Example 11 with SecretSeries
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretDetailResponseV2Test method formsCorrectlyFromSecretSeries.
@Test
public void formsCorrectlyFromSecretSeries() throws Exception {
SecretSeries series = SecretSeries.of(1, "secret-name", "secret-description", ApiDate.parse("2013-03-28T21:23:04.159Z"), "creator-user", ApiDate.parse("2013-03-28T21:23:04.159Z"), "creator-user", "text/plain", null, 1L);
SecretDetailResponseV2 secretDetailResponse = SecretDetailResponseV2.builder().series(series).content("YXNkZGFz").checksum("checksum").metadata(ImmutableMap.of("owner", "root")).expiry(1136214245).build();
assertThat(asJson(secretDetailResponse)).isEqualTo(jsonFixture("fixtures/v2/secretDetailResponse.json"));
}
Also used :
SecretSeries(keywhiz.api.model.SecretSeries)
Test(org.junit.Test)
Example 12 with SecretSeries
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class AclDAO method getSanitizedSecretFor.
public Optional<SanitizedSecret> getSanitizedSecretFor(Client client, String secretName) {
checkNotNull(client);
checkArgument(!secretName.isEmpty());
SelectQuery<Record> query = dslContext.select(SECRETS.fields()).from(SECRETS).join(ACCESSGRANTS).on(SECRETS.ID.eq(ACCESSGRANTS.SECRETID)).join(MEMBERSHIPS).on(ACCESSGRANTS.GROUPID.eq(MEMBERSHIPS.GROUPID)).join(CLIENTS).on(CLIENTS.ID.eq(MEMBERSHIPS.CLIENTID)).join(SECRETS_CONTENT).on(SECRETS_CONTENT.ID.eq(SECRETS.CURRENT)).where(CLIENTS.NAME.eq(client.getName()).and(SECRETS.CURRENT.isNotNull()).and(SECRETS.NAME.eq(secretName))).limit(1).getQuery();
query.addSelect(SECRETS_CONTENT.CONTENT_HMAC);
query.addSelect(SECRETS_CONTENT.CREATEDAT);
query.addSelect(SECRETS_CONTENT.CREATEDBY);
query.addSelect(SECRETS_CONTENT.UPDATEDAT);
query.addSelect(SECRETS_CONTENT.UPDATEDBY);
query.addSelect(SECRETS_CONTENT.METADATA);
query.addSelect(SECRETS_CONTENT.EXPIRY);
return Optional.ofNullable(query.fetchOne()).map(row -> {
SecretSeries series = secretSeriesMapper.map(row.into(SECRETS));
return SanitizedSecret.of(series.id(), series.name(), row.getValue(SECRETS_CONTENT.CONTENT_HMAC), series.description(), new ApiDate(row.getValue(SECRETS_CONTENT.CREATEDAT)), row.getValue(SECRETS_CONTENT.CREATEDBY), new ApiDate(row.getValue(SECRETS_CONTENT.UPDATEDAT)), row.getValue(SECRETS_CONTENT.UPDATEDBY), secretContentMapper.tryToReadMapFromMetadata(row.getValue(SECRETS_CONTENT.METADATA)), series.type().orElse(null), series.generationOptions(), row.getValue(SECRETS_CONTENT.EXPIRY), series.currentVersion().orElse(null));
});
}
Also used :
ApiDate(keywhiz.api.ApiDate)
SecretSeries(keywhiz.api.model.SecretSeries)
SecretsRecord(keywhiz.jooq.tables.records.SecretsRecord)
Record(org.jooq.Record)
Example 13 with SecretSeries
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretTransformer method transform.
/**
* Transform DB content to a Secret model.
* @param seriesAndContent a secret series and secret contents as stored in the database
* @return the same information restructured as a Secret
*/
public Secret transform(SecretSeriesAndContent seriesAndContent) {
checkNotNull(seriesAndContent);
SecretSeries series = seriesAndContent.series();
SecretContent content = seriesAndContent.content();
return new Secret(series.id(), series.name(), series.owner(), series.description(), () -> cryptographer.decrypt(content.encryptedContent()), content.hmac(), series.createdAt(), series.createdBy(), series.updatedAt(), series.updatedBy(), content.metadata(), series.type().orElse(null), series.generationOptions(), content.expiry(), series.currentVersion().orElse(null), content.createdAt(), content.createdBy());
}
Also used :
Secret(keywhiz.api.model.Secret)
SecretSeries(keywhiz.api.model.SecretSeries)
SecretContent(keywhiz.api.model.SecretContent)
Example 14 with SecretSeries
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretDAO method getDeletedSecretVersionsBySecretId.
