def _import_secret(self, secret, colliding_secrets, override_collisions):
try:
tenant = get_tenant_by_name(secret['tenant_name'])
create_secret(key=secret['key'], secret=secret, tenant=tenant)
except manager_exceptions.ConflictError:
if override_collisions:
existing_secret = self._get_secret_object(secret)
update_imported_secret(existing_secret, secret)
add_to_dict_values(colliding_secrets, secret['tenant_name'],
secret['key'])
def post(self):
response = {}
colliding_secrets = {}
overridden_secrets = {}
request_dict = self._validate_import_secrets_params()
secrets_list = request_dict.get('secrets_list')
existing_tenants = [
tenant.name for tenant in get_storage_manager().list(models.Tenant)
]
tenant_map_dict = request_dict.get('tenant_map_dict')
if tenant_map_dict:
tenant_map_dict = self._validate_tenant_map(
tenant_map_dict, existing_tenants)
passphrase = request_dict.get('passphrase')
override_collisions = request_dict.get('override_collisions')
formed_secrets_list, secrets_errors = self._format_secrets(
secrets_list, tenant_map_dict, passphrase, existing_tenants,
override_collisions)
for secret in formed_secrets_list:
collision_state, tenant_name = create_secret(
imported_secret=secret)
if collision_state == 'overridden':
add_to_dict_values(overridden_secrets, tenant_name,
secret['key'])
elif collision_state == 'collision':
add_to_dict_values(colliding_secrets, tenant_name,
secret['key'])
response['overridden_secrets'] = overridden_secrets
response['colliding_secrets'] = colliding_secrets
response['secrets_errors'] = secrets_errors
return response
def put(self, key, **kwargs):
"""
Create a new secret or update an existing secret if the flag
update_if_exists is set to true
"""
secret = self._get_secret_params(key)
try:
return create_secret(key=key, secret=secret, tenant=current_tenant)
except manager_exceptions.ConflictError:
if secret['update_if_exists']:
existing_secret = get_storage_manager().get(models.Secret, key)
return update_secret(existing_secret, secret)
raise
def put(self, key, **kwargs):
"""
Create a new secret or update an existing secret if the flag
update_if_exists is set to true
"""
return create_secret(key=key)