2021-06-15 15:21:54 +00:00
import {
click ,
visit ,
settled ,
currentURL ,
currentRouteName ,
fillIn ,
triggerKeyEvent ,
2021-09-03 17:08:26 +00:00
typeIn ,
2021-06-15 15:21:54 +00:00
} from '@ember/test-helpers' ;
2018-11-19 21:47:58 +00:00
import { create } from 'ember-cli-page-object' ;
2018-09-25 16:28:26 +00:00
import { module , test } from 'qunit' ;
import { setupApplicationTest } from 'ember-qunit' ;
2018-04-03 14:16:57 +00:00
import editPage from 'vault/tests/pages/secrets/backend/kv/edit-secret' ;
import showPage from 'vault/tests/pages/secrets/backend/kv/show' ;
import listPage from 'vault/tests/pages/secrets/backend/list' ;
2018-04-16 22:18:46 +00:00
import mountSecrets from 'vault/tests/pages/settings/mount-secret-backend' ;
2018-04-20 02:26:25 +00:00
import apiStub from 'vault/tests/helpers/noop-all-api-requests' ;
2018-09-25 16:28:26 +00:00
import authPage from 'vault/tests/pages/auth' ;
2018-12-03 14:22:13 +00:00
import logout from 'vault/tests/pages/logout' ;
2018-11-19 21:47:58 +00:00
import consoleClass from 'vault/tests/pages/components/console/ui-panel' ;
const consoleComponent = create ( consoleClass ) ;
2018-04-16 22:18:46 +00:00
2018-12-03 14:22:13 +00:00
let writeSecret = async function ( backend , path , key , val ) {
await listPage . visitRoot ( { backend } ) ;
await listPage . create ( ) ;
return editPage . createSecret ( path , key , val ) ;
} ;
2021-01-04 16:32:52 +00:00
module ( 'Acceptance | secrets/secret/create' , function ( hooks ) {
2018-09-25 16:28:26 +00:00
setupApplicationTest ( hooks ) ;
2018-12-03 14:22:13 +00:00
hooks . beforeEach ( async function ( ) {
2018-04-20 02:26:25 +00:00
this . server = apiStub ( { usePassthrough : true } ) ;
2018-09-25 16:28:26 +00:00
return authPage . login ( ) ;
} ) ;
hooks . afterEach ( function ( ) {
2018-04-16 22:18:46 +00:00
this . server . shutdown ( ) ;
2018-09-25 16:28:26 +00:00
} ) ;
2018-04-03 14:16:57 +00:00
2018-09-25 16:28:26 +00:00
test ( 'it creates a secret and redirects' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
const secretPath = ` kv-path- ${ new Date ( ) . getTime ( ) } ` ;
2018-09-25 16:28:26 +00:00
await listPage . visitRoot ( { backend : 'secret' } ) ;
2021-07-30 15:50:08 +00:00
await settled ( ) ;
2018-04-03 14:16:57 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.list-root' , 'navigates to the list page' ) ;
2018-09-25 16:28:26 +00:00
await listPage . create ( ) ;
2021-07-30 15:50:08 +00:00
await settled ( ) ;
2021-08-31 15:41:41 +00:00
await editPage . toggleMetadata ( ) ;
await settled ( ) ;
2018-12-03 14:22:13 +00:00
assert . ok ( editPage . hasMetadataFields , 'shows the metadata form' ) ;
2021-10-14 17:47:10 +00:00
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
2021-07-30 15:50:08 +00:00
await settled ( ) ;
2018-10-17 04:23:29 +00:00
2018-04-03 14:16:57 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
2018-11-19 21:47:58 +00:00
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
} ) ;
test ( 'it can create a secret when check-and-set is required' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'foo/bar' ;
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
await consoleComponent . runCommands ( ` write ${ enginePath } /config cas_required=true ` ) ;
2018-12-03 14:22:13 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2018-11-19 21:47:58 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
2018-04-03 14:16:57 +00:00
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
} ) ;
2018-04-16 22:18:46 +00:00
2021-09-03 17:08:26 +00:00
test ( 'it can create a secret with a non default max version and add metadata' , async function ( assert ) {
2021-07-07 17:50:00 +00:00
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'maxVersions' ;
let maxVersions = 101 ;
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
2021-07-30 15:50:08 +00:00
await settled ( ) ;
2021-09-03 17:08:26 +00:00
await editPage . startCreateSecret ( ) ;
await editPage . path ( secretPath ) ;
await editPage . toggleMetadata ( ) ;
await settled ( ) ;
await editPage . maxVersion ( maxVersions ) ;
await settled ( ) ;
await editPage . save ( ) ;
await settled ( ) ;
await editPage . metadataTab ( ) ;
await settled ( ) ;
let savedMaxVersions = Number (
document . querySelector ( '[data-test-value-div="Maximum versions"]' ) . innerText
) ;
assert . equal (
maxVersions ,
savedMaxVersions ,
'max_version displays the saved number set when creating the secret'
) ;
// add metadata
await click ( '[data-test-add-custom-metadata]' ) ;
await fillIn ( '[data-test-kv-key]' , 'key' ) ;
await fillIn ( '[data-test-kv-value]' , 'value' ) ;
await click ( '[data-test-save-metadata]' ) ;
let key = document . querySelector ( '[data-test-row-label="key"]' ) . innerText ;
let value = document . querySelector ( '[data-test-row-value="key"]' ) . innerText ;
assert . equal ( key , 'key' , 'metadata key displays after adding it.' ) ;
