use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class AclDAO method findAndRevokeAccess.
public void findAndRevokeAccess(long secretId, long groupId, AuditLog auditLog, String user, Map<String, String> extraInfo) {
dslContext.transaction(configuration -> {
GroupDAO groupDAO = groupDAOFactory.using(configuration);
SecretSeriesDAO secretSeriesDAO = secretSeriesDAOFactory.using(configuration);
Optional<Group> group = groupDAO.getGroupById(groupId);
if (!group.isPresent()) {
logger.info("Failure to revoke access groupId {}, secretId {}: groupId not found.", groupId, secretId);
throw new IllegalStateException(format("GroupId %d doesn't exist.", groupId));
}
Optional<SecretSeries> secret = secretSeriesDAO.getSecretSeriesById(secretId);
if (!secret.isPresent()) {
logger.info("Failure to revoke access groupId {}, secretId {}: secretId not found.", groupId, secretId);
throw new IllegalStateException(format("SecretId %d doesn't exist.", secretId));
}
revokeAccess(configuration, secretId, groupId);
extraInfo.put("group", group.get().getName());
extraInfo.put("secret removed", secret.get().name());
auditLog.recordEvent(new Event(Instant.now(), EventTag.CHANGEACL_GROUP_SECRET, user, group.get().getName(), extraInfo));
});
}
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class AclDAO method findAndAllowAccess.
public void findAndAllowAccess(long secretId, long groupId, AuditLog auditLog, String user, Map<String, String> extraInfo) {
dslContext.transaction(configuration -> {
GroupDAO groupDAO = groupDAOFactory.using(configuration);
SecretSeriesDAO secretSeriesDAO = secretSeriesDAOFactory.using(configuration);
Optional<Group> group = groupDAO.getGroupById(groupId);
if (!group.isPresent()) {
logger.info("Failure to allow access groupId {}, secretId {}: groupId not found.", groupId, secretId);
throw new IllegalStateException(format("GroupId %d doesn't exist.", groupId));
}
Optional<SecretSeries> secret = secretSeriesDAO.getSecretSeriesById(secretId);
if (!secret.isPresent()) {
logger.info("Failure to allow access groupId {}, secretId {}: secretId not found.", groupId, secretId);
throw new IllegalStateException(format("SecretId %d doesn't exist.", secretId));
}
allowAccess(configuration, secretId, groupId);
extraInfo.put("group", group.get().getName());
extraInfo.put("secret added", secret.get().name());
auditLog.recordEvent(new Event(Instant.now(), EventTag.CHANGEACL_GROUP_SECRET, user, group.get().getName(), extraInfo));
});
}
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretsResourceTest method findDeletedSecretsByName.
@Test
public void findDeletedSecretsByName() {
SecretSeries secretSeries1 = SecretSeries.of(1, "blah.name1.blah", null, "desc", NOW, "user", NOW, "user", null, emptyMap, null);
SecretSeries secretSeries2 = SecretSeries.of(2, "blahblah.name1.blahh", null, "desc", NOW, "user", NOW, "user", null, emptyMap, null);
when(secretDAO.getSecretsWithDeletedName("name1")).thenReturn(ImmutableList.of(secretSeries1, secretSeries2));
assertThat(resource.findDeletedSecretsByName(user, "name1")).containsExactlyInAnyOrder(secretSeries1, secretSeries2);
}
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretTransformerTest method transformsOwner.
@Test
public void transformsOwner() {
String ownerName = "foo";
SecretSeries series = validSeries().toBuilder().owner(ownerName).build();
SecretContent content = validContent();
SecretSeriesAndContent seriesAndContent = SecretSeriesAndContent.of(series, content);
Secret secret = transformer.transform(seriesAndContent);
assertEquals(ownerName, secret.getOwner());
}
use of keywhiz.api.model.SecretSeries in project keywhiz by square.
the class SecretSeriesDAOTest method getMultipleSecretSeriesByNameDuplicatesReturnsOne.
@Test
public void getMultipleSecretSeriesByNameDuplicatesReturnsOne() {
int before = tableSize();
long now = OffsetDateTime.now().toEpochSecond();
ApiDate nowDate = new ApiDate(now);
long id = secretSeriesDAO.createSecretSeries("newSecretSeries", null, "creator", "desc", null, ImmutableMap.of("foo", "bar"), now);
long contentId = secretContentDAO.createSecretContent(id, "blah", "checksum", "creator", null, 0, now);
secretSeriesDAO.setCurrentVersion(id, contentId, "creator", now);
List<SecretSeries> expected = List.of(SecretSeries.of(id, "newSecretSeries", null, "desc", nowDate, "creator", nowDate, "creator", null, ImmutableMap.of("foo", "bar"), contentId));
assertThat(tableSize()).isEqualTo(before + 1);
// Requesting same secret multiple times - should yield one result
List<SecretSeries> actual = secretSeriesDAO.getMultipleSecretSeriesByName(List.of("newSecretSeries", "newSecretSeries", "newSecretSeries"));
assertThat(actual).isEqualTo(expected);
}
Aggregations