diff options
author | Simo Sorce <simo@redhat.com> | 2015-04-07 17:01:02 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-04-07 17:44:47 -0400 |
commit | 5ed4b17854977c38944b8670b2264b2a9d8c2121 (patch) | |
tree | 668fd26dd79a61abf7c950480a7a981eb447e839 | |
parent | a438d0d27d70cfdc2dcfdd929564375184bb88ff (diff) | |
download | custodia-5ed4b17854977c38944b8670b2264b2a9d8c2121.tar.gz custodia-5ed4b17854977c38944b8670b2264b2a9d8c2121.tar.xz custodia-5ed4b17854977c38944b8670b2264b2a9d8c2121.zip |
Actually strip only the base container
If there are intermediate containers list them with empty strings
as values.
-rw-r--r-- | custodia/secrets.py | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/custodia/secrets.py b/custodia/secrets.py index a203d29..980ab38 100644 --- a/custodia/secrets.py +++ b/custodia/secrets.py @@ -16,20 +16,20 @@ class Secrets(HTTPConsumer): # pylint: disable=star-args return os.path.join('keys', *trail) - def _db_filter(self, namespaces, trail, userfilter): + def _db_container_key(self, namespaces, trail): f = None if len(trail) > 0: for ns in namespaces: if ns == trail[0]: - f = self._db_key(namespaces, trail) + f = self._db_key(namespaces, trail + ['']) break if f is None: raise HTTPError(403) else: # Consider the first namespace as the default one - t = [namespaces[0]] + trail + t = [namespaces[0]] + trail + [''] f = self._db_key(namespaces, t) - return '%s/%s' % (f, userfilter) + return f def _validate(self, value): try: @@ -68,23 +68,23 @@ class Secrets(HTTPConsumer): def _list(self, trail, request, response): ns = self._namespaces(request) try: + basename = self._db_container_key(ns, trail[:-1]) userfilter = request.get('query', dict()).get('filter', '') - keyfilter = self._db_filter(ns, trail[:-1], userfilter) - keydict = self.root.store.list(keyfilter) + keydict = self.root.store.list(basename + userfilter) if keydict is None: raise HTTPError(404) output = dict() for k in keydict: + # remove the base container itself + if k == basename: + continue # strip away the internal prefix for storing keys name = k[len('keys/'):] - value = keydict[k] - # remove the containers themselves, we list only keys + # return empty value for containers if name.endswith('/'): - continue - if value == '': output[name] = '' else: - output[name] = json.loads(value) + output[name] = json.loads(keydict[k]) response['output'] = json.dumps(output) except CSStoreError: raise HTTPError(404) |