assert . equal ( value , 'value' , 'metadata value displays after adding it.' ) ;
} ) ;
test ( 'it can handle validation on custom metadata' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'customMetadataValidations' ;
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
await settled ( ) ;
await editPage . startCreateSecret ( ) ;
await editPage . path ( secretPath ) ;
await editPage . toggleMetadata ( ) ;
await settled ( ) ;
await typeIn ( '[data-test-kv-value]' , 'invalid\\/' ) ;
assert
. dom ( '[data-test-inline-error-message]' )
. hasText ( 'Custom values cannot contain a backward slash.' , 'will not allow backward slash in value.' ) ;
//remove validation error and cause another error that is captured by the API
await fillIn ( '[data-test-kv-value]' , 'removed' ) ;
await typeIn ( '[data-test-kv-value]' , '!' ) ;
await click ( '[data-test-secret-save="true"]' ) ;
assert
. dom ( '[data-test-error]' )
. includesText (
'custom_metadata validation failed: length of key' ,
'shows API error that is not captured by validation'
) ;
} ) ;
2021-10-14 17:47:10 +00:00
test ( 'it can mount a KV 2 secret engine with config metadata' , async function ( assert ) {
2021-09-03 17:08:26 +00:00
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let maxVersion = 101 ;
await mountSecrets . visit ( ) ;
await click ( '[data-test-mount-type="kv"]' ) ;
await settled ( ) ;
await click ( '[data-test-mount-next]' ) ;
await settled ( ) ;
await fillIn ( '[data-test-input="path"]' , enginePath ) ;
await fillIn ( '[data-test-input="maxVersions"]' , maxVersion ) ;
await click ( '[data-test-input="casRequired"]' ) ;
await click ( '[data-test-toggle-label="Automate secret deletion"]' ) ;
await fillIn ( '[data-test-ttl-value="Automate secret deletion"]' , '1' ) ;
await click ( '[data-test-mount-submit="true"]' ) ;
await settled ( ) ;
await click ( '[data-test-configuration-tab]' ) ;
await settled ( ) ;
2021-09-15 18:14:18 +00:00
let cas = document . querySelector ( '[data-test-value-div="Require Check and Set"]' ) . innerText ;
let deleteVersionAfter = document . querySelector ( '[data-test-value-div="Automate secret deletion"]' )
. innerText ;
let savedMaxVersion = document . querySelector ( '[data-test-value-div="Maximum number of versions"]' )
. innerText ;
2021-09-03 17:08:26 +00:00
assert . equal (
maxVersion ,
savedMaxVersion ,
'displays the max version set when configuring the secret-engine'
) ;
assert . equal ( cas . trim ( ) , 'Yes' , 'displays the cas set when configuring the secret-engine' ) ;
assert . equal (
deleteVersionAfter . trim ( ) ,
'1s' ,
'displays the delete version after set when configuring the secret-engine'
) ;
} ) ;
test ( 'it can create a secret and metadata can be created and edited' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'metadata' ;
let maxVersions = 101 ;
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
await settled ( ) ;
await editPage . startCreateSecret ( ) ;
await editPage . path ( secretPath ) ;
2021-08-31 15:41:41 +00:00
await editPage . toggleMetadata ( ) ;
await settled ( ) ;
2021-07-07 17:50:00 +00:00
await fillIn ( '[data-test-input="maxVersions"]' , maxVersions ) ;
await settled ( ) ;
2021-08-31 15:41:41 +00:00
await editPage . save ( ) ;
await settled ( ) ;
await editPage . metadataTab ( ) ;
2021-07-07 17:50:00 +00:00
await settled ( ) ;
2021-08-31 15:41:41 +00:00
let savedMaxVersions = Number ( document . querySelectorAll ( '[data-test-value-div]' ) [ 0 ] . innerText ) ;
2021-07-07 17:50:00 +00:00
assert . equal (
maxVersions ,
savedMaxVersions ,
'max_version displays the saved number set when creating the secret'
) ;
} ) ;
2021-06-15 15:21:54 +00:00
test ( 'it disables save when validation errors occur' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
2021-10-14 17:47:10 +00:00
let secretPath = 'not-duplicate' ;
2021-06-15 15:21:54 +00:00
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
2021-07-30 15:50:08 +00:00
await settled ( ) ;
2021-09-03 17:08:26 +00:00
await editPage . startCreateSecret ( ) ;
await typeIn ( '[data-test-secret-path="true"]' , 'beep' ) ;
2021-06-22 16:34:00 +00:00
assert
. dom ( '[data-test-inline-error-message]' )
. hasText (
'A secret with this path already exists.' ,
'when duplicate path it shows correct error message'
) ;
2021-08-31 15:41:41 +00:00
await editPage . toggleMetadata ( ) ;
await settled ( ) ;
2021-09-03 17:08:26 +00:00
await typeIn ( '[data-test-input="maxVersions"]' , 'abc' ) ;
2021-08-31 15:41:41 +00:00
await settled ( ) ;
2021-06-22 16:34:00 +00:00
assert
. dom ( '[data-test-input="maxVersions"]' )
. hasClass ( 'has-error-border' , 'shows border error on input with error' ) ;
2021-06-15 15:21:54 +00:00
assert . dom ( '[data-test-secret-save="true"]' ) . isDisabled ( 'Save button is disabled' ) ;
2021-09-03 17:08:26 +00:00
await fillIn ( '[data-test-input="maxVersions"]' , 20 ) ; // fillIn replaces the text, whereas typeIn only adds to it.
