* have jwt auth config generated from OpenAPI response
* support for viewing and enabling an 'oidc' auth type
* finish oidc config and clean up auth config form
* fetch jwt role on render for default paths
* fix tests to expect fetching role on render at default paths
* update label for JWT auth method
* fix tests
This adds a space in the title of the enable secrets engine page. Example: "Enable Google Cloud KMSsecrets engine" should be "Enable Google Cloud KMS secrets engine"
* directly depend on route-recognizer
* add path encode helper using route-recognizer normalizer methods
* encode user-entered paths/ids for places we're not using the built-in ember data buildUrl method
* encode secret link params
* decode params from the url, and encode for linked-block and navigate-input components
* add escape-string-regexp
* use list-controller mixin and escape the string when contructing new Regex objects
* encode paths in the console service
* add acceptance tests for kv secrets
* make encoding in linked-block an attribute, and use it on secret lists
* egp endpoints are enterprise-only, so include 'enterprise' text in the test
* fix routing test and exclude single quote from encoding tests
* encode cli string before tokenizing
* encode auth_path for use with urlFor
* add test for single quote via UI input instead of web cli
* fix default rendering of svg and allow plugins access to mount tune form
* add auth-jwt component
* add callback route, and allow it to be navigated to on load
* add jwt as a supported auth method
* use auth-jwt component and implement intial oidc flow
* allow wrapping un-authed requests
* pass redirect_url and properly redirect with the wrapped token
* popup for login
* center popup window and move to localStorage events for cross window communication because of IE11
* access window via a getter on the auth-form component
* show OIDC provider name on the button
* fetch default role on render of the auth-jwt component
* simplify auth-form template
* style callback page
* refetch auth_url when path changes for auth-jwt component
* fix glimmer error on alias metadata, and add back popup-metadata component
* fix link in metadata page
* add logo-edition component and remove use of partial for logo svg
* render oidc callback template on the loading page if we're going there
* add docs icon and change timeout on the auth form
* move OIDC auth specific things to auth-jwt component
* start to add branded buttons for OIDC providers
* add google button
* finish branded buttons
* update glyph for error messages
* update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests
* start auth-jwt tests
* simplify auth-jwt
* remove negative top margin on AlertInline
* only preventDefault if there's an event
* fill out tests
* sort out some naming
* feedback on templates and styles
* clear error when starting OIDC auth and call for new auth_url
* also allow 'oidc' as the auth method type
* handle namespaces with OIDC auth
* review feedback
* use new getters in popup-metadata
* check for capabilities when finding matching paths
* disable wizard items that user does not have access to
* make hasPermissions accept an array of capabilities
* refactor features-selection
* fix tests
* implement feedback
* add permissions service
* start template helper
* match prefixed paths
* gate sidebar links
* land on first page user has access to
* show nav when user first logs in
* clear paths when user logs out
* add tests
* implement feedback
* show all nav items if no policy is found
* update onboarding wizard
* fix some unrelated tests
* add support for namespaces
* gate wizard
* unstage package and lockfile
* add dot-to-dash helper
* fix context menu on policy page and add test for deletion
* use dot-to-dash where we use confirm component
* fix acceptance test
* don't pass id when using createRecord
* add find nearest ancestor mixin
* re-throw the error if we've deleted something and encounter a 404
* use the with-nav-to-nearest-ancestor mixin
* add some comments
* add acceptance test to verify new behavior
* yield final transition in ec task
* add performanceStandbyCount to license model
* use count to determine if perf standby is an active feature
* rename test file and add tests for new perf standby behavior
* Update ui/app/templates/components/license-info.hbs
* update display language
* turns out sourcemaps are useful
* add test for restricted policy in kv v2
* only include version param on fetch if it's encoded in the id
* rename some vars for clarity and use model.id when persisting a secret
* fix delete attributes on the models
* allow data edit when there's metadata access is disallowed
* add tests for edit with restricted policy
