Commit graph

51 commits

Author SHA1 Message Date
Matthew Irish d56f0ccb72
UI - write without read for kv (#6570)
* wait for all hash promises to be settled

* skeleton tests with policies for write without read

* adjust what gets returned from the model hook

* refactor secret-edit model hook to use async/await

* return a stub version if we can't read secret data

* return a stub model for v1 kv

* tweak tests to make re-runs friendlier

* allow write without CAS if both v2 models cannot be read

* show warnings on edit pages for different write without read scenarios

* add no read empty states on secret show pages

* review feedback

* make message language consistent

* use version models from metadata if we can read it

* refresh route on delete / undelete / destroy

* hide controls in the toolbar when you can't read the secret data

* show deleted / destroyed messaging over cannot read messaging on the show page

* fix test with model stub

* refactor large model hook into several functions

* comment clarifications
2019-04-16 15:27:23 -05:00
Joshua Ogle 4954bb35da Consistent capitalization 2019-03-29 18:29:48 -06:00
Matthew Irish 07fc7f16cf
UI - jwt auth config model (#6410)
* have jwt auth config generated from OpenAPI response

* support for viewing and enabling an 'oidc' auth type

* finish oidc config and clean up auth config form
2019-03-14 16:01:56 -05:00
madalynrose 2e94336fa1
Dynamic OpenAPI UI (#6209) 2019-02-14 13:52:34 -05:00
Matthew Irish 0357790fb8
UI - jwt auth (#6188)
* fix default rendering of svg and allow plugins access to mount tune form

* add auth-jwt component

* add callback route, and allow it to be navigated to on load

* add jwt as a supported auth method

* use auth-jwt component and implement intial oidc flow

* allow wrapping un-authed requests

* pass redirect_url and properly redirect with the wrapped token

* popup for login

* center popup window and move to localStorage events for cross window communication because of IE11

* access window via a getter on the auth-form component

* show OIDC provider name on the button

* fetch default role on render of the auth-jwt component

* simplify auth-form template

* style callback page

* refetch auth_url when path changes for auth-jwt component

* fix glimmer error on alias metadata, and add back popup-metadata component

* fix link in metadata page

* add logo-edition component and remove use of partial for logo svg

* render oidc callback template on the loading page if we're going there

* add docs icon and change timeout on the auth form

* move OIDC auth specific things to auth-jwt component

* start to add branded buttons for OIDC providers

* add google button

* finish branded buttons

* update glyph for error messages

* update tests for auth screen not showing tabs, add adapter tests and new auth jwt tests

* start auth-jwt tests

* simplify auth-jwt

* remove negative top margin on AlertInline

* only preventDefault if there's an event

* fill out tests

* sort out some naming

* feedback on templates and styles

* clear error when starting OIDC auth and call for new auth_url

* also allow 'oidc' as the auth method type

* handle namespaces with OIDC auth

* review feedback

* use new getters in popup-metadata
2019-02-14 09:39:19 -06:00
Matthew Irish 3f91ad5ca6
UI - fix perf standby feature display (#5971)
* add performanceStandbyCount to license model

* use count to determine if perf standby is an active feature

* rename test file and add tests for new perf standby behavior

* Update ui/app/templates/components/license-info.hbs

* update display language
2018-12-18 11:01:12 -06:00
madalynrose c84c8e01b2
Search select (#5851) 2018-12-10 11:44:37 -05:00
Noelle Daley 37683e234d
mask password on ldap auth form (#5898) 2018-12-07 13:23:42 -08:00
Matthew Irish af8eda9322
UI - kv v2 graceful degrade (#5879)
* turns out sourcemaps are useful

