This commit is contained in:
@@ -46,7 +46,7 @@ func (s *Secret) SaveSecret() (*Secret, error) {
|
||||
return s, nil
|
||||
}
|
||||
|
||||
// TODO - use this function when user has access to multiple safes
|
||||
// SecretsGetMultipleSafes queries the specified safes for matching secrets
|
||||
func SecretsGetMultipleSafes(s *Secret, adminRole bool, safeIds []int) ([]Secret, error) {
|
||||
var err error
|
||||
var secretResults []Secret
|
||||
@@ -62,22 +62,29 @@ func SecretsGetMultipleSafes(s *Secret, adminRole bool, safeIds []int) ([]Secret
|
||||
rows, err := db.Queryx(query, args)
|
||||
*/
|
||||
|
||||
// Generate placeholders for the IN clause to match multiple SafeId values
|
||||
placeholders := make([]string, len(safeIds))
|
||||
for i := range safeIds {
|
||||
placeholders[i] = "?"
|
||||
}
|
||||
placeholderStr := strings.Join(placeholders, ",")
|
||||
|
||||
query := fmt.Sprintf("SELECT * FROM secrets WHERE SafeId IN (%s) ", placeholderStr)
|
||||
args := []interface{}{}
|
||||
var query string
|
||||
if adminRole {
|
||||
// No need to limit query to any safe
|
||||
query = "SELECT * FROM secrets WHERE 1=1 "
|
||||
} else {
|
||||
// Generate placeholders for the IN clause to match multiple SafeId values
|
||||
placeholders := make([]string, len(safeIds))
|
||||
for i := range safeIds {
|
||||
placeholders[i] = "?"
|
||||
}
|
||||
placeholderStr := strings.Join(placeholders, ",")
|
||||
|
||||
// Add the Safe Ids
|
||||
for _, g := range safeIds {
|
||||
args = append(args, g)
|
||||
// Create query with the necessary placeholders
|
||||
query = fmt.Sprintf("SELECT * FROM secrets WHERE SafeId IN (%s) ", placeholderStr)
|
||||
|
||||
// Add the Safe Ids to the arguments list
|
||||
for _, g := range safeIds {
|
||||
args = append(args, g)
|
||||
}
|
||||
}
|
||||
|
||||
// Add any other parameters
|
||||
// Add any other arguments to the query if they were specified
|
||||
if s.DeviceName != "" {
|
||||
query += " AND DeviceName LIKE ? "
|
||||
args = append(args, s.DeviceName)
|
||||
@@ -93,16 +100,6 @@ func SecretsGetMultipleSafes(s *Secret, adminRole bool, safeIds []int) ([]Secret
|
||||
args = append(args, s.UserName)
|
||||
}
|
||||
|
||||
/*
|
||||
// Construct the query
|
||||
query := fmt.Sprintf("SELECT * FROM users WHERE username = ? AND group IN (%s)", placeholderStr)
|
||||
args := make([]interface{}, 0, len(groups)+1)
|
||||
args = append(args, username)
|
||||
for _, g := range safeIds {
|
||||
args = append(args, g)
|
||||
}
|
||||
*/
|
||||
|
||||
// Execute the query
|
||||
rows, err := db.Queryx(query, args...)
|
||||
|
||||
|
||||
@@ -364,8 +364,7 @@ func UserGetSafesAllowed(userId int) ([]UserSafe, error) {
|
||||
INNER JOIN groups ON users.GroupId = groups.GroupId
|
||||
INNER JOIN permissions ON groups.GroupId = permissions.GroupId
|
||||
INNER JOIN safes on permissions.SafeId = safes.SafeId
|
||||
WHERE users.UserId=?"
|
||||
`, userId)
|
||||
WHERE users.UserId=?`, userId)
|
||||
if err != nil {
|
||||
log.Printf("UserGetSafesAllowed error executing sql record : '%s'\n", err)
|
||||
return results, err
|
||||
|
||||
Reference in New Issue
Block a user