cscli: hide hashed api keys (#2874)
* cscli: hide hashed api keys * lint
This commit is contained in:
mmetc
GitHub
parent
5356ccc6cd
commit
e611d01c90
4 changed files with 23 additions and 19 deletions
|
|
@ -36,8 +36,6 @@ def test_register_bouncer_env(crowdsec, flavor):
|
|||
bouncer1, bouncer2 = j
|
||||
assert bouncer1['name'] == 'bouncer1name'
|
||||
assert bouncer2['name'] == 'bouncer2name'
|
||||
assert bouncer1['api_key'] == hex512('bouncer1key')
|
||||
assert bouncer2['api_key'] == hex512('bouncer2key')
|
||||
|
||||
# add a second bouncer at runtime
|
||||
res = cs.cont.exec_run('cscli bouncers add bouncer3name -k bouncer3key')
|
||||
|
|
@ -48,7 +46,6 @@ def test_register_bouncer_env(crowdsec, flavor):
|
|||
assert len(j) == 3
|
||||
bouncer3 = j[2]
|
||||
assert bouncer3['name'] == 'bouncer3name'
|
||||
assert bouncer3['api_key'] == hex512('bouncer3key')
|
||||
|
||||
# remove all bouncers
|
||||
res = cs.cont.exec_run('cscli bouncers delete bouncer1name bouncer2name bouncer3name')
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ func (c *Client) ListBouncers() ([]*ent.Bouncer, error) {
|
|||
if err != nil {
|
||||
return nil, errors.Wrapf(QueryFail, "listing bouncers: %s", err)
|
||||
}
|
||||
|
||||
return result, nil
|
||||
}
|
||||
|
||||
|
|
@ -48,8 +49,10 @@ func (c *Client) CreateBouncer(name string, ipAddr string, apiKey string, authTy
|
|||
if ent.IsConstraintError(err) {
|
||||
return nil, fmt.Errorf("bouncer %s already exists", name)
|
||||
}
|
||||
return nil, fmt.Errorf("unable to create bouncer: %s", err)
|
||||
|
||||
return nil, fmt.Errorf("unable to create bouncer: %w", err)
|
||||
}
|
||||
|
||||
return bouncer, nil
|
||||
}
|
||||
|
||||
|
|
@ -63,7 +66,7 @@ func (c *Client) DeleteBouncer(name string) error {
|
|||
}
|
||||
|
||||
if nbDeleted == 0 {
|
||||
return fmt.Errorf("bouncer doesn't exist")
|
||||
return errors.New("bouncer doesn't exist")
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
@ -74,36 +77,41 @@ func (c *Client) BulkDeleteBouncers(bouncers []*ent.Bouncer) (int, error) {
|
|||
for i, b := range bouncers {
|
||||
ids[i] = b.ID
|
||||
}
|
||||
|
||||
nbDeleted, err := c.Ent.Bouncer.Delete().Where(bouncer.IDIn(ids...)).Exec(c.CTX)
|
||||
if err != nil {
|
||||
return nbDeleted, fmt.Errorf("unable to delete bouncers: %s", err)
|
||||
return nbDeleted, fmt.Errorf("unable to delete bouncers: %w", err)
|
||||
}
|
||||
|
||||
return nbDeleted, nil
|
||||
}
|
||||
|
||||
func (c *Client) UpdateBouncerLastPull(lastPull time.Time, ID int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(ID).
|
||||
func (c *Client) UpdateBouncerLastPull(lastPull time.Time, id int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(id).
|
||||
SetLastPull(lastPull).
|
||||
Save(c.CTX)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to update machine last pull in database: %s", err)
|
||||
return fmt.Errorf("unable to update machine last pull in database: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) UpdateBouncerIP(ipAddr string, ID int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(ID).SetIPAddress(ipAddr).Save(c.CTX)
|
||||
func (c *Client) UpdateBouncerIP(ipAddr string, id int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(id).SetIPAddress(ipAddr).Save(c.CTX)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to update bouncer ip address in database: %s", err)
|
||||
return fmt.Errorf("unable to update bouncer ip address in database: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Client) UpdateBouncerTypeAndVersion(bType string, version string, ID int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(ID).SetVersion(version).SetType(bType).Save(c.CTX)
|
||||
func (c *Client) UpdateBouncerTypeAndVersion(bType string, version string, id int) error {
|
||||
_, err := c.Ent.Bouncer.UpdateOneID(id).SetVersion(version).SetType(bType).Save(c.CTX)
|
||||
if err != nil {
|
||||
return fmt.Errorf("unable to update bouncer type and version in database: %s", err)
|
||||
return fmt.Errorf("unable to update bouncer type and version in database: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ type Bouncer struct {
|
|||
// Name holds the value of the "name" field.
|
||||
Name string `json:"name"`
|
||||
// APIKey holds the value of the "api_key" field.
|
||||
APIKey string `json:"api_key"`
|
||||
APIKey string `json:"-"`
|
||||
// Revoked holds the value of the "revoked" field.
|
||||
Revoked bool `json:"revoked"`
|
||||
// IPAddress holds the value of the "ip_address" field.
|
||||
|
|
@ -193,8 +193,7 @@ func (b *Bouncer) String() string {
|
|||
builder.WriteString("name=")
|
||||
builder.WriteString(b.Name)
|
||||
builder.WriteString(", ")
|
||||
builder.WriteString("api_key=")
|
||||
builder.WriteString(b.APIKey)
|
||||
builder.WriteString("api_key=<sensitive>")
|
||||
builder.WriteString(", ")
|
||||
builder.WriteString("revoked=")
|
||||
builder.WriteString(fmt.Sprintf("%v", b.Revoked))
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ func (Bouncer) Fields() []ent.Field {
|
|||
Default(types.UtcNow).
|
||||
UpdateDefault(types.UtcNow).Nillable().Optional().StructTag(`json:"updated_at"`),
|
||||
field.String("name").Unique().StructTag(`json:"name"`),
|
||||
field.String("api_key").StructTag(`json:"api_key"`), // hash of api_key
|
||||
field.String("api_key").Sensitive(), // hash of api_key
|
||||
field.Bool("revoked").StructTag(`json:"revoked"`),
|
||||
field.String("ip_address").Default("").Optional().StructTag(`json:"ip_address"`),
|
||||
field.String("type").Optional().StructTag(`json:"type"`),
|
||||
|
|
|
|||
Loading…
Reference in a new issue