Merge pull request #130 from secrethub/release/v0.22.0

Release v0.22.0
secrethub · Sep 9, 2019 · 8bf2c4e · 8bf2c4e
2 parents 30f776a + 6587150
commit 8bf2c4e
Show file tree

Hide file tree

Showing 25 changed files with 155 additions and 108 deletions.
diff --git a/internals/api/account.go b/internals/api/account.go
@@ -18,7 +18,7 @@ var (
 
 // Account represents an account on SecretHub.
 type Account struct {
-	AccountID   *uuid.UUID  `json:"account_id"`
+	AccountID   uuid.UUID   `json:"account_id"`
 	Name        AccountName `json:"name"`
 	PublicKey   []byte      `json:"public_key"`
 	AccountType string      `json:"account_type"`

diff --git a/internals/api/acl.go b/internals/api/acl.go
@@ -20,9 +20,9 @@ var (
 // a directory and its children.
 type AccessRule struct {
 	Account       *Account   `json:"account"`
-	AccountID     *uuid.UUID `json:"account_id"`
-	DirID         *uuid.UUID `json:"dir_id"`
-	RepoID        *uuid.UUID `json:"repo_id"`
+	AccountID     uuid.UUID  `json:"account_id"`
+	DirID         uuid.UUID  `json:"dir_id"`
+	RepoID        uuid.UUID  `json:"repo_id"`
 	Permission    Permission `json:"permission"`
 	CreatedAt     time.Time  `json:"created_at"`
 	LastChangedAt time.Time  `json:"last_changed_at"`
@@ -59,8 +59,8 @@ func (car *CreateAccessRuleRequest) Validate() error {
 // effect of one or more access rules on the directory itself or its parent(s).
 type AccessLevel struct {
 	Account    *Account   `json:"account"`
-	AccountID  *uuid.UUID `json:"account_id"`
-	DirID      *uuid.UUID `json:"dir_id"`
+	AccountID  uuid.UUID  `json:"account_id"`
+	DirID      uuid.UUID  `json:"dir_id"`
 	Permission Permission `json:"permission"`
 }
 

diff --git a/internals/api/audit.go b/internals/api/audit.go
@@ -17,7 +17,7 @@ const (
 
 // Audit represents an AuditEvent in SecretHub.
 type Audit struct {
-	EventID   *uuid.UUID   `json:"event_id"`
+	EventID   uuid.UUID    `json:"event_id"`
 	Action    AuditAction  `json:"action"`
 	IPAddress string       `json:"ip_address"`
 	LoggedAt  time.Time    `json:"logged_at"`
@@ -31,8 +31,8 @@ type AuditAction string
 
 // AuditActor represents the Account of an AuditEvent
 type AuditActor struct {
-	ActorID *uuid.UUID `json:"id,omitempty"`
-	Deleted bool       `json:"deleted,omitempty"`
+	ActorID uuid.UUID `json:"id,omitempty"`
+	Deleted bool      `json:"deleted,omitempty"`
 	// Type is `user` or `service`. When actor is deleted, type is always `account`
 	Type    string   `json:"type"`
 	User    *User    `json:"user,omitempty"`
@@ -61,8 +61,8 @@ const (
 
 // AuditSubject represents the Subject of an AuditEvent
 type AuditSubject struct {
-	SubjectID *uuid.UUID `json:"id,omitempty"`
-	Deleted   bool       `json:"deleted,omitempty"`
+	SubjectID uuid.UUID `json:"id,omitempty"`
+	Deleted   bool      `json:"deleted,omitempty"`
 	// Type is `user`, `service`, `repo`, `secret`, `secret_version` or `secret_key`. When subject is deleted, user and service are indicated with type `account`
 	Type                   AuditSubjectType        `json:"type"`
 	User                   *User                   `json:"user,omitempty"`

diff --git a/internals/api/credential.go b/internals/api/credential.go
@@ -38,7 +38,7 @@ const (
 