2021-06-15 15:21:54 +00:00
await triggerKeyEvent ( '[data-test-input="maxVersions"]' , 'keyup' , 65 ) ;
2021-10-14 17:47:10 +00:00
await editPage . path ( secretPath ) ;
2021-06-22 16:34:00 +00:00
await triggerKeyEvent ( '[data-test-secret-path="true"]' , 'keyup' , 65 ) ;
2021-06-15 15:21:54 +00:00
await click ( '[data-test-secret-save="true"]' ) ;
2021-10-14 17:47:10 +00:00
assert . equal ( currentURL ( ) , ` /vault/secrets/ ${ enginePath } /show/ ${ secretPath } ` , 'navigates to show secret' ) ;
2021-06-15 15:21:54 +00:00
} ) ;
2021-07-14 21:38:55 +00:00
test ( 'it navigates to version history and to a specific version' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = ` specific-version ` ;
2021-09-28 19:15:43 +00:00
let today = new Date ( ) ;
let month = today . toString ( ) . split ( ' ' ) [ 1 ] ;
2021-10-14 17:47:10 +00:00
await mountSecrets . visit ( ) ;
await mountSecrets . enable ( 'kv' , enginePath ) ;
await settled ( ) ;
await listPage . visitRoot ( { backend : enginePath } ) ;
2021-07-14 21:38:55 +00:00
await settled ( ) ;
await listPage . create ( ) ;
await settled ( ) ;
2021-10-14 17:47:10 +00:00
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
2021-07-14 21:38:55 +00:00
await click ( '[data-test-popup-menu-trigger="version"]' ) ;
await settled ( ) ;
2021-09-28 19:15:43 +00:00
assert . dom ( '[ data-test-created-time]' ) . includesText ( month , 'created time shows todays month' ) ;
2021-07-14 21:38:55 +00:00
await click ( '[data-test-version-history]' ) ;
await settled ( ) ;
assert
. dom ( '[data-test-list-item-content]' )
2021-09-28 19:15:43 +00:00
. includesText ( 'Version 1 Current' , 'shows version one data on the version history as current' ) ;
2021-07-14 21:38:55 +00:00
assert . dom ( '[data-test-list-item-content]' ) . exists ( { count : 1 } , 'renders a single version' ) ;
await click ( '.linked-block' ) ;
await settled ( ) ;
await settled ( ) ;
assert . dom ( '[data-test-masked-input]' ) . hasText ( 'bar' , 'renders secret on the secret version show page' ) ;
assert . equal (
currentURL ( ) ,
2021-10-14 17:47:10 +00:00
` /vault/secrets/ ${ enginePath } /show/ ${ secretPath } ?version=1 ` ,
2021-07-14 21:38:55 +00:00
'redirects to the show page with queryParam version=1'
) ;
} ) ;
2021-09-03 17:08:26 +00:00
test ( 'version 1 performs the correct capabilities lookup and does not show metadata tab' , async function ( assert ) {
2018-09-25 16:28:26 +00:00
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'foo/bar' ;
// mount version 1 engine
await mountSecrets . visit ( ) ;
await mountSecrets . selectType ( 'kv' ) ;
2019-04-10 14:36:32 +00:00
await mountSecrets
. next ( )
. path ( enginePath )
2021-04-02 20:17:42 +00:00
. toggleOptions ( )
2019-04-10 14:36:32 +00:00
. version ( 1 )
. submit ( ) ;
2018-09-25 16:28:26 +00:00
await listPage . create ( ) ;
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
2018-10-17 04:23:29 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
2021-10-14 17:47:10 +00:00
// check for metadata tab should not exist on KV version 1
2021-09-03 17:08:26 +00:00
assert . dom ( '[data-test-secret-metadata-tab]' ) . doesNotExist ( 'does not show metadata tab' ) ;
2018-04-16 22:18:46 +00:00
} ) ;
2018-06-25 20:30:11 +00:00
2018-12-20 19:46:37 +00:00
// https://github.com/hashicorp/vault/issues/5960
test ( 'version 1: nested paths creation maintains ability to navigate the tree' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = '1/2/3/4' ;
// mount version 1 engine
await mountSecrets . visit ( ) ;
await mountSecrets . selectType ( 'kv' ) ;
2019-04-10 14:36:32 +00:00
await mountSecrets
. next ( )
. path ( enginePath )
2021-04-02 20:17:42 +00:00
. toggleOptions ( )
2019-04-10 14:36:32 +00:00
. version ( 1 )
. submit ( ) ;
2018-12-20 19:46:37 +00:00
await listPage . create ( ) ;
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
// setup an ancestor for when we delete
await listPage . visitRoot ( { backend : enginePath } ) ;
await listPage . secrets . filterBy ( 'text' , '1/' ) [ 0 ] . click ( ) ;
await listPage . create ( ) ;
await editPage . createSecret ( '1/2' , 'foo' , 'bar' ) ;
// lol we have to do this because ember-cli-page-object doesn't like *'s in visitable
await listPage . visitRoot ( { backend : enginePath } ) ;
await listPage . secrets . filterBy ( 'text' , '1/' ) [ 0 ] . click ( ) ;
await listPage . secrets . filterBy ( 'text' , '2/' ) [ 0 ] . click ( ) ;
await listPage . secrets . filterBy ( 'text' , '3/' ) [ 0 ] . click ( ) ;
await listPage . create ( ) ;
await editPage . createSecret ( secretPath + 'a' , 'foo' , 'bar' ) ;
await listPage . visitRoot ( { backend : enginePath } ) ;
await listPage . secrets . filterBy ( 'text' , '1/' ) [ 0 ] . click ( ) ;
await listPage . secrets . filterBy ( 'text' , '2/' ) [ 0 ] . click ( ) ;
let secretLink = listPage . secrets . filterBy ( 'text' , '3/' ) [ 0 ] ;
assert . ok ( secretLink , 'link to the 3/ branch displays properly' ) ;
await listPage . secrets . filterBy ( 'text' , '3/' ) [ 0 ] . click ( ) ;
2019-05-03 22:20:14 +00:00
await listPage . secrets . objectAt ( 0 ) . menuToggle ( ) ;
2018-12-20 19:46:37 +00:00
await settled ( ) ;
await listPage . delete ( ) ;
await listPage . confirmDelete ( ) ;
await settled ( ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.list' ) ;
assert . equal ( currentURL ( ) , ` /vault/secrets/ ${ enginePath } /list/1/2/3/ ` , 'remains on the page' ) ;
2019-05-03 22:20:14 +00:00
await listPage . secrets . objectAt ( 0 ) . menuToggle ( ) ;
2018-12-20 19:46:37 +00:00
await listPage . delete ( ) ;
await listPage . confirmDelete ( ) ;
await settled ( ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.list' ) ;
assert . equal (
currentURL ( ) ,
` /vault/secrets/ ${ enginePath } /list/1/ ` ,
'navigates to the ancestor created earlier'
) ;
} ) ;
2021-07-14 21:38:55 +00:00
2019-02-09 00:50:50 +00:00
test ( 'first level secrets redirect properly upon deletion' , async function ( assert ) {
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'test' ;
// mount version 1 engine
await mountSecrets . visit ( ) ;
await mountSecrets . selectType ( 'kv' ) ;
2019-04-10 14:36:32 +00:00
await mountSecrets
. next ( )
. path ( enginePath )
2021-04-02 20:17:42 +00:00
. toggleOptions ( )
2019-04-10 14:36:32 +00:00
. version ( 1 )
. submit ( ) ;
2019-02-09 00:50:50 +00:00
await listPage . create ( ) ;
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
2021-05-19 16:43:55 +00:00
await showPage . deleteSecretV1 ( ) ;
2019-02-09 00:50:50 +00:00
assert . equal (
currentRouteName ( ) ,
