nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

add checks for readonly access when update/delete secret
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-11 12:07:46 +11:00
parent eb5707a376
commit 1bd832f839
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
controllers/storeSecrets.go
View File

@@ -294,6 +294,14 @@ func UpdateSecret(c *gin.Context) {
// Update secret // Update secret
//log.Printf("secretList[0]: %v\n", secretList[0]) //log.Printf("secretList[0]: %v\n", secretList[0])
// Check for readonly access
if secretList[0].Permission.ReadOnly {
errString := "read-only access unable to update secret"
log.Printf("UpdateSecret %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return
}
s.SecretId = secretList[0].SecretId s.SecretId = secretList[0].SecretId
// check for empty fields in the update request and update from the existing record // check for empty fields in the update request and update from the existing record
@@ -373,6 +381,14 @@ func DeleteSecret(c *gin.Context) {
// Delete secret // Delete secret
log.Printf("secretList[0]: %v\n", secretList[0]) log.Printf("secretList[0]: %v\n", secretList[0])
// Check for readonly access
if secretList[0].Permission.ReadOnly {
errString := "read-only access unable to delete secret"
log.Printf("DeleteSecret %s\n", errString)
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
return
}
s.SecretId = secretList[0].SecretId s.SecretId = secretList[0].SecretId
// check for empty fields in the update request and update from the existing record // check for empty fields in the update request and update from the existing record