requested changes

Update secret-v2-bridge-dal.ts
2025-03-31 22:09:57 +00:00 · 2025-02-07 07:49:42 +04:00 · 2025-02-06 07:39:47 +04:00 · 2025-02-03 23:22:27 +04:00 · 2025-02-03 23:22:20 +04:00 · 2025-02-03 21:16:07 +04:00
6 changed files with 95 additions and 1 deletions
--- a/backend/src/lib/api-docs/constants.ts
+++ b/backend/src/lib/api-docs/constants.ts
@ -688,7 +688,9 @@ export const RAW_SECRETS = {
    environment: "The slug of the environment to list secrets from.",
    secretPath: "The secret path to list secrets from.",
    includeImports: "Weather to include imported secrets or not.",
-    tagSlugs: "The comma separated tag slugs to filter secrets."
+    tagSlugs: "The comma separated tag slugs to filter secrets.",
+    metadataFilter:
+      "The secret metadata key-value pairs to filter secrets by. When querying for multiple metadata pairs, the query is treated as an AND operation. Secret metadata format is key=value1,value=value2|key=value3,value=value4."
  },
  CREATE: {
    secretName: "The name of the secret to create.",
--- a/backend/src/server/routes/v3/secret-router.ts
+++ b/backend/src/server/routes/v3/secret-router.ts
@ -181,6 +181,66 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
        }
      ],
      querystring: z.object({
+        metadataFilter: z
+          .string()
+          .optional()
+          .transform((val) => {
+            if (!val) return undefined;
+
+            const result: { key?: string; value?: string }[] = [];
+            const pairs = val.split("|");
+
+            for (const pair of pairs) {
+              const keyValuePair: { key?: string; value?: string } = {};
+              const parts = pair.split(/[,=]/);
+
+              for (let i = 0; i < parts.length; i += 2) {
+                const identifier = parts[i].trim().toLowerCase();
+                const value = parts[i + 1]?.trim();
+
+                if (identifier === "key" && value) {
+                  keyValuePair.key = value;
+                } else if (identifier === "value" && value) {
+                  keyValuePair.value = value;
+                }
+              }
+
+              if (keyValuePair.key && keyValuePair.value) {
+                result.push(keyValuePair);
+              }
+            }
+
+            return result.length ? result : undefined;
+          })
+          .superRefine((metadata, ctx) => {
+            if (metadata && !Array.isArray(metadata)) {
+              ctx.addIssue({
+                code: z.ZodIssueCode.custom,
+                message:
+                  "Invalid secretMetadata format. Correct format is key=value1,value=value2|key=value3,value=value4."
+              });
+            }
+
+            if (metadata) {
+              if (metadata.length > 10) {
+                ctx.addIssue({
+                  code: z.ZodIssueCode.custom,
+                  message: "You can only filter by up to 10 metadata fields"
+                });
+              }
+
+              for (const item of metadata) {
+                if (!item.key && !item.value) {
+                  ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    message:
+                      "Invalid secretMetadata format, key or value must be provided. Correct format is key=value1,value=value2|key=value3,value=value4."