'vault.cluster.secrets.backend.list-root' ,
'redirected to the list page on delete'
) ;
} ) ;
2018-12-20 19:46:37 +00:00
2019-01-10 17:18:29 +00:00
// https://github.com/hashicorp/vault/issues/5994
test ( 'version 1: key named keys' , async function ( assert ) {
await consoleComponent . runCommands ( [
'vault write sys/mounts/test type=kv' ,
'refresh' ,
'vault write test/a keys=a keys=b' ,
] ) ;
await showPage . visit ( { backend : 'test' , id : 'a' } ) ;
assert . ok ( showPage . editIsPresent , 'renders the page properly' ) ;
} ) ;
2018-09-25 16:28:26 +00:00
test ( 'it redirects to the path ending in / for list pages' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
const secretPath = ` foo/bar/kv-path- ${ new Date ( ) . getTime ( ) } ` ;
2018-09-25 16:28:26 +00:00
await listPage . visitRoot ( { backend : 'secret' } ) ;
await listPage . create ( ) ;
2021-10-14 17:47:10 +00:00
await editPage . createSecret ( secretPath , 'foo' , 'bar' ) ;
Ember-cli upgrade from ~3.8 to ~3.20 (#9972)
* Update ember-cli to ~3.20
* Remove bad optional-feature
* Remove ember-fetch dep
* re-install ember-fetch
* update model fragments pr
* update ember model fragments correct package name
* update ember composable helpers to solve array helper error
* update ember-concurrency
* add back engine dependencies, automatically removed during ember-cli-upgrade
* make author-form-options component js file otherwise error
* for now comment out withTestWaiter
* add eslint-node and fix if not with unless in templates
* fix linting for tab index of false is now -1 and add type button to all buttons without types
* fix href errors for linting, likely have to come back and fix
* using eslint fix flag to fix all this.gets
* ember modules codemode removed files that had module twice, will fix in next commit
* finish codemode ember-data-codemod needed to rename const model
* more this.get removal codemode did not work
* cont. removal of this.get
* stop mixin rules until figure out how to reconfig them all
* smaller eslint ignores
* get codemode
* testing app small fixes to bring it back after all the changes
* small changes to eslint
* test removal of getProperties
* fix issue with baseKey because value could be unknown needed to add a question mark in nested get
* smaller linting fixes
* get nested fixes
* small linting error fixes
* small linting changes
* working through more small linting changes
* another round of linting modifications
* liniting fixes
* ember module codemod
* quinit dom codemod
* angle bracket codemod
* discovered that components must have js files
* ran all codemods this is all that's left
* small changes to fix get needs two object, should not have been using get.
* fix issue with one input in form field
* fun times with set and onChange from oninput
* fix issue with model not being passed through on secret-edit-display
* fix issue with yarn run test not working, revert without npm run all
* linting and small fix when loading without a selectAuthBackend
* fix failing test with ui-wizard issue
* fix test failure due to model not being asked for correctly with new changes, probably run into this more.
* fix issue with component helper and at props specific to wizard
* rename log to clilog due to conflict with new eslint rule
* small changes for test failures
* component helper at fixes
* Revert to old component style something with new one broke this and can't figure it out for now
* small fishy smelling test fixes will revisit
* small test changes
* more small test changes, appears upgrade treats spaces differently
* comment out code and test that no longer seems relevant but confirm
* clean run on component test though still some potential timing issues on ui-console test
* fixing one auth test issue and timing issue on enable-test
* small mods
* fix this conditional check from upgrade
* linting fixes after master merge
* package updates using yarn upgrade-interactive
* update libraries that did not effect any of the test failures.
* update ember truth helpers library
* settling tests
* Fix ui-panel control group output
* fix features selection test failures
* Fix auth tests (x-vault-token)
* fix shared test
* fix issue with data null on backend
* Revert "Fix auth tests (x-vault-token)"
This reverts commit 89cb174b2f1998efa56d9604d14131415ae65d6f.
* Fix auth tests (x-vault-token) without updating this.set
* Update redirect-to tests
* fix wrapped token test
* skip some flaky test
* fix issue with href and a tags vs buttons
* fix linting
* updates to get tests running (#10409)
* yarn isntall
* increasing resource_class
* whoops
* trying large
* back to xlarge
* Fix param issue on transform item routes
* test fixes
* settle on policies (old) test
* fix browserstack test warning and skips of test confirmed worked
* Fix redirect-to test
* skips
* fix transformation test and skip some kmip
* Skip tests
* Add meep marker to remaining failing tests
* Skip test with failing component
* rever skip on secret-create test
* Skip piece of test that fails due to navigation-input
* fix settings test where can and skip in others after confirming
* fix circle ci test failures
* ssh role settle
* Fix navigate-input and add settled to test
* Remove extra import
* secret cubbyhole and alicloud
* Add settled to gcpkms test
* settles on redirect to test
* Bump browserstack test resource to large
* Update browserstack resource size to xlarge
* update todos
* add back in withTestWaiter
* try and fix credentials conditional action added comment instead
* Update volatile computed properies to get functions
* this step was never reached and we never defined secretType anywhere so I removed
* add settled to policy old test
* Fix navigate-input on policies and leases
* replace ssh test with no var hoping that helps and add settled to other failing tests, unskip console tests
* kmip, transit, role test remove a skip and add in settled
* fix hover copy button, had to remove some testing functionality
* Remove private router service
* remove skip on control ssh and ui panel, fix search select by restructuring how to read the error
* final bit of working through skipped test
* Replace clearNonGlobalModels by linking directly to namespace with href-to
* Remove unused var
* Fix role-ssh id bug by updating form-field-from-model to form-field-group-loop
* Fix transit create id would not update
* Update option toggle selector for ssh-role
* Fix ssh selector
* cleanup pt1
* small clean up
* cleanup part2
* Fix computed on pricing-metrics-form
* small cleanup based on chelseas comments.
