From e6b890f7edb0d17e10426d82c6c427c73c48553f Mon Sep 17 00:00:00 2001 From: Kianna <30884335+kiannaquach@users.noreply.github.com> Date: Wed, 12 Apr 2023 09:18:46 -0700 Subject: [PATCH] UI: VAULT-14972 VAULT-13808 VAULT-12777 Remove pki beta, old pki, remove unused cert attributes (#20062) --- ui/app/adapters/pki-ca-certificate-sign.js | 13 -- ui/app/adapters/pki-ca-certificate.js | 73 ------- ui/app/adapters/pki-certificate-sign.js | 19 -- ui/app/adapters/pki.js | 27 --- ui/app/adapters/pki/pki-config.js | 133 ------------ ui/app/adapters/pki/pki-role.js | 75 ------- ui/app/app.js | 1 - ui/app/components/pki/config-pki-ca.js | 190 ------------------ ui/app/components/pki/config-pki.js | 78 ------- ui/app/components/pki/pki-cert-popup.js | 29 --- ui/app/components/pki/pki-cert-show.js | 14 -- ui/app/components/pki/role-pki-edit.js | 13 -- ui/app/helpers/mountable-secret-engines.js | 2 +- ui/app/models/pki-ca-certificate-sign.js | 80 -------- ui/app/models/pki-ca-certificate.js | 157 --------------- ui/app/models/pki-certificate-sign.js | 39 ---- ui/app/models/pki/about-pki-naming.md | 30 --- ui/app/models/pki/cert.js | 139 ------------- ui/app/models/pki/pki-config.js | 61 ------ ui/app/models/pki/pki-role.js | 92 --------- .../settings/configure-secret-backend.js | 12 +- .../configure-secret-backend/index.js | 15 -- .../configure-secret-backend/section.js | 59 ------ ui/app/serializers/pki/cert.js | 77 ------- ui/app/serializers/pki/pki-config.js | 34 ---- ui/app/serializers/pki/pki-role.js | 8 - ui/app/styles/core/tags.scss | 5 - .../templates/components/pki/config-pki.hbs | 46 ----- .../components/pki/configure-pki-secret.hbs | 19 -- .../components/pki/pki-cert-popup.hbs | 25 --- .../components/pki/pki-cert-show.hbs | 94 --------- .../components/pki/role-pki-edit.hbs | 113 ----------- .../components/secret-list/pki-cert-item.hbs | 24 --- .../components/secret-list/pki-role-item.hbs | 101 ---------- .../settings/configure-secret-backend.hbs | 2 - .../configure-secret-backend/section.hbs | 7 - ui/app/utils/parse-pki-cert.js | 2 - .../addon/components/secret-list-header.hbs | 87 -------- .../addon/components/secret-list-header.js | 33 --- .../core/addon/helpers/options-for-backend.js | 27 --- ui/lib/pki/addon/engine.js | 2 +- .../secrets/backend/pki/cert-test.js | 105 ---------- .../secrets/backend/pki/list-test.js | 67 ------ .../secrets/backend/pki/role-test.js | 89 -------- .../configure-ssh-secret-test.js | 4 +- .../pki/index-test.js | 35 ---- .../pki/section-cert-test.js | 149 -------------- .../pki/section-crl-test.js | 36 ---- .../pki/section-tidy-test.js | 35 ---- .../pki/section-urls-test.js | 41 ---- .../components/pki/config-pki-ca-test.js | 85 -------- .../components/pki/config-pki-test.js | 154 -------------- .../components/secret-list-header-test.js | 90 +-------- .../integration/utils/parse-pki-cert-test.js | 4 - .../pages/components/pki/config-pki-ca.js | 54 ----- ui/tests/pages/components/pki/config-pki.js | 20 -- .../configure-secret-backends/pki/index.js | 10 - .../pki/section-cert.js | 15 -- .../configure-secret-backends/pki/section.js | 19 -- 59 files changed, 8 insertions(+), 3061 deletions(-) delete mode 100644 ui/app/adapters/pki-ca-certificate-sign.js delete mode 100644 ui/app/adapters/pki-ca-certificate.js delete mode 100644 ui/app/adapters/pki-certificate-sign.js delete mode 100644 ui/app/adapters/pki.js delete mode 100644 ui/app/adapters/pki/pki-config.js delete mode 100644 ui/app/adapters/pki/pki-role.js delete mode 100644 ui/app/components/pki/config-pki-ca.js delete mode 100644 ui/app/components/pki/config-pki.js delete mode 100644 ui/app/components/pki/pki-cert-popup.js delete mode 100644 ui/app/components/pki/pki-cert-show.js delete mode 100644 ui/app/components/pki/role-pki-edit.js delete mode 100644 ui/app/models/pki-ca-certificate-sign.js delete mode 100644 ui/app/models/pki-ca-certificate.js delete mode 100644 ui/app/models/pki-certificate-sign.js delete mode 100644 ui/app/models/pki/about-pki-naming.md delete mode 100644 ui/app/models/pki/cert.js delete mode 100644 ui/app/models/pki/pki-config.js delete mode 100644 ui/app/models/pki/pki-role.js delete mode 100644 ui/app/routes/vault/cluster/settings/configure-secret-backend/index.js delete mode 100644 ui/app/routes/vault/cluster/settings/configure-secret-backend/section.js delete mode 100644 ui/app/serializers/pki/cert.js delete mode 100644 ui/app/serializers/pki/pki-config.js delete mode 100644 ui/app/serializers/pki/pki-role.js delete mode 100644 ui/app/templates/components/pki/config-pki.hbs delete mode 100644 ui/app/templates/components/pki/configure-pki-secret.hbs delete mode 100644 ui/app/templates/components/pki/pki-cert-popup.hbs delete mode 100644 ui/app/templates/components/pki/pki-cert-show.hbs delete mode 100644 ui/app/templates/components/pki/role-pki-edit.hbs delete mode 100644 ui/app/templates/components/secret-list/pki-cert-item.hbs delete mode 100644 ui/app/templates/components/secret-list/pki-role-item.hbs delete mode 100644 ui/app/templates/vault/cluster/settings/configure-secret-backend/section.hbs delete mode 100644 ui/tests/acceptance/secrets/backend/pki/cert-test.js delete mode 100644 ui/tests/acceptance/secrets/backend/pki/list-test.js delete mode 100644 ui/tests/acceptance/secrets/backend/pki/role-test.js delete mode 100644 ui/tests/acceptance/settings/configure-secret-backends/pki/index-test.js delete mode 100644 ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js delete mode 100644 ui/tests/acceptance/settings/configure-secret-backends/pki/section-crl-test.js delete mode 100644 ui/tests/acceptance/settings/configure-secret-backends/pki/section-tidy-test.js delete mode 100644 ui/tests/acceptance/settings/configure-secret-backends/pki/section-urls-test.js delete mode 100644 ui/tests/integration/components/pki/config-pki-ca-test.js delete mode 100644 ui/tests/integration/components/pki/config-pki-test.js delete mode 100644 ui/tests/pages/components/pki/config-pki-ca.js delete mode 100644 ui/tests/pages/components/pki/config-pki.js delete mode 100644 ui/tests/pages/settings/configure-secret-backends/pki/index.js delete mode 100644 ui/tests/pages/settings/configure-secret-backends/pki/section-cert.js delete mode 100644 ui/tests/pages/settings/configure-secret-backends/pki/section.js diff --git a/ui/app/adapters/pki-ca-certificate-sign.js b/ui/app/adapters/pki-ca-certificate-sign.js deleted file mode 100644 index a26d40d2e..000000000 --- a/ui/app/adapters/pki-ca-certificate-sign.js +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Adapter from './pki'; - -export default Adapter.extend({ - url(_, snapshot) { - const backend = snapshot.attr('backend'); - return `/v1/${backend}/root/sign-intermediate`; - }, -}); diff --git a/ui/app/adapters/pki-ca-certificate.js b/ui/app/adapters/pki-ca-certificate.js deleted file mode 100644 index 4306019a9..000000000 --- a/ui/app/adapters/pki-ca-certificate.js +++ /dev/null @@ -1,73 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { parsePkiCert } from 'vault/utils/parse-pki-cert'; -import ApplicationAdapter from './application'; - -export default ApplicationAdapter.extend({ - namespace: 'v1', - - url(snapshot, action) { - const { backend, caType, type } = snapshot.attributes(); - if (action === 'sign-intermediate') { - return `/v1/${backend}/root/sign-intermediate`; - } - if (action === 'set-signed-intermediate') { - return `/v1/${backend}/intermediate/set-signed`; - } - if (action === 'upload') { - return `/v1/${backend}/config/ca`; - } - return `/v1/${backend}/${caType}/generate/${type}`; - }, - - createRecordOrUpdate(store, type, snapshot, requestType) { - const serializer = store.serializerFor('application'); - const isUpload = snapshot.attr('uploadPemBundle'); - const isSetSignedIntermediate = snapshot.adapterOptions.method === 'setSignedIntermediate'; - let action = snapshot.adapterOptions.method === 'signIntermediate' ? 'sign-intermediate' : null; - let data; - if (isUpload) { - action = 'upload'; - data = { pem_bundle: snapshot.attr('pemBundle') }; - } else if (isSetSignedIntermediate) { - action = 'set-signed-intermediate'; - data = { certificate: snapshot.attr('certificate') }; - } else { - data = serializer.serialize(snapshot, requestType); - - // The type parameter is serialized but is part of the URL. This means - // we'll get an unknown parameter warning back from the server if we - // send it. Remove it instead. - delete data.type; - } - - return this.ajax(this.url(snapshot, action), 'POST', { data }).then((response) => { - // uploading CA, setting signed intermediate cert, and attempting to generate - // a new CA if one exists, all return a 204 - if (!response) { - response = {}; - } - response.id = snapshot.id; - response.modelName = type.modelName; - // only parse if certificate is attached to response - if (response.data && response.data.certificate) { - const caCertMetadata = parsePkiCert(response.data); - const transformedResponse = { ...response, ...caCertMetadata }; - store.pushPayload(type.modelName, transformedResponse); - } else { - store.pushPayload(type.modelName, response); - } - }); - }, - - createRecord() { - return this.createRecordOrUpdate(...arguments); - }, - - updateRecord() { - return this.createRecordOrUpdate(...arguments); - }, -}); diff --git a/ui/app/adapters/pki-certificate-sign.js b/ui/app/adapters/pki-certificate-sign.js deleted file mode 100644 index 3a8976144..000000000 --- a/ui/app/adapters/pki-certificate-sign.js +++ /dev/null @@ -1,19 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Adapter from './pki'; - -export default Adapter.extend({ - url(role, snapshot) { - if (snapshot.attr('signVerbatim') === true) { - return `/v1/${role.backend}/sign-verbatim/${role.name}`; - } - return `/v1/${role.backend}/sign/${role.name}`; - }, - - pathForType() { - return 'sign'; - }, -}); diff --git a/ui/app/adapters/pki.js b/ui/app/adapters/pki.js deleted file mode 100644 index 60f858cf8..000000000 --- a/ui/app/adapters/pki.js +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { assert } from '@ember/debug'; -import ApplicationAdapter from './application'; - -export default ApplicationAdapter.extend({ - namespace: 'v1', - - url(/*role*/) { - assert('Override the `url` method to extend the PKI adapter', false); - }, - - createRecord(store, type, snapshot, requestType) { - const serializer = store.serializerFor(type.modelName); - const data = serializer.serialize(snapshot, requestType); - const role = snapshot.attr('role'); - - return this.ajax(this.url(role, snapshot), 'POST', { data }).then((response) => { - response.id = snapshot.id; - response.modelName = type.modelName; - store.pushPayload(type.modelName, response); - }); - }, -}); diff --git a/ui/app/adapters/pki/pki-config.js b/ui/app/adapters/pki/pki-config.js deleted file mode 100644 index bfea1ccbe..000000000 --- a/ui/app/adapters/pki/pki-config.js +++ /dev/null @@ -1,133 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import AdapterError from '@ember-data/adapter/error'; -import { hash, resolve } from 'rsvp'; -import { capitalize } from '@ember/string'; -import { set } from '@ember/object'; -import ApplicationAdapter from '../application'; - -export default ApplicationAdapter.extend({ - namespace: 'v1', - - urlFor(backend, section) { - const urls = { - tidy: `/v1/${backend}/tidy`, - urls: `/v1/${backend}/config/urls`, - crl: `/v1/${backend}/config/crl`, - }; - return urls[section]; - }, - - createOrUpdate(store, type, snapshot) { - const url = this.urlFor(snapshot.record.get('backend'), snapshot.adapterOptions.method); - const serializer = store.serializerFor(type.modelName); - if (!url) { - return; - } - const data = snapshot.adapterOptions.fields.reduce((data, field) => { - const attr = snapshot.attr(field); - if (attr) { - serializer.serializeAttribute(snapshot, data, field, attr); - } else { - data[serializer.keyForAttribute(field)] = attr; - } - return data; - }, {}); - return this.ajax(url, 'POST', { data }).then((resp) => { - const response = resp || {}; - response.id = `${snapshot.record.get('backend')}-${snapshot.adapterOptions.method}`; - return response; - }); - }, - - createRecord() { - return this.createOrUpdate(...arguments); - }, - - updateRecord() { - return this.createOrUpdate(...arguments, 'update'); - }, - - fetchSection(backendPath, section) { - const sections = ['cert', 'urls', 'crl', 'tidy']; - if (!section || !sections.includes(section)) { - const error = new AdapterError(); - set(error, 'httpStatus', 404); - throw error; - } - return this[`fetch${capitalize(section)}`](backendPath); - }, - - id(backendPath) { - return backendPath + '-config-ca'; - }, - - fetchCert(backendPath) { - // these are all un-authed so using `fetch` directly works - const derURL = `/v1/${backendPath}/ca`; - const pemURL = `${derURL}/pem`; - const chainURL = `${derURL}_chain`; - - return hash({ - backend: backendPath, - id: this.id(backendPath), - der: this.rawRequest(derURL, 'GET', { unauthenticated: true }).then((response) => response.blob()), - pem: this.rawRequest(pemURL, 'GET', { unauthenticated: true }).then((response) => response.text()), - ca_chain: this.rawRequest(chainURL, 'GET', { unauthenticated: true }).then((response) => - response.text() - ), - }); - }, - - fetchUrls(backendPath) { - const url = `/v1/${backendPath}/config/urls`; - const id = this.id(backendPath); - return this.ajax(url, 'GET') - .then((resp) => { - resp.id = id; - resp.backend = backendPath; - return resp; - }) - .catch((e) => { - if (e.httpStatus === 404) { - return resolve({ id }); - } else { - throw e; - } - }); - }, - - fetchCrl(backendPath) { - const url = `/v1/${backendPath}/config/crl`; - const id = this.id(backendPath); - return this.ajax(url, 'GET') - .then((resp) => { - resp.id = id; - resp.backend = backendPath; - return resp; - }) - .catch((e) => { - if (e.httpStatus === 404) { - return { id }; - } else { - throw e; - } - }); - }, - - fetchTidy(backendPath) { - const id = this.id(backendPath); - return resolve({ id, backend: backendPath }); - }, - - queryRecord(store, type, query) { - const { backend, section } = query; - return this.fetchSection(backend, section).then((resp) => { - resp.backend = backend; - return resp; - }); - }, -}); diff --git a/ui/app/adapters/pki/pki-role.js b/ui/app/adapters/pki/pki-role.js deleted file mode 100644 index 4aba01177..000000000 --- a/ui/app/adapters/pki/pki-role.js +++ /dev/null @@ -1,75 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { assign } from '@ember/polyfills'; -import ApplicationAdapter from '../application'; -import { encodePath } from 'vault/utils/path-encoding-helpers'; - -export default ApplicationAdapter.extend({ - namespace: 'v1', - - createOrUpdate(store, type, snapshot, requestType) { - const { name, backend } = snapshot.record; - const serializer = store.serializerFor(type.modelName); - const data = serializer.serialize(snapshot, requestType); - const url = this.urlForRole(backend, name); - - return this.ajax(url, 'POST', { data }); - }, - - createRecord() { - return this.createOrUpdate(...arguments); - }, - - updateRecord() { - return this.createOrUpdate(...arguments, 'update'); - }, - - deleteRecord(store, type, snapshot) { - const { id } = snapshot; - return this.ajax(this.urlForRole(snapshot.record.get('backend'), id), 'DELETE'); - }, - - pathForType() { - return 'roles'; - }, - - urlForRole(backend, id) { - let url = `${this.buildURL()}/${encodePath(backend)}/roles`; - if (id) { - url = url + '/' + encodePath(id); - } - return url; - }, - - optionsForQuery(id) { - const data = {}; - if (!id) { - data['list'] = true; - } - return { data }; - }, - - fetchByQuery(store, query) { - const { id, backend } = query; - return this.ajax(this.urlForRole(backend, id), 'GET', this.optionsForQuery(id)).then((resp) => { - const data = { - id, - name: id, - backend, - }; - - return assign({}, resp, data); - }); - }, - - query(store, type, query) { - return this.fetchByQuery(store, query); - }, - - queryRecord(store, type, query) { - return this.fetchByQuery(store, query); - }, -}); diff --git a/ui/app/app.js b/ui/app/app.js index da3e07a3e..c6289256f 100644 --- a/ui/app/app.js +++ b/ui/app/app.js @@ -68,7 +68,6 @@ export default class App extends Application { externalRoutes: { secrets: 'vault.cluster.secrets.backends', externalMountIssuer: 'vault.cluster.secrets.backend.pki.issuers.issuer.details', - secretsListRoot: 'vault.cluster.secrets.backend.list-root', secretsListRootConfiguration: 'vault.cluster.secrets.backend.configuration', }, }, diff --git a/ui/app/components/pki/config-pki-ca.js b/ui/app/components/pki/config-pki-ca.js deleted file mode 100644 index a9023784a..000000000 --- a/ui/app/components/pki/config-pki-ca.js +++ /dev/null @@ -1,190 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { inject as service } from '@ember/service'; -import { not } from '@ember/object/computed'; -import Component from '@ember/component'; -import { computed } from '@ember/object'; - -export default Component.extend({ - classNames: 'config-pki-ca', - store: service('store'), - flashMessages: service(), - errors: null, - - /* - * @param boolean - * @private - * bool that gets flipped if you have a CA cert and click the Replace Cert button - */ - replaceCA: false, - - /* - * @param boolean - * @private - * bool that gets flipped if you push the click the "Set signed intermediate" button - */ - setSignedIntermediate: false, - - /* - * @param boolean - * @private - * bool that gets flipped if you push the click the "Set signed intermediate" button - */ - signIntermediate: false, - - /* - * @param boolean - * @private - * - * true when there's no CA cert currently configured - */ - needsConfig: not('config.pem'), - - /* - * @param DS.Model - * @private - * - * a `pki-ca-certificate` model used to back the form when uploading or creating a CA cert - * created and set on `init`, and unloaded on willDestroy - * - */ - model: null, - - /* - * @param DS.Model - * @public - * - * a `pki-config` model - passed in in the component usage - * - */ - config: null, - - /* - * @param Function - * @public - * - * function that gets called to refresh the config model - * - */ - onRefresh() {}, - - loading: false, - - willDestroy() { - const ca = this.model; - if (ca && !ca.isDestroyed && !ca.isDestroying) { - ca.unloadRecord(); - } - this._super(...arguments); - }, - - createOrReplaceModel(modelType) { - const ca = this.model; - const config = this.config; - const store = this.store; - const backend = config.get('backend'); - if (ca) { - ca.unloadRecord(); - } - const caCert = store.createRecord(modelType || 'pki-ca-certificate', { - id: `${backend}-ca-cert`, - backend, - }); - this.set('model', caCert); - }, - - /* - * @private - * @returns array - * - * When a CA is configured, we let them download - * the CA in der, pem, and the CA Chain in pem (if one exists) - * - * This array provides the text and download hrefs for those links. - * - */ - downloadHrefs: computed('config', 'config.{backend,pem,caChain,der}', function () { - const config = this.config; - const { backend, pem, caChain, der } = config; - - if (!pem) { - return []; - } - - const pemFile = new Blob([pem], { type: 'text/plain' }); - const links = [ - { - display: 'Download CA Certificate in PEM format', - name: `${backend}_ca.pem`, - url: URL.createObjectURL(pemFile), - }, - { - display: 'Download CA Certificate in DER format', - name: `${backend}_ca.der`, - url: URL.createObjectURL(der), - }, - ]; - if (caChain) { - const caChainFile = new Blob([caChain], { type: 'text/plain' }); - links.push({ - display: 'Download CA Certificate Chain', - name: `${backend}_ca_chain.pem`, - url: URL.createObjectURL(caChainFile), - }); - } - return links; - }), - - actions: { - saveCA(method) { - this.set('loading', true); - const model = this.model; - const isUpload = this.model.uploadPemBundle; - model - .save({ adapterOptions: { method } }) - .then(() => { - if (method === 'setSignedIntermediate' || isUpload) { - this.send('refresh'); - this.flashMessages.success('The certificate for this backend has been updated.'); - } - }) - .catch((e) => { - this.set('errors', e.errors); - }) - .finally(() => { - this.set('loading', false); - }); - }, - refresh() { - this.setProperties({ - setSignedIntermediate: false, - signIntermediate: false, - replaceCA: false, - }); - this.onRefresh(); - }, - toggleReplaceCA() { - if (!this.replaceCA) { - this.createOrReplaceModel(); - } - this.toggleProperty('replaceCA'); - }, - toggleVal(name, val) { - if (!name) { - return; - } - const model = name === 'signIntermediate' ? 'pki-ca-certificate-sign' : null; - if (!this.get(name)) { - this.createOrReplaceModel(model); - } - if (val !== undefined) { - this.set(name, val); - } else { - this.toggleProperty(name); - } - }, - }, -}); diff --git a/ui/app/components/pki/config-pki.js b/ui/app/components/pki/config-pki.js deleted file mode 100644 index 0c3ef79ec..000000000 --- a/ui/app/components/pki/config-pki.js +++ /dev/null @@ -1,78 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { inject as service } from '@ember/service'; -import Component from '@ember/component'; -import { get } from '@ember/object'; - -export default Component.extend({ - classNames: 'config-pki', - flashMessages: service(), - errors: null, - /* - * - * @param String - * @public - * String corresponding to the route parameter for the current section - * - */ - - section: null, - - /* - * @param DS.Model - * @public - * - * a `pki-config` model - passed in in the component usage - * - */ - config: null, - - /* - * @param Function - * @public - * - * function that gets called to refresh the config model - * - */ - onRefresh() {}, - - loading: false, - - actions: { - handleCrlTtl({ enabled, goSafeTimeString }) { - this.config.disable = !enabled; // when TTL enabled, config disable=false - this.config.expiry = goSafeTimeString; - }, - save(section) { - this.set('loading', true); - const config = this.config; - config - .save({ - adapterOptions: { - method: section, - fields: get(config, `${section}Attrs`).map((attr) => attr.name), - }, - }) - .then(() => { - this.flashMessages.success(`The ${section} config for this backend has been updated.`); - // attrs aren't persistent for Tidy - if (section === 'tidy') { - config.rollbackAttributes(); - } - this.send('refresh'); - }) - .catch((e) => { - this.set('errors', e.errors); - }) - .finally(() => { - this.set('loading', false); - }); - }, - refresh() { - this.onRefresh(); - }, - }, -}); diff --git a/ui/app/components/pki/pki-cert-popup.js b/ui/app/components/pki/pki-cert-popup.js deleted file mode 100644 index b3ed039aa..000000000 --- a/ui/app/components/pki/pki-cert-popup.js +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Component from '@glimmer/component'; -import { action } from '@ember/object'; - -/** - * @module PkiCertPopup - * PkiCertPopup component is the hotdog menu button that allows you to see details or revoke a certificate. - * - * @example - * ```js - * - * ``` - * @param {class} item - the PKI cert in question. - */ - -export default class PkiCertPopup extends Component { - get item() { - return this.args.item || null; - } - - @action - delete(item) { - item.save({ adapterOptions: { method: 'revoke' } }); - } -} diff --git a/ui/app/components/pki/pki-cert-show.js b/ui/app/components/pki/pki-cert-show.js deleted file mode 100644 index da0e0a14f..000000000 --- a/ui/app/components/pki/pki-cert-show.js +++ /dev/null @@ -1,14 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import RoleEdit from '../role-edit'; - -export default RoleEdit.extend({ - actions: { - delete() { - this.model.save({ adapterOptions: { method: 'revoke' } }); - }, - }, -}); diff --git a/ui/app/components/pki/role-pki-edit.js b/ui/app/components/pki/role-pki-edit.js deleted file mode 100644 index 53e31524d..000000000 --- a/ui/app/components/pki/role-pki-edit.js +++ /dev/null @@ -1,13 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import RoleEdit from '../role-edit'; - -export default RoleEdit.extend({ - init() { - this._super(...arguments); - this.set('backendType', 