* add test for restricted policy in kv v2

* only include version param on fetch if it's encoded in the id

* rename some vars for clarity and use model.id when persisting a secret

* fix delete attributes on the models

* allow data edit when there's metadata access is disallowed

* add tests for edit with restricted policy

* hide metadata fields if you can't edit them
2018-12-03 08:22:13 -06:00
madalynrose 4d4ace908c
Add new token_type filed to auth method mount-config (#5723) 2018-11-07 14:34:33 -05:00
madalynrose e93011d908
update capabilities logic for sudo prefixes (#5647)
update capabilities logic to determine need for sudo based on sudo prefix paths
2018-10-31 11:24:36 -04:00
Matthew Irish ad2e40212b add necessary computed macros and template for contextual menus for v1 and v2 secrets 2018-10-18 14:55:51 -05:00
Matthew Irish cf93d6a5ef use backend / secretId in models created on list responses for secrets v1 and v2 2018-10-18 14:55:51 -05:00
Matthew Irish 50f9687424 fix tests 2018-10-18 14:55:51 -05:00
Matthew Irish eb720e4480 move key mixin to the mixin dir and update imports - also use it in secret-v2 model 2018-10-18 14:55:50 -05:00
Matthew Irish 23fd710d4b add in secret metadata form for create 2018-10-18 14:55:50 -05:00
Matthew Irish 2b1e6e9451 use model dirty tracking to track changes 2018-10-18 14:55:49 -05:00
Matthew Irish 35c79b4dd2 make delete, destory, undelete work via the ui 2018-10-18 14:55:48 -05:00
Matthew Irish b74ed60497 finish v2 model layer and add some unit tests for adapters 2018-10-18 14:54:34 -05:00
Matthew Irish a8302b47e0 new model things for secret-v2 and secret-v2 versions: get list, queryRecord, and version find working 2018-10-18 14:54:33 -05:00
Evgeniy Zakharochkin 46948aef80 ability to add NAS Identifier header to radius request (#5465) 2018-10-18 13:41:14 -04:00
madalynrose 554446ae4e
Licensing in the UI (#5437)
Add licensing to the UI
2018-10-12 15:03:01 -04:00
sk4ry 0fab335eec Add ability to configure the NotBefore property of certificates in role api (#5325)
* Add ability to configure the NotBefore property of certificates in role api

* Update index.html.md

* converting field to time.Duration

* setting default back to 30s

* renaming the parameter not_before_duration to differentiate between the NotBefore datetime on the cert

* Update description
2018-10-02 11:10:43 -04:00
Matthew Irish a105664141
UI - ent fixes (#5430)
* re-add performancestandycode for health api call

* update debounce timeout for namespace input on the auth page

* re-fetch cluster model on successful init

* 500ms for the debounce

* swap auth methods after successful api call so that the auth box doesn't jump around

* move list capability fetch to namespace component and don't use computed queryRecord to fetch it

* convert ed models to JSON so that they're unaffected by store unloading

* serialize with the id for the auth method models

* speed tests back up with different polling while loop

* login flash isn't in the same run loop so no longer needs withFlash
2018-10-02 10:05:34 -05:00
Matthew Irish 572fb826be
UI aws engine tweaks (#5294)
* allow passing a path for options so that it can be extracted from the model

* add cred type selector for the aws generate form

* style hint text on generate creds form

* add tests for aws-credential adapter

* allow for the case where we might have zero ttl

* show error for TTL picker if a non-number is entered for the duration part of the TTL

* fix positioning of tooltips

* fix ttl rendering with invalid input for initialValue
2018-09-28 16:45:30 -05:00
Matthew Irish a22861cee9
UI - ent init (#5428)
* allow for enterprise init attributes

* allow moving from init to auth in the init flow on the tutorial machine

* show loading spinner while cluster is unsealing

* use seal-status type to determine the init attrs

* add init acceptance tests

* stored_shares should always be 1

* fix lint

* format template

* remove explicity model attr from init controller
2018-09-28 09:36:18 -05:00
Matthew Irish d509588cd2
Ember update (#5386)
Ember update - update ember-cli, ember-data, and ember to 3.4 series
2018-09-25 11:28:26 -05:00
madalynrose bd34be9144 UI Onboarding Wizards (#5196) 2018-08-28 00:03:55 -05:00
Joel Thompson 9f99ac44f4 Fix default TTL for AWS secrets (#5203)
The default TTL was being offered as 30 minutes, and when unchanged, the
UI wouldn't send the TTL back to the backend, causing it to use the
default of 60m. Fix the TTL to default back to 1 hour.
2018-08-27 23:30:17 -05:00
Matthew Irish 331b6ce6f5
refactor aws secret ui (#5193)
Update UI for AWS secret backend refactor

* Support empty AWS policy documents
* Try to make ARN input multiple
* move aws-role serializer to use the application serializer as the base
* support editing strings as JSON in the form field component
* update model, form and show to use form-component component, and swap fields based on credential type
* fix tests
* unify credential generation for aws and remove the STS specific action in the UI
* add label to the new json string form field
2018-08-27 19:54:30 -05:00
Matthew Irish 21af204683
UI namespaces (#5119)
* add namespace sidebar item

* depend on ember-inflector directly

* list-view and list-item components

* fill out components and render empty namespaces page

* list namespaces in access

* add menu contextual component to list item

* popup contextual component

* full crud for namespaces

* add namespaces service and picker component

* split application and vault.cluster templates and controllers, add namespace query param, add namespace-picker to vault.namespace template

* remove usage of href-to

* remove ember-href-to from deps

* add ember-responsive

* start styling the picker and link to appropriate namespaces, use ember-responsive to render picker in different places based on the breakpoint

