Commit graph

391 commits

Author SHA1 Message Date
Roberto Pommella Alegro 9b01d34703 Fix oidc callback to check entire storage (#7929)
* Fix oidc callback to check entire storage

In some cases, extensions or other unexpected javascript can be executed
on the oidc callback. Sometimes changing the localstorage and generating
a `storage` event before the callback component does. In such cases, the
authorization component will hang indefinitely.

A simple fix is to check for the expected `oidcState` key in the whole
localstorage instead of just the event `key`.

* Fix tests for auth-jwt

Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2020-01-15 14:27:12 -07:00
Angel Garbarino 2fb4ee2d5a
Show permissions error on KV when you don't have access to create a secret (#8133)
* add catch for fail on save.  isError is not being set to true, so set it in the catch

* add conditionally to only catch 403 permission errors.  Otherwise it will catch and return an unhelpful error message for when you are trying to save a duplicate secret

* add in code comment

* remove catch and pass version 2 secret model to Error handler inside template

* replace Error model with modelForData to catch errors on the correct model

* add back in space

* replace error model with modelForData
2020-01-15 13:02:15 -07:00
Noelle Daley 864b434415
Fix delete namespaces (#8132)
* do not access items.content since it turns items into an InternalModel and breaks deleting namespaces

* remove pagination story until we have a better way to fake data in Storybook
2020-01-10 16:48:48 -08:00
Noelle Daley 5b07838999
upgrade handlebars (#8112) 2020-01-07 16:19:25 -08:00
Matthew Irish a6617e1958
UI: add a command to build static storybook for deploying to netlify (#8028)
* add a command to build static storybook for deploying to netlify

* add storybook deploys to the ui readme
2020-01-06 16:01:34 -06:00
Angel Garbarino 95708f228b
change height to min-height to prevent overflow (#8065) 2019-12-20 12:54:56 -07:00
Christian Frichot 803b29b2d9 UI update headless chrome flags to fix 'yarn run test:oss' (#8035)
* UI update headless chrome flags to fix ember/chrome crash in test

* UI update references from test-oss to test:oss

* UI removed disable-gpu flag from headless Chrome

* UI and also remove the comment
2019-12-18 10:12:44 -07:00
Noelle Daley e953e32c6a
update serialize-javascript to fix security vulnerability (#8029) 2019-12-16 15:14:52 -08:00
Noelle Daley f24af7d0d7
overwrite bulma bug that crashes safari (#8023) 2019-12-16 13:30:35 -08:00
Noelle Daley 4e68a415cf
Ui/fix demoting status menu (#7997)
* fix bug where users couldn't click on update primary

* don't show status menu items when cluster isSecondary since those links don't work

* show the mode of replication in the status menu

* do not show server header in status menu when the contents are empty

* show Disaster Recovery instead of 'DR'

* do not show http metrics in status menu unless user is authenticated

* fix typo so icons in status menu show
2019-12-13 15:23:17 -08:00
Noelle Daley 3bd7e184a0
store secret key and value as an object to fix copy/show secret bug (#7926) 2019-11-22 11:12:33 -08:00
Matthew Irish 004857084b
loosen match checking on replication show page (#7776) 2019-11-11 09:47:35 -06:00
Noelle Daley 0a251d4f06
test ie11 on windows 8.1 instead of windows 10 (#7775) 2019-11-01 10:10:05 -07:00
Noelle Daley 3bf3130268
Only link to nav items that user has access to (#7590)
* only show entities sidenav item if user has list capability on entities

* wip - link to correct paths in top navigation

* remove comment

* only link to groups page if user has list capability

* add test for checking multiple capabilities

* test when capabilities are not specified

* format jsdoc comments

* move capabilities check out of helper and into permissions service
2019-10-30 11:39:51 -07:00
Noelle Daley fadd9d742b
fix security alerts (#7757) 2019-10-29 11:46:59 -07:00
Matthew Irish d52de63602 Fix replication test (#7747)
* fix replication acceptance test

