open-vault/ui/app/models/pki/role.js

361 lines
11 KiB
JavaScript
Raw Normal View History

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: MPL-2.0
*/
import Model, { attr } from '@ember-data/model';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import { withModelValidations } from 'vault/decorators/model-validations';
2022-12-06 20:34:43 +00:00
import { withFormFields } from 'vault/decorators/model-form-fields';
const validations = {
name: [{ type: 'presence', message: 'Name is required.' }],
};
2022-12-06 20:34:43 +00:00
const fieldGroups = [
{
default: [
'name',
'issuerRef',
'customTtl',
'notBeforeDuration',
'maxTtl',
'generateLease',
'noStore',
'addBasicConstraints',
],
},
{
'Domain handling': [
'allowedDomains',
'allowedDomainsTemplate',
'allowBareDomains',
'allowSubdomains',
'allowGlobDomains',
'allowWildcardCertificates',
'allowLocalhost', // default: true (returned true by OpenApi)
'allowAnyName',
'enforceHostnames', // default: true (returned true by OpenApi)
],
},
{
'Key parameters': ['keyType', 'keyBits', 'signatureBits'],
},
{
'Key usage': ['keyUsage', 'extKeyUsage', 'extKeyUsageOids'],
},
{ 'Policy identifiers': ['policyIdentifiers'] },
{
'Subject Alternative Name (SAN) Options': [
'allowIpSans',
'allowedUriSans',
'allowUriSansTemplate',
'allowedOtherSans',
],
},
{
'Additional subject fields': [
'allowedUserIds',
2022-12-06 20:34:43 +00:00
'allowedSerialNumbers',
'requireCn',
'useCsrCommonName',
'useCsrSans',
'ou',
'organization',
'country',
'locality',
'province',
'streetAddress',
'postalCode',
],
},
];
@withFormFields(null, fieldGroups)
@withModelValidations(validations)
export default class PkiRoleModel extends Model {
get useOpenAPI() {
// must be a getter so it can be accessed in path-help.js
return true;
}
getHelpUrl(backend) {
return `/v1/${backend}/roles/example?help=1`;
}
@attr('string', { readOnly: true }) backend;
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
/* Overriding OpenApi default options */
@attr('string', {
label: 'Role name',
fieldValue: 'name',
2022-12-02 16:42:14 +00:00
editDisabled: true,
})
name;
@attr('string', {
label: 'Issuer reference',
2022-11-21 20:09:04 +00:00
detailsLabel: 'Issuer',
defaultValue: 'default',
subText: `Specifies the issuer that will be used to create certificates with this role. To find this, run read -field=default pki_int/config/issuers in the console. By default, we will use the mounts default issuer.`,
})
issuerRef;
@attr({
label: 'Not valid after',
2022-11-21 20:09:04 +00:00
detailsLabel: 'Issued certificates expire after',
subText:
2022-12-15 22:42:18 +00:00
'The time after which this certificate will no longer be valid. This can be a TTL (a range of time from now) or a specific date.',
editType: 'yield',
})
customTtl;
@attr({
label: 'Backdate validity',
2022-11-21 20:09:04 +00:00
detailsLabel: 'Issued certificate backdating',
2022-12-15 22:42:18 +00:00
helperTextDisabled: 'Vault will use the default value, 30s',
helperTextEnabled:
'Also called the not_before_duration property. Allows certificates to be valid for a certain time period before now. This is useful to correct clock misalignment on various systems when setting up your CA.',
editType: 'ttl',
2022-12-15 22:42:18 +00:00
defaultValue: '30s',
})
notBeforeDuration;
@attr({
label: 'Max TTL',
helperTextDisabled:
'The maximum Time-To-Live of certificates generated by this role. If not set, the system max lease TTL will be used.',
editType: 'ttl',
2022-11-21 20:09:04 +00:00
defaultShown: 'System default',
})
maxTtl;
@attr('boolean', {
label: 'Generate lease with certificate',
subText:
'Specifies if certificates issued/signed against this role will have Vault leases attached to them.',
editType: 'boolean',
docLink: '/vault/api-docs/secret/pki#create-update-role',
})
generateLease;
@attr('boolean', {
label: 'Do not store certificates in storage backend',
2022-11-21 20:09:04 +00:00
detailsLabel: 'Store in storage backend', // template reverses value
subText:
'This can improve performance when issuing large numbers of certificates. However, certificates issued in this way cannot be enumerated or revoked.',
editType: 'boolean',
docLink: '/vault/api-docs/secret/pki#create-update-role',
})
noStore;
@attr('boolean', {
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
