fix for #710, using cat from a subdir (#751)

* fix for #710, using cat from a subdir * also fix using reveal with named files from a subdir
2 years ago · 84d1f85c56
parent bd51b66743
commit 84d1f85c56
5 changed files with 61 additions and 2 deletions
--- a/src/_utils/_git_secret_tools.sh
+++ b/src/_utils/_git_secret_tools.sh
@ -378,6 +378,23 @@ function _append_root_path {
 }


+# if passed a name like 'filename.txt', returns a full path in the repo
+# For #710: if we are in a subdir, fixup the path with the subdir
+function _append_relative_root_path {
+  local path="$1" # required
+
+  local full_path
+  full_path=$(_append_root_path "$path")
+    
+  local subdir
+  subdir=$(git rev-parse --show-prefix)   # get the subdir of repo, like "subdir/"
+  if [ ! -z "$subdir" ]; then
+    full_path="$(dirname $full_path)/${subdir}/$(basename $full_path)" 
+  fi
+
+  echo "$full_path"
+}
+
 function _get_secrets_dir {
  _append_root_path "${_SECRETS_DIR}"
 }
--- a/src/commands/git_secret_cat.sh
+++ b/src/commands/git_secret_cat.sh
@ -32,7 +32,7 @@ function cat {
    local path

    filename=$(_get_record_filename "$line")
-    path=$(_append_root_path "$filename")
+    path=$(_append_relative_root_path "$filename")  # this uses the _relative version because of #710

    # The parameters are: filename, write-to-file, force, homedir, passphrase
    _decrypt "$path" "0" "0" "$homedir" "$passphrase"
--- a/src/commands/git_secret_reveal.sh
+++ b/src/commands/git_secret_reveal.sh
@ -55,7 +55,7 @@ function reveal {
    local filename
    local path
    filename=$(_get_record_filename "$line")
-    path=$(_append_root_path "$filename")
+    path=$(_append_relative_root_path "$filename")  # this uses the _relative version because of #710

    if [[ "$filename" == *"$SECRETS_EXTENSION" ]]; then
      _abort "cannot decrypt to secret version of file: $filename"
--- a/tests/test_cat.bats
+++ b/tests/test_cat.bats
@ -63,3 +63,24 @@ function teardown {
  run git secret cat -Z -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE"
  [ "$status" -ne 0 ]
 }
+
+@test "run 'cat' from subdir" {
+  local password
+  password=$(test_user_password "$TEST_DEFAULT_USER")
+
+  mkdir subdir
+  echo "content2" > subdir/new_filename.txt
+
+  cd subdir
+  run git secret add new_filename.txt
+  [ "$status" -eq 0 ]
+  run git secret hide
+  [ "$status" -eq 0 ]
+
+  run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" new_filename.txt
+  [ "$status" -eq 0 ]
+
+  # clean up
+  cd ..
+  rm -rf subdir
+}
--- a/tests/test_reveal.bats
+++ b/tests/test_reveal.bats
@ -270,3 +270,24 @@ function teardown {
    -p "$password"
  [ "$status" -ne 0 ]
 }
+
+@test "run 'reveal' with named file from subdir" {
+  local password
+  password=$(test_user_password "$TEST_DEFAULT_USER")
+
+  mkdir subdir
+  echo "content2" > subdir/new_filename.txt
+
+  cd subdir
+  run git secret add new_filename.txt
+  [ "$status" -eq 0 ]
+  run git secret hide
+  [ "$status" -eq 0 ]
+
+  run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password" new_filename.txt
+  [ "$status" -eq 0 ]
+
+  # clean up
+  cd ..
+  rm -rf subdir
+}