nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

test storesecret update
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-09 22:34:41 +11:00
parent fc736df4e3
commit 25510c63e5
4 changed files with 50 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
controllers/retrieve_secrets.go
View File

@@ -162,7 +162,7 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
return return
} }
*/ */
var UserId int
var results []models.Secret var results []models.Secret
/* /*
user_id, err := token.ExtractTokenID(c) user_id, err := token.ExtractTokenID(c)
@@ -171,10 +171,16 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
return return
} }
*/ */
user_id := c.GetInt("user-id") // Get userId that we stored in the context earlier
if val, ok := c.Get("user-id"); !ok {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
return
} else {
UserId = val.(int)
}
// Work out which safe to query for this user if the safe was not specified // Work out which safe to query for this user if the safe was not specified
safeList, err := models.UserGetSafesAllowed(int(user_id)) safeList, err := models.UserGetSafesAllowed(int(UserId))
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user safes"}) c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user safes"})
@@ -189,7 +195,7 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
return return
} else if len(safeList) == 1 { } else if len(safeList) == 1 {
s.SafeId = safeList[0].SafeId s.SafeId = safeList[0].SafeId
results, err = models.SecretsGetMultipleSafes(s, []int{s.SafeId}) results, err = models.SecretsGetFromMultipleSafes(s, []int{s.SafeId})
} else { } else {
// Create a list of all the safes this user can access // Create a list of all the safes this user can access
var safeIds []int var safeIds []int
@@ -197,7 +203,7 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
safeIds = append(safeIds, safe.SafeId) safeIds = append(safeIds, safe.SafeId)
} }
results, err = models.SecretsGetMultipleSafes(s, safeIds) results, err = models.SecretsGetFromMultipleSafes(s, safeIds)
} }
if err != nil { if err != nil {

14
controllers/store_secrets.go
View File

@@ -31,8 +31,8 @@ type SecretInput struct {
SecretValue string `json:"secretValue"` SecretValue string `json:"secretValue"`
} }
func FindSafeId(UserId int, input SecretInput) (int, error) { // CheckSafeAllowed returns the SafeId of an allowed safe containing the secret specified by SafeId or SafeName
func CheckSafeAllowed(UserId int, input SecretInput) (int, error) {
// Check which safes a user is allowed to access // Check which safes a user is allowed to access
allowedSafes, err := models.UserGetSafesAllowed(UserId) allowedSafes, err := models.UserGetSafesAllowed(UserId)
if err != nil { if err != nil {
@@ -122,7 +122,9 @@ func StoreSecret(c *gin.Context) {
//log.Printf("user_id: %v\n", user_id) //log.Printf("user_id: %v\n", user_id)
} }
safeId, err := FindSafeId(UserId, input) // TODO replace FindSafeId with models.SecretsGetAllowed()
safeId, err := CheckSafeAllowed(UserId, input)
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return return
@@ -130,7 +132,11 @@ func StoreSecret(c *gin.Context) {
s.SafeId = safeId s.SafeId = safeId
// If this secret already exists in the database then generate an error // If this secret already exists in the database then generate an error
checkExists, err := models.GetSecrets(&s, false) //checkExists, err := models.GetSecrets(&s, false)
checkExists, err := models.SecretsGetFromMultipleSafes(&s, []int{safeId})
// TODO replace GetSecrets with SecretsGetFromMultipleSafes
if err != nil { if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return return

