Semaphore/db/bolt/access_key.go

package bolt

import (
	"github.com/ansible-semaphore/semaphore/db"
	"go.etcd.io/bbolt"
)

func (d *BoltDb) GetAccessKey(projectID int, accessKeyID int) (key db.AccessKey, err error) {
	err = d.getObject(projectID, db.AccessKeyProps, intObjectID(accessKeyID), &key)
	if err != nil {
		return
	}

	return
}

func (d *BoltDb) GetAccessKeyRefs(projectID int, accessKeyID int) (db.ObjectReferrers, error) {
	return d.getObjectRefs(projectID, db.AccessKeyProps, accessKeyID)
}

func (d *BoltDb) GetAccessKeys(projectID int, params db.RetrieveQueryParams) ([]db.AccessKey, error) {
	var keys []db.AccessKey
	err := d.getObjects(projectID, db.AccessKeyProps, params, func(i interface{}) bool {
		k := i.(db.AccessKey)
		return k.EnvironmentID == nil
	}, &keys)
	return keys, err
}

func (d *BoltDb) UpdateAccessKey(key db.AccessKey) error {
	err := key.Validate(key.OverrideSecret)

	if err != nil {
		return err
	}

	if key.OverrideSecret {
		err = key.SerializeSecret()
		if err != nil {
			return err
		}
	} else { // accept only new name, ignore other changes
		oldKey, err2 := d.GetAccessKey(*key.ProjectID, key.ID)
		if err2 != nil {
			return err2
		}
		oldKey.Name = key.Name
		key = oldKey
	}

	return d.updateObject(*key.ProjectID, db.AccessKeyProps, key)
}

func (d *BoltDb) CreateAccessKey(key db.AccessKey) (db.AccessKey, error) {
	err := key.SerializeSecret()
	if err != nil {
		return db.AccessKey{}, err
	}
	newKey, err := d.createObject(*key.ProjectID, db.AccessKeyProps, key)
	return newKey.(db.AccessKey), err
}

func (d *BoltDb) DeleteAccessKey(projectID int, accessKeyID int) error {
	return d.deleteObject(projectID, db.AccessKeyProps, intObjectID(accessKeyID), nil)
}

func (d *BoltDb) RekeyAccessKeys(oldKey string) error {
	return d.db.Update(func(tx *bbolt.Tx) error {
		var allProjects []db.Project

		err := d.getObjectsTx(tx, 0, db.ProjectProps, db.RetrieveQueryParams{}, nil, &allProjects)

		if err != nil {
			return err
		}

		for _, project := range allProjects {
			var keys []db.AccessKey
			err = d.getObjectsTx(tx, project.ID, db.AccessKeyProps, db.RetrieveQueryParams{}, nil, &keys)
			if err != nil {
				return err
			}

			for _, key := range keys {
				err = key.DeserializeSecret2(oldKey)

				if err != nil {
					return err
				}

				err = key.SerializeSecret()
				if err != nil {
					return err
				}

				err = d.updateObjectTx(tx, *key.ProjectID, db.AccessKeyProps, key)
				if err != nil {
					return err
				}
			}
		}

		return nil
	})
}
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`package bolt`

feat(be): add env, tempalte and inv implementation for bolt 2021-05-08 22:25:31 +02:00			`import (`
			`"github.com/ansible-semaphore/semaphore/db"`
Vault cli (#1463) * feat(be): add cli command vault rekey * feat(vault): use tx * feat(vault): docs * fix(vault): rekey flag 2023-09-09 14:41:41 +02:00			`"go.etcd.io/bbolt"`
feat(be): add env, tempalte and inv implementation for bolt 2021-05-08 22:25:31 +02:00			`)`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00
feat(be): change error message for access key decryption 2021-09-10 00:41:36 +02:00			`func (d *BoltDb) GetAccessKey(projectID int, accessKeyID int) (key db.AccessKey, err error) {`
feat: add password file for Access Key 2021-09-01 16:38:28 +02:00			`err = d.getObject(projectID, db.AccessKeyProps, intObjectID(accessKeyID), &key)`
			`if err != nil {`
			`return`
			`}`
fix(be): use correct config field for access key encryption 2021-09-09 23:31:06 +02:00
feat: add password file for Access Key 2021-09-01 16:38:28 +02:00			`return`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`}`

