def secret_edit(request, secret_id): if request.method == 'POST': secrets = Secret.objects.filter(pk=secret_id) if not secrets or not len(secrets): return HttpResponse( json.dumps({'error': 'Not in this castle'}), content_type='application/json', status=401 ) secret_db = secrets[0] if request.user not in secret_db.project.members.all(): return HttpResponse( json.dumps({'error': 'Not found'}), content_type='application/json', status=404 ) description = request.POST.get('description') passwordNew = request.POST.get('password') if description == '' or passwordNew == '': return HttpResponse( json.dumps({'error': 'Invalid description or password.'}), content_type='application/json', status=400 ) secret = Secret() secret.id = secret_db.id secret.secret_ref = secret_db.secret_ref secret.create_date = secret_db.create_date secret.project = secret_db.project secret.category = request.POST.get('category') or secret_db.category secret.description = description or secret_db.description secret.username = request.POST.get('username') or secret_db.username secret.url = request.POST.get('url') or secret_db.url secret.last_user = request.user # If the password changed, then need to create a new secret in Barbican. passwordCurrent = _decrypt_secret_as_plain_text(secret_db.secret_ref) if passwordNew and passwordCurrent != passwordNew: secret.secret_ref = _store_secret_as_plain_text(secret, passwordNew) secret.save() return HttpResponse( json.dumps({'success': 'Great Success!'}), content_type='application/json', status=201 ) return HttpResponse( json.dumps({'error': 'Epic Fail.'}), content_type='application/json', status=400 )