Add support for listing required delegations for an encrypted secret

This patch adds the /owners API endpoint that returns the list of users that "own" the given secret. These are the users that can delegate their passwords for decrypting the secret. It also adds the "Get Owners" form in the web UI that uses the new API. Fixes #62
2026-01-07 14:05:47 +00:00 · 2015-06-15 21:12:10 +02:00
parent 5328f286b9
commit 4183569465
5 changed files with 178 additions and 0 deletions
--- a/core/core.go
+++ b/core/core.go
@@ -73,6 +73,10 @@ type DecryptRequest struct {
 	Data []byte
 }

+type OwnersRequest struct {
+	Data []byte
+}
+
 type ModifyRequest struct {
 	Name     string
 	Password string
@@ -100,6 +104,11 @@ type DecryptWithDelegates struct {
 	Delegates []string
 }

+type OwnersData struct {
+	Status string
+	Owners []string
+}
+
 // Helper functions that create JSON responses sent by core

 func jsonStatusOk() ([]byte, error) {
@@ -366,3 +375,21 @@ func Modify(jsonIn []byte) ([]byte, error) {
 		return jsonStatusOk()
 	}
 }
+
+// Owners processes a owners request.
+func Owners(jsonIn []byte) ([]byte, error) {
+	var s OwnersRequest
+	err := json.Unmarshal(jsonIn, &s)
+	if err != nil {
+		log.Println("Error unmarshaling input:", err)
+		return jsonStatusError(err)
+	}
+
+	names, err := crypt.GetOwners(s.Data)
+	if err != nil {
+		log.Println("Error listing owners:", err)
+		return jsonStatusError(err)
+	}
+
+	return json.Marshal(OwnersData{Status: "ok", Owners: names})
+}