feat: remove soft delete functionality 2022-02-03 08:05:13 +01:00			`func (d *BoltDb) GetAccessKeyRefs(projectID int, accessKeyID int) (db.ObjectReferrers, error) {`
			`return d.getObjectRefs(projectID, db.AccessKeyProps, accessKeyID)`
			`}`

feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`func (d *BoltDb) GetAccessKeys(projectID int, params db.RetrieveQueryParams) ([]db.AccessKey, error) {`
			`var keys []db.AccessKey`
feat(secrets): implement secret getting for boltdb 2024-07-02 19:26:59 +02:00			`err := d.getObjects(projectID, db.AccessKeyProps, params, func(i interface{}) bool {`
			`k := i.(db.AccessKey)`
			`return k.EnvironmentID == nil`
			`}, &keys)`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`return keys, err`
			`}`

fix(be): use correct config field for access key encryption 2021-09-09 23:31:06 +02:00			`func (d *BoltDb) UpdateAccessKey(key db.AccessKey) error {`
fix: access key validation 2021-09-04 08:39:16 +02:00			`err := key.Validate(key.OverrideSecret)`

feat: add password file for Access Key 2021-09-01 16:38:28 +02:00			`if err != nil {`
			`return err`
			`}`
fix: access key validation 2021-09-04 08:39:16 +02:00
			`if key.OverrideSecret {`
			`err = key.SerializeSecret()`
			`if err != nil {`
			`return err`
			`}`
			`} else { // accept only new name, ignore other changes`
feat(be): change error message for access key decryption 2021-09-10 00:41:36 +02:00			`oldKey, err2 := d.GetAccessKey(*key.ProjectID, key.ID)`
fix: access key validation 2021-09-04 08:39:16 +02:00			`if err2 != nil {`
			`return err2`
			`}`
			`oldKey.Name = key.Name`
			`key = oldKey`
			`}`

fix(be): use correct config field for access key encryption 2021-09-09 23:31:06 +02:00			`return d.updateObject(*key.ProjectID, db.AccessKeyProps, key)`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`}`

feat(be): physical delete template from database 2022-01-31 23:16:00 +01:00			`func (d *BoltDb) CreateAccessKey(key db.AccessKey) (db.AccessKey, error) {`
feat(be): add inventory become credentials and template vault password to database 2021-09-01 21:17:28 +02:00			`err := key.SerializeSecret()`
			`if err != nil {`
			`return db.AccessKey{}, err`
			`}`
test(be): tests for bolt implementation 2021-05-14 13:47:32 +02:00			`newKey, err := d.createObject(*key.ProjectID, db.AccessKeyProps, key)`
feat(be): add env, tempalte and inv implementation for bolt 2021-05-08 22:25:31 +02:00			`return newKey.(db.AccessKey), err`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`}`

			`func (d *BoltDb) DeleteAccessKey(projectID int, accessKeyID int) error {`
feat(be): physical delete template from database 2022-01-31 23:16:00 +01:00			`return d.deleteObject(projectID, db.AccessKeyProps, intObjectID(accessKeyID), nil)`
feat(be): bolt helper functions like for sql 2021-05-08 19:25:00 +02:00			`}`
Vault cli (#1463) * feat(be): add cli command vault rekey * feat(vault): use tx * feat(vault): docs * fix(vault): rekey flag 2023-09-09 14:41:41 +02:00
			`func (d *BoltDb) RekeyAccessKeys(oldKey string) error {`
			`return d.db.Update(func(tx *bbolt.Tx) error {`
			`var allProjects []db.Project`

			`err := d.getObjectsTx(tx, 0, db.ProjectProps, db.RetrieveQueryParams{}, nil, &allProjects)`

			`if err != nil {`
			`return err`
			`}`

			`for _, project := range allProjects {`
			`var keys []db.AccessKey`
			`err = d.getObjectsTx(tx, project.ID, db.AccessKeyProps, db.RetrieveQueryParams{}, nil, &keys)`
			`if err != nil {`
			`return err`
			`}`

			`for _, key := range keys {`
			`err = key.DeserializeSecret2(oldKey)`

			`if err != nil {`
			`return err`
			`}`

			`err = key.SerializeSecret()`
			`if err != nil {`
			`return err`
			`}`

			`err = d.updateObjectTx(tx, *key.ProjectID, db.AccessKeyProps, key)`
			`if err != nil {`
			`return err`
			`}`
			`}`
			`}`

			`return nil`
			`})`
			`}`