rebase test-cases (#138)

* Build(deps): bump cryptography from 41.0.2 to 41.0.4 in /backend Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.2 to 41.0.4. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@41.0.2...41.0.4) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps-dev): bump postcss from 8.4.23 to 8.4.31 in /frontend Bumps [postcss](https://github.com/postcss/postcss) from 8.4.23 to 8.4.31. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.23...8.4.31) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps): bump graphql from 16.6.0 to 16.8.1 in /frontend Bumps [graphql](https://github.com/graphql/graphql-js) from 16.6.0 to 16.8.1. - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](graphql/graphql-js@v16.6.0...v16.8.1) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps): bump semver and npm in /frontend Bumps [semver](https://github.com/npm/node-semver) to 7.5.4 and updates ancestor dependencies [semver](https://github.com/npm/node-semver) and [npm](https://github.com/npm/cli). These dependencies need to be updated together. Updates `semver` from 7.3.8 to 7.5.4 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.8...v7.5.4) Updates `semver` from 6.3.0 to 7.5.4 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.3.8...v7.5.4) Updates `npm` from 9.6.5 to 9.9.0 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/v9.9.0/CHANGELOG.md) - [Commits](npm/cli@v9.6.5...v9.9.0) --- updated-dependencies: - dependency-name: semver dependency-type: indirect - dependency-name: semver dependency-type: indirect - dependency-name: npm dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps): bump urllib3 from 1.26.14 to 1.26.18 in /backend Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.14 to 1.26.18. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@1.26.14...1.26.18) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update feature_request.md * fix: secret history button label / title * Fix toastify css (#93) * Update feature_request.md * fix: react toastify css import --------- Co-authored-by: Rohan Chaturvedi <[email protected]> * fix: react toastify css import (#92) * feat: added curl as a system dependency in frontend & backend Dockerfile (#95) * feat: added curl as a system dependency in frontend & backend Dockerfile * fix: install curl when one is root * fix: move curl outside the scope of transient dependencies * feat: webauth (#97) * feat: webauth implementation --------- Co-authored-by: rohan-chaturvedi <[email protected]> * feat: posthog (#99) * feat: added posthog analytics * fix: log screen mask * fix: protocols in dev env * chore: disable nextjs telemetry (#104) * chore: disable nextjs telemetry * chore: eof new line * refactor: onboarding (#105) * refactor: onboarding * fix: remove welcome screen, allow copying recovery kit * fix: misc teaks to onboarding * updated: copy on the invite onboarding * updated: new device setup copy * fix: typo in graphene type resolvers * fix: allow copying recovery kit on invite screen to allow account creation * feat: misc copy changes --------- Co-authored-by: Nimish <[email protected]> * Build(deps): bump django from 4.2.3 to 4.2.7 in /backend Bumps [django](https://github.com/django/django) from 4.2.3 to 4.2.7. - [Commits](django/django@4.2.3...4.2.7) --- updated-dependencies: - dependency-name: django dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps): bump axios from 1.3.6 to 1.6.0 in /frontend Bumps [axios](https://github.com/axios/axios) from 1.3.6 to 1.6.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.3.6...v1.6.0) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps-dev): bump @babel/traverse from 7.21.4 to 7.23.3 in /frontend Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.4 to 7.23.3. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.3/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Build(deps): bump twisted from 22.10.0 to 23.10.0 in /backend Bumps [twisted](https://github.com/twisted/twisted) from 22.10.0 to 23.10.0. - [Release notes](https://github.com/twisted/twisted/releases) - [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst) - [Commits](twisted/twisted@twisted-22.10.0...twisted-23.10.0) --- updated-dependencies: - dependency-name: twisted dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * fix: only fetch create and update events in secret history query (#106) Co-authored-by: Nimish <[email protected]> * fix: bump session cookie ttl to 1 week (#107) Co-authored-by: Nimish <[email protected]> * feat: display token environments in SecretTokens (#112) * feat: display token environments in SecretTokens * Updated 'name' with 'envType' in frontend/components/apps/tokens/SecretTokens.tsx Co-authored-by: Rohan Chaturvedi <[email protected]> * feat: improve envTypes UI in SecretTokens * modified env type ui for light theme --------- Co-authored-by: Rohan Chaturvedi <[email protected]> * feat: add personal secret model * feat: add graphql types and mutations * feat: personal secrets ui, queries, mutations * fix: misc ui fixes * feat: add personal secrets to REST api response * fix: operation name conflict, regenerate types * fix: operation name * fix: overlapping password icons | Edge Browser * fix: misc improvements to app ui (#117) * fix: misc ui updates to new app flow * fix: rework app settings creen, fixes to app delete dialog * feat: add is_active field to personal secret model * feat: update frontend queries and mutations * chore: regenerate types * feat: show red spinner on danger buttons when isLoading * feat: handle isActive field, misc ux improvements * fix: remove console.log * fix: Search UI for light theme * fix: misc bugs, ui layout in override dialog * fix: tweak spacing * chore: bump posthog sdk version (#122) * chore: bump posthog sdk version * fix: lockfile * feat: allow restoring secret values from history (#121) * feat: allow restoring secret values from history * feat: added label to the restore button * fix: button ui --------- Co-authored-by: Nimish <[email protected]> Co-authored-by: Nimish <[email protected]> * Fix: Search UI for Env Type (#125) * Fixed Search UI for Env/Dev path * removed white space * fix: override resolver for secrets * Chore: bump dependencies (#132) * chore: bump posthog deps * chore: bumped cryptography 41.0.6 to address openssl PKCS7 * feat: create new organisation button * fix: moved button within dropdown * fix: inserted optional type --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rohan Chaturvedi <[email protected]> Co-authored-by: Amit Singh <[email protected]> Co-authored-by: Amit Singh <[email protected]>
phasehq · Jan 1, 2024 · 2f15f3a · 2f15f3a
1 parent fb48b05
commit 2f15f3a
Show file tree