label: 'Basic constraints valid for non-CA',
2022-11-21 20:09:04 +00:00
detailsLabel: 'Add basic constraints',
subText: 'Mark Basic Constraints valid when issuing non-CA certificates.',
editType: 'boolean',
})
addBasicConstraints;
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
/* End of overriding default options */
/* Overriding OpenApi Domain handling options */
@attr({
label: 'Allowed domains',
subText: 'Specifies the domains this role is allowed to issue certificates for.',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
editType: 'stringArray',
})
allowedDomains;
@attr('boolean', {
label: 'Allow templates in allowed domains',
})
allowedDomainsTemplate;
/* End of overriding Domain handling options */
/* Overriding OpenApi Key parameters options */
@attr('string', {
label: 'Key type',
possibleValues: ['rsa', 'ec', 'ed25519', 'any'],
defaultValue: 'rsa',
})
keyType;
@attr('string', {
label: 'Key bits',
defaultValue: '2048',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
})
keyBits; // no possibleValues because options are dependent on selected key type
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
@attr('string', {
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
label: 'Signature bits',
subText: `Only applicable for key_type 'RSA'. Ignore for other key types.`,
defaultValue: '0',
possibleValues: ['0', '256', '384', '512'],
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
})
signatureBits;
/* End of overriding Key parameters options */
/* Overriding API Policy identifier option */
@attr({
label: 'Policy identifiers',
subText: 'A list of policy object identifiers (OIDs).',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
editType: 'stringArray',
})
policyIdentifiers;
/* End of overriding Policy identifier options */
/* Overriding OpenApi SAN options */
@attr('boolean', {
label: 'Allow IP SANs',
subText: 'Specifies if clients can request IP Subject Alternative Names.',
editType: 'boolean',
defaultValue: true,
})
allowIpSans;
@attr({
label: 'URI Subject Alternative Names (URI SANs)',
subText: 'Defines allowed URI Subject Alternative Names.',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
editType: 'stringArray',
docLink: '/vault/docs/concepts/policies',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
})
allowedUriSans;
@attr('boolean', {
label: 'Allow URI SANs template',
subText: 'If true, the URI SANs above may contain templates, as with ACL Path Templating.',
editType: 'boolean',
docLink: '/vault/docs/concepts/policies',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
})
allowUriSansTemplate;
@attr({
label: 'Other SANs',
subText: 'Defines allowed custom OID/UTF8-string SANs.',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
editType: 'stringArray',
})
allowedOtherSans;
/* End of overriding SAN options */
/* Overriding OpenApi Additional subject field options */
@attr({
label: 'Allowed serial numbers',
subText:
'A list of allowed serial numbers to be requested during certificate issuance. Shell-style globbing is supported. If empty, custom-specified serial numbers will be forbidden.',
editType: 'stringArray',
})
allowedSerialNumbers;
@attr('boolean', {
label: 'Require common name',
subText: 'If set to false, common name will be optional when generating a certificate.',
defaultValue: true,
})
requireCn;
@attr('boolean', {
label: 'Use CSR common name',
subText:
'When used with the CSR signing endpoint, the common name in the CSR will be used instead of taken from the JSON data.',
defaultValue: true,
})
useCsrCommonName;
@attr('boolean', {
label: 'Use CSR SANs',
subText:
'When used with the CSR signing endpoint, the subject alternate names in the CSR will be used instead of taken from the JSON data.',
defaultValue: true,
})
useCsrSans;
@attr({
label: 'Organization Units (OU)',
subText:
'A list of allowed serial numbers to be requested during certificate issuance. Shell-style globbing is supported. If empty, custom-specified serial numbers will be forbidden.',
editType: 'stringArray',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
})
ou;
@attr('array', {
defaultValue() {
return ['DigitalSignature', 'KeyAgreement', 'KeyEncipherment'];
},
2022-11-21 20:09:04 +00:00
defaultShown: 'None',
})
keyUsage;
@attr('array', {
2022-11-21 20:09:04 +00:00