Co-authored-by: Chelsea Shaw <chelshaw.dev@gmail.com>
Co-authored-by: Sarah Thompson <sthompson@hashicorp.com>
2020-12-03 23:00:22 +00:00
await settled ( ) ;
2019-03-01 16:08:30 +00:00
// use visit helper here because ids with / in them get encoded
await visit ( '/vault/secrets/secret/list/foo/bar' ) ;
2018-06-25 20:30:11 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.list' ) ;
assert . ok ( currentURL ( ) . endsWith ( '/' ) , 'redirects to the path ending in a slash' ) ;
} ) ;
2018-11-09 20:00:53 +00:00
test ( 'it can edit via the JSON input' , async function ( assert ) {
let content = JSON . stringify ( { foo : 'fa' , bar : 'boo' } ) ;
2021-10-14 17:47:10 +00:00
const secretPath = ` kv-path- ${ new Date ( ) . getTime ( ) } ` ;
2018-11-09 20:00:53 +00:00
await listPage . visitRoot ( { backend : 'secret' } ) ;
await listPage . create ( ) ;
2021-10-14 17:47:10 +00:00
await editPage . path ( secretPath ) . toggleJSON ( ) ;
2018-11-09 20:00:53 +00:00
await editPage . editor . fillIn ( this , content ) ;
await editPage . save ( ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
assert . equal (
showPage . editor . content ( this ) ,
JSON . stringify ( { bar : 'boo' , foo : 'fa' } , null , 2 ) ,
'saves the content'
) ;
} ) ;
2018-12-03 14:22:13 +00:00
2021-09-29 20:35:00 +00:00
test ( 'paths are properly encoded' , async function ( assert ) {
let backend = 'kv' ;
let paths = [
'(' ,
')' ,
'"' ,
//"'",
'!' ,
'#' ,
'$' ,
'&' ,
'*' ,
'+' ,
'@' ,
'{' ,
'|' ,
'}' ,
'~' ,
'[' ,
'\\' ,
']' ,
'^' ,
'_' ,
] . map ( char => ` ${ char } some ` ) ;
assert . expect ( paths . length * 2 ) ;
2021-10-14 17:47:10 +00:00
let secretPath = '2' ;
let commands = paths . map ( path => ` write ' ${ backend } / ${ path } / ${ secretPath } ' 3=4 ` ) ;
2021-09-29 20:35:00 +00:00
await consoleComponent . runCommands ( [ 'write sys/mounts/kv type=kv' , ... commands ] ) ;
for ( let path of paths ) {
await listPage . visit ( { backend , id : path } ) ;
assert . ok ( listPage . secrets . filterBy ( 'text' , '2' ) [ 0 ] , ` ${ path } : secret is displayed properly ` ) ;
await listPage . secrets . filterBy ( 'text' , '2' ) [ 0 ] . click ( ) ;
assert . equal (
currentRouteName ( ) ,
'vault.cluster.secrets.backend.show' ,
` ${ path } : show page renders correctly `
) ;
}
} ) ;
2021-10-28 16:50:33 +00:00
test ( 'create secret with space shows version data and shows space warning' , async function ( assert ) {
2021-09-29 20:35:00 +00:00
let enginePath = ` kv- ${ new Date ( ) . getTime ( ) } ` ;
let secretPath = 'space space' ;
// mount version 2
await mountSecrets . visit ( ) ;
await mountSecrets . selectType ( 'kv' ) ;
await mountSecrets
. next ( )
. path ( enginePath )
. submit ( ) ;
await settled ( ) ;
await listPage . create ( ) ;
2021-10-28 16:50:33 +00:00
await editPage . createSecretDontSave ( secretPath , 'foo' , 'bar' ) ;
// to trigger warning need to hit keyup on the secret path
await triggerKeyEvent ( '[data-test-secret-path="true"]' , 'keyup' , 65 ) ;
await settled ( ) ;
assert . dom ( '[data-test-whitespace-warning]' ) . exists ( 'renders warning about their being a space' ) ;
await settled ( ) ;
await click ( '[data-test-secret-save="true"]' ) ;
2021-09-29 20:35:00 +00:00
await settled ( ) ;
await click ( '[data-test-popup-menu-trigger="version"]' ) ;
await settled ( ) ;
await click ( '[data-test-version-history]' ) ;
await settled ( ) ;
assert . dom ( '[data-test-list-item-content]' ) . exists ( 'renders the version and not an error state' ) ;
// click on version
await click ( '[data-test-popup-menu-trigger="true"]' ) ;
await click ( '[data-test-version]' ) ;
await settled ( ) ;
// perform encode function that should be done by the encodePath
let encodedSecretPath = secretPath . replace ( / /g , '%20' ) ;
assert . equal ( currentURL ( ) , ` /vault/secrets/ ${ enginePath } /show/ ${ encodedSecretPath } ?version=1 ` ) ;
} ) ;
// the web cli does not handle a quote as part of a path, so we test it here via the UI
test ( 'creating a secret with a single or double quote works properly' , async function ( assert ) {
await consoleComponent . runCommands ( 'write sys/mounts/kv type=kv' ) ;
let paths = [ "'some" , '"some' ] ;
for ( let path of paths ) {
await listPage . visitRoot ( { backend : 'kv' } ) ;
await listPage . create ( ) ;
await editPage . createSecret ( ` ${ path } /2 ` , 'foo' , 'bar' ) ;
await listPage . visit ( { backend : 'kv' , id : path } ) ;
assert . ok ( listPage . secrets . filterBy ( 'text' , '2' ) [ 0 ] , ` ${ path } : secret is displayed properly ` ) ;
await listPage . secrets . filterBy ( 'text' , '2' ) [ 0 ] . click ( ) ;
assert . equal (
currentRouteName ( ) ,
'vault.cluster.secrets.backend.show' ,
` ${ path } : show page renders correctly `
) ;
}
} ) ;
test ( 'filter clears on nav' , async function ( assert ) {
await consoleComponent . runCommands ( [
'vault write sys/mounts/test type=kv' ,
'refresh' ,
'vault write test/filter/foo keys=a keys=b' ,
'vault write test/filter/foo1 keys=a keys=b' ,
'vault write test/filter/foo2 keys=a keys=b' ,
] ) ;
await listPage . visit ( { backend : 'test' , id : 'filter' } ) ;
assert . equal ( listPage . secrets . length , 3 , 'renders three secrets' ) ;
await listPage . filterInput ( 'filter/foo1' ) ;
assert . equal ( listPage . secrets . length , 1 , 'renders only one secret' ) ;
await listPage . secrets . objectAt ( 0 ) . click ( ) ;
await showPage . breadcrumbs . filterBy ( 'text' , 'filter' ) [ 0 ] . click ( ) ;
assert . equal ( listPage . secrets . length , 3 , 'renders three secrets' ) ;
assert . equal ( listPage . filterInputValue , 'filter/' , 'pageFilter has been reset' ) ;
} ) ;
2021-10-14 17:47:10 +00:00
// All policy tests below this line
2021-09-29 20:35:00 +00:00
