add_user: Add a new user to the vault.

Description Usage Arguments See Also Examples

View source: R/users.R

Description

By default the new user does not have access to any secrets. See add_secret() or share_secret() to give them access.

Usage

1
add_user(email, public_key, vault = NULL)

Arguments

email

Email address of the user. This is used to identify users.

public_key

Public key of the user. This is used to encrypt the secrets for the different users. It can be

  • a string containing a PEM,

  • a file name that points to a PEM file,

  • a pubkey object created via the openssl package.

vault

Vault location (starting point to find the vault). To create a vault, use create_vault() or create_package_vault(). If this is NULL, then secret tries to find the vault automatically:

  • If the secret.vault option is set to path, that is used as the starting point.

  • Otherwise, if the R_SECRET_VAULT environment variable is set to a path, that is used as a starting point.

  • Otherwise the current working directory is used as the starting point.

If the starting point is a vault, that is used. Otherwise, if the starting point is in a package tree, the inst/vault folder is used within the package. If no vault can be found, an error is thrown.

See Also

Other user functions: add_github_user(), add_travis_user(), delete_user(), list_users()

Examples

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
## Not run: 
# The `secret` package contains some user keys for demonstration purposes.
# In this example, Alice shares a secret with Bob using a vault.

keys <- function(x){
  file.path(system.file("user_keys", package = "secret"), x)
}
alice_public  <- keys("alice.pub")
alice_private <- keys("alice.pem")
bob_public  <- keys("bob.pub")
bob_private <- keys("bob.pem")
carl_private <- keys("carl.pem")

# Create vault

vault <- file.path(tempdir(), ".vault")
if (dir.exists(vault)) unlink(vault) # ensure vault is empty
create_vault(vault)

# Add users with their public keys

add_user("alice", public_key = alice_public, vault = vault)
add_user("bob", public_key = bob_public, vault = vault)
list_users(vault = vault)

# Share a secret

secret <- list(username = "user123", password = "Secret123!")

add_secret("secret", value = secret, users = c("alice", "bob"),
           vault = vault)
list_secrets(vault = vault)

# Alice and Bob can decrypt the secret with their private keys
# Note that you would not normally have access to the private key
# of any of your collaborators!

get_secret("secret", key = alice_private, vault = vault)
get_secret("secret", key = bob_private, vault = vault)

# But Carl can't decrypt the secret

try(
  get_secret("secret", key = carl_private, vault = vault)
)

# Unshare the secret

unshare_secret("secret", users = "bob", vault = vault)
try(
  get_secret("secret", key = bob_private, vault = vault)
)


# Delete the secret

delete_secret("secret", vault = vault)
list_secrets(vault)

# Delete the users

delete_user("alice", vault = vault)
delete_user("bob", vault = vault)
list_users(vault)


## End(Not run)

secret documentation built on July 2, 2020, 1:49 a.m.