 // Credential is used to authenticate to the API and to encrypt the account key.
 type Credential struct {
-	AccountID   *uuid.UUID        `json:"account_id"`
+	AccountID   uuid.UUID         `json:"account_id"`
 	Type        CredentialType    `json:"type"`
 	CreatedAt   time.Time         `json:"created_at"`
 	Fingerprint string            `json:"fingerprint"`

diff --git a/internals/api/dir.go b/internals/api/dir.go
@@ -24,7 +24,7 @@ var (
 // The names are encrypted and so are the names of SubDirs and Secrets.
 // The secrets contain no encrypted data, only the encrypted name.
 type EncryptedDir struct {
-	DirID          *uuid.UUID           `json:"dir_id"`
+	DirID          uuid.UUID            `json:"dir_id"`
 	BlindName      string               `json:"blind_name"`
 	EncryptedName  crypto.CiphertextRSA `json:"encrypted_name"`
 	ParentID       *uuid.UUID           `json:"parent_id"`
@@ -56,7 +56,7 @@ func (ed *EncryptedDir) Decrypt(accountKey *crypto.RSAPrivateKey) (*Dir, error)
 // Dir represents an directory.
 // A dir belongs to a repo and contains other dirs and secrets.
 type Dir struct {
-	DirID          *uuid.UUID `json:"dir_id"`
+	DirID          uuid.UUID  `json:"dir_id"`
 	BlindName      string     `json:"blind_name"`
 	Name           string     `json:"name"`
 	ParentID       *uuid.UUID `json:"parent_id"`
@@ -98,7 +98,7 @@ func (cdr *CreateDirRequest) Validate() error {
 			return err
 		}
 
-		unique[*encryptedName.AccountID]++
+		unique[encryptedName.AccountID]++
 	}
 
 	for _, count := range unique {

diff --git a/internals/api/dirfs.go b/internals/api/dirfs.go
@@ -65,7 +65,7 @@ func (t EncryptedTree) Decrypt(accountKey *crypto.RSAPrivateKey) (*Tree, error)
 	// This has to be prepopulated to be able to put childs under parents.
 	dirMap := make(map[uuid.UUID]*Dir)
 	for _, dir := range dirs {
-		dirMap[*dir.DirID] = dir
+		dirMap[dir.DirID] = dir
 	}
 
 	// All directories are looped and placed below the parent directory as a subdirectory.
@@ -89,13 +89,13 @@ func (t EncryptedTree) Decrypt(accountKey *crypto.RSAPrivateKey) (*Tree, error)
 	secretMap := make(map[uuid.UUID]*Secret)
 	// All secrets are placed below every directory.
 	for _, secret := range secrets {
-		dir, ok := dirMap[*secret.DirID]
+		dir, ok := dirMap[secret.DirID]
 		if !ok {
 			return nil, ErrParentDirNotAvailable
 		}
 
 		dir.Secrets = append(dir.Secrets, secret)
-		secretMap[*secret.SecretID] = secret
+		secretMap[secret.SecretID] = secret
 	}
 
 	return &Tree{
@@ -130,8 +130,8 @@ func (t Tree) DirCount() int {
 // AbsSecretPath returns the full path of secret.
 // This function makes the assumption that every secret has a ParentDir.
 // If not, an error will occur.
-func (t Tree) AbsSecretPath(secretID *uuid.UUID) (*SecretPath, error) {
-	secret, ok := t.Secrets[*secretID]
+func (t Tree) AbsSecretPath(secretID uuid.UUID) (*SecretPath, error) {
+	secret, ok := t.Secrets[secretID]
 	if !ok {
 		return nil, ErrSecretNotFound
 	}
@@ -149,18 +149,18 @@ func (t Tree) AbsSecretPath(secretID *uuid.UUID) (*SecretPath, error) {
 // AbsDirPath returns the full path of dir
 // This function makes the assumption that only the root dir has no parentID.
 // If not, an error will occur.
-func (t Tree) AbsDirPath(dirID *uuid.UUID) (DirPath, error) {
+func (t Tree) AbsDirPath(dirID uuid.UUID) (DirPath, error) {
 	if uuid.Equal(dirID, t.RootDir.DirID) {
 		dirPath := t.ParentPath.JoinDir(t.RootDir.Name)
 		return dirPath, nil
 	}
 
-	dir, ok := t.Dirs[*dirID]
+	dir, ok := t.Dirs[dirID]
 	if !ok {
 		return "", ErrDirNotFound
 	}
 
