2018-09-25 16:28:26 +00:00
|
|
|
import { set } from '@ember/object';
|
2019-04-16 20:27:23 +00:00
|
|
|
import { resolve } from 'rsvp';
|
2019-02-14 18:52:34 +00:00
|
|
|
import { inject as service } from '@ember/service';
|
|
|
|
|
import DS from 'ember-data';
|
2018-09-25 16:28:26 +00:00
|
|
|
import Route from '@ember/routing/route';
|
2018-04-03 14:16:57 +00:00
|
|
|
import utils from 'vault/lib/key-utils';
|
|
|
|
|
import UnloadModelRoute from 'vault/mixins/unload-model-route';
|
2019-03-01 16:08:30 +00:00
|
|
|
import { encodePath, normalizePath } from 'vault/utils/path-encoding-helpers';
|
2018-04-03 14:16:57 +00:00
|
|
|
|
2018-09-25 16:28:26 +00:00
|
|
|
export default Route.extend(UnloadModelRoute, {
|
2019-02-14 18:52:34 +00:00
|
|
|
pathHelp: service('path-help'),
|
2019-03-01 16:08:30 +00:00
|
|
|
secretParam() {
|
|
|
|
|
let { secret } = this.paramsFor(this.routeName);
|
|
|
|
|
return secret ? normalizePath(secret) : '';
|
|
|
|
|
},
|
|
|
|
|
enginePathParam() {
|
|
|
|
|
let { backend } = this.paramsFor('vault.cluster.secrets.backend');
|
|
|
|
|
return backend;
|
|
|
|
|
},
|
2018-04-03 14:16:57 +00:00
|
|
|
capabilities(secret) {
|
2019-03-01 16:08:30 +00:00
|
|
|
const backend = this.enginePathParam();
|
2018-04-24 21:30:44 +00:00
|
|
|
let backendModel = this.modelFor('vault.cluster.secrets.backend');
|
2019-04-16 20:27:23 +00:00
|
|
|
let backendType = backendModel.engineType;
|
2018-04-03 14:16:57 +00:00
|
|
|
let path;
|
2019-04-16 20:27:23 +00:00
|
|
|
if (backendModel.isV2KV) {
|
|
|
|
|
path = `${backend}/data/${secret}`;
|
|
|
|
|
} else if (backendType === 'transit') {
|
2018-04-03 14:16:57 +00:00
|
|
|
path = backend + '/keys/' + secret;
|
2018-04-16 22:18:46 +00:00
|
|
|
} else if (backendType === 'ssh' || backendType === 'aws') {
|
2018-04-03 14:16:57 +00:00
|
|
|
path = backend + '/roles/' + secret;
|
2018-10-17 04:23:29 +00:00
|
|
|
} else {
|
|
|
|
|
path = backend + '/' + secret;
|
2018-04-03 14:16:57 +00:00
|
|
|
}
|
|
|
|
|
return this.store.findRecord('capabilities', path);
|
|
|
|
|
},
|
|
|
|
|
|
2018-04-24 21:30:44 +00:00
|
|
|
backendType() {
|
2018-08-16 17:48:24 +00:00
|
|
|
return this.modelFor('vault.cluster.secrets.backend').get('engineType');
|
2018-04-03 14:16:57 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
templateName: 'vault/cluster/secrets/backend/secretEditLayout',
|
|
|
|
|
|
|
|
|
|
beforeModel() {
|
2019-03-01 16:08:30 +00:00
|
|
|
let secret = this.secretParam();
|
2019-02-14 18:52:34 +00:00
|
|
|
return this.buildModel(secret).then(() => {
|
|
|
|
|
const parentKey = utils.parentKeyForKey(secret);
|
|
|
|
|
const mode = this.routeName.split('.').pop();
|
|
|
|
|
if (mode === 'edit' && utils.keyIsFolder(secret)) {
|
|
|
|
|
if (parentKey) {
|
2019-03-01 16:08:30 +00:00
|
|
|
return this.transitionTo('vault.cluster.secrets.backend.list', encodePath(parentKey));
|
2019-02-14 18:52:34 +00:00
|
|
|
} else {
|
|
|
|
|
return this.transitionTo('vault.cluster.secrets.backend.list-root');
|
|
|
|
|
}
|
2018-04-03 14:16:57 +00:00
|
|
|
}
|
2019-02-14 18:52:34 +00:00
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
buildModel(secret) {
|
2019-03-01 16:08:30 +00:00
|
|
|
const backend = this.enginePathParam();
|
|
|
|
|
|
2019-02-14 18:52:34 +00:00
|
|
|
let modelType = this.modelType(backend, secret);
|
|
|
|
|
if (['secret', 'secret-v2'].includes(modelType)) {
|
|
|
|
|
return resolve();
|
2018-04-03 14:16:57 +00:00
|
|
|
}
|
2019-06-21 15:18:26 +00:00
|
|
|
return this.pathHelp.getNewModel(modelType, backend);
|
2018-04-03 14:16:57 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
modelType(backend, secret) {
|
2018-06-14 04:06:19 +00:00
|
|
|
let backendModel = this.modelFor('vault.cluster.secrets.backend', backend);
|
2018-08-16 17:48:24 +00:00
|
|
|
let type = backendModel.get('engineType');
|
2018-04-20 02:26:25 +00:00
