CLI list with descryption error handle

Signed-off-by: shirady <[email protected]>

Author: shirady

src/cmd/manage_nsfs.js

@@ -247,7 +247,7 @@ async function manage_bucket_operations(action, data, user_input) {
     } else if (action === ACTIONS.LIST) {
         const bucket_filters = _.pick(user_input, LIST_BUCKET_FILTERS);
         const wide = get_boolean_or_string_value(user_input.wide);
-        const buckets = await list_config_files(TYPES.BUCKET, config_fs.buckets_dir_path, wide, undefined, bucket_filters);
+        const buckets = await list_config_files(TYPES.BUCKET, wide, undefined, bucket_filters);
         write_stdout_response(ManageCLIResponse.BucketList, buckets);
     } else {
         // we should not get here (we check it before)
@@ -522,8 +522,7 @@ async function manage_account_operations(action, data, show_secrets, user_input)
     } else if (action === ACTIONS.LIST) {
         const account_filters = _.pick(user_input, LIST_ACCOUNT_FILTERS);
         const wide = get_boolean_or_string_value(user_input.wide);
-        const accounts = await list_config_files(TYPES.ACCOUNT, config_fs.accounts_dir_path, wide,
-            show_secrets, account_filters);
+        const accounts = await list_config_files(TYPES.ACCOUNT, wide, show_secrets, account_filters);
         write_stdout_response(ManageCLIResponse.AccountList, accounts);
     } else {
         // we should not get here (we check it before)
@@ -583,12 +582,11 @@ function filter_bucket(bucket, filters) {
 }
 /**
  * list_config_files will list all the config files (json) in a given config directory
- * @param {string} config_path
  * @param {boolean} [wide]
  * @param {boolean} [show_secrets]
  * @param {object} [filters]
  */
-async function list_config_files(type, config_path, wide, show_secrets, filters) {
+async function list_config_files(type, wide, show_secrets, filters) {
     const entries = type === TYPES.ACCOUNT ?
         await config_fs.list_root_accounts() :
         await config_fs.list_buckets();
@@ -598,8 +596,9 @@ async function list_config_files(type, config_path, wide, show_secrets, filters)
     // decrypt only if data has access_keys and show_secrets = true (no need to decrypt if show_secrets = false but should_filter = true)
     const options = {
         show_secrets: show_secrets || should_filter,
-        should_decrypt: show_secrets,
-        silent_if_missing: true
+        decrypt_secret_key: show_secrets,
+        silent_if_missing: true,
+        add_master_key_warning: show_secrets,
     };
 
     let config_files_list = await P.map_with_concurrency(10, entries, async entry => {

src/sdk/config_fs.js

@@ -127,19 +127,25 @@ class ConfigFS {
      * if silent_if_missing is true -      
      *   if the config file was deleted (encounter ENOENT error) - continue (returns undefined)
      * @param {string} config_file_path
-     * @param {{show_secrets?: boolean, decrypt_secret_key?: boolean, silent_if_missing?: boolean}} [options]
+     * @param {{show_secrets?: boolean, decrypt_secret_key?: boolean, silent_if_missing?: boolean, add_master_key_warning?: boolean}} [options]
      * @returns {Promise<Object>}
      */
     async get_config_data(config_file_path, options = {}) {
-        const { show_secrets = false, decrypt_secret_key = false, silent_if_missing = false } = options;
+        const { show_secrets = false, decrypt_secret_key = false, silent_if_missing = false,
+            add_master_key_warning = false } = options;
+        let config_data;
         try {
             const { data } = await nb_native().fs.readFile(this.fs_context, config_file_path);
-            const config_data = _.omit(JSON.parse(data.toString()), show_secrets ? [] : ['access_keys']);
+            config_data = _.omit(JSON.parse(data.toString()), show_secrets ? [] : ['access_keys']);
             if (decrypt_secret_key) config_data.access_keys = await nc_mkm.decrypt_access_keys(config_data);
             return config_data;
         } catch (err) {
             dbg.warn('get_config_data: with config_file_path', config_file_path, 'got an error', err);
             if (silent_if_missing && err.code === 'ENOENT') return;
+            if (add_master_key_warning && err.rpc_code === 'INVALID_MASTER_KEY') {
+                config_data.master_key_warning = `Got an error on decryption account ${config_data._id}`;
+                return config_data;
+            }
             throw err;
         }
     }

src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js

@@ -1316,6 +1316,18 @@ describe('manage nsfs cli account flow', () => {
             expect(JSON.parse(res.stdout).error.message).toBe(ManageCLIError.InvalidFlagsCombination.message);
         });
 
+        it('cli list wide and show_secrets', async () => {
+            const account_options = { config_root, wide: true, show_secrets: true };
+            const action = ACTIONS.LIST;
+            const res = await exec_manage_cli(type, action, account_options);
+            expect(JSON.parse(res).response.reply.map(item => item.name))
+                .toEqual(expect.arrayContaining(['account3', 'account2', 'account1']));
+            const res_arr = JSON.parse(res).response.reply;
+            for (const item of res_arr) {
+                expect(item.access_keys[0].secret_key).toBeDefined();
+            }
+        });
+
     });
 
     describe('cli delete account', () => {
@@ -2038,6 +2050,23 @@ describe('cli without master key id', () => {
         // rename the master_key.json
         await master_key_file_rename(config_root, false);
     });
+
+    it('cli list with wide and show_secrets flags (without master key id)', async () => {
+        // rename the master_key.json
+        await master_key_file_rename(config_root, true);
+
+        const action = ACTIONS.LIST;
+        const account_options = { config_root, wide: true, show_secrets: true };
+        const res = await exec_manage_cli(type, action, account_options);
+        const res_arr = JSON.parse(res).response.reply;
+        for (const item of res_arr) {
+            expect(item.access_keys[0].encrypted_secret_key).toBeDefined();
+            expect(item.master_key_warning).toBeDefined();
+        }
+
+        // rename the master_key.json
+        await master_key_file_rename(config_root, false);
+    });
 });
 
 /**