Skip to content

Commit bad2ba9

Browse files
remyluslosiusclaude
remyluslosius
and
claude
committed
fix(backend): Add encryption service dependency injection to all credential endpoints
Fixed missing encryption_service parameter in get_auth_service() calls. All 6 credential endpoints now properly inject encryption service from app.state. Fixes: 'get_auth_service() missing 1 required positional argument: encryption_service' Updated functions: - list_system_credentials() - create_system_credential() - get_system_credential() - get_default_system_credential() - update_system_credential() - delete_system_credential() Also removed unused imports (uuid, format_validation_message). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
1 parent dffa5ad commit bad2ba9

1 file changed

Lines changed: 25 additions & 11 deletions

File tree

backend/app/routes/system_settings_unified.py

Lines changed: 25 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -5,20 +5,20 @@
55

66
import hashlib
77
import logging
8-
import uuid
98
from datetime import datetime
109
from typing import List, Optional
1110

12-
from fastapi import APIRouter, Depends, HTTPException, status
11+
from fastapi import APIRouter, Depends, HTTPException, Request, status
1312
from pydantic import BaseModel
1413
from sqlalchemy import text
1514
from sqlalchemy.orm import Session
1615

1716
from ..auth import get_current_user
1817
from ..database import get_db
18+
from ..encryption import EncryptionService
1919
from ..rbac import Permission, require_permission
2020
from ..services.auth_service import AuthMethod, CredentialData, CredentialMetadata, CredentialScope, get_auth_service
21-
from ..services.unified_ssh_service import extract_ssh_key_metadata, format_validation_message, validate_ssh_key
21+
from ..services.unified_ssh_service import extract_ssh_key_metadata, validate_ssh_key
2222
from ..tasks.monitoring_tasks import setup_host_monitoring_scheduler
2323

2424
logger = logging.getLogger(__name__)
@@ -94,10 +94,13 @@ def find_uuid_by_int(db: Session, target_int: int) -> Optional[str]:
9494

9595
@router.get("/credentials", response_model=List[SystemCredentialsResponse])
9696
@require_permission(Permission.SYSTEM_CREDENTIALS)
97-
async def list_system_credentials(db: Session = Depends(get_db), current_user: dict = Depends(get_current_user)):
97+
async def list_system_credentials(
98+
request: Request, db: Session = Depends(get_db), current_user: dict = Depends(get_current_user)
99+
):
98100
"""List all system credentials using unified credentials system"""
99101
try:
100-
auth_service = get_auth_service(db)
102+
encryption_service: EncryptionService = request.app.state.encryption_service
103+
auth_service = get_auth_service(db, encryption_service)
101104

102105
# Get all system-scoped credentials from unified table
103106
credentials_list = auth_service.list_credentials(scope=CredentialScope.SYSTEM)
@@ -139,12 +142,14 @@ async def list_system_credentials(db: Session = Depends(get_db), current_user: d
139142
@router.post("/credentials", response_model=SystemCredentialsResponse)
140143
@require_permission(Permission.SYSTEM_CREDENTIALS)
141144
async def create_system_credential(
145+
request: Request,
142146
credential: SystemCredentialsCreate,
143147
db: Session = Depends(get_db),
144148
current_user: dict = Depends(get_current_user),
145149
):
146150
"""Create new system credential using unified credentials system"""
147151
try:
152+
encryption_service: EncryptionService = request.app.state.encryption_service
148153
# Validate auth method
149154
valid_methods = ["ssh_key", "password", "both"]
150155
if credential.auth_method not in valid_methods:
@@ -198,7 +203,7 @@ async def create_system_credential(
198203
)
199204

200205
# Store using unified credentials service
201-
auth_service = get_auth_service(db)
206+
auth_service = get_auth_service(db, encryption_service)
202207
# Convert integer user ID to UUID format for unified credentials
203208
user_uuid = f"00000000-0000-0000-0000-{current_user['id']:012d}"
204209
credential_id = auth_service.store_credential(
@@ -251,6 +256,7 @@ async def create_system_credential(
251256
@router.get("/credentials/{credential_id}", response_model=SystemCredentialsResponse)
252257
@require_permission(Permission.SYSTEM_CREDENTIALS)
253258
async def get_system_credential(
259+
request: Request,
254260
credential_id: str, # WEEK 2 MIGRATION: Changed from int to str (UUID)
255261
db: Session = Depends(get_db),
256262
current_user: dict = Depends(get_current_user),
@@ -261,7 +267,8 @@ async def get_system_credential(
261267
uuid_id = credential_id
262268

263269
# Get credential using unified service
264-
auth_service = get_auth_service(db)
270+
encryption_service: EncryptionService = request.app.state.encryption_service
271+
auth_service = get_auth_service(db, encryption_service)
265272
credentials_list = auth_service.list_credentials(scope=CredentialScope.SYSTEM)
266273

267274
credential = next((c for c in credentials_list if c["id"] == uuid_id), None)
@@ -296,10 +303,13 @@ async def get_system_credential(
296303

297304
@router.get("/credentials/default", response_model=Optional[SystemCredentialsResponse])
298305
@require_permission(Permission.SYSTEM_CREDENTIALS)
299-
async def get_default_system_credential(db: Session = Depends(get_db), current_user: dict = Depends(get_current_user)):
306+
async def get_default_system_credential(
307+
request: Request, db: Session = Depends(get_db), current_user: dict = Depends(get_current_user)
308+
):
300309
"""Get default system credential"""
301310
try:
302-
auth_service = get_auth_service(db)
311+
encryption_service: EncryptionService = request.app.state.encryption_service
312+
auth_service = get_auth_service(db, encryption_service)
303313
credentials_list = auth_service.list_credentials(scope=CredentialScope.SYSTEM)
304314

305315
# Find default credential
@@ -336,6 +346,7 @@ async def get_default_system_credential(db: Session = Depends(get_db), current_u
336346
@router.put("/credentials/{credential_id}", response_model=SystemCredentialsResponse)
337347
@require_permission(Permission.SYSTEM_CREDENTIALS)
338348
async def update_system_credential(
349+
request: Request,
339350
credential_id: str, # WEEK 2 MIGRATION: Changed from int to str (UUID)
340351
credential_update: SystemCredentialsUpdate,
341352
db: Session = Depends(get_db),
@@ -346,7 +357,8 @@ async def update_system_credential(
346357
# WEEK 2 MIGRATION: credential_id is now UUID string from v2 API
347358
uuid_id = credential_id
348359

349-
auth_service = get_auth_service(db)
360+
encryption_service: EncryptionService = request.app.state.encryption_service
361+
auth_service = get_auth_service(db, encryption_service)
350362
credentials_list = auth_service.list_credentials(scope=CredentialScope.SYSTEM)
351363

352364
# Get existing credential
@@ -485,6 +497,7 @@ async def update_system_credential(
485497
@router.delete("/credentials/{credential_id}")
486498
@require_permission(Permission.SYSTEM_CREDENTIALS)
487499
async def delete_system_credential(
500+
request: Request,
488501
credential_id: str, # WEEK 2 MIGRATION: Changed from int to str (UUID)
489502
db: Session = Depends(get_db),
490503
current_user: dict = Depends(get_current_user),
@@ -495,7 +508,8 @@ async def delete_system_credential(
495508
uuid_id = credential_id
496509

497510
# Delete using unified service
498-
auth_service = get_auth_service(db)
511+
encryption_service: EncryptionService = request.app.state.encryption_service
512+
auth_service = get_auth_service(db, encryption_service)
499513
success = auth_service.delete_credential(uuid_id)
500514

501515
if not success:

0 commit comments

Comments
 (0)