-	parentPath, err := t.AbsDirPath(dir.ParentID)
+	parentPath, err := t.AbsDirPath(*dir.ParentID)
 	if err != nil {
 		return "", errio.Error(err)
 	}

diff --git a/internals/api/dirfs_test.go b/internals/api/dirfs_test.go
@@ -23,21 +23,21 @@ func TestAbsDirPath(t *testing.T) {
 	dir := &Dir{
 		DirID:    uuid.New(),
 		Name:     "dir",
-		ParentID: repoDir.DirID,
+		ParentID: &repoDir.DirID,
 	}
 
 	subdir := &Dir{
 		DirID:    uuid.New(),
 		Name:     "subdir",
-		ParentID: dir.DirID,
+		ParentID: &dir.DirID,
 	}
 
 	repoPath := DirPath("namespace/repo")
 	dirPath := DirPath("namespace/repo/dir")
 	subdirPath := DirPath("namespace/repo/dir/subdir")
 
 	cases := map[string]struct {
-		dirID    *uuid.UUID
+		dirID    uuid.UUID
 		tree     Tree
 		expected DirPath
 		err      error
@@ -48,7 +48,7 @@ func TestAbsDirPath(t *testing.T) {
 				ParentPath: "namespace",
 				RootDir:    repoDir,
 				Dirs: map[uuid.UUID]*Dir{
-					*repoDir.DirID: repoDir,
+					repoDir.DirID: repoDir,
 				},
 				Secrets: map[uuid.UUID]*Secret{},
 			},
@@ -61,7 +61,7 @@ func TestAbsDirPath(t *testing.T) {
 				ParentPath: "namespace",
 				RootDir:    repoDir,
 				Dirs: map[uuid.UUID]*Dir{
-					*dir.DirID: dir,
+					dir.DirID: dir,
 				},
 				Secrets: map[uuid.UUID]*Secret{},
 			},
@@ -74,8 +74,8 @@ func TestAbsDirPath(t *testing.T) {
 				ParentPath: "namespace/repo",
 				RootDir:    dir,
 				Dirs: map[uuid.UUID]*Dir{
-					*dir.DirID:    dir,
-					*subdir.DirID: subdir,
+					dir.DirID:    dir,
+					subdir.DirID: subdir,
 				},
 				Secrets: map[uuid.UUID]*Secret{},
 			},
@@ -88,8 +88,8 @@ func TestAbsDirPath(t *testing.T) {
 				ParentPath: "namespace/repo",
 				RootDir:    dir,
 				Dirs: map[uuid.UUID]*Dir{
-					*dir.DirID:    dir,
-					*subdir.DirID: subdir,
+					dir.DirID:    dir,
+					subdir.DirID: subdir,
 				},
 				Secrets: map[uuid.UUID]*Secret{},
 			},

diff --git a/internals/api/encrypted_data_test.go b/internals/api/encrypted_data_test.go
@@ -10,7 +10,7 @@ import (
 )
 
 func TestEncryptedData_MarshalUnmarshalValidate(t *testing.T) {
-	encryptedDataRSAAccountKey := NewEncryptedDataRSAOAEP([]byte("rsa-ciphertext"), HashingAlgorithmSHA256, NewEncryptionKeyAccountKey(4096, *uuid.New()))
+	encryptedDataRSAAccountKey := NewEncryptedDataRSAOAEP([]byte("rsa-ciphertext"), HashingAlgorithmSHA256, NewEncryptionKeyAccountKey(4096, uuid.New()))
 
 	cases := map[string]struct {
 		in          *EncryptedData
@@ -24,7 +24,7 @@ func TestEncryptedData_MarshalUnmarshalValidate(t *testing.T) {
 			in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeyLocal(256)),
 		},
 		"aes with secret key": {
-			in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeySecretKey(256, *uuid.New())),
+			in: NewEncryptedDataAESGCM([]byte("ciphertext"), []byte("nonce"), 96, NewEncryptionKeySecretKey(256, uuid.New())),
 		},
 		"rsa account key": {
 			in: encryptedDataRSAAccountKey,

diff --git a/internals/api/name.go b/internals/api/name.go
@@ -7,13 +7,13 @@ import (
 
