luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Bug fix: allow forward slash in paths for delete menu (#12550) 

* fix bug and add test coverage

* changelog
This commit is contained in:
Angel Garbarino 2021-09-14 12:30:01 -06:00 committed by GitHub
parent 6f18a9b6be
commit 12b1dc0069
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 64 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/12550.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
ui: Fix bug where capabilities check on secret-delete-menu was encoding the forward slashes.
```

12
ui/app/components/secret-delete-menu.js
View File

@ -23,7 +23,7 @@ export default class SecretDeleteMenu extends Component {
if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return; if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return;
let [backend, id] = JSON.parse(context.args.modelForData.id); let [backend, id] = JSON.parse(context.args.modelForData.id);
return { return {
id: `${encodeURIComponent(backend)}/delete/${encodeURIComponent(id)}`, id: `${backend}/delete/${id}`,
}; };
}, },
'model.id' 'model.id'
@ -37,7 +37,7 @@ export default class SecretDeleteMenu extends Component {
if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return; if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return;
let [backend, id] = JSON.parse(context.args.modelForData.id); let [backend, id] = JSON.parse(context.args.modelForData.id);
return { return {
id: `${encodeURIComponent(backend)}/undelete/${encodeURIComponent(id)}`, id: `${backend}/undelete/${id}`,
}; };
}, },
'model.id' 'model.id'
@ -51,7 +51,7 @@ export default class SecretDeleteMenu extends Component {
if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return; if (!context.args || !context.args.modelForData || !context.args.modelForData.id) return;
let [backend, id] = JSON.parse(context.args.modelForData.id); let [backend, id] = JSON.parse(context.args.modelForData.id);
return { return {
id: `${encodeURIComponent(backend)}/destroy/${encodeURIComponent(id)}`, id: `${backend}/destroy/${id}`,
}; };
}, },
'model.id' 'model.id'
@ -66,7 +66,7 @@ export default class SecretDeleteMenu extends Component {
let backend = context.args.model.engine.id; let backend = context.args.model.engine.id;
let id = context.args.model.id; let id = context.args.model.id;
return { return {
id: `${encodeURIComponent(backend)}/metadata/${encodeURIComponent(id)}`, id: `${backend}/metadata/${id}`,
}; };
}, },
'model', 'model',
@ -84,9 +84,7 @@ export default class SecretDeleteMenu extends Component {
} }
let backend = context.args.isV2 ? context.args.model.engine.id : context.args.model.backend; let backend = context.args.isV2 ? context.args.model.engine.id : context.args.model.backend;
let id = context.args.model.id; let id = context.args.model.id;
let path = context.args.isV2 let path = context.args.isV2 ? `${backend}/data/${id}` : `${backend}/${id}`;
? `${encodeURIComponent(backend)}/data/${encodeURIComponent(id)}`
: `${encodeURIComponent(backend)}/${encodeURIComponent(id)}`;
return { return {
id: path, id: path,
}; };

56
ui/tests/acceptance/secrets/backend/kv/secret-test.js
View File

@ -522,6 +522,62 @@ module('Acceptance | secrets/secret/create', function(hooks) {
assert.dom('[data-test-secret-undelete]').exists('undelete button shows'); assert.dom('[data-test-secret-undelete]').exists('undelete button shows');
}); });
test('version 2 with path forward slash will show delete button', async function(assert) {
let backend = 'kv-v2';
const V2_POLICY = `
path "kv-v2/delete/forward/slash" {
capabilities = ["update"]
}
path "kv-v2/metadata/*" {
capabilities = ["list","read","create","update"]
}
path "kv-v2/data/forward/slash" {
capabilities = ["create", "read"]
}
`;
await consoleComponent.runCommands([
`write sys/mounts/${backend} type=kv options=version=2`,
`write sys/policies/acl/kv-v2-degrade policy=${btoa(V2_POLICY)}`,
// delete any kv previously written here so that tests can be re-run
'delete kv-v2/metadata/forward/slash',
'write -field=client_token auth/token/create policies=kv-v2-degrade',
]);
let userToken = consoleComponent.lastLogOutput;
await logout.visit();
await authPage.login(userToken);
await writeSecret(backend, 'forward/slash', 'foo', 'bar');
assert.dom('[data-test-secret-v2-delete="true"]').exists('drop down delete shows');
});
test('version 2 with engine with forward slash will show delete button', async function(assert) {
let backend = 'forward/slash';
const V2_POLICY = `
path "forward/slash/delete/secret" {
capabilities = ["update"]
}
path "forward/slash/metadata/*" {
capabilities = ["list","read","create","update"]
}
path "forward/slash/data/*" {
capabilities = ["create", "read"]
}
`;
await consoleComponent.runCommands([
`write sys/mounts/${backend} type=kv options=version=2`,
`write sys/policies/acl/kv-v2-degrade policy=${btoa(V2_POLICY)}`,
// delete any kv previously written here so that tests can be re-run
'delete forward/slash/metadata/secret',
'write -field=client_token auth/token/create policies=kv-v2-degrade',
]);
let userToken = consoleComponent.lastLogOutput;
await logout.visit();
await authPage.login(userToken);
await writeSecret(backend, 'secret', 'foo', 'bar');
assert.dom('[data-test-secret-v2-delete="true"]').exists('drop down delete shows');
});
test('paths are properly encoded', async function(assert) { test('paths are properly encoded', async function(assert) {
let backend = 'kv'; let backend = 'kv';
let paths = [ let paths = [