From b401096887e9e324390360edc8ebead4a1fbf0d4 Mon Sep 17 00:00:00 2001 From: vishalnayak Date: Fri, 3 Jun 2016 16:34:59 -0400 Subject: [PATCH] Added listing of app and group secrets --- builtin/credential/appgroup/path_app.go | 29 +++++++++++++++++++++++ builtin/credential/appgroup/path_group.go | 29 +++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/builtin/credential/appgroup/path_app.go b/builtin/credential/appgroup/path_app.go index ef518da2c958e..8f70fc84a0c95 100644 --- a/builtin/credential/appgroup/path_app.go +++ b/builtin/credential/appgroup/path_app.go @@ -251,6 +251,7 @@ func appPaths(b *backend) []*framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathAppSecretIDRead, + logical.ListOperation: b.pathAppSecretIDList, }, HelpSynopsis: strings.TrimSpace(appHelp["app-secret-id"][0]), HelpDescription: strings.TrimSpace(appHelp["app-secret-id"][1]), @@ -299,6 +300,34 @@ func (b *backend) pathAppList( return logical.ListResponse(apps), nil } +// pathAppSecretIDList is used to list all the Apps registered with the backend. +func (b *backend) pathAppSecretIDList( + req *logical.Request, data *framework.FieldData) (*logical.Response, error) { + // Get the "custom" lock + lock := b.getSecretIDLock("") + lock.RLock() + defer lock.RUnlock() + + appName := data.Get("app_name").(string) + if appName == "" { + return logical.ErrorResponse("missing app_name"), nil + } + + app, err := b.appEntry(req.Storage, strings.ToLower(appName)) + if err != nil { + return nil, err + } + if app == nil { + return logical.ErrorResponse(fmt.Sprintf("app %s does not exist", appName)), nil + } + + secrets, err := req.Storage.List(fmt.Sprintf("secret_id/%s", b.salt.SaltID(app.SelectorID))) + if err != nil { + return nil, err + } + return logical.ListResponse(secrets), nil +} + // setAppEntry grabs a write lock and stores the options on an App into the storage func (b *backend) setAppEntry(s logical.Storage, appName string, app *appStorageEntry) error { b.appLock.Lock() diff --git a/builtin/credential/appgroup/path_group.go b/builtin/credential/appgroup/path_group.go index a2768609ae2ed..c978e3ce83741 100644 --- a/builtin/credential/appgroup/path_group.go +++ b/builtin/credential/appgroup/path_group.go @@ -290,6 +290,7 @@ addition to those, a set of policies can be assigned using this. }, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathGroupSecretIDRead, + logical.ListOperation: b.pathGroupSecretIDList, }, HelpSynopsis: strings.TrimSpace(groupHelp["group-secret-id"][0]), HelpDescription: strings.TrimSpace(groupHelp["group-secret-id"][1]), @@ -338,6 +339,34 @@ func (b *backend) pathGroupList( return logical.ListResponse(groups), nil } +// pathGroupSecretIDList is used to list all the Apps registered with the backend. +func (b *backend) pathGroupSecretIDList( + req *logical.Request, data *framework.FieldData) (*logical.Response, error) { + // Get the "custom" lock + lock := b.getSecretIDLock("") + lock.RLock() + defer lock.RUnlock() + + groupName := data.Get("group_name").(string) + if groupName == "" { + return logical.ErrorResponse("missing group_name"), nil + } + + group, err := b.appEntry(req.Storage, strings.ToLower(groupName)) + if err != nil { + return nil, err + } + if group == nil { + return logical.ErrorResponse(fmt.Sprintf("group %s does not exist", groupName)), nil + } + + secrets, err := req.Storage.List(fmt.Sprintf("secret_id/%s", b.salt.SaltID(group.SelectorID))) + if err != nil { + return nil, err + } + return logical.ListResponse(secrets), nil +} + // setAppEntry grabs a write lock and stores the options on a Group into the storage func (b *backend) setGroupEntry(s logical.Storage, groupName string, group *groupStorageEntry) error { b.groupLock.Lock()