Semaphore/db/sql/access_key.go

143 lines
2.7 KiB
Go
Raw Permalink Normal View History

package sql
2021-09-04 08:39:16 +02:00
import (
"database/sql"
2024-01-28 13:18:07 +01:00
"errors"
2021-09-04 08:39:16 +02:00
"github.com/ansible-semaphore/semaphore/db"
)
func (d *SqlDb) GetAccessKey(projectID int, accessKeyID int) (key db.AccessKey, err error) {
2024-01-10 07:14:12 +01:00
err = d.getObject(projectID, db.AccessKeyProps, accessKeyID, &key)
2021-09-01 16:38:28 +02:00
return
}
2022-02-03 08:05:13 +01:00
func (d *SqlDb) GetAccessKeyRefs(projectID int, keyID int) (db.ObjectReferrers, error) {
return d.getObjectRefs(projectID, db.AccessKeyProps, keyID)
}
2024-07-02 19:23:45 +02:00
func (d *SqlDb) GetAccessKeys(projectID int, params db.RetrieveQueryParams) (keys []db.AccessKey, err error) {
keys = make([]db.AccessKey, 0)
q := d.makeObjectsQuery(projectID, db.AccessKeyProps, params).Where("pe.environment_id IS NULL")
2024-07-02 19:23:45 +02:00
query, args, err := q.ToSql()
if err != nil {
return
}
_, err = d.selectAll(&keys, query, args...)
2024-10-08 11:42:51 +02:00
for i := range keys {
if keys[i].Secret == nil {
keys[i].Empty = true
}
}
2024-07-02 19:23:45 +02:00
return
}
func (d *SqlDb) UpdateAccessKey(key db.AccessKey) error {
2021-09-04 08:39:16 +02:00
err := key.Validate(key.OverrideSecret)
2021-09-01 16:38:28 +02:00
if err != nil {
return err
}
2021-09-04 08:39:16 +02:00
err = key.SerializeSecret()
if err != nil {
return err
}
var res sql.Result
var args []interface{}
query := "update access_key set name=?"
args = append(args, key.Name)
if key.OverrideSecret {
query += ", type=?, secret=?"
args = append(args, key.Type)
args = append(args, key.Secret)
}
query += " where id=?"
args = append(args, key.ID)
query += " and project_id=?"
args = append(args, key.ProjectID)
2021-09-04 08:39:16 +02:00
res, err = d.exec(query, args...)
return validateMutationResult(res, err)
}
func (d *SqlDb) CreateAccessKey(key db.AccessKey) (newKey db.AccessKey, err error) {
2021-09-01 16:38:28 +02:00
err = key.SerializeSecret()
if err != nil {
return
}
insertID, err := d.insert(
"id",
"insert into access_key (name, type, project_id, secret, environment_id) values (?, ?, ?, ?, ?)",
key.Name,
key.Type,
key.ProjectID,
key.Secret,
key.EnvironmentID)
if err != nil {
return
}
newKey = key
newKey.ID = insertID
return
}
func (d *SqlDb) DeleteAccessKey(projectID int, accessKeyID int) error {
return d.deleteObject(projectID, db.AccessKeyProps, accessKeyID)
}
const RekeyBatchSize = 100
func (d *SqlDb) RekeyAccessKeys(oldKey string) (err error) {
var globalProps = db.AccessKeyProps
globalProps.IsGlobal = true
for i := 0; ; i++ {
var keys []db.AccessKey
2024-07-07 19:12:21 +02:00
err = d.getObjects(-1, globalProps, db.RetrieveQueryParams{Count: RekeyBatchSize, Offset: i * RekeyBatchSize}, nil, &keys)
if err != nil {
return
}
if len(keys) == 0 {
break
}
for _, key := range keys {
err = key.DeserializeSecret2(oldKey)
if err != nil {
return err
}
key.OverrideSecret = true
err = d.UpdateAccessKey(key)
2024-01-28 13:18:07 +01:00
if err != nil && !errors.Is(err, db.ErrNotFound) {
return err
}
}
}
return
}