// Share grants a key access to a message func Share(w http.ResponseWriter, r *http.Request) { api := newAPI(w, r) defer api.req.Body.Close() if !api.auth() || !api.admin { api.error("Unauthorized", 401) return } request, err := api.read() if err != nil { log.Debug(err) api.error("Bad request", 400) return } if len(request.KeyID) == 0 { api.error("Missing elements in request", 400) return } if len(request.Name) == 0 { api.error("Missing elements in request", 400) return } key := new(secrets.Key) key.Name = request.KeyID key.Key = request.Key err = database.GetKey(key) if err != nil { log.Error(err) api.error("Database error", 500) return } secret := new(secrets.Secret) secret.Name = request.Name err = database.GetRootSecret(secret) switch err { case gorm.ErrRecordNotFound: api.error("Secret does not exist", 404) return case nil: break default: log.Error(err) api.error("Database error", 500) return } shared, err := secret.Share(key) if err != nil { log.Error(err) api.error(err.Error(), 500) return } err = database.AddSecret(shared) if err != nil { log.Error(err) api.error("Database error", 500) return } log.Info("Secret: ", shared.Name, " shared with: ", key.Name) api.message("OK", 201) return }