|
|
|
let types = {
|
2018-04-03 14:16:57 +00:00
|
|
|
transit: 'transit-key',
|
|
|
|
|
ssh: 'role-ssh',
|
2020-08-28 20:38:00 +00:00
|
|
|
transform: secret && secret.startsWith('role/') ? 'transform/role' : 'transform', // CBS TODO: switch out better
|
2018-04-03 14:16:57 +00:00
|
|
|
aws: 'role-aws',
|
|
|
|
|
pki: secret && secret.startsWith('cert/') ? 'pki-certificate' : 'role-pki',
|
2018-06-28 20:54:02 +00:00
|
|
|
cubbyhole: 'secret',
|
2018-06-14 04:06:19 +00:00
|
|
|
kv: backendModel.get('modelTypeForKV'),
|
|
|
|
|
generic: backendModel.get('modelTypeForKV'),
|
2018-04-03 14:16:57 +00:00
|
|
|
};
|
2018-06-14 04:06:19 +00:00
|
|
|
return types[type];
|
2018-04-03 14:16:57 +00:00
|
|
|
},
|
|
|
|
|
|
2019-04-16 20:27:23 +00:00
|
|
|
getTargetVersion(currentVersion, paramsVersion) {
|
|
|
|
|
if (currentVersion) {
|
|
|
|
|
// we have the secret metadata, so we can read the currentVersion but give priority to any
|
|
|
|
|
// version passed in via the url
|
|
|
|
|
return parseInt(paramsVersion || currentVersion, 10);
|
|
|
|
|
} else {
|
|
|
|
|
// we've got a stub model because don't have read access on the metadata endpoint
|
|
|
|
|
return paramsVersion ? parseInt(paramsVersion, 10) : null;
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async fetchV2Models(capabilities, secretModel, params) {
|
2019-03-01 16:08:30 +00:00
|
|
|
let backend = this.enginePathParam();
|
2018-12-03 14:22:13 +00:00
|
|
|
let backendModel = this.modelFor('vault.cluster.secrets.backend', backend);
|
2019-04-16 20:27:23 +00:00
|
|
|
let targetVersion = this.getTargetVersion(secretModel.currentVersion, params.version);
|
|
|
|
|
|
|
|
|
|
// if we have the metadata, a list of versions are part of the payload
|
|
|
|
|
let version = secretModel.versions && secretModel.versions.findBy('version', targetVersion);
|
|
|
|
|
// if it didn't fail the server read, and the version is not attached to the metadata,
|
|
|
|
|
// this should 404
|
|
|
|
|
if (!version && secretModel.failedServerRead !== true) {
|
|
|
|
|
let error = new DS.AdapterError();
|
|
|
|
|
set(error, 'httpStatus', 404);
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
// manually set the related model
|
|
|
|
|
secretModel.set('engine', backendModel);
|
|
|
|
|
|
|
|
|
|
secretModel.set(
|
|
|
|
|
'selectedVersion',
|
|
|
|
|
await this.fetchV2VersionModel(capabilities, secretModel, version, targetVersion)
|
|
|
|
|
);
|
|
|
|
|
return secretModel;
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async fetchV2VersionModel(capabilities, secretModel, version, targetVersion) {
|
|
|
|
|
let secret = this.secretParam();
|
|
|
|
|
let backend = this.enginePathParam();
|
|
|
|
|
|
|
|
|
|
// v2 versions have a composite ID, we generated one here if we need to manually set it
|
|
|
|
|
// after a failed fetch later;
|
|
|
|
|
let versionId = targetVersion ? [backend, secret, targetVersion] : [backend, secret];
|
|
|
|
|
|
|
|
|
|
let versionModel;
|
|
|
|
|
try {
|
|
|
|
|
if (secretModel.failedServerRead) {
|
|
|
|
|
// we couldn't read metadata, so we want to directly fetch the version
|
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version
* update ember, ember-cli, ember-data, ember-data-model-fragments
* use router handlers to access transition information
* fix shadowing of component helper
* update ivy-codemirror, ember-cli-inject-live-reload
* remove custom router service
* don't use transition.queryParams
* update ember-cli-deprecation-workflow
* refactor kv v1 to use 'path' instead of 'id' on creation
* fix auth-jwt-test and toolbar-link-test
* update ember composable helpers
* remove Ember.copy from test file
* no more deprecations in the workflow
* fix more secret tests
* fix remaining failed tests
* move select component to core because it's used by ttl-picker
