open-consul/ui-v2/app/routes/dc/acls.js

import Route from '@ember/routing/route';
import { get } from '@ember/object';
import { inject as service } from '@ember/service';
import WithBlockingActions from 'consul-ui/mixins/with-blocking-actions';
export default Route.extend(WithBlockingActions, {
  settings: service('settings'),
  feedback: service('feedback'),
  repo: service('repository/token'),
  actions: {
    authorize: function(secret) {
      const dc = this.modelFor('dc').dc.Name;
      return get(this, 'feedback').execute(() => {
        return get(this, 'repo')
          .self(secret, dc)
          .then(item => {
            return get(this, 'settings')
              .persist({
                token: {
                  AccessorID: get(item, 'AccessorID'),
                  SecretID: secret,
                },
              })
              .then(item => {
                // a null AccessorID means we are in legacy mode
                // take the user to the legacy acls
                // otherwise just refresh the page
                if (get(item, 'token.AccessorID') === null) {
                  // returning false for a feedback action means even though
                  // its successful, please skip this notification and don't display it
                  return this.transitionTo('dc.acls').then(function() {
                    return false;
                  });
                } else {
                  this.refresh();
                }
              });
          });
      }, 'authorize');
    },
  },
});
UI: New ACLs (#4789) UI to accompany the new ACLs APIs 2018-10-19 15:17:02 +00:00			`import Route from '@ember/routing/route';`
			`import { get } from '@ember/object';`
			`import { inject as service } from '@ember/service';`
			`import WithBlockingActions from 'consul-ui/mixins/with-blocking-actions';`
			`export default Route.extend(WithBlockingActions, {`
			`settings: service('settings'),`
			`feedback: service('feedback'),`
ui: Brings the new ACLs into line with the new repo folder structure (#4857) This PR updates the folder structure and naming of the new ACLs, the same as #4694 . 2018-10-26 17:40:51 +00:00			`repo: service('repository/token'),`
UI: New ACLs (#4789) UI to accompany the new ACLs APIs 2018-10-19 15:17:02 +00:00			`actions: {`
			`authorize: function(secret) {`
			`const dc = this.modelFor('dc').dc.Name;`
			`return get(this, 'feedback').execute(() => {`
			`return get(this, 'repo')`
			`.self(secret, dc)`
			`.then(item => {`
UI: Removes success notification on faking a success response for `self` (#4906) In order to continue supporting the legacy ACL system, we replace the 500 error from a non-existent `self` endpoint with a response of a `null` `AccessorID` - which makes sense (a null AccessorID means old API) We then redirect the user to the old ACL pages which then gives a 403 if their token was wrong which then redirects them back to the login page. Due to the multiple redirects and not wanting to test the validity of the token before redirecting (thus calling the same API endpoint twice), it is not straightforwards to turn the 'faked' response from the `self` endpoint into an error (flash messages are 'lost' through multiple redirects). In order to make this a slightly better experience, you can now return a `false` during execution of an action requiring success/failure feedback, this essentially skips the notification, so if the action is 'successful' but you don't want to show the notification, you can. This resolves showing a successful notification when the `self` endpoint response is faked. The last part of the puzzle is to make sure that the global 403 catching error in the application Route also produces an erroneous notification. Please note this can only happen with a ui client using the new ACL system when communicating with a cluster using the old ACL system, and only when you enter the wrong token. Lastly, further acceptance tests have been added around this This commit also adds functionality to avoid any possible double notification messages, to avoid UI overlapping 2018-11-07 15:57:41 +00:00			`return get(this, 'settings')`
UI: New ACLs (#4789) UI to accompany the new ACLs APIs 2018-10-19 15:17:02 +00:00			`.persist({`
			`token: {`
			`AccessorID: get(item, 'AccessorID'),`
			`SecretID: secret,`
			`},`
			`})`
UI: Catch 500 error on token endpoint and revert to legacy tokens (#4874) In some circumstances a consul 1.4 client could be running in an un-upgraded 1.3 or lower cluster. Currently this gives a 500 error on the new ACL token endpoint. Here we catch this specific 500 error/message and set the users AccessorID to null. Elsewhere in the frontend we use this fact (AccessorID being null) to decide whether to present the legacy or the new ACL UI to the user. Also: - Re-adds in most of the old style ACL acceptance tests, now that we are keeping the old style UI - Restricts code editors to HCL only mode for all `Rules` editing (legacy/'half legacy'/new style) - Adds a [Stop using] button to the old style ACL rows so its possible to logout. - Updates copy and documentation links for the upgrade notices 2018-11-02 14:44:36 +00:00			`.then(item => {`
			`// a null AccessorID means we are in legacy mode`
			`// take the user to the legacy acls`
			`// otherwise just refresh the page`
			`if (get(item, 'token.AccessorID') === null) {`
UI: Removes success notification on faking a success response for `self` (#4906) In order to continue supporting the legacy ACL system, we replace the 500 error from a non-existent `self` endpoint with a response of a `null` `AccessorID` - which makes sense (a null AccessorID means old API) We then redirect the user to the old ACL pages which then gives a 403 if their token was wrong which then redirects them back to the login page. Due to the multiple redirects and not wanting to test the validity of the token before redirecting (thus calling the same API endpoint twice), it is not straightforwards to turn the 'faked' response from the `self` endpoint into an error (flash messages are 'lost' through multiple redirects). In order to make this a slightly better experience, you can now return a `false` during execution of an action requiring success/failure feedback, this essentially skips the notification, so if the action is 'successful' but you don't want to show the notification, you can. This resolves showing a successful notification when the `self` endpoint response is faked. The last part of the puzzle is to make sure that the global 403 catching error in the application Route also produces an erroneous notification. Please note this can only happen with a ui client using the new ACL system when communicating with a cluster using the old ACL system, and only when you enter the wrong token. Lastly, further acceptance tests have been added around this This commit also adds functionality to avoid any possible double notification messages, to avoid UI overlapping 2018-11-07 15:57:41 +00:00			`// returning false for a feedback action means even though`
			`// its successful, please skip this notification and don't display it`
			`return this.transitionTo('dc.acls').then(function() {`
			`return false;`
			`});`
UI: Catch 500 error on token endpoint and revert to legacy tokens (#4874) In some circumstances a consul 1.4 client could be running in an un-upgraded 1.3 or lower cluster. Currently this gives a 500 error on the new ACL token endpoint. Here we catch this specific 500 error/message and set the users AccessorID to null. Elsewhere in the frontend we use this fact (AccessorID being null) to decide whether to present the legacy or the new ACL UI to the user. Also: - Re-adds in most of the old style ACL acceptance tests, now that we are keeping the old style UI - Restricts code editors to HCL only mode for all `Rules` editing (legacy/'half legacy'/new style) - Adds a [Stop using] button to the old style ACL rows so its possible to logout. - Updates copy and documentation links for the upgrade notices 2018-11-02 14:44:36 +00:00			`} else {`
			`this.refresh();`
			`}`
UI: New ACLs (#4789) UI to accompany the new ACLs APIs 2018-10-19 15:17:02 +00:00			`});`
			`});`
			`}, 'authorize');`
			`},`
			`},`
			`});`