Skip to content
This repository has been archived by the owner on Feb 16, 2023. It is now read-only.

Commit

Permalink
Merge pull request #130 from secrethub/release/v0.22.0
Browse files Browse the repository at this point in the history
Release v0.22.0
  • Loading branch information
SimonBarendse authored Sep 9, 2019
2 parents 30f776a + 6587150 commit 8bf2c4e
Show file tree
Hide file tree
Showing 25 changed files with 155 additions and 108 deletions.
2 changes: 1 addition & 1 deletion internals/api/account.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ var (

// Account represents an account on SecretHub.
type Account struct {
AccountID *uuid.UUID `json:"account_id"`
AccountID uuid.UUID `json:"account_id"`
Name AccountName `json:"name"`
PublicKey []byte `json:"public_key"`
AccountType string `json:"account_type"`
Expand Down
10 changes: 5 additions & 5 deletions internals/api/acl.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ var (
// a directory and its children.
type AccessRule struct {
Account *Account `json:"account"`
AccountID *uuid.UUID `json:"account_id"`
DirID *uuid.UUID `json:"dir_id"`
RepoID *uuid.UUID `json:"repo_id"`
AccountID uuid.UUID `json:"account_id"`
DirID uuid.UUID `json:"dir_id"`
RepoID uuid.UUID `json:"repo_id"`
Permission Permission `json:"permission"`
CreatedAt time.Time `json:"created_at"`
LastChangedAt time.Time `json:"last_changed_at"`
Expand Down Expand Up @@ -59,8 +59,8 @@ func (car *CreateAccessRuleRequest) Validate() error {
// effect of one or more access rules on the directory itself or its parent(s).
type AccessLevel struct {
Account *Account `json:"account"`
AccountID *uuid.UUID `json:"account_id"`
DirID *uuid.UUID `json:"dir_id"`
AccountID uuid.UUID `json:"account_id"`
DirID uuid.UUID `json:"dir_id"`
Permission Permission `json:"permission"`
}

Expand Down
10 changes: 5 additions & 5 deletions internals/api/audit.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ const (

// Audit represents an AuditEvent in SecretHub.
type Audit struct {
EventID *uuid.UUID `json:"event_id"`
EventID uuid.UUID `json:"event_id"`
Action AuditAction `json:"action"`
IPAddress string `json:"ip_address"`
LoggedAt time.Time `json:"logged_at"`
Expand All @@ -31,8 +31,8 @@ type AuditAction string

// AuditActor represents the Account of an AuditEvent
type AuditActor struct {
ActorID *uuid.UUID `json:"id,omitempty"`
Deleted bool `json:"deleted,omitempty"`
ActorID uuid.UUID `json:"id,omitempty"`
Deleted bool `json:"deleted,omitempty"`
// Type is `user` or `service`. When actor is deleted, type is always `account`
Type string `json:"type"`
User *User `json:"user,omitempty"`
Expand Down Expand Up @@ -61,8 +61,8 @@ const (

// AuditSubject represents the Subject of an AuditEvent
type AuditSubject struct {
SubjectID *uuid.UUID `json:"id,omitempty"`
Deleted bool `json:"deleted,omitempty"`
SubjectID uuid.UUID `json:"id,omitempty"`
Deleted bool `json:"deleted,omitempty"`
// Type is `user`, `service`, `repo`, `secret`, `secret_version` or `secret_key`. When subject is deleted, user and service are indicated with type `account`
Type AuditSubjectType `json:"type"`
User *User `json:"user,omitempty"`
Expand Down
2 changes: 1 addition & 1 deletion internals/api/credential.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ const (

// Credential is used to authenticate to the API and to encrypt the account key.
type Credential struct {
AccountID *uuid.UUID `json:"account_id"`
AccountID uuid.UUID `json:"account_id"`
Type CredentialType `json:"type"`
CreatedAt time.Time `json:"created_at"`
Fingerprint string `json:"fingerprint"`
Expand Down
6 changes: 3 additions & 3 deletions internals/api/dir.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ var (
// The names are encrypted and so are the names of SubDirs and Secrets.
// The secrets contain no encrypted data, only the encrypted name.
type EncryptedDir struct {
DirID *uuid.UUID `json:"dir_id"`
DirID uuid.UUID `json:"dir_id"`
BlindName string `json:"blind_name"`
EncryptedName crypto.CiphertextRSA `json:"encrypted_name"`
ParentID *uuid.UUID `json:"parent_id"`
Expand Down Expand Up @@ -56,7 +56,7 @@ func (ed *EncryptedDir) Decrypt(accountKey *crypto.RSAPrivateKey) (*Dir, error)
// Dir represents an directory.
// A dir belongs to a repo and contains other dirs and secrets.
type Dir struct {
DirID *uuid.UUID `json:"dir_id"`
DirID uuid.UUID `json:"dir_id"`
BlindName string `json:"blind_name"`
Name string `json:"name"`
ParentID *uuid.UUID `json:"parent_id"`
Expand Down Expand Up @@ -98,7 +98,7 @@ func (cdr *CreateDirRequest) Validate() error {
return err
}

unique[*encryptedName.AccountID]++
unique[encryptedName.AccountID]++
}

for _, count := range unique {
Expand Down
16 changes: 8 additions & 8 deletions internals/api/dirfs.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func (t EncryptedTree) Decrypt(accountKey *crypto.RSAPrivateKey) (*Tree, error)
// This has to be prepopulated to be able to put childs under parents.
dirMap := make(map[uuid.UUID]*Dir)
for _, dir := range dirs {
dirMap[*dir.DirID] = dir
dirMap[dir.DirID] = dir
}

