chore: split vaultsSecretsGet and its tests

MatrixAI · Nov 5, 2024 · 2f29030 · 2f29030
1 parent 0fb5db3
commit 2f29030
Show file tree

Hide file tree

Showing 9 changed files with 963 additions and 419 deletions.
diff --git a/src/client/callers/index.ts b/src/client/callers/index.ts
@@ -63,6 +63,7 @@ import vaultsPermissionUnset from './vaultsPermissionUnset';
 import vaultsPull from './vaultsPull';
 import vaultsRename from './vaultsRename';
 import vaultsScan from './vaultsScan';
+import vaultsSecretsCat from './vaultsSecretsCat';
 import vaultsSecretsEnv from './vaultsSecretsEnv';
 import vaultsSecretsGet from './vaultsSecretsGet';
 import vaultsSecretsList from './vaultsSecretsList';
@@ -144,6 +145,7 @@ const clientManifest = {
   vaultsPull,
   vaultsRename,
   vaultsScan,
+  vaultsSecretsCat,
   vaultsSecretsEnv,
   vaultsSecretsGet,
   vaultsSecretsList,
@@ -224,6 +226,7 @@ export {
   vaultsPull,
   vaultsRename,
   vaultsScan,
+  vaultsSecretsCat,
   vaultsSecretsEnv,
   vaultsSecretsGet,
   vaultsSecretsList,

diff --git a/src/client/callers/vaultsSecretsCat.ts b/src/client/callers/vaultsSecretsCat.ts
@@ -0,0 +1,12 @@
+import type { HandlerTypes } from '@matrixai/rpc';
+import type VaultsSecretsCat from '../handlers/VaultsSecretsCat';
+import { DuplexCaller } from '@matrixai/rpc';
+
+type CallerTypes = HandlerTypes<VaultsSecretsCat>;
+
+const vaultsSecretsCat = new DuplexCaller<
+  CallerTypes['input'],
+  CallerTypes['output']
+>();
+
+export default vaultsSecretsCat;
diff --git a/src/client/callers/vaultsSecretsGet.ts b/src/client/callers/vaultsSecretsGet.ts
@@ -1,10 +1,10 @@
 import type { HandlerTypes } from '@matrixai/rpc';
 import type VaultsSecretsGet from '../handlers/VaultsSecretsGet';
-import { DuplexCaller } from '@matrixai/rpc';
+import { ServerCaller } from '@matrixai/rpc';
 
 type CallerTypes = HandlerTypes<VaultsSecretsGet>;
 
-const vaultsSecretsGet = new DuplexCaller<
+const vaultsSecretsGet = new ServerCaller<
   CallerTypes['input'],
   CallerTypes['output']
 >();

