as binary, populate as per Configuration section below 3. Create systemd service definition diff --git a/models/secret.go b/models/secret.go index bf0dcfd..88200a0 100644 --- a/models/secret.go +++ b/models/secret.go @@ -26,9 +26,10 @@ type Secret struct { } // Used for querying all secrets the user has access to +// Since there are some ambiguous column names (eg UserName is present in both users and secrets table), the order of fields in this struct matters type UserSecret struct { - User Secret + User //Group Permission }