// All directories are looped and placed below the parent directory as a subdirectory.
Expand All @@ -89,13 +89,13 @@ func (t EncryptedTree) Decrypt(accountKey *crypto.RSAPrivateKey) (*Tree, error)
secretMap := make(map[uuid.UUID]*Secret)
// All secrets are placed below every directory.
for _, secret := range secrets {
dir, ok := dirMap[*secret.DirID]
dir, ok := dirMap[secret.DirID]
if !ok {
return nil, ErrParentDirNotAvailable
}

dir.Secrets = append(dir.Secrets, secret)
secretMap[*secret.SecretID] = secret
secretMap[secret.SecretID] = secret
}

return &Tree{
Expand Down Expand Up @@ -130,8 +130,8 @@ func (t Tree) DirCount() int {
// AbsSecretPath returns the full path of secret.
// This function makes the assumption that every secret has a ParentDir.
// If not, an error will occur.
func (t Tree) AbsSecretPath(secretID *uuid.UUID) (*SecretPath, error) {
secret, ok := t.Secrets[*secretID]
func (t Tree) AbsSecretPath(secretID uuid.UUID) (*SecretPath, error) {
secret, ok := t.Secrets[secretID]
if !ok {
return nil, ErrSecretNotFound
}
Expand All @@ -149,18 +149,18 @@ func (t Tree) AbsSecretPath(secretID *uuid.UUID) (*SecretPath, error) {
// AbsDirPath returns the full path of dir
// This function makes the assumption that only the root dir has no parentID.
// If not, an error will occur.
func (t Tree) AbsDirPath(dirID *uuid.UUID) (DirPath, error) {
func (t Tree) AbsDirPath(dirID uuid.UUID) (DirPath, error) {
if uuid.Equal(dirID, t.RootDir.DirID) {
dirPath := t.ParentPath.JoinDir(t.RootDir.Name)
return dirPath, nil
}

dir, ok := t.Dirs[*dirID]
dir, ok := t.Dirs[dirID]
if !ok {
return "", ErrDirNotFound
}

parentPath, err := t.AbsDirPath(dir.ParentID)
parentPath, err := t.AbsDirPath(*dir.ParentID)
if err != nil {
return "", errio.Error(err)
}
Expand Down
18 changes: 9 additions & 9 deletions internals/api/dirfs_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,21 +23,21 @@ func TestAbsDirPath(t *testing.T) {
dir := &Dir{
DirID: uuid.New(),
Name: "dir",
ParentID: repoDir.DirID,
ParentID: &repoDir.DirID,
}

subdir := &Dir{
DirID: uuid.New(),
Name: "subdir",
ParentID: dir.DirID,
ParentID: &dir.DirID,
}

repoPath := DirPath("namespace/repo")
dirPath := DirPath("namespace/repo/dir")
subdirPath := DirPath("namespace/repo/dir/subdir")

cases := map[string]struct {
dirID *uuid.UUID
dirID uuid.UUID
tree Tree
expected DirPath
err error
Expand All @@ -48,7 +48,7 @@ func TestAbsDirPath(t *testing.T) {
ParentPath: "namespace",
RootDir: repoDir,
Dirs: map[uuid.UUID]*Dir{
*repoDir.DirID: repoDir,
repoDir.DirID: repoDir,
},
Secrets: map[uuid.UUID]*Secret{},
},
Expand All @@ -61,7 +61,7 @@ func TestAbsDirPath(t *testing.T) {
ParentPath: "namespace",
RootDir: repoDir,
Dirs: map[uuid.UUID]*Dir{
*dir.DirID: dir,
dir.DirID: dir,
},
Secrets: map[uuid.UUID]*Secret{},
},
Expand All @@ -74,8 +74,8 @@ func TestAbsDirPath(t *testing.T) {
ParentPath: "namespace/repo",
RootDir: dir,
Dirs: map[uuid.UUID]*Dir{
*dir.DirID: dir,
*subdir.DirID: subdir,
dir.DirID: dir,
subdir.DirID: subdir,
},
Secrets: map[uuid.UUID]*Secret{},
},
Expand All @@ -88,8 +88,8 @@ func TestAbsDirPath(t *testing.T) {
ParentPath: "namespace/repo",
RootDir: dir,
Dirs: map[uuid.UUID]*Dir{
*dir.DirID: dir,
*subdir.DirID: subdir,
dir.DirID: dir,
subdir.DirID: subdir,
},
Secrets: map[uuid.UUID]*Secret{},
},
Expand Down
4 changes: 2 additions & 2 deletions internals/api/encrypted_data_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
)