* remove unused import

* remove mountType
2019-10-28 16:56:11 +00:00
Matthew Irish f982899f1e
embed yarn (#7740)
* embed yarn binary using yarn policies set-version and loosen the restriction on yarn in the dockerfile and the package.json

* don't lint the embedded yarn package
2019-10-25 16:00:45 -05:00
Matthew Irish eae5e114ba
UI - replication path filtering (#7620)
* rename mount-filter-config models, components, serializer, adapters to path-filter-config

* move search-select component to core addon

* add js class for search-select-placeholder and sort out power-select deps for moving to the core component

* expose oninput from powerselect through search-select

* don't fetch mounts in the replication routes

* remove toggle from add template

* start cross-namespace fetching

* group options and set up for namespace fetch via power-select search prop

* add and style up radio-card CSS component

* add xlm size for icons between l and xl

* copy defaults so they're not getting mutated

* finalize cross-namespace fetching and getting that to work with power-select

* when passing options but no models, format the options in search select so that they render properly in the list

* tint the background of a selected radio card

* default to null mode and uniq options in search-select

* finish styling radio-card

* format inputValues when first rendering the component if options are being passed from outside

* treat mode:null as deleting existing config which simplifies save logic

* correctly prune the auto complete list since path-filter-config-list handles all of that and finish styling

* remove old component

* add search debounce and fix linting

* update search-select docs

* updating tests

* support grouped options for when to show the create prompt

* update and add tests for path-filter-config-list

* fix tests for search-select and path-filter-config-list

* the new api uses allow/deny instead of whitelist/blacklist
2019-10-25 13:16:45 -05:00
Matthew Irish e3450dddeb
update yarn to 1.19.1 (#7731) 2019-10-24 17:08:23 -05:00
Noelle Daley c87ec96b8e
indicate that secret version is deleted even when it is the current version (#7714) 2019-10-24 11:35:25 -07:00
Amitosh Swain Mahapatra cf12f549f3 Show versions that are active when delete_version_after is configured (#7685) 2019-10-22 15:45:20 -07:00
Madalyn 977af116c8 Enable generated items for more auth methods (#7513)
* enable auth method item configuration in go code

* properly parse and list generated items

* make sure we only set name on attrs if a label comes from openAPI

* correctly construct paths object for method index route

* set sensitive property on password for userpass

* remove debugger statements

* pass method model to list route template to use paths on model for tabs

* update tab generation in generated item list, undo enabling userpass users

* enable openapi generated itams for certs and userpass, update ldap to no longer have action on list endpoint

* add editType to DisplayAttributes, pull tokenutil fields into field group

* show sensitive message for sensitive fields displayed in fieldGroupShow component

* grab sensitive and editType fields from displayAttrs in openapi-to-attrs util

* make sure we don't ask for paths for secret backends since that isn't setup yet

* fix styling of sensitive text for fieldGroupShow component

* update openapi-to-attrs util test to no longer include label by default, change debugger to console.err in path-help, remove dynamic ui auth methods from tab count test

* properly log errors to the console

* capitalize This value is sensitive...

* get rid of extra padding on bottom of fieldgroupshow

* make auth methods clickable and use new confirm ux

* Update sdk/framework/path.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* Update sdk/framework/path.go

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* add whitespace

* return intErr instead of err

* uncomment out helpUrl because we need it

* remove extra box class

* use const instead of let

* remove extra conditional since we already split the pathName later on

* ensure we request the correct url when listing generated items

* use const

* link to list and show pages

* remove dead code

* show nested item name instead of id

* add comments

* show tooltip for text-file inputs

* fix storybook

* remove extra filter

* add TODOs

* add comments

* comment out unused variables but leave them in function signature

* only link to auth methods that can be fully managed in the ui

* clean up comments

* only render tooltip if there is helpText

* rename id authMethodPath

* remove optionsForQuery since we don't need it

* add indentation

* standardize ConfirmMessage and show model name instead of id when editing

* standardize ConfirmMessage and show model name instead of id when editing

* add comments

* post to the correct updateUrl so we can edit users and groups

* use pop instead of slice

* add TODO for finding a better way to store ids

* ensure ids are handled the same way on list and show pages; fix editing and deleting

