def secret_edit(request, secret_id):
if request.method == 'POST':
secrets = Secret.objects.filter(pk=secret_id)
if not secrets or not len(secrets):
return HttpResponse(
json.dumps({'error': 'Not in this castle'}),
content_type='application/json',
status=401
)
secret_db = secrets[0]
if request.user not in secret_db.project.members.all():
return HttpResponse(
json.dumps({'error': 'Not found'}),
content_type='application/json',
status=404
)
description = request.POST.get('description')
passwordNew = request.POST.get('password')
if description == '' or passwordNew == '':
return HttpResponse(
json.dumps({'error': 'Invalid description or password.'}),
content_type='application/json',
status=400
)
secret = Secret()
secret.id = secret_db.id
secret.secret_ref = secret_db.secret_ref
secret.create_date = secret_db.create_date
secret.project = secret_db.project
secret.category = request.POST.get('category') or secret_db.category
secret.description = description or secret_db.description
secret.username = request.POST.get('username') or secret_db.username
secret.url = request.POST.get('url') or secret_db.url
secret.last_user = request.user
# If the password changed, then need to create a new secret in Barbican.
passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref)
if passwordNew and passwordCurrent != passwordNew:
secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew)
secret.save()
return HttpResponse(
json.dumps({'success': 'Great Success!'}),
content_type='application/json',
status=201
)
return HttpResponse(
json.dumps({'error': 'Epic Fail.'}),
content_type='application/json',
status=400
)
