Issue open-horizon#3908 - Bug: CLI for node level secrets not applyin…

…g to a specific node Signed-off-by: zhangl <zhangl@us.ibm.com>
LiilyZhang · Sep 28, 2023 · 1d87edb · 1d87edb
1 parent 6c44853
commit 1d87edb
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 9 deletions.
diff --git a/agreementbot/secure_api.go b/agreementbot/secure_api.go
@@ -1200,7 +1200,7 @@ func (a *SecureAPI) errCheck(err error, action string, info *SecretRequestInfo)
 		// build the original secret name
 		var secretName string
 		if info.user != "" && info.node != "" {
-			secretName = "user/" + info.user + "node/" + info.node + cliutils.AddSlash(info.vaultSecretName)
+			secretName = "user/" + info.user + "/node/" + info.node + cliutils.AddSlash(info.vaultSecretName)
 		} else if info.user != "" {
 			secretName = "user/" + info.user + cliutils.AddSlash(info.vaultSecretName)
 		} else if info.node != "" {

diff --git a/cli/secrets_manager/secrets_manager.go b/cli/secrets_manager/secrets_manager.go
@@ -81,8 +81,12 @@ func SecretList(org, credToUse, secretName, secretNodeId string) {
 		secretName = secretName[:len(secretName)-1]
 	}
 
-	if !strings.Contains(secretName, "/node") && secretNodeId != "" {
-		// add /node/{nodeID} to the path
+	if strings.HasPrefix(secretName, "/") {
+		secretName = strings.TrimPrefix(secretName, "/")
+	}
+
+	if !strings.Contains(secretName, "node/") && secretNodeId != "" {
+		// add node/{nodeID} to the path
 		secretName = getSecretPathForNodeLevelSecret(secretName, secretNodeId)
 	}
 	// if given secretName := "", nodeId is specified, then secretName will be convert to "node/{nodeId}"
@@ -166,8 +170,12 @@ func SecretAdd(org, credToUse, secretName, secretNodeId, secretFile, secretKey,
 		secretName = secretName[:len(secretName)-1]
 	}
 
-	if !strings.Contains(secretName, "/node") && secretNodeId != "" {
-		// add /node/{nodeID} to the path
+	if strings.HasPrefix(secretName, "/") {
+		secretName = strings.TrimPrefix(secretName, "/")
+	}
+
+	if !strings.Contains(secretName, "node/") && secretNodeId != "" {
+		// add node/{nodeID} to the path
 		secretName = getSecretPathForNodeLevelSecret(secretName, secretNodeId)
 	}
 
@@ -259,8 +267,12 @@ func SecretRemove(org, credToUse, secretName, secretNodeId string, forceRemoval
 		secretName = secretName[:len(secretName)-1]
 	}
 
-	if !strings.Contains(secretName, "/node") && secretNodeId != "" {
-		// add /node/{nodeID} to the path
+	if strings.HasPrefix(secretName, "/") {
+		secretName = strings.TrimPrefix(secretName, "/")
+	}
+
+	if !strings.Contains(secretName, "node/") && secretNodeId != "" {
+		// add node/{nodeID} to the path
 		secretName = getSecretPathForNodeLevelSecret(secretName, secretNodeId)
 	}
 
@@ -299,8 +311,12 @@ func SecretRead(org, credToUse, secretName, secretNodeId string) {
 		secretName = secretName[:len(secretName)-1]
 	}
 
-	if !strings.Contains(secretName, "/node") && secretNodeId != "" {
-		// add /node/{nodeID} to the path
+	if strings.HasPrefix(secretName, "/") {
+		secretName = strings.TrimPrefix(secretName, "/")
+	}
+
+	if !strings.Contains(secretName, "node/") && secretNodeId != "" {
+		// add node/{nodeID} to the path
 		secretName = getSecretPathForNodeLevelSecret(secretName, secretNodeId)
 	}
 
@@ -328,6 +344,7 @@ func SecretRead(org, credToUse, secretName, secretNodeId string) {
 
 func getSecretPathForNodeLevelSecret(secretName string, secretNodeId string) string {
 	secretName = strings.TrimSpace(secretName)
+	secretName = strings.TrimPrefix(secretName, "/")
 	if secretName == "" {
 		secretName = fmt.Sprintf("node/%v", secretNodeId)
 	} else {