From 57398971b301ef0c80472d830201eca4d0d5fdf5 Mon Sep 17 00:00:00 2001 From: Ivan Dimov <78815270+idimov-keeper@users.noreply.github.com> Date: Wed, 3 Apr 2024 17:46:51 -0500 Subject: [PATCH] KSM-505 Added uid as path parameter --- .../vault-plugin-secrets-ksm/ksm/backend.go | 1 + .../ksm/path_record.go | 31 +++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/integration/vault-plugin-secrets-ksm/ksm/backend.go b/integration/vault-plugin-secrets-ksm/ksm/backend.go index 479f25ad..e9719a2e 100644 --- a/integration/vault-plugin-secrets-ksm/ksm/backend.go +++ b/integration/vault-plugin-secrets-ksm/ksm/backend.go @@ -41,6 +41,7 @@ func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, b.pathConfig(), b.pathUidgen(), b.pathTotp(), + b.pathRecord(), b.pathRecords(), b.pathRecordsCreate(), b.pathRecordsList(), diff --git a/integration/vault-plugin-secrets-ksm/ksm/path_record.go b/integration/vault-plugin-secrets-ksm/ksm/path_record.go index 63605777..a5cef0a3 100644 --- a/integration/vault-plugin-secrets-ksm/ksm/path_record.go +++ b/integration/vault-plugin-secrets-ksm/ksm/path_record.go @@ -14,6 +14,9 @@ import ( // pathPatternRecord is the string used to define the base path of the record endpoint. const pathPatternRecord = "record/?$" +// pathPatternRecordAsPathParam is the string used to define the base path of the record endpoint. +const pathPatternRecordAsPathParam = "^record/(?P[A-Za-z0-9_-]{22})$" + // pathPatternRecordCreate is the string used to define the base path of the record create endpoint. const pathPatternRecordCreate = "record/create/?$" @@ -62,6 +65,30 @@ func (b *backend) pathRecordsList() *framework.Path { } } +func (b *backend) pathRecord() *framework.Path { + return &framework.Path{ + Pattern: pathPatternRecordAsPathParam, + Fields: map[string]*framework.FieldSchema{ + keyRecordUid: { + Type: framework.TypeString, + Description: descRecordUid, + Required: true, + }, + }, + Operations: map[logical.Operation]framework.OperationHandler{ + logical.ReadOperation: &framework.PathOperation{ + Callback: withFieldValidator(b.pathRecordRead), + }, + logical.DeleteOperation: &framework.PathOperation{ + Callback: withFieldValidator(b.pathRecordDelete), + }, + }, + ExistenceCheck: b.recordExistenceCheck, + HelpSynopsis: pathRecordHelpSyn, + HelpDescription: pathRecordHelpDesc, + } +} + func (b *backend) pathRecords() *framework.Path { return &framework.Path{ Pattern: pathPatternRecord, @@ -408,6 +435,10 @@ func (b *backend) pathRecordCreate(ctx context.Context, req *logical.Request, d } func folderExists(sm *core.SecretsManager, uid string) (bool, error) { + if uid == "" { + return false, nil + } + records, err := sm.GetSecrets([]string{}) if err != nil { return false, err