gaborcsardi/secret
Share Sensitive Information in R Packages

Package index
Search the gaborcsardi/secret package
Vignettes
Functions
71
Source code
18
Man pages
23
Home
/
GitHub
/
gaborcsardi/secret
/
tests/testthat/test-6-issues.R

tests/testthat/test-6-issues.R
In gaborcsardi/secret: Share Sensitive Information in R Packages 

context("Issues")

pkg_root <- make_pkg_root()
create_package_vault(pkg_root)
secret_to_keep <- list(a = 1, b = letters)
secret_to_keep2 <- list(a = 2, b = LETTERS)

({
  alice <- "alice"
  bob   <- "bob"
  user_keys_dir <- file.path(system.file(package = "secret"), "user_keys")
  key <- function(x) file.path(user_keys_dir, x)
  alice_public_key  <- key("alice.pub")
  alice_private_key <- key("alice.pem")
  bob_public_key    <- key("bob.pub")
  bob_private_key   <- key("bob.pem")
})

test_that("update a secret, deleted user has no access", {
  add_user(alice, alice_public_key, vault = pkg_root)
  add_user(bob, bob_public_key, vault = pkg_root)
  add_secret(
    "secret_one",
    secret_to_keep,
    users = c(alice, bob),
    vault = pkg_root
  )

  expect_equal(
    get_secret("secret_one", key = alice_private_key, vault = pkg_root),
    secret_to_keep
  )
  expect_equal(
    get_secret("secret_one", key = bob_private_key, vault = pkg_root),
    secret_to_keep
  )

  ## Bob get's the AES key of the secret, e.g. from the history of the repo
  aes <- try_get_aes_key(
    vault = find_vault(pkg_root),
    key = bob_private_key,
    name = "secret_one"
  )

  delete_user(bob, vault = pkg_root)

  update_secret(
    "secret_one",
    value = secret_to_keep2,
    key = alice_private_key,
    vault = pkg_root
  )

  expect_error(
    get_secret("secret_one", key = bob_private_key, vault = pkg_root),
    "Access denied to secret"
  )

  secret_file <- get_secret_file(
    vault = find_vault(pkg_root),
    name = "secret_one"
  )

  ## The old AES key of the secret is not good any more.
  secret <- unserialize(read_raw(secret_file))
  expect_error(
    openssl::aes_cbc_decrypt(secret, aes),
    "OpenSSL error"
  )
})

test_that("missing vault arguments", {
  if (!(alice %in% list_users(pkg_root))){
    add_user(alice, alice_public_key, vault = pkg_root)
  }

  if (!("secret_one" %in% list_secrets(pkg_root)$secret)){
    add_secret(
      "secret_one",
      secret_to_keep,
      users = c(alice, bob),
      vault = pkg_root
    )
  }

  withr::with_envvar(c("R_SECRET_VAULT" = pkg_root),{
  expect_equal(
    list_secrets(pkg_root),
    list_secrets() # Note the missing location argument
    )
  expect_equal(
    list_users(pkg_root),
    list_users() # Note the missing location argument
    )
  })

  withr::with_options(c("secret.vault" = pkg_root),{
  expect_equal(
    list_secrets(pkg_root),
    list_secrets() # Note the missing location argument
    )
  expect_equal(
    list_users(pkg_root),
    list_users() # Note the missing location argument
    )
  })

  })
gaborcsardi/secret documentation built on May 8, 2020, 8:32 p.m.

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close