Mirage factories for tokens and policies
This commit is contained in:
parent
d177cf90c3
commit
21a9d9c4e5
|
@ -89,6 +89,40 @@ export default function() {
|
|||
return JSON.stringify(findLeader(schema));
|
||||
});
|
||||
|
||||
this.get('/acl/token/:id', function({ tokens }, req) {
|
||||
const token = tokens.find(req.params.id);
|
||||
const secret = req.requestHeaders['X-Nomad-Token'];
|
||||
const tokenForSecret = tokens.findBy({ secretId: secret });
|
||||
|
||||
// Return the token only if the request header matches the token
|
||||
// or the token is of type management
|
||||
if (token.secretId === secret || (tokenForSecret && tokenForSecret.type === 'management')) {
|
||||
return this.serialize(token);
|
||||
}
|
||||
|
||||
// Return not authorized otherwise
|
||||
return new Response(403, {}, null);
|
||||
});
|
||||
|
||||
this.get('/acl/policy/:id', function({ policies, tokens }, req) {
|
||||
const policy = policies.find(req.params.id);
|
||||
const secret = req.requestHeaders['X-Nomad-Token'];
|
||||
const tokenForSecret = tokens.findBy({ secretId: secret });
|
||||
|
||||
// Return the policy only if the token that matches the request header
|
||||
// includes the policy or if the token that matches the request header
|
||||
// is of type management
|
||||
if (
|
||||
tokenForSecret &&
|
||||
(tokenForSecret.policies.includes(policy) || tokenForSecret.type === 'management')
|
||||
) {
|
||||
return this.serialize(policy);
|
||||
}
|
||||
|
||||
// Return not authorized otherwise
|
||||
return new Response(403, {}, null);
|
||||
});
|
||||
|
||||
// TODO: in the future, this hack may be replaceable with dynamic host name
|
||||
// support in pretender: https://github.com/pretenderjs/pretender/issues/210
|
||||
HOSTS.forEach(host => {
|
||||
|
|
18
ui/mirage/factories/policy.js
Normal file
18
ui/mirage/factories/policy.js
Normal file
|
@ -0,0 +1,18 @@
|
|||
import { Factory, faker } from 'ember-cli-mirage';
|
||||
|
||||
export default Factory.extend({
|
||||
id: () => faker.hacker.verb(),
|
||||
name() {
|
||||
return this.id;
|
||||
},
|
||||
description: () => (Math.random() > 0.2 ? faker.lorem.sentence() : null),
|
||||
rules: `
|
||||
# Allow read only access to the default namespace
|
||||
namespace "default" {
|
||||
policy = "read"
|
||||
}
|
||||
|
||||
node {
|
||||
policy = "read"
|
||||
}`,
|
||||
});
|
27
ui/mirage/factories/token.js
Normal file
27
ui/mirage/factories/token.js
Normal file
|
@ -0,0 +1,27 @@
|
|||
import { Factory, faker } from 'ember-cli-mirage';
|
||||
|
||||
export default Factory.extend({
|
||||
id: () => faker.random.uuid(),
|
||||
accessorId() {
|
||||
return this.id;
|
||||
},
|
||||
secretId: () => faker.random.uuid(),
|
||||
name: () => faker.name.findName(),
|
||||
global: () => faker.random.boolean(),
|
||||
type: i => (i === 0 ? 'management' : 'client'),
|
||||
|
||||
afterCreate(token, server) {
|
||||
const policyIds = Array(faker.random.number({ min: 1, max: 5 }))
|
||||
.fill(0)
|
||||
.map(() => faker.hacker.verb());
|
||||
|
||||
policyIds.forEach(policy => {
|
||||
const dbPolicy = server.db.policies.find(policy);
|
||||
if (!dbPolicy) {
|
||||
server.create('policy', { id: policy });
|
||||
}
|
||||
});
|
||||
|
||||
token.update({ policyIds });
|
||||
},
|
||||
});
|
|
@ -5,4 +5,21 @@ export default function(server) {
|
|||
server.createList('namespace', 3);
|
||||
|
||||
server.createList('job', 15);
|
||||
|
||||
server.createList('token', 3);
|
||||
logTokens(server);
|
||||
}
|
||||
|
||||
/* eslint-disable */
|
||||
function logTokens(server) {
|
||||
console.log('TOKENS:');
|
||||
server.db.tokens.forEach(token => {
|
||||
console.log(`
|
||||
Name: ${token.name}
|
||||
Secret: ${token.secretId}
|
||||
Accessor: ${token.accessorId}
|
||||
|
||||
`);
|
||||
});
|
||||
}
|
||||
/* eslint-enable */
|
||||
|
|
12
ui/mirage/serializers/token.js
Normal file
12
ui/mirage/serializers/token.js
Normal file
|
@ -0,0 +1,12 @@
|
|||
import ApplicationSerializer from './application';
|
||||
|
||||
export default ApplicationSerializer.extend({
|
||||
serializeIds: 'always',
|
||||
|
||||
keyForRelationshipIds(relationship) {
|
||||
if (relationship === 'policies') {
|
||||
return 'Policies';
|
||||
}
|
||||
return ApplicationSerializer.prototype.keyForRelationshipIds.apply(this, arguments);
|
||||
},
|
||||
});
|
Loading…
Reference in a new issue