def delete_secret(user, team, channel, secret_name):
try:
SecretId1 = team + '.' + channel + '.' + secret_name
oSecret = aws_secretsmanager_get_secret(SecretId1)
if (len(oSecret) > 0) and (oSecret.get(
'secretType',
'') == 's3file'): # if it's a file, delete the file
s3Functions.delete(oSecret.get('secret', ''))
client.tag_resource(
SecretId=SecretId1,
Tags=[{
'Key': 'DeletedBy',
'Value': user
}, {
'Key':
'DeletedDate',
'Value':
datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
}])
answer = client.delete_secret(SecretId=SecretId1)
if 'Name' in answer:
logFunctions.log('User ' + user + ' deleted the secret: "' +
secret_name + '" at channel: ' + channel)
return "I will no longer remember " + slackFunctions.escape(
secret_name)
else:
return 'Sorry, there was a problem deleting your secret'
except Exception as e:
return 'Sorry, there was a big problem deleting your secret: ' + slackFunctions.escape(
str(e))
def get_secret(user, team, channel, secret_name=''):
SecretId1 = team + '.' + channel + '.' + secret_name
oSecret = aws_secretsmanager_get_secret(SecretId1)
if len(oSecret) > 0:
# tag the secret
client.tag_resource(
SecretId=SecretId1,
Tags=[{
'Key': 'AccessedBy',
'Value': user
}, {
'Key':
'AccessedDate',
'Value':
datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
}])
logFunctions.log('User ' + user + ' requested the secret: "' +
secret_name + '" at channel: ' + channel)
if oSecret.get('secretType', '') == 'string':
return 'Your secret is: `' + slackFunctions.escape(
oSecret.get('secret', '') + '`')
elif oSecret.get('secretType', '') == 's3file':
s3url = s3Functions.create_presigned_url_get(
oSecret.get('secret', ''),
oSecret.get('original-file-name', secret_name))
return '*Download your secret from here*:\r`' + slackFunctions.escape(
s3url) + '`\rThe link expires in 30 minutes'
else:
return 'unknown secret type'
else:
return 'Secret not found'
def update_secret(user, team, channel, secret_name, secret_value,
old_secret_value):
if secret_name != '':
try:
SecretId1 = team + '.' + channel + '.' + secret_name
if secret_value.strip() == '+': # it's a file-secret
secret_data = prepare_s3file_secret(old_secret_value)
if aws_secretsmanager_update_secret(SecretId1,
json.dumps(secret_data)):
presignedURL = s3Functions.create_presigned_url_put(
secret_data["secret"])
logFunctions.log('User ' + user +
' updating the file secret: "' +
secret_name +
'" (file upload pending) at channel: ' +
channel)
return '*Please, use the link below to upload your new file*:\r`' + uploadURL(
requestContext, presignedURL) + '`'
else:
return 'Something went wrong when preparing your filesecret for update'
else:
if aws_secretsmanager_update_secret(
SecretId1, encode_text_secret(secret_value)):
client.tag_resource(SecretId=SecretId1,
Tags=[{
'Key': 'ModifiedBy',
'Value': user
}, {
'Key':
'ModifiedDate',
'Value':
datetime.datetime.now().strftime(
"%m-%d-%Y %H:%M:%S")
}])
logFunctions.log('User ' + user +
' updated the secret: "' + secret_name +
'" at channel: ' + channel)
fret = 'I will remember the new "' + slackFunctions.escape(
secret_name) + '" secret'
if settings.check_private_channel:
fret += slackFunctions.get_channel_info(channel)
return fret
else:
return 'Something went wrong when updating your secret'
except Exception as e:
return 'Error. Secret not updated. ' + slackFunctions.escape(
str(e))
else:
return 'I need a name and a value to update it!'
def get_secret_list(team, channel):
secrets = []
prefix = team + '.' + channel + '.'
try:
if settings.check_private_channel:
info = slackFunctions.get_channel_info(channel)
else:
info = ''
answer = client.list_secrets(MaxResults=64)
while 'SecretList' in answer:
for sec in answer['SecretList']:
if 'Name' in sec:
if sec['Name'][:len(prefix)] == prefix:
secret = sec['Name'][len(prefix):]
secrets.append(secret)
if ('NextToken' in answer) and (answer['NextToken'] is not None):
answer = client.list_secrets(MaxResults=64,
NextToken=answer['NextToken'])
else:
answer = {}
if len(secrets) == 0:
return 'I have no secrets' + info
else:
textSecrets = "I have " + str(len(secrets)) + " secrets\n"
for iSecret in secrets:
textSecrets += '> • ' + slackFunctions.escape(iSecret) + "\n"
return textSecrets + info
except Exception as e:
return 'Error getting the secrets list: ' + str(e)
def set_secret(user, team, channel, secret_name, secret_value):
if secret_name != '':
try:
Tags1 = [{
'Key': 'CreatedBy',
'Value': user
}, {
'Key':
'CreatedDate',
'Value':
datetime.datetime.now().strftime("%m-%d-%Y %H:%M:%S")
}]
if secret_value.strip() == '+': # it's a file-secret
secret_data = prepare_s3file_secret()
if aws_secretsmanager_set_secret(
team + '.' + channel + '.' + secret_name,
json.dumps(secret_data), Tags1):
presignedURL = s3Functions.create_presigned_url_put(
secret_data["secret"])
logFunctions.log('User ' + user +
' created the file secret: "' +
secret_name +
'" (file upload pending) at channel: ' +
channel)
return '*Please, use the link below to upload your file*:\r`' + uploadURL(
requestContext, presignedURL) + '`'
else:
return 'Something went wrong when preparing your filesecret'
else:
if aws_secretsmanager_set_secret(
team + '.' + channel + '.' + secret_name,
encode_text_secret(secret_value), Tags1):
logFunctions.log('User ' + user +
' created the secret: "' + secret_name +
'" at channel: ' + channel)
fret = 'I will remember it as ' + slackFunctions.escape(
secret_name) + ' (only for this channel)'
if settings.check_private_channel:
fret += slackFunctions.get_channel_info(channel)
return fret
else:
return 'Something went wrong when storing your secret'
except Exception as e:
return 'Error. Secret not stored. ' + slackFunctions.escape(str(e))
else:
return 'I need a name and a value to remember it!'