From 969d1ca8d0199d90e5c4789fe89e350a1192b0ae Mon Sep 17 00:00:00 2001
From: Nathan Coad <nathan@thecoads.com>
Date: Wed, 5 Apr 2023 11:37:26 +1000
Subject: [PATCH] logic fix

---
 controllers/retrieve_secrets.go | 12 ++----------
 models/secret.go                |  2 +-
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/controllers/retrieve_secrets.go b/controllers/retrieve_secrets.go
index 1c0f0a1..21733fa 100644
--- a/controllers/retrieve_secrets.go
+++ b/controllers/retrieve_secrets.go
@@ -48,11 +48,7 @@ func RetrieveSecret(c *gin.Context) {
 	s.DeviceCategory = input.DeviceCategory
 
 	// Don't apply a role filter if user has admin role
-	if u.Admin {
-		results, err = models.GetSecrets(&s, false)
-	} else {
-		results, err = models.GetSecrets(&s, true)
-	}
+	results, err = models.GetSecrets(&s, u.Admin)
 
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
@@ -138,11 +134,7 @@ func ListSecrets(c *gin.Context) {
 	}
 
 	// If user is admin then list everything, otherwise only list for current role
-	if u.Admin {
-		results, err = models.GetSecrets(&models.Secret{}, false)
-	} else {
-		results, err = models.GetSecrets(&models.Secret{RoleId: u.RoleId}, true)
-	}
+	results, err = models.GetSecrets(&models.Secret{RoleId: u.RoleId}, u.Admin)
 
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
diff --git a/models/secret.go b/models/secret.go
index ac27752..611a055 100644
--- a/models/secret.go
+++ b/models/secret.go
@@ -50,7 +50,7 @@ func GetSecrets(s *Secret, adminRole bool) ([]Secret, error) {
 	var rows *sqlx.Rows
 	var secretResults []Secret
 
-	log.Printf("GetSecret querying values '%v'\n", s)
+	log.Printf("GetSecret querying values '%v' with admin role '%v'\n", s, adminRole)
 
 	// Admin roles should be able to access all secrets so don't do any filter based on RoleId
 	if adminRole {