r00t2/vaultpass
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

checking in

Browse Source
This commit is contained in:
brent s. 2020-04-12 04:30:43 -04:00
parent 9784b99585
commit 01cdfa79b4
Signed by: bts
GPG Key ID: 8C004C2F93481F6B
1 changed files with 42 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
vaultpass/__init__.py
View File

@ -139,9 +139,6 @@ class VaultPass(object):
mtype = self.mount.getMountType(mount)
if not newmount:
newmount = mount
newmtype = mtype
else:
newmtype = self.mount.getMountType(newmount)
oldexists = self._pathExists(oldpath, mount = mount)
if not oldexists:
_logger.error('oldpath does not exist')
@ -154,11 +151,19 @@ class VaultPass(object):
# TODO: left off here
newexists = self._pathExists(newpath, mount = newmount)
if newexists and not force:
_logger.debug('The newpath {0} exists; prompting for confirmation.'.format(newpath))
_logger.debug('The newpath {0}:{1} exists; prompting for confirmation.'.format(newmount, newpath))
confirm = self._getConfirm('The destination {0} exists. Overwrite (y/N)?'.format(newpath))
if not confirm:
_logger.debug('Confirmation denied; skipping copy of {0}:{1} to {2}:{3}.'.format(mount,
oldpath,
newmount,
newpath))
print('Not overwriting.')
return(None)

_logger.debug('Confirmed overwriting copy of {0}:{1} to {1}:{2}.'.format(mount, oldpath, newmount, newpath))
if newexists:
self.deleteSecret(newpath, newmount, force = True)
self.createSecret(data, newpath, newmount)
if remove_old:
self.deleteSecret(oldpath, mount, force = force)
return(None)
@ -182,17 +187,39 @@ class VaultPass(object):
resp = handler(**args)
return(resp)

def deleteSecret(self, path, mount, force = False, recursive = False, *args, **kwargs):
def deleteSecret(self, path, mount, force = False, recursive = False, destroy = False, *args, **kwargs):
mtype = self.mount.getMountType(mount)
args = {'path': path,
'mount_point': mount}
handler = self._getHandler(mount, func = 'delete')
if destroy:
op = 'destroy'
else:
op = 'delete'
handler = self._getHandler(mount, func = op)
is_path = self._pathExists(path, mount)
is_secret = self._pathExists(path, mount, is_secret = True)


def destroySecret(self, path, mount, force = False, recursive = False, *args, **kwargs):
pass # TODO
if is_path and not recursive and not force:
_logger.debug('Path {0} is a subdir and not a specific key; prompting for confirmation'.format(path))
confirm = self._getConfirm('{0}:{1} is a path, not a secret. {2} recursively? (y/N) '.format(mount,
path,
op.title()))
if not confirm:
_logger.debug('Confirmation denied; skipping recursive {0} of {1}:{2}.'.format(op, mount, path))
print('Not deleting.')
return(None)
_logger.debug('Confirmed {0} of {1}:{2}.'.format(op, mount, path))
elif is_path and not force:
confirm = self._getConfirm('Really {0} path {1}:{2} recursively? (y/N) '.format(op, mount, path))
if not confirm:
_logger.debug('Confirmation denied; skipping recursive {0} of {1}:{2}.'.format(op, mount, path))
return(None)
_logger.debug('Confirmed {0} of {1}:{2}.'.format(op, mount, path))
elif is_secret:
lpath = path.split('/')
kname = lpath[-1]
path = '/'.join(lpath[0:-1])
self.removeSecretName(kname, path, mount, force = force, destroy = destroy)
return(handler(**args))

def editSecret(self, path, mount, editor = constants.EDITOR, *args, **kwargs):
pass # TODO
@ -347,6 +374,10 @@ class VaultPass(object):
def listSecretNames(self, path, mount, output = None, indent = 4, *args, **kwargs):
pass # TODO

def removeSecretName(self, kname, path, mount, force = False, destroy = False, *args, **kwargs):
# NOTE: this should edit a secret such that it removes a key from the dict at path.
pass # TODO

def searchSecrets(self, pattern, mount, *args, **kwargs):
pass # TODO