Hide file tree

Showing 74 changed files with 3,859 additions and 4,304 deletions.
diff --git a/.env.dev.example b/.env.dev.example
@@ -9,11 +9,11 @@
 
 # Replace with your domain or host
 HOST=localhost
-HTTP_PROTOCOL=http://
+HTTP_PROTOCOL=https://
 
 # Frontend dev
-NEXTAUTH_URL=http://localhost
-OAUTH_REDIRECT_URI=http://localhost
+NEXTAUTH_URL=https://localhost
+OAUTH_REDIRECT_URI=https://localhost
 BACKEND_API_BASE=http://backend:8000
 NEXT_PUBLIC_BACKEND_API_BASE=https://localhost/service
 NEXT_PUBLIC_NEXTAUTH_PROVIDERS=google,github,gitlab
@@ -34,7 +34,7 @@ GITLAB_CLIENT_SECRET=
 
 # Backend dev
 ALLOWED_HOSTS=localhost,backend
-ALLOWED_ORIGINS=http://localhost
+ALLOWED_ORIGINS=https://localhost
 SESSION_COOKIE_DOMAIN=localhost
 
 # Database credentials. Change all these values as required, except DATABASE_HOST
@@ -43,3 +43,6 @@ DATABASE_PORT=5432
 DATABASE_NAME=postgres-db-name
 DATABASE_USER=postgres-user
 DATABASE_PASSWORD=postgres-password
+
+# Disable NextJs telemtry
+NEXT_TELEMETRY_DISABLED=1
diff --git a/.env.example b/.env.example
@@ -36,3 +36,7 @@ DATABASE_PORT=5432
 DATABASE_NAME=postgres-db-name
 DATABASE_USER=postgres-user
 DATABASE_PASSWORD=a765b221799be364c53c8a32acccf5dd90d5fc832607bdd14fccaaaa0062adfd
+
+
+# Disable NextJs telemtry
+NEXT_TELEMETRY_DISABLED=1
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,34 +1,21 @@
 ---
-name: Bug report
-about: Create a report to help us improve
-title: ""
-labels: bug
-assignees: ""
----
-
-### Describe the bug
+name: Feature request
+about: Suggest a feature for Phase
+labels: enhancement, feature
 
-A clear and concise description of what the bug is.
+---
 
-### To Reproduce
+## Is your feature request related to a problem?
 
-Steps to reproduce the behavior:
+*Please describe.*
 
-1. Go to '...'
-2. Click on '....'
-3. Scroll down to '....'
-4. See error
+## Describe the solution you'd like
 
-### Expected behavior
 
-A clear and concise description of what you expected to happen.
 
-### Screenshots
+## Describe alternatives you've considered
 
-If applicable, add screenshots to help explain your problem.
 
