speatzle/go-passbolt
1
0
Fork 0
mirror of https://github.com/passbolt/go-passbolt.git synced 2025-06-28 22:59:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: adding password expiry

Browse source
This commit is contained in:
Nelson Isioma 2025-06-23 02:46:49 +01:00
parent 5262eff022
commit 5b34b6da86
4 changed files with 20 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
api/client.go
View file

@ -37,7 +37,7 @@ type Client struct {
metadataKeySettings MetadataKeySettings metadataKeySettings MetadataKeySettings
// Server Settings for password expiry // Server Settings for password expiry
passwordExpirySettings PasswordExpirySettings PasswordExpirySettings PasswordExpirySettings
// used for solving MFA challenges. You can block this to for example wait for user input. // used for solving MFA challenges. You can block this to for example wait for user input.
// You shouden't run any unrelated API Calls while you are in this callback. // You shouden't run any unrelated API Calls while you are in this callback.
@ -249,10 +249,10 @@ func (c *Client) setPasswordExpirySettings(ctx context.Context, settings *Server
} }
c.log("passwordExpirySettings: %+v", passwordExpirySettings) c.log("passwordExpirySettings: %+v", passwordExpirySettings)
c.passwordExpirySettings = *passwordExpirySettings c.PasswordExpirySettings = *passwordExpirySettings
} else { } else {
c.log("Server has password expiry plugin disabled or not installed.") c.log("Server has password expiry plugin disabled or not installed.")
c.passwordExpirySettings = getDefaultPasswordExpirySettings() c.PasswordExpirySettings = getDefaultPasswordExpirySettings()
} }
return nil return nil

9
api/resources.go
View file

@ -4,7 +4,6 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"time"
) )
// Resource is a Resource. // Resource is a Resource.
@ -87,10 +86,6 @@ func (c *Client) GetResources(ctx context.Context, opts *GetResourcesOptions) ([
// CreateResource Creates a new Passbolt Resource // CreateResource Creates a new Passbolt Resource
func (c *Client) CreateResource(ctx context.Context, resource Resource) (*Resource, error) { func (c *Client) CreateResource(ctx context.Context, resource Resource) (*Resource, error) {
if c.passwordExpirySettings.DefaultExpiryPeriod != 0 {
expiry := time.Now().Add(time.Hour * 24 * time.Duration(c.passwordExpirySettings.DefaultExpiryPeriod))
resource.Expired = &Time{expiry}
}
msg, err := c.DoCustomRequest(ctx, "POST", "/resources.json", "v2", resource, nil) msg, err := c.DoCustomRequest(ctx, "POST", "/resources.json", "v2", resource, nil)
if err != nil { if err != nil {
return nil, err return nil, err
@ -129,10 +124,6 @@ func (c *Client) UpdateResource(ctx context.Context, resourceID string, resource
return nil, fmt.Errorf("Checking ID format: %w", err) return nil, fmt.Errorf("Checking ID format: %w", err)
} }
if resource.Expired != nil && c.passwordExpirySettings.AutomaticUpdate {
expiry := time.Now().Add(time.Hour * 24 * time.Duration(c.passwordExpirySettings.DefaultExpiryPeriod))
resource.Expired = &Time{expiry}
}
msg, err := c.DoCustomRequest(ctx, "PUT", "/resources/"+resourceID+".json", "v2", resource, nil) msg, err := c.DoCustomRequest(ctx, "PUT", "/resources/"+resourceID+".json", "v2", resource, nil)
if err != nil { if err != nil {
return nil, err return nil, err

11
helper/resource_create.go
View file

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"time"
"github.com/passbolt/go-passbolt/api" "github.com/passbolt/go-passbolt/api"
) )
@ -99,6 +100,11 @@ func CreateResourceV5(ctx context.Context, c *api.Client, folderParentID, name,
} }
resource.Secrets = []api.Secret{{Data: encSecretData}} resource.Secrets = []api.Secret{{Data: encSecretData}}
if c.PasswordExpirySettings.DefaultExpiryPeriod != 0 {
expiry := time.Now().Add(time.Hour * 24 * time.Duration(c.PasswordExpirySettings.DefaultExpiryPeriod))
resource.Expired = &api.Time{Time: expiry}
}
newresource, err := c.CreateResource(ctx, resource) newresource, err := c.CreateResource(ctx, resource)
if err != nil { if err != nil {
return "", fmt.Errorf("Creating Resource: %w", err) return "", fmt.Errorf("Creating Resource: %w", err)
@ -154,6 +160,11 @@ func CreateResourceV4(ctx context.Context, c *api.Client, folderParentID, name,
} }
resource.Secrets = []api.Secret{{Data: encSecretData}} resource.Secrets = []api.Secret{{Data: encSecretData}}
if c.PasswordExpirySettings.DefaultExpiryPeriod != 0 {
expiry := time.Now().Add(time.Hour * 24 * time.Duration(c.PasswordExpirySettings.DefaultExpiryPeriod))
resource.Expired = &api.Time{Time: expiry}
}
newresource, err := c.CreateResource(ctx, resource) newresource, err := c.CreateResource(ctx, resource)
if err != nil { if err != nil {
return "", fmt.Errorf("Creating Resource: %w", err) return "", fmt.Errorf("Creating Resource: %w", err)

6
helper/resource_update.go
View file

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"time"
"github.com/ProtonMail/gopenpgp/v3/crypto" "github.com/ProtonMail/gopenpgp/v3/crypto"
"github.com/passbolt/go-passbolt/api" "github.com/passbolt/go-passbolt/api"
@ -376,6 +377,11 @@ func UpdateResource(ctx context.Context, c *api.Client, resourceID, name, userna
}) })
} }
if resource.Expired != nil && c.PasswordExpirySettings.AutomaticUpdate {
expiry := time.Now().Add(time.Hour * 24 * time.Duration(c.PasswordExpirySettings.DefaultExpiryPeriod))
newResource.Expired = &api.Time{expiry}
}
_, err = c.UpdateResource(ctx, resourceID, newResource) _, err = c.UpdateResource(ctx, resourceID, newResource)
if err != nil { if err != nil {
return fmt.Errorf("Updating Resource: %w", err) return fmt.Errorf("Updating Resource: %w", err)