test ( 'version 2 with restricted policy still allows creation and does not show metadata tab' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'dont-show-metadata-tab' ;
let secretPath = 'dont-show-metadata-tab-secret-path' ;
2019-05-22 21:07:42 +00:00
const V2 _POLICY = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2018-12-03 14:22:13 +00:00
capabilities = [ "list" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/${secretPath}" {
2018-12-03 14:22:13 +00:00
capabilities = [ "create" , "read" , "update" ]
}
2019-05-22 21:07:42 +00:00
` ;
2018-12-03 14:22:13 +00:00
await consoleComponent . runCommands ( [
2021-10-14 17:47:10 +00:00
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
2019-05-22 21:07:42 +00:00
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
2018-12-03 14:22:13 +00:00
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2018-12-03 14:22:13 +00:00
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
2021-10-14 17:47:10 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2018-12-03 14:22:13 +00:00
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
2021-09-29 20:35:00 +00:00
//check for metadata tab which should not show because you don't have read capabilities
assert . dom ( '[data-test-secret-metadata-tab]' ) . doesNotExist ( 'does not show metadata tab' ) ;
2018-12-03 14:22:13 +00:00
} ) ;
2021-10-14 17:47:10 +00:00
test ( 'version 2 with no access to data but access to metadata shows metadata tab' , async function ( assert ) {
let enginePath = 'kv-metadata-access-only' ;
let secretPath = 'kv-metadata-access-only-secret-name' ;
const V2 _POLICY = `
path "${enginePath}/metadata/*" {
capabilities = [ "read" , "update" , "list" ]
}
` ;
await consoleComponent . runCommands ( [
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
// delete any kv previously written here so that tests can be re-run
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
await settled ( ) ;
await click ( ` [data-test-auth-backend-link= ${ enginePath } ] ` ) ;
await settled ( ) ;
await click ( ` [data-test-secret-link= ${ secretPath } ] ` ) ;
await settled ( ) ;
assert . dom ( '[data-test-empty-state-title]' ) . hasText ( 'You do not have permission to read this secret.' ) ;
await editPage . metadataTab ( ) ;
await settled ( ) ;
assert . dom ( '[data-test-empty-state-title]' ) . hasText ( 'No custom metadata' ) ;
assert . dom ( '[data-test-add-custom-metadata]' ) . exists ( 'it shows link to edit metadata' ) ;
} ) ;
2021-10-12 19:42:04 +00:00
test ( 'version 2: with metadata no read or list but with delete access and full access to the data endpoint' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'no-metadata-read' ;
let secretPath = 'no-metadata-read-secret-name' ;
2021-09-29 20:35:00 +00:00
let V2 _POLICY _NO _LIST = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2021-10-12 19:42:04 +00:00
capabilities = [ "update" , "delete" ]
2018-12-03 14:22:13 +00:00
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/*" {
2021-10-12 19:42:04 +00:00
capabilities = [ "create" , "read" , "update" , "delete" ]
2018-12-03 14:22:13 +00:00
}
2019-05-22 21:07:42 +00:00
` ;
2018-12-03 14:22:13 +00:00
await consoleComponent . runCommands ( [
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2021-09-29 20:35:00 +00:00
// delete any previous mount with same name
2021-10-14 17:47:10 +00:00
` delete sys/mounts/ ${ enginePath } ` ,
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
` write sys/policies/acl/metadata-no-read policy= ${ btoa ( V2 _POLICY _NO _LIST ) } ` ,
'write -field=client_token auth/token/create policies=metadata-no-read' ,
2018-12-03 14:22:13 +00:00
] ) ;
2021-10-14 17:47:10 +00:00
2021-09-29 20:35:00 +00:00
await settled ( ) ;
let userToken2 = consoleComponent . lastLogOutput ;
await settled ( ) ;
2021-10-14 17:47:10 +00:00
await listPage . visitRoot ( { backend : enginePath } ) ;
2021-09-29 20:35:00 +00:00
await settled ( ) ;
await listPage . create ( ) ;
await settled ( ) ;
2021-10-14 17:47:10 +00:00
await editPage . createSecretWithMetadata ( secretPath , 'secret-key' , 'secret-value' , 101 ) ;
2021-09-29 20:35:00 +00:00
await settled ( ) ;
2018-12-03 14:22:13 +00:00
await logout . visit ( ) ;
2021-07-15 19:54:42 +00:00
await settled ( ) ;
2021-09-29 20:35:00 +00:00
await authPage . login ( userToken2 ) ;
await settled ( ) ;
2021-10-14 17:47:10 +00:00
// test if metadata tab there with no read access message and no ability to edit.
await click ( ` [data-test-auth-backend-link= ${ enginePath } ] ` ) ;
2021-09-29 20:35:00 +00:00
await settled ( ) ;
// this fails in IE11 on browserstack so going directly to URL
2021-10-14 17:47:10 +00:00
await visit ( ` /vault/secrets/ ${ enginePath } /show/ ${ secretPath } ` ) ;
2021-09-29 20:35:00 +00:00
await settled ( ) ;
await assert
. dom ( '[data-test-value-div="secret-key"]' )
. exists ( 'secret view page and info table row with secret-key value' ) ;
2021-10-12 19:42:04 +00:00
// check you can create new version
await click ( '[data-test-secret-edit="true"]' ) ;
await settled ( ) ;
await fillIn ( '[data-test-secret-key]' , 'version2' ) ;
await editPage . save ( ) ;
await settled ( ) ;
assert . dom ( '[data-test-row-label="version2"]' ) . exists ( 'the current version displayed is the new version' ) ;
assert
. dom ( '[data-test-popup-menu-trigger="version"]' )
. doesNotExist ( 'the version drop down menu does not show' ) ;
// check metadata tab
2021-09-29 20:35:00 +00:00
await click ( '[data-test-secret-metadata-tab]' ) ;
await settled ( ) ;
assert
. dom ( '[data-test-empty-state-message]' )
. hasText (
'In order to edit secret metadata access, the UI requires read permissions; otherwise, data may be deleted. Edits can still be made via the API and CLI.'