/**
* @param secretId, the secret's id
* @param versionIdx the first index to select in a list of versions sorted by creation time
* @param numVersions the number of versions after versionIdx to select in the list of versions
* @return all versions of a deleted secret, including the secret's content for each version,
* matching input parameters or Optional.absent().
*/
public Optional<ImmutableList<SecretSeriesAndContent>> getDeletedSecretVersionsBySecretId(long secretId, int versionIdx, int numVersions) {
checkArgument(versionIdx >= 0);
checkArgument(numVersions >= 0);
SecretContentDAO secretContentDAO = secretContentDAOFactory.using(dslContext.configuration());
SecretSeriesDAO secretSeriesDAO = secretSeriesDAOFactory.using(dslContext.configuration());
Optional<SecretSeries> series = secretSeriesDAO.getDeletedSecretSeriesById(secretId);
if (series.isPresent()) {
SecretSeries s = series.get();
Optional<ImmutableList<SecretContent>> contents = secretContentDAO.getSecretVersionsBySecretId(secretId, versionIdx, numVersions);
if (contents.isPresent()) {
ImmutableList.Builder<SecretSeriesAndContent> b = new ImmutableList.Builder<>();
b.addAll(contents.get().stream().map(c -> SecretSeriesAndContent.of(s, c)).collect(toList()));
return Optional.of(b.build());
}
}
return Optional.empty();
}
Also used :
SecretSeries(keywhiz.api.model.SecretSeries)
ImmutableList(com.google.common.collect.ImmutableList)
SecretSeriesAndContent(keywhiz.api.model.SecretSeriesAndContent)
Example 15 with SecretSeries
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretDAO method createOrUpdateSecret.
@VisibleForTesting
public long createOrUpdateSecret(String name, String owner, String encryptedSecret, String hmac, String creator, Map<String, String> metadata, long expiry, String description, @Nullable String type, @Nullable Map<String, String> generationOptions) {
// SecretController should have already checked that the contents are not empty
return dslContext.transactionResult(configuration -> {
long now = OffsetDateTime.now().toEpochSecond();
SecretContentDAO secretContentDAO = secretContentDAOFactory.using(configuration);
SecretSeriesDAO secretSeriesDAO = secretSeriesDAOFactory.using(configuration);
Long ownerId = getOwnerId(configuration, owner);
Optional<SecretSeries> secretSeries = secretSeriesDAO.getSecretSeriesByName(name);
long secretId;
if (secretSeries.isPresent()) {
SecretSeries secretSeries1 = secretSeries.get();
secretId = secretSeries1.id();
Long effectiveOwnerId = ownerId != null ? ownerId : getOwnerId(configuration, secretSeries1.owner());
secretSeriesDAO.updateSecretSeries(secretId, name, effectiveOwnerId, creator, description, type, generationOptions, now);
} else {
secretId = secretSeriesDAO.createSecretSeries(name, ownerId, creator, description, type, generationOptions, now);
}
long secretContentId = secretContentDAO.createSecretContent(secretId, encryptedSecret, hmac, creator, metadata, expiry, now);
secretSeriesDAO.setCurrentVersion(secretId, secretContentId, creator, now);
return secretId;
});
}
Also used :
SecretSeries(keywhiz.api.model.SecretSeries)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Aggregations
SecretSeries (keywhiz.api.model.SecretSeries)30
Test (org.junit.Test)12
SecretContent (keywhiz.api.model.SecretContent)9
SecretSeriesAndContent (keywhiz.api.model.SecretSeriesAndContent)8
ApiDate (keywhiz.api.ApiDate)6
ImmutableList (com.google.common.collect.ImmutableList)5
VisibleForTesting (com.google.common.annotations.VisibleForTesting)3
NotFoundException (javax.ws.rs.NotFoundException)3
SecretsRecord (keywhiz.jooq.tables.records.SecretsRecord)3
HashSet (java.util.HashSet)2
Group (keywhiz.api.model.Group)2
SanitizedSecret (keywhiz.api.model.SanitizedSecret)2
Secret (keywhiz.api.model.Secret)2
Event (keywhiz.log.Event)2
ImmutableSet (com.google.common.collect.ImmutableSet)1
ArrayList (java.util.ArrayList)1
BadRequestException (javax.ws.rs.BadRequestException)1
ContentEncodingException (keywhiz.service.crypto.ContentEncodingException)1
Record (org.jooq.Record)1
DataAccessException (org.jooq.exception.DataAccessException)1