-### Platform you are having the issue on:
 
-### Additional context
+## Additional context
 
-Add any other context about the problem here.
diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -15,6 +15,7 @@ RUN set -ex \
     && apk add --virtual rundeps $runDeps \
     && apk del .build-deps
 
+RUN apk add --no-cache curl
 RUN addgroup -S app && adduser -S app -G app
 ADD . /app
 WORKDIR /app

diff --git a/backend/api/migrations/0039_personalsecret.py b/backend/api/migrations/0039_personalsecret.py
@@ -0,0 +1,27 @@
+# Generated by Django 4.2.3 on 2023-11-14 06:58
+
+from django.db import migrations, models
+import django.db.models.deletion
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0038_secretevent_ip_address_secretevent_user_agent'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='PersonalSecret',
+            fields=[
+                ('id', models.TextField(default=uuid.uuid4, editable=False, primary_key=True, serialize=False)),
+                ('value', models.TextField()),
+                ('created_at', models.DateTimeField(auto_now_add=True, null=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('deleted_at', models.DateTimeField(blank=True, null=True)),
+                ('secret', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.secret')),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.organisationmember')),
+            ],
+        ),
+    ]
diff --git a/backend/api/migrations/0040_personalsecret_isactive_alter_personalsecret_value.py b/backend/api/migrations/0040_personalsecret_isactive_alter_personalsecret_value.py
@@ -0,0 +1,23 @@
+# Generated by Django 4.2.3 on 2023-11-16 05:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0039_personalsecret'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='personalsecret',
+            name='isActive',
+            field=models.BooleanField(default=True),
+        ),
+        migrations.AlterField(
+            model_name='personalsecret',
+            name='value',
+            field=models.TextField(blank=True, null=True),
+        ),
+    ]
diff --git a/backend/api/migrations/0041_rename_isactive_personalsecret_is_active.py b/backend/api/migrations/0041_rename_isactive_personalsecret_is_active.py
@@ -0,0 +1,18 @@
+# Generated by Django 4.2.3 on 2023-11-16 05:53
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0040_personalsecret_isactive_alter_personalsecret_value'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='personalsecret',
+            old_name='isActive',
+            new_name='is_active',
+        ),
+    ]
diff --git a/backend/api/models.py b/backend/api/models.py
@@ -341,3 +341,15 @@ class SecretEvent(models.Model):
     timestamp = models.DateTimeField(auto_now_add=True)
     ip_address = models.GenericIPAddressField(null=True, blank=True)
     user_agent = models.TextField(null=True, blank=True)
+
+
+class PersonalSecret(models.Model):
+    id = models.TextField(default=uuid4, primary_key=True, editable=False)
+    secret = models.ForeignKey(Secret, on_delete=models.CASCADE)
+    user = models.ForeignKey(
+        OrganisationMember, on_delete=models.CASCADE)
+    value = models.TextField(blank=True, null=True)
+    is_active = models.BooleanField(default=True)
+    created_at = models.DateTimeField(auto_now_add=True, blank=True, null=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    deleted_at = models.DateTimeField(blank=True, null=True)
diff --git a/backend/api/serializers.py b/backend/api/serializers.py
@@ -1,5 +1,5 @@
 from rest_framework import serializers
-from .models import CustomUser, Environment, EnvironmentKey, Organisation, Secret, ServiceToken, UserToken
+from .models import CustomUser, Environment, EnvironmentKey, Organisation, Secret, ServiceToken, UserToken, PersonalSecret
 
 
 def find_index_by_id(dictionaries, target_id):
@@ -38,11 +38,32 @@ def create(self, validated_data):
             return Organisation(**validated_data)
 
 
+class PersonalSecretSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = PersonalSecret
+        fields = '__all__'
+
+
 class SecretSerializer(serializers.ModelSerializer):
+    override = serializers.SerializerMethodField()
+
     class Meta:
         model = Secret
         fields = '__all__'
 
+    def get_override(self, obj):
+        # Assuming 'request' is passed to the context of the serializer.
+        org_member = self.context.get('org_member')
+        if org_member:
+
+            try:
+                personal_secret = PersonalSecret.objects.get(
+                    secret=obj, user=org_member)
+                return PersonalSecretSerializer(personal_secret).data
+            except PersonalSecret.DoesNotExist:
+                return None
+        return None
+
 
 class EnvironmentSerializer(serializers.ModelSerializer):
     class Meta:

diff --git a/backend/api/views.py b/backend/api/views.py
@@ -346,7 +346,8 @@ def get(self, request):
                                                     value=secret.value, comment=secret.comment, event_type=SecretEvent.READ, ip_address=ip_address, user_agent=user_agent)
             read_event.tags.set(secret.tags.all())
 
