Add ability to decrypt

thebugcatcher · Oct 28, 2023 · 153c61c · 153c61c
1 parent 9258569
commit 153c61c
Show file tree

Hide file tree

Showing 5 changed files with 162 additions and 4 deletions.
diff --git a/lib/heimdall_web/controllers/secret_html/show.html.heex b/lib/heimdall_web/controllers/secret_html/show.html.heex
@@ -1,3 +1,3 @@
-<div class="mt-2">
-  Title: <%= @secret.title %> Reveal Secret
-</div>
+<%= live_render(@conn, HeimdallWeb.SecretRevealerLive,
+  session: %{"secret_id" => @secret.id}
+) %>
diff --git a/lib/heimdall_web/live/secret_revealer_live.ex b/lib/heimdall_web/live/secret_revealer_live.ex
@@ -0,0 +1,44 @@
+defmodule HeimdallWeb.SecretRevealerLive do
+  use HeimdallWeb, :live_view
+
+  alias Heimdall.Secrets
+
+  def mount(_params, %{"secret_id" => secret_id}, socket) do
+    secret = Heimdall.Secrets.get(secret_id)
+
+    socket =
+      socket
+      |> assign(:secret, secret)
+      |> assign(:decrypted_text, nil)
+      |> assign(:decryption_error, nil)
+
+    {
+      :ok,
+      assign(socket, :secret, secret)
+    }
+  end
+
+  def handle_event("decrypt", %{"key" => key}, socket) do
+    secret = socket.assigns[:secret]
+
+    case Secrets.decrypt(secret, key) do
+      {:ok, decrypted_text} ->
+        socket =
+          socket
+          |> put_flash(:info, "Successfully decrypted")
+          |> assign(:decrypted_text, decrypted_text)
+          |> assign(:decryption_error, nil)
+
+        {:noreply, socket}
+
+      {:error, error} ->
+        socket =
+          socket
+          |> put_flash(:error, "Error in decryption")
+          |> assign(:decrypted_text, nil)
+          |> assign(:decryption_error, error)
+
+        {:noreply, socket}
+    end
+  end
+end
diff --git a/lib/heimdall_web/live/secret_revealer_live.html.heex b/lib/heimdall_web/live/secret_revealer_live.html.heex
@@ -0,0 +1,26 @@
+<div class="mt-2 text-center">
+  <%= @secret.title %>
+</div>
+
+<%= if @decrypted_text do %>
+  <div class="mt-2">
+    <.label for="decrypted_secret">Decrypted Secret</.label>
+
+    <.input type="textarea" name="key" value={@decrypted_text} readonly />
+  </div>
+<% else %>
+  <%= if @decryption_error do %>
+  <% end %>
+
+  <div class="mt-2">
+    <.form for={%{}} phx-submit="decrypt">
+      <.label for="decryption_key">Decryption Key</.label>
+
+      <.input type="textarea" name="key" value="" />
+
+      <br />
+
+      <.button>Reveal Secret</.button>
+    </.form>
+  </div>
+<% end %>
diff --git a/test/heimdall/secrets_test.exs b/test/heimdall/secrets_test.exs
@@ -85,7 +85,7 @@ defmodule Heimdall.SecretsTest do
 
   describe "get/1" do
     test "returns secret with given id" do
-      secret = Factory.encrypt_and_create()
+      {:ok, secret} = Factory.encrypt_and_create()
 
       returned_val = Secrets.get(secret.id)
 

diff --git a/test/heimdall_web/live/secret_revealer_live_test.exs b/test/heimdall_web/live/secret_revealer_live_test.exs
@@ -0,0 +1,88 @@
+defmodule HeimdallWeb.SecretRevealerLiveTest do
+  use HeimdallWeb.ConnCase
+  import Phoenix.LiveViewTest
+
+  alias Heimdall.Factory
+  alias HeimdallWeb.SecretRevealerLive
+
+  describe "mount/3" do
+    test "shows a secret's parameters along with a form", %{conn: conn} do
+      raw = "supersecretpassword"
+      key = "key"
+
+      {:ok, secret} =
+        Factory.encrypt_and_create(%{
+          encryption_key: key,
+          encrypted_text: raw
+        })
+
+      {:ok, _view, html} =
+        live_isolated(
+          conn,
+          SecretRevealerLive,
+          session: %{"secret_id" => secret.id}
+        )
+
+      assert html =~ secret.title
+    end
+  end
+
+  describe "handle_event/3 (decrypt)" do
+    test "reveals secret if correct key is given", %{conn: conn} do
+      raw = "supersecretpassword"
+      key = "key"
+
+      {:ok, secret} =
+        Factory.encrypt_and_create(%{
+          encryption_key: key,
+          encrypted_text: raw
+        })
+
+      {:ok, view, html} =
+        live_isolated(
+          conn,
+          SecretRevealerLive,
+          session: %{"secret_id" => secret.id}
+        )
+
+      # Secret isn't visible until form is submitted
+      refute html =~ raw
+
+      # Secret is visible after the form is submitted
+      assert view
+             |> element("form")
+             |> render_submit(%{"key" => key}) =~ raw
+    end
+
+    test "doesn't reveal secret if bad key is given", %{conn: conn} do
+      raw = "supersecretpassword"
+      key = "key"
+
+      {:ok, secret} =
+        Factory.encrypt_and_create(%{
+          encryption_key: key,
+          encrypted_text: raw
+        })
+
+      {:ok, view, html} =
+        live_isolated(
+          conn,
+          SecretRevealerLive,
+          session: %{"secret_id" => secret.id}
+        )
+
+      # Secret isn't visible until form is submitted
+      refute html =~ raw
+
+      # Secret isn't visible if bad key is given
+      refute view
+             |> element("form")
+             |> render_submit(%{"key" => "bad_key"}) =~ raw
+
+      # Decryption failed message is shown
+      assert view
+             |> element("form")
+             |> render_submit(%{"key" => "bad_key"}) =~ "Error in decryption"
+    end
+  end
+end