func TestEncryptedData_MarshalUnmarshalValidate(t *testing.T) {
encryptedDataRSAAccountKey := NewEncryptedDataRSAOAEP([]byte("rsa-ciphertext"), HashingAlgorithmSHA256, NewEncryptionKeyAccountKey(4096, *uuid.New()))
encryptedDataRSAAccountKey := NewEncryptedDataRSAOAEP([]byte("rsa-ciphertext"), HashingAlgorithmSHA256, NewEncryptionKeyAccountKey(4096, uuid.New()))

cases := map[string]struct {
in *EncryptedData
Expand All @@ -24,7 +24,7 @@ func TestEncryptedData_MarshalUnmarshalValidate(t *testing.T) {
in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeyLocal(256)),
},
"aes with secret key": {
in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeySecretKey(256, *uuid.New())),
in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeySecretKey(256, uuid.New())),
},
"rsa account key": {
in: encryptedDataRSAAccountKey,
Expand Down
8 changes: 4 additions & 4 deletions internals/api/name.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ import (

// EncryptedNameRequest contains an EncryptedName for an Account.
type EncryptedNameRequest struct {
AccountID *uuid.UUID `json:"account_id"`
AccountID uuid.UUID `json:"account_id"`
EncryptedName crypto.CiphertextRSA `json:"encrypted_name"`
}

// Validate validates the EncryptedNameRequest to be valid.
func (enr *EncryptedNameRequest) Validate() error {
if enr.AccountID == nil {
if enr.AccountID.IsZero() {
return ErrInvalidAccountID
}

Expand All @@ -23,12 +23,12 @@ func (enr *EncryptedNameRequest) Validate() error {
// EncryptedNameForNodeRequest contains an EncryptedName for an Account and the corresponding NodeID.
type EncryptedNameForNodeRequest struct {
EncryptedNameRequest
NodeID *uuid.UUID `json:"node_id"`
NodeID uuid.UUID `json:"node_id"`
}

// Validate validates the EncryptedNameForNodeRequest.
func (nnr EncryptedNameForNodeRequest) Validate() error {
if nnr.NodeID == nil {
if nnr.NodeID.IsZero() {
return ErrInvalidNodeID
}

Expand Down
14 changes: 7 additions & 7 deletions internals/api/org.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ const (

// Org represents an organization account on SecretHub
type Org struct {
OrgID *uuid.UUID `json:"org_id"`
OrgID uuid.UUID `json:"org_id"`
Name string `json:"name"`
Description string `json:"description"`
CreatedAt time.Time `json:"created_at"`
Expand All @@ -38,12 +38,12 @@ func (s SortOrgByName) Less(i, j int) bool {

// OrgMember represents a user's membership of an organization.
type OrgMember struct {
OrgID *uuid.UUID `json:"org_id"`
AccountID *uuid.UUID `json:"account_id"`
Role string `json:"role"`
CreatedAt time.Time `json:"created_at"`
LastChangedAt time.Time `json:"last_changed_at"`
User *User `json:"user,omitempty"`
OrgID uuid.UUID `json:"org_id"`
AccountID uuid.UUID `json:"account_id"`
Role string `json:"role"`
CreatedAt time.Time `json:"created_at"`
LastChangedAt time.Time `json:"last_changed_at"`
User *User `json:"user,omitempty"`
}

// SortOrgMemberByUsername makes a list of org members sortable.
Expand Down
12 changes: 6 additions & 6 deletions internals/api/repo.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ var (

// Repo represents a repo on SecretHub.
type Repo struct {
RepoID *uuid.UUID `json:"repo_id"`
RepoID uuid.UUID `json:"repo_id"`
Owner string `json:"owner"`
Name string `json:"name"`
CreatedAt *time.Time `json:"created_at"`
Expand Down Expand Up @@ -112,9 +112,9 @@ func (crr CreateRepoRequest) Validate() error {

// RepoMember represents a member of a SecretHub repo.
type RepoMember struct {
RepoID *uuid.UUID `json:"repo_id"`
AccountID *uuid.UUID `json:"account_id"`
CreatedAt time.Time `json:"created_at"`
RepoID uuid.UUID `json:"repo_id"`
AccountID uuid.UUID `json:"account_id"`
CreatedAt time.Time `json:"created_at"`
}

// CreateRepoMemberRequest contains the required fields for adding a user to a repo.
Expand All @@ -138,13 +138,13 @@ func (req CreateRepoMemberRequest) Validate() error {

// InviteUserRequest contains the required fields for inviting a user to a repo.
type InviteUserRequest struct {
AccountID *uuid.UUID `json:"account_id"`
AccountID uuid.UUID `json:"account_id"`
RepoMember *CreateRepoMemberRequest `json:"repo_member"`
}

// Validate validates a InviteUserRequest
func (req InviteUserRequest) Validate() error {
if req.AccountID == nil {
if req.AccountID.IsZero() {
return ErrInvalidAccountID
}

Expand Down
Loading

0 comments on commit 8bf2c4e

Please sign in to comment.