nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

remove artificial restriction on multiple secret retrieval
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-22 16:27:06 +11:00
parent abaa291a14
commit 9f0dafd4fd
1 changed files with 39 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
controllers/retrieveSecrets.go
View File

@@ -107,30 +107,9 @@ func RetrieveSecretByUsername(c *gin.Context) {
} }
func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) { func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
/*
// Get the user and role id of the requestor
u, err := models.UserGetRoleFromToken(c)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
s.RoleId = u.RoleId
results, err := models.GetSecrets(s, false)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
*/
var UserId int var UserId int
var results []models.Secret var results []models.Secret
/*
user_id, err := token.ExtractTokenID(c)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
return
}
*/
// Get userId that we stored in the context earlier // Get userId that we stored in the context earlier
if val, ok := c.Get("user-id"); !ok { if val, ok := c.Get("user-id"); !ok {
c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"}) c.JSON(http.StatusBadRequest, gin.H{"error": "error determining user"})
@@ -171,26 +150,47 @@ func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
return return
} }
if len(results) == 1 { if len(results) == 0 {
// Create audit record
a := models.Audit{
UserId: UserId,
SecretId: results[0].SecretId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Retrieved Secret Id %d", results[0].SecretId),
}
a.AuditLogAdd()
// output results as json
c.JSON(http.StatusOK, gin.H{"message": "success", "data": results})
} else if len(results) > 1 {
c.JSON(http.StatusBadRequest, gin.H{"error": "found multiple matching secrets"})
return
} else {
c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"}) c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"})
return return
} }
// Create audit record for results
for i := range results {
a := models.Audit{
UserId: UserId,
SecretId: results[i].SecretId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Retrieved Secret Id %d", results[i].SecretId),
}
a.AuditLogAdd()
}
// output results as json
c.JSON(http.StatusOK, gin.H{"message": "success", "data": results, "count": len(results)})
/*
if len(results) == 1 {
// Create audit record
a := models.Audit{
UserId: UserId,
SecretId: results[0].SecretId,
IpAddress: c.ClientIP(),
EventText: fmt.Sprintf("Retrieved Secret Id %d", results[0].SecretId),
}
a.AuditLogAdd()
// output results as json
c.JSON(http.StatusOK, gin.H{"message": "success", "data": results})
} else if len(results) > 1 {
c.JSON(http.StatusBadRequest, gin.H{"error": "found multiple matching secrets"})
return
} else {
c.JSON(http.StatusBadRequest, gin.H{"error": "found no matching secrets"})
return
}
*/
} }
func ListSecrets(c *gin.Context) { func ListSecrets(c *gin.Context) {