) ;
2021-10-12 19:42:04 +00:00
// destroy the version
await click ( '[data-test-secret-tab]' ) ;
await settled ( ) ;
await click ( '[data-test-delete-open-modal]' ) ;
await settled ( ) ;
assert . dom ( '[data-test-delete-modal="destroy-all-versions"]' ) . exists ( ) ; // we have a if Ember.testing catch in the delete action because it breaks things in testing
// we can however destroy the versions
await click ( '#destroy-all-versions' ) ;
await settled ( ) ;
await click ( '[data-test-modal-delete]' ) ;
await settled ( ) ;
2021-10-14 17:47:10 +00:00
assert . equal ( currentURL ( ) , ` /vault/secrets/ ${ enginePath } /list ` , 'brings you back to the list page' ) ;
await visit ( ` /vault/secrets/ ${ enginePath } /show/ ${ secretPath } ` ) ;
2021-10-12 19:42:04 +00:00
await settled ( ) ;
assert . dom ( '[data-test-secret-not-found]' ) . exists ( 'secret no longer found' ) ;
2018-12-03 14:22:13 +00:00
} ) ;
2019-03-01 16:08:30 +00:00
2021-09-29 20:35:00 +00:00
// KV delete operations testing
2021-05-19 16:43:55 +00:00
test ( 'version 2 with policy with destroy capabilities shows modal' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'kv-v2-destroy-capabilities' ;
let secretPath = 'kv-v2-destroy-capabilities-secret-path' ;
2021-05-19 16:43:55 +00:00
const V2 _POLICY = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/destroy/*" {
2021-05-19 16:43:55 +00:00
capabilities = [ "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2021-05-19 16:43:55 +00:00
capabilities = [ "list" , "update" , "delete" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/${secretPath}" {
2021-05-19 16:43:55 +00:00
capabilities = [ "create" , "read" , "update" ]
}
` ;
await consoleComponent . runCommands ( [
2021-10-14 17:47:10 +00:00
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
2021-05-19 16:43:55 +00:00
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2021-05-19 16:43:55 +00:00
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
2021-10-14 17:47:10 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2021-05-19 16:43:55 +00:00
await click ( '[data-test-delete-open-modal]' ) ;
await settled ( ) ;
assert . dom ( '[data-test-delete-modal="destroy-version"]' ) . exists ( 'destroy this version option shows' ) ;
assert . dom ( '[data-test-delete-modal="destroy-all-versions"]' ) . exists ( 'destroy all versions option shows' ) ;
assert . dom ( '[data-test-delete-modal="delete-version"]' ) . doesNotExist ( 'delete version does not show' ) ;
} ) ;
test ( 'version 2 with policy with only delete option does not show modal and undelete is an option' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'kv-v2-only-delete' ;
let secretPath = 'kv-v2-only-delete-secret-path' ;
2021-05-19 16:43:55 +00:00
const V2 _POLICY = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/delete/*" {
2021-05-19 16:43:55 +00:00
capabilities = [ "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/undelete/*" {
2021-05-19 16:43:55 +00:00
capabilities = [ "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2021-05-19 16:43:55 +00:00
capabilities = [ "list" , "read" , "create" , "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/${secretPath}" {
2021-05-19 16:43:55 +00:00
capabilities = [ "create" , "read" ]
}
` ;
await consoleComponent . runCommands ( [
2021-10-14 17:47:10 +00:00
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
2021-05-19 16:43:55 +00:00
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2021-05-19 16:43:55 +00:00
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
2021-10-14 17:47:10 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2021-05-19 16:43:55 +00:00
assert . dom ( '[data-test-delete-open-modal]' ) . doesNotExist ( 'delete version does not show' ) ;
assert . dom ( '[data-test-secret-v2-delete="true"]' ) . exists ( 'drop down delete shows' ) ;
await showPage . deleteSecretV2 ( ) ;
// unable to reload page in test scenario so going to list and back to secret to confirm deletion
2021-10-14 17:47:10 +00:00
let url = ` /vault/secrets/ ${ enginePath } /list ` ;
2021-05-19 16:43:55 +00:00
await visit ( url ) ;
2021-10-14 17:47:10 +00:00
await settled ( ) ;
await click ( ` [data-test-secret-link= ${ secretPath } ] ` ) ;
2021-05-19 16:43:55 +00:00
assert . dom ( '[data-test-component="empty-state"]' ) . exists ( 'secret has been deleted' ) ;
assert . dom ( '[data-test-secret-undelete]' ) . exists ( 'undelete button shows' ) ;
} ) ;
2021-09-14 18:30:01 +00:00
test ( 'version 2 with path forward slash will show delete button' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'kv-v2-forward-slash' ;
let secretPath = 'forward/slash' ;
2021-09-14 18:30:01 +00:00
const V2 _POLICY = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/delete/${secretPath}" {
2021-09-14 18:30:01 +00:00
capabilities = [ "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2021-09-14 18:30:01 +00:00
capabilities = [ "list" , "read" , "create" , "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/${secretPath}" {
2021-09-14 18:30:01 +00:00
capabilities = [ "create" , "read" ]
}
` ;
await consoleComponent . runCommands ( [
2021-10-14 17:47:10 +00:00
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
2021-09-14 18:30:01 +00:00
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2021-09-14 18:30:01 +00:00
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
2021-10-14 17:47:10 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2021-09-14 18:30:01 +00:00
