Disable vault.secrets.get() from gateway (#21334)

Author: prashantkumar1982

core/services/gateway/handlers/vault/handler.go

@@ -359,13 +359,8 @@ func (h *handler) HandleJSONRPCUserMessage(ctx context.Context, req jsonrpc.Requ
 		return h.handlePublicKeyGetSynchronously(ctx, req, publicKeyResponseBytes, callback)
 
 	case vaulttypes.MethodSecretsGet:
-		// Secrets get is only allowed in non-production builds for testing purposes
-		// So no authorization is required
-		ar, err := h.newActiveRequest(req, callback)
-		if err != nil {
-			return err
-		}
-		return h.handleSecretsGet(ctx, ar)
+		h.lggr.Errorw("Get requests not allowed", "requestID", req.ID)
+		return errors.New("get request not allowed")
 	}
 
 	isAuthorized, owner, err := h.requestAuthorizer.AuthorizeRequest(ctx, req)

system-tests/tests/smoke/cre/v2_vault_don_test.go

@@ -89,7 +89,8 @@ func ExecuteVaultTest(t *testing.T, testEnv *ttypes.TestEnvironment) {
 	framework.L.Info().Msg("Waiting 30 seconds for the Vault DON to be ready...")
 	time.Sleep(30 * time.Second)
 	executeVaultSecretsCreateTest(t, encryptedSecret, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)
-	executeVaultSecretsGetTest(t, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)
+	// disable get tests
+	// executeVaultSecretsGetTest(t, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)
 	executeVaultSecretsUpdateTest(t, encryptedSecret, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)
 	executeVaultSecretsListTest(t, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)
 	executeVaultSecretsDeleteTest(t, secretID, ownerAddr, gatewayURL.String(), sethClient, wfRegistryContract)