2018-04-03 14:16:57 +00:00
import Ember from 'ember' ;
import DS from 'ember-data' ;
import { fragment } from 'ember-data-model-fragments/attributes' ;
import { queryRecord } from 'ember-computed-query' ;
import fieldToAttrs , { expandAttributeMeta } from 'vault/utils/field-to-attrs' ;
import { memberAction } from 'ember-api-actions' ;
2018-08-16 17:48:24 +00:00
import lazyCapabilities , { apiPath } from 'vault/macros/lazy-capabilities' ;
2018-04-03 14:16:57 +00:00
const { attr , hasMany } = DS ;
const { computed } = Ember ;
const configPath = function configPath ( strings , key ) {
return function ( ... values ) {
return ` ${ strings [ 0 ] } ${ values [ key ] } ${ strings [ 1 ] } ` ;
} ;
} ;
export default DS . Model . extend ( {
authConfigs : hasMany ( 'auth-config' , { polymorphic : true , inverse : 'backend' , async : false } ) ,
2018-08-28 05:03:55 +00:00
path : attr ( 'string' ) ,
2018-04-03 14:16:57 +00:00
accessor : attr ( 'string' ) ,
name : attr ( 'string' ) ,
2018-08-28 05:03:55 +00:00
type : attr ( 'string' ) ,
2018-08-16 17:48:24 +00:00
// namespaces introduced types with a `ns_` prefix for built-in engines
// so we need to strip that to normalize the type
methodType : computed ( 'type' , function ( ) {
return this . get ( 'type' ) . replace ( /^ns_/ , '' ) ;
} ) ,
2018-04-03 14:16:57 +00:00
description : attr ( 'string' , {
editType : 'textarea' ,
} ) ,
config : fragment ( 'mount-config' , { defaultValue : { } } ) ,
2018-08-28 05:03:55 +00:00
local : attr ( 'boolean' , {
helpText :
'When replication is enabled, a local mount will not be replicated across clusters. This can only be specified at mount time.' ,
} ) ,
sealWrap : attr ( 'boolean' , {
helpText :
'When enabled - if a seal supporting seal wrapping is specified in the configuration, all critical security parameters (CSPs) in this backend will be seal wrapped. (For K/V mounts, all values will be seal wrapped.) This can only be specified at mount time.' ,
} ) ,
2018-04-03 14:16:57 +00:00
// used when the `auth` prefix is important,
// currently only when setting perf mount filtering
apiPath : computed ( 'path' , function ( ) {
return ` auth/ ${ this . get ( 'path' ) } ` ;
} ) ,
localDisplay : computed ( 'local' , function ( ) {
return this . get ( 'local' ) ? 'local' : 'replicated' ;
} ) ,
tuneAttrs : computed ( function ( ) {
2018-07-05 18:28:12 +00:00
return expandAttributeMeta ( this , [
'description' ,
'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}' ,
] ) ;
2018-04-03 14:16:57 +00:00
} ) ,
//sys/mounts/auth/[auth-path]/tune.
tune : memberAction ( {
path : 'tune' ,
type : 'post' ,
urlType : 'updateRecord' ,
} ) ,
formFields : [
'type' ,
'path' ,
'description' ,
'accessor' ,
'local' ,
'sealWrap' ,
2018-07-05 18:28:12 +00:00
'config.{listingVisibility,defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}' ,
2018-04-03 14:16:57 +00:00
] ,
formFieldGroups : [
2018-08-28 05:03:55 +00:00
{ default : [ 'path' ] } ,
2018-07-05 18:28:12 +00:00
{
'Method Options' : [
'description' ,
'config.listingVisibility' ,
'local' ,
'sealWrap' ,
'config.{defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}' ,
] ,
} ,
2018-04-03 14:16:57 +00:00
] ,
attrs : computed ( 'formFields' , function ( ) {
return expandAttributeMeta ( this , this . get ( 'formFields' ) ) ;
} ) ,
fieldGroups : computed ( 'formFieldGroups' , function ( ) {
return fieldToAttrs ( this , this . get ( 'formFieldGroups' ) ) ;
} ) ,
configPathTmpl : computed ( 'type' , function ( ) {
const type = this . get ( 'type' ) ;
if ( type === 'aws' ) {
return configPath ` auth/ ${ 0 } /config/client ` ;
} else {
return configPath ` auth/ ${ 0 } /config ` ;
}
} ) ,
configPath : queryRecord (
'capabilities' ,
context => {
const { id , configPathTmpl } = context . getProperties ( 'id' , 'configPathTmpl' ) ;
return {
id : configPathTmpl ( id ) ,
} ;
} ,
'id' ,
'configPathTmpl'
) ,
2018-08-16 17:48:24 +00:00
deletePath : lazyCapabilities ( apiPath ` sys/auth/ ${ 'id' } ` , 'id' ) ,
canDisable : computed . alias ( 'deletePath.canDelete' ) ,
2018-04-03 14:16:57 +00:00
canEdit : computed . alias ( 'configPath.canUpdate' ) ,
} ) ;