* generate new model class for each test instead of reusing an existing one
* fix selectors on kmip tests
* refactor how control groups construct urls from the new transition objects
* add router service override back in, and have it be evented so that we can trigger router events on it
* move stories and markdown files to core if the component lives in core
* update ember-cli, ember-cli-babel, ember-auto-import
* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev
* update linting rules
* fix test selectors
* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown
* remove test-results dir
* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action
* fix linting
* run yarn install without restoring from cache
* refactor how tests are run and handle the vault server subprocess
* update makefile for new test task names
* update circle config to use the new yarn task
* fix writing the seal keys when starting the dev server
* remove optional deps from the lockfile
* don't ignore-optional on yarn install
* remove errant console.log
* update ember-basic-dropdown-hover, jsonlint, yargs-parser
* update ember-cli-flash
* add back optionalDeps
* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2
* update storybook to the latest release
* add a babel config with targets so that the ember babel plugin works properly
* update ember-resolver, move ember-cli-storybook to devDependencies
* revert normalize.css upgrade
* silence fetchadapter warning for now
* exclude 3rd party array helper now that ember includes one
* fix switch and entity lookup styling
* only add -root suffix if it's not in versions mode
* make sure drop always has an array on the aws role form
* fix labels like we did with the backport
* update eslintignore
* update the yarn version in the docker build file
* update eslint ignore
2019-08-19 20:45:39 +00:00
|
|
|
|
|
|
|
|
versionModel =
|
|
|
|
|
this.store.peekRecord('secret-v2-version', JSON.stringify(versionId)) ||
|
|
|
|
|
(await this.store.findRecord('secret-v2-version', JSON.stringify(versionId), {
|
|
|
|
|
reload: true,
|
|
|
|
|
}));
|
2019-04-16 20:27:23 +00:00
|
|
|
} else {
|
|
|
|
|
// we may have previously errored, so roll it back here
|
|
|
|
|
version.rollbackAttributes();
|
|
|
|
|
// if metadata read was successful, the version we have is only a partial model
|
|
|
|
|
// trigger reload to fetch the whole version model
|
|
|
|
|
versionModel = await version.reload();
|
|
|
|
|
}
|
|
|
|
|
} catch (error) {
|
|
|
|
|
// cannot read the version data, but can write according to capabilities-self endpoint
|
|
|
|
|
if (error.httpStatus === 403 && capabilities.get('canUpdate')) {
|
|
|
|
|
// versionModel is then a partial model from the metadata (if we have read there), or
|
|
|
|
|
// we need to create one on the client
|
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version
* update ember, ember-cli, ember-data, ember-data-model-fragments
* use router handlers to access transition information
* fix shadowing of component helper
* update ivy-codemirror, ember-cli-inject-live-reload
* remove custom router service
* don't use transition.queryParams
* update ember-cli-deprecation-workflow
* refactor kv v1 to use 'path' instead of 'id' on creation
* fix auth-jwt-test and toolbar-link-test
* update ember composable helpers
* remove Ember.copy from test file
* no more deprecations in the workflow
* fix more secret tests
* fix remaining failed tests
* move select component to core because it's used by ttl-picker
* generate new model class for each test instead of reusing an existing one
* fix selectors on kmip tests
* refactor how control groups construct urls from the new transition objects
* add router service override back in, and have it be evented so that we can trigger router events on it
* move stories and markdown files to core if the component lives in core
