diff --git a/models/secret.go b/models/secret.go index 4c51151..45311aa 100644 --- a/models/secret.go +++ b/models/secret.go @@ -29,7 +29,7 @@ type Secret struct { type UserSecret struct { User Secret - Group + //Group Permission } @@ -101,13 +101,14 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) { // Query for group access queryArgs := []interface{}{} - query := `SELECT users.*, permissions.ReadOnly, - secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName, secrets.Secret - FROM users - INNER JOIN groups ON users.GroupId = groups.GroupId - INNER JOIN permissions ON groups.GroupId = permissions.GroupId - INNER JOIN secrets on secrets.SafeId = permissions.SafeId - WHERE users.UserId = ? ` + query := ` + SELECT users.UserId, permissions.ReadOnly, + secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName + FROM users + INNER JOIN groups ON users.GroupId = groups.GroupId + INNER JOIN permissions ON groups.GroupId = permissions.GroupId + INNER JOIN secrets on secrets.SafeId = permissions.SafeId + WHERE users.UserId = ? ` queryArgs = append(queryArgs, userId) // Add any other arguments to the query if they were specified @@ -125,34 +126,34 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) { query += " AND secrets.UserName LIKE ? " queryArgs = append(queryArgs, s.UserName) } - /* - // Query for user access - query += ` + + // Query for user access + query += ` UNION - SELECT users.UserId, users.GroupId, permissions.ReadOnly, safes.SafeName, secrets.* + SELECT users.UserId, permissions.ReadOnly, + secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName FROM users INNER JOIN permissions ON users.UserId = permissions.UserId INNER JOIN safes on permissions.SafeId = safes.SafeId INNER JOIN secrets on secrets.SafeId = safes.SafeId WHERE users.UserId = ?` - queryArgs = append(queryArgs, userId) + queryArgs = append(queryArgs, userId) - // Add any other arguments to the query if they were specified - if s.DeviceName != "" { - query += " AND DeviceName LIKE ? " - queryArgs = append(queryArgs, s.DeviceName) - } + // Add any other arguments to the query if they were specified + if s.DeviceName != "" { + query += " AND DeviceName LIKE ? " + queryArgs = append(queryArgs, s.DeviceName) + } - if s.DeviceCategory != "" { - query += " AND DeviceCategory LIKE ? " - queryArgs = append(queryArgs, s.DeviceCategory) - } + if s.DeviceCategory != "" { + query += " AND DeviceCategory LIKE ? " + queryArgs = append(queryArgs, s.DeviceCategory) + } - if s.UserName != "" { - query += " AND secrets.UserName LIKE ? " - queryArgs = append(queryArgs, s.UserName) - } - */ + if s.UserName != "" { + query += " AND secrets.UserName LIKE ? " + queryArgs = append(queryArgs, s.UserName) + } // Execute the query log.Printf("SecretsGetAllowedForGroup query string : '%s'\nArguments:%+v\n", query, queryArgs) @@ -174,18 +175,6 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) { debugPrint := printStructContents(&r, 0) log.Println(debugPrint) - /* - // Decrypt the secret - _, err = r.DecryptSecret() - if err != nil { - //log.Printf("GetSecret unable to decrypt stored secret '%v' : '%s'\n", r.Secret, err) - log.Printf("SecretsGetAllowedForGroup unable to decrypt stored secret : '%s'\n", err) - return secretResults, err - } else { - secretResults = append(secretResults, r) - } - */ - // Don't decrypt the secrets in the results of this query secretResults = append(secretResults, r) }