updates

2023-04-03 11:04:52 +10:00
parent 8432286101
commit c229e93103
6 changed files with 86 additions and 2 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/README.md
+++ b/README.md
@@ -81,5 +81,34 @@ Data
 ### Secrets Operations

 #### Store
+POST `/api/secret/store`
+
+```
+{
+    "deviceName": "",
+    "deviceCategory": "",
+    "userName": "",
+    "secretValue": ""
+}
+```
+
+Must be logged in to execute this command. Role of current user cannot be a ReadOnly role. Secret will be stored with the RoleId of the currently logged in user. Either deviceName or deviceCategory can be blank but not both.
+
 #### Retrieve
-#### Update
+GET `/api/secret/retrieve`
+
+Data
+```
+{
+    "deviceName": "",
+    "deviceCategory": ""
+}
+```
+
+Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
+
+Either deviceName or deviceCategory can be specified (or both). Wildcards are supported.
+1. The percent sign % wildcard matches any sequence of zero or more characters.
+2. The underscore _ wildcard matches any single character.
+
+#### Update
--- a/controllers/auth.go
+++ b/controllers/auth.go
@@ -123,3 +123,15 @@ func CurrentUser(c *gin.Context) {

 	c.JSON(http.StatusOK, gin.H{"message": "success", "data": u})
 }
+
+func GetRoles(c *gin.Context) {
+	roles, err := models.QueryRoles()
+
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"message": "success", "data": roles})
+
+}
--- a/controllers/store_secrets.go
+++ b/controllers/store_secrets.go
@@ -42,6 +42,11 @@ func StoreSecret(c *gin.Context) {
 		s.RoleId = 1
 	}

+	if input.DeviceCategory == "" && input.DeviceName == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "cannot store secret with empty deviceName and empty deviceCategory"})
+		return
+	}
+
 	// If this secret already exists in the database then generate an error
 	checkExists, err := models.GetSecrets(&s)
 	if err != nil {
--- a/main.go
+++ b/main.go
@@ -121,10 +121,11 @@ func main() {
 	public := router.Group("/api")
 	public.POST("/login", controllers.Login)

-	// TODO - this should be an authenticated route
+	// API calls that only an administrator can make
 	adminOnly := router.Group("/api/admin")
 	adminOnly.Use(middlewares.JwtAuthAdminMiddleware())
 	adminOnly.POST("/register", controllers.Register)
+	adminOnly.GET("/roles", controllers.GetRoles)

 	// Get secrets
 	protected := router.Group("/api/secret")
--- a/models/role.go
+++ b/models/role.go
@@ -0,0 +1,37 @@
+package models
+
+import "fmt"
+
+type Role struct {
+	RoleId   int    `db:"RoleId"`
+	RoleName string `db:"RoleName"`
+	ReadOnly bool   `db:"ReadOnly"`
+	Admin    bool   `db:"Admin"`
+}
+
+func QueryRoles() ([]Role, error) {
+	var results []Role
+
+	// Query database for role definitions
+	rows, err := db.Queryx("SELECT * FROM roles")
+
+	if err != nil {
+		fmt.Printf("QueryRoles error executing sql record : '%s'\n", err)
+		return results, err
+	} else {
+		// parse all the results into a slice
+		for rows.Next() {
+			var r Role
+			err = rows.StructScan(&r)
+			if err != nil {
+				fmt.Printf("QueryRoles error parsing sql record : '%s'\n", err)
+				return results, err
+			}
+			results = append(results, r)
+
+		}
+		fmt.Printf("QueryRoles retrieved '%d' results\n", len(results))
+	}
+
+	return results, nil
+}