'pki'); - }, -}); diff --git a/ui/app/helpers/mountable-secret-engines.js b/ui/app/helpers/mountable-secret-engines.js index 33f1228fe..143790701 100644 --- a/ui/app/helpers/mountable-secret-engines.js +++ b/ui/app/helpers/mountable-secret-engines.js @@ -87,7 +87,7 @@ const MOUNTABLE_SECRET_ENGINES = [ { displayName: 'PKI Certificates', type: 'pki', - // engineRoute: 'pki.overview', // TODO VAULT-13822 + engineRoute: 'pki.overview', category: 'generic', }, { diff --git a/ui/app/models/pki-ca-certificate-sign.js b/ui/app/models/pki-ca-certificate-sign.js deleted file mode 100644 index 3f5e9b8d6..000000000 --- a/ui/app/models/pki-ca-certificate-sign.js +++ /dev/null @@ -1,80 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { attr } from '@ember-data/model'; -import { copy } from 'ember-copy'; -import { computed } from '@ember/object'; -import Certificate from './pki-certificate-sign'; - -export default Certificate.extend({ - backend: attr('string', { - readOnly: true, - }), - useCsrValues: attr('boolean', { - defaultValue: false, - label: 'Use CSR values', - }), - maxPathLength: attr('number', { - defaultValue: -1, - }), - permittedDnsDomains: attr('string', { - label: 'Permitted DNS domains', - }), - ou: attr({ - label: 'OU (OrganizationalUnit)', - editType: 'stringArray', - }), - organization: attr({ - editType: 'stringArray', - }), - country: attr({ - editType: 'stringArray', - }), - locality: attr({ - editType: 'stringArray', - label: 'Locality/City', - }), - province: attr({ - editType: 'stringArray', - label: 'Province/State', - }), - streetAddress: attr({ - editType: 'stringArray', - }), - postalCode: attr({ - editType: 'stringArray', - }), - - fieldGroups: computed('useCsrValues', function () { - const options = [ - { - Options: [ - 'altNames', - 'ipSans', - 'ttl', - 'excludeCnFromSans', - 'maxPathLength', - 'permittedDnsDomains', - 'ou', - 'organization', - 'otherSans', - ], - }, - { - 'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'], - }, - ]; - let groups = [ - { - default: ['csr', 'commonName', 'format', 'useCsrValues'], - }, - ]; - if (this.useCsrValues === false) { - groups = groups.concat(options); - } - - return this.fieldsToAttrs(copy(groups, true)); - }), -}); diff --git a/ui/app/models/pki-ca-certificate.js b/ui/app/models/pki-ca-certificate.js deleted file mode 100644 index 78a34df8f..000000000 --- a/ui/app/models/pki-ca-certificate.js +++ /dev/null @@ -1,157 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { attr } from '@ember-data/model'; -import { computed } from '@ember/object'; -import Certificate from './pki/cert'; - -export default Certificate.extend({ - DISPLAY_FIELDS: computed(function () { - return [ - 'csr', - 'certificate', - 'commonName', - 'issueDate', - 'expiryDate', - 'issuingCa', - 'caChain', - 'privateKey', - 'privateKeyType', - 'serialNumber', - ]; - }), - addBasicConstraints: attr('boolean', { - label: 'Add a Basic Constraints extension with CA: true', - helpText: - 'Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services', - }), - backend: attr('string', { - readOnly: true, - }), - canParse: attr('boolean'), - caType: attr('string', { - possibleValues: ['root', 'intermediate'], - defaultValue: 'root', - label: 'CA Type', - readOnly: true, - }), - commonName: attr('string'), - csr: attr('string', { - editType: 'textarea', - label: 'CSR', - masked: true, - }), - expiryDate: attr('string', { - label: 'Expiration date', - }), - issueDate: attr('string'), - keyBits: attr('number', { - defaultValue: 2048, - }), - keyType: attr('string', { - possibleValues: ['rsa', 'ec', 'ed25519'], - defaultValue: 'rsa', - }), - maxPathLength: attr('number', { - defaultValue: -1, - }), - organization: attr({ - editType: 'stringArray', - }), - ou: attr({ - label: 'OU (OrganizationalUnit)', - editType: 'stringArray', - }), - pemBundle: attr('string', { - label: 'PEM bundle', - editType: 'file', - }), - permittedDnsDomains: attr('string', { - label: 'Permitted DNS domains', - }), - privateKeyFormat: attr('string', { - possibleValues: ['', 'der', 'pem', 'pkcs8'], - defaultValue: '', - }), - type: attr('string', { - possibleValues: ['internal', 'exported'], - defaultValue: 'internal', - }), - uploadPemBundle: attr('boolean', { - label: 'Upload PEM bundle', - readOnly: true, - }), - - // address attrs - country: attr({ - editType: 'stringArray', - }), - locality: attr({ - editType: 'stringArray', - label: 'Locality/City', - }), - streetAddress: attr({ - editType: 'stringArray', - }), - postalCode: attr({ - editType: 'stringArray', - }), - province: attr({ - editType: 'stringArray', - label: 'Province/State', - }), - - fieldDefinition: computed('caType', 'uploadPemBundle', function () { - const type = this.caType; - const isUpload = this.uploadPemBundle; - const groups = [{ default: ['caType', 'uploadPemBundle'] }]; - if (isUpload) { - groups[0].default.push('pemBundle'); - } else { - groups[0].default.push('type', 'commonName'); - if (type === 'root') { - groups.push({ - Options: [ - 'altNames', - 'ipSans', - 'ttl', - 'format', - 'privateKeyFormat', - 'keyType', - 'keyBits', - 'maxPathLength', - 'permittedDnsDomains', - 'excludeCnFromSans', - 'ou', - 'organization', - 'otherSans', - ], - }); - } - if (type === 'intermediate') { - groups.push({ - Options: [ - 'altNames', - 'ipSans', - 'format', - 'privateKeyFormat', - 'keyType', - 'keyBits', - 'excludeCnFromSans', - 'addBasicConstraints', - 'ou', - 'organization', - 'otherSans', - ], - }); - } - } - groups.push({ - 'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'], - }); - - return groups; - }), -}); diff --git a/ui/app/models/pki-certificate-sign.js b/ui/app/models/pki-certificate-sign.js deleted file mode 100644 index 14c0563d3..000000000 --- a/ui/app/models/pki-certificate-sign.js +++ /dev/null @@ -1,39 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { attr } from '@ember-data/model'; -import { copy } from 'ember-copy'; -import { computed } from '@ember/object'; -import Certificate from './pki/cert'; -import { combineFieldGroups } from 'vault/utils/openapi-to-attrs'; - -export default Certificate.extend({ - signVerbatim: attr('boolean', { - readOnly: true, - defaultValue: false, - }), - useOpenAPI: true, - csr: attr('string', { - label: 'Certificate Signing Request (CSR)', - editType: 'textarea', - }), - - fieldGroups: computed('newFields', 'signVerbatim', function () { - const options = { Options: ['altNames', 'ipSans', 'ttl', 'excludeCnFromSans', 'otherSans'] }; - let groups = [ - { - default: ['csr', 'commonName', 'format', 'signVerbatim'], - }, - ]; - if (this.newFields) { - groups = combineFieldGroups(groups, this.newFields, []); - } - if (this.signVerbatim === false) { - groups.push(options); - } - - return this.fieldsToAttrs(copy(groups, true)); - }), -}); diff --git a/ui/app/models/pki/about-pki-naming.md b/ui/app/models/pki/about-pki-naming.md deleted file mode 100644 index dd999d12a..000000000 --- a/ui/app/models/pki/about-pki-naming.md +++ /dev/null @@ -1,30 +0,0 @@ -# PKI filenames - -> delete this file when PKI redesign is complete - -Now that all things PKI live in a `/pki` folder we are removing `pki` from the filename in any newly created files for the pki redesign (ex. 'role.js' instead of 'pki-role.js'). Aside from `cert.js` all of the old pki files are prepended with `pki-` - -Old files: - -├── models/ -│   ├── pki/ -│   │   ├── cert.js -│   │   ├── pki-config.js -│   │   ├── pki-role.js -│   ├── pki-ca-certificate-sign.js -│   ├── pki-ca-certificate.js -│   ├── pki-certificate-sign.js -├── serializers/ -│   ├── pki/ -│   │   ├── cert.js -│   │   ├── pki-config.js -│   │   ├── pki-role.js -├── adapters/ -│   ├── pki/ -│   │   ├── cert.js -│   │   ├── pki-config.js -│   │   ├── pki-role.js -│   ├── pki-ca-certificate-sign.js -│   ├── pki-ca-certificate.js -│   ├── pki-certificate-sign.js -│   ├── pki.js diff --git a/ui/app/models/pki/cert.js b/ui/app/models/pki/cert.js deleted file mode 100644 index 920b9fa8b..000000000 --- a/ui/app/models/pki/cert.js +++ /dev/null @@ -1,139 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Model, { attr } from '@ember-data/model'; -import { alias } from '@ember/object/computed'; -import { computed } from '@ember/object'; -import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; -import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs'; - -export default Model.extend({ - idPrefix: 'cert/', - //the id prefixed with `cert/` so we can use it as the *secret param for the secret show route - idForNav: attr('string', { - readOnly: true, - }), - DISPLAY_FIELDS: computed(function () { - return [ - 'certificate', - 'commonName', - 'issuingCa', - 'caChain', - 'privateKey', - 'privateKeyType', - 'revocationTime', - 'issueDate', - 'expiryDate', - 'serialNumber', - ]; - }), - - altNames: attr('string', { - label: 'DNS/Email Subject Alternative Names (SANs)', - }), - backend: attr('string', { - readOnly: true, - }), - caChain: attr('string', { - label: 'CA chain', - masked: true, - }), - canParse: attr('boolean'), - certificate: attr('string', { - masked: true, - }), - commonName: attr('string'), - excludeCnFromSans: attr('boolean', { - label: 'Exclude Common Name from Subject Alternative Names (SANs)', - defaultValue: false, - }), - expiryDate: attr('string', { - label: 'Expiration date', - }), - format: attr('string', { - defaultValue: 'pem', - possibleValues: ['pem', 'der', 'pem_bundle'], - }), - ipSans: attr('string', { - label: 'IP Subject Alternative Names (SANs)', - }), - issueDate: attr('string'), - issuingCa: attr('string', { - label: 'Issuing CA', - masked: true, - }), - otherSans: attr({ - editType: 'stringArray', - label: 'Other SANs', - helpText: - 'The format is the same as OpenSSL: ;: where the only current valid type is UTF8', - }), - privateKey: attr('string', { - masked: true, - }), - privateKeyType: attr('string'), - revocationTime: attr('number'), - role: attr('object', { - readOnly: true, - }), - serialNumber: attr('string'), - ttl: attr({ - label: 'TTL', - editType: 'ttl', - }), - - fieldsToAttrs(fieldGroups) { - return fieldToAttrs(this, fieldGroups); - }, - - fieldDefinition: computed(function () { - const groups = [ - { default: ['commonName', 'format'] }, - { Options: ['altNames', 'ipSans', 'ttl', 'excludeCnFromSans', 'otherSans'] }, - ]; - return groups; - }), - - fieldGroups: computed('fieldDefinition', function () { - return this.fieldsToAttrs(this.fieldDefinition); - }), - - attrs: computed('DISPLAY_FIELDS', 'certificate', 'csr', function () { - const keys = this.certificate || this.csr ? this.DISPLAY_FIELDS.slice(0) : []; - return expandAttributeMeta(this, keys); - }), - - toCreds: computed( - 'certificate', - 'issuingCa', - 'caChain', - 'privateKey', - 'privateKeyType', - 'revocationTime', - 'serialNumber', - function () { - const props = { - certificate: this.certificate, - issuingCa: this.issuingCa, - caChain: this.caChain, - privateKey: this.privateKey, - privateKeyType: this.privateKeyType, - revocationTime: this.revocationTime, - serialNumber: this.serialNumber, - }; - const propsWithVals = Object.keys(props).reduce((ret, prop) => { - if (props[prop]) { - ret[prop] = props[prop]; - return ret; - } - return ret; - }, {}); - return JSON.stringify(propsWithVals, null, 2); - } - ), - - revokePath: lazyCapabilities(apiPath`${'backend'}/revoke`, 'backend'), - canRevoke: alias('revokePath.canUpdate'), -}); diff --git a/ui/app/models/pki/pki-config.js b/ui/app/models/pki/pki-config.js deleted file mode 100644 index 6070e97e4..000000000 --- a/ui/app/models/pki/pki-config.js +++ /dev/null @@ -1,61 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Model, { attr } from '@ember-data/model'; -import { computed } from '@ember/object'; -import { expandAttributeMeta } from 'vault/utils/field-to-attrs'; - -export default Model.extend({ - backend: attr('string'), - der: attr(), - pem: attr('string'), - caChain: attr('string'), - attrList(keys) { - return expandAttributeMeta(this, keys); - }, - - //urls - urlsAttrs: computed(function () { - const keys = ['issuingCertificates', 'crlDistributionPoints', 'ocspServers']; - return this.attrList(keys); - }), - issuingCertificates: attr({ - editType: 'stringArray', - }), - crlDistributionPoints: attr({ - label: 'CRL Distribution Points', - editType: 'stringArray', - }), - ocspServers: attr({ - label: 'OCSP Servers', - editType: 'stringArray', - }), - - //tidy - tidyAttrs: computed(function () { - const keys = ['tidyCertStore', 'tidyRevocationList', 'safetyBuffer']; - return this.attrList(keys); - }), - tidyCertStore: attr('boolean', { - defaultValue: false, - label: 'Tidy the Certificate Store', - }), - tidyRevocationList: attr('boolean', { - defaultValue: false, - label: 'Tidy the Revocation List (CRL)', - }), - safetyBuffer: attr({ - defaultValue: '72h', - editType: 'ttl', - }), - - crlAttrs: computed(function () { - const keys = ['expiry', 'disable']; - return this.attrList(keys); - }), - //crl - expiry: attr('string', { defaultValue: '72h' }), - disable: attr('boolean', { defaultValue: false }), -}); diff --git a/ui/app/models/pki/pki-role.js b/ui/app/models/pki/pki-role.js deleted file mode 100644 index 8d9a11832..000000000 --- a/ui/app/models/pki/pki-role.js +++ /dev/null @@ -1,92 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Model, { attr } from '@ember-data/model'; -import { alias } from '@ember/object/computed'; -import { computed } from '@ember/object'; -import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; -import fieldToAttrs from 'vault/utils/field-to-attrs'; -import { combineFieldGroups } from 'vault/utils/openapi-to-attrs'; - -export default Model.extend({ - backend: attr('string', { - readOnly: true, - }), - name: attr('string', { - label: 'Role name', - fieldValue: 'name', - readOnly: true, - }), - useOpenAPI: true, - getHelpUrl: function (backend) { - return `/v1/${backend}/roles/example?help=1`; - }, - updatePath: lazyCapabilities(apiPath`${'backend'}/roles/${'id'}`, 'backend', 'id'), - canDelete: alias('updatePath.canDelete'), - canEdit: alias('updatePath.canUpdate'), - canRead: alias('updatePath.canRead'), - - generatePath: lazyCapabilities(apiPath`${'backend'}/issue/${'id'}`, 'backend', 'id'), - canGenerate: alias('generatePath.canUpdate'), - - signPath: lazyCapabilities(apiPath`${'backend'}/sign/${'id'}`, 'backend', 'id'), - canSign: alias('signPath.canUpdate'), - - signVerbatimPath: lazyCapabilities(apiPath`${'backend'}/sign-verbatim/${'id'}`, 'backend', 'id'), - canSignVerbatim: alias('signVerbatimPath.canUpdate'), - - fieldGroups: computed('newFields', function () { - let groups = [ - { default: ['name', 'keyType'] }, - { - Options: [ - 'keyBits', - 'ttl', - 'maxTtl', - 'allowAnyName', - 'enforceHostnames', - 'allowIpSans', - 'requireCn', - 'useCsrCommonName', - 'useCsrSans', - 'ou', - 'organization', - 'keyUsage', - 'allowedOtherSans', - 'notBeforeDuration', - ], - }, - { - 'Address Options': ['country', 'locality', 'province', 'streetAddress', 'postalCode'], - }, - { - 'Domain Handling': [ - 'allowLocalhost', - 'allowBareDomains', - 'allowSubdomains', - 'allowGlobDomains', - 'allowedDomains', - ], - }, - { - 'Extended Key Usage': [ - 'serverFlag', - 'clientFlag', - 'codeSigningFlag', - 'emailProtectionFlag', - 'extKeyUsageOids', - ], - }, - { - Advanced: ['generateLease', 'noStore', 'basicConstraintsValidForNonCa', 'policyIdentifiers'], - }, - ]; - const excludedFields = ['extKeyUsage']; - if (this.newFields) { - groups = combineFieldGroups(groups, this.newFields, excludedFields); - } - return fieldToAttrs(this, groups); - }), -}); diff --git a/ui/app/routes/vault/cluster/settings/configure-secret-backend.js b/ui/app/routes/vault/cluster/settings/configure-secret-backend.js index 5ed19570b..e7ceeb2f7 100644 --- a/ui/app/routes/vault/cluster/settings/configure-secret-backend.js +++ b/ui/app/routes/vault/cluster/settings/configure-secret-backend.js @@ -7,7 +7,7 @@ import AdapterError from '@ember-data/adapter/error'; import { set } from '@ember/object'; import Route from '@ember/routing/route'; import { inject as service } from '@ember/service'; -const CONFIGURABLE_BACKEND_TYPES = ['aws', 'ssh', 'pki']; +const CONFIGURABLE_BACKEND_TYPES = ['aws', 'ssh']; export default Route.extend({ store: service(), @@ -32,15 +32,9 @@ export default Route.extend({ }); }, - afterModel(model, transition) { + afterModel(model) { const type = model.get('type'); - if (type === 'pki') { - if (transition.targetName === this.routeName) { - return this.transitionTo(`${this.routeName}.section`, 'cert'); - } else { - return; - } - } + if (type === 'aws') { return this.store .queryRecord('secret-engine', { diff --git a/ui/app/routes/vault/cluster/settings/configure-secret-backend/index.js b/ui/app/routes/vault/cluster/settings/configure-secret-backend/index.js deleted file mode 100644 index adca40347..000000000 --- a/ui/app/routes/vault/cluster/settings/configure-secret-backend/index.js +++ /dev/null @@ -1,15 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import Route from '@ember/routing/route'; - -export default Route.extend({ - beforeModel(transition) { - const type = this.modelFor('vault.cluster.settings.configure-secret-backend').get('type'); - if (type === 'pki' && transition.targetName === this.routeName) { - return this.transitionTo('vault.cluster.settings.configure-secret-backend.section', 'cert'); - } - }, -}); diff --git a/ui/app/routes/vault/cluster/settings/configure-secret-backend/section.js b/ui/app/routes/vault/cluster/settings/configure-secret-backend/section.js deleted file mode 100644 index 5e0798516..000000000 --- a/ui/app/routes/vault/cluster/settings/configure-secret-backend/section.js +++ /dev/null @@ -1,59 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import AdapterError from '@ember-data/adapter/error'; -import { set } from '@ember/object'; -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -// ARG TODO glimmerize -const SECTIONS_FOR_TYPE = { - pki: ['cert', 'urls', 'crl', 'tidy'], -}; - -export default Route.extend({ - store: service(), - - fetchModel() { - const { section_name: sectionName } = this.paramsFor(this.routeName); - const backendModel = this.modelFor('vault.cluster.settings.configure-secret-backend'); - const type = backendModel.get('type'); - let modelType; - if (type === 'pki') { - // pki models are in models/pki - modelType = `${type}/${type}-config`; - } else { - modelType = `${type}-config`; - } - return this.store - .queryRecord(modelType, { - backend: backendModel.id, - section: sectionName, - }) - .then((model) => { - model.set('backendType', type); - model.set('section', sectionName); - return model; - }); - }, - - model(params) { - const { section_name: sectionName } = params; - const backendModel = this.modelFor('vault.cluster.settings.configure-secret-backend'); - const sections = SECTIONS_FOR_TYPE[backendModel.get('type')]; - const hasSection = sections.includes(sectionName); - if (!backendModel || !hasSection) { - const error = new AdapterError(); - set(error, 'httpStatus', 404); - throw error; - } - return this.fetchModel(); - }, - - setupController(controller) { - this._super(...arguments); - controller.set('onRefresh', () => this.fetchModel()); - }, -}); diff --git a/ui/app/serializers/pki/cert.js b/ui/app/serializers/pki/cert.js deleted file mode 100644 index 289b697cf..000000000 --- a/ui/app/serializers/pki/cert.js +++ /dev/null @@ -1,77 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import RESTSerializer from '@ember-data/serializer/rest'; -import { isNone, isBlank } from '@ember/utils'; -import { assign } from '@ember/polyfills'; -import { decamelize } from '@ember/string'; -import { parsePkiCert } from 'vault/utils/parse-pki-cert'; - -export default RESTSerializer.extend({ - keyForAttribute: function (attr) { - return decamelize(attr); - }, - - pushPayload(store, payload) { - const transformedPayload = this.normalizeResponse( - store, - store.modelFor(payload.modelName), - payload, - payload.id, - 'findRecord' - ); - return store.push(transformedPayload); - }, - - normalizeItems(payload) { - if (payload.data && payload.data.keys && Array.isArray(payload.data.keys)) { - const ret = payload.data.keys.map((key) => { - const model = { - id_for_nav: `cert/${key}`, - id: key, - }; - if (payload.backend) { - model.backend = payload.backend; - } - return model; - }); - return ret; - } - assign(payload, payload.data); - delete payload.data; - return payload; - }, - - normalizeResponse(store, primaryModelClass, payload, id, requestType) { - const responseJSON = this.normalizeItems(payload); - const { modelName } = primaryModelClass; - let transformedPayload, certMetadata; - // hits cert/list endpoint first which returns an array of keys, only want to parse if response contains certificates - if (!Array.isArray(responseJSON)) { - certMetadata = parsePkiCert(responseJSON); - transformedPayload = { [modelName]: { ...certMetadata, ...responseJSON } }; - } else { - transformedPayload = { [modelName]: responseJSON }; - } - return this._super(store, primaryModelClass, transformedPayload, id, requestType); - }, - - serializeAttribute(snapshot, json, key, attributes) { - const val = snapshot.attr(key); - const valHasNotChanged = isNone(snapshot.changedAttributes()[key]); - const valIsBlank = isBlank(val); - if (attributes.options.readOnly) { - return; - } - if (attributes.type === 'object' && val && Object.keys(val).length > 0 && valHasNotChanged) { - return; - } - if (valIsBlank && valHasNotChanged) { - return; - } - - this._super(snapshot, json, key, attributes); - }, -}); diff --git a/ui/app/serializers/pki/pki-config.js b/ui/app/serializers/pki/pki-config.js deleted file mode 100644 index 4d615922a..000000000 --- a/ui/app/serializers/pki/pki-config.js +++ /dev/null @@ -1,34 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import RESTSerializer from '@ember-data/serializer/rest'; -import { assign } from '@ember/polyfills'; -import { decamelize } from '@ember/string'; - -export default RESTSerializer.extend({ - keyForAttribute: function (attr) { - return decamelize(attr); - }, - - normalizeAll(payload) { - if (payload.data) { - const data = assign({}, payload, payload.data); - return [data]; - } - return [payload]; - }, - - normalizeResponse(store, primaryModelClass, payload, id, requestType) { - const records = this.normalizeAll(payload); - const { modelName } = primaryModelClass; - let transformedPayload = { [modelName]: records }; - // just return the single object because ember is picky - if (requestType === 'queryRecord') { - transformedPayload = { [modelName]: records[0] }; - } - - return this._super(store, primaryModelClass, transformedPayload, id, requestType); - }, -}); diff --git a/ui/app/serializers/pki/pki-role.js b/ui/app/serializers/pki/pki-role.js deleted file mode 100644 index dd5f81ba6..000000000 --- a/ui/app/serializers/pki/pki-role.js +++ /dev/null @@ -1,8 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import RoleSerializer from '../role'; - -export default RoleSerializer.extend(); diff --git a/ui/app/styles/core/tags.scss b/ui/app/styles/core/tags.scss index d0221fa00..ff24a34dd 100644 --- a/ui/app/styles/core/tags.scss +++ b/ui/app/styles/core/tags.scss @@ -24,11 +24,6 @@ width: 12px; } - &.is-success { - background-color: $green-050; - color: $green-700; - } - &.has-extra-padding { padding: $size-11 $spacing-xxs; } diff --git a/ui/app/templates/components/pki/config-pki.hbs b/ui/app/templates/components/pki/config-pki.hbs deleted file mode 100644 index 50eb0a182..000000000 --- a/ui/app/templates/components/pki/config-pki.hbs +++ /dev/null @@ -1,46 +0,0 @@ - - -{{#if (eq this.section "tidy")}} -

- You can tidy up the backend storage and/or CRL by removing certificates that have expired and are past a certain buffer - period beyond their expiration time. -

-{{else if (eq this.section "crl")}} -

- Certificate Revocation List (CRL) config -

-

- Set the duration for which the generated CRL should be marked valid. -

-{{/if}} - - -
- {{#if (eq this.section "crl")}} - - {{else}} - {{#each (get this.config (concat this.section "Attrs")) as |attr|}} - - {{/each}} - {{/if}} -
