Examples with SanitizedSecretWithGroups keywhiz.api.model.SanitizedSecretWithGroups used on opensource projects

Example 1 with SanitizedSecretWithGroups

use of keywhiz.api.model.SanitizedSecretWithGroups in project keywhiz by square.

the class SecretControllerTest method getAllSecretsWithCursor.

/**
 * Get all secrets matching the given criteria, using the cursor.  (This verifies that even if
 * the cursor's implementation changes slightly, the underlying behavior remains the same).
 *
 * @param expireMaxTime the maximum expiration time to return
 * @param limit the maximum number of records to return per batch
 * @return a list of secrets matching the criteria above
 */
private List<SanitizedSecretWithGroups> getAllSecretsWithCursor(Long expireMaxTime, Integer limit) {
    List<SanitizedSecretWithGroups> allRetrievedSecrets = new ArrayList<>();
    SecretRetrievalCursor cursor = null;
    do {
        SanitizedSecretWithGroupsListAndCursor retrievedSecretsAndCursor = secretController.getSanitizedSecretsWithGroupsAndCursor(null, expireMaxTime, limit, cursor);
        cursor = retrievedSecretsAndCursor.decodedCursor();
        List<SanitizedSecretWithGroups> secrets = retrievedSecretsAndCursor.secrets();
        assertThat(secrets).isNotNull();
        if (limit != null) {
            assertThat(secrets.size()).isLessThanOrEqualTo(limit);
        }
        allRetrievedSecrets.addAll(secrets);
    } while (cursor != null);
    return allRetrievedSecrets;
}

Example 2 with SanitizedSecretWithGroups

use of keywhiz.api.model.SanitizedSecretWithGroups in project keywhiz by square.

the class SecretResourceTest method listExpiringV4HandlingCursor.

private List<SanitizedSecretWithGroups> listExpiringV4HandlingCursor(Long minTime, Long maxTime, Integer limit) throws Exception {
    List<SanitizedSecretWithGroups> allRetrievedSecrets = new ArrayList<>();
    SecretRetrievalCursor cursor = null;
    do {
        SanitizedSecretWithGroupsListAndCursor retrievedSecretsAndCursor = listExpiringV4(minTime, maxTime, limit, cursor);
        cursor = retrievedSecretsAndCursor.decodedCursor();
        List<SanitizedSecretWithGroups> secrets = retrievedSecretsAndCursor.secrets();
        assertThat(secrets).isNotNull();
        if (limit != null) {
            assertThat(secrets.size()).isLessThanOrEqualTo(limit);
        }
        allRetrievedSecrets.addAll(secrets);
    } while (cursor != null);
    return allRetrievedSecrets;
}

Example 3 with SanitizedSecretWithGroups

use of keywhiz.api.model.SanitizedSecretWithGroups in project keywhiz by square.

the class SecretController method getSanitizedSecretsWithGroupsAndCursor.