* hide metadata fields if you can't edit them
* centralize page size setting, and default to page size of 5 in dev
* remove size arg when using lazyPaginatedQuery so that the app uses the config default size
* move list-pagination component out of the loop
* update store tests
* remove ember-cli-favicon
* link to png favicon in public folder
* skip some things in the build depending on the env
* update to ember-cli 3.5.0 for broccoli 2, and ember-fetch because it was incompatible with broccoli 2
* update some things the new sass module wasn't happy about
* turn off more things in dev to make the build faster
* bump to the latest ember-cli and move back to node-sass
* remove sass since we're using node-sass
* include polyfill in test as well
* use the OTP that the server provides instead of generating one in the JS client
* fix button styling
* differentiate between OTP and encoded token and encrypted token in the template
* add new codemirror helpers
* adding json helpers to the secret pages
* mark the edit button / link as the edit element instead of the json toggle
* add acceptance tests for JSON editing
* move warning banner out of token-expire-warning and into user menu
* check renewal status every 5s, and resume auto-renew if a user becomes active again
* use a link in the token-expire-warning
* add test for new expiration functionality
* fix license test
* use features helper in license test
* fix import
* use yarn 1.12.1
* remove mirage
* skip some tests for now
* use eslintignore
* logout after auth tests
* use new alert-banner for auth info warning
* add data-test selector back
* move identity back to a button, and style button.link
* make the warning message the right color
* fix shamir test
* review feedback
* fix passing initialKey to the top level secret create page
* add service that uses the private routing service because of various bugs
* make custom router service more like the bundled router service
* clear the store cache when the model changes
* add versions routes
* move commands and permissions check to stand-alone menu component
* add versions template
* make list-item component more flexible and use hasMenu to optionally render the menu
* move current check next to the version
* fix linting
* remove is-wide from secret list popup
* Add ability to configure the NotBefore property of certificates in role api
* Update index.html.md
* converting field to time.Duration
* setting default back to 30s
* renaming the parameter not_before_duration to differentiate between the NotBefore datetime on the cert
* Update description
* re-add performancestandycode for health api call
* update debounce timeout for namespace input on the auth page
* re-fetch cluster model on successful init
* 500ms for the debounce
* swap auth methods after successful api call so that the auth box doesn't jump around
* move list capability fetch to namespace component and don't use computed queryRecord to fetch it
* convert ed models to JSON so that they're unaffected by store unloading
* serialize with the id for the auth method models
* speed tests back up with different polling while loop
* login flash isn't in the same run loop so no longer needs withFlash
* fix token expiration calculation
* move authenticate to an ember concurrency task
* don't show logged in nav while still on the auth route
* move current tests to integration folder, add unit test for expiration calculation
* fix auth form tests
* allow passing a path for options so that it can be extracted from the model
* add cred type selector for the aws generate form
* style hint text on generate creds form
* add tests for aws-credential adapter
* allow for the case where we might have zero ttl
* show error for TTL picker if a non-number is entered for the duration part of the TTL
* fix positioning of tooltips
* fix ttl rendering with invalid input for initialValue
* allow for enterprise init attributes
* allow moving from init to auth in the init flow on the tutorial machine
* show loading spinner while cluster is unsealing
* use seal-status type to determine the init attrs
* add init acceptance tests
* stored_shares should always be 1
* fix lint
* format template
* remove explicity model attr from init controller
* add alicloud auth method in the UI along with onboarding component
* hide dismiss menu on tutorial paused state
* add ability to enable azure secrets engine
* have fromJSON throw if trying to convert non-object to a KVObject
* catch the fromJSON error in secret-edit, display an error, and disabled the submit button
The default TTL was being offered as 30 minutes, and when unchanged, the
UI wouldn't send the TTL back to the backend, causing it to use the
default of 60m. Fix the TTL to default back to 1 hour.
