nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

updates

Browse Source
This commit is contained in:
Nathan Coad
2023-04-03 11:04:52 +10:00
parent 8432286101
commit c229e93103
6 changed files with 86 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

31
README.md
View File

@@ -81,5 +81,34 @@ Data
### Secrets Operations ### Secrets Operations
#### Store #### Store
POST `/api/secret/store`
```
{
"deviceName": "",
"deviceCategory": "",
"userName": "",
"secretValue": ""
}
```
Must be logged in to execute this command. Role of current user cannot be a ReadOnly role. Secret will be stored with the RoleId of the currently logged in user. Either deviceName or deviceCategory can be blank but not both.
#### Retrieve #### Retrieve
#### Update GET `/api/secret/retrieve`
Data
```
{
"deviceName": "",
"deviceCategory": ""
}
```
Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
Either deviceName or deviceCategory can be specified (or both). Wildcards are supported.
1. The percent sign % wildcard matches any sequence of zero or more characters.
2. The underscore _ wildcard matches any single character.
#### Update

12
controllers/auth.go
View File

@@ -123,3 +123,15 @@ func CurrentUser(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"message": "success", "data": u}) c.JSON(http.StatusOK, gin.H{"message": "success", "data": u})
} }
func GetRoles(c *gin.Context) {
roles, err := models.QueryRoles()
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{"message": "success", "data": roles})
}

5
controllers/store_secrets.go
View File

@@ -42,6 +42,11 @@ func StoreSecret(c *gin.Context) {
s.RoleId = 1 s.RoleId = 1
} }
if input.DeviceCategory == "" && input.DeviceName == "" {
c.JSON(http.StatusBadRequest, gin.H{"error": "cannot store secret with empty deviceName and empty deviceCategory"})
return
}
// If this secret already exists in the database then generate an error // If this secret already exists in the database then generate an error
checkExists, err := models.GetSecrets(&s) checkExists, err := models.GetSecrets(&s)
if err != nil { if err != nil {

3
main.go
View File

@@ -121,10 +121,11 @@ func main() {
public := router.Group("/api") public := router.Group("/api")
public.POST("/login", controllers.Login) public.POST("/login", controllers.Login)
// TODO - this should be an authenticated route // API calls that only an administrator can make
adminOnly := router.Group("/api/admin") adminOnly := router.Group("/api/admin")
adminOnly.Use(middlewares.JwtAuthAdminMiddleware()) adminOnly.Use(middlewares.JwtAuthAdminMiddleware())
adminOnly.POST("/register", controllers.Register) adminOnly.POST("/register", controllers.Register)
adminOnly.GET("/roles", controllers.GetRoles)
// Get secrets // Get secrets
protected := router.Group("/api/secret") protected := router.Group("/api/secret")

37
models/role.go Normal file
View File

@@ -0,0 +1,37 @@
package models
import "fmt"
type Role struct {
RoleId int `db:"RoleId"`
RoleName string `db:"RoleName"`
ReadOnly bool `db:"ReadOnly"`
Admin bool `db:"Admin"`
}
func QueryRoles() ([]Role, error) {
var results []Role
// Query database for role definitions
rows, err := db.Queryx("SELECT * FROM roles")
if err != nil {
fmt.Printf("QueryRoles error executing sql record : '%s'\n", err)
return results, err
} else {
// parse all the results into a slice
for rows.Next() {
var r Role
err = rows.StructScan(&r)
if err != nil {
fmt.Printf("QueryRoles error parsing sql record : '%s'\n", err)
return results, err
}
results = append(results, r)
}
fmt.Printf("QueryRoles retrieved '%d' results\n", len(results))
}
return results, nil
}