75
models/secret.go
View File

@@ -11,8 +11,6 @@ import (
"log" "log"
"smt/utils" "smt/utils"
"strings" "strings"
"github.com/jmoiron/sqlx"
) )
const nonceSize = 12 const nonceSize = 12
@@ -56,6 +54,7 @@ func (s *Secret) SaveSecret() (*Secret, error) {
return s, nil return s, nil
} }
// SecretsGetAllowed returns all allowed secrets matching the specified parameters in s
func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) { func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
var err error var err error
var secretResults []UserSecret var secretResults []UserSecret
@@ -150,74 +149,8 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
return secretResults, nil return secretResults, nil
} }
/* // SecretsGetFromMultipleSafes queries the specified safes for matching secrets
func SecretsSearchAllSafes(s *Secret) ([]Secret, error) { func SecretsGetFromMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
var err error
var secretResults []Secret
args := []interface{}{}
query := "SELECT * FROM secrets WHERE 1=1 "
// Make sure at least one parameter was specified
if s.DeviceName == "" && s.DeviceCategory == "" && s.UserName == "" {
err = errors.New("no search parameters specified")
log.Println(err)
return secretResults, err
}
// Add any other arguments to the query if they were specified
if s.DeviceName != "" {
query += " AND DeviceName LIKE ? "
args = append(args, s.DeviceName)
}
if s.DeviceCategory != "" {
query += " AND DeviceCategory LIKE ? "
args = append(args, s.DeviceCategory)
}
if s.UserName != "" {
query += " AND UserName LIKE ? "
args = append(args, s.UserName)
}
// Execute the query
log.Printf("SecretsSearchAllSafes query string : '%s'\n%+v\n", query, args)
rows, err := db.Queryx(query, args...)
if err != nil {
log.Printf("SecretsSearchAllSafes error executing sql record : '%s'\n", err)
return secretResults, err
} else {
// parse all the results into a slice
for rows.Next() {
var r Secret
err = rows.StructScan(&r)
if err != nil {
log.Printf("SecretsSearchAllSafes error parsing sql record : '%s'\n", err)
return secretResults, err
}
// Decrypt the secret
_, err = r.DecryptSecret()
if err != nil {
//log.Printf("GetSecret unable to decrypt stored secret '%v' : '%s'\n", r.Secret, err)
log.Printf("SecretsSearchAllSafes unable to decrypt stored secret : '%s'\n", err)
return secretResults, err
} else {
secretResults = append(secretResults, r)
}
}
log.Printf("SecretsSearchAllSafes retrieved '%d' results\n", len(secretResults))
}
return secretResults, nil
}
*/
// SecretsGetMultipleSafes queries the specified safes for matching secrets
func SecretsGetMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
var err error var err error
var secretResults []Secret var secretResults []Secret
@@ -302,6 +235,7 @@ func SecretsGetMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
return secretResults, nil return secretResults, nil
} }
/*
// Returns all matching secrets, up to caller to determine how to deal with multiple results // Returns all matching secrets, up to caller to determine how to deal with multiple results
func GetSecrets(s *Secret, adminRole bool) ([]Secret, error) { func GetSecrets(s *Secret, adminRole bool) ([]Secret, error) {
var err error var err error
@@ -388,6 +322,7 @@ func GetSecrets(s *Secret, adminRole bool) ([]Secret, error) {
return secretResults, nil return secretResults, nil
} }
*/
func (s *Secret) UpdateSecret() (*Secret, error) { func (s *Secret) UpdateSecret() (*Secret, error) {

5
models/user.go
View File

@@ -373,12 +373,14 @@ func UserGetSafesAllowed(userId int) ([]UserSafe, error) {
defer rows.Close() defer rows.Close()
// Get columns from rows for debugging // Get columns from rows for debugging
/*
columns, err := rows.Columns() columns, err := rows.Columns()
if err != nil { if err != nil {
log.Printf("UserGetSafesAllowed error getting column listing : '%s'\n", err) log.Printf("UserGetSafesAllowed error getting column listing : '%s'\n", err)
return results, err return results, err
} }
log.Printf("columns: %v\n", columns) log.Printf("columns: %v\n", columns)
*/
// parse all the results into a slice // parse all the results into a slice
for rows.Next() { for rows.Next() {
@@ -394,6 +396,7 @@ func UserGetSafesAllowed(userId int) ([]UserSafe, error) {
results = append(results, us) results = append(results, us)
/*
// Create a map to store column names and values // Create a map to store column names and values
rowValues := make(map[string]interface{}) rowValues := make(map[string]interface{})
@@ -410,7 +413,7 @@ func UserGetSafesAllowed(userId int) ([]UserSafe, error) {
log.Printf("%s: %v\n", column, rowValues[column]) log.Printf("%s: %v\n", column, rowValues[column])
} }
log.Println("-----------") log.Println("-----------")
*/
} }
log.Printf("UserGetSafesAllowed retrieved '%d' results\n", len(results)) log.Printf("UserGetSafesAllowed retrieved '%d' results\n", len(results))
} }