* add comment about difference between list and show urls

* use model.id instead of name since we do not need it

* remove dead code

* ensure list pages have page headers

* standardize using authMethodPath instead of method and remove dead code

* i love indentation

* remove more dead code

* use new Confirm

* show correct flash message when deleting an item

* update flash message for creating and updating

* use plus icon for creating group/user instead of an arrow
2019-10-17 16:19:14 -07:00
Amitosh Swain Mahapatra 8345d27311 Fix script for test:oss (#7643) 2019-10-15 10:06:43 -05:00
Matthew Irish 87d4e6e068
UI - raft config and snapshotting (#7410)
* add storage route

* template out the routes and new raft storage overview

* fetch raft config and add new server model

* pngcrush the favicon

* add view components and binary-file component

* add form-save-buttons component

* adjust rawRequest so that it can send a request body and returns the response on errors

* hook up restore

* rename binary-file to file-to-array-buffer

* add ember-service-worker

* use forked version of ember-service-worker for now

* scope the service worker to a single endpoint

* show both download buttons for now

* add service worker download with a fallback to JS in-mem download

* add remove peer functionality

* lint go file

* add storage-type to the cluster and node models

* update edit for to take a cancel action

* separate out a css table styles to be used by http-requests-table and on the raft-overview component

* add raft-join adapter, model, component and use on the init page

* fix styling and gate the menu item on the cluster using raft storage

* style tweaks to the raft-join component

* fix linting

* add form-save-buttons component to storybook

* add cancel functionality for backup uploads, and add a success message for successful uploads

* add component tests

* add filesize.js

* add filesize and modified date to file-to-array-buffer

* fix linting

* fix server section showing in the cluster nav

* don't use babel transforms in service worker lib because we don't want 2 copies of babel polyfill

* add file-to-array-buffer to storybook

* add comments and use removeObjectURL to raft-storage-overview

* update alert-banner markdown

* messaging change for upload alert banner

* Update ui/app/templates/components/raft-storage-restore.hbs

Co-Authored-By: Joshua Ogle <joshua@joshuaogle.com>

* more comments

* actually render the label if passed and update stories with knobs
2019-10-14 13:23:29 -05:00
Matthew Irish 07613fc4a6
pgp list fix (#7542)
* add data selectors

* add tests for pgp-list component and refactor so initialization works

* fix comment

* fix linting

* add else statement
2019-10-09 21:09:25 -05:00
Matthew Irish 2658f902bc
don't abort transitions if you're already on that route (#7602) 2019-10-09 11:38:20 -05:00
Matthew Irish 7f80626162
UI - namespace fixes (#7587)
* check for model in the edit form before rolling back

* make sure namespace service name is consistent in the auth service

* actually tell it what service to inject
2019-10-07 20:41:04 -05:00
Noelle Daley 899f0dc2cb
do not swallow ControlGroupErrors when viewing or editing kvv2 secrets (#7504)
* do not swallow ControlGroupErrors when viewing or editing kvv2 secrets

* test kv v2 control group workflow

* do not manually clearModelCache when logging out since this already happens when leaving the logout route

* remove pauseTest

* update comments

* wip - looking into why restricted user can see the control group protected secret after it has already been unwrapped once

* strip version from query params so we can unwrap a secret after it is authorized

* use attachCapabilities instead of lazyCapabilities to ensure models are cleaned up properly

* remove comment

* make ControlGroupError extend AdapterError

* fix broken redirect_to test

* one day i will remember to remove my debugger statements; today is not that day