* update ember-cli, ember-cli-babel, ember-auto-import
* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev
* update linting rules
* fix test selectors
* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown
* remove test-results dir
* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action
* fix linting
* run yarn install without restoring from cache
* refactor how tests are run and handle the vault server subprocess
* update makefile for new test task names
* update circle config to use the new yarn task
* fix writing the seal keys when starting the dev server
* remove optional deps from the lockfile
* don't ignore-optional on yarn install
* remove errant console.log
* update ember-basic-dropdown-hover, jsonlint, yargs-parser
* update ember-cli-flash
* add back optionalDeps
* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2
* update storybook to the latest release
* add a babel config with targets so that the ember babel plugin works properly
* update ember-resolver, move ember-cli-storybook to devDependencies
* revert normalize.css upgrade
* silence fetchadapter warning for now
* exclude 3rd party array helper now that ember includes one
* fix switch and entity lookup styling
* only add -root suffix if it's not in versions mode
* make sure drop always has an array on the aws role form
* fix labels like we did with the backport
* update eslintignore
* update the yarn version in the docker build file
* update eslint ignore
2019-08-19 20:45:39 +00:00
|
|
|
if (version) {
|
|
|
|
|
version.set('failedServerRead', true);
|
|
|
|
|
versionModel = version;
|
|
|
|
|
} else {
|
|
|
|
|
this.store.push({
|
|
|
|
|
data: {
|
|
|
|
|
type: 'secret-v2-version',
|
|
|
|
|
id: JSON.stringify(versionId),
|
|
|
|
|
attributes: {
|
|
|
|
|
failedServerRead: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
versionModel = this.store.peekRecord('secret-v2-version', JSON.stringify(versionId));
|
2019-04-16 20:27:23 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return versionModel;
|
|
|
|
|
},
|
|
|
|
|
|
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version
* update ember, ember-cli, ember-data, ember-data-model-fragments
* use router handlers to access transition information
* fix shadowing of component helper
* update ivy-codemirror, ember-cli-inject-live-reload
* remove custom router service
* don't use transition.queryParams
* update ember-cli-deprecation-workflow
* refactor kv v1 to use 'path' instead of 'id' on creation
* fix auth-jwt-test and toolbar-link-test
* update ember composable helpers
* remove Ember.copy from test file
* no more deprecations in the workflow
* fix more secret tests
* fix remaining failed tests
* move select component to core because it's used by ttl-picker
* generate new model class for each test instead of reusing an existing one
* fix selectors on kmip tests
* refactor how control groups construct urls from the new transition objects
* add router service override back in, and have it be evented so that we can trigger router events on it
* move stories and markdown files to core if the component lives in core
* update ember-cli, ember-cli-babel, ember-auto-import
* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev
* update linting rules
* fix test selectors
* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown
* remove test-results dir
* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action
* fix linting
* run yarn install without restoring from cache
* refactor how tests are run and handle the vault server subprocess
* update makefile for new test task names
* update circle config to use the new yarn task
* fix writing the seal keys when starting the dev server
* remove optional deps from the lockfile
* don't ignore-optional on yarn install
* remove errant console.log
* update ember-basic-dropdown-hover, jsonlint, yargs-parser
* update ember-cli-flash
