Mirage factories for tokens and policies

ui/mirage/config.js

@@ -89,6 +89,40 @@ export default function() {
     return JSON.stringify(findLeader(schema));
   });
 
+  this.get('/acl/token/:id', function({ tokens }, req) {
+    const token = tokens.find(req.params.id);
+    const secret = req.requestHeaders['X-Nomad-Token'];
+    const tokenForSecret = tokens.findBy({ secretId: secret });
+
+    // Return the token only if the request header matches the token
+    // or the token is of type management
+    if (token.secretId === secret || (tokenForSecret && tokenForSecret.type === 'management')) {
+      return this.serialize(token);
+    }
+
+    // Return not authorized otherwise
+    return new Response(403, {}, null);
+  });
+
+  this.get('/acl/policy/:id', function({ policies, tokens }, req) {
+    const policy = policies.find(req.params.id);
+    const secret = req.requestHeaders['X-Nomad-Token'];
+    const tokenForSecret = tokens.findBy({ secretId: secret });
+
+    // Return the policy only if the token that matches the request header
+    // includes the policy or if the token that matches the request header
+    // is of type management
+    if (
+      tokenForSecret &&
+      (tokenForSecret.policies.includes(policy) || tokenForSecret.type === 'management')
+    ) {
+      return this.serialize(policy);
+    }
+
+    // Return not authorized otherwise
+    return new Response(403, {}, null);
+  });
+
   // TODO: in the future, this hack may be replaceable with dynamic host name
   // support in pretender: https://github.com/pretenderjs/pretender/issues/210
   HOSTS.forEach(host => {

ui/mirage/factories/policy.js

@@ -0,0 +1,18 @@
+import { Factory, faker } from 'ember-cli-mirage';
+
+export default Factory.extend({
+  id: () => faker.hacker.verb(),
+  name() {
+    return this.id;
+  },
+  description: () => (Math.random() > 0.2 ? faker.lorem.sentence() : null),
+  rules: `
+# Allow read only access to the default namespace
+namespace "default" {
+    policy = "read"
+}
+
+node {
+    policy = "read"
+}`,
+});

ui/mirage/factories/token.js

@@ -0,0 +1,27 @@
+import { Factory, faker } from 'ember-cli-mirage';
+
+export default Factory.extend({
+  id: () => faker.random.uuid(),
+  accessorId() {
+    return this.id;
+  },
+  secretId: () => faker.random.uuid(),
+  name: () => faker.name.findName(),
+  global: () => faker.random.boolean(),
+  type: i => (i === 0 ? 'management' : 'client'),
+
+  afterCreate(token, server) {
+    const policyIds = Array(faker.random.number({ min: 1, max: 5 }))
+      .fill(0)
+      .map(() => faker.hacker.verb());
+
+    policyIds.forEach(policy => {
+      const dbPolicy = server.db.policies.find(policy);
+      if (!dbPolicy) {
+        server.create('policy', { id: policy });
+      }
+    });
+
+    token.update({ policyIds });
+  },
+});

ui/mirage/scenarios/default.js

@@ -5,4 +5,21 @@ export default function(server) {
   server.createList('namespace', 3);
 
   server.createList('job', 15);
+
+  server.createList('token', 3);
+  logTokens(server);
 }
+
+/* eslint-disable */
+function logTokens(server) {
+  console.log('TOKENS:');
+  server.db.tokens.forEach(token => {
+    console.log(`
+Name: ${token.name}
+Secret: ${token.secretId}
+Accessor: ${token.accessorId}
+
+`);
+  });
+}
+/* eslint-enable */

ui/mirage/serializers/token.js

@@ -0,0 +1,12 @@
+import ApplicationSerializer from './application';
+
+export default ApplicationSerializer.extend({
+  serializeIds: 'always',
+
+  keyForRelationshipIds(relationship) {
+    if (relationship === 'policies') {
+      return 'Policies';
+    }
+    return ApplicationSerializer.prototype.keyForRelationshipIds.apply(this, arguments);
+  },
+});