 // EncryptedNameRequest contains an EncryptedName for an Account.
 type EncryptedNameRequest struct {
-	AccountID     *uuid.UUID           `json:"account_id"`
+	AccountID     uuid.UUID            `json:"account_id"`
 	EncryptedName crypto.CiphertextRSA `json:"encrypted_name"`
 }
 
 // Validate validates the EncryptedNameRequest to be valid.
 func (enr *EncryptedNameRequest) Validate() error {
-	if enr.AccountID == nil {
+	if enr.AccountID.IsZero() {
 		return ErrInvalidAccountID
 	}
 
@@ -23,12 +23,12 @@ func (enr *EncryptedNameRequest) Validate() error {
 // EncryptedNameForNodeRequest contains an EncryptedName for an Account and the corresponding NodeID.
 type EncryptedNameForNodeRequest struct {
 	EncryptedNameRequest
-	NodeID *uuid.UUID `json:"node_id"`
+	NodeID uuid.UUID `json:"node_id"`
 }
 
 // Validate validates the EncryptedNameForNodeRequest.
 func (nnr EncryptedNameForNodeRequest) Validate() error {
-	if nnr.NodeID == nil {
+	if nnr.NodeID.IsZero() {
 		return ErrInvalidNodeID
 	}
 

diff --git a/internals/api/org.go b/internals/api/org.go
@@ -16,7 +16,7 @@ const (
 
 // Org represents an organization account on SecretHub
 type Org struct {
-	OrgID       *uuid.UUID   `json:"org_id"`
+	OrgID       uuid.UUID    `json:"org_id"`
 	Name        string       `json:"name"`
 	Description string       `json:"description"`
 	CreatedAt   time.Time    `json:"created_at"`
@@ -38,12 +38,12 @@ func (s SortOrgByName) Less(i, j int) bool {
 
 // OrgMember represents a user's membership of an organization.
 type OrgMember struct {
-	OrgID         *uuid.UUID `json:"org_id"`
-	AccountID     *uuid.UUID `json:"account_id"`
-	Role          string     `json:"role"`
-	CreatedAt     time.Time  `json:"created_at"`
-	LastChangedAt time.Time  `json:"last_changed_at"`
-	User          *User      `json:"user,omitempty"`
+	OrgID         uuid.UUID `json:"org_id"`
+	AccountID     uuid.UUID `json:"account_id"`
+	Role          string    `json:"role"`
+	CreatedAt     time.Time `json:"created_at"`
+	LastChangedAt time.Time `json:"last_changed_at"`
+	User          *User     `json:"user,omitempty"`
 }
 
 // SortOrgMemberByUsername makes a list of org members sortable.

diff --git a/internals/api/repo.go b/internals/api/repo.go
@@ -28,7 +28,7 @@ var (
 
 // Repo represents a repo on SecretHub.
 type Repo struct {
-	RepoID         *uuid.UUID `json:"repo_id"`
+	RepoID         uuid.UUID  `json:"repo_id"`
 	Owner          string     `json:"owner"`
 	Name           string     `json:"name"`
 	CreatedAt      *time.Time `json:"created_at"`
@@ -112,9 +112,9 @@ func (crr CreateRepoRequest) Validate() error {
 
 // RepoMember represents a member of a SecretHub repo.
 type RepoMember struct {
-	RepoID    *uuid.UUID `json:"repo_id"`
-	AccountID *uuid.UUID `json:"account_id"`
-	CreatedAt time.Time  `json:"created_at"`
+	RepoID    uuid.UUID `json:"repo_id"`
+	AccountID uuid.UUID `json:"account_id"`
+	CreatedAt time.Time `json:"created_at"`
 }
 
 // CreateRepoMemberRequest contains the required fields for adding a user to a repo.
@@ -138,13 +138,13 @@ func (req CreateRepoMemberRequest) Validate() error {
 
 // InviteUserRequest contains the required fields for inviting a user to a repo.
 type InviteUserRequest struct {
-	AccountID  *uuid.UUID               `json:"account_id"`
+	AccountID  uuid.UUID                `json:"account_id"`
 	RepoMember *CreateRepoMemberRequest `json:"repo_member"`
 }
 
 // Validate validates a InviteUserRequest
 func (req InviteUserRequest) Validate() error {
-	if req.AccountID == nil {
+	if req.AccountID.IsZero() {
 		return ErrInvalidAccountID
 	}