Sub-tasks:

• Implement API endpoints which are thin wrappers on top of DB methods
• Register API endpoints in coderd/coderd.go
• Implement client methods for API in codersdk package. It will be used in tests.
• Implement API-level tests for CRUD operations
• Implement API-level tests for RBAC policies:
  • Make sure that user with member role can execute CRUD operations for its own secrets
  • Make sure that user with member role can't execute CRUD operations for another user secrets
  • Make sure that user with owner/admin roles can't execute CRUD operations for another user secrets
• Consider to add authorization on API level on top of DBAuthz level. But it implement it as a last step to make sure DBAuthz works correctly and tests are passing without it.

API Endpoints (refer to RFC for the latest up-to-date version)

// User Secrets - scoped to individual users
// Should be declared in coderd/coderd.go

POST   /api/v2/users/secrets                    // Create new user secret
GET    /api/v2/users/secrets/{secretName}       // Get secret metadata by secretName
GET    /api/v2/users/secrets/{secretID}         // Get secret metadata by secretID
GET    /api/v2/users/secrets                    // List user secrets (metadata only)
PUT    /api/v2/users/secrets/{secretID}         // Update secret metadata and value by secretID
DELETE /api/v2/users/secrets/{secretID}         // Delete secret by secretID

NOTE: userID is extracted from API_TOKEN