allow use of secretId when performing operations on secrets
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
13
README.md
13
README.md
@@ -357,9 +357,16 @@ If the current user has access to multiple safes, then the destination safeId wi
|
||||
Body
|
||||
```
|
||||
{
|
||||
"deviceName": "",
|
||||
"deviceName": "device.example.com",
|
||||
"deviceCategory": "",
|
||||
"userName": ""
|
||||
"userName": "example-user"
|
||||
}
|
||||
```
|
||||
|
||||
Body
|
||||
```
|
||||
{
|
||||
"secretId": 29
|
||||
}
|
||||
```
|
||||
|
||||
@@ -369,6 +376,8 @@ Either deviceName or deviceCategory can be specified (or both). Wildcards are su
|
||||
1. The percent sign % wildcard matches any sequence of zero or more characters.
|
||||
2. The underscore _ wildcard matches any single character.
|
||||
|
||||
If the secretId is known, that can also be used to query for the secret. In this case the secretId uniquely identifies the secret so no other parameters are necessary.
|
||||
|
||||
#### Search by device name
|
||||
|
||||
**GET** `/api/secret/retrieve/name/<searchname>`
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
)
|
||||
|
||||
type RetrieveInput struct {
|
||||
SecretId int `json:"secretId"`
|
||||
DeviceName string `json:"deviceName"`
|
||||
DeviceCategory string `json:"deviceCategory"`
|
||||
UserName string `json:"userName"`
|
||||
@@ -49,11 +50,14 @@ func RetrieveSecret(c *gin.Context) {
|
||||
|
||||
// Populate fields
|
||||
s := models.Secret{}
|
||||
//s.RoleId = u.RoleId
|
||||
s.DeviceName = input.DeviceName
|
||||
s.DeviceCategory = input.DeviceCategory
|
||||
s.UserName = input.UserName
|
||||
|
||||
if input.SecretId > 0 {
|
||||
s.SecretId = input.SecretId
|
||||
}
|
||||
|
||||
retrieveSpecifiedSecret(&s, c)
|
||||
}
|
||||
|
||||
|
||||
@@ -14,6 +14,7 @@ import (
|
||||
type SecretInput struct {
|
||||
SafeId int `json:"safeId"`
|
||||
SafeName string `json:"safeName"`
|
||||
SecretId int `json:"secretId"`
|
||||
DeviceName string `json:"deviceName"`
|
||||
DeviceCategory string `json:"deviceCategory"`
|
||||
UserName string `json:"userName"`
|
||||
@@ -402,6 +403,10 @@ func DeleteSecret(c *gin.Context) {
|
||||
// Populate fields
|
||||
s := models.Secret{}
|
||||
|
||||
if input.SecretId > 0 {
|
||||
s.SecretId = input.SecretId
|
||||
}
|
||||
|
||||
s.UserName = input.UserName
|
||||
s.DeviceName = input.DeviceName
|
||||
s.DeviceCategory = input.DeviceCategory
|
||||
|
||||
@@ -88,6 +88,11 @@ func SecretsGetAllowed(s *Secret, userId int) ([]UserSecret, error) {
|
||||
queryArgs = append(queryArgs, userId)
|
||||
|
||||
// Add any other arguments to the query if they were specified
|
||||
if s.SecretId > 0 {
|
||||
query += " AND SecretId = ? "
|
||||
queryArgs = append(queryArgs, s.SecretId)
|
||||
}
|
||||
|
||||
if s.DeviceName != "" {
|
||||
query += " AND DeviceName LIKE ? "
|
||||
queryArgs = append(queryArgs, s.DeviceName)
|
||||
@@ -175,7 +180,7 @@ func SecretsGetFromMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
|
||||
var err error
|
||||
var secretResults []Secret
|
||||
|
||||
args := []interface{}{}
|
||||
queryArgs := []interface{}{}
|
||||
var query string
|
||||
// Generate placeholders for the IN clause to match multiple SafeId values
|
||||
placeholders := make([]string, len(safeIds))
|
||||
@@ -189,28 +194,33 @@ func SecretsGetFromMultipleSafes(s *Secret, safeIds []int) ([]Secret, error) {
|
||||
|
||||
// Add the Safe Ids to the arguments list
|
||||
for _, g := range safeIds {
|
||||
args = append(args, g)
|
||||
queryArgs = append(queryArgs, g)
|
||||
}
|
||||
|
||||
// Add any other arguments to the query if they were specified
|
||||
if s.SecretId > 0 {
|
||||
query += " AND SecretId = ? "
|
||||
queryArgs = append(queryArgs, s.SecretId)
|
||||
}
|
||||
|
||||
if s.DeviceName != "" {
|
||||
query += " AND DeviceName LIKE ? "
|
||||
args = append(args, s.DeviceName)
|
||||
queryArgs = append(queryArgs, s.DeviceName)
|
||||
}
|
||||
|
||||
if s.DeviceCategory != "" {
|
||||
query += " AND DeviceCategory LIKE ? "
|
||||
args = append(args, s.DeviceCategory)
|
||||
queryArgs = append(queryArgs, s.DeviceCategory)
|
||||
}
|
||||
|
||||
if s.UserName != "" {
|
||||
query += " AND UserName LIKE ? "
|
||||
args = append(args, s.UserName)
|
||||
queryArgs = append(queryArgs, s.UserName)
|
||||
}
|
||||
|
||||
// Execute the query
|
||||
log.Printf("SecretsGetMultipleSafes query string :\n'%s'\nQuery Args : %+v\n", query, args)
|
||||
rows, err := db.Queryx(query, args...)
|
||||
log.Printf("SecretsGetMultipleSafes query string :\n'%s'\nQuery Args : %+v\n", query, queryArgs)
|
||||
rows, err := db.Queryx(query, queryArgs...)
|
||||
|
||||
if err != nil {
|
||||
log.Printf("SecretsGetMultipleSafes error executing sql record : '%s'\n", err)
|
||||
|
||||
Reference in New Issue
Block a user