luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity

UI: Better default transit auto-rotation (#15474)

Browse source 
* TTL Picker convers to largest unit when value is number

* Initial value for transit auto-rotation period is 30d

* Add auto-rotation check to transit test

* Add changelog

* Add clarifying comment
This commit is contained in:
Chelsea Shaw 2022-05-17 16:06:57 -05:00 committed by GitHub
parent d450b7899f
commit bab5fe34f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelog/15474.txt Normal file
View file

@ -0,0 +1,3 @@
```release-note:improvement
ui: Default auto-rotation period in transit is 30 days
```

2
ui/app/templates/components/transit-form-create.hbs
View file

@ -8,7 +8,7 @@
</div> </div>
<div class="field"> <div class="field">
<TtlPicker2 <TtlPicker2
@initialValue="1h" @initialValue="30d"
@initialEnabled={{false}} @initialEnabled={{false}}
@label="Auto-rotation period" @label="Auto-rotation period"
@helperTextDisabled="Key will never be automatically rotated" @helperTextDisabled="Key will never be automatically rotated"

2
ui/app/templates/components/transit-form-edit.hbs
View file

@ -18,7 +18,7 @@
</div> </div>
<div class="field"> <div class="field">
<TtlPicker2 <TtlPicker2
@initialValue={{or @key.autoRotatePeriod "1h"}} @initialValue={{or @key.autoRotatePeriod "30d"}}
@initialEnabled={{not (eq @key.autoRotatePeriod "0s")}} @initialEnabled={{not (eq @key.autoRotatePeriod "0s")}}
@label="Auto-rotation period" @label="Auto-rotation period"
@helperTextDisabled="Key will never be automatically rotated" @helperTextDisabled="Key will never be automatically rotated"

10
ui/lib/core/addon/components/ttl-picker2.js
View file

@ -74,7 +74,15 @@ export default TtlForm.extend({
if (typeOf(value) === 'number') { if (typeOf(value) === 'number') {
// if the passed value is a number, assume unit is seconds // if the passed value is a number, assume unit is seconds
time = value; // then check if the value can be converted into a larger unit
if (value % secondsMap.d === 0) {
unit = 'd';
} else if (value % secondsMap.h === 0) {
unit = 'h';
} else if (value % secondsMap.m === 0) {
unit = 'm';
}
time = convertFromSeconds(value, unit);
} else { } else {
try { try {
const seconds = Duration.parse(value).seconds(); const seconds = Duration.parse(value).seconds();

12
ui/tests/acceptance/transit-test.js
View file

@ -42,6 +42,7 @@ const keyTypes = [
type: 'chacha20-poly1305', type: 'chacha20-poly1305',
convergent: true, convergent: true,
supportsEncryption: true, supportsEncryption: true,
autoRotate: true,
}, },
{ {
name: (ts) => `ecdsa-${ts}`, name: (ts) => `ecdsa-${ts}`,
@ -84,6 +85,7 @@ const keyTypes = [
type: `rsa-4096`, type: `rsa-4096`,
supportsSigning: true, supportsSigning: true,
supportsEncryption: true, supportsEncryption: true,
autoRotate: true,
}, },
]; ];
@ -102,6 +104,9 @@ let generateTransitKey = async function (key, now) {
if (key.convergent) { if (key.convergent) {
await click('[data-test-transit-key-convergent-encryption]'); await click('[data-test-transit-key-convergent-encryption]');
} }
if (key.autoRotate) {
await click('[data-test-toggle-label="Auto-rotation period"]');
}
await click('[data-test-transit-key-create]'); await click('[data-test-transit-key-create]');
await settled(); // eslint-disable-line await settled(); // eslint-disable-line
// link back to the list // link back to the list
@ -298,10 +303,15 @@ module('Acceptance | transit', function (hooks) {
}); });
for (let key of keyTypes) { for (let key of keyTypes) {
test(`transit backend: ${key.type}`, async function (assert) { test(`transit backend: ${key.type}`, async function (assert) {
assert.expect(key.convergent ? 42 : 6); assert.expect(key.convergent ? 43 : 7);
let name = await generateTransitKey(key, now); let name = await generateTransitKey(key, now);
await visit(`vault/secrets/${path}/show/${name}`); await visit(`vault/secrets/${path}/show/${name}`);
const expectedRotateValue = key.autoRotate ? '30 days' : 'Key will not be automatically rotated';
assert
.dom('[data-test-row-value="Auto-rotation period"]')
.hasText(expectedRotateValue, 'Has expected auto rotate value');
await click('[data-test-transit-link="versions"]'); await click('[data-test-transit-link="versions"]');
// wait for capabilities // wait for capabilities

13
ui/tests/integration/components/ttl-picker2-test.js
View file

@ -232,4 +232,17 @@ module('Integration | Component | ttl-picker2', function (hooks) {
assert.dom('[data-test-ttl-value]').hasValue('1000', 'time value is converted'); assert.dom('[data-test-ttl-value]').hasValue('1000', 'time value is converted');
assert.dom('[data-test-select="ttl-unit"]').hasValue('m', 'unit value is m (minutes)'); assert.dom('[data-test-select="ttl-unit"]').hasValue('m', 'unit value is m (minutes)');
}); });
test('it converts to the largest round unit on init when no unit provided', async function (assert) {
await render(hbs`
<TtlPicker2
@label="convertunits"
@onChange={{onChange}}
@initialValue={{86400}}
@initialEnabled="true"
/>
`);
assert.dom('[data-test-ttl-value]').hasValue('1', 'time value is converted');
assert.dom('[data-test-select="ttl-unit"]').hasValue('d', 'unit value is d (days)');
});
}); });