This commit is contained in:
36
README.md
36
README.md
@@ -325,7 +325,7 @@ This operation can only be performed by a user that is admin enabled, or that is
|
||||
|
||||
### Secrets Operations
|
||||
|
||||
#### Store
|
||||
#### Store Secret
|
||||
**POST** `/api/secret/add`
|
||||
|
||||
Store secret if user only has access to a single safe
|
||||
@@ -358,7 +358,7 @@ If a secret exists with a matching deviceName and deviceCategory in a safe that
|
||||
|
||||
If the current user has access to multiple safes, then the destination safeId will also need to be specified.
|
||||
|
||||
#### Retrieve
|
||||
#### Get Secret
|
||||
**POST** `/api/secret/get`
|
||||
|
||||
Body
|
||||
@@ -377,7 +377,7 @@ Body
|
||||
}
|
||||
```
|
||||
|
||||
Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
|
||||
Must be logged in to execute this command. Only secrets that the logged in user has access to can be retrieved.
|
||||
|
||||
Either deviceName or deviceCategory can be specified (or both). Wildcards are supported for both deviceName and deviceCategory fields. userName can also be specified in conjunction with deviceName or deviceCategory.
|
||||
1. The percent sign % wildcard matches any sequence of zero or more characters.
|
||||
@@ -399,7 +399,7 @@ Must be logged in to execute this command. Only secrets registered with the curr
|
||||
Search for a secret specified by deviceCategory using a GET request.
|
||||
Must be logged in to execute this command. Only secrets registered with the current user's RoleId can be retrieved.
|
||||
|
||||
#### Update
|
||||
#### Update Secret
|
||||
**POST** `/api/secret/update`
|
||||
|
||||
Update secret value for existing secret record
|
||||
@@ -431,10 +431,36 @@ The values specified in deviceName and deviceCategory must match exactly one exi
|
||||
|
||||
If a user has read-write access to multiple safes, then specifying a different safeId to the one currently holding the secret will allow the secret to be moved into the other safe.
|
||||
|
||||
#### List
|
||||
#### List Secrets
|
||||
|
||||
**GET** `/api/secret/list`
|
||||
|
||||
Will generate a list of secrets with their secretId, userName, deviceCategory and deviceName fields, but not secret data. Only secrets belonging to safes that are accessible by the currently logged in user will be returned
|
||||
|
||||
#### Delete Secret
|
||||
|
||||
**POST** `/api/secret/delete`
|
||||
|
||||
|
||||
Body
|
||||
```
|
||||
{
|
||||
"deviceName": "device.example.com",
|
||||
"deviceCategory": "",
|
||||
"userName": "example-user"
|
||||
}
|
||||
```
|
||||
|
||||
Body
|
||||
```
|
||||
{
|
||||
"secretId": 29
|
||||
}
|
||||
```
|
||||
|
||||
Deletes specified secret. User must have read-write access to the safe the secret is stored in.
|
||||
|
||||
Secret can be specified either by the secretId, or a unique combination of deviceName, deviceCategory and userName.
|
||||
|
||||
## Database Schema
|
||||
|
||||
Reference in New Issue
Block a user