From e15501e2657a2c9ae67e4d7ba0d29263b7605bb3 Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Fri, 8 Jun 2018 13:45:47 -0400 Subject: [PATCH] Fix writing to KVv2 root via `kv put` (#4726) * Fix writing to KVv2 root via `kv put` The check that adds the API path wasn't taking into account the root, e.g. if it's mounted at `kv`, `kv` and `kv/` would end up creating an extra copy of the mount path in front, leading to paths like `kv/data/kv`. * Output warnings if they come back and fix a panic in metadata_get * Also add to metadata put/delete --- command/kv_delete.go | 21 +++++++++++++-------- command/kv_destroy.go | 3 +++ command/kv_helpers.go | 9 +++++++-- command/kv_metadata_delete.go | 5 ++++- command/kv_metadata_get.go | 8 +++++++- command/kv_metadata_put.go | 3 +++ command/kv_undelete.go | 3 +++ 7 files changed, 40 insertions(+), 12 deletions(-) diff --git a/command/kv_delete.go b/command/kv_delete.go index 9ce39976a9dd..945b4c675846 100644 --- a/command/kv_delete.go +++ b/command/kv_delete.go @@ -101,14 +101,18 @@ func (c *KVDeleteCommand) Run(args []string) int { return 2 } + var secret *api.Secret if v2 { - err = c.deleteV2(path, mountPath, client) + secret, err = c.deleteV2(path, mountPath, client) } else { - _, err = client.Logical().Delete(path) + secret, err = client.Logical().Delete(path) } if err != nil { c.UI.Error(fmt.Sprintf("Error deleting %s: %s", path, err)) + if secret != nil { + OutputSecret(c.UI, secret) + } return 2 } @@ -116,29 +120,30 @@ func (c *KVDeleteCommand) Run(args []string) int { return 0 } -func (c *KVDeleteCommand) deleteV2(path, mountPath string, client *api.Client) error { +func (c *KVDeleteCommand) deleteV2(path, mountPath string, client *api.Client) (*api.Secret, error) { var err error + var secret *api.Secret switch { case len(c.flagVersions) > 0: path = addPrefixToVKVPath(path, mountPath, "delete") if err != nil { - return err + return nil, err } data := map[string]interface{}{ "versions": kvParseVersionsFlags(c.flagVersions), } - _, err = client.Logical().Write(path, data) + secret, err = client.Logical().Write(path, data) default: path = addPrefixToVKVPath(path, mountPath, "data") if err != nil { - return err + return nil, err } - _, err = client.Logical().Delete(path) + secret, err = client.Logical().Delete(path) } - return err + return secret, err } diff --git a/command/kv_destroy.go b/command/kv_destroy.go index f622e3f05f00..64ed284d1864 100644 --- a/command/kv_destroy.go +++ b/command/kv_destroy.go @@ -115,6 +115,9 @@ func (c *KVDestroyCommand) Run(args []string) int { secret, err := client.Logical().Write(path, data) if err != nil { c.UI.Error(fmt.Sprintf("Error writing data to %s: %s", path, err)) + if secret != nil { + OutputSecret(c.UI, secret) + } return 2 } if secret == nil { diff --git a/command/kv_helpers.go b/command/kv_helpers.go index 1c3c74a8c907..2ed1d9739a6e 100644 --- a/command/kv_helpers.go +++ b/command/kv_helpers.go @@ -99,8 +99,13 @@ func isKVv2(path string, client *api.Client) (string, bool, error) { } func addPrefixToVKVPath(p, mountPath, apiPrefix string) string { - p = strings.TrimPrefix(p, mountPath) - return path.Join(mountPath, apiPrefix, p) + switch { + case p == mountPath, p == strings.TrimSuffix(mountPath, "/"): + return path.Join(mountPath, apiPrefix) + default: + p = strings.TrimPrefix(p, mountPath) + return path.Join(mountPath, apiPrefix, p) + } } func getHeaderForMap(header string, data map[string]interface{}) string { diff --git a/command/kv_metadata_delete.go b/command/kv_metadata_delete.go index 446533bdf307..8ff3a5655e47 100644 --- a/command/kv_metadata_delete.go +++ b/command/kv_metadata_delete.go @@ -82,8 +82,11 @@ func (c *KVMetadataDeleteCommand) Run(args []string) int { } path = addPrefixToVKVPath(path, mountPath, "metadata") - if _, err := client.Logical().Delete(path); err != nil { + if secret, err := client.Logical().Delete(path); err != nil { c.UI.Error(fmt.Sprintf("Error deleting %s: %s", path, err)) + if secret != nil { + OutputSecret(c.UI, secret) + } return 2 } diff --git a/command/kv_metadata_get.go b/command/kv_metadata_get.go index 75c4cd22f7f8..a9bfc77eaad5 100644 --- a/command/kv_metadata_get.go +++ b/command/kv_metadata_get.go @@ -105,7 +105,13 @@ func (c *KVMetadataGetCommand) Run(args []string) int { return OutputSecret(c.UI, secret) } - versions := secret.Data["versions"].(map[string]interface{}) + versionsRaw, ok := secret.Data["versions"] + if !ok || versionsRaw == nil { + c.UI.Error(fmt.Sprintf("No value found at %s", path)) + OutputSecret(c.UI, secret) + return 2 + } + versions := versionsRaw.(map[string]interface{}) delete(secret.Data, "versions") diff --git a/command/kv_metadata_put.go b/command/kv_metadata_put.go index 32f8d9248152..b88287de7441 100644 --- a/command/kv_metadata_put.go +++ b/command/kv_metadata_put.go @@ -125,6 +125,9 @@ func (c *KVMetadataPutCommand) Run(args []string) int { secret, err := client.Logical().Write(path, data) if err != nil { c.UI.Error(fmt.Sprintf("Error writing data to %s: %s", path, err)) + if secret != nil { + OutputSecret(c.UI, secret) + } return 2 } if secret == nil { diff --git a/command/kv_undelete.go b/command/kv_undelete.go index 58eee93c0b9a..7c11e8ce5d48 100644 --- a/command/kv_undelete.go +++ b/command/kv_undelete.go @@ -110,6 +110,9 @@ func (c *KVUndeleteCommand) Run(args []string) int { secret, err := client.Logical().Write(path, data) if err != nil { c.UI.Error(fmt.Sprintf("Error writing data to %s: %s", path, err)) + if secret != nil { + OutputSecret(c.UI, secret) + } return 2 } if secret == nil {