Feature/secret management (WIP) #506
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…eature/secret-management
adds secret management UI
executor/models.py
Outdated
| class Meta: | ||
| constraints = [ | ||
| models.UniqueConstraint( | ||
| fields=['key', 'account', 'is_active'], |
There was a problem hiding this comment.
uniqueness should not be on 'is_active' column
Remove this
At the time of creation always check if an 'active' key with the same name exists and return an error if it does
At the time of deletion set the key name to '{key}#inactive#{timestamp}' and is_active to false. But only allow the person who has created the key to change the state or the value
executor/secrets/views.py
Outdated
| return value[:2] + "••••••" + value[-2:] | ||
|
|
||
|
|
||
| def _secret_to_proto(secret: Secret) -> SecretProto: |
There was a problem hiding this comment.
move this to mode class and make it a property
executor/secrets/views.py
Outdated
| is_active=secret.is_active | ||
| ) | ||
|
|
||
| def _secret_to_proto_partial(secret: Secret) -> SecretProto: |
There was a problem hiding this comment.
move this to mode class and make it a property
executor/secrets/views.py
Outdated
| secret_id = list(secret_ids)[0] | ||
|
|
||
| try: | ||
| secret = Secret.objects.get(id=secret_id, account=account, is_active=True) |
There was a problem hiding this comment.
make a crud layer for secrets model
executor/secrets/views.py
Outdated
| try: | ||
| secret = Secret.objects.get(id=secret_id, account=account, is_active=True) | ||
| try: | ||
| secrets_update_processor.update(secret, update_secret_ops) |
There was a problem hiding this comment.
updated_secrets should be returned by the update processor
droid-mohit
left a comment
droid-mohit
left a comment
There was a problem hiding this comment.
Secret updates should be allowed only to the creator. The update processor currently doesnt take care of this. Handle this.
|
@droid-mohit
|
No description provided.