diff --git a/src/client/handlers/VaultsSecretsCat.ts b/src/client/handlers/VaultsSecretsCat.ts
@@ -0,0 +1,71 @@
+import type { DB } from '@matrixai/db';
+import type {
+  ClientRPCRequestParams,
+  ClientRPCResponseResult,
+  ContentOrErrorMessage,
+  SecretIdentifierMessage,
+} from '../types';
+import type VaultManager from '../../vaults/VaultManager';
+import { DuplexHandler } from '@matrixai/rpc';
+import * as vaultsUtils from '../../vaults/utils';
+import * as vaultsErrors from '../../vaults/errors';
+import * as vaultOps from '../../vaults/VaultOps';
+
+// This method takes in multiple secret paths, and either returns the file
+// contents, or an `ErrorMessage` signifying the error. To read a single secret
+// instead, refer to `VaultsSecretsGet`.
+class VaultsSecretsCat extends DuplexHandler<
+  {
+    db: DB;
+    vaultManager: VaultManager;
+  },
+  ClientRPCRequestParams<SecretIdentifierMessage>,
+  ClientRPCResponseResult<ContentOrErrorMessage>
+> {
+  public handle = async function* (
+    input: AsyncIterable<ClientRPCRequestParams<SecretIdentifierMessage>>,
+  ): AsyncGenerator<ClientRPCResponseResult<ContentOrErrorMessage>> {
+    const { db, vaultManager }: { db: DB; vaultManager: VaultManager } =
+      this.container;
+    yield* db.withTransactionG(async function* (tran): AsyncGenerator<
+      ClientRPCResponseResult<ContentOrErrorMessage>
+    > {
+      // As we need to preserve the order of parameters, we need to loop over
+      // them individually, as grouping them would make them go out of order.
+      for await (const secretIdentiferMessage of input) {
+        const { nameOrId, secretName } = secretIdentiferMessage;
+        const vaultIdFromName = await vaultManager.getVaultId(nameOrId, tran);
+        const vaultId = vaultIdFromName ?? vaultsUtils.decodeVaultId(nameOrId);
+        if (vaultId == null) throw new vaultsErrors.ErrorVaultsVaultUndefined();
+        yield await vaultManager.withVaults(
+          [vaultId],
+          async (vault) => {
+            try {
+              const content = await vaultOps.getSecret(vault, secretName);
+              return {
+                type: 'success',
+                success: true,
+                secretContent: content.toString('binary'),
+              };
+            } catch (e) {
+              if (
+                e instanceof vaultsErrors.ErrorSecretsSecretUndefined ||
+                e instanceof vaultsErrors.ErrorSecretsIsDirectory
+              ) {
+                return {
+                  type: 'error',
+                  code: e.cause.code,
+                  reason: secretName,
+                };
+              }
+              throw e;
+            }
+          },
+          tran,
+        );
+      }
+    });
+  };
+}
+
+export default VaultsSecretsCat;
diff --git a/src/client/handlers/VaultsSecretsGet.ts b/src/client/handlers/VaultsSecretsGet.ts
@@ -2,66 +2,44 @@ import type { DB } from '@matrixai/db';
 import type {
   ClientRPCRequestParams,
   ClientRPCResponseResult,
-  ContentWithErrorMessage,
+  ContentMessage,
   SecretIdentifierMessage,
 } from '../types';
 import type VaultManager from '../../vaults/VaultManager';
-import { DuplexHandler } from '@matrixai/rpc';
+import { ServerHandler } from '@matrixai/rpc';
 import * as vaultsUtils from '../../vaults/utils';
 import * as vaultsErrors from '../../vaults/errors';
 import * as vaultOps from '../../vaults/VaultOps';
 
-class VaultsSecretsGet extends DuplexHandler<
+// This method only returns the contents of a single secret, and throws an error
+// if the secret couldn't be read. To read multiple secrets, refer to
+// `VaultsSecretsCat`.
+class VaultsSecretsGet extends ServerHandler<
   {
     db: DB;
     vaultManager: VaultManager;
   },
   ClientRPCRequestParams<SecretIdentifierMessage>,
-  ClientRPCResponseResult<ContentWithErrorMessage>
+  ClientRPCResponseResult<ContentMessage>
 > {
   public handle = async function* (
-    input: AsyncIterable<ClientRPCRequestParams<SecretIdentifierMessage>>,
-  ): AsyncGenerator<ClientRPCResponseResult<ContentWithErrorMessage>> {
+    input: ClientRPCRequestParams<SecretIdentifierMessage>,
+  ): AsyncGenerator<ClientRPCResponseResult<ContentMessage>> {
     const { db, vaultManager }: { db: DB; vaultManager: VaultManager } =
       this.container;
-    yield* db.withTransactionG(async function* (tran): AsyncGenerator<
-      ClientRPCResponseResult<ContentWithErrorMessage>
-    > {
-      // As we need to preserve the order of parameters, we need to loop over
-      // them individually, as grouping them would make them go out of order.
-      let metadata: any = undefined;
-      for await (const secretIdentiferMessage of input) {
-        if (metadata == null) metadata = secretIdentiferMessage.metadata ?? {};
-        const { nameOrId, secretName } = secretIdentiferMessage;
-        const vaultIdFromName = await vaultManager.getVaultId(nameOrId, tran);
-        const vaultId = vaultIdFromName ?? vaultsUtils.decodeVaultId(nameOrId);
-        if (vaultId == null) throw new vaultsErrors.ErrorVaultsVaultUndefined();
-        yield await vaultManager.withVaults(
-          [vaultId],
-          async (vault) => {
-            try {
-              const content = await vaultOps.getSecret(vault, secretName);
-              return { secretContent: content.toString('binary') };
-            } catch (e) {
-              if (metadata?.options?.continueOnError === true) {
-                if (e instanceof vaultsErrors.ErrorSecretsSecretUndefined) {
-                  return {
-                    secretContent: '',
-                    error: `${e.name}: ${secretName}: No such secret or directory\n`,
-                  };
-                } else if (e instanceof vaultsErrors.ErrorSecretsIsDirectory) {
-                  return {
-                    secretContent: '',
-                    error: `${e.name}: ${secretName}: Is a directory\n`,
-                  };
-                }
-              }
-              throw e;
-            }
-          },
-          tran,
-        );
-      }
+    yield await db.withTransactionF(async (tran) => {
+      const vaultIdFromName = await vaultManager.getVaultId(
+        input.nameOrId,
+        tran,
+      );
+      const vaultId =
+        vaultIdFromName ?? vaultsUtils.decodeVaultId(input.nameOrId);
+      if (vaultId == null) throw new vaultsErrors.ErrorVaultsVaultUndefined();
+      // Get the contents of the file
+      return await vaultManager.withVaults([vaultId], async (vault) => {
+        const content = await vaultOps.getSecret(vault, input.secretName);
+        return { secretContent: content.toString('binary') };
+      });
     });
   };
 }

