list and whoknows commands added

README.md

@@ -6,12 +6,10 @@
 
 This project is still under development. Current objectives:
 
-- `git-secret-list` to show added files
-- `git-secret-whoknows` to show added keys
-- check all exit code, modify if needed
+- check all exit codes, modify if needed
 - add check if the `.gitsecret` folder is ignored, raise exception in that case.
 - add `trust-model` parameter to `git-secret-hide`
-- add exception when running `git secret tell` with no files added
+- add exception when running `git secret hide` with no files added
 - manuals
 - hooks: `pre-commit` to encrypt secret files
 - static site for `gh-pages` build from manuals with `Jekyll` and `Ronn`

src/_utils/_git_secret_tools.sh

@@ -144,7 +144,7 @@ function _user_required {
     _abort "$error_message"
   fi
 
-  local keys_exist=$($GPGLOCAL -n --list-keys)
+  local keys_exist=$($GPGLOCAL -n --list-keys --with-colon)
   if [[ -z $keys_exist ]]; then
     _abort "$error_message"
   fi
@@ -159,3 +159,15 @@ function _get_raw_filename {
 function _get_encrypted_filename {
   echo "$(dirname "$1")/$(basename "$1" "$SECRETS_EXTENSION")$SECRETS_EXTENSION" | sed -e 's#^\./##'
 }
+
+
+function _get_users_in_keyring {
+  local result=$($GPGLOCAL --list-public-keys --with-colon | sed -n 's/.*<\(.*\)>.*/\1/p')
+  echo "$result"
+}
+
+
+function _get_recepients {
+  local result=$($GPGLOCAL --list-public-keys --with-colon | sed -n 's/.*<\(.*\)>.*/-r\1/p')
+  echo "$result"
+}

src/commands/git_secret_hide.sh

@@ -50,11 +50,11 @@ function hide {
   while read line; do
     local encrypted_filename=$(_get_encrypted_filename $line)
 
-    local recipients=$($GPGLOCAL --list-public-keys | sed -n 's/.*<\(.*\)>.*/-r\1/p')
+    local recipients=$(_get_recepients)
     $GPGLOCAL --use-agent --yes --trust-model=always --encrypt $recipients -o "$encrypted_filename" "$line"
 
     counter=$((counter+1))
-  done < $SECRETS_DIR_PATHS_MAPPING
+  done < "$SECRETS_DIR_PATHS_MAPPING"
 
   echo "done. all $counter files are hidden."
 }

src/commands/git_secret_list.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+
+function list {
+  _user_required
+
+  if [[ ! -s "$SECRETS_DIR_PATHS_MAPPING" ]]; then
+    exit 1
+  fi
+
+  while read line; do
+    echo "$line"
+  done < "$SECRETS_DIR_PATHS_MAPPING"
+}

src/commands/git_secret_remove.sh

@@ -38,6 +38,7 @@ function remove {
     fi
 
     _delete_line "$item" "$SECRETS_DIR_PATHS_MAPPING"
+    rm -f "${SECRETS_DIR_PATHS_MAPPING}.bak"
 
     if [[ "$clean" == 1 ]]; then
       local encrypted_filename=`_get_encrypted_filename "$item"`

src/commands/git_secret_whoknows.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+
+function whoknows {
+  _user_required
+
+  local keys=$(_get_users_in_keyring)
+  echo "$keys"
+}

tests/_test_base.bash

@@ -118,7 +118,7 @@ function set_state_secret_init {
 
 function set_state_secret_tell {
   local email=`test_user_email $1`
-  git secret tell -d "$TEST_GPG_HOMEDIR" "$email"
+  git secret tell -d "$TEST_GPG_HOMEDIR" "$email" > /dev/null 2>&1
 }
 
 
@@ -128,7 +128,7 @@ function set_state_secret_add {
   echo "$content" > "$filename"
   echo "$filename" >> ".gitignore"
 
-  git secret add "$filename"
+  git secret add "$filename" > /dev/null 2>&1
 }
 
 

tests/test_hide.bats

@@ -8,6 +8,7 @@ FILE_CONTENTS="hidden content юникод"
 
 function setup {
   install_fixture_key "$TEST_DEFAULT_USER"
+
   set_state_git
   set_state_secret_init
   set_state_secret_tell "$TEST_DEFAULT_USER"
@@ -18,6 +19,7 @@ function setup {
 function teardown {
   uninstall_fixture_key $TEST_DEFAULT_USER
   unset_current_state
+
   rm -f "$FILE_TO_HIDE"
 }
 
@@ -33,3 +35,15 @@ function teardown {
   run git secret hide -v -c
   [ "$status" -eq 0 ]
 }
+
+
+@test "run 'hide' for multiple users" {
+  local new_user="user2"
+
+  install_fixture_key "$new_user"
+  set_state_secret_tell "$new_user"
+
+  run git secret hide
+  [ "$status" -eq 0 ]
+  [ "$output" = "done. all 1 files are hidden." ]
+}

tests/test_list.bats

@@ -0,0 +1,39 @@
+#!/usr/bin/env bats
+
+load _test_base
+
+FILE_TO_HIDE="file_to_hide"
+FILE_CONTENTS="hidden content юникод"
+
+
+function setup {
+  install_fixture_key "$TEST_DEFAULT_USER"
+
+  set_state_git
+  set_state_secret_init
+  set_state_secret_tell "$TEST_DEFAULT_USER"
+  set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS"
+}
+
+
+function teardown {
+  uninstall_fixture_key $TEST_DEFAULT_USER
+  unset_current_state
+
+  rm -f "$FILE_TO_HIDE"
+}
+
+
+@test "run 'list' normally" {
+  run git secret list
+  [ "$status" -eq 0 ]
+  [ "$output" = "$FILE_TO_HIDE" ]
+}
+
+
+@test "run 'list' on empty repo" {
+  git secret remove "$FILE_TO_HIDE"
+
+  run git secret list
+  [ "$status" -eq 1 ]
+}

tests/test_reveal.bats

@@ -63,3 +63,19 @@ function teardown {
 
   uninstall_fixture_full_key "$attacker"
 }
+
+
+@test "run 'reveal' for multiple users" {
+  local new_user="user2"
+  install_fixture_full_key "$new_user"
+  set_state_secret_tell "$new_user"
+  set_state_secret_hide
+
+  uninstall_fixture_full_key "$TEST_DEFAULT_USER"
+
+  local password=`test_user_password "$new_user"`
+  run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
+
+  [ "$status" -eq 0 ]
+  [ -f "$FILE_TO_HIDE" ]
+}

tests/test_whoknows.bats

@@ -0,0 +1,28 @@
+#!/usr/bin/env bats
+
+load _test_base
+
+
+function setup {
+  install_fixture_key "$TEST_DEFAULT_USER"
+  install_fixture_key "user2"
+
+  set_state_git
+  set_state_secret_init
+  set_state_secret_tell "$TEST_DEFAULT_USER"
+  set_state_secret_tell "user2"
+}
+
+
+function teardown {
+  uninstall_fixture_key $TEST_DEFAULT_USER
+  unset_current_state
+
+  rm -f "$FILE_TO_HIDE"
+}
+
+
+@test "run 'whoknows' normally" {
+  run git secret whoknows
+  [ "$status" -eq 0 ]
+}