diff --git a/src/commands/git_secret_hide.sh b/src/commands/git_secret_hide.sh index 1490bcd7..d9c7078a 100644 --- a/src/commands/git_secret_hide.sh +++ b/src/commands/git_secret_hide.sh @@ -80,16 +80,19 @@ function _optional_fsdb_update_hash { function hide { local clean=0 + local chmod=0 local delete=0 local fsdb_update_hash=0 # add checksum hashes to fsdb local verbose='' OPTIND=1 - while getopts 'cdmvh' opt; do + while getopts 'cCdmvh' opt; do case "$opt" in c) clean=1;; + C) chmod=1;; + d) delete=1;; m) fsdb_update_hash=1;; @@ -160,6 +163,14 @@ function hide { if [[ "$exit_code" -ne 0 ]]; then _abort "problem encrypting file with gpg: exit code $exit_code: $filename" fi + + if [[ "$chmod" == 1 ]]; then + local perms + perms=$($SECRETS_OCTAL_PERMS_COMMAND "$input_path") + chmod "$perms" "$output_path" + fi + + # If -m option was provided, it will update unencrypted file hash local key="$filename" local hash="$file_hash" diff --git a/src/commands/git_secret_reveal.sh b/src/commands/git_secret_reveal.sh index 5153d370..1d521a2d 100644 --- a/src/commands/git_secret_reveal.sh +++ b/src/commands/git_secret_reveal.sh @@ -9,13 +9,13 @@ function reveal { OPTIND=1 - while getopts 'chfd:p:' opt; do + while getopts 'hfCd:p:' opt; do case "$opt" in h) _show_manual_for 'reveal';; f) force=1;; - c) chmod=1;; + C) chmod=1;; p) passphrase=$OPTARG;; diff --git a/tests/test_reveal.bats b/tests/test_reveal.bats index 858dec87..15440445 100644 --- a/tests/test_reveal.bats +++ b/tests/test_reveal.bats @@ -55,7 +55,7 @@ function teardown { } -@test "run 'reveal' with '-c'" { +@test "run 'reveal' with '-C'" { rm "$FILE_TO_HIDE" local password=$(test_user_password "$TEST_DEFAULT_USER") @@ -63,7 +63,7 @@ function teardown { local secret_file=$(_get_encrypted_filename "$FILE_TO_HIDE") chmod o-rwx "$secret_file" - run git secret reveal -c -d "$TEST_GPG_HOMEDIR" -p "$password" + run git secret reveal -C -d "$TEST_GPG_HOMEDIR" -p "$password" [ "$status" -eq 0 ]