This commit is contained in:
@@ -55,66 +55,6 @@ func RetrieveSecret(c *gin.Context) {
|
||||
s.UserName = input.UserName
|
||||
|
||||
retrieveSpecifiedSecret(&s, c)
|
||||
|
||||
/*
|
||||
user_id, err := token.ExtractTokenID(c)
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
|
||||
return
|
||||
}
|
||||
|
||||
// Work out which safe to query for this user if the safe was not specified
|
||||
safeList, err := models.UserGetSafesAllowed(int(user_id))
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user safes"})
|
||||
return
|
||||
}
|
||||
|
||||
// If there was only one result then just use that
|
||||
if len(safeList) == 0 {
|
||||
// check if the user is an admin, if not then they seem to have access to zero safes
|
||||
if !models.UserCheckIfAdmin(int(user_id)) {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "user has no access to any secrets"})
|
||||
return
|
||||
} else {
|
||||
// Don't apply a role filter if user has admin role
|
||||
results, err = models.SecretsGetMultipleSafes(&s, true, []int{})
|
||||
}
|
||||
|
||||
} else if len(safeList) == 1 {
|
||||
s.SafeId = safeList[0].SafeId
|
||||
userIsAdmin = safeList[0].AdminUser || safeList[0].AdminGroup
|
||||
// Don't apply a role filter if user has admin role
|
||||
//results, err = models.GetSecrets(&s, userIsAdmin)
|
||||
results, err = models.SecretsGetMultipleSafes(&s, userIsAdmin, []int{s.SafeId})
|
||||
} else {
|
||||
// Create a list of all the safes this user can access
|
||||
var safeIds []int
|
||||
for _, safe := range safeList {
|
||||
safeIds = append(safeIds, safe.SafeId)
|
||||
}
|
||||
|
||||
results, err = models.SecretsGetMultipleSafes(&s, false, safeIds)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
if len(results) == 1 {
|
||||
// output results as json
|
||||
c.JSON(http.StatusOK, gin.H{"message": "success", "data": results})
|
||||
} else if len(results) > 1 {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "found multiple matching secrets, use retrieveMultiple instead"})
|
||||
return
|
||||
} else {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"})
|
||||
return
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
||||
func RetrieveSecretByDevicename(c *gin.Context) {
|
||||
@@ -251,44 +191,6 @@ func ListSecrets(c *gin.Context) {
|
||||
output = append(output, ListSecret(secret.Secret))
|
||||
}
|
||||
|
||||
/*
|
||||
// Work out which safe to query for this user if the safe was not specified
|
||||
safeList, err := models.UserGetSafesAllowed(int(UserId))
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user safes"})
|
||||
return
|
||||
}
|
||||
|
||||
// If there was only one result then just use that
|
||||
if len(safeList) == 0 {
|
||||
errString := "no matching secret or user has no access to specified secret"
|
||||
log.Printf("ListSecrets %s\n", errString)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": errString})
|
||||
return
|
||||
} else if len(safeList) == 1 {
|
||||
s.SafeId = safeList[0].SafeId
|
||||
results, err = models.SecretsGetMultipleSafes(&s, []int{s.SafeId})
|
||||
} else {
|
||||
// Create a list of all the safes this user can access
|
||||
var safeIds []int
|
||||
for _, safe := range safeList {
|
||||
safeIds = append(safeIds, safe.SafeId)
|
||||
}
|
||||
|
||||
results, err = models.SecretsGetMultipleSafes(&s, safeIds)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
for _, v := range results {
|
||||
output = append(output, ListSecret(v))
|
||||
}
|
||||
*/
|
||||
|
||||
// output results as json
|
||||
c.JSON(http.StatusOK, gin.H{"message": "success", "data": output})
|
||||
|
||||
|
||||
@@ -11,17 +11,6 @@ import (
|
||||
)
|
||||
|
||||
// bindings are validated by https://github.com/go-playground/validator
|
||||
/*
|
||||
type StoreSecretInput struct {
|
||||
SafeId int `json:"safeId"`
|
||||
SafeName string `json:"safeName"`
|
||||
DeviceName string `json:"deviceName"`
|
||||
DeviceCategory string `json:"deviceCategory"`
|
||||
UserName string `json:"userName" binding:"required"`
|
||||
SecretValue string `json:"secretValue" binding:"required"`
|
||||
}
|
||||
*/
|
||||
|
||||
type SecretInput struct {
|
||||
SafeId int `json:"safeId"`
|
||||
SafeName string `json:"safeName"`
|
||||
|
||||
Reference in New Issue
Block a user