i think it works now!

models/secret.go

@@ -29,7 +29,7 @@ type Secret struct {
 type UserSecret struct {
 	User
 	Secret
-	Group
+	//Group
 	Permission
 }
 
@@ -101,13 +101,14 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
 
 	// Query for group access
 	queryArgs := []interface{}{}
-	query := `SELECT users.*, permissions.ReadOnly,
+	query := `
-	secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName, secrets.Secret
+		SELECT users.UserId, permissions.ReadOnly,
-	FROM users
+		secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName
-	INNER JOIN groups ON users.GroupId = groups.GroupId
+		FROM users
-	INNER JOIN permissions ON groups.GroupId = permissions.GroupId
+		INNER JOIN groups ON users.GroupId = groups.GroupId
-	INNER JOIN secrets on secrets.SafeId = permissions.SafeId
+		INNER JOIN permissions ON groups.GroupId = permissions.GroupId
-	WHERE users.UserId = ? `
+		INNER JOIN secrets on secrets.SafeId = permissions.SafeId
+		WHERE users.UserId = ? `
 	queryArgs = append(queryArgs, userId)
 
 	// Add any other arguments to the query if they were specified
@@ -125,34 +126,34 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
 		query += " AND secrets.UserName LIKE ? "
 		queryArgs = append(queryArgs, s.UserName)
 	}
-	/*
+
-		// Query for user access
+	// Query for user access
-		query += `
+	query += `
 		UNION
-		SELECT users.UserId, users.GroupId, permissions.ReadOnly, safes.SafeName, secrets.*
+		SELECT users.UserId, permissions.ReadOnly,
+		secrets.SecretId, secrets.SafeId, secrets.DeviceName, secrets.DeviceCategory, secrets.UserName
 		FROM users
 		INNER JOIN permissions ON users.UserId = permissions.UserId
 		INNER JOIN safes on permissions.SafeId = safes.SafeId
 		INNER JOIN secrets on secrets.SafeId = safes.SafeId
 		WHERE users.UserId = ?`
-		queryArgs = append(queryArgs, userId)
+	queryArgs = append(queryArgs, userId)
 
-		// Add any other arguments to the query if they were specified
+	// Add any other arguments to the query if they were specified
-		if s.DeviceName != "" {
+	if s.DeviceName != "" {
-			query += " AND DeviceName LIKE ? "
+		query += " AND DeviceName LIKE ? "
-			queryArgs = append(queryArgs, s.DeviceName)
+		queryArgs = append(queryArgs, s.DeviceName)
-		}
+	}
 
-		if s.DeviceCategory != "" {
+	if s.DeviceCategory != "" {
-			query += " AND DeviceCategory LIKE ? "
+		query += " AND DeviceCategory LIKE ? "
-			queryArgs = append(queryArgs, s.DeviceCategory)
+		queryArgs = append(queryArgs, s.DeviceCategory)
-		}
+	}
 
-		if s.UserName != "" {
+	if s.UserName != "" {
-			query += " AND secrets.UserName LIKE ? "
+		query += " AND secrets.UserName LIKE ? "
-			queryArgs = append(queryArgs, s.UserName)
+		queryArgs = append(queryArgs, s.UserName)
-		}
+	}
-	*/
 
 	// Execute the query
 	log.Printf("SecretsGetAllowedForGroup query string : '%s'\nArguments:%+v\n", query, queryArgs)
@@ -174,18 +175,6 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
 			debugPrint := printStructContents(&r, 0)
 			log.Println(debugPrint)
 
-			/*
-				// Decrypt the secret
-				_, err = r.DecryptSecret()
-				if err != nil {
-					//log.Printf("GetSecret unable to decrypt stored secret '%v' : '%s'\n", r.Secret, err)
-					log.Printf("SecretsGetAllowedForGroup unable to decrypt stored secret : '%s'\n", err)
-					return secretResults, err
-				} else {
-					secretResults = append(secretResults, r)
-				}
-			*/
-
 			// Don't decrypt the secrets in the results of this query
 			secretResults = append(secretResults, r)
 		}