Add delete method for kv; updated README

G-Research · Sep 18, 2024 · f261fd3 · f261fd3
1 parent 913e61b
commit f261fd3
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -18,19 +18,29 @@ This Rails app is most easily run and developed in its devcontainer.
 ```
 rails s
 ```
-3) POST /certificates to acquire cert in another terminal (need to provide `common_name` param):
+3) POST /certificates to acquire cert (need to provide `common_name` param):
 ```
 curl -X POST http://localhost:3000/certificates \
 -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqb2huLmRvZUBleGFtcGxlLmNvbSIsIm5hbWUiOiJKb2huIERvZSIsImlhdCI6MTUxNjIzOTAyMiwiZ3JvdXBzIjpbImdyb3VwMSIsImdyb3VwMiJdLCJhdWQiOiJhc3RyYWwifQ.tfRLXmE_eq-piP88_clwPWrYfMAQbCJAeZQI6OFxZSI" \
 -H "Content-type: application/json" \
 -d "{ \"cert_issue_request\": { \"common_name\": \"example.com\" } }"
 ```
-4) Run the tests from devcontainer terminal:
+4) POST and GET /secrets to save and fetch a secret:
+```
+curl -X POST http://localhost:3000/secrets \
+-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqb2huLmRvZUBleGFtcGxlLmNvbSIsIm5hbWUiOiJKb2huIERvZSIsImlhdCI6MTUxNjIzOTAyMiwiZ3JvdXBzIjpbImdyb3VwMSIsImdyb3VwMiJdLCJhdWQiOiJhc3RyYWwifQ.tfRLXmE_eq-piP88_clwPWrYfMAQbCJAeZQI6OFxZSI" \
+-H "Content-type: application/json" \
+-d "{\"secret\": { \"path\":\"some/path\", \"data\": {\"password\": \"s3crit\"} } }"
+
+curl http://localhost:3000/secrets/some/path \
+-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqb2huLmRvZUBleGFtcGxlLmNvbSIsIm5hbWUiOiJKb2huIERvZSIsImlhdCI6MTUxNjIzOTAyMiwiZ3JvdXBzIjpbImdyb3VwMSIsImdyb3VwMiJdLCJhdWQiOiJhc3RyYWwifQ.tfRLXmE_eq-piP88_clwPWrYfMAQbCJAeZQI6OFxZSI"
+```
+5) Run the tests from devcontainer terminal:
 ```
 rails test
 ```
 
-# Running the prod image
+# Running the prod image (local build):
 1) Build the prod image:
 ```
 docker build -t astral:latest .
@@ -39,3 +49,9 @@ docker build -t astral:latest .
 ```
 docker run -e SECRET_KEY_BASE=mysecrit -p 3000:3000 astral:latest
 ```
+
+# Running the prod image (from repository):
+1) Run the prod image:
+```
+docker run -e SECRET_KEY_BASE=mysecrit -p 3000:3000 astral:latest
+```
diff --git a/app/controllers/secrets_controller.rb b/app/controllers/secrets_controller.rb
@@ -24,10 +24,21 @@ def show
     end
     @secret = result.secret
   end
+
+  def delete
+    req = Requests::SecretRequest.new(path: params.require(:path))
+    if !req.valid?
+      raise BadRequestError.new req.errors.full_messages
+    end
+    result = DeleteSecret.call(request: req, identity: identity)
+    if result.failure?
+      raise (result.error || StandardError.new(result.message))
+    end
+  end
 
   private
 
   def params_permitted
-    params.require(:secret_request).permit(:path, data: {})
+    params.require(:secret).permit(:path, data: {})
   end
 end
diff --git a/app/interactors/delete_secret.rb b/app/interactors/delete_secret.rb
@@ -0,0 +1,9 @@
+class DeleteSecret
+  include Interactor
+  include FailOnError
+  include AuditLogging
+
+  def call
+    Services::SecretsService.kv_delete(context.request.path)
+  end
+end