add secret_list api endpoint

pagination for secrets SecretService.get_secret -> SecretService.get_secret_value
2025-02-24 13:28:31 +00:00 · 2022-09-28 14:40:24 -04:00 · 2022-09-28 14:40:24 -04:00 · c0512062b5
commit c0512062b5
parent c6e7d2afdf
5 changed files with 62 additions and 13 deletions
--- a/src/spiffworkflow_backend/api.yml
+++ b/src/spiffworkflow_backend/api.yml
@ -1048,6 +1048,19 @@ paths:
                $ref: "#/components/schemas/ProcessInstanceLog"

  /secrets:
+    parameters:
+      - name: page
+        in: query
+        required: false
+        description: The page number to return. Defaults to page 1.
+        schema:
+          type: integer
+      - name: per_page
+        in: query
+        required: false
+        description: The number of items to show per page. Defaults to page 10.
+        schema:
+          type: integer
    post:
      operationId: spiffworkflow_backend.routes.process_api_blueprint.add_secret
      summary: Create a secret for a key and value
@ -1065,6 +1078,18 @@ paths:
            application/json:
              schema:
                type: number
+    get:
+      operationId: spiffworkflow_backend.routes.process_api_blueprint.secret_list
+      summary: Return list of all secrets
+      tags:
+        - Secrets
+      responses:
+        "200":
+          description: list of secrets
+          content:
+            application/json:
+              schema:
+                  $ref: "#/components/schemas/Secret"

  /secrets/{key}:
    parameters:
@ -1075,7 +1100,7 @@ paths:
        schema:
          type: string
    get:
-      operationId: spiffworkflow_backend.routes.process_api_blueprint.get_secret
+      operationId: spiffworkflow_backend.routes.process_api_blueprint.get_secret_value
      summary: Return a secret value for a key
      tags:
        - Secrets
--- a/src/spiffworkflow_backend/models/secret_model.py
+++ b/src/spiffworkflow_backend/models/secret_model.py
@ -6,8 +6,10 @@ from sqlalchemy import ForeignKey
 from sqlalchemy.orm import relationship

 from spiffworkflow_backend.models.user import UserModel
+from dataclasses import dataclass


+@dataclass()
 class SecretModel(SpiffworkflowBaseDBModel):
    """SecretModel."""

--- a/src/spiffworkflow_backend/routes/process_api_blueprint.py
+++ b/src/spiffworkflow_backend/routes/process_api_blueprint.py
@ -43,7 +43,7 @@ from spiffworkflow_backend.models.process_instance_report import (
 )
 from spiffworkflow_backend.models.process_model import ProcessModelInfo
 from spiffworkflow_backend.models.process_model import ProcessModelInfoSchema
-from spiffworkflow_backend.models.secret_model import SecretAllowedProcessSchema
+from spiffworkflow_backend.models.secret_model import SecretAllowedProcessSchema, SecretModel
 from spiffworkflow_backend.models.secret_model import SecretModelSchema
 from spiffworkflow_backend.models.spiff_logging import SpiffLoggingModel
 from spiffworkflow_backend.models.user import UserModel
@ -1115,15 +1115,37 @@ def get_spiff_task_from_process_instance(
 #
 # Methods for secrets CRUD - maybe move somewhere else:
 #
-def get_secret(key: str) -> Optional[str]:
+def get_secret_value(key: str) -> Optional[str]:
    """Get_secret."""
-    return SecretService.get_secret(key)
+    return SecretService.get_secret_value(key)
+
+
+def secret_list(
+    page: int = 1,
+    per_page: int = 100,
+) -> list:
+    secrets = SecretModel.query\
+        .order_by(SecretModel.key)\
+        .join(UserModel)\
+        .add_columns(
+            UserModel.username,
+        )\
+        .paginate(page, per_page, False)
+    response_json = {
+        "results": secrets.items,
+        "pagination": {
+            "count": len(secrets.items),
+            "total": secrets.total,
+            "pages": secrets.pages,
+        },
+    }
+    return make_response(jsonify(response_json), 200)


 def add_secret(body: Dict) -> Response:
    """Add secret."""
    secret_model = SecretService().add_secret(
-        body["key"], body["value"], body["creator_user_id"]
+        body["key"], body["value"], g.user.id
    )
    assert secret_model  # noqa: S101
    return Response(
--- a/src/spiffworkflow_backend/services/secret_service.py
+++ b/src/spiffworkflow_backend/services/secret_service.py
@ -54,7 +54,7 @@ class SecretService:
        return secret_model

    @staticmethod
-    def get_secret(key: str) -> Optional[str]:
+    def get_secret_value(key: str) -> Optional[str]:
        """Get_secret."""
        secret: SecretModel = (
            db.session.query(SecretModel).filter(SecretModel.key == key).first()
--- a/tests/spiffworkflow_backend/integration/test_secret_service.py
+++ b/tests/spiffworkflow_backend/integration/test_secret_service.py
@ -101,7 +101,7 @@ class TestSecretService(SecretServiceTestHelpers):
        user = self.find_or_create_user()
        self.add_test_secret(user)

-        secret = SecretService().get_secret(self.test_key)
+        secret = SecretService().get_secret_value(self.test_key)
        assert secret is not None
        assert secret == self.test_value

@ -112,7 +112,7 @@ class TestSecretService(SecretServiceTestHelpers):
        user = self.find_or_create_user()
        self.add_test_secret(user)

-        bad_secret = SecretService().get_secret("bad_key")
+        bad_secret = SecretService().get_secret_value("bad_key")
        assert bad_secret is None

    def test_update_secret(
@ -121,10 +121,10 @@ class TestSecretService(SecretServiceTestHelpers):
        """Test update secret."""
        user = self.find_or_create_user()
        self.add_test_secret(user)
-        secret = SecretService.get_secret(self.test_key)
+        secret = SecretService.get_secret_value(self.test_key)
        assert secret == self.test_value
        SecretService.update_secret(self.test_key, "new_secret_value", user.id)
-        new_secret = SecretService.get_secret(self.test_key)
+        new_secret = SecretService.get_secret_value(self.test_key)
        assert new_secret == "new_secret_value"  # noqa: S105

    def test_update_secret_bad_user_fails(
@ -378,7 +378,7 @@ class TestSecretServiceApi(SecretServiceTestHelpers):
        """Test_update_secret."""
        user = self.find_or_create_user()
        self.add_test_secret(user)
-        secret = SecretService.get_secret(self.test_key)
+        secret = SecretService.get_secret_value(self.test_key)
        assert secret == self.test_value
        secret_model = SecretModel(
            key=self.test_key, value="new_secret_value", creator_user_id=user.id
@ -402,7 +402,7 @@ class TestSecretServiceApi(SecretServiceTestHelpers):
        """Test delete secret."""
        user = self.find_or_create_user()
        self.add_test_secret(user)
-        secret = SecretService.get_secret(self.test_key)
+        secret = SecretService.get_secret_value(self.test_key)
        assert secret
        assert secret == self.test_value
        secret_response = client.delete(
@ -410,7 +410,7 @@ class TestSecretServiceApi(SecretServiceTestHelpers):
            headers=self.logged_in_headers(user),
        )
        assert secret_response.status_code == 204
-        secret = SecretService.get_secret(self.test_key)
+        secret = SecretService.get_secret_value(self.test_key)
        assert secret is None

    def test_delete_secret_bad_user(