* no need to check for a ControlGroupError since it extends an AdapterError

* see if using EmberError instead of AdapterError fixes the browserstack tests

* Revert "see if using EmberError instead of AdapterError fixes the browserstack tests"

This reverts commit 14ddd67cacbf1ccecb8cc2d1f59a2c273866da72.
2019-10-04 13:15:33 -07:00
Matthew Irish 8d9d8e3d0e
UI wrapped token fix (#7398)
* default to token auth method

* pass in selectedValue to the AuthForm

* adjust when and if tasks are called so there's no race condition with wrapped_token query param

* add some tests for wrapped_token

* adjust redirect_to behavior so that it also works with the logout route and the wrapped_token query param

* fix linting
2019-10-01 15:30:56 -05:00
Matthew Irish c5ade0897e
UI CI exit 1 if there's an error (#7399)
* exit 1 if there's an error

* fix failing confirm tests

* still need to exit the process 😂
2019-10-01 14:57:37 -05:00
Matthew Irish a237d66213
fix typo (#7394) 2019-09-03 14:15:57 -05:00
Noelle Daley d52d324df4
Ui/fix component story generators (#7377)
* remove ember-cli-valid-component-name since we no longer need it

* component names no longer need to contain a hyphen

* remove Husky from README since we no longer use it

* update Storybook example

* update JSDoc examples and fix params table header
2019-08-28 14:47:43 -07:00
Noelle Daley 716f25162a
Ui/redesign delete confirmation (#7271)
* add initial Confirm component to secrets list page

* use ember-wormholes to render confirmation message

* use maybe-in-element instead of ember-wormhole

* hide overlay initially

* animate confirm overlay left and right on click

* hide overlay in the DOM to properly set height

* adjust height when showing/hiding confirm-overlay

* disable confirmation buttons until trigger has been rendered

* adjust height of confirm-wrapper instead of confirm

* move Confirm/ to core

* only add style attribute when a height property exists

* fix indentation

* wip - use new Confirm inside status menu

* add Confirm to Storybook

* ensure confirm links have proper styling in Storybook and outside popup-menu

* fix height transition

* disable no-inline-styles

* add test selector

* remove comment

* consolidate Message into Trigger to make Confirm easier to use

* use new Trigger API in status menu

* remove height transition

* fix binding inline style warning

* rename confirmMessage to message

* update Confirm for Storybook

* fix indentation

* do not pass in onCancel from outer template because it is static

* add jsdoc comments to Trigger

* wip - add trigger and confirm to storybook

* fix status menu styling

* fix styling of confirm stories

* use new Confirm on secrets engine list

* use bulma speed variable

* fix indentation

* re-renable eslint no-inline-styles

* showConfirm when rendered trigger matches id

* fix background color on namespace picker

* do not expose onTrigger

* Revert "re-renable eslint no-inline-styles"

This reverts commit c7b2a9097f177a2876afaaec6020f73b07bad3c7.

* rename Confirm Trigger to Message

* add tests

* update JSDocs

* focus trigger after cancelling the confirm message

* update Confirm JSDocs

* differentiate between ConfirmAction and Confirm

* add Message to Storybook

* re-enable eslint import/extensions

* update confirmButtonText to Revoke token

* remove linebreak and extra whitespace

* fix typo

* add loading to empty button

* fix more typos

* only show Message contents when showConfirm is true

* no need to disable the confirm buttons since they only render in the DOM when showConfirm is true

* use Confirm to delete aws roles

* use Confirm to delete pki roles

* use Confirm to delete ssh roles

* add Confirm to entity alias page

* fix confirm button text on Revoke token in status menu

* ensure you can use tab to revoke a token from status menu

* reset the open trigger after the confirm has been confirmed

* use Confirm on identity list pages

* fix Disable engine confirmation text

* use <PopupMenu /> angle brack syntax

* use Confirm on policies list page

* use Confirm for namespaces

* use Confirm for kmip scopes

* use Confirm for deleting kmip roles

* use Confirm for revoking KMIP credentials

* fix Revoke token triggerText
2019-08-27 15:50:53 -07:00
Matthew Irish ca80c9fa79
fix namespace picker so that it always expands into an object when co… (#7333)
* fix namespace picker so that it always expands into an object when constructing a tree