defaultShown: 'None',
})
extKeyUsage;
2022-11-21 20:09:04 +00:00
@attr('array', {
defaultShown: 'None',
})
extKeyUsageOids;
@attr({ editType: 'stringArray' }) allowedUserIds;
@attr({ editType: 'stringArray' }) organization;
@attr({ editType: 'stringArray' }) country;
@attr({ editType: 'stringArray' }) locality;
@attr({ editType: 'stringArray' }) province;
@attr({ editType: 'stringArray' }) streetAddress;
@attr({ editType: 'stringArray' }) postalCode;
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
/* End of overriding Additional subject field options */
2022-12-06 20:34:43 +00:00
/* CAPABILITIES
* Default to show UI elements unless we know they can't access the given path
*/
@lazyCapabilities(apiPath`${'backend'}/roles/${'id'}`, 'backend', 'id') updatePath;
get canDelete() {
2022-12-06 20:34:43 +00:00
return this.updatePath.get('isLoading') || this.updatePath.get('canCreate') !== false;
}
get canEdit() {
2022-12-06 20:34:43 +00:00
return this.updatePath.get('isLoading') || this.updatePath.get('canUpdate') !== false;
}
get canRead() {
2022-12-06 20:34:43 +00:00
return this.updatePath.get('isLoading') || this.updatePath.get('canRead') !== false;
}
@lazyCapabilities(apiPath`${'backend'}/issue/${'id'}`, 'backend', 'id') generatePath;
2022-12-06 20:34:43 +00:00
get canGenerateCert() {
return this.generatePath.get('isLoading') || this.generatePath.get('canUpdate') !== false;
}
@lazyCapabilities(apiPath`${'backend'}/sign/${'id'}`, 'backend', 'id') signPath;
get canSign() {
2022-12-06 20:34:43 +00:00
return this.signPath.get('isLoading') || this.signPath.get('canUpdate') !== false;
}
@lazyCapabilities(apiPath`${'backend'}/sign-verbatim/${'id'}`, 'backend', 'id') signVerbatimPath;
get canSignVerbatim() {
2022-12-06 20:34:43 +00:00
return this.signVerbatimPath.get('isLoading') || this.signVerbatimPath.get('canUpdate') !== false;
}
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
// Gets header/footer copy for specific toggle groups.
get fieldGroupsInfo() {
return {
'Domain handling': {
footer: {
text: 'These options can interact intricately with one another. For more information,',
docText: 'learn more here.',
docLink: '/vault/api-docs/secret/pki#allowed_domains',
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
},
},
'Key parameters': {
header: {
text: `These are the parameters for generating or validating the certificate's key material.`,
},
},
PKI role non-default options (#17393) * dynamically render the secretlistheader in the parent route. * start getting form setup even without openAPi working * add in create and cancel * making openAPI work * add default openAPI params * wip for new component with two radio options a ttl and input * handle createRecord on pki-roles-form * remove tooltips and cleanup * move formfieldgroupsloop back to non addon * cleanup * move secretListHeader * broadcast from radioSelectTtlOrString to parent * cleanup * hide tooltips * pass through sub text to stringArray * Add conditional for keybits and keyType * set defaults for keyBits ... 🤮 * fix some small issues * more info form field typ * show only label and subText * wip context switch 🤮 * fix dontShowLabel * getting css grid setup * more on flex groups * adding the second chunk to key usage * serialize the post for key_usage * finish for ext_key_usage * clean up * fix snack_case issue * commit for working state, next trying to remove form-field-group-loops because it's causing issues. * remove usage of formfieldgroupsloop because of issues with css grid and conditionals * clean up * remove string-list helpText changes for tooltip removal because that should be it's own pr. * clarification from design and backend. * small cleanup * pull key_usage and ext_key_usage out of the model and into a component * clean up * clean up * restructure css grid: * clean up * broke some things * fix error when roles list returned 404 * claires feedback * cleanup * clean up
2022-10-12 18:56:05 +00:00
'Subject Alternative Name (SAN) Options': {
header: {
text: `Subject Alternative Names (SANs) are identities (domains, IP addresses, and URIs) Vault attaches to the requested certificates.`,
},
},
'Additional subject fields': {
header: {
text: `Additional identity metadata Vault can attach to the requested certificates.`,
},
},
};
}
}