Remove all secrets routes

Author: mjarkk

.env.example

@@ -27,4 +27,3 @@ BACKUP_S3_ACCESS_KEY_ID=
 BACKUP_S3_SECRET_ACCESS_KEY=
 BACKUP_S3_BUCKET=rtcv-backups
 BACKUP_S3_USE_SSL=true
-

controller/api_keys.go

@@ -216,10 +216,10 @@ func middlewareBindMyKey() routeBuilder.M {
 	}
 }
 
-func middlewareBindKey() routeBuilder.M {
+func middlewareBindKey(urlParamName string) routeBuilder.M {
 	return routeBuilder.M{
 		Fn: func(c *fiber.Ctx) error {
-			keyParam := c.Params(`keyID`)
+			keyParam := c.Params(urlParamName)
 			keyID, err := primitive.ObjectIDFromHex(keyParam)
 			if err != nil {
 				return err

controller/controller.go

@@ -40,36 +40,11 @@ func Routes(app *fiber.App, appVersion string, testing bool) {
 			})
 		}, requiresAuth(models.APIKeyRoleScraper|models.APIKeyRoleDashboard))
 
-		secretsRoutes := func(b *routeBuilder.Router) {
-			b.Get(``, routeGetSecrets)
-			b.Group(`/:key`, func(b *routeBuilder.Router) {
-				b.Delete(``, routeDeleteSecret, validKeyMiddleware())
-				b.Put(``, routeUpdateOrCreateSecret)
-				b.Get(`/:encryptionKey`, routeGetSecret, validKeyMiddleware())
-			})
-		}
-		b.Group(`/secrets`, func(b *routeBuilder.Router) {
-			b.Group(`/myKey`,
-				secretsRoutes,
-				requiresAuth(models.APIKeyRoleAll),
-				middlewareBindMyKey(),
-			)
-			b.Group(`/otherKey`, func(b *routeBuilder.Router) {
-				// This route exposes a lot of user information that's why only the dashboard role can access it
-				b.Get(``, routeGetAllSecretsFromAllKeys, requiresAuth(models.APIKeyRoleDashboard))
-				b.Group(
-					`/:keyID`,
-					secretsRoutes,
-					middlewareBindKey(),
-					requiresAuth(models.APIKeyRoleInformationObtainer|models.APIKeyRoleDashboard),
-				)
-			})
-		})
-		b.Group(`/scraperUsers/:keyID`, func(b *routeBuilder.Router) {
+		b.Group(`/scraperUsers/:scraperKeyID`, func(b *routeBuilder.Router) {
 			b.Get(``, routeGetScraperUsers)
 			b.Patch(``, routePatchScraperUser, requiresAuth(models.APIKeyRoleAdmin|models.APIKeyRoleDashboard|models.APIKeyRoleController))
 			b.Delete(``, routeDeleteScraperUser, requiresAuth(models.APIKeyRoleAdmin|models.APIKeyRoleDashboard|models.APIKeyRoleController))
-		}, middlewareBindKey(), requiresAuth(models.APIKeyRoleAll))
+		}, middlewareBindKey("scraperKeyID"), requiresAuth(models.APIKeyRoleAll))
 
 		b.Group(`/profiles`, func(b *routeBuilder.Router) {
 			// Profile routes that required the information obtainer role
@@ -98,7 +73,7 @@ func Routes(app *fiber.App, appVersion string, testing bool) {
 				b.Get(``, routeGetKey)
 				b.Put(``, routeUpdateKey)
 				b.Delete(``, routeDeleteKey)
-			}, middlewareBindKey())
+			}, middlewareBindKey("keyID"))
 		}, requiresAuth(models.APIKeyRoleDashboard))
 
 		b.Group(`/onMatchHooks`, func(b *routeBuilder.Router) {

controller/matcher_tree.go

@@ -143,7 +143,7 @@ type RouteDeleteMatcherBranchResult struct {
 
 var routeDeleteMatcherBranch = routeBuilder.R{
 	Description: `remove a spesific branch and it's children`,
-	Res:         RouteDeleteSecretOkRes{},
+	Res:         RouteDeleteMatcherBranchResult{},
 	Fn: func(c *fiber.Ctx) error {
 		idParam := c.Params("id")
 		id, err := primitive.ObjectIDFromHex(idParam)

controller/secrets.go

@@ -100,7 +100,6 @@ func main() {
 	dbConn.RegisterEntries(
 		&models.APIKey{},
 		&models.Profile{},
-		&models.Secret{},
 		&models.Backup{},
 		&models.OnMatchHook{},
 		&matcher.Branch{},

controller/secrets_test.go

@@ -179,26 +179,6 @@ func NewMockDB() *testingdb.TestConnection {
 		DashboardKey,
 	)
 
-	// Insert secrets
-	conn.UnsafeInsert(
-		models.UnsafeMustCreateSecret(
-			Key1.ID,
-			"foo",
-			"very-secret-key-of-more-than-16-chars",
-			[]byte(`{"foo": 1}`),
-			"test secret 1 from mock data",
-			models.SecretValueStructureFree,
-		),
-		models.UnsafeMustCreateSecret(
-			Key2.ID,
-			"bar",
-			"very-secret-key-of-more-than-16-chars",
-			[]byte(`{"username": "foo", "password": "bar"}`),
-			"test secret 2 from mock data",
-			models.SecretValueStructureUser,
-		),
-	)
-
 	// Insert profiles
 	conn.UnsafeInsert(
 		Profile1,