assert . dom ( '[data-test-secret-v2-delete="true"]' ) . exists ( 'drop down delete shows' ) ;
} ) ;
test ( 'version 2 with engine with forward slash will show delete button' , async function ( assert ) {
2021-10-14 17:47:10 +00:00
let enginePath = 'forward/slash' ;
let secretPath = 'secret-name' ;
2021-09-14 18:30:01 +00:00
const V2 _POLICY = `
2021-10-14 17:47:10 +00:00
path "${enginePath}/delete/${secretPath}" {
2021-09-14 18:30:01 +00:00
capabilities = [ "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/metadata/*" {
2021-09-14 18:30:01 +00:00
capabilities = [ "list" , "read" , "create" , "update" ]
}
2021-10-14 17:47:10 +00:00
path "${enginePath}/data/*" {
2021-09-14 18:30:01 +00:00
capabilities = [ "create" , "read" ]
}
` ;
await consoleComponent . runCommands ( [
2021-10-14 17:47:10 +00:00
` write sys/mounts/ ${ enginePath } type=kv options=version=2 ` ,
2021-09-14 18:30:01 +00:00
` write sys/policies/acl/kv-v2-degrade policy= ${ btoa ( V2 _POLICY ) } ` ,
// delete any kv previously written here so that tests can be re-run
2021-10-14 17:47:10 +00:00
` delete ${ enginePath } /metadata/ ${ secretPath } ` ,
2021-09-14 18:30:01 +00:00
'write -field=client_token auth/token/create policies=kv-v2-degrade' ,
] ) ;
let userToken = consoleComponent . lastLogOutput ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
2021-10-14 17:47:10 +00:00
await writeSecret ( enginePath , secretPath , 'foo' , 'bar' ) ;
2021-09-14 18:30:01 +00:00
assert . dom ( '[data-test-secret-v2-delete="true"]' ) . exists ( 'drop down delete shows' ) ;
} ) ;
2021-09-29 20:35:00 +00:00
// end of KV delete operation testing
2019-04-16 20:27:23 +00:00
let setupNoRead = async function ( backend , canReadMeta = false ) {
2019-05-22 21:07:42 +00:00
const V2 _WRITE _ONLY _POLICY = `
2019-04-16 20:27:23 +00:00
path "${backend}/+/+" {
capabilities = [ "create" , "update" , "list" ]
}
path "${backend}/+" {
capabilities = [ "list" ]
}
2019-05-22 21:07:42 +00:00
` ;
2019-04-16 20:27:23 +00:00
2019-05-22 21:07:42 +00:00
const V2 _WRITE _WITH _META _READ _POLICY = `
2019-04-16 20:27:23 +00:00
path "${backend}/+/+" {
capabilities = [ "create" , "update" , "list" ]
}
path "${backend}/metadata/+" {
capabilities = [ "read" ]
}
path "${backend}/+" {
capabilities = [ "list" ]
}
2019-05-22 21:07:42 +00:00
` ;
const V1 _WRITE _ONLY _POLICY = `
2019-04-16 20:27:23 +00:00
path "${backend}/+" {
capabilities = [ "create" , "update" , "list" ]
}
2019-05-22 21:07:42 +00:00
` ;
2019-04-16 20:27:23 +00:00
let policy ;
if ( backend === 'kv-v2' && canReadMeta ) {
policy = V2 _WRITE _WITH _META _READ _POLICY ;
} else if ( backend === 'kv-v2' ) {
policy = V2 _WRITE _ONLY _POLICY ;
} else if ( backend === 'kv-v1' ) {
policy = V1 _WRITE _ONLY _POLICY ;
}
await consoleComponent . runCommands ( [
// disable any kv previously enabled kv
` delete sys/mounts/ ${ backend } ` ,
` write sys/mounts/ ${ backend } type=kv options=version= ${ backend === 'kv-v2' ? 2 : 1 } ` ,
2019-05-22 21:07:42 +00:00
` write sys/policies/acl/ ${ backend } policy= ${ btoa ( policy ) } ` ,
2019-04-16 20:27:23 +00:00
` write -field=client_token auth/token/create policies= ${ backend } ` ,
] ) ;
return consoleComponent . lastLogOutput ;
} ;
test ( 'write without read: version 2' , async function ( assert ) {
let backend = 'kv-v2' ;
let userToken = await setupNoRead ( backend ) ;
await writeSecret ( backend , 'secret' , 'foo' , 'bar' ) ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
await showPage . visit ( { backend , id : 'secret' } ) ;
assert . ok ( showPage . noReadIsPresent , 'shows no read empty state' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
await editPage . visitEdit ( { backend , id : 'secret' } ) ;
assert . notOk ( editPage . hasMetadataFields , 'hides the metadata form' ) ;
await editPage . editSecret ( 'bar' , 'baz' ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
} ) ;
test ( 'write without read: version 2 with metadata read' , async function ( assert ) {
let backend = 'kv-v2' ;
let userToken = await setupNoRead ( backend , true ) ;
await writeSecret ( backend , 'secret' , 'foo' , 'bar' ) ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
await showPage . visit ( { backend , id : 'secret' } ) ;
assert . ok ( showPage . noReadIsPresent , 'shows no read empty state' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
await editPage . visitEdit ( { backend , id : 'secret' } ) ;
2021-09-03 17:08:26 +00:00
assert
. dom ( '[data-test-warning-no-read-permissions]' )
. exists ( 'shows custom warning instead of default API warning about permissions' ) ;
2019-04-16 20:27:23 +00:00
await editPage . editSecret ( 'bar' , 'baz' ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
} ) ;
test ( 'write without read: version 1' , async function ( assert ) {
let backend = 'kv-v1' ;
let userToken = await setupNoRead ( backend ) ;
await writeSecret ( backend , 'secret' , 'foo' , 'bar' ) ;
await logout . visit ( ) ;
await authPage . login ( userToken ) ;
await showPage . visit ( { backend , id : 'secret' } ) ;
assert . ok ( showPage . noReadIsPresent , 'shows no read empty state' ) ;
assert . ok ( showPage . editIsPresent , 'shows the edit button' ) ;
await editPage . visitEdit ( { backend , id : 'secret' } ) ;
await editPage . editSecret ( 'bar' , 'baz' ) ;
assert . equal ( currentRouteName ( ) , 'vault.cluster.secrets.backend.show' , 'redirects to the show page' ) ;
} ) ;
2018-06-25 20:30:11 +00:00
} ) ;