open-vault/ui/app/models/auth-method.js

import { alias } from '@ember/object/computed';
import { computed } from '@ember/object';
import DS from 'ember-data';
import { fragment } from 'ember-data-model-fragments/attributes';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { memberAction } from 'ember-api-actions';

import apiPath from 'vault/utils/api-path';
import attachCapabilities from 'vault/lib/attach-capabilities';

const { attr, hasMany } = DS;

let Model = DS.Model.extend({
  authConfigs: hasMany('auth-config', { polymorphic: true, inverse: 'backend', async: false }),
  path: attr('string'),
  accessor: attr('string'),
  name: attr('string'),
  type: attr('string'),
  // namespaces introduced types with a `ns_` prefix for built-in engines
  // so we need to strip that to normalize the type
  methodType: computed('type', function() {
    return this.get('type').replace(/^ns_/, '');
  }),
  description: attr('string', {
    editType: 'textarea',
  }),
  config: fragment('mount-config', { defaultValue: {} }),
  local: attr('boolean', {
    helpText:
      'When Replication is enabled, a local mount will not be replicated across clusters. This can only be specified at mount time.',
  }),
  sealWrap: attr('boolean', {
    helpText:
      'When enabled - if a seal supporting seal wrapping is specified in the configuration, all critical security parameters (CSPs) in this backend will be seal wrapped. (For K/V mounts, all values will be seal wrapped.) This can only be specified at mount time.',
  }),

  // used when the `auth` prefix is important,
  // currently only when setting perf mount filtering
  apiPath: computed('path', function() {
    return `auth/${this.get('path')}`;
  }),
  localDisplay: computed('local', function() {
    return this.get('local') ? 'local' : 'replicated';
  }),

  tuneAttrs: computed(function() {
    return expandAttributeMeta(this, [
      'description',
      'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
    ]);
  }),

  //sys/mounts/auth/[auth-path]/tune.
  tune: memberAction({
    path: 'tune',
    type: 'post',
    urlType: 'updateRecord',
  }),

  formFields: computed(function() {
    return [
      'type',
      'path',
      'description',
      'accessor',
      'local',
      'sealWrap',
      'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
    ];
  }),

  formFieldGroups: computed(function() {
    return [
      { default: ['path'] },
      {
        'Method Options': [
          'description',
          'config.listingVisibility',
          'local',
          'sealWrap',
          'config.{defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
        ],
      },
    ];
  }),

  attrs: computed('formFields', function() {
    return expandAttributeMeta(this, this.get('formFields'));
  }),

  fieldGroups: computed('formFieldGroups', function() {
    return fieldToAttrs(this, this.get('formFieldGroups'));
  }),
  canDisable: alias('deletePath.canDelete'),
  canEdit: alias('configPath.canUpdate'),
});

export default attachCapabilities(Model, {
  deletePath: apiPath`sys/auth/${'id'}`,
  configPath: function(context) {
    if (context.type === 'aws') {
      return apiPath`auth/${'id'}/config/client`;
    } else {
      return apiPath`auth/${'id'}/config`;
    }
  },
});
Ember update (#5386) Ember update - update ember-cli, ember-data, and ember to 3.4 series 2018-09-25 16:28:26 +00:00			`import { alias } from '@ember/object/computed';`
			`import { computed } from '@ember/object';`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`import DS from 'ember-data';`
			`import { fragment } from 'ember-data-model-fragments/attributes';`
			`import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';`
			`import { memberAction } from 'ember-api-actions';`
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00
			`import apiPath from 'vault/utils/api-path';`
			`import attachCapabilities from 'vault/lib/attach-capabilities';`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00
			`const { attr, hasMany } = DS;`

kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			`let Model = DS.Model.extend({`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`authConfigs: hasMany('auth-config', { polymorphic: true, inverse: 'backend', async: false }),`
UI Onboarding Wizards (#5196) 2018-08-28 05:03:55 +00:00			`path: attr('string'),`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`accessor: attr('string'),`
			`name: attr('string'),`
UI Onboarding Wizards (#5196) 2018-08-28 05:03:55 +00:00			`type: attr('string'),`
UI namespaces (#5119) * add namespace sidebar item * depend on ember-inflector directly * list-view and list-item components * fill out components and render empty namespaces page * list namespaces in access * add menu contextual component to list item * popup contextual component * full crud for namespaces * add namespaces service and picker component * split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template * remove usage of href-to * remove ember-href-to from deps * add ember-responsive * start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint * get query param working and save ns to authdata when authenticating, feed through ns in application adapter * move to observer on the controller for setting state on the service * set state in the beforeModel hook and clear the ember data model cache * nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs * add a list of sys endpoints in a helper * hide header elements if not in the root namespace * debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change * fix display of supported engines and exclusion of sys and identity engines * don't fetch replication status if you're in a non-root namespace * hide seal sub-menu if not in the root namespace * don't autocomplete auth form inputs * always send some requests to the root namespace * use methodType and engineType instead of type in case there it is ns_ prefixed * use sys/internal/ui/namespaces to fetch the list in the dropdown * don't use model for namespace picker and always make the request to the token namespace * fix header handling for fetch calls * use namespace-reminder component on creation and edit forms throughout the application * add namespace-reminder to the console * add flat * add deepmerge for creating the tree in the menu * delayed rendering for animation timing * design and code feedback on the first round * white text in the namespace picker * fix namespace picker issues with root keys * separate path-to-tree * add tests for path-to-tree util * hide picker if you're in the root ns and you can't access other namespaces * show error message if you enter invalid characters for namespace path * return a different model if we dont have the namespaces feature and show upgrade page * if a token has a namespace_path, use that as the root user namespace and transition them there on login * use token namespace for user, but use specified namespace to log in * always renew tokens in the token namespace * fix edition-badge test 2018-08-16 17:48:24 +00:00			// namespaces introduced types with a `ns_` prefix for built-in engines
			`// so we need to strip that to normalize the type`
			`methodType: computed('type', function() {`
			`return this.get('type').replace(/^ns_/, '');`
			`}),`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`description: attr('string', {`
			`editType: 'textarea',`
			`}),`
			`config: fragment('mount-config', { defaultValue: {} }),`
UI Onboarding Wizards (#5196) 2018-08-28 05:03:55 +00:00			`local: attr('boolean', {`
			`helpText:`
Consistent capitalization 2019-03-29 23:40:12 +00:00			`'When Replication is enabled, a local mount will not be replicated across clusters. This can only be specified at mount time.',`
UI Onboarding Wizards (#5196) 2018-08-28 05:03:55 +00:00			`}),`
			`sealWrap: attr('boolean', {`
			`helpText:`
			`'When enabled - if a seal supporting seal wrapping is specified in the configuration, all critical security parameters (CSPs) in this backend will be seal wrapped. (For K/V mounts, all values will be seal wrapped.) This can only be specified at mount time.',`
			`}),`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00
			// used when the `auth` prefix is important,
			`// currently only when setting perf mount filtering`
			`apiPath: computed('path', function() {`
			return `auth/${this.get('path')}`;
			`}),`
			`localDisplay: computed('local', function() {`
			`return this.get('local') ? 'local' : 'replicated';`
			`}),`

