diff --git a/changelog/14400.txt b/changelog/14400.txt
new file mode 100644
index 000000000..0efaa3d7b
--- /dev/null
+++ b/changelog/14400.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+ui: Fixes displaying empty masked values in PKI engine
+```
\ No newline at end of file
diff --git a/ui/app/templates/components/config-pki-ca.hbs b/ui/app/templates/components/config-pki-ca.hbs
index a5499152f..b56a06023 100644
--- a/ui/app/templates/components/config-pki-ca.hbs
+++ b/ui/app/templates/components/config-pki-ca.hbs
@@ -8,7 +8,7 @@
{{/if}}
{{#if (or this.model.certificate this.model.csr)}}
- {{#if (not (eq this.model.canParse true))}}
+ {{#if (eq this.model.canParse false)}}
{{/if}}
{{#each this.model.attrs as |attr|}}
- {{#if attr.options.masked}}
+ {{#if (and attr.options.masked (get this.model attr.name))}}
{{#each this.model.attrs as |attr|}}
- {{#if attr.options.masked}}
+ {{#if (and attr.options.masked (get this.model attr.name))}}
- {{else if (and (get this.model attr.name) (eq attr.name "revocationTime"))}}
-
{{else}}
-{{#if (not (eq this.model.canParse true))}}
+{{#if (eq this.model.canParse false)}}
{{else}}
- {{#if attr.options.masked}}
+ {{#if (and attr.options.masked (get this.model attr.name))}}
- {{else if (and (get this.model attr.name) (eq attr.name "revocationTime"))}}
+ {{else if (eq attr.name "revocationTime")}}
{
+ return find('[data-test-horizontal-bar-chart]');
+ });
assert.dom('[data-test-stat-text="total-clients"] .stat-value').hasText('15');
assert.dom('[data-test-stat-text="entity-clients"] .stat-value').hasText('5');
assert.dom('[data-test-stat-text="non-entity-clients"] .stat-value').hasText('10');
diff --git a/ui/tests/acceptance/secrets/backend/pki/cert-test.js b/ui/tests/acceptance/secrets/backend/pki/cert-test.js
index 727d3f098..8646576a0 100644
--- a/ui/tests/acceptance/secrets/backend/pki/cert-test.js
+++ b/ui/tests/acceptance/secrets/backend/pki/cert-test.js
@@ -1,4 +1,4 @@
-import { currentRouteName, settled, click } from '@ember/test-helpers';
+import { currentRouteName, settled } from '@ember/test-helpers';
import { module, test } from 'qunit';
import { setupApplicationTest } from 'ember-qunit';
import editPage from 'vault/tests/pages/secrets/backend/pki/edit-role';
@@ -7,6 +7,7 @@ import generatePage from 'vault/tests/pages/secrets/backend/pki/generate-cert';
import configPage from 'vault/tests/pages/settings/configure-secret-backends/pki/section-cert';
import enablePage from 'vault/tests/pages/settings/mount-secret-backend';
import authPage from 'vault/tests/pages/auth';
+import { SELECTORS } from 'vault/tests/helpers/pki';
module('Acceptance | secrets/pki/list?tab=certs', function (hooks) {
setupApplicationTest(hooks);
@@ -55,11 +56,15 @@ elRplAzrMF4=
await settled();
await generatePage.issueCert('foo');
await settled();
- assert.dom('.masked-font').exists({ count: 3 }, 'renders 3 masked rows');
- let firstUnMaskButton = document.querySelectorAll('.masked-input-toggle')[0];
- await click(firstUnMaskButton);
- assert.dom('.masked-value').hasTextContaining('-----BEGIN CERTIFICATE-----');
- await settled();
+ assert.dom(SELECTORS.certificate).exists('displays masked certificate');
+ assert.dom(SELECTORS.commonName).exists('displays common name');
+ assert.dom(SELECTORS.issueDate).exists('displays issue date');
+ assert.dom(SELECTORS.expiryDate).exists('displays expiration date');
+ assert.dom(SELECTORS.issuingCa).exists('displays masked issuing CA');
+ assert.dom(SELECTORS.privateKey).exists('displays masked private key');
+ assert.dom(SELECTORS.serialNumber).exists('displays serial number');
+ assert.dom(SELECTORS.caChain).doesNotExist('does not display empty masked CA chain');
+
await generatePage.back();
await settled();
assert.notOk(generatePage.commonNameValue, 'the form is cleared');
@@ -70,9 +75,10 @@ elRplAzrMF4=
await settled();
await generatePage.sign('common', CSR);
await settled();
- let firstUnMaskButton = document.querySelectorAll('.masked-input-toggle')[0];
- await click(firstUnMaskButton);
- assert.dom('.masked-value').hasTextContaining('-----BEGIN CERTIFICATE-----');
+ assert.ok(SELECTORS.certificate, 'displays masked certificate');
+ assert.ok(SELECTORS.commonName, 'displays common name');
+ assert.ok(SELECTORS.issuingCa, 'displays masked issuing CA');
+ assert.ok(SELECTORS.serialNumber, 'displays serial number');
});
test('it views a cert', async function (assert) {
@@ -82,12 +88,17 @@ elRplAzrMF4=
await listPage.visitRoot({ backend: path, tab: 'certs' });
await settled();
assert.ok(listPage.secrets.length > 0, 'lists certs');
-
await listPage.secrets.objectAt(0).click();
await settled();
assert.equal(currentRouteName(), 'vault.cluster.secrets.backend.show', 'navigates to the show page');
- let firstUnMaskButton = document.querySelectorAll('.masked-input-toggle')[0];
- await click(firstUnMaskButton);
- assert.dom('.masked-value').hasTextContaining('-----BEGIN CERTIFICATE-----');