/**
 * @param expireMinTime timestamp for closest expiry to include (may be overridden by cursor)
 * @param expireMaxTime timestamp for farthest expiry to include
 * @param limit         limit on number of results to return
 * @param cursor        cursor to be used to enforce pagination
 * @return all existing sanitized secrets and their groups matching criteria.
 */
public SanitizedSecretWithGroupsListAndCursor getSanitizedSecretsWithGroupsAndCursor(@Nullable Long expireMinTime, @Nullable Long expireMaxTime, @Nullable Integer limit, @Nullable SecretRetrievalCursor cursor) {
    // Retrieve secrets based on the cursor (if provided).
    ImmutableList<SecretSeriesAndContent> secrets;
    // Retrieve one additional record to detect when information is missing
    Integer updatedLimit = null;
    if (limit != null) {
        updatedLimit = limit + 1;
    }
    if (cursor == null) {
        secrets = secretDAO.getSecrets(expireMaxTime, null, expireMinTime, null, updatedLimit);
    } else {
        secrets = secretDAO.getSecrets(expireMaxTime, null, cursor.expiry(), cursor.name(), updatedLimit);
    }
    // Set the cursor and strip the final record from the secrets if necessary
    SecretRetrievalCursor newCursor = null;
    if (limit != null && secrets.size() > limit) {
        // The name and expiry in the new cursor will be the first entry in the next set of results
        newCursor = SecretRetrievalCursor.of(secrets.get(limit).series().name(), secrets.get(limit).content().expiry());
        // Trim the last record from the list
        secrets = secrets.subList(0, limit);
    }
    Set<Long> secretIds = secrets.stream().map(s -> s.series().id()).collect(toSet());
    Map<Long, List<Group>> groupsForSecrets = aclDAO.getGroupsForSecrets(secretIds);
    List<SanitizedSecretWithGroups> secretsWithGroups = secrets.stream().map(s -> {
        List<Group> groups = groupsForSecrets.get(s.series().id());
        if (groups == null) {
            groups = ImmutableList.of();
        }
        return fromSecretSeriesAndContentAndGroups(s, groups);
    }).collect(toList());
    try {
        return SanitizedSecretWithGroupsListAndCursor.of(secretsWithGroups, SecretRetrievalCursor.toUrlEncodedString(newCursor));
    } catch (Exception e) {
        logger.warn("Unable to encode cursor to string (cursor: {}): {}", newCursor, e.getMessage());
        // The cursor is malformed; return what information could be gathered
        return SanitizedSecretWithGroupsListAndCursor.of(secretsWithGroups, null);
    }
}

Example 4 with SanitizedSecretWithGroups

use of keywhiz.api.model.SanitizedSecretWithGroups in project keywhiz by square.

the class GroupResourceTest method secretsWithGroupsForGroup.

@Test
public void secretsWithGroupsForGroup() throws Exception {
    // Sample group
    create(CreateGroupRequestV2.builder().name("groupWithSharedSecrets").description("desc").build());
    create(CreateGroupRequestV2.builder().name("secondGroup").description("desc").build());
    // Sample secret
    createSecret("groupWithSharedSecrets", "shared-secret");
    assignSecret("secondGroup", "shared-secret");
    Set<SanitizedSecretWithGroups> secrets = secretsInfoWithGroups("groupWithSharedSecrets");
    assertThat(secrets).hasSize(1);
    SanitizedSecretWithGroups secretWithGroups = secrets.iterator().next();
    assertThat(secretWithGroups.secret().name()).isEqualTo("shared-secret");
    Set<String> groupNames = secretWithGroups.groups().stream().map(Group::getName).collect(Collectors.toUnmodifiableSet());
    assertThat(groupNames).hasSize(2);
    assertThat(groupNames.contains("groupWithSharedSecrets"));
    assertThat(groupNames.contains("secondGroup"));
}

Example 5 with SanitizedSecretWithGroups

use of keywhiz.api.model.SanitizedSecretWithGroups in project keywhiz by square.

the class GroupResource method secretsWithGroupsForGroup.

/**
 * Retrieve metadata for secrets in a particular group, including all
 * groups linked to each secret.
 *
 * @param name Group name
 *
 * responseMessage 200 Group information retrieved
 * responseMessage 404 Group not found
 */
@Timed
@ExceptionMetered
@GET
@Path("{name}/secretsandgroups")
@Produces(APPLICATION_JSON)
public Set<SanitizedSecretWithGroups> secretsWithGroupsForGroup(@Auth AutomationClient automationClient, @PathParam("name") String name) {
    Group group = groupDAOReadOnly.getGroup(name).orElseThrow(NotFoundException::new);
    Set<SanitizedSecret> secrets = aclDAOReadOnly.getSanitizedSecretsFor(group);
    Map<Long, List<Group>> groupsForSecrets = aclDAOReadOnly.getGroupsForSecrets(secrets.stream().map(SanitizedSecret::id).collect(Collectors.toUnmodifiableSet()));
    return secrets.stream().map(s -> {
        List<Group> groups = groupsForSecrets.get(s.id());
        if (groups == null) {
            groups = ImmutableList.of();
        }
        return SanitizedSecretWithGroups.of(s, groups);
    }).collect(Collectors.toUnmodifiableSet());
}