* add back optionalDeps
* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2
* update storybook to the latest release
* add a babel config with targets so that the ember babel plugin works properly
* update ember-resolver, move ember-cli-storybook to devDependencies
* revert normalize.css upgrade
* silence fetchadapter warning for now
* exclude 3rd party array helper now that ember includes one
* fix switch and entity lookup styling
* only add -root suffix if it's not in versions mode
* make sure drop always has an array on the aws role form
* fix labels like we did with the backport
* update eslintignore
* update the yarn version in the docker build file
* update eslint ignore
2019-08-19 20:45:39 +00:00
|
|
|
handleSecretModelError(capabilities, secretId, modelType, error) {
|
2019-04-16 20:27:23 +00:00
|
|
|
// can't read the path and don't have update capability, so re-throw
|
|
|
|
|
if (!capabilities.get('canUpdate') && modelType === 'secret') {
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
// don't have access to the metadata for v2 or the secret for v1,
|
|
|
|
|
// so we make a stub model and mark it as `failedServerRead`
|
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version
* update ember, ember-cli, ember-data, ember-data-model-fragments
* use router handlers to access transition information
* fix shadowing of component helper
* update ivy-codemirror, ember-cli-inject-live-reload
* remove custom router service
* don't use transition.queryParams
* update ember-cli-deprecation-workflow
* refactor kv v1 to use 'path' instead of 'id' on creation
* fix auth-jwt-test and toolbar-link-test
* update ember composable helpers
* remove Ember.copy from test file
* no more deprecations in the workflow
* fix more secret tests
* fix remaining failed tests
* move select component to core because it's used by ttl-picker
* generate new model class for each test instead of reusing an existing one
* fix selectors on kmip tests
* refactor how control groups construct urls from the new transition objects
* add router service override back in, and have it be evented so that we can trigger router events on it
* move stories and markdown files to core if the component lives in core
* update ember-cli, ember-cli-babel, ember-auto-import
* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev
* update linting rules
* fix test selectors
* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown
* remove test-results dir
* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action
* fix linting
* run yarn install without restoring from cache
* refactor how tests are run and handle the vault server subprocess
* update makefile for new test task names
* update circle config to use the new yarn task
* fix writing the seal keys when starting the dev server
* remove optional deps from the lockfile
* don't ignore-optional on yarn install
* remove errant console.log
* update ember-basic-dropdown-hover, jsonlint, yargs-parser
* update ember-cli-flash
* add back optionalDeps
* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2
* update storybook to the latest release
* add a babel config with targets so that the ember babel plugin works properly
* update ember-resolver, move ember-cli-storybook to devDependencies
* revert normalize.css upgrade
* silence fetchadapter warning for now
* exclude 3rd party array helper now that ember includes one
* fix switch and entity lookup styling
* only add -root suffix if it's not in versions mode
* make sure drop always has an array on the aws role form
* fix labels like we did with the backport
* update eslintignore
* update the yarn version in the docker build file
* update eslint ignore
2019-08-19 20:45:39 +00:00
|
|
|
this.store.push({
|
|
|
|
|
data: {
|
|
|
|
|
id: secretId,
|
|
|
|
|
type: modelType,
|
|
|
|
|
attributes: {
|
|
|
|
|
