Secrets in rest fixes

    """

    name = fields.Str()

    expires_at = fields.LocalDateTime(dump_only=True)

    value = fields.Str(load_only=True)

class CourseImportConfigSchema(Schema):

@users_namespace.response(404, 'User not found')

class UserSecretsController(Resource):

    @jwt_required

    @users_namespace.response(200, 'Effective permissions')

    @users_namespace.response(200, 'List user secrets')

    def get(self, uid: str):

        user = general.find_user(uid)

        permissions.PermissionsService().require.sysadmin_or_self(uid)

        return secrets_schema.dump(user.secrets)[0]

    @jwt_required

    # @users_namespace.response(201, 'Created user', model=user_schema)

    # @users_namespace.response(201, 'Created user secret', model=secret_schema)

    def post(self, uid):

        user = general.find_user(uid)

        permissions.PermissionsService().require.sysadmin_or_self(uid)

@users_namespace.response(404, 'User not found')

class UserSecretController(Resource):

    @jwt_required

    @users_namespace.response(204, 'Secret deleted')

    @users_namespace.response(200, 'User secret detail')

    def get(self, uid: str, sid: str):

        permissions.PermissionsService().require.sysadmin()

        user = general.find_user(uid)

        secret = general.find_secret(user, sid)

        return secret_schema.dump(secret)

    @jwt_required

    @users_namespace.response(204, 'User secret deleted')

    def delete(self, uid: str, sid: str):

        user = general.find_user(uid)

        permissions.PermissionsService().require.sysadmin_or_self(uid)

@workers_namespace.response(404, 'Worker not found')

class WorkerSecretsController(Resource):

    @jwt_required

    @workers_namespace.response(200, 'Effective permissions')

    @workers_namespace.response(200, 'List worker secrets')

    def get(self, wid: str):

        permissions.PermissionsService().require.sysadmin()

        worker = general.find_worker(wid)

        return secrets_schema.dump(worker.secrets)

    @jwt_required

    # @workers_namespace.response(201, 'Created user', model=user_schema)

    # @workers_namespace.response(201, 'Created worker secret', model=secret_schema)

    def post(self, wid: str):

        permissions.PermissionsService().require.sysadmin()

        data = rest_helpers.parse_request_data(

@workers_namespace.response(404, 'Worker not found')

class WorkerSecretController(Resource):

    @jwt_required

    @workers_namespace.response(204, 'Secret deleted')

    @workers_namespace.response(200, 'Worker secret detail')

    def get(self, wid: str, sid: str):

        permissions.PermissionsService().require.sysadmin()

        worker = general.find_worker(wid)

        secret = general.find_secret(worker, sid)

        return secret_schema.dump(secret)

    @jwt_required

    @workers_namespace.response(204, 'Worker secret deleted')

    def delete(self, wid: str, sid: str):

        permissions.PermissionsService().require.sysadmin()

        worker = general.find_worker(wid)

from portal import logger

from portal.database.models import Secret

from portal.service import general

from portal.service.general import delete_entity, find_secret

from portal.service.general import delete_entity, find_secret, write_entity

log = logger.get_logger(__name__)

    assert Secret.query.filter_by(client=user).count() == 0

def test_read_secret(client):

    user = User.query.filter_by(username="teacher1").first()

    secret = Secret.query.filter_by(client=user).first()

    response = utils.make_request(client, f'/users/{user.id}/secrets/{secret.id}',

                                  headers={"content-type": "application/json"},

                                  method='get')

    assert response.status_code == 200

    assert response.mimetype == 'application/json'

    response_secret = utils.extract_data(response)

    assert response_secret['id'] == secret.id

    assert response_secret['name'] == secret.name

    assert Secret.query.filter_by(client=user).count() == 1