-
- -
-
- \ No newline at end of file diff --git a/ui/app/templates/components/pki/configure-pki-secret.hbs b/ui/app/templates/components/pki/configure-pki-secret.hbs deleted file mode 100644 index 17008d88e..000000000 --- a/ui/app/templates/components/pki/configure-pki-secret.hbs +++ /dev/null @@ -1,19 +0,0 @@ -
- -
\ No newline at end of file diff --git a/ui/app/templates/components/pki/pki-cert-popup.hbs b/ui/app/templates/components/pki/pki-cert-popup.hbs deleted file mode 100644 index 1c2d400fc..000000000 --- a/ui/app/templates/components/pki/pki-cert-popup.hbs +++ /dev/null @@ -1,25 +0,0 @@ - - - \ No newline at end of file diff --git a/ui/app/templates/components/pki/pki-cert-show.hbs b/ui/app/templates/components/pki/pki-cert-show.hbs deleted file mode 100644 index d08e2732d..000000000 --- a/ui/app/templates/components/pki/pki-cert-show.hbs +++ /dev/null @@ -1,94 +0,0 @@ - - - - - -

- PKI Certificate -

-
-
-{{#if (eq this.model.canParse false)}} - -{{/if}} -
- - {{#each this.model.attrs as |attr|}} - {{#if (eq attr.type "object")}} - - {{else}} - {{#if (and attr.options.masked (get this.model attr.name))}} - - - - {{else if (and (get this.model attr.name) (or (eq attr.name "issueDate") (eq attr.name "expiryDate")))}} - - {{else if (eq attr.name "revocationTime")}} - - {{else}} - - {{/if}} - {{/if}} - {{/each}} -
- -
-
-
- - Copy credentials - -
-
- - Back - -
-
- {{#if (and (not this.model.revocationTime) this.model.canRevoke)}} - - Revoke - - {{/if}} -
\ No newline at end of file diff --git a/ui/app/templates/components/pki/role-pki-edit.hbs b/ui/app/templates/components/pki/role-pki-edit.hbs deleted file mode 100644 index 97ca816cc..000000000 --- a/ui/app/templates/components/pki/role-pki-edit.hbs +++ /dev/null @@ -1,113 +0,0 @@ - - - - - -

- {{#if (eq this.mode "create")}} - Create a PKI Role - {{else if (eq this.mode "edit")}} - Edit PKI Role - {{else}} - PKI Role - {{this.model.id}} - {{/if}} -

-
-
- -{{#if (eq this.mode "show")}} - - - {{#if this.model.canDelete}} - - Delete role - -
- {{/if}} - {{#if this.model.canGenerate}} - - Generate Certificate - - {{/if}} - {{#if this.model.canSign}} - - Sign Certificate - - {{/if}} - {{#if this.model.canEdit}} - - Edit role - - {{/if}} -
-
-{{/if}} -{{#if (or (eq this.mode "edit") (eq this.mode "create"))}} -
-
- - - -
-
-
- - - Cancel - -
-
-
-{{else}} -
- {{#each this.model.fieldGroups as |fieldGroup|}} - {{#each-in fieldGroup as |group fields|}} - {{#if (or (eq group "default") (eq group "Options"))}} - {{#each fields as |attr|}} - - {{/each}} - {{else}} -
-

- {{group}} -

- {{#each fields as |attr|}} - - {{/each}} -
- {{/if}} - {{/each-in}} - {{/each}} -
-{{/if}} \ No newline at end of file diff --git a/ui/app/templates/components/secret-list/pki-cert-item.hbs b/ui/app/templates/components/secret-list/pki-cert-item.hbs deleted file mode 100644 index a7e674533..000000000 --- a/ui/app/templates/components/secret-list/pki-cert-item.hbs +++ /dev/null @@ -1,24 +0,0 @@ - -
-
- - -
- {{if (eq @item.id " ") "(self)" (or @item.keyWithoutParent @item.id)}} -
-
-
-
- -
-
-
\ No newline at end of file diff --git a/ui/app/templates/components/secret-list/pki-role-item.hbs b/ui/app/templates/components/secret-list/pki-role-item.hbs deleted file mode 100644 index b2bdd241e..000000000 --- a/ui/app/templates/components/secret-list/pki-role-item.hbs +++ /dev/null @@ -1,101 +0,0 @@ - -
-
- - -
- {{if (eq @item.id " ") "(self)" (or @item.keyWithoutParent @item.id)}} -
-
-
-
- - - - - -
-
-
\ No newline at end of file diff --git a/ui/app/templates/vault/cluster/settings/configure-secret-backend.hbs b/ui/app/templates/vault/cluster/settings/configure-secret-backend.hbs index 803d16e2d..64f1faf17 100644 --- a/ui/app/templates/vault/cluster/settings/configure-secret-backend.hbs +++ b/ui/app/templates/vault/cluster/settings/configure-secret-backend.hbs @@ -35,8 +35,6 @@ @saveAWSRoot={{action "save" "saveAWSRoot"}} @saveAWSLease={{action "save" "saveAWSLease"}} /> -{{else if (eq this.model.type "pki")}} - {{else if (eq this.model.type "ssh")}} - {{else}} - - {{/if}} -{{/if}} \ No newline at end of file diff --git a/ui/app/utils/parse-pki-cert.js b/ui/app/utils/parse-pki-cert.js index 072f3911a..54dd8609e 100644 --- a/ui/app/utils/parse-pki-cert.js +++ b/ui/app/utils/parse-pki-cert.js @@ -64,8 +64,6 @@ export function parseCertificate(certificateContent) { return { ...parsedCertificateValues, can_parse: true, - expiry_date: expiryDate, // remove along with old PKI work - issue_date: issueDate, // remove along with old PKI work not_valid_after: getUnixTime(expiryDate), not_valid_before: getUnixTime(issueDate), ttl, diff --git a/ui/lib/core/addon/components/secret-list-header.hbs b/ui/lib/core/addon/components/secret-list-header.hbs index e92fb8e51..2204f55b9 100644 --- a/ui/lib/core/addon/components/secret-list-header.hbs +++ b/ui/lib/core/addon/components/secret-list-header.hbs @@ -25,93 +25,6 @@

{{@model.id}} - - {{#if this.isPki}} - {{#if @isEngine}} - - - - Return to old PKI - - - {{else}} - {{#if this.shouldHidePkiBetaModal}} - - - - New PKI UI available - - - {{else}} - - - -
- - -
-
- {{/if}} - {{/if}} - {{/if}} - {{#if this.isKV}} Version diff --git a/ui/lib/core/addon/components/secret-list-header.js b/ui/lib/core/addon/components/secret-list-header.js index 723b0e95e..ee839fe32 100644 --- a/ui/lib/core/addon/components/secret-list-header.js +++ b/ui/lib/core/addon/components/secret-list-header.js @@ -3,10 +3,6 @@ * SPDX-License-Identifier: MPL-2.0 */ -import { action } from '@ember/object'; -import { inject as service } from '@ember/service'; -import { tracked } from '@glimmer/tracking'; -import localStorage from 'vault/lib/local-storage'; import Component from '@glimmer/component'; /** @@ -32,36 +28,7 @@ import Component from '@glimmer/component'; */ export default class SecretListHeader extends Component { - @service router; - @tracked hidePkiBetaModal = false; - get isKV() { return ['kv', 'generic'].includes(this.args.model.engineType); } - - get isPki() { - return this.args.model.engineType === 'pki'; - } - - get shouldHidePkiBetaModal() { - return localStorage.getItem('hidePkiBetaModal'); - } - - get windowOrigin() { - return window.location.origin; - } - - @action - transitionToNewPki() { - this.router.transitionTo('vault.cluster.secrets.backend.pki.overview', this.args.model.id); - } - - @action - toggleHidePkiBetaModal() { - this.hidePkiBetaModal = !this.hidePkiBetaModal; - - this.hidePkiBetaModal - ? localStorage.setItem('hidePkiBetaModal', true) - : localStorage.removeItem('hidePkiBetaModal'); - } } diff --git a/ui/lib/core/addon/helpers/options-for-backend.js b/ui/lib/core/addon/helpers/options-for-backend.js index f4b781c2f..c1374ec2d 100644 --- a/ui/lib/core/addon/helpers/options-for-backend.js +++ b/ui/lib/core/addon/helpers/options-for-backend.js @@ -54,33 +54,6 @@ const SECRET_BACKENDS = { editComponent: 'role-aws-edit', listItemPartial: 'secret-list/aws-role-item', }, - pki: { - displayName: 'PKI', - navigateTree: false, - listItemPartial: 'secret-list/pki-role-item', - tabs: [ - { - name: 'roles', - label: 'Roles', - searchPlaceholder: 'Filter roles', - item: 'role', - create: 'Create role', - editComponent: 'pki/role-pki-edit', - }, - { - name: 'cert', - modelPrefix: 'cert/', - label: 'Certificates', - searchPlaceholder: 'Filter certificates', - item: 'certificate', - message: 'Issue a certificate from a role.', - create: 'Create role', - tab: 'cert', - listItemPartial: 'secret-list/pki-cert-item', - editComponent: 'pki/pki-cert-show', - }, - ], - }, ssh: { displayName: 'SSH', searchPlaceholder: 'Filter roles', diff --git a/ui/lib/pki/addon/engine.js b/ui/lib/pki/addon/engine.js index 928f39904..bd8af43cb 100644 --- a/ui/lib/pki/addon/engine.js +++ b/ui/lib/pki/addon/engine.js @@ -27,7 +27,7 @@ export default class PkiEngine extends Engine { 'store', 'version', ], - externalRoutes: ['secrets', 'secretsListRoot', 'secretsListRootConfiguration', 'externalMountIssuer'], + externalRoutes: ['secrets', 'secretsListRootConfiguration', 'externalMountIssuer'], }; } diff --git a/ui/tests/acceptance/secrets/backend/pki/cert-test.js b/ui/tests/acceptance/secrets/backend/pki/cert-test.js deleted file mode 100644 index 2948b557e..000000000 --- a/ui/tests/acceptance/secrets/backend/pki/cert-test.js +++ /dev/null @@ -1,105 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, currentURL, settled } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import editPage from 'vault/tests/pages/secrets/backend/pki/edit-role'; -import listPage from 'vault/tests/pages/secrets/backend/list'; -import generatePage from 'vault/tests/pages/secrets/backend/pki/generate-cert'; -import configPage from 'vault/tests/pages/settings/configure-secret-backends/pki/section-cert'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; -import authPage from 'vault/tests/pages/auth'; -import { SELECTORS } from 'vault/tests/helpers/pki'; -import { csr } from 'vault/tests/helpers/pki/values'; -import { v4 as uuidv4 } from 'uuid'; - -module('Acceptance | secrets/pki/list?tab=cert', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - return authPage.login(); - }); - // important for this comment to stay here otherwise the formatting mangles the CSR - // prettier-ignore - const CSR = csr; - - // mount, generate CA, nav to create role page - const setup = async (assert, action = 'issue') => { - const path = `pki-${uuidv4()}`; - const roleName = 'role'; - await enablePage.enable('pki', path); - await settled(); - await configPage.visit({ backend: path }).form.generateCA(); - await settled(); - await editPage.visitRoot({ backend: path }); - await settled(); - await editPage.createRole('role', 'example.com'); - await settled(); - await generatePage.visit({ backend: path, id: roleName, action }); - await settled(); - return path; - }; - - test('it issues a cert', async function (assert) { - assert.expect(10); - const mount = await setup(assert); - await settled(); - await generatePage.issueCert('foo'); - await settled(); - assert.strictEqual(currentURL(), `/vault/secrets/${mount}/credentials/role?action=issue`); - assert.dom(SELECTORS.certificate).exists('displays masked certificate'); - assert.dom(SELECTORS.commonName).exists('displays common name'); - assert.dom(SELECTORS.issueDate).exists('displays issue date'); - assert.dom(SELECTORS.expiryDate).exists('displays expiration date'); - assert.dom(SELECTORS.issuingCa).exists('displays masked issuing CA'); - assert.dom(SELECTORS.privateKey).exists('displays masked private key'); - assert.dom(SELECTORS.serialNumber).exists('displays serial number'); - assert.dom(SELECTORS.caChain).exists('displays the CA chain'); - - await generatePage.back(); - await settled(); - assert.notOk(generatePage.commonNameValue, 'the form is cleared'); - }); - - test('it signs a csr', async function (assert) { - assert.expect(4); - await setup(assert, 'sign'); - await settled(); - await generatePage.sign('common', CSR); - await settled(); - assert.ok(SELECTORS.certificate, 'displays masked certificate'); - assert.ok(SELECTORS.commonName, 'displays common name'); - assert.ok(SELECTORS.issuingCa, 'displays masked issuing CA'); - assert.ok(SELECTORS.serialNumber, 'displays serial number'); - }); - - test('it views a cert', async function (assert) { - assert.expect(12); - const path = await setup(assert); - await generatePage.issueCert('foo'); - await settled(); - await listPage.visitRoot({ backend: path, tab: 'cert' }); - await settled(); - assert.strictEqual(currentURL(), `/vault/secrets/${path}/list?tab=cert`); - assert.strictEqual(listPage.secrets.length, 2, 'lists certs'); - await listPage.secrets.objectAt(0).click(); - await settled(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.show', - 'navigates to the show page' - ); - assert.dom(SELECTORS.certificate).exists('displays masked certificate'); - assert.dom(SELECTORS.commonName).exists('displays common name'); - assert.dom(SELECTORS.issueDate).exists('displays issue date'); - assert.dom(SELECTORS.expiryDate).exists('displays