Allow setting attributes via CLI

[bricewge]

Summary

Years ago keepassxc-clip got support for getting attributes in #1289 but add and edit command never got support for adding attributes. So currently we are stuck to using the GUI to set attributes.

This is particularly annoying to me with regard to adding TOTP secrets via CLI, as generating a token is already supported with keepassxc-cli show --totp foo.kdbx bar.

With regards to such a feature, in #2220, @louib said:

Also @cyphar seems to have added access to additional attributes to "show" in https://github.com/keepassxreboot/keepassxc/pull/1289 , but not to "add"/"edit"

I guess that functionality could be added as well!

Examples

Following the --attributes option for the show command, here is what it may look like when applied for the edit or add command.

Adding a TOTP secret to an existing entry:

$ keepassxc-cli edit --attributes totp foo.kdbx bar
Enter password to unlock foo.kdbx:
Enter attribute 'totp' for entry bar:
Successfully added attribute 'totp' for entry bar.

And there when adding multiple attributes in one call:

$ keepassxc-cli add --attributes one --attributes two foo.kdbx bar
Enter password to unlock foo.kdbx:
Enter attribute 'one' for entry:
Enter attribute 'two' for entry:
Successfully added entry bar.

In the end I really don't care how the command line interface looks like, what matter to me is the ability to do adding and modifying attributes with a CLI.

Context

This FR is related to #2220 which ask for several features (including this one) and #9161 which suggest such feature in its option #1.

If you think it's better to track this feature request in any other issue, feel free to close this one.

[bricewge]

I haven't search the issue tracker enough as PR #7462 is draft adding such feature.

[droidmonkey]

Actually leaving this open as a supporting issue for the PR. I note no issue is currently linked or specific enough.

[AndrewSav]

When using KeepassXC for native keychain, you want to be able to set the attributes via command line if you want to do any kind if automation on your password database, since different apps expect different attributes

[michaelk83]

When using KeepassXC for native keychain

@AndrewSav if you mean Secret Service, you are not supposed to manually create entries for client apps. Apps are responsible for creating their own entries via the Secret Service API, which includes the means for setting whatever attributes they need.

[AndrewSav]

@michaelk83 I'm just listing a use case I came across. I need to import the secrets from elsewhere, and this feature would allow me to do just that. Currently it is not possible as you cannot set attributes as explained in the OP.

[michaelk83]

If you're going to use those secrets with Secret Service anyway, then you can use its API to import the secrets. There are a number of ways to do that, including libsecret clients (python or others), SecretStorage (another python client), secret-tool (CLI), or direct DBus calls.

I agree that adding that capability to KeePass' own CLI would be useful, but at least on Linux there are some alternatives.

[AndrewSav]

@michaelk83 good point

[conor-sometimes]

Just to add in another viewpoint, I use KeepassXC to store ssh keys across my hosts.

Each entry has the following attributes: "private" and "public" So being able to edit these from the cli would make key ssh key rotations so much easier at least in my case.