add search by username
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
15
README.md
15
README.md
@@ -80,6 +80,10 @@ WantedBy=multi-user.target
|
||||
```
|
||||
## API Usage
|
||||
|
||||
API calls should return http status code of **200** if successful, or **4xx** if unsuccessful. API calls that are unsuccessful will also include a JSON response with the key `error` and a value of the reason for the failure. Successful API calls will include a `message` key with a value of either success or something more detailed such as "user deletion success"
|
||||
|
||||
API calls that create or modify a record will include the created/updated record in the JSON response.
|
||||
|
||||
### Login
|
||||
**POST** `/api/login`
|
||||
|
||||
@@ -390,14 +394,21 @@ If the secretId is known, that can also be used to query for the secret. In this
|
||||
**GET** `/api/secret/retrieve/name/<searchname>`
|
||||
|
||||
Search for a secret specified by deviceName using a GET request.
|
||||
Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
|
||||
Must be logged in to execute this command. Only secrets in safes that the current user can access can be retrieved.
|
||||
|
||||
#### Search by device category
|
||||
|
||||
**GET** `/api/secret/retrieve/category/<searchname>`
|
||||
|
||||
Search for a secret specified by deviceCategory using a GET request.
|
||||
Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
|
||||
Must be logged in to execute this command. Only secrets in safes that the current user can access can be retrieved.
|
||||
|
||||
#### Search by username
|
||||
|
||||
**GET** `/api/secret/retrieve/user/<searchname>`
|
||||
|
||||
Search for a secret specified by userName using a GET request.
|
||||
Must be logged in to execute this command. Only secrets in safes that the current user can access can be retrieved.
|
||||
|
||||
#### Update Secret
|
||||
**POST** `/api/secret/update`
|
||||
|
||||
@@ -92,6 +92,20 @@ func RetrieveSecretByDevicecategory(c *gin.Context) {
|
||||
retrieveSpecifiedSecret(&s, c)
|
||||
}
|
||||
|
||||
func RetrieveSecretByUsername(c *gin.Context) {
|
||||
userName := c.Param("username")
|
||||
|
||||
if userName == "" {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": "no username value specified"})
|
||||
return
|
||||
}
|
||||
|
||||
// Create object based on specified data
|
||||
s := models.Secret{UserName: userName}
|
||||
|
||||
retrieveSpecifiedSecret(&s, c)
|
||||
}
|
||||
|
||||
func retrieveSpecifiedSecret(s *models.Secret, c *gin.Context) {
|
||||
/*
|
||||
// Get the user and role id of the requestor
|
||||
|
||||
4
main.go
4
main.go
@@ -270,6 +270,9 @@ func main() {
|
||||
// Other functions for admin
|
||||
adminOnly.POST("/unlock", controllers.Unlock)
|
||||
adminOnly.GET("/logs", controllers.GetAuditLogsHandler)
|
||||
// TODO
|
||||
//adminOnly.GET("/logs/secret/:id", controllers.GetAuditLogsBySecretHandler)
|
||||
//adminOnly.GET("/logs/user/:id", controllers.GetAuditLogsByUserHandler)
|
||||
|
||||
// Get secrets
|
||||
secretRoutes := router.Group("/api/secret")
|
||||
@@ -293,6 +296,7 @@ func main() {
|
||||
// See https://gin-gonic.com/docs/examples/param-in-path/
|
||||
secretRoutes.GET("/retrieve/name/:devicename", controllers.RetrieveSecretByDevicename)
|
||||
secretRoutes.GET("/retrieve/category/:devicecategory", controllers.RetrieveSecretByDevicecategory)
|
||||
secretRoutes.GET("/retrieve/user/:username", controllers.RetrieveSecretByUsername)
|
||||
|
||||
// Initializing the server in a goroutine so that
|
||||
// it won't block the graceful shutdown handling below
|
||||
|
||||
Reference in New Issue
Block a user