2024-05-28 18:45:34 +02:00
|
|
|
import * as plugins from '../plugins.js';
|
|
|
|
import * as paths from '../paths.js';
|
2024-04-20 12:21:41 +02:00
|
|
|
import { SecretBundle } from './classes.secretbundle.js';
|
|
|
|
import { SecretGroup } from './classes.secretgroup.js';
|
2024-05-30 22:49:39 +02:00
|
|
|
import { logger } from '../logger.js';
|
2024-05-28 18:45:34 +02:00
|
|
|
import type { Cloudly } from '../classes.cloudly.js';
|
2024-04-20 12:21:41 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* The `ConfigVault` class provides methods for reading and writing configuration data to a file.
|
|
|
|
* It uses the `TypedServer` and `TypedRouter` classes from the `configvault.plugins.js` module to handle HTTP requests and route them to the appropriate handlers.
|
|
|
|
*
|
|
|
|
* @class
|
|
|
|
*/
|
|
|
|
export class CloudlySecretManager {
|
|
|
|
// attached classes
|
|
|
|
public CSecretBundle = plugins.smartdata.setDefaultManagerForDoc(this, SecretBundle);
|
|
|
|
public CSecretGroup = plugins.smartdata.setDefaultManagerForDoc(this, SecretGroup);
|
|
|
|
|
|
|
|
// INSTANCE
|
|
|
|
public cloudlyRef: Cloudly;
|
|
|
|
public projectinfo = new plugins.projectinfo.ProjectinfoNpm(paths.packageDir);
|
|
|
|
public serviceQenv = new plugins.qenv.Qenv(paths.packageDir, paths.nogitDir);
|
|
|
|
public typedrouter: plugins.typedrequest.TypedRouter;
|
|
|
|
|
|
|
|
get db() {
|
|
|
|
return this.cloudlyRef.mongodbConnector.smartdataDb;
|
|
|
|
}
|
|
|
|
|
|
|
|
constructor(cloudlyRefArg: Cloudly) {
|
|
|
|
this.cloudlyRef = cloudlyRefArg;
|
|
|
|
}
|
|
|
|
|
|
|
|
public async start() {
|
|
|
|
// lets set up a typedrouter
|
|
|
|
this.typedrouter = new plugins.typedrequest.TypedRouter();
|
|
|
|
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
|
|
|
|
|
|
|
|
this.typedrouter.addTypedHandler(
|
|
|
|
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_GetConfigBundlesAndSecretGroups>(
|
|
|
|
'adminGetConfigBundlesAndSecretGroups',
|
2024-06-01 05:48:57 +02:00
|
|
|
async (dataArg, toolsArg) => {
|
2024-08-25 14:29:26 +02:00
|
|
|
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
|
2024-10-27 19:50:39 +01:00
|
|
|
dataArg.identity.jwt;
|
2024-04-20 12:21:41 +02:00
|
|
|
const secretBundles = await SecretBundle.getInstances({});
|
|
|
|
const secretGroups = await SecretGroup.getInstances({});
|
|
|
|
return {
|
|
|
|
secretBundles: [
|
|
|
|
...(await Promise.all(
|
2024-10-27 19:50:39 +01:00
|
|
|
secretBundles.map((configBundle) => configBundle.createSavableObject()),
|
2024-04-20 12:21:41 +02:00
|
|
|
)),
|
|
|
|
],
|
|
|
|
secretGroups: [
|
|
|
|
...(await Promise.all(
|
2024-10-27 19:50:39 +01:00
|
|
|
secretGroups.map((secretGroup) => secretGroup.createSavableObject()),
|
2024-04-20 12:21:41 +02:00
|
|
|
)),
|
|
|
|
],
|
|
|
|
};
|
2024-10-27 19:50:39 +01:00
|
|
|
},
|
|
|
|
),
|
2024-04-20 12:21:41 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_CreateConfigBundlesAndSecretGroups>(
|
|
|
|
new plugins.typedrequest.TypedHandler(
|
|
|
|
'adminCreateConfigBundlesAndSecretGroups',
|
|
|
|
async (dataArg) => {
|
|
|
|
for (const secretGroupObject of dataArg.secretGroups) {
|
|
|
|
const secretGroup = new SecretGroup();
|
|
|
|
secretGroup.id = plugins.smartunique.shortId(8);
|
|
|
|
secretGroup.data = secretGroupObject.data;
|
|
|
|
await secretGroup.save();
|
|
|
|
}
|
|
|
|
return {
|
|
|
|
ok: true,
|
|
|
|
};
|
2024-10-27 19:50:39 +01:00
|
|
|
},
|
|
|
|
),
|
2024-04-20 12:21:41 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
this.typedrouter.addTypedHandler(
|
|
|
|
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_DeleteConfigBundlesAndSecretGroups>(
|
|
|
|
'adminDeleteConfigBundlesAndSecretGroups',
|
|
|
|
async (dataArg) => {
|
|
|
|
for (const secretGroupId of dataArg.secretGroupIds) {
|
|
|
|
const secretGroup = await SecretGroup.getInstance({
|
|
|
|
id: secretGroupId,
|
|
|
|
});
|
|
|
|
await secretGroup.delete();
|
|
|
|
}
|
|
|
|
for (const secretBundleId of dataArg.secretBundleIds) {
|
|
|
|
const configBundle = await SecretBundle.getInstance({
|
|
|
|
id: secretBundleId,
|
|
|
|
});
|
|
|
|
await configBundle.delete();
|
|
|
|
console.log(`deleted configbundle ${secretBundleId}`);
|
|
|
|
}
|
|
|
|
return {
|
|
|
|
ok: true,
|
|
|
|
};
|
2024-10-27 19:50:39 +01:00
|
|
|
},
|
|
|
|
),
|
2024-04-20 12:21:41 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
// lets add typedrouter routes for accessing the configvailt from apps
|
|
|
|
this.typedrouter.addTypedHandler(
|
|
|
|
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_GetEnvBundle>(
|
|
|
|
'getEnvBundle',
|
|
|
|
async (dataArg) => {
|
|
|
|
const wantedBundle = await SecretBundle.getInstance({
|
|
|
|
data: {
|
|
|
|
authorizations: {
|
|
|
|
// @ts-ignore
|
|
|
|
$elemMatch: {
|
|
|
|
secretAccessKey: dataArg.authorization,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
});
|
|
|
|
const authorization = await wantedBundle.getAuthorizationFromAuthKey(
|
2024-10-27 19:50:39 +01:00
|
|
|
dataArg.authorization,
|
2024-04-20 12:21:41 +02:00
|
|
|
);
|
|
|
|
return {
|
|
|
|
envBundle: {
|
|
|
|
configKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
|
2024-10-27 19:50:39 +01:00
|
|
|
authorization.environment,
|
2024-04-20 12:21:41 +02:00
|
|
|
),
|
|
|
|
environment: authorization.environment,
|
|
|
|
timeSensitive: false,
|
|
|
|
},
|
|
|
|
};
|
2024-10-27 19:50:39 +01:00
|
|
|
},
|
|
|
|
),
|
2024-04-20 12:21:41 +02:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
public async stop() {}
|
|
|
|
}
|