Esempio n. 1
0
        public override async Task Write(Secret secret, string clientOperation)
        {
            // Try to read the secret
            var existingSecret = await UnauditedReadSecret(secret.Name, GetFileName(secret.Name));

            // Try to undelete the secret, in case a deleted form exists
            if (existingSecret == null && await Undelete(secret.Name, clientOperation))
            {
                existingSecret = await UnauditedReadSecret(secret.Name, GetFileName(secret.Name));
            }

            if (existingSecret != null)
            {
                // Copy the new data and add audit records
                existingSecret.AddAuditEntry(await SecretAuditEntry.CreateForLocalUser(clientOperation, SecretAuditAction.Changed, existingSecret.Value));
                existingSecret.Update(secret);

                // Now resave the existing secret instead
                secret = existingSecret;
            }
            else
            {
                // Add an audit record
                secret.AddAuditEntry(await SecretAuditEntry.CreateForLocalUser(clientOperation, SecretAuditAction.Created));
            }

            // Write the secret
            await UnauditedWriteSecret(secret);
        }
Esempio n. 2
0
 public void AddAuditEntry(SecretAuditEntry entry)
 {
     _auditLog.Add(entry);
     if (_auditLog.Count > 100)
     {
         // Truncate the log
         _auditLog = _auditLog.OrderByDescending(a => a.TimestampUtc).Take(100).ToList();
     }
 }
Esempio n. 3
0
 public void AddAuditEntry(SecretAuditEntry entry)
 {
     _auditLog.Add(entry);
     if (_auditLog.Count > 100)
     {
         // Truncate the log
         _auditLog = _auditLog.OrderByDescending(a => a.TimestampUtc).Take(100).ToList();
     }
 }
Esempio n. 4
0
        public override async Task <bool> Delete(SecretName name, string clientOperation)
        {
            // Write an audit record
            var fileName       = GetFileName(name);
            var existingSecret = await UnauditedReadSecret(name, fileName);

            if (existingSecret == null)
            {
                return(false);
            }
            existingSecret.AddAuditEntry(await SecretAuditEntry.CreateForLocalUser(clientOperation, SecretAuditAction.Deleted));
            await UnauditedWriteSecret(existingSecret);

            // Change the file extension
            File.Move(fileName, Path.ChangeExtension(fileName, ".del"));
            return(true);
        }
Esempio n. 5
0
        public override async Task <Secret> Read(SecretName name, string clientOperation)
        {
            // Read the secret
            var secret = await UnauditedReadSecret(name, GetFileName(name));

            if (secret == null)
            {
                return(null);
            }

            // Add audit log entry and rewrite
            secret.AddAuditEntry(await SecretAuditEntry.CreateForLocalUser(clientOperation, SecretAuditAction.Retrieved));
            await UnauditedWriteSecret(secret);

            // Return the secret value
            return(secret);
        }
Esempio n. 6
0
        public override async Task <bool> Undelete(SecretName name, string clientOperation)
        {
            // Locate the deleted file
            var fileName      = GetFileName(name);
            var deletedName   = Path.ChangeExtension(fileName, ".del");
            var deletedSecret = await UnauditedReadSecret(name, deletedName);

            if (deletedSecret == null)
            {
                return(false);
            }

            // Write it back to a normal secret file
            deletedSecret.AddAuditEntry(await SecretAuditEntry.CreateForLocalUser(clientOperation, SecretAuditAction.Restored));
            await UnauditedWriteSecret(deletedSecret);

            // Delete the deleted secret :)
            File.Delete(deletedName);
            return(true);
        }