Commit graph

34 commits

Author SHA1 Message Date
Matthew Irish 07fc7f16cf
UI - jwt auth config model (#6410)
* have jwt auth config generated from OpenAPI response

* support for viewing and enabling an 'oidc' auth type

* finish oidc config and clean up auth config form
2019-03-14 16:01:56 -05:00
Matthew Irish c4cf16c3e3
UI - fix encoding for user-entered paths (#6294)
* directly depend on route-recognizer

* add path encode helper using route-recognizer normalizer methods

* encode user-entered paths/ids for places we're not using the built-in ember data buildUrl method

* encode secret link params

* decode params from the url, and encode for linked-block and navigate-input components

* add escape-string-regexp

* use list-controller mixin and escape the string when contructing new Regex objects

* encode paths in the console service

* add acceptance tests for kv secrets

* make encoding in linked-block an attribute, and use it on secret lists

* egp endpoints are enterprise-only, so include 'enterprise' text in the test

* fix routing test and exclude single quote from encoding tests

* encode cli string before tokenizing

* encode auth_path for use with urlFor

* add test for single quote via UI input instead of web cli
2019-03-01 10:08:30 -06:00
Matthew Irish a5fd143f82
fix tests for auth-jwt and related functionality (#6277) 2019-02-21 16:21:23 -06:00
madalynrose 2e94336fa1
Dynamic OpenAPI UI (#6209) 2019-02-14 13:52:34 -05:00
Matthew Irish 0357790fb8
UI - jwt auth (#6188)
* fix default rendering of svg and allow plugins access to mount tune form

* add auth-jwt component

* add callback route, and allow it to be navigated to on load

* add jwt as a supported auth method

* use auth-jwt component and implement intial oidc flow

* allow wrapping un-authed requests

* pass redirect_url and properly redirect with the wrapped token

* popup for login

* center popup window and move to localStorage events for cross window communication because of IE11

* access window via a getter on the auth-form component

* show OIDC provider name on the button

* fetch default role on render of the auth-jwt component

* simplify auth-form template

* style callback page

* refetch auth_url when path changes for auth-jwt component

* fix glimmer error on alias metadata, and add back popup-metadata component

* fix link in metadata page

* add logo-edition component and remove use of partial for logo svg

* render oidc callback template on the loading page if we're going there

* add docs icon and change timeout on the auth form

* move OIDC auth specific things to auth-jwt component

* start to add branded buttons for OIDC providers

* add google button

* finish branded buttons

* update glyph for error messages

* update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests

* start auth-jwt tests

* simplify auth-jwt

* remove negative top margin on AlertInline

* only preventDefault if there's an event

* fill out tests

* sort out some naming

* feedback on templates and styles

* clear error when starting OIDC auth and call for new auth_url

* also allow 'oidc' as the auth method type

* handle namespaces with OIDC auth

* review feedback

* use new getters in popup-metadata
2019-02-14 09:39:19 -06:00
Noelle Daley 58dfd8aa68
Add Policy-based Navigation (#5967)
* add permissions service

* start template helper

* match prefixed paths

* gate sidebar links

* land on first page user has access to

* show nav when user first logs in

* clear paths when user logs out

* add tests

* implement feedback

* show all nav items if no policy is found

* update onboarding wizard

* fix some unrelated tests

* add support for namespaces

* gate wizard

* unstage package and lockfile
2019-01-18 14:04:40 -08:00
Matthew Irish e4d3d2610c
add an auth-config adapter for jwt so that configs can be saved properly (#5936)
* add an auth-config adapter for jwt so that configs can be saved properly

* unskip some tests and add a test for jwt config

* linting
2018-12-12 16:53:45 -06:00
madalynrose c84c8e01b2
Search select (#5851) 2018-12-10 11:44:37 -05:00
Chris Dituri 471f26a0e3 ui/app/adapters/pki.js: fix typo in assert() message (#5882)
Update the assertion to indicate, in order to override the PKI adapter
url() method, one should extend the PKI adapter; not the SSH adapter.
2018-12-03 16:14:59 -06:00
Matthew Irish af8eda9322
UI - kv v2 graceful degrade (#5879)
* turns out sourcemaps are useful

* add test for restricted policy in kv v2

* only include version param on fetch if it's encoded in the id

* rename some vars for clarity and use model.id when persisting a secret

* fix delete attributes on the models

* allow data edit when there's metadata access is disallowed

* add tests for edit with restricted policy

* hide metadata fields if you can't edit them
2018-12-03 08:22:13 -06:00
Matthew Irish 610fe599c2
UI secondary dr recovery token fix (#5818)
* use the OTP that the server provides instead of generating one in the JS client