failedServerRead: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
2019-04-16 20:27:23 +00:00
|
|
|
});
|
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version
* update ember, ember-cli, ember-data, ember-data-model-fragments
* use router handlers to access transition information
* fix shadowing of component helper
* update ivy-codemirror, ember-cli-inject-live-reload
* remove custom router service
* don't use transition.queryParams
* update ember-cli-deprecation-workflow
* refactor kv v1 to use 'path' instead of 'id' on creation
* fix auth-jwt-test and toolbar-link-test
* update ember composable helpers
* remove Ember.copy from test file
* no more deprecations in the workflow
* fix more secret tests
* fix remaining failed tests
* move select component to core because it's used by ttl-picker
* generate new model class for each test instead of reusing an existing one
* fix selectors on kmip tests
* refactor how control groups construct urls from the new transition objects
* add router service override back in, and have it be evented so that we can trigger router events on it
* move stories and markdown files to core if the component lives in core
* update ember-cli, ember-cli-babel, ember-auto-import
* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev
* update linting rules
* fix test selectors
* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown
* remove test-results dir
* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action
* fix linting
* run yarn install without restoring from cache
* refactor how tests are run and handle the vault server subprocess
* update makefile for new test task names
* update circle config to use the new yarn task
* fix writing the seal keys when starting the dev server
* remove optional deps from the lockfile
* don't ignore-optional on yarn install
* remove errant console.log
* update ember-basic-dropdown-hover, jsonlint, yargs-parser
* update ember-cli-flash
* add back optionalDeps
* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2
* update storybook to the latest release
* add a babel config with targets so that the ember babel plugin works properly
* update ember-resolver, move ember-cli-storybook to devDependencies
* revert normalize.css upgrade
* silence fetchadapter warning for now
* exclude 3rd party array helper now that ember includes one
* fix switch and entity lookup styling
* only add -root suffix if it's not in versions mode
* make sure drop always has an array on the aws role form
* fix labels like we did with the backport
* update eslintignore
* update the yarn version in the docker build file
* update eslint ignore
2019-08-19 20:45:39 +00:00
|
|
|
let secretModel = this.store.peekRecord(modelType, secretId);
|
2019-04-16 20:27:23 +00:00
|
|
|
return secretModel;
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async model(params) {
|
|
|
|
|
let secret = this.secretParam();
|
|
|
|
|
let backend = this.enginePathParam();
|
2019-03-01 16:08:30 +00:00
|
|
|
let modelType = this.modelType(backend, secret);
|
2018-04-03 14:16:57 +00:00
|
|
|
if (!secret) {
|
|
|
|
|
secret = '\u0020';
|
|
|
|
|
}
|
|
|
|
|
if (modelType === 'pki-certificate') {
|
|
|
|
|
secret = secret.replace('cert/', '');
|
|
|
|
|
}
|
2020-08-28 20:38:00 +00:00
|
|
|
if (modelType.startsWith('transform/')) {
|
|
|
|
|
// CBS TODO: we'll have more things to replace than just role/
|
|
|
|
|
secret = secret.replace('role/', '');
|
|
|
|
|
}
|
2019-04-16 20:27:23 +00:00
|
|
|
let secretModel;
|
|
|
|
|
|
|
|
|
|
let capabilities = this.capabilities(secret);
|
|
|
|
|
try {
|
|
|
|
|
secretModel = await this.store.queryRecord(modelType, { id: secret, backend });
|
|
|
|
|
} catch (err) {
|
|
|
|
|
// we've failed the read request, but if it's a kv-type backend, we want to
|
|
|
|
|
// do additional checks of the capabilities
|
|
|
|
|