-        serializer = SecretSerializer(secrets, many=True)
+        serializer = SecretSerializer(secrets, many=True, context={
+                                      'org_member': org_member})
 
         return Response(serializer.data, status=status.HTTP_200_OK)
 

diff --git a/backend/backend/graphene/mutations/environment.py b/backend/backend/graphene/mutations/environment.py
@@ -3,8 +3,8 @@
 from backend.graphene.utils.permissions import member_can_access_org, user_can_access_app, user_can_access_environment, user_is_org_member
 import graphene
 from graphql import GraphQLError
-from api.models import App, Environment, EnvironmentKey, EnvironmentToken, Organisation, OrganisationMember, Secret, SecretEvent, SecretFolder, SecretTag, UserToken, ServiceToken
-from backend.graphene.types import AppType, EnvironmentKeyType, EnvironmentTokenType, EnvironmentType, SecretFolderType, SecretTagType, SecretType, ServiceTokenType, UserTokenType
+from api.models import App, Environment, EnvironmentKey, EnvironmentToken, Organisation, OrganisationMember, PersonalSecret, Secret, SecretEvent, SecretFolder, SecretTag, UserToken, ServiceToken
+from backend.graphene.types import AppType, EnvironmentKeyType, EnvironmentTokenType, EnvironmentType, PersonalSecretType, SecretFolderType, SecretTagType, SecretType, ServiceTokenType, UserTokenType
 from datetime import datetime
 
 
@@ -35,6 +35,12 @@ class SecretInput(graphene.InputObjectType):
     comment = graphene.String()
 
 
+class PersonalSecretInput(graphene.InputObjectType):
+    secret_id = graphene.ID()
+    value = graphene.String()
+    is_active = graphene.Boolean()
+
+
 class CreateEnvironmentMutation(graphene.Mutation):
     class Arguments:
         environment_data = EnvironmentInput(required=True)
@@ -488,3 +494,54 @@ def mutate(cls, root, info, id):
                                                     value=secret.value, comment=secret.comment, event_type=SecretEvent.READ, ip_address=ip_address, user_agent=user_agent)
             read_event.tags.set(secret.tags.all())
             return ReadSecretMutation(ok=True)
+
+
+class CreatePersonalSecretMutation(graphene.Mutation):
+
+    class Arguments:
+        override_data = PersonalSecretInput(PersonalSecretInput)
+
+    override = graphene.Field(PersonalSecretType)
+
+    @classmethod
+    def mutate(cls, root, info, override_data):
+        secret = Secret.objects.get(id=override_data.secret_id)
+        org = secret.environment.app.organisation
+        org_member = OrganisationMember.objects.get(
+            organisation=org, user=info.context.user)
+
+        if not user_can_access_environment(info.context.user, secret.environment.id):
+            raise GraphQLError(
+                "You don't have access to this secret")
+
+        override, created = PersonalSecret.objects.get_or_create(
+            secret_id=override_data.secret_id, user=org_member)
+        override.value = override_data.value
+        override.is_active = override_data.is_active
+        override.save()
+
+        return CreatePersonalSecretMutation(override=override)
+
+
+class DeletePersonalSecretMutation(graphene.Mutation):
+
+    class Arguments:
+        secret_id = graphene.ID()
+
+    ok = graphene.Boolean()
+
+    @classmethod
+    def mutate(cls, root, info, secret_id):
+        secret = Secret.objects.get(id=secret_id)
+        org = secret.environment.app.organisation
+        org_member = OrganisationMember.objects.get(
+            organisation=org, user=info.context.user)
+
+        if not user_can_access_environment(info.context.user, secret.environment.id):
+            raise GraphQLError(
+                "You don't have access to this secret")
+
+        PersonalSecret.objects.filter(
+            secret_id=secret_id, user=org_member).delete()
+
+        return DeletePersonalSecretMutation(ok=True)
diff --git a/backend/backend/graphene/types.py b/backend/backend/graphene/types.py
@@ -2,7 +2,7 @@
 from enum import Enum
 from graphene import ObjectType, relay
 from graphene_django import DjangoObjectType
-from api.models import CustomUser, Environment, EnvironmentKey, EnvironmentToken, Organisation, App, OrganisationMember, OrganisationMemberInvite, Secret, SecretEvent, SecretFolder, SecretTag, ServiceToken, UserToken
+from api.models import CustomUser, Environment, EnvironmentKey, EnvironmentToken, Organisation, App, OrganisationMember, OrganisationMemberInvite, PersonalSecret, Secret, SecretEvent, SecretFolder, SecretTag, ServiceToken, UserToken
 from logs.dynamodb_models import KMSLog
 from allauth.socialaccount.models import SocialAccount
 