* fix button styling

* differentiate between OTP and encoded token and encrypted token in the template
2018-11-19 15:14:24 -06:00
madalynrose 907983b397
Add Response Wrapping For Secrets (#5664) 2018-11-12 11:27:06 -05:00
Matthew Irish 5ca987662f
UI - new token renew banner (#5662)
* move warning banner out of token-expire-warning and into user menu
* check renewal status every 5s, and resume auto-renew if a user becomes active again
* use a link in the token-expire-warning
* add test for new expiration functionality
* fix license test
* use features helper in license test
* fix import
* use yarn 1.12.1
* remove mirage
* skip some tests for now
* use eslintignore
* logout after auth tests
* use new alert-banner for auth info warning
* add data-test selector back
* move identity back to a button, and style button.link
* make the warning message the right color
* fix shamir test
* review feedback
2018-11-05 10:56:59 -06:00
Matthew Irish cf93d6a5ef use backend / secretId in models created on list responses for secrets v1 and v2 2018-10-18 14:55:51 -05:00
Matthew Irish 1011dc81a5 fix metadata save on creation and use autocomplete=off for inputs 2018-10-18 14:55:50 -05:00
Matthew Irish 35c79b4dd2 make delete, destory, undelete work via the ui 2018-10-18 14:55:48 -05:00
Matthew Irish dbb65620f3 move capabilities into the secret-edit component 2018-10-18 14:54:36 -05:00
Matthew Irish b74ed60497 finish v2 model layer and add some unit tests for adapters 2018-10-18 14:54:34 -05:00
Matthew Irish a8302b47e0 new model things for secret-v2 and secret-v2 versions: get list, queryRecord, and version find working 2018-10-18 14:54:33 -05:00
madalynrose 554446ae4e
Licensing in the UI (#5437)
Add licensing to the UI
2018-10-12 15:03:01 -04:00
Matthew Irish a105664141
UI - ent fixes (#5430)
* re-add performancestandycode for health api call

* update debounce timeout for namespace input on the auth page

* re-fetch cluster model on successful init

* 500ms for the debounce

* swap auth methods after successful api call so that the auth box doesn't jump around

* move list capability fetch to namespace component and don't use computed queryRecord to fetch it

* convert ed models to JSON so that they're unaffected by store unloading

* serialize with the id for the auth method models

* speed tests back up with different polling while loop

* login flash isn't in the same run loop so no longer needs withFlash
2018-10-02 10:05:34 -05:00
Matthew Irish 572fb826be
UI aws engine tweaks (#5294)
* allow passing a path for options so that it can be extracted from the model

* add cred type selector for the aws generate form

* style hint text on generate creds form

* add tests for aws-credential adapter

* allow for the case where we might have zero ttl

* show error for TTL picker if a non-number is entered for the duration part of the TTL

* fix positioning of tooltips

* fix ttl rendering with invalid input for initialValue
2018-09-28 16:45:30 -05:00
Matthew Irish d509588cd2
Ember update (#5386)
Ember update - update ember-cli, ember-data, and ember to 3.4 series
2018-09-25 11:28:26 -05:00
Matthew Irish 331b6ce6f5
refactor aws secret ui (#5193)
Update UI for AWS secret backend refactor

* Support empty AWS policy documents
* Try to make ARN input multiple
* move aws-role serializer to use the application serializer as the base
* support editing strings as JSON in the form field component
* update model, form and show to use form-component component, and swap fields based on credential type
* fix tests
* unify credential generation for aws and remove the STS specific action in the UI
* add label to the new json string form field
2018-08-27 19:54:30 -05:00
Matthew Irish 21af204683
UI namespaces (#5119)
* add namespace sidebar item

* depend on ember-inflector directly

* list-view and list-item components

* fill out components and render empty namespaces page

* list namespaces in access

* add menu contextual component to list item

* popup contextual component

* full crud for namespaces

* add namespaces service and picker component

* split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template

* remove usage of href-to

* remove ember-href-to from deps

* add ember-responsive

* start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint

* get query param working and save ns to authdata when authenticating, feed through ns in application adapter