if (err.httpStatus === 403 && (modelType === 'secret-v2' || modelType === 'secret')) {
|
|
|
|
|
await capabilities;
|
|
|
|
|
secretModel = this.handleSecretModelError(capabilities, secret, modelType, err);
|
|
|
|
|
} else {
|
|
|
|
|
throw err;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
await capabilities;
|
|
|
|
|
if (modelType === 'secret-v2') {
|
|
|
|
|
// after the the base model fetch, kv-v2 has a second associated
|
|
|
|
|
// version model that contains the secret data
|
|
|
|
|
secretModel = await this.fetchV2Models(capabilities, secretModel, params);
|
|
|
|
|
}
|
|
|
|
|
return {
|
|
|
|
|
secret: secretModel,
|
|
|
|
|
capabilities,
|
|
|
|
|
};
|
2018-04-03 14:16:57 +00:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
setupController(controller, model) {
|
|
|
|
|
this._super(...arguments);
|
2019-03-01 16:08:30 +00:00
|
|
|
let secret = this.secretParam();
|
|
|
|
|
let backend = this.enginePathParam();
|
2018-04-03 14:16:57 +00:00
|
|
|
const preferAdvancedEdit =
|
|
|
|
|
this.controllerFor('vault.cluster.secrets.backend').get('preferAdvancedEdit') || false;
|
2018-04-24 21:30:44 +00:00
|
|
|
const backendType = this.backendType();
|
2018-04-03 14:16:57 +00:00
|
|
|
model.secret.setProperties({ backend });
|
|
|
|
|
controller.setProperties({
|
|
|
|
|
model: model.secret,
|
|
|
|
|
capabilities: model.capabilities,
|
|
|
|
|
baseKey: { id: secret },
|
|
|
|
|
// mode will be 'show', 'edit', 'create'
|
2018-09-25 16:28:26 +00:00
|
|
|
mode: this.routeName
|
|
|
|
|
.split('.')
|
|
|
|
|
.pop()
|
|
|
|
|
.replace('-root', ''),
|
2018-04-03 14:16:57 +00:00
|
|
|
backend,
|
|
|
|
|
preferAdvancedEdit,
|
|
|
|
|
backendType,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
resetController(controller) {
|
|
|
|
|
if (controller.reset && typeof controller.reset === 'function') {
|
|
|
|
|
controller.reset();
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
actions: {
|
|
|
|
|
error(error) {
|
2019-03-01 16:08:30 +00:00
|
|
|
let secret = this.secretParam();
|
|
|
|
|
let backend = this.enginePathParam();
|
2018-09-25 16:28:26 +00:00
|
|
|
set(error, 'keyId', backend + '/' + secret);
|
|
|
|
|
set(error, 'backend', backend);
|
2018-04-03 14:16:57 +00:00
|
|
|
return true;
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
refreshModel() {
|
|
|
|
|
this.refresh();
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
willTransition(transition) {
|
2018-10-19 22:24:57 +00:00
|
|
|
let { mode, model } = this.controller;
|
2018-10-15 14:38:05 +00:00
|
|
|
let version = model.get('selectedVersion');
|
2018-10-17 03:11:15 +00:00
|
|
|
let changed = model.changedAttributes();
|
|
|
|
|
let changedKeys = Object.keys(changed);
|
|
|
|
|
// until we have time to move `backend` on a v1 model to a relationship,
|
|
|
|
|
// it's going to dirty the model state, so we need to look for it
|
|
|
|
|
// and explicity ignore it here
|
2018-10-17 02:42:29 +00:00
|
|
|
if (
|
2018-10-19 22:24:57 +00:00
|
|
|
(mode !== 'show' && (changedKeys.length && changedKeys[0] !== 'backend')) ||
|
|
|
|
|
(mode !== 'show' && version && Object.keys(version.changedAttributes()).length)
|
2018-10-17 02:42:29 +00:00
|
|
|
) {
|
2018-04-03 14:16:57 +00:00
|
|
|
if (
|
|
|
|
|
window.confirm(
|
|
|
|
|
'You have unsaved changes. Navigating away will discard these changes. Are you sure you want to discard your changes?'
|
|
|
|
|
)
|
|
|
|
|
) {
|
2018-10-15 14:38:05 +00:00
|
|
|
version && version.rollbackAttributes();
|
2018-04-03 14:16:57 +00:00
|
|
|
this.unloadModel();
|
2018-09-25 16:28:26 +00:00
|
|
|
return true;
|
2018-04-03 14:16:57 +00:00
|
|
|
} else {
|
|
|
|
|
transition.abort();
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-09-25 16:28:26 +00:00
|
|
|
return this._super(...arguments);
|
2018-04-03 14:16:57 +00:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|