@@ -38,7 +38,7 @@ def resolve_recovery(self, info):
             user=info.context.user, organisation=self, deleted_at=None)
         return org_member.wrapped_recovery
 
-    def resolve_idenity_key(self, info):
+    def resolve_identity_key(self, info):
         org_member = OrganisationMember.objects.get(
             user=info.context.user, organisation=self, deleted_at=None)
         return org_member.identity_key
@@ -165,18 +165,41 @@ class Meta:
                   'version', 'tags', 'comment', 'event_type', 'timestamp', 'user', 'ip_address', 'user_agent', 'environment')
 
 
+class PersonalSecretType(DjangoObjectType):
+    class Meta:
+        model = PersonalSecret
+        fields = ('id', 'secret', 'user', 'value',
+                  'is_active', 'created_at', 'updated_at')
+
+
 class SecretType(DjangoObjectType):
 
     history = graphene.List(SecretEventType)
+    override = graphene.Field(PersonalSecretType)
 
     class Meta:
         model = Secret
         fields = ('id', 'key', 'value', 'folder', 'version', 'tags',
-                  'comment', 'created_at', 'updated_at', 'history')
+                  'comment', 'created_at', 'updated_at', 'history', 'override')
         # interfaces = (relay.Node, )
 
     def resolve_history(self, info):
-        return SecretEvent.objects.filter(secret_id=self.id).order_by('timestamp')
+        return SecretEvent.objects.filter(secret_id=self.id, event_type__in=[SecretEvent.CREATE, SecretEvent.UPDATE]).order_by('timestamp')
+
+    def resolve_override(self, info):
+        if info.context.user:
+            org = self.environment.app.organisation
+            org_member = OrganisationMember.objects.get(
+                organisation=org, user=info.context.user, deleted_at=None)
+
+            try:
+                override = PersonalSecret.objects.get(
+                    secret=self, user=org_member)
+
+                if override is not None:
+                    return override
+            except:
+                return None
 
 
 class KMSLogType(ObjectType):

diff --git a/backend/backend/schema.py b/backend/backend/schema.py
@@ -1,4 +1,4 @@
-from .graphene.mutations.environment import CreateEnvironmentKeyMutation, CreateEnvironmentMutation, CreateEnvironmentTokenMutation, CreateSecretFolderMutation, CreateSecretMutation, CreateSecretTagMutation, CreateServiceTokenMutation, CreateUserTokenMutation, DeleteSecretMutation, DeleteServiceTokenMutation, DeleteUserTokenMutation, EditSecretMutation, ReadSecretMutation, UpdateMemberEnvScopeMutation
+from .graphene.mutations.environment import CreateEnvironmentKeyMutation, CreateEnvironmentMutation, CreateEnvironmentTokenMutation, CreatePersonalSecretMutation, CreateSecretFolderMutation, CreateSecretMutation, CreateSecretTagMutation, CreateServiceTokenMutation, CreateUserTokenMutation, DeletePersonalSecretMutation, DeleteSecretMutation, DeleteServiceTokenMutation, DeleteUserTokenMutation, EditSecretMutation, ReadSecretMutation, UpdateMemberEnvScopeMutation
 from .graphene.utils.permissions import user_can_access_app, user_can_access_environment, user_is_admin, user_is_org_member
 from .graphene.mutations.app import AddAppMemberMutation, CreateAppMutation, DeleteAppMutation, RemoveAppMemberMutation, RotateAppKeysMutation
 from .graphene.mutations.organisation import CreateOrganisationMemberMutation, CreateOrganisationMutation, DeleteInviteMutation, DeleteOrganisationMemberMutation, InviteOrganisationMemberMutation, UpdateOrganisationMemberRole, UpdateUserWrappedSecretsMutation
@@ -409,6 +409,8 @@ class Mutation(graphene.ObjectType):
     edit_secret = EditSecretMutation.Field()
     delete_secret = DeleteSecretMutation.Field()
     read_secret = ReadSecretMutation.Field()
+    create_override = CreatePersonalSecretMutation.Field()
+    remove_override = DeletePersonalSecretMutation.Field()
 
 
 schema = graphene.Schema(query=Query, mutation=Mutation)
diff --git a/backend/backend/settings.py b/backend/backend/settings.py
@@ -53,7 +53,7 @@
 
 SESSION_COOKIE_DOMAIN = os.getenv('SESSION_COOKIE_DOMAIN')
 
-SESSION_COOKIE_AGE = 86400  # 24 hours
+SESSION_COOKIE_AGE = 604800  # 1 week, in seconds
 
 # Application definition