* move to observer on the controller for setting state on the service

* set state in the beforeModel hook and clear the ember data model cache

* nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs

* add a list of sys endpoints in a helper

* hide header elements if not in the root namespace

* debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change

* fix display of supported engines and exclusion of sys and identity engines

* don't fetch replication status if you're in a non-root namespace

* hide seal sub-menu if not in the root namespace

* don't autocomplete auth form inputs

* always send some requests to the root namespace

* use methodType and engineType instead of type in case there it is ns_ prefixed

* use sys/internal/ui/namespaces to fetch the list in the dropdown

* don't use model for namespace picker and always make the request to the token namespace

* fix header handling for fetch calls

* use namespace-reminder component on creation and edit forms throughout the application

* add namespace-reminder to the console

* add flat

* add deepmerge for creating the tree in the menu

* delayed rendering for animation timing

* design and code feedback on the first round

* white text in the namespace picker

* fix namespace picker issues with root keys

* separate path-to-tree

* add tests for path-to-tree util

* hide picker if you're in the root ns and you can't access other namespaces

* show error message if you enter invalid characters for namespace path

* return a different model if we dont have the namespaces feature and show upgrade page

* if a token has a namespace_path, use that as the root user namespace and transition them there on login

* use token namespace for user, but use specified namespace to log in

* always renew tokens in the token namespace

* fix edition-badge test
2018-08-16 12:48:24 -05:00
Matthew Irish 9953eb76aa
UI - control groups (#4947)
* add routes for control groups in tools, settings, access (#4718)
* UI control group - storage, request, authorization, and unwrapping (#4899)
* UI control groups config (#4927)
2018-07-18 20:59:04 -05:00
Matthew Irish f38a50b6b2
UI - unauthed login methods (#4854)
* fetch auth methods when going to the auth route and pass them to the auth form component

* add boolean editType for form-fields

* look in the data hash in the serializer

* remove renderInPlace for info-tooltips as it does something goofy with widths

* add new fields for auth methods

* fix console refresh command on routes that use lazyPaginatedQuery

* add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones

* handle casing when looking up supported backends

* change listingVisibility to match the new API

* move wrapped_token up to the vault route level so it works from the app root
2018-07-05 13:28:12 -05:00
madalynrose 2b41283a91
UI console (#4631)
* adding columnify and ember-cli-cjs-transform

* add yargs-parser

* remove vendored yargs-parser tokenizer and use cjs transform to import it from actual yargs-parser

* add clear command that clears the log, but maintains history

* make codemirror have no gutter and be auto-height when rendered in the console output log

* add fullscreen command and hook up fullscreen toggle button

* hook up copy button
2018-05-25 16:33:22 -04:00
Matthew Irish 7bf3476be9
Ui kv preflight endpoints (#4439)
* remove unused response-wrapping route and controller

* move to using the internal mounts endpoint for the secrets list and individual engine lookup

* remove errors about sys/mounts access because we don't need it anymore 🎉

* use modelFor instead of peekRecord for looking up the secret-engine

* remove test because we removed that error page - in the worst case scenario, a user will only have access to cubbyhole, but will see that in the secrets engines list

* make the dev CSP the same as the Go CSP

* update serializer to handle SSH responses as well as new engine fetches

* back out some changes to ttl-picker and field test object so that tests pass

* get rid of trailing space in the secret engine link

* add secrets-engine  adapater tests for new query behavior
2018-04-24 16:30:44 -05:00
Matthew Irish 7f4dbe3fd2
Ui kv v2 redux (#4393)
* remove header used for backwards compatibility in KV mounts, and use v1 paths for v1, v2 paths for v2

* make the model hook always run

* simplify adapter & serializer code for secrets

* update tests

* fix lease tests

* address review feedback
2018-04-19 21:26:25 -05:00
Matthew Irish 0e25096665
use an array to lookup capabilities paths so that commas aren't an issue (#4398) 2018-04-19 20:51:41 -05:00
Matthew Irish 5ea3f7512a
Update ui to reflect config changes for kv. versioned -> version (#4310)
* update ui to reflect config changes for kv. versioned -> version
* options not config
* tweak version display in the ui
2018-04-09 16:49:52 -05:00
Matthew Irish 067495ccce
UI - new backends (#4302)
* allow mounting of gcp secrets engine

* add models for azure auth method

* add azure as a mountable auth method

* make dev CSP more like built-in CSP

* id -> ID
2018-04-09 14:44:53 -05:00
Matthew Irish 7c92bb9b1d Moving UI assets to OSS 2018-04-03 09:16:57 -05:00