* sort namespaces lexicographically

* fix linting
2019-08-22 14:00:53 -05:00
Matthew Irish 9147ae64bc
Ui search select fix (#7338)
* update to latest ember-power-select-with-create

* guard against options and model not being defined

* add test for select with no options
2019-08-22 13:57:02 -05:00
Noelle Daley 1e58c46ca9
Ui/dismiss status menu click (#7337)
* dismiss status menu on click instead of hover

* allow redirect on 204
2019-08-19 14:36:22 -07:00
Matthew Irish 4a1013e915
Update ui dependencies (#7244)
* be more specific about node version, and specify a yarn version

* update ember, ember-cli, ember-data, ember-data-model-fragments

* use router handlers to access transition information

* fix shadowing of component helper

* update ivy-codemirror, ember-cli-inject-live-reload

* remove custom router service

* don't use transition.queryParams

* update ember-cli-deprecation-workflow

* refactor kv v1 to use 'path' instead of 'id' on creation

* fix auth-jwt-test and toolbar-link-test

* update ember composable helpers

* remove Ember.copy from test file

* no more deprecations in the workflow

* fix more secret tests

* fix remaining failed tests

* move select component to core because it's used by ttl-picker

* generate new model class for each test instead of reusing an existing one

* fix selectors on kmip tests

* refactor how control groups construct urls from the new transition objects

* add router service override back in, and have it be evented so that we can trigger router events on it

* move stories and markdown files to core if the component lives in core

* update ember-cli, ember-cli-babel, ember-auto-import

* update base64js, date-fns, deepmerge, codemirror, broccoli-asset-rev

* update linting rules

* fix test selectors

* update ember-api-actions, ember-concurrency, ember-load-initializers, escape-string-regexp, normalize.css, prettier-eslint-cli, jsdoc-to-markdown

* remove test-results dir

* update base64js, ember-cli-clipboard, ember-cli-sass, ember-cli-string-helpers, ember-cli-template-lint, ember-cli-uglify, ember-link-action

* fix linting

* run yarn install without restoring from cache

* refactor how tests are run and handle the vault server subprocess

* update makefile for new test task names

* update circle config to use the new yarn task

* fix writing the seal keys when starting the dev server

* remove optional deps from the lockfile

* don't ignore-optional on yarn install

* remove errant console.log

* update ember-basic-dropdown-hover, jsonlint, yargs-parser

* update ember-cli-flash

* add back optionalDeps

* update @babel/core@7.5.5, ember-basic-dropdown@1.1.3, eslint-plugin-ember@6.8.2

* update storybook to the latest release

* add a babel config with targets so that the ember babel plugin works properly

* update ember-resolver, move ember-cli-storybook to devDependencies

* revert normalize.css upgrade

* silence fetchadapter warning for now

* exclude 3rd party array helper now that ember includes one

* fix switch and entity lookup styling

* only add -root suffix if it's not in versions mode

* make sure drop always has an array on the aws role form

* fix labels like we did with the backport

* update eslintignore

* update the yarn version in the docker build file

* update eslint ignore
2019-08-19 15:45:39 -05:00
Matthew Irish effe7320d5
change input to textarea and use autosize on them (#7254)
* change input to textarea and use autosize on them

* fix some tests
2019-08-14 10:02:16 -05:00
Matthew Irish a4b6bb8626
kv v2 display bugs (#7307)
* fix switch css

* allow breadcrumbs container to grow if it's overflowed so that it's still usable

