diff --git a/changelog/15464.txt b/changelog/15464.txt new file mode 100644 index 000000000..73cd5aa1f --- /dev/null +++ b/changelog/15464.txt @@ -0,0 +1,3 @@ +```release-note:changes +ui: pki issuer delete capabilities have been removed from the UI and reserved for the API and CLI +``` \ No newline at end of file diff --git a/ui/app/adapters/pki-ca-certificate.js b/ui/app/adapters/pki-ca-certificate.js index 81842b911..b07fab16e 100644 --- a/ui/app/adapters/pki-ca-certificate.js +++ b/ui/app/adapters/pki-ca-certificate.js @@ -65,9 +65,4 @@ export default ApplicationAdapter.extend({ updateRecord() { return this.createRecordOrUpdate(...arguments); }, - - deleteRecord(store, type, snapshot) { - const backend = snapshot.attr('backend'); - return this.ajax(`/v1/${backend}/root`, 'DELETE'); - }, }); diff --git a/ui/app/components/config-pki-ca.js b/ui/app/components/config-pki-ca.js index f90bbddbe..c7ae3172a 100644 --- a/ui/app/components/config-pki-ca.js +++ b/ui/app/components/config-pki-ca.js @@ -52,7 +52,7 @@ export default Component.extend({ * @param DS.Model * @public * - * a `pki-config` model - passed in in the component useage + * a `pki-config` model - passed in in the component usage * */ config: null, @@ -140,15 +140,10 @@ export default Component.extend({ const isUpload = this.model.uploadPemBundle; model .save({ adapterOptions: { method } }) - .then((m) => { + .then(() => { if (method === 'setSignedIntermediate' || isUpload) { this.send('refresh'); this.flashMessages.success('The certificate for this backend has been updated.'); - } else if (!m.get('certificate') && !m.get('csr')) { - // if there's no certificate, it wasn't generated and the generation was a noop - this.flashMessages.warning( - 'You tried to generate a new root CA, but one currently exists. To replace the existing one, delete it first and then generate again.' - ); } }) .catch((e) => { @@ -158,25 +153,6 @@ export default Component.extend({ this.set('loading', false); }); }, - deleteCA() { - this.set('loading', true); - const model = this.model; - const backend = model.get('backend'); - //TODO Is there better way to do this? This forces the saved state so Ember Data will make a server call. - model.send('pushedData'); - model - .destroyRecord() - .then(() => { - this.flashMessages.success( - `The CA key for ${backend} has been deleted. The old CA certificate will still be accessible for reading until a new certificate/key is generated or uploaded.` - ); - }) - .finally(() => { - this.set('loading', false); - this.send('refresh'); - this.createOrReplaceModel(); - }); - }, refresh() { this.setProperties({ setSignedIntermediate: false, diff --git a/ui/app/components/config-pki.js b/ui/app/components/config-pki.js index 50b5a9119..a3ac4f76b 100644 --- a/ui/app/components/config-pki.js +++ b/ui/app/components/config-pki.js @@ -20,7 +20,7 @@ export default Component.extend({ * @param DS.Model * @public * - * a `pki-config` model - passed in in the component useage + * a `pki-config` model - passed in in the component usage * */ config: null, diff --git a/ui/app/models/pki-ca-certificate.js b/ui/app/models/pki-ca-certificate.js index 153978a68..bb5435561 100644 --- a/ui/app/models/pki-ca-certificate.js +++ b/ui/app/models/pki-ca-certificate.js @@ -1,8 +1,6 @@ import { attr } from '@ember-data/model'; -import { and } from '@ember/object/computed'; import { computed } from '@ember/object'; import Certificate from './pki-certificate'; -import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; export default Certificate.extend({ DISPLAY_FIELDS: computed(function () { @@ -151,7 +149,4 @@ export default Certificate.extend({ return groups; }), - - deletePath: lazyCapabilities(apiPath`${'backend'}/root`, 'backend'), - canDeleteRoot: and('deletePath.canDelete', 'deletePath.canSudo'), }); diff --git a/ui/app/styles/components/popup-menu.scss b/ui/app/styles/components/popup-menu.scss index f84c42d92..56446ab91 100644 --- a/ui/app/styles/components/popup-menu.scss +++ b/ui/app/styles/components/popup-menu.scss @@ -8,7 +8,7 @@ box-shadow: $box-shadow, $box-shadow-middle; padding: 0; position: relative; - width: 200px; + width: 210px; } &.is-wide > .box { diff --git a/ui/app/templates/components/config-pki-ca.hbs b/ui/app/templates/components/config-pki-ca.hbs index 2ea45a304..24735e76b 100644 --- a/ui/app/templates/components/config-pki-ca.hbs +++ b/ui/app/templates/components/config-pki-ca.hbs @@ -4,7 +4,11 @@ {{#if this.needsConfig}} Configure CA Certificate {{else}} - Replace CA Certificate + {{#if this.model.certificate}} + Generated Certificate + {{else}} + Add CA Certificate + {{/if}} {{/if}} {{#if (or this.model.certificate this.model.csr)}} @@ -59,13 +63,6 @@ {{else}}
- {{#if this.model.uploadPemBundle}} - - {{/if}}
@@ -85,18 +82,6 @@
-
- {{#if this.model.canDeleteRoot}} - - Delete - - {{/if}} -
{{/if}} @@ -231,7 +216,7 @@ {{#if this.needsConfig}} Configure CA {{else}} - Replace CA + Add CA {{/if}} @@ -252,5 +237,24 @@ Set signed intermediate + {{#unless this.needsConfig}} +
+ + + + + +
+ Deleting a CA is only available via the CLI and API. + + Learn more + +
+ + +
+ {{/unless}} {{/if}} \ No newline at end of file diff --git a/ui/tests/integration/components/config-pki-ca-test.js b/ui/tests/integration/components/config-pki-ca-test.js index 867c8d4ef..c3abe4915 100644 --- a/ui/tests/integration/components/config-pki-ca-test.js +++ b/ui/tests/integration/components/config-pki-ca-test.js @@ -74,7 +74,7 @@ module('Integration | Component | config pki ca', function (hooks) { this.set('config', c); await render(hbs`{{config-pki-ca config=config}}`); assert.notOk(component.hasTitle, 'no title in the default state'); - assert.equal(component.replaceCAText, 'Replace CA'); + assert.equal(component.replaceCAText, 'Add CA'); assert.equal(component.downloadLinks.length, 3, 'shows download links'); }); });