expiration date'); - assert.dom(SELECTORS.serialNumber).exists('displays serial number'); - assert.dom(SELECTORS.revocationTime).doesNotExist('does not display revocation time of 0'); - assert.dom(SELECTORS.issuingCa).doesNotExist('does not display empty issuing CA'); - assert.dom(SELECTORS.caChain).doesNotExist('does not display empty CA chain'); - assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key'); - }); -}); diff --git a/ui/tests/acceptance/secrets/backend/pki/list-test.js b/ui/tests/acceptance/secrets/backend/pki/list-test.js deleted file mode 100644 index 4a27471fa..000000000 --- a/ui/tests/acceptance/secrets/backend/pki/list-test.js +++ /dev/null @@ -1,67 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { click, currentRouteName, settled } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import page from 'vault/tests/pages/secrets/backend/list'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; - -module('Acceptance | secrets/pki/list', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - this.uid = uuidv4(); - return authPage.login(); - }); - - const mountAndNav = async (uid) => { - const path = `pki-${uid}`; - await enablePage.enable('pki', path); - await page.visitRoot({ backend: path }); - }; - - test('it renders an empty list', async function (assert) { - assert.expect(5); - await mountAndNav(this.uid); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.list-root', - 'redirects from the index' - ); - assert.ok(page.createIsPresent, 'create button is present'); - await click('[data-test-configuration-tab]'); - assert.ok(page.configureIsPresent, 'configure button is present'); - assert.strictEqual(page.tabs.length, 2, 'shows 2 tabs'); - assert.ok(page.backendIsEmpty); - }); - - test('it navigates to the create page', async function (assert) { - assert.expect(1); - await mountAndNav(this.uid); - await page.create(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.create-root', - 'links to the create page' - ); - }); - - test('it navigates to the configure page', async function (assert) { - assert.expect(1); - await mountAndNav(this.uid); - await click('[data-test-configuration-tab]'); - await page.configure(); - await settled(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.settings.configure-secret-backend.section', - 'links to the configure page' - ); - }); -}); diff --git a/ui/tests/acceptance/secrets/backend/pki/role-test.js b/ui/tests/acceptance/secrets/backend/pki/role-test.js deleted file mode 100644 index e1ad4c2a3..000000000 --- a/ui/tests/acceptance/secrets/backend/pki/role-test.js +++ /dev/null @@ -1,89 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled, visit, waitUntil } from '@ember/test-helpers'; -import { module, test, skip } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import editPage from 'vault/tests/pages/secrets/backend/pki/edit-role'; -import showPage from 'vault/tests/pages/secrets/backend/pki/show'; -import listPage from 'vault/tests/pages/secrets/backend/list'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; -import authPage from 'vault/tests/pages/auth'; - -module('Acceptance | secrets/pki/create', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - this.uid = uuidv4(); - return authPage.login(); - }); - - skip('it creates a role and redirects', async function (assert) { - const path = `pki-create-${this.uid}`; - await enablePage.enable('pki', path); - await settled(); - await editPage.visitRoot({ backend: path }); - await settled(); - await editPage.createRole('role', 'example.com'); - await settled(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.show', - 'redirects to the show page' - ); - assert.dom('[data-test-edit-link="true"]').exists('shows the edit button'); - assert.dom('[data-test-credentials-link="true"]').exists('shows the generate button'); - assert.dom('[data-test-sign-link="true"]').exists('shows the sign button'); - - await showPage.visit({ backend: path, id: 'role' }); - await settled(); - await showPage.generateCert(); - await settled(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.credentials', - 'navs to the credentials page' - ); - - await showPage.visit({ backend: path, id: 'role' }); - await settled(); - await visit(`/vault/secrets/${path}/credentials/role?action=sign`); - - assert.strictEqual( - currentRouteName(), - 'vault.cluster.secrets.backend.credentials', - 'navs to the credentials page' - ); - - await listPage.visitRoot({ backend: path }); - await settled(); - assert.strictEqual(listPage.secrets.length, 1, 'shows role in the list'); - const secret = listPage.secrets.objectAt(0); - await secret.menuToggle(); - await settled(); - assert.ok(listPage.menuItems.length > 0, 'shows links in the menu'); - }); - - test('it deletes a role', async function (assert) { - const path = `pki-delete-${this.uid}`; - await enablePage.enable('pki', path); - await settled(); - await editPage.visitRoot({ backend: path }); - await settled(); - await editPage.createRole('role', 'example.com'); - await settled(); - await showPage.visit({ backend: path, id: 'role' }); - await settled(); - await showPage.deleteRole(); - await settled(); - assert.ok( - await waitUntil(() => currentRouteName() === 'vault.cluster.secrets.backend.list-root'), - 'redirects to list page' - ); - assert.ok(listPage.backendIsEmpty, 'no roles listed'); - }); -}); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/configure-ssh-secret-test.js b/ui/tests/acceptance/settings/configure-secret-backends/configure-ssh-secret-test.js index 4aa8247ce..5b35bbd26 100644 --- a/ui/tests/acceptance/settings/configure-secret-backends/configure-ssh-secret-test.js +++ b/ui/tests/acceptance/settings/configure-secret-backends/configure-ssh-secret-test.js @@ -8,7 +8,7 @@ import { module, test } from 'qunit'; import { setupApplicationTest } from 'ember-qunit'; import { v4 as uuidv4 } from 'uuid'; -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/index'; +import { visit } from '@ember/test-helpers'; import authPage from 'vault/tests/pages/auth'; import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; import { create } from 'ember-cli-page-object'; @@ -31,7 +31,7 @@ module('Acceptance | settings/configure/secrets/ssh', function (hooks) { const path = `ssh-configure-${this.uid}`; await enablePage.enable('ssh', path); await settled(); - await page.visit({ backend: path }); + visit(`/vault/settings/secrets/configure/${path}`); await settled(); assert.dom(SELECTORS.generateSigningKey).isChecked('generate_signing_key defaults to true'); await click(SELECTORS.generateSigningKey); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/index-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/index-test.js deleted file mode 100644 index 6c1b581bf..000000000 --- a/ui/tests/acceptance/settings/configure-secret-backends/pki/index-test.js +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/index'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; - -module('Acceptance | settings/configure/secrets/pki', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - this.uid = uuidv4(); - return authPage.login(); - }); - - test('it redirects to the cert section', async function (assert) { - const path = `pki-cert-${this.uid}`; - await enablePage.enable('pki', path); - await settled(); - await page.visit({ backend: path }); - await settled(); - assert.strictEqual( - currentRouteName(), - 'vault.cluster.settings.configure-secret-backend.section', - 'redirects from the index' - ); - }); -}); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js deleted file mode 100644 index 5cb44a7ce..000000000 --- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-cert-test.js +++ /dev/null @@ -1,149 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled, click } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/section-cert'; -import { SELECTORS } from 'vault/tests/helpers/pki'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; -import { v4 as uuidv4 } from 'uuid'; - -module('Acceptance | settings/configure/secrets/pki/cert', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - return authPage.login(); - }); - - //prettier-ignore - const PEM_BUNDLE = `-----BEGIN CERTIFICATE----- -MIIDGjCCAgKgAwIBAgIUFvnhb2nQ8+KNS3SzjlfYDMHGIRgwDQYJKoZIhvcNAQEL -BQAwDTELMAkGA1UEAxMCZmEwHhcNMTgwMTEwMTg1NDI5WhcNMTgwMjExMTg1NDU5 -WjANMQswCQYDVQQDEwJmYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN2VtBn6EMlA4aYre/xoKHxlgNDxJnfSQWfs6yF/K201qPnt4QF9AXChatbmcKVn -OaURq+XEJrGVgF/u2lSos3NRZdhWVe8o3/sOetsGxcrd0gXAieOSmkqJjp27bYdl -uY3WsxhyiPvdfS6xz39OehsK/YCB6qCzwB4eEfSKqbkvfDL9sLlAiOlaoHC9pczf -6/FANKp35UDwInSwmq5vxGbnWk9zMkh5Jq6hjOWHZnVc2J8J49PYvkIM8uiHDgOE -w71T2xM5plz6crmZnxPCOcTKIdF7NTEP2lUfiqc9lONV9X1Pi4UclLPHJf5bwTmn -JaWgbKeY+IlF61/mgxzhC7cCAwEAAaNyMHAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud -EwEB/wQFMAMBAf8wHQYDVR0OBBYEFLDtc6+HZN2lv60JSDAZq3+IHoq7MB8GA1Ud -IwQYMBaAFLDtc6+HZN2lv60JSDAZq3+IHoq7MA0GA1UdEQQGMASCAmZhMA0GCSqG -SIb3DQEBCwUAA4IBAQDVt6OddTV1MB0UvF5v4zL1bEB9bgXvWx35v/FdS+VGn/QP -cC2c4ZNukndyHhysUEPdqVg4+up1aXm4eKXzNmGMY/ottN2pEhVEWQyoIIA1tH0e -8Kv/bysYpHZKZuoGg5+mdlHS2p2Dh2bmYFyBLJ8vaeP83NpTs2cNHcmEvWh/D4UN -UmYDODRN4qh9xYruKJ8i89iMGQfbdcq78dCC4JwBIx3bysC8oF4lqbTYoYNVTnAi -LVqvLdHycEOMlqV0ecq8uMLhPVBalCmIlKdWNQFpXB0TQCsn95rCCdi7ZTsYk5zv -Q4raFvQrZth3Cz/X5yPTtQL78oBYrmHzoQKDFJ2z ------END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEA3ZW0GfoQyUDhpit7/GgofGWA0PEmd9JBZ+zrIX8rbTWo+e3h -AX0BcKFq1uZwpWc5pRGr5cQmsZWAX+7aVKizc1Fl2FZV7yjf+w562wbFyt3SBcCJ -45KaSomOnbtth2W5jdazGHKI+919LrHPf056Gwr9gIHqoLPAHh4R9IqpuS98Mv2w -uUCI6VqgcL2lzN/r8UA0qnflQPAidLCarm/EZudaT3MySHkmrqGM5YdmdVzYnwnj -09i+Qgzy6IcOA4TDvVPbEzmmXPpyuZmfE8I5xMoh0Xs1MQ/aVR+Kpz2U41X1fU+L -hRyUs8cl/lvBOaclpaBsp5j4iUXrX+aDHOELtwIDAQABAoIBACLdk2Ei/9Eq7FaB -MRkeKoCoWASIbU0dQD1iAf1bTTH554Sr8WOSj89xFqaJy9+6xk864Jleq9f1diWi -J6h6gwH6JNRNgWgIPnX6aUpdXnH1RT6ydP/h6XUg/9fBzhIn53Jx/ewy2WsIBtJ6 -F/QoHP50VD8MMibnIaubf6fCycHhc97u4BKM2QdnAugn1sWjSiTIoYmFw/3Ej8mB -bItLWZTg9oMASgCtDwPEstlKn7yPqirOJj+G/a+6sIcP2fynd0fISsfLZ0ovN+yW -d3SV3orC0RNj83GVwYykqwCc/3pP0mRfX9fl8DKbXusITqUiGL8LGb+H6YDDpbNU -5Fj7VwECgYEA5P6aIcGfCZayEJtHKlTCA2/KBkGTOP/0iNKWhntBQT/GK+bjmr+D -GO1zR8ZFEIRdlUA5MjC9wU2AQikgFQzzmtz604Wt34fDN2NFrxq8sWN7Hjr65Fjf -ivJ6faT5r5gcNEq3EM/GLF9oJH8M+B5ccFe9iXH8AbmZHOO0FZtYxIcCgYEA97dm -Kj1qyuKlINXKt4KXdYMuIT+Z3G1B92wNN9TY/eJZgCJ7zlNcinUF/OFbiGgsk4t+ -P0yVMs8BENQML0TH4Gebf4HfnDFno4J1M9HDt6HSMhsLKyvFYjFvb8hF4SPrY1pF -wW3lM3zMMzAVi8044vRrTvxfxL8QJX+1Hesye1ECgYAT5/H8Fzm8+qWV/fmMu3t2 -EwSr0I18uftG3Y+KNzKv+lw+ur50WEuMIjAQQDMGwYrlC4UtUMFeCV+p4KtSSSLw -Bl+jfY5kzQdyTCXll9xpSy2LrjLbIMKl8Hgnbezqj7176jbJtlYSy2RhL84vz2vX -tDjcttTiTYD62uxvqGZqBwKBgFQ3tPM9aDZL8coFBWN4cZfRHnjNT7kCKEA/KwtF -QPSn5LfMgXz3GGo2OO/tihoJGMac0TIiDkN03y7ieLYFU1L2xoYGGIjYvxx2+PPC -KCEhUf4Y9aYavoOQvQsq8p8FgDyJ71dAzoC/uAjbGygpgGKgqG71HHYeYxXsoh3m -3YXRAoGAE7MBnVJWiIN5s63gGz9f9V6k1dPLfcPE1I0KMM/SDOIV0oLMsYQecTTB -ZzkXwRCdcJARkaKulTfjby7+oGpQydP8iZr+CNKFxwf838UbhhsXHnN6rc62qzYD -BXUV2Uwtxf+QCphnlht9muX2fsLIzDJea0JipWj1uf2H8OZsjE8= ------END RSA PRIVATE KEY-----`; - - const mountAndNav = async (assert, prefix) => { - const path = `${prefix}pki-${uuidv4()}`; - await enablePage.enable('pki', path); - await settled(); - await page.visit({ backend: path }); - await settled(); - return path; - }; - - test('cert config: generate', async function (assert) { - assert.expect(10); - await mountAndNav(assert); - await settled(); - assert.strictEqual(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section'); - - await page.form.generateCA(); - await settled(); - - assert.dom(SELECTORS.certificate).exists('certificate is present and masked'); - assert.dom(SELECTORS.commonName).exists('displays common name'); - assert.dom(SELECTORS.issueDate).exists('displays issue date'); - assert.dom(SELECTORS.expiryDate).exists('displays expiration date'); - assert.dom(SELECTORS.issuingCa).exists('displays masked issuing CA'); - assert.dom(SELECTORS.serialNumber).exists('displays serial number'); - assert.dom(SELECTORS.csr).doesNotExist('does not display empty