diff --git a/src/client/handlers/index.ts b/src/client/handlers/index.ts
@@ -80,6 +80,7 @@ import VaultsPermissionUnset from './VaultsPermissionUnset';
 import VaultsPull from './VaultsPull';
 import VaultsRename from './VaultsRename';
 import VaultsScan from './VaultsScan';
+import VaultsSecretsCat from './VaultsSecretsCat';
 import VaultsSecretsEnv from './VaultsSecretsEnv';
 import VaultsSecretsGet from './VaultsSecretsGet';
 import VaultsSecretsList from './VaultsSecretsList';
@@ -184,6 +185,7 @@ const serverManifest = (container: {
     vaultsPull: new VaultsPull(container),
     vaultsRename: new VaultsRename(container),
     vaultsScan: new VaultsScan(container),
+    vaultsSecretsCat: new VaultsSecretsCat(container),
     vaultsSecretsEnv: new VaultsSecretsEnv(container),
     vaultsSecretsGet: new VaultsSecretsGet(container),
     vaultsSecretsList: new VaultsSecretsList(container),
@@ -266,6 +268,7 @@ export {
   VaultsPull,
   VaultsRename,
   VaultsScan,
+  VaultsSecretsCat,
   VaultsSecretsEnv,
   VaultsSecretsGet,
   VaultsSecretsList,

diff --git a/src/client/types.ts b/src/client/types.ts
@@ -321,9 +321,9 @@ type ContentMessage = {
   secretContent: string;
 };
 
-type ContentWithErrorMessage = ContentMessage & {
-  error?: string;
-};
+type ContentSuccessMessage = ContentMessage & SuccessMessage;
+
+type ContentOrErrorMessage = ContentSuccessMessage | ErrorMessage;
 
 type SecretContentMessage = SecretIdentifierMessage & ContentMessage;
 
@@ -428,7 +428,8 @@ export type {
   SecretPathMessage,
   SecretIdentifierMessage,
   ContentMessage,
-  ContentWithErrorMessage,
+  ContentSuccessMessage,
+  ContentOrErrorMessage,
   SecretContentMessage,
   SecretDirMessage,
   SecretRenameMessage,

diff --git a/src/errors.ts b/src/errors.ts
@@ -13,7 +13,7 @@ class ErrorPolykeyUnknown<T> extends ErrorPolykey<T> {
 
 class ErrorPolykeyUnexpected<T> extends ErrorPolykey<T> {
   static description = 'Unknown error occurred';
-  exitCode = sysexits.PROTOCOL;
+  exitCode = sysexits.UNKNOWN;
 }
 
 class ErrorPolykeyAgentRunning<T> extends ErrorPolykey<T> {