Closed andrie closed 7 years ago
I couldn't replicate.
@gaborcsardi Can you please provide more information on how to reproduce this behaviour?
I tried:
dir.create("vault")
create_vault("vault")
list_secrets("vault")
add_github_user("andrie", vault = "vault")
add_github_user("hadley", vault = "vault")
list_users("vault")
add_secret("iris", iris, users = "github-andrie", vault = "vault")
share_secret("iris", users = "github-hadley", vault = "vault")
delete_user("github-hadley", vault = "vault")
update_secret("iris", mtcars, vault = "vault")
list_secrets("vault")
get_secret("iris", vault = "vault")
@andrie You are right, it seems that there are no problems here.
Security is a delicate matter, though, so let me try to understand why. :)
@andrie There is a problem, actually. The test case in 86bdb8dfeb2aad8eb839bbfd2a6beccdeba9f9b4 explains why.
It is easy to fix it, though.
When changing the secret, it's key is not changed, which is an error if a user of that secret was deleted.