From 5920db48d8faff0781d29b491108d63e4a98e038 Mon Sep 17 00:00:00 2001 From: Nathan Coad Date: Fri, 12 Jan 2024 15:09:21 +1100 Subject: [PATCH] update docs --- README.md | 56 +++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 50 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index f6fed86..d69b13b 100644 --- a/README.md +++ b/README.md @@ -272,6 +272,50 @@ Deletes an existing group. Either group name or group Id can be specified. If bo Deleting a group will also impact all permissions based on that group. For that reason, permissions should be removed before a group is deleted. +### Safes Operations + +#### List +**GET** `/api/safe/list` + +This operation lists all the safes that the currently logged in user has access to. + +#### List All +**GET** `/api/admin/safe/listall` + +This operation lists all the safes defined in the database. This operation can only be performed by a user that is admin enabled, or that is a member of a group that is admin enabled. + +#### Create Safe + +**POST** `/api/admin/safe/add` + +Create a new safe + +Body +``` +{ + "safeName":"Example second safe" +} +``` + +This operation creates a new safe in the database. The operation returns details of the created safe, including the allocated safeId. This operation can only be performed by a user that is admin enabled, or that is a member of a group that is admin enabled. + +#### Delete Safe + +**POST** `/api/admin/safe/delete` + +Delete an existing safe + +Body +``` +{ + "safeName":"Example second safe" +} +``` + +This operation deletes a safe defined in the database. If the safe contained any secrets, they are now inaccessible except to a user that is admin enabled. It is recommended that any secrets stored within the safe are moved to a different safe via the `/api/secret/update` API endpoint. + +This operation can only be performed by a user that is admin enabled, or that is a member of a group that is admin enabled. + ### Secrets Operations #### Store @@ -308,9 +352,9 @@ If a secret exists with a matching deviceName and deviceCategory in a safe that If the current user has access to multiple safes, then the destination safeId will also need to be specified. #### Retrieve -POST `/api/secret/get` +**POST** `/api/secret/get` -Data +Body ``` { "deviceName": "", @@ -327,14 +371,14 @@ Either deviceName or deviceCategory can be specified (or both). Wildcards are su #### Search by device name -GET `/api/secret/retrieve/name/` +**GET** `/api/secret/retrieve/name/` Search for a secret specified by deviceName using a GET request. Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved. #### Search by device category -GET `/api/secret/retrieve/category/` +**GET** `/api/secret/retrieve/category/` Search for a secret specified by deviceCategory using a GET request. Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved. @@ -372,9 +416,9 @@ The values specified in deviceName and deviceCategory must match exactly one exi If a user has read-write access to multiple safes, then specifying a different safeId to the one currently holding the secret will allow the secret to be moved into the other safe. #### List -GET `/api/secret/list` +**GET** `/api/secret/list` -Will generate a list of device names and categories but not secret data. +Will generate a list of secrets with their secretId, userName, deviceCategory and deviceName fields, but not secret data. Only secrets belonging to safes that are accessible by the currently logged in user will be returned ## Database Schema ![Diagram](www/database.png) \ No newline at end of file