diff --git a/apiserver/main.py b/apiserver/main.py
index dc5cbfb4f04a0a813c78c09347acb0f7442a3bd6..d91689219117f455795ab29e4bf31900aa3d0b56 100644
--- a/apiserver/main.py
+++ b/apiserver/main.py
@@ -146,6 +146,55 @@ async def delete_specific_dataset(location_data_type: LocationDataType,
log.debug("Authenticed User: '%s' deleted /%s/%s", user.username, location_data_type.value, dataset_id)
return adapter.delete(location_data_type, str(dataset_id), user.username)
+@app.get("/{location_data_type}/{dataset_id}/secrets")
+async def list_dataset_secrets(location_data_type: LocationDataType,
+ dataset_id: UUID4,
+ user: str = Depends(my_user)):
+ """list the secrets of a specific dataset"""
+ # TODO log
+ if userdb.get(user).has_secrets_access:
+ return adapter.list_secrets(location_data_type, dataset_id, user)
+ else:
+ raise HTTPException(403)
+
+@app.get("/{location_data_type}/{dataset_id}/secrets/{key}")
+async def get_dataset_secret(location_data_type: LocationDataType,
+ dataset_id: UUID4,
+ key: str,
+ user: str = Depends(my_user)):
+ """get the secrets of a specific dataset"""
+ # TODO log
+ if userdb.get(user).has_secrets_access:
+ return adapter.get_secret(location_data_type, dataset_id, key, user)
+ else:
+ raise HTTPException(403)
+
+@app.put("/{location_data_type}/{dataset_id}/secrets/{key}")
+async def add_update_dataset_secret(location_data_type: LocationDataType,
+ dataset_id: UUID4,
+ key: str,
+ value: str,
+ user: str = Depends(my_user)):
+ """get the secrets of a specific dataset"""
+ # TODO log
+ if userdb.get(user).has_secrets_access:
+ return adapter.add_update_secret(location_data_type, dataset_id, key, value, user)
+ else:
+ raise HTTPException(403)
+
+@app.delete("/{location_data_type}/{dataset_id}/secrets/{key}")
+async def get_dataset_secrets(location_data_type: LocationDataType,
+ dataset_id: UUID4,
+ key: str,
+ user: str = Depends(my_user)):
+ """delete a secret of a specific dataset"""
+ # TODO log
+ if userdb.get(user).has_secrets_access:
+ return adapter.delete_secret(location_data_type, dataset_id, key, user)
+ else:
+ raise HTTPException(403)
+
+
@app.exception_handler(FileNotFoundError)
async def not_found_handler(request: Request, ex: FileNotFoundError):
diff --git a/apiserver/storage/JsonFileStorageAdapter.py b/apiserver/storage/JsonFileStorageAdapter.py
index 9e1cbf7f153d1bce9797ee75daa8a49056035260..94e1ccd690a9ba442b4625d9187da44764c4b70c 100644
--- a/apiserver/storage/JsonFileStorageAdapter.py
+++ b/apiserver/storage/JsonFileStorageAdapter.py
@@ -134,6 +134,12 @@ class JsonFileStorageAdapter(AbstractLocationDataStorageAdapter):
full_path = self.__get_object_path(value=n_type.value, oid=oid)
log.debug("Deleted object %s by user '%s'.", oid, usr)
os.remove(full_path)
+
+ def list_secrets(self, n_type: LocationDataType, oid:str, usr: str):
+ """ list all available secrets for this object"""
+ secrets_path = self.__get_secrets_path(value=n_type.value, oid=oid)
+ secrets = self.__load_secrets(secrets_path)
+ return secrets.keys()
def add_update_secret(self, n_type: LocationDataType, oid:str, key: str, value: str, usr: str):
""" add new secrets to an existing object"""
diff --git a/apiserver/storage/LocationStorage.py b/apiserver/storage/LocationStorage.py
index 0aeb26d17cf0467d9e9e3db3c2911bbeb2f95d1a..29169798ad774748f5be10f0c3b97ff202102af6 100644
--- a/apiserver/storage/LocationStorage.py
+++ b/apiserver/storage/LocationStorage.py
@@ -61,6 +61,10 @@ class AbstractLocationDataStorageAdapter:
def delete(self, n_type: LocationDataType, oid: str, usr: str):
""" deletes given resource"""
raise NotImplementedError()
+
+ def list_secrets(self, n_type: LocationDataType, oid:str, usr: str):
+ """ list all available secrets for this object"""
+ raise NotImplementedError()
def add_update_secret(self, n_type: LocationDataType, oid:str, key: str, value: str, usr: str):
""" add new secrets to an existing object"""