			`tuneAttrs: computed(function() {`
UI - unauthed login methods (#4854) * fetch auth methods when going to the auth route and pass them to the auth form component * add boolean editType for form-fields * look in the data hash in the serializer * remove renderInPlace for info-tooltips as it does something goofy with widths * add new fields for auth methods * fix console refresh command on routes that use lazyPaginatedQuery * add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones * handle casing when looking up supported backends * change listingVisibility to match the new API * move wrapped_token up to the vault route level so it works from the app root 2018-07-05 18:28:12 +00:00			`return expandAttributeMeta(this, [`
			`'description',`
Add new token_type filed to auth method mount-config (#5723) 2018-11-07 19:34:33 +00:00			`'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',`
UI - unauthed login methods (#4854) * fetch auth methods when going to the auth route and pass them to the auth form component * add boolean editType for form-fields * look in the data hash in the serializer * remove renderInPlace for info-tooltips as it does something goofy with widths * add new fields for auth methods * fix console refresh command on routes that use lazyPaginatedQuery * add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones * handle casing when looking up supported backends * change listingVisibility to match the new API * move wrapped_token up to the vault route level so it works from the app root 2018-07-05 18:28:12 +00:00			`]);`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`}),`

			`//sys/mounts/auth/[auth-path]/tune.`
			`tune: memberAction({`
			`path: 'tune',`
			`type: 'post',`
			`urlType: 'updateRecord',`
			`}),`

Ember update (#5386) Ember update - update ember-cli, ember-data, and ember to 3.4 series 2018-09-25 16:28:26 +00:00			`formFields: computed(function() {`
			`return [`
			`'type',`
			`'path',`
			`'description',`
			`'accessor',`
			`'local',`
			`'sealWrap',`
Add new token_type filed to auth method mount-config (#5723) 2018-11-07 19:34:33 +00:00			`'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',`
Ember update (#5386) Ember update - update ember-cli, ember-data, and ember to 3.4 series 2018-09-25 16:28:26 +00:00			`];`
			`}),`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00
Ember update (#5386) Ember update - update ember-cli, ember-data, and ember to 3.4 series 2018-09-25 16:28:26 +00:00			`formFieldGroups: computed(function() {`
			`return [`
			`{ default: ['path'] },`
			`{`
			`'Method Options': [`
			`'description',`
			`'config.listingVisibility',`
			`'local',`
			`'sealWrap',`
Add new token_type filed to auth method mount-config (#5723) 2018-11-07 19:34:33 +00:00			`'config.{defaultLeaseTtl,maxLeaseTtl,tokenType,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',`
Ember update (#5386) Ember update - update ember-cli, ember-data, and ember to 3.4 series 2018-09-25 16:28:26 +00:00			`],`
			`},`
			`];`
			`}),`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00
			`attrs: computed('formFields', function() {`
			`return expandAttributeMeta(this, this.get('formFields'));`
			`}),`

			`fieldGroups: computed('formFieldGroups', function() {`
			`return fieldToAttrs(this, this.get('formFieldGroups'));`
			`}),`
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			`canDisable: alias('deletePath.canDelete'),`
			`canEdit: alias('configPath.canUpdate'),`
			`});`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			`export default attachCapabilities(Model, {`
fix typo (#7394) 2019-09-03 19:15:57 +00:00			deletePath: apiPath`sys/auth/${'id'}`,
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			`configPath: function(context) {`
			`if (context.type === 'aws') {`
			return apiPath`auth/${'id'}/config/client`;
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`} else {`
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			return apiPath`auth/${'id'}/config`;
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`}`
kv v2 display bugs (#7307) * fix switch css * allow breadcrumbs container to grow if it's overflowed so that it's still usable * close the dropdowns on destructive actions that cause a route refresh * use new attachCapabilities for context menus on auth methods to get rid of an error 2019-08-13 21:54:51 +00:00			`},`
Moving UI assets to OSS 2018-04-03 14:16:57 +00:00			`});`