tsafe-cli 1.0.27

Secrets runtime for developers — inject credentials into processes via exec, never into shell history or .env files
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

//! `tsafe browser-profile` — map domains to vault profiles for the extension.

use anyhow::Result;
use colored::Colorize;
use crate::cli::BrowserProfileAction;
use tsafe_core::profile;

fn browser_profiles_path() -> std::path::PathBuf {
    profile::vault_dir().join("browser-profiles.json")
}

fn load_browser_profiles() -> Result<serde_json::Map<String, serde_json::Value>> {
    let path = browser_profiles_path();
    if !path.exists() {
        return Ok(serde_json::Map::new());
    }
    let data = std::fs::read_to_string(&path)?;
    Ok(serde_json::from_str(&data)?)
}

fn save_browser_profiles(map: &serde_json::Map<String, serde_json::Value>) -> Result<()> {
    let path = browser_profiles_path();
    if let Some(parent) = path.parent() {
        std::fs::create_dir_all(parent)?;
    }
    let tmp = path.with_extension("tmp");
    std::fs::write(&tmp, serde_json::to_string_pretty(map)?)?;
    std::fs::rename(&tmp, &path)?;
    Ok(())
}

fn empty_browser_profile_list_message() -> String {
    format!(
        "{} No mappings. Add one: tsafe browser-profile add <domain>",
        "i".blue()
    )
}

pub(crate) fn cmd_browser_profile(
    active_profile: &str,
    action: BrowserProfileAction,
) -> Result<()> {
    match action {
        BrowserProfileAction::Add {
            domain,
            profile: vault_profile,
        } => {
            let target = vault_profile.as_deref().unwrap_or(active_profile);
            let mut map = load_browser_profiles()?;
            map.insert(
                domain.clone(),
                serde_json::Value::String(target.to_string()),
            );
            save_browser_profiles(&map)?;
            println!("{} {} → profile '{target}'", "".green(), domain);
        }
        BrowserProfileAction::List => {
            let map = load_browser_profiles()?;
            if map.is_empty() {
                println!("{}", empty_browser_profile_list_message());
            } else {
                println!("{:<45} Profile", "Domain");
                println!("{}", "-".repeat(60));
                let mut entries: Vec<_> = map.iter().collect();
                entries.sort_by_key(|(d, _)| d.as_str());
                for (domain, prof) in entries {
                    println!("{:<45} {}", domain, prof.as_str().unwrap_or("?"));
                }
            }
        }
        BrowserProfileAction::Remove { domain } => {
            let mut map = load_browser_profiles()?;
            if map.remove(&domain).is_some() {
                save_browser_profiles(&map)?;
                println!("{} Removed mapping for '{domain}'", "".green());
            } else {
                anyhow::bail!("no mapping found for '{domain}'");
            }
        }
    }
    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn empty_list_message_stays_command_local() {
        let message = empty_browser_profile_list_message();

        assert!(message.contains("No mappings."));
        assert!(message.contains("tsafe browser-profile add <domain>"));
        assert!(!message.contains("extension"));
    }
}