+ assert.dom(SELECTORS.certificate).exists('displays masked certificate');
+ assert.dom(SELECTORS.commonName).exists('displays common name');
+ assert.dom(SELECTORS.issueDate).exists('displays issue date');
+ assert.dom(SELECTORS.expiryDate).exists('displays expiration date');
+ assert.dom(SELECTORS.serialNumber).exists('displays serial number');
+ assert.dom(SELECTORS.revocationTime).doesNotExist('does not display revocation time of 0');
+ assert.dom(SELECTORS.issuingCa).doesNotExist('does not display empty issuing CA');
+ assert.dom(SELECTORS.caChain).doesNotExist('does not display empty CA chain');
+ assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key');
});
});
diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js
index 9c32628aa..cb9745428 100644
--- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js
+++ b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js
@@ -2,6 +2,7 @@ import { currentRouteName, settled, click } from '@ember/test-helpers';
import { module, test } from 'qunit';
import { setupApplicationTest } from 'ember-qunit';
import page from 'vault/tests/pages/settings/configure-secret-backends/pki/section-cert';
+import { SELECTORS } from 'vault/tests/helpers/pki';
import authPage from 'vault/tests/pages/auth';
import enablePage from 'vault/tests/pages/settings/mount-secret-backend';
@@ -77,13 +78,15 @@ BXUV2Uwtxf+QCphnlht9muX2fsLIzDJea0JipWj1uf2H8OZsjE8=
await page.form.generateCA();
await settled();
- assert.ok(page.form.commonNameIsPresent, 'the common name displays');
- assert.ok(page.form.issueDateIsPresent, 'the issue date displays');
- assert.ok(page.form.expiryDateIsPresent, 'the expiration date displays');
- assert
- .dom('[data-test-value-div="Certificate"] [data-test-masked-input]')
- .exists('certificate is present');
-
+ assert.dom(SELECTORS.certificate).exists('certificate is present and masked');
+ assert.dom(SELECTORS.commonName).exists('displays common name');
+ assert.dom(SELECTORS.issueDate).exists('displays issue date');
+ assert.dom(SELECTORS.expiryDate).exists('displays expiration date');
+ assert.dom(SELECTORS.issuingCa).exists('displays masked issuing CA');
+ assert.dom(SELECTORS.serialNumber).exists('displays serial number');
+ assert.dom(SELECTORS.csr).doesNotExist('does not display empty CSR');
+ assert.dom(SELECTORS.caChain).doesNotExist('does not display empty CA chain');
+ assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key');
await page.form.back();
await page.form.generateCA();
await settled();
@@ -126,6 +129,8 @@ BXUV2Uwtxf+QCphnlht9muX2fsLIzDJea0JipWj1uf2H8OZsjE8=
await settled();
await page.form.csrField(csrVal).submit();
await settled();
+ assert.dom(SELECTORS.caChain).doesNotExist('does not display empty CA chain');
+ assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key');
await click('.masked-input-toggle');
intermediateCert = document.querySelector('[data-test-masked-input]').innerText;
await page.form.back();
diff --git a/ui/tests/helpers/pki.js b/ui/tests/helpers/pki.js
new file mode 100644
index 000000000..f0aeac38b
--- /dev/null
+++ b/ui/tests/helpers/pki.js
@@ -0,0 +1,12 @@
+export const SELECTORS = {
+ caChain: '[data-test-value-div="CA chain"] [data-test-masked-input]',
+ certificate: '[data-test-value-div="Certificate"] [data-test-masked-input]',
+ commonName: '[data-test-row-value="Common name"]',
+ csr: '[data-test-value-div="CSR"] [data-test-masked-input]',
+ expiryDate: '[data-test-row-value="Expiration date"]',
+ issueDate: '[data-test-row-value="Issue date"]',
+ issuingCa: '[data-test-value-div="Issuing CA"] [data-test-masked-input]',
+ privateKey: '[data-test-value-div="Private key"] [data-test-masked-input]',
+ revocationTime: '[data-test-row-value="Revocation time"]',
+ serialNumber: '[data-test-row-value="Serial number"]',
+};
diff --git a/ui/tests/pages/components/config-pki-ca.js b/ui/tests/pages/components/config-pki-ca.js
index 6d70b83ae..23e3b3e3f 100644
--- a/ui/tests/pages/components/config-pki-ca.js
+++ b/ui/tests/pages/components/config-pki-ca.js
@@ -27,15 +27,11 @@ export default {
csr: text('[data-test-row-value="CSR"]', { normalize: false }),
csrField: fillable('[data-test-input="csr"]'),
certificate: text('[data-test-row-value="Certificate"]', { normalize: false }),
- commonNameIsPresent: isPresent('[data-test-row-value="Common name"]'),
uploadCert: clickable('[data-test-input="uploadPemBundle"]'),
enterCertAsText: clickable('[data-test-text-toggle]'),
pemBundle: fillable('[data-test-text-file-textarea]'),
commonName: fillable('[data-test-input="commonName"]'),
- issueDateIsPresent: text('[data-test-row-value="Issue date"]'),
- expiryDateIsPresent: text('[data-test-row-value="Expiration date"]'),
-
async generateCA(commonName = 'PKI CA', type = 'root') {
if (type === 'intermediate') {
return await this.replaceCA().commonName(commonName).caType('intermediate').submit();