* close the dropdowns on destructive actions that cause a route refresh

* use new attachCapabilities for context menus on auth methods to get rid of an error
2019-08-13 16:54:51 -05:00
Madalyn d3bc388b31
remove double slash from generated api endopints in generated adapter (#7299)
remove double slash from generated api endopints
2019-08-12 14:27:37 -04:00
Matthew Irish c642b814d4
move replication-actions into core addon so that secondary recovery works (#7226)
* move replication-actions component into core addon so that secondary recovery works

* move the rest of replication action components
2019-08-05 14:05:32 -05:00
Matthew Irish 3da6487cf4
UI - support redirecting to an intended URL after authentication (#7088)
* add redirect_to query param

* alias auth controller state to vault controller where the query param is defined

* capture the current url before redirecting a user to auth if they're being redirected

* consume and reset the redirectTo query param when authenticating

* make sure that the current url when logging out does not get set as the redirect_to query param

* add unit tests for the mixin and make it so that redirects from the root don't end up in redirect_to

* acceptance tests for redirect
2019-08-01 18:50:43 -05:00
Matthew Irish 1a7a71385a
parse web CLI input as shell input (#7206)
* add shell quote

* use shell quote's parse method to properly escape strings entered in the web cli

* add and update tests for the web CLI

* fix linting and skip test for ' in a path

* skip the correct test
2019-08-01 17:12:04 -05:00
Matthew Irish 88cf9e6a76
clear namespaces on logout and properly render nested namespaces in the namepace picker (#7186)
* reset namespace cache when a user logs out

* fix issue where if you log in to a namespace with an initial /, nested namespaces would not show up in the navigation

* set an empty list of namespaces instead of ignoring error

* add tests for namespace bugs

* use this consistently in template
2019-08-01 16:53:57 -05:00
Noelle Daley 828185db49
UI/add select dropdown (#7102)
* add SelectDropdown

* use SelectDropdown instead of HttpRequestsDropdown

* use html selector instead of class name

* ensure SelectDropdown still works when rendered inside a Toolbar

* add tests

* remove old HttpRequests component

* make SelectDropdown example easier to read in Storybook

* add isFullwidth prop

* add SelectDropbown inside a Toolbar story

* fix tests

* remove actions block and call this.onChange directly

* replace dropdownLabel with label

* rename SelectDropdown to SelecT

* add test for onChange

* remove selectedItem prop since we don't need it

* make Select accept options as an array of strings or objects

* Revert "remove selectedItem prop since we don't need it"

This reverts commit 7278516de87bb1df60482edb005137252819931e.

* use Select inside TtlPicker

* remove debugger

* use a test selector

* fix pki test selectors

* improve storybook docs

* fix selected value in ttl picker

* ensure httprequests dropdown updates the selected item

* ensure select dropdown correctly matches selectedItem

* rename selectedItem to selectedValue

* remove debugger lol

* update selectedItem test

* add valueAttribute and labelAttribute to Storybook knobs

* udpate jsdocs

* remove old httprequestsdropdown component

* add note that onChange will receive value of select

* use Select inside AuthForm

* use correct test selector
2019-08-01 14:35:18 -07:00
Matthew Irish 11508c78a4
add a test to verify the api explorer basic loading and funtionality works (#7200) 2019-08-01 16:18:47 -05:00
Matthew Irish 29a85fa1c5
UI kmip acceptance (#7129)
* change the story blueprint so that using -ir will generate a story in the expected place for in-repo addons and engines

* update gen-story-md script to do output md to stories folder inside of in-repo addons and engines

* update storybook config to look for story files in /lib

* add story for list-view component

* add list view page object

* add kmip page objects and tests

* update storybook commands in the README

* split tests up more

* update var name in storybook
2019-08-01 16:04:59 -05:00
Matthew Irish 7437dc9821
ancestorKeysForKey always returns an array (#6205) 2019-08-01 15:49:37 -05:00
Sam Salisbury e211a081ce
ci: remove travis config + all refs (#7122) 2019-07-25 11:10:31 +01:00
Matthew Irish cc3c9e3072
don't specify yarn in engines for now (#7181) 2019-07-24 10:37:33 -05:00