Beispiel #1
0
def delete_secret(user, team, channel, secret_name):
    try:
        SecretId1 = team + '.' + channel + '.' + secret_name

        oSecret = aws_secretsmanager_get_secret(SecretId1)
        if (len(oSecret) > 0) and (oSecret.get(
                'secretType',
                '') == 's3file'):  # if it's a file, delete the file
            s3Functions.delete(oSecret.get('secret', ''))

        client.tag_resource(
            SecretId=SecretId1,
            Tags=[{
                'Key': 'DeletedBy',
                'Value': user
            }, {
                'Key':
                'DeletedDate',
                'Value':
                datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
            }])
        answer = client.delete_secret(SecretId=SecretId1)
        if 'Name' in answer:
            logFunctions.log('User ' + user + ' deleted the secret: "' +
                             secret_name + '" at channel: ' + channel)
            return "I will no longer remember " + slackFunctions.escape(
                secret_name)
        else:
            return 'Sorry, there was a problem deleting your secret'
    except Exception as e:
        return 'Sorry, there was a big problem deleting your secret: ' + slackFunctions.escape(
            str(e))
Beispiel #2
0
def get_secret(user, team, channel, secret_name=''):
    SecretId1 = team + '.' + channel + '.' + secret_name
    oSecret = aws_secretsmanager_get_secret(SecretId1)
    if len(oSecret) > 0:
        # tag the secret
        client.tag_resource(
            SecretId=SecretId1,
            Tags=[{
                'Key': 'AccessedBy',
                'Value': user
            }, {
                'Key':
                'AccessedDate',
                'Value':
                datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
            }])
        logFunctions.log('User ' + user + ' requested the secret: "' +
                         secret_name + '" at channel: ' + channel)
        if oSecret.get('secretType', '') == 'string':
            return 'Your secret is: `' + slackFunctions.escape(
                oSecret.get('secret', '') + '`')
        elif oSecret.get('secretType', '') == 's3file':
            s3url = s3Functions.create_presigned_url_get(
                oSecret.get('secret', ''),
                oSecret.get('original-file-name', secret_name))
            return '*Download your secret from here*:\r`' + slackFunctions.escape(
                s3url) + '`\rThe link expires in 30 minutes'
        else:
            return 'unknown secret type'
    else:
        return 'Secret not found'
Beispiel #3
0
def update_secret(user, team, channel, secret_name, secret_value,
                  old_secret_value):
    if secret_name != '':
        try:
            SecretId1 = team + '.' + channel + '.' + secret_name
            if secret_value.strip() == '+':  # it's a file-secret
                secret_data = prepare_s3file_secret(old_secret_value)
                if aws_secretsmanager_update_secret(SecretId1,
                                                    json.dumps(secret_data)):
                    presignedURL = s3Functions.create_presigned_url_put(
                        secret_data["secret"])
                    logFunctions.log('User ' + user +
                                     ' updating the file secret: "' +
                                     secret_name +
                                     '" (file upload pending) at channel: ' +
                                     channel)
                    return '*Please, use the link below to upload your new file*:\r`' + uploadURL(
                        requestContext, presignedURL) + '`'
                else:
                    return 'Something went wrong when preparing your filesecret for update'
            else:
                if aws_secretsmanager_update_secret(
                        SecretId1, encode_text_secret(secret_value)):
                    client.tag_resource(SecretId=SecretId1,
                                        Tags=[{
                                            'Key': 'ModifiedBy',
                                            'Value': user
                                        }, {
                                            'Key':
                                            'ModifiedDate',
                                            'Value':
                                            datetime.datetime.now().strftime(
                                                "%m-%d-%Y %H:%M:%S")
                                        }])

                    logFunctions.log('User ' + user +
                                     ' updated the secret: "' + secret_name +
                                     '" at channel: ' + channel)
                    fret = 'I will remember the new "' + slackFunctions.escape(
                        secret_name) + '" secret'
                    if settings.check_private_channel:
                        fret += slackFunctions.get_channel_info(channel)
                    return fret
                else:
                    return 'Something went wrong when updating your secret'
        except Exception as e:
            return 'Error. Secret not updated. ' + slackFunctions.escape(
                str(e))
    else:
        return 'I need a name and a value to update it!'
Beispiel #4
0
def get_secret_list(team, channel):
    secrets = []
    prefix = team + '.' + channel + '.'
    try:
        if settings.check_private_channel:
            info = slackFunctions.get_channel_info(channel)
        else:
            info = ''
        answer = client.list_secrets(MaxResults=64)
        while 'SecretList' in answer:
            for sec in answer['SecretList']:
                if 'Name' in sec:
                    if sec['Name'][:len(prefix)] == prefix:
                        secret = sec['Name'][len(prefix):]
                        secrets.append(secret)
            if ('NextToken' in answer) and (answer['NextToken'] is not None):
                answer = client.list_secrets(MaxResults=64,
                                             NextToken=answer['NextToken'])
            else:
                answer = {}
        if len(secrets) == 0:
            return 'I have no secrets' + info
        else:
            textSecrets = "I have " + str(len(secrets)) + " secrets\n"
            for iSecret in secrets:
                textSecrets += '> • ' + slackFunctions.escape(iSecret) + "\n"
            return textSecrets + info
    except Exception as e:
        return 'Error getting the secrets list: ' + str(e)
Beispiel #5
0
def set_secret(user, team, channel, secret_name, secret_value):
    if secret_name != '':
        try:
            Tags1 = [{
                'Key': 'CreatedBy',
                'Value': user
            }, {
                'Key':
                'CreatedDate',
                'Value':
                datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
            }]
            if secret_value.strip() == '+':  # it's a file-secret
                secret_data = prepare_s3file_secret()
                if aws_secretsmanager_set_secret(
                        team + '.' + channel + '.' + secret_name,
                        json.dumps(secret_data), Tags1):
                    presignedURL = s3Functions.create_presigned_url_put(
                        secret_data["secret"])
                    logFunctions.log('User ' + user +
                                     ' created the file secret: "' +
                                     secret_name +
                                     '" (file upload pending) at channel: ' +
                                     channel)
                    return '*Please, use the link below to upload your file*:\r`' + uploadURL(
                        requestContext, presignedURL) + '`'
                else:
                    return 'Something went wrong when preparing your filesecret'
            else:
                if aws_secretsmanager_set_secret(
                        team + '.' + channel + '.' + secret_name,
                        encode_text_secret(secret_value), Tags1):
                    logFunctions.log('User ' + user +
                                     ' created the secret: "' + secret_name +
                                     '" at channel: ' + channel)
                    fret = 'I will remember it as ' + slackFunctions.escape(
                        secret_name) + ' (only for this channel)'
                    if settings.check_private_channel:
                        fret += slackFunctions.get_channel_info(channel)
                    return fret
                else:
                    return 'Something went wrong when storing your secret'
        except Exception as e:
            return 'Error. Secret not stored. ' + slackFunctions.escape(str(e))
    else:
        return 'I need a name and a value to remember it!'