+                  });
+                }
+              }
+            }
+          })
+          .describe(RAW_SECRETS.LIST.metadataFilter),
        workspaceId: z.string().trim().optional().describe(RAW_SECRETS.LIST.workspaceId),
        workspaceSlug: z.string().trim().optional().describe(RAW_SECRETS.LIST.workspaceSlug),
        environment: z.string().trim().optional().describe(RAW_SECRETS.LIST.environment),
@ -281,6 +341,7 @@ export const registerSecretRouter = async (server: FastifyZodProvider) => {
        actorAuthMethod: req.permission.authMethod,
        projectId: workspaceId,
        path: secretPath,
+        metadataFilter: req.query.metadataFilter,
        includeImports: req.query.include_imports,
        recursive: req.query.recursive,
        tagSlugs: req.query.tagSlugs
--- a/backend/src/services/secret-v2-bridge/secret-v2-bridge-dal.ts
+++ b/backend/src/services/secret-v2-bridge/secret-v2-bridge-dal.ts
@ -414,6 +414,20 @@ export const secretV2BridgeDALFactory = (db: TDbClient) => {
          `${TableName.SecretTag}.id`
        )
        .leftJoin(TableName.ResourceMetadata, `${TableName.SecretV2}.id`, `${TableName.ResourceMetadata}.secretId`)
+        .where((qb) => {
+          if (filters?.metadataFilter && filters.metadataFilter.length > 0) {
+            filters.metadataFilter.forEach((meta) => {
+              void qb.whereExists((subQuery) => {
+                void subQuery
+                  .select("secretId")
+                  .from(TableName.ResourceMetadata)
+                  .whereRaw(`"${TableName.ResourceMetadata}"."secretId" = "${TableName.SecretV2}"."id"`)
+                  .where(`${TableName.ResourceMetadata}.key`, meta.key)
+                  .where(`${TableName.ResourceMetadata}.value`, meta.value);
+              });
+            });
+          }
+        })
        .select(
          selectAllTableCols(TableName.SecretV2),
          db.raw(
@ -481,6 +495,7 @@ export const secretV2BridgeDALFactory = (db: TDbClient) => {
          }
        ]
      });
+
      return data;
    } catch (error) {
      throw new DatabaseError({ error, name: "get all secret" });
--- a/backend/src/services/secret-v2-bridge/secret-v2-bridge-types.ts
+++ b/backend/src/services/secret-v2-bridge/secret-v2-bridge-types.ts
@ -30,6 +30,10 @@ export type TGetSecretsDTO = {
  includeImports?: boolean;
  recursive?: boolean;
  tagSlugs?: string[];
+  metadataFilter?: {
+    key?: string;
+    value?: string;
+  }[];
  orderBy?: SecretsOrderBy;
  orderDirection?: OrderByDirection;
  offset?: number;
@ -310,6 +314,7 @@ export type TFindSecretsByFolderIdsFilter = {
  orderDirection?: OrderByDirection;
  search?: string;
  tagSlugs?: string[];
+  metadataFilter?: { key?: string; value?: string }[];
  includeTagsInSearch?: boolean;
  keys?: string[];
 };
--- a/backend/src/services/secret/secret-service.ts
+++ b/backend/src/services/secret/secret-service.ts
@ -1263,6 +1263,13 @@ export const secretServiceFactory = ({
        name: "bot_not_found_error"
      });

+    if (paramsV2.metadataFilter) {
+      throw new BadRequestError({
+        message: "Please upgrade your project to filter secrets by metadata",
+        name: "SecretMetadataNotSupported"
+      });
+    }
+
    const { secrets, imports } = await getSecrets({
      actorId,
      projectId,
--- a/backend/src/services/secret/secret-types.ts
+++ b/backend/src/services/secret/secret-types.ts
@ -182,6 +182,10 @@ export type TGetSecretsRawDTO = {
  includeImports?: boolean;
  recursive?: boolean;
  tagSlugs?: string[];
+  metadataFilter?: {
+    key?: string;
+    value?: string;
+  }[];
  orderBy?: SecretsOrderBy;
  orderDirection?: OrderByDirection;
  offset?: number;
Author	SHA1	Message	Date
Daniel Hougaard	70c9761abe	requested changes	2025-02-07 07:49:42 +04:00
Daniel Hougaard	8d7b5968d3	requested changes	2025-02-06 07:39:47 +04:00
Daniel Hougaard	071f37666e	Update secret-v2-bridge-dal.ts	2025-02-03 23:22:27 +04:00
Daniel Hougaard	cd5078d8b7	Update secret-router.ts	2025-02-03 23:22:20 +04:00
Daniel Hougaard	407fd8eda7	chore: rename to metadata filter	2025-02-03 21:16:07 +04:00
Daniel Hougaard	9d976de19b	Revert "fix: improved filter" This reverts commit be99e40050c54fdc318cedd18397a3680abb6bc5.	2025-02-03 21:13:47 +04:00
Daniel Hougaard	be99e40050	fix: improved filter	2025-02-03 12:54:54 +04:00
Daniel Hougaard	0968893d4b	improved filtering format	2025-01-30 21:41:17 +01:00
Daniel Hougaard	d24a5d96e3	requested changes	2025-01-29 14:24:23 +01:00
Daniel Hougaard	55b0dc7f81	chore: cleanup	2025-01-28 23:35:07 +01:00
Daniel Hougaard	ba03fc256b	Update secret-router.ts	2025-01-28 23:30:28 +01:00
Daniel Hougaard	ea28c374a7	feat(api): filter secrets by metadata	2025-01-28 23:29:02 +01:00