CSR'); - assert.dom(SELECTORS.caChain).doesNotExist('does not display empty CA chain'); - assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key'); - await page.form.back(); - await page.form.generateCA(); - await settled(); - }); - - test('cert config: upload', async function (assert) { - assert.expect(2); - await mountAndNav(assert); - await settled(); - assert.strictEqual(page.form.downloadLinks.length, 0, 'there are no download links'); - - await page.form.uploadCA(PEM_BUNDLE); - await settled(); - assert.ok( - page.flash.latestMessage.startsWith('The certificate for this backend has been updated'), - 'flash message displays properly' - ); - }); - - test('cert config: sign intermediate and set signed intermediate', async function (assert) { - assert.expect(3); - const rootPath = await mountAndNav(assert, 'root-'); - await page.form.generateCA(); - await settled(); - const intermediatePath = await mountAndNav(assert, 'intermediate-'); - await page.form.generateCA('Intermediate CA', 'intermediate'); - await settled(); - // cache csr - await click('.masked-input-toggle'); - const csrVal = document.querySelector('.masked-value').innerText; - await page.form.back(); - await settled(); - await page.visit({ backend: rootPath }); - await settled(); - await page.form.signIntermediate('Intermediate CA'); - await settled(); - await page.form.csrField(csrVal).submit(); - await settled(); - assert.dom(SELECTORS.caChain).exists('full CA chain is shown'); - assert.dom(SELECTORS.privateKey).doesNotExist('does not display empty private key'); - await click('.masked-input-toggle'); - const intermediateCert = document.querySelector('[data-test-masked-input]').innerText; - await page.form.back(); - await settled(); - await page.visit({ backend: intermediatePath }); - await settled(); - await page.form.setSignedIntermediateBtn().signedIntermediate(intermediateCert); - await settled(); - await page.form.submit(); - await settled(); - assert.dom('[data-test-go-replace-ca]').exists(); - }); -}); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-crl-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-crl-test.js deleted file mode 100644 index 741c37b87..000000000 --- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-crl-test.js +++ /dev/null @@ -1,36 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/section'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; - -module('Acceptance | settings/configure/secrets/pki/crl', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - this.uid = uuidv4(); - return authPage.login(); - }); - - test('it saves crl config', async function (assert) { - const path = `pki-crl-${this.uid}`; - await enablePage.enable('pki', path); - await settled(); - await page.visit({ backend: path, section: 'crl' }); - await settled(); - assert.strictEqual(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section'); - await page.form.fillInUnit('h'); - await page.form.fillInValue(3); - await page.form.submit(); - await settled(); - assert.strictEqual(page.lastMessage, 'The crl config for this backend has been updated.'); - }); -}); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-tidy-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-tidy-test.js deleted file mode 100644 index b68502073..000000000 --- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-tidy-test.js +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/section'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; - -module('Acceptance | settings/configure/secrets/pki/tidy', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - return authPage.login(); - }); - - test('it saves tidy config', async function (assert) { - const path = `pki-tidy-${uuidv4()}`; - await enablePage.enable('pki', path); - await settled(); - await page.visit({ backend: path, section: 'tidy' }); - await settled(); - assert.strictEqual(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section'); - await page.form.fields.objectAt(0).clickLabel(); - - await page.form.submit(); - await settled(); - assert.strictEqual(page.lastMessage, 'The tidy config for this backend has been updated.'); - }); -}); diff --git a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-urls-test.js b/ui/tests/acceptance/settings/configure-secret-backends/pki/section-urls-test.js deleted file mode 100644 index d8d7bedc7..000000000 --- a/ui/tests/acceptance/settings/configure-secret-backends/pki/section-urls-test.js +++ /dev/null @@ -1,41 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { currentRouteName, settled, find, waitUntil } from '@ember/test-helpers'; -import { module, test } from 'qunit'; -import { setupApplicationTest } from 'ember-qunit'; -import { v4 as uuidv4 } from 'uuid'; - -import page from 'vault/tests/pages/settings/configure-secret-backends/pki/section'; -import authPage from 'vault/tests/pages/auth'; -import enablePage from 'vault/tests/pages/settings/mount-secret-backend'; - -module('Acceptance | settings/configure/secrets/pki/urls', function (hooks) { - setupApplicationTest(hooks); - - hooks.beforeEach(function () { - this.uid = uuidv4(); - return authPage.login(); - }); - - test('it saves urls config', async function (assert) { - const path = `pki-config-urls-${this.uid}`; - await enablePage.enable('pki', path); - await settled(); - await page.visit({ backend: path, section: 'urls' }); - await settled(); - assert.strictEqual(currentRouteName(), 'vault.cluster.settings.configure-secret-backend.section'); - - await page.form.fields.objectAt(0).textarea('foo').change(); - await page.form.submit(); - await waitUntil(() => find('[data-test-error]')); - assert.ok(page.form.hasError, 'shows error on invalid input'); - - await page.form.fields.objectAt(0).textarea('foo.example.com').change(); - await page.form.submit(); - await settled(); - assert.strictEqual(page.lastMessage, 'The urls config for this backend has been updated.'); - }); -}); diff --git a/ui/tests/integration/components/pki/config-pki-ca-test.js b/ui/tests/integration/components/pki/config-pki-ca-test.js deleted file mode 100644 index 7f67aaa50..000000000 --- a/ui/tests/integration/components/pki/config-pki-ca-test.js +++ /dev/null @@ -1,85 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { resolve } from 'rsvp'; -import EmberObject from '@ember/object'; -import Service from '@ember/service'; -import { module, test } from 'qunit'; -import { setupRenderingTest } from 'ember-qunit'; -import { render } from '@ember/test-helpers'; -import hbs from 'htmlbars-inline-precompile'; -import { create } from 'ember-cli-page-object'; -import configPki from 'vault/tests/pages/components/pki/config-pki-ca'; -import apiStub from 'vault/tests/helpers/noop-all-api-requests'; - -const component = create(configPki); - -const storeStub = Service.extend({ - createRecord(type, args) { - return EmberObject.create(args, { - save() { - return resolve(this); - }, - destroyRecord() {}, - send() {}, - unloadRecord() {}, - }); - }, -}); - -module('Integration | Component | config pki ca', function (hooks) { - setupRenderingTest(hooks); - - hooks.beforeEach(function () { - this.server = apiStub(); - this.owner.lookup('service:flash-messages').registerTypes(['success']); - this.owner.register('service:store', storeStub); - this.storeService = this.owner.lookup('service:store'); - }); - - hooks.afterEach(function () { - this.server.shutdown(); - }); - - const config = function (pem) { - return EmberObject.create({ - pem: pem, - backend: 'pki', - caChain: 'caChain', - der: new Blob(['der'], { type: 'text/plain' }), - }); - }; - - const setupAndRender = async function (context, onRefresh) { - const refreshFn = onRefresh || function () {}; - context.set('config', config()); - context.set('onRefresh', refreshFn); - await context.render(hbs``); - }; - - test('it renders, no pem', async function (assert) { - await setupAndRender(this); - - assert.notOk(component.hasTitle, 'no title in the default state'); - assert.strictEqual(component.replaceCAText, 'Configure CA'); - assert.strictEqual(component.downloadLinks.length, 0, 'there are no download links'); - - await component.replaceCA(); - assert.strictEqual(component.title, 'Configure CA Certificate'); - await component.back(); - - await component.setSignedIntermediateBtn(); - assert.strictEqual(component.title, 'Set signed intermediate'); - }); - - test('it renders, with pem', async function (assert) { - const c = config('pem'); - this.set('config', c); - await render(hbs``); - assert.notOk(component.hasTitle, 'no title in the default state'); - assert.strictEqual(component.replaceCAText, 'Add CA'); - assert.strictEqual(component.downloadLinks.length, 3, 'shows download links'); - }); -}); diff --git a/ui/tests/integration/components/pki/config-pki-test.js b/ui/tests/integration/components/pki/config-pki-test.js deleted file mode 100644 index 84f93b52b..000000000 --- a/ui/tests/integration/components/pki/config-pki-test.js +++ /dev/null @@ -1,154 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { resolve } from 'rsvp'; -import { module, test } from 'qunit'; -import { setupRenderingTest } from 'ember-qunit'; -import { click, render } from '@ember/test-helpers'; -import hbs from 'htmlbars-inline-precompile'; -import { create } from 'ember-cli-page-object'; -import configPki from 'vault/tests/pages/components/pki/config-pki'; - -const component = create(configPki); - -module('Integration | Component | config pki', function (hooks) { - setupRenderingTest(hooks); - - hooks.beforeEach(async function () { - this.owner.lookup('service:flash-messages').registerTypes(['success']); - this.store = this.owner.lookup('service:store'); - this.config = await this.store.createRecord('pki/pki-config'); - this.mockConfigSave = function (saveFn) { - const { tidyAttrs, crlAttrs, urlsAttrs } = this.config; - return { - save: saveFn, - rollbackAttributes: () => {}, - tidyAttrs, - crlAttrs, - urlsAttrs, - set: () => {}, - }; - }; - }); - - const setupAndRender = async function (context, config, section = 'tidy') { - context.set('config', config); - context.set('section', section); - await context.render(hbs``); - }; - - test('it renders tidy section', async function (assert) { - await setupAndRender(this, this.config); - assert.ok(component.text.startsWith('You can tidy up the backend')); - assert.notOk(component.hasTitle, 'No title for tidy section'); - assert.strictEqual(component.fields.length, 3, 'renders all three tidy fields'); - assert.ok(component.fields.objectAt(0).labelText, 'Tidy the Certificate Store'); - assert.ok(component.fields.objectAt(1).labelText, 'Tidy the Revocation List (CRL)'); - assert.ok(component.fields.objectAt(1).labelText, 'Safety buffer'); - }); - - test('it renders crl section', async function (assert) { - await setupAndRender(this, this.config, 'crl'); - assert.false(this.config.disable, 'CRL config defaults disable=false'); - assert.ok(component.hasTitle, 'renders form title'); - assert.strictEqual(component.title, 'Certificate Revocation List (CRL) config'); - assert.ok( - component.text.startsWith('Set the duration for which the generated CRL'), - 'renders form subtext' - ); - assert - .dom('[data-test-ttl-form-label="CRL building enabled"]') - .hasText('CRL building enabled', 'renders enabled field title'); - assert - .dom('[data-test-ttl-form-subtext]') - .hasText('The CRL will expire after', 'renders enabled field subtext'); - assert.dom('[data-test-input="expiry"] input').isChecked('defaults to enabling CRL build'); - assert.dom('[data-test-ttl-value="CRL building enabled"]').hasValue('3', 'default value is 3 (72h)'); - assert.dom('[data-test-select="ttl-unit"]').hasValue('d', 'default unit value is days'); - await click('[data-test-input="expiry"] input'); - assert - .dom('[data-test-ttl-form-subtext]') - .hasText('The CRL will not be built.', 'renders disabled text when toggled off'); - - // assert 'disable' attr on pki-config model updates with toggle - assert.true(this.config.disable, 'when toggled off, sets CRL config to disable=true'); - await click('[data-test-input="expiry"] input'); - assert - .dom('[data-test-ttl-form-subtext]') - .hasText('The CRL will expire after', 'toggles back to enabled text'); - assert.false(this.config.disable, 'CRL config toggles back to disable=false'); - }); - - test('it renders urls section', async function (assert) { - await setupAndRender(this, this.config, 'urls'); - assert.notOk(component.hasTitle, 'No title for urls section'); - assert.strictEqual(component.fields.length, 3); - assert.ok(component.fields.objectAt(0).labelText, 'Issuing certificates'); - assert.ok(component.fields.objectAt(1).labelText, 'CRL Distribution Points'); - assert.ok(component.fields.objectAt(2).labelText, 'OCSP Servers'); - }); - - test('it calls save with the correct arguments for tidy', async function (assert) { - assert.expect(3); - const section = 'tidy'; - this.set('onRefresh', () => { - assert.ok(true, 'refresh called'); - }); - this.set( - 'config', - this.mockConfigSave((options) => { - assert.strictEqual(options.adapterOptions.method, section, 'method passed to save'); - assert.deepEqual( - options.adapterOptions.fields, - ['tidyCertStore', 'tidyRevocationList', 'safetyBuffer'], - 'tidy fields passed to save' - ); - return resolve(); - }) - ); - this.set('section', section); - await render( - hbs`` - ); - - component.submit(); - }); - - test('it calls save with the correct arguments for crl', async function (assert) { - assert.expect(3); - const section = 'crl'; - this.set('onRefresh', () => { - assert.ok(true, 'refresh called'); - }); - this.set( - 'config', - this.mockConfigSave((options) => { - assert.strictEqual(options.adapterOptions.method, section, 'method passed to save'); - assert.deepEqual(options.adapterOptions.fields, ['expiry', 'disable'], 'CRL fields passed to save'); - return resolve(); - }) - ); - this.set('section', section); - await render( - hbs`` - ); - component.submit(); - }); - - test('it correctly sets toggle when initial CRL config is disable=true', async function (assert) { - assert.expect(3); - // change default config attrs - const configDisabled = this.config; - configDisabled.expiry = '1m'; - configDisabled.disable = true; - await setupAndRender(this, configDisabled, 'crl'); - assert.dom('[data-test-input="expiry"] input').isNotChecked('toggle disabled when CRL config disabled'); - await click('[data-test-input="expiry"] input'); - assert - .dom('[data-test-ttl-value="CRL building enabled"]') - .hasValue('1', 'when toggled on shows last set expired value'); - assert.dom('[data-test-select="ttl-unit"]').hasValue('m', 'when toggled back on shows last set unit'); - }); -}); diff --git a/ui/tests/integration/components/secret-list-header-test.js b/ui/tests/integration/components/secret-list-header-test.js index 88a2c8754..fbf682a94 100644 --- a/ui/tests/integration/components/secret-list-header-test.js +++ b/ui/tests/integration/components/secret-list-header-test.js @@ -5,7 +5,7 @@ import { module, test } from 'qunit'; import { setupRenderingTest } from 'ember-qunit'; -import { render, click } from '@ember/test-helpers'; +import { render } from '@ember/test-helpers'; import hbs from 'htmlbars-inline-precompile'; import { supportedSecretBackends } from 'vault/helpers/supported-secret-backends'; import { setupMirage } from 'ember-cli-mirage/test-support'; @@ -28,7 +28,6 @@ module('Integration | Component | secret-list-header', function (hooks) { - `); const selector = '[data-test-kv-version-badge]'; @@ -44,91 +43,4 @@ module('Integration | Component | secret-list-header', function (hooks) { } } }); - - test('it should render new pki beta button and remain the same for other engines', async function (assert) { - const backends = supportedSecretBackends(); - const numExpects = backends.length + 1; - assert.expect(numExpects); - - this.server.post('/sys/capabilities-self', () => {}); - - for (const type of backends) { - const data = this.server.create('secret-engine', 2, { type }); - this.model = mirageToModels(data); - await render(hbs` - - - `); - const oldPkiBetaButtonSelector = '[data-test-old-pki-beta-button]'; - const oldPkiBetaModalSelector = '[data-test-modal-background="New PKI Beta"]'; - - if (type === 'pki') { - assert.dom(oldPkiBetaButtonSelector).hasText('New PKI UI available'); - await click(oldPkiBetaButtonSelector); - assert.dom(oldPkiBetaModalSelector).exists(); - } else { - assert - .dom(oldPkiBetaButtonSelector) - .doesNotExist(`Version badge does not render for ${type} engine type`); - } - } - }); - - test('it should render return to old pki from new pki', async function (assert) { - const backends = supportedSecretBackends(); - assert.expect(backends.length); - - this.server.post('/sys/capabilities-self', () => {}); - - for (const type of backends) { - const data = this.server.create('secret-engine', 2, { type }); - this.model = mirageToModels(data); - await render(hbs` - - - `); - const newPkiButtonSelector = '[data-test-new-pki-beta-button]'; - - if (type === 'pki') { - assert.dom(newPkiButtonSelector).hasText('Return to old PKI'); - } else { - assert.dom(newPkiButtonSelector).doesNotExist(`No return to old pki exists`); - } - } - }); - - test('it should show the pki modal when New PKI UI available button is clicked', async function (assert) { - const backends = supportedSecretBackends(); - const numExpects = backends.length + 1; - assert.expect(numExpects); - - this.server.post('/sys/capabilities-self', () => {}); - - for (const type of backends) { - const data = this.server.create('secret-engine', 2, { type }); - this.model = mirageToModels(data); - await render(hbs` - - - `); - const oldPkiButtonSelector = '[data-test-old-pki-beta-button]'; - const cancelPkiBetaModal = '[data-test-cancel-pki-beta-modal]'; - - if (type === 'pki') { - await click(oldPkiButtonSelector); - assert.dom('.modal.is-active').exists('Pki beta modal is open'); - await click(cancelPkiBetaModal); - assert.dom('.modal').exists('Pki beta modal is closed'); - } else { - assert.dom(oldPkiButtonSelector).doesNotExist(`No return to old pki exists`); - } - } - }); }); diff --git a/ui/tests/integration/utils/parse-pki-cert-test.js b/ui/tests/integration/utils/parse-pki-cert-test.js index 457c52ccf..d467cbd41 100644 --- a/ui/tests/integration/utils/parse-pki-cert-test.js +++ b/ui/tests/integration/utils/parse-pki-cert-test.js @@ -48,10 +48,8 @@ module('Integration | Util | parse pki certificate', function (hooks) { country: 'France', other_sans: '1.3.1.4.1.5.9.2.6;UTF8:some-utf-string', exclude_cn_from_sans: true, - expiry_date: {}, ip_sans: '192.158.1.38, 1234:0fd2:5621:0001:0089:0000:0000:4500', key_usage: 'CertSign, CRLSign', - issue_date: {}, locality: 'Paris', max_path_length: 17, not_valid_after: 1678210083, @@ -239,8 +237,6 @@ module('Integration | Util | parse pki certificate', function (hooks) { common_name: null, country: null, exclude_cn_from_sans: false, - expiry_date: {}, - issue_date: {}, key_usage: null, locality: null, max_path_length: 10, diff --git a/ui/tests/pages/components/pki/config-pki-ca.js b/ui/tests/pages/components/pki/config-pki-ca.js deleted file mode 100644 index 9c2d44c90..000000000 --- a/ui/tests/pages/components/pki/config-pki-ca.js +++ /dev/null @@ -1,54 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { clickable, collection, fillable, text, selectable, isPresent } from 'ember-cli-page-object'; - -import fields from '../form-field'; - -export default { - ...fields, - scope: '.config-pki-ca', - text: text('[data-test-text]'), - title: text('[data-test-title]'), - - hasTitle: isPresent('[data-test-title]'), - hasError: isPresent('[data-test-error]'), - hasSignIntermediateForm: isPresent('[data-test-sign-intermediate-form]'), - - replaceCA: clickable('[data-test-go-replace-ca]'), - replaceCAText: text('[data-test-go-replace-ca]'), - setSignedIntermediateBtn: clickable('[data-test-go-set-signed-intermediate]'), - signIntermediateBtn: clickable('[data-test-go-sign-intermediate]'), - caType: selectable('[data-test-input="caType"]'), - submit: clickable('[data-test-submit]'), - back: clickable('[data-test-back-button]'), - - signedIntermediate: fillable('[data-test-signed-intermediate]'), - downloadLinks: collection('[data-test-ca-download-link]'), - rows: collection('[data-test-table-row]'), - rowValues: collection('[data-test-row-value]'), - csr: text('[data-test-row-value="CSR"]', { normalize: false }), - csrField: fillable('[data-test-input="csr"]'), - certificate: text('[data-test-row-value="Certificate"]', { normalize: false }), - uploadCert: clickable('[data-test-input="uploadPemBundle"]'), - enterCertAsText: clickable('[data-test-text-toggle]'), - pemBundle: fillable('[data-test-text-file-textarea]'), - commonName: fillable('[data-test-input="commonName"]'), - - async generateCA(commonName = 'PKI CA', type = 'root') { - if (type === 'intermediate') { - return await this.replaceCA().commonName(commonName).caType('intermediate').submit(); - } - return await this.replaceCA().commonName(commonName).submit(); - }, - - async uploadCA(pem) { - return await this.replaceCA().uploadCert().enterCertAsText().pemBundle(pem).submit(); - }, - - async signIntermediate(commonName) { - return await this.signIntermediateBtn().commonName(commonName); - }, -}; diff --git a/ui/tests/pages/components/pki/config-pki.js b/ui/tests/pages/components/pki/config-pki.js deleted file mode 100644 index 2f78a927b..000000000 --- a/ui/tests/pages/components/pki/config-pki.js +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { clickable, fillable, text, isPresent } from 'ember-cli-page-object'; -import fields from '../form-field'; - -export default { - ...fields, - scope: '.config-pki', - text: text('[data-test-text]'), - title: text('[data-test-title]'), - hasTitle: isPresent('[data-test-title]'), - hasError: isPresent('[data-test-error]'), - submit: clickable('[data-test-submit]'), - enableTtl: clickable('[data-test-toggle-input]'), - fillInValue: fillable('[data-test-ttl-value]'), - fillInUnit: fillable('[data-test-select="ttl-unit"]'), -}; diff --git a/ui/tests/pages/settings/configure-secret-backends/pki/index.js b/ui/tests/pages/settings/configure-secret-backends/pki/index.js deleted file mode 100644 index 3a4e9ce60..000000000 --- a/ui/tests/pages/settings/configure-secret-backends/pki/index.js +++ /dev/null @@ -1,10 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { create, visitable } from 'ember-cli-page-object'; - -export default create({ - visit: visitable('/vault/settings/secrets/configure/:backend/'), -}); diff --git a/ui/tests/pages/settings/configure-secret-backends/pki/section-cert.js b/ui/tests/pages/settings/configure-secret-backends/pki/section-cert.js deleted file mode 100644 index bd49d9754..000000000 --- a/ui/tests/pages/settings/configure-secret-backends/pki/section-cert.js +++ /dev/null @@ -1,15 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { create, visitable } from 'ember-cli-page-object'; - -import ConfigPKICA from 'vault/tests/pages/components/pki/config-pki-ca'; -import flashMessages from 'vault/tests/pages/components/flash-message'; - -export default create({ - visit: visitable('/vault/settings/secrets/configure/:backend/cert'), - form: ConfigPKICA, - flash: flashMessages, -}); diff --git a/ui/tests/pages/settings/configure-secret-backends/pki/section.js b/ui/tests/pages/settings/configure-secret-backends/pki/section.js deleted file mode 100644 index 24e96a4b7..000000000 --- a/ui/tests/pages/settings/configure-secret-backends/pki/section.js +++ /dev/null @@ -1,19 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: MPL-2.0 - */ - -import { create, visitable, collection } from 'ember-cli-page-object'; - -import { getter } from 'ember-cli-page-object/macros'; -import ConfigPKI from 'vault/tests/pages/components/pki/config-pki'; - -export default create({ - visit: visitable('/vault/settings/secrets/configure/:backend/:section'), - form: ConfigPKI, - lastMessage: getter(function () { - const count = this.flashMessages.length; - return this.flashMessages.objectAt(count - 1).text; - }), - flashMessages: collection('[data-test-flash-message-body]'), -});