From ae270eeeda195458c8c09c23dddd2069b6bc90a0 Mon Sep 17 00:00:00 2001
From: Floris van der Grinten <floris@grinten.com>
Date: Tue, 19 Mar 2019 16:48:13 +0100
Subject: [PATCH 1/4] Add DELETE method on /secrets/raw

---
 pkg/restproxy/rest_proxy.go | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/pkg/restproxy/rest_proxy.go b/pkg/restproxy/rest_proxy.go
index b0756f7..f248166 100644
--- a/pkg/restproxy/rest_proxy.go
+++ b/pkg/restproxy/rest_proxy.go
@@ -125,8 +125,27 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 		}
 
 		w.WriteHeader(http.StatusCreated)
+	case "DELETE":
+		err := p.client.Secrets().Delete(path)
+		if err != nil {
+			var errCode int
+
+			if err, ok := err.(errio.PublicStatusError); ok {
+				errCode = err.StatusCode
+			}
+
+			if errCode == 0 {
+				errCode = http.StatusInternalServerError
+			}
+
+			w.WriteHeader(errCode)
+			io.WriteString(w, err.Error())
+			return
+		}
+
+		w.WriteHeader(http.StatusOK)
 	default:
-		w.Header().Add("Allow", "GET, POST")
+		w.Header().Add("Allow", "GET, POST, DELETE")
 		w.WriteHeader(http.StatusMethodNotAllowed)
 	}
 }

From 0368782acc12e31a76ffceabd68194beda655393 Mon Sep 17 00:00:00 2001
From: Floris van der Grinten <floris@grinten.com>
Date: Tue, 19 Mar 2019 17:52:44 +0100
Subject: [PATCH 2/4] DRY error reponses

---
 pkg/restproxy/rest_proxy.go | 65 ++++++++++++++-----------------------
 1 file changed, 24 insertions(+), 41 deletions(-)

diff --git a/pkg/restproxy/rest_proxy.go b/pkg/restproxy/rest_proxy.go
index f248166..688bcb7 100644
--- a/pkg/restproxy/rest_proxy.go
+++ b/pkg/restproxy/rest_proxy.go
@@ -66,8 +66,7 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 	path := r.URL.Path
 	err := api.ValidateSecretPath(path)
 	if err != nil {
-		w.WriteHeader(http.StatusBadRequest)
-		io.WriteString(w, err.Error())
+		writeError(w, err, http.StatusBadRequest)
 		return
 	}
 
@@ -75,18 +74,7 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 	case "GET":
 		secret, err := p.client.Secrets().Versions().GetWithData(path)
 		if err != nil {
-			var errCode int
-
-			if err, ok := err.(errio.PublicStatusError); ok {
-				errCode = err.StatusCode
-			}
-
-			if errCode == 0 {
-				errCode = http.StatusInternalServerError
-			}
-
-			w.WriteHeader(errCode)
-			io.WriteString(w, err.Error())
+			writeError(w, err, 0)
 			return
 		}
 
@@ -95,32 +83,21 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 	case "POST":
 		secret, err := ioutil.ReadAll(r.Body)
 		if err != nil {
-			w.WriteHeader(http.StatusInternalServerError)
-			io.WriteString(w, err.Error())
+			writeError(w, err, http.StatusInternalServerError)
 			return
 		}
 
 		_, err = p.client.Secrets().Write(path, secret)
 		if err != nil {
-			var errCode int
-
-			if err, ok := err.(errio.PublicStatusError); ok {
-				errCode = err.StatusCode
-			}
-
+			statusCode := 0
 			switch err {
 			case secrethub.ErrCannotWriteToVersion,
 				secrethub.ErrEmptySecret,
 				secrethub.ErrSecretTooBig:
-				errCode = http.StatusBadRequest
+				statusCode = http.StatusBadRequest
 			}
 
-			if errCode == 0 {
-				errCode = http.StatusInternalServerError
-			}
-
-			w.WriteHeader(errCode)
-			io.WriteString(w, err.Error())
+			writeError(w, err, statusCode)
 			return
 		}
 
@@ -128,18 +105,7 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 	case "DELETE":
 		err := p.client.Secrets().Delete(path)
 		if err != nil {
-			var errCode int
-
-			if err, ok := err.(errio.PublicStatusError); ok {
-				errCode = err.StatusCode
-			}
-
-			if errCode == 0 {
-				errCode = http.StatusInternalServerError
-			}
-
-			w.WriteHeader(errCode)
-			io.WriteString(w, err.Error())
+			writeError(w, err, 0)
 			return
 		}
 
@@ -149,3 +115,20 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusMethodNotAllowed)
 	}
 }
+
+// writeError writes an error message and HTTP status code to the ResponseWriter.
+// The HTTP status code is derrived from the error, unless overriden by the statusCode argument.
+func writeError(w http.ResponseWriter, err error, statusCode int) {
+	if statusCode == 0 {
+		if err, ok := err.(errio.PublicStatusError); ok {
+			statusCode = err.StatusCode
+		}
+
+		if statusCode == 0 {
+			statusCode = http.StatusInternalServerError
+		}
+	}
+
+	w.WriteHeader(statusCode)
+	io.WriteString(w, err.Error())
+}

From 882fe64431ba556dcf18e218c3e61de7289ed088 Mon Sep 17 00:00:00 2001
From: Floris van der Grinten <floris@grinten.com>
Date: Tue, 19 Mar 2019 18:07:07 +0100
Subject: [PATCH 3/4] Fix doc typo

---
 pkg/restproxy/rest_proxy.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/restproxy/rest_proxy.go b/pkg/restproxy/rest_proxy.go
index 688bcb7..8744701 100644
--- a/pkg/restproxy/rest_proxy.go
+++ b/pkg/restproxy/rest_proxy.go
@@ -117,7 +117,7 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 }
 
 // writeError writes an error message and HTTP status code to the ResponseWriter.
-// The HTTP status code is derrived from the error, unless overriden by the statusCode argument.
+// The HTTP status code is derived from the error, unless overriden by the statusCode argument.
 func writeError(w http.ResponseWriter, err error, statusCode int) {
 	if statusCode == 0 {
 		if err, ok := err.(errio.PublicStatusError); ok {

From 21c8c005444f6a1e65c2d54adc7141391c7b134f Mon Sep 17 00:00:00 2001
From: Floris van der Grinten <floris@grinten.com>
Date: Wed, 27 Mar 2019 13:51:52 +0100
Subject: [PATCH 4/4] Raw secret delete only deleting specified version

---
 pkg/restproxy/rest_proxy.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/restproxy/rest_proxy.go b/pkg/restproxy/rest_proxy.go
index 8744701..f2ee1d1 100644
--- a/pkg/restproxy/rest_proxy.go
+++ b/pkg/restproxy/rest_proxy.go
@@ -103,7 +103,7 @@ func (p *restProxy) handleSecret(w http.ResponseWriter, r *http.Request) {
 
 		w.WriteHeader(http.StatusCreated)
 	case "DELETE":
-		err := p.client.Secrets().Delete(path)
+		err := p.client.Secrets().Versions().Delete(path)
 		if err != nil {
 			writeError(w, err, 0)
 			return