Update UI for AWS secret backend refactor
* Support empty AWS policy documents
* Try to make ARN input multiple
* move aws-role serializer to use the application serializer as the base
* support editing strings as JSON in the form field component
* update model, form and show to use form-component component, and swap fields based on credential type
* fix tests
* unify credential generation for aws and remove the STS specific action in the UI
* add label to the new json string form field
* add switch link on namespace link page if user has access to the namespace
* refresh list when you delete, only show manage if you can list
* fix bug where disconnected namespaces wouldn't show the picker properly
* namespaces list should end in a slash
* end full namespace paths with a /
* shorten pop up menu link
* add namespace sidebar item
* depend on ember-inflector directly
* list-view and list-item components
* fill out components and render empty namespaces page
* list namespaces in access
* add menu contextual component to list item
* popup contextual component
* full crud for namespaces
* add namespaces service and picker component
* split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template
* remove usage of href-to
* remove ember-href-to from deps
* add ember-responsive
* start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint
* get query param working and save ns to authdata when authenticating, feed through ns in application adapter
* move to observer on the controller for setting state on the service
* set state in the beforeModel hook and clear the ember data model cache
* nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs
* add a list of sys endpoints in a helper
* hide header elements if not in the root namespace
* debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change
* fix display of supported engines and exclusion of sys and identity engines
* don't fetch replication status if you're in a non-root namespace
* hide seal sub-menu if not in the root namespace
* don't autocomplete auth form inputs
* always send some requests to the root namespace
* use methodType and engineType instead of type in case there it is ns_ prefixed
* use sys/internal/ui/namespaces to fetch the list in the dropdown
* don't use model for namespace picker and always make the request to the token namespace
* fix header handling for fetch calls
* use namespace-reminder component on creation and edit forms throughout the application
* add namespace-reminder to the console
* add flat
* add deepmerge for creating the tree in the menu
* delayed rendering for animation timing
* design and code feedback on the first round
* white text in the namespace picker
* fix namespace picker issues with root keys
* separate path-to-tree
* add tests for path-to-tree util
* hide picker if you're in the root ns and you can't access other namespaces
* show error message if you enter invalid characters for namespace path
* return a different model if we dont have the namespaces feature and show upgrade page
* if a token has a namespace_path, use that as the root user namespace and transition them there on login
* use token namespace for user, but use specified namespace to log in
* always renew tokens in the token namespace
* fix edition-badge test
This commit changes the selected text background color to a more
contrasting one. It also unifies colors of focused/not focused editor.
Focused editor is now indicated by the blinking cursor, which is a
more popular solution.
* add routes for control groups in tools, settings, access (#4718)
* UI control group - storage, request, authorization, and unwrapping (#4899)
* UI control groups config (#4927)
* fetch auth methods when going to the auth route and pass them to the auth form component
* add boolean editType for form-fields
* look in the data hash in the serializer
* remove renderInPlace for info-tooltips as it does something goofy with widths
* add new fields for auth methods
* fix console refresh command on routes that use lazyPaginatedQuery
* add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones
* handle casing when looking up supported backends
* change listingVisibility to match the new API
* move wrapped_token up to the vault route level so it works from the app root
* add NavHeader component
* use NavHeader in SplashPage component and application.hbs
* let download button take a block
* add RadialProgress component
* use RadialProgress in ShamirFlow component
* style up the RadialProgress component
* update ember-basic-dropdown, ember-basic-dropdown-hover
* rework operation token generation workflow
* directly depend on ember-maybe-in-element
* add make targets to build the ui without minifying the source
* add polyfill for string.prototype.endswith and move to npm version of string.prototype.startswith
* replace the current history state with a / on the list secrets endpoint
* add test for list with id
* remove dev-leased-kv flag, handle non-secret responses in the console
* skip lease tests for now
* use the newer collection api for ember-page-object
* include generic in types that can have a v2
* add tests for generic v2
* isolate kv v2 logic in the secret-engine model and add unit tests
* use lazyCapabilities macro in models
* use expandAttributeMeta and fieldToAttrs everywhere
* add angle bracket component polyfill
* use PageHeader component throughout
* add router service polyfill
* add refresh command
* move async code into ember-concurrency task and implement refresh that way
