func TestDelete(t *testing.T) {
w := httptest.NewRecorder()
m := mux.NewRouter()
addRoutes(m)
key := new(secrets.Key)
err := key.New("968cd432-c97a-11e5-9956-625662870761")
priv := key.Display()
assert.Nil(t, err, "Should not return error")
testDb := new(mocks.DB)
r, err := http.NewRequest("DELETE", "/secrets/delete/secrets/test-secret", nil)
assert.Nil(t, err, "Should not return error")
secrets.New("test-secret", []byte("test"))
authSetup(testDb, r, priv)
testDb.On("GetRootSecret", &secrets.Secret{Name: "test-secret"}).Run(func(args mock.Arguments) {
args.Get(0).(*secrets.Secret).Name = "test-secret"
args.Get(0).(*secrets.Secret).ID = 2
}).Return(nil)
testDb.On("DeleteSecret", &secrets.Secret{ID: 2, Name: "test-secret"}).Return(nil)
database = testDb
m.ServeHTTP(w, r)
}
// Key adds a new secret key to the vault
func Key(w http.ResponseWriter, r *http.Request) {
api := newAPI(w, r)
defer api.req.Body.Close()
if !api.auth() || !api.admin {
api.error("Unauthorized", 401)
return
}
request, err := api.read()
if err != nil {
log.Debug(err)
api.error("Bad request", 400)
return
}
if request.Name == "" {
request.Name = uuid.New()
}
if !secretIDRegex.MatchString(request.Name) {
api.error("Invalid key ID", 400)
}
key := new(secrets.Key)
err = key.New(request.Name)
if err != nil {
log.Error(err)
api.error("Server error", 500)
return
}
if request.Admin {
key.ReadOnly = false
} else {
key.ReadOnly = true
}
err = database.AddKey(key)
if err != nil {
log.Error(err)
api.error("Database error", 500)
return
}
log.Info("New key added: ", key.Name)
api.reply(secrets.Key{
Name: key.Name,
Key: key.Display(),
ReadOnly: key.ReadOnly,
},
201)
}
func TestListSecret(t *testing.T) {
w := httptest.NewRecorder()
m := mux.NewRouter()
addRoutes(m)
secretList := make([]secrets.Secret, 20)
for i := range secretList {
s, err := secrets.New(fmt.Sprintf("secret-%d", i), []byte("testmessage"))
secretList[i] = *s
assert.Nil(t, err, "Should not return error")
}
testDb := new(mocks.DB)
r, err := http.NewRequest("GET", "/secrets/list/secrets", nil)
assert.Nil(t, err, "Should not return error")
key := new(secrets.Key)
err = key.New("968cd432-c97a-11e5-9956-625662870761")
priv := key.Display()
assert.Nil(t, err, "Should not return error")
authSetup(testDb, r, priv)
pos := 0
testDb.On("ListSecrets", mock.Anything).Return(func(n int) ([]secrets.Secret, error) {
start := pos
end := pos + n
if start >= len(secretList) {
start = len(secretList)
}
if end >= len(secretList) {
end = len(secretList)
}
pos = end
return secretList[start:end], nil
})
database = testDb
m.ServeHTTP(w, r)
expected, err := json.MarshalIndent(secretList[0:10], "", " ")
assert.Nil(t, err, "Should not return error")
buf, err := json.MarshalIndent(secretList[10:], "", " ")
assert.Nil(t, err, "Should not return error")
expected = append(expected, buf...)
assert.Equal(t, expected, w.Body.Bytes())
}
func TestView(t *testing.T) {
w := httptest.NewRecorder()
root, err := secrets.New("testsecret", []byte("testmessage"))
assert.Nil(t, err, "Should not return error")
key := new(secrets.Key)
err = key.New("968cd432-c97a-11e5-9956-625662870761")
priv := key.Display()
assert.Nil(t, err, "Should not return error")
shared, err := root.Share(key)
assert.Nil(t, err, "Should not return error")
req := request{Name: "testsecret"}
data, err := json.Marshal(req)
assert.Nil(t, err, "Should not return error")
r, err := http.NewRequest("POST", "/secrets/view", bytes.NewReader(data))
assert.Nil(t, err, "Should not return error")
testDb := new(mocks.DB)
authSetup(testDb, r, priv)
testDb.On(
"GetSharedSecret",
&secrets.Secret{Name: "testsecret"},
&secrets.Key{Name: "968cd432-c97a-11e5-9956-625662870761"}).Run(
func(args mock.Arguments) {
args.Get(0).(*secrets.Secret).Name = shared.Name
args.Get(0).(*secrets.Secret).Nonce = shared.Nonce
args.Get(0).(*secrets.Secret).Message = shared.Message
args.Get(0).(*secrets.Secret).Pubkey = shared.Pubkey
args.Get(0).(*secrets.Secret).Key = shared.Key
}).Return(nil)
testDb.On("GetRootSecret", mock.AnythingOfType("*secrets.Secret")).Run(func(args mock.Arguments) {
args.Get(0).(*secrets.Secret).Name = root.Name
args.Get(0).(*secrets.Secret).Nonce = root.Nonce
args.Get(0).(*secrets.Secret).Message = root.Message
args.Get(0).(*secrets.Secret).Pubkey = root.Pubkey
args.Get(0).(*secrets.Secret).Key = root.Key
}).Return(nil)
database = testDb
View(w, r)
assert.Equal(t, "testmessage", string(w.Body.Bytes()))
}
