Fixing `data bag edit` according to spec, no longer requires --encrypttball/encrypted-data-bag-ux

3 files changed, 15 insertions, 8 deletions

diff --git a/lib/chef/knife/data_bag_edit.rb b/lib/chef/knife/data_bag_edit.rb
index 7c187f56f1..6ef4b33f59 100644
--- a/lib/chef/knife/data_bag_edit.rb
+++ b/lib/chef/knife/data_bag_edit.rb
@@ -36,14 +36,14 @@ class Chef
       def load_item(bag, item_name)
         item = Chef::DataBagItem.load(bag, item_name)
         if encrypted?(item.raw_data)
-          if encryption_secret_provided?
-            Chef::EncryptedDataBagItem.new(item, read_secret).to_hash
+          if encryption_secret_provided_ignore_encrypt_flag?
+            return Chef::EncryptedDataBagItem.new(item, read_secret).to_hash, true
           else
             ui.fatal("You cannot edit an encrypted data bag without providing the secret.")
             exit(1)
           end
         else
-          item
+          return item, false
         end
       end
 
@@ -54,10 +54,10 @@ class Chef
           exit 1
         end
 
-        item = load_item(@name_args[0], @name_args[1])
+        item, was_encrypted = load_item(@name_args[0], @name_args[1])
         edited_item = edit_data(item)
 
-        if encryption_secret_provided?
+        if was_encrypted || encryption_secret_provided?
           ui.info("Encrypting data bag using provided secret.")
           item_to_save = Chef::EncryptedDataBagItem.encrypt_data_bag_item(edited_item, read_secret)
         else
diff --git a/lib/chef/knife/data_bag_from_file.rb b/lib/chef/knife/data_bag_from_file.rb
index 598a935160..d1b7daa4a2 100644
--- a/lib/chef/knife/data_bag_from_file.rb
+++ b/lib/chef/knife/data_bag_from_file.rb
@@ -24,7 +24,6 @@ require 'chef/knife/data_bag_secret_options'
 class Chef
   class Knife
     class DataBagFromFile < Knife
-      include DataBagCommon
       include DataBagSecretOptions
 
       deps do
diff --git a/spec/unit/knife/data_bag_edit_spec.rb b/spec/unit/knife/data_bag_edit_spec.rb
index 9fa97760cd..6f19b5e63e 100644
--- a/spec/unit/knife/data_bag_edit_spec.rb
+++ b/spec/unit/knife/data_bag_edit_spec.rb
@@ -88,7 +88,6 @@ describe Chef::Knife::DataBagEdit do
     let(:transmitted_hash) { enc_edited_hash }
 
     before(:each) do
-      expect(knife).to receive(:encryption_secret_provided?).at_least(1).times.and_return(true)
       expect(knife).to receive(:read_secret).at_least(1).times.and_return(secret)
       expect(Chef::EncryptedDataBagItem).to receive(:encrypt_data_bag_item).with(raw_edited_hash, secret).and_return(enc_edited_hash)
     end
@@ -99,10 +98,19 @@ describe Chef::Knife::DataBagEdit do
       # If the data bag is encrypted, it gets passed to `edit` as a hash.  Otherwise, it gets passed as a DataBag
       let (:data_to_edit) { raw_hash }
 
+      before(:each) do
+        expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(true)
+      end
+
       include_examples "editing a data bag"
     end
 
     context "the data bag starts unencrypted" do
+      before(:each) do
+        expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).exactly(0).times
+        expect(knife).to receive(:encryption_secret_provided?).and_return(true)
+      end
+
       include_examples "editing a data bag"
     end
   end
@@ -110,7 +118,7 @@ describe Chef::Knife::DataBagEdit do
   it "fails to edit an encrypted data bag if the secret is missing" do
     expect(Chef::DataBagItem).to receive(:load).with(bag_name, item_name).and_return(db)
     expect(knife).to receive(:encrypted?).with(db.raw_data).and_return(true)
-    expect(knife).to receive(:encryption_secret_provided?).and_return(false)
+    expect(knife).to receive(:encryption_secret_provided_ignore_encrypt_flag?).and_return(false)
 
     expect(knife.ui).to receive(:fatal).with("You cannot edit an encrypted data bag without providing the secret.")
     expect {knife.run}.to exit_with_code(1)