* use ember-concurrency derived state to show a loading spinner when the task is running
* scroll after appending to log too
* add error template to access so that we can see the sidebar even if you don't have permissions
* identity template cleanup
* make the token expiry warning friendlier and style it
* add new key_info to the list models for identity endpoints
* add details to group and show pages
* add parent groups to group tabs
* render alias the same everywhere
* space tab subnav more like the designs
* fix tests
* pull tabs in and remove padding
* add creation path to the display on wrapping lookup
* fix z-index issue with console-panel and the subnav on smaller viewports
* use position:fixed for all of the global flash stuff
* tweaks for the console on mobile devices
* adding columnify and ember-cli-cjs-transform
* add yargs-parser
* remove vendored yargs-parser tokenizer and use cjs transform to import it from actual yargs-parser
* add clear command that clears the log, but maintains history
* make codemirror have no gutter and be auto-height when rendered in the console output log
* add fullscreen command and hook up fullscreen toggle button
* hook up copy button
* add popups
* add ability to disable entity and banner when entity is disabled
* re-add alias-popup template
* add accpetance tests for creating entities
* add more entity creation acceptance tests
* add delete to edit-form
* add more identity tests and associated selectors
* add onSuccess hook and use UnloadModel route mixins
* add ability to toggle entity disabling from the popover
* fix store list cache because unloadAll isn't synchronous
* fill out tests for identity items and aliases
* add ability to enable entity from the detail page
* toArray on the peekAll
* fix other tests/behavior that relied on a RecordArray
* adjust layout for disabled entity and label for disabling an entity on the edit form
* add item-details integration tests
* move disable field on the entity form
* use ghost buttons for delete in identity and policy edit forms
* adding computed macros for lazy capability fetching and using them in the identity models
* remove expanding behavior from engines list and add a configuration route
* use page header component, secret tab component for the template on the secret engine configuration route
* move abstraction to secret-list-header and remove secret-tabs
* add attrs to secret engine model and adjust mount controller code to support that
* fix top level nav so that we can use the back button properly
* fix tests
* fix version service parsing of .hsm in a version string
* remove race condition where the replication menu would show the enterprise upsell in an enterprise binary
* fix styling and layout of replication status menu
* move version check to beforeModel
* remove unused response-wrapping route and controller
* move to using the internal mounts endpoint for the secrets list and individual engine lookup
* remove errors about sys/mounts access because we don't need it anymore 🎉
* use modelFor instead of peekRecord for looking up the secret-engine
* remove test because we removed that error page - in the worst case scenario, a user will only have access to cubbyhole, but will see that in the secrets engines list
* make the dev CSP the same as the Go CSP
* update serializer to handle SSH responses as well as new engine fetches
* back out some changes to ttl-picker and field test object so that tests pass
* get rid of trailing space in the secret engine link
* add secrets-engine adapater tests for new query behavior
* remove header used for backwards compatibility in KV mounts, and use v1 paths for v1, v2 paths for v2
* make the model hook always run
* simplify adapter & serializer code for secrets
* update tests
* fix lease tests
* address review feedback
* move submit buttons in auth-form into a form tag because IE11 is sad
* add acceptance test for auth-method clearing
* update ember-cli-page-object
* actually remove the form attr on the auth-form component
* remove form attribute on init form
* remove form attribute from shamir-flow component
* stringify not strigify
* fix capability lookup for kv backends
* remove list capabilities call and gating UI parts on capabilities.canCreate
* remove capabilities on create and update tests
* run dev server with no colors and use readline to log stdout stream
* fix + skip lease tests
* remove space on mounts list
* use waitForEvent for the CSP service as @alisdair suggested
* Secrets engine not secret engine
* move algorithm -> hash_algorithm and add support for picking signature_algorithm for RSA keys when signing or verifying in transit
* allow mounting of gcp secrets engine
* add models for azure auth method
* add azure as a mountable auth method
* make dev CSP more like built-in CSP
* id -> ID
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
* add ember-cli-content-security-policy
* only enable client side CSP when not in production - the go side handles this otherwise
* add service that handles and stores CSP violations via the securitypolicyviolation event
* update auth form component to show a specialized message when there's a CSP error
* move to computed prop for showing the CSP error message
* fix typos
* add hasSentinel to the version service
* use hasSentinel instead of features directly
* type='button' strikes again
* pass url param in tab links to ensure hrefs are updated
* 404 when the item_type is invalid for the identity route