nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

allow use of secretId when performing operations on secrets
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-16 16:08:40 +11:00
parent c99ffa8368
commit 498dd9a8c3
4 changed files with 38 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@@ -357,9 +357,16 @@ If the current user has access to multiple safes, then the destination safeId wi
Body Body
``` ```
{ {
"deviceName": "", "deviceName": "device.example.com",
"deviceCategory": "", "deviceCategory": "",
"userName": "" "userName": "example-user"
}
```
Body
```
{
"secretId": 29
} }
``` ```
@@ -369,6 +376,8 @@ Either deviceName or deviceCategory can be specified (or both). Wildcards are su
1. The percent sign % wildcard matches any sequence of zero or more characters. 1. The percent sign % wildcard matches any sequence of zero or more characters.
2. The underscore _ wildcard matches any single character. 2. The underscore _ wildcard matches any single character.
If the secretId is known, that can also be used to query for the secret. In this case the secretId uniquely identifies the secret so no other parameters are necessary.
#### Search by device name #### Search by device name
**GET** `/api/secret/retrieve/name/<searchname>` **GET** `/api/secret/retrieve/name/<searchname>`

6
controllers/retrieveSecrets.go
View File

@@ -10,6 +10,7 @@ import (
) )
type RetrieveInput struct { type RetrieveInput struct {
SecretId int `json:"secretId"`
DeviceName string `json:"deviceName"` DeviceName string `json:"deviceName"`
DeviceCategory string `json:"deviceCategory"` DeviceCategory string `json:"deviceCategory"`
UserName string `json:"userName"` UserName string `json:"userName"`
@@ -49,11 +50,14 @@ func RetrieveSecret(c *gin.Context) {
// Populate fields // Populate fields
s := models.Secret{} s := models.Secret{}
//s.RoleId = u.RoleId
s.DeviceName = input.DeviceName s.DeviceName = input.DeviceName
s.DeviceCategory = input.DeviceCategory s.DeviceCategory = input.DeviceCategory
s.UserName = input.UserName s.UserName = input.UserName
if input.SecretId > 0 {
s.SecretId = input.SecretId
}
retrieveSpecifiedSecret(&s, c) retrieveSpecifiedSecret(&s, c)
} }

5
controllers/storeSecrets.go
View File

@@ -14,6 +14,7 @@ import (
type SecretInput struct { type SecretInput struct {
SafeId int `json:"safeId"` SafeId int `json:"safeId"`
SafeName string `json:"safeName"` SafeName string `json:"safeName"`
SecretId int `json:"secretId"`
DeviceName string `json:"deviceName"` DeviceName string `json:"deviceName"`
DeviceCategory string `json:"deviceCategory"` DeviceCategory string `json:"deviceCategory"`
UserName string `json:"userName"` UserName string `json:"userName"`
@@ -402,6 +403,10 @@ func DeleteSecret(c *gin.Context) {
// Populate fields // Populate fields
s := models.Secret{} s := models.Secret{}
if input.SecretId > 0 {
s.SecretId = input.SecretId
}
s.UserName = input.UserName s.UserName = input.UserName
s.DeviceName = input.DeviceName s.DeviceName = input.DeviceName
s.DeviceCategory = input.DeviceCategory s.DeviceCategory = input.DeviceCategory

24
models/secret.go
View File

@@ -88,6 +88,11 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
queryArgs = append(queryArgs, userId) queryArgs = append(queryArgs, userId)
// Add any other arguments to the query if they were specified // Add any other arguments to the query if they were specified
if s.SecretId > 0 {
query += " AND SecretId = ? "
queryArgs = append(queryArgs, s.SecretId)
}
if s.DeviceName != "" { if s.DeviceName != "" {
query += " AND DeviceName LIKE ? " query += " AND DeviceName LIKE ? "
queryArgs = append(queryArgs, s.DeviceName) queryArgs = append(queryArgs, s.DeviceName)
@@ -175,7 +180,7 @@ func SecretsGetFromMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
var err error var err error
var secretResults []Secret var secretResults []Secret
args := []interface{}{} queryArgs := []interface{}{}
var query string var query string
// Generate placeholders for the IN clause to match multiple SafeId values // Generate placeholders for the IN clause to match multiple SafeId values
placeholders := make([]string, len(safeIds)) placeholders := make([]string, len(safeIds))
@@ -189,28 +194,33 @@ func SecretsGetFromMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
// Add the Safe Ids to the arguments list // Add the Safe Ids to the arguments list
for _, g := range safeIds { for _, g := range safeIds {
args = append(args, g) queryArgs = append(queryArgs, g)
} }
// Add any other arguments to the query if they were specified // Add any other arguments to the query if they were specified
if s.SecretId > 0 {
query += " AND SecretId = ? "
queryArgs = append(queryArgs, s.SecretId)
}
if s.DeviceName != "" { if s.DeviceName != "" {
query += " AND DeviceName LIKE ? " query += " AND DeviceName LIKE ? "
args = append(args, s.DeviceName) queryArgs = append(queryArgs, s.DeviceName)
} }
if s.DeviceCategory != "" { if s.DeviceCategory != "" {
query += " AND DeviceCategory LIKE ? " query += " AND DeviceCategory LIKE ? "
args = append(args, s.DeviceCategory) queryArgs = append(queryArgs, s.DeviceCategory)
} }
if s.UserName != "" { if s.UserName != "" {
query += " AND UserName LIKE ? " query += " AND UserName LIKE ? "
args = append(args, s.UserName) queryArgs = append(queryArgs, s.UserName)
} }
// Execute the query // Execute the query
log.Printf("SecretsGetMultipleSafes query string :\n'%s'\nQuery Args : %+v\n", query, args) log.Printf("SecretsGetMultipleSafes query string :\n'%s'\nQuery Args : %+v\n", query, queryArgs)
rows, err := db.Queryx(query, args...) rows, err := db.Queryx(query, queryArgs...)
if err != nil { if err != nil {
log.Printf("SecretsGetMultipleSafes error executing sql record : '%s'\n", err) log.Printf("SecretsGetMultipleSafes error executing sql record : '%s'\n", err)