* get query param working and save ns to authdata when authenticating, feed through ns in application adapter

* move to observer on the controller for setting state on the service

* set state in the beforeModel hook and clear the ember data model cache

* nav to secrets on change and make error handling more resilient utilizing the method that atlas does to eagerly update URLs

* add a list of sys endpoints in a helper

* hide header elements if not in the root namespace

* debounce namespace input on auth, fix 404 for auth method fetch, move auth method fetch to a task on the auth-form component and refretch on namespace change

* fix display of supported engines and exclusion of sys and identity engines

* don't fetch replication status if you're in a non-root namespace

* hide seal sub-menu if not in the root namespace

* don't autocomplete auth form inputs

* always send some requests to the root namespace

* use methodType and engineType instead of type in case there it is ns_ prefixed

* use sys/internal/ui/namespaces to fetch the list in the dropdown

* don't use model for namespace picker and always make the request to the token namespace

* fix header handling for fetch calls

* use namespace-reminder component on creation and edit forms throughout the application

* add namespace-reminder to the console

* add flat

* add deepmerge for creating the tree in the menu

* delayed rendering for animation timing

* design and code feedback on the first round

* white text in the namespace picker

* fix namespace picker issues with root keys

* separate path-to-tree

* add tests for path-to-tree util

* hide picker if you're in the root ns and you can't access other namespaces

* show error message if you enter invalid characters for namespace path

* return a different model if we dont have the namespaces feature and show upgrade page

* if a token has a namespace_path, use that as the root user namespace and transition them there on login

* use token namespace for user, but use specified namespace to log in

* always renew tokens in the token namespace

* fix edition-badge test
2018-08-16 12:48:24 -05:00
Stephen J. Butler 672668dea5 Add tokenGroups and tokenGroupsGlobalAndUniversal (#4936) 2018-08-13 14:57:10 -07:00
Matthew Irish 5b00b4b10a
UI - add JWT auth, remove alias metadata (#4986)
* remove the ability to edit metadata on entity aliases
* add JWT auth method in the UI
2018-07-24 17:35:31 -05:00
Matthew Irish 9953eb76aa
UI - control groups (#4947)
* add routes for control groups in tools, settings, access (#4718)
* UI control group - storage, request, authorization, and unwrapping (#4899)
* UI control groups config (#4927)
2018-07-18 20:59:04 -05:00
Matthew Irish f38a50b6b2
UI - unauthed login methods (#4854)
* fetch auth methods when going to the auth route and pass them to the auth form component

* add boolean editType for form-fields

* look in the data hash in the serializer

* remove renderInPlace for info-tooltips as it does something goofy with widths

* add new fields for auth methods

* fix console refresh command on routes that use lazyPaginatedQuery

* add wrapped_token param that logs you in via the token backend and show other backends if your list contains supported ones

* handle casing when looking up supported backends

* change listingVisibility to match the new API

* move wrapped_token up to the vault route level so it works from the app root
2018-07-05 13:28:12 -05:00
Matthew Irish 4d29d70b98
UI - upgrading generic secret engines to v2 format (#4750)
* remove dev-leased-kv flag, handle non-secret responses in the console

* skip lease tests for now

* use the newer collection api for ember-page-object

* include generic in types that can have a v2

* add tests for generic v2

* isolate kv v2 logic in the secret-engine model and add unit tests
2018-06-13 23:06:19 -05:00
Matthew Irish 924d1b4ddc
UI - code cleanup (#4699)
* use lazyCapabilities macro in models

* use expandAttributeMeta and fieldToAttrs everywhere

* add angle bracket component polyfill

* use PageHeader component throughout
2018-06-12 16:06:37 -05:00
Matthew Irish a2fb9ae331
UI - console refresh (#4679)
* add router service polyfill
* add refresh command
* move async code into ember-concurrency task and implement refresh that way
* use ember-concurrency derived state to show a loading spinner when the task is running
* scroll after appending to log too
2018-06-01 17:18:31 -05:00
Alex Ionescu 7c31dacea2 Custom extended key usage for PKI. (#4667)
Custom extended key usage for PKI
2018-06-01 09:13:54 -04:00
Matthew Irish 96c1e547f0
UI identity lists (#4655)
* add new key_info to the list models for identity endpoints

* add details to group and show pages

* add parent groups to group tabs

* render alias the same everywhere

* space tab subnav more like the designs

* fix tests

* pull tabs in and remove padding
2018-05-29 21:56:15 -05:00
Matthew Irish b383874a76
UI - Active Directory secrets (#4647)
* add AD secrets in the ui and move deprecated engines to the bottom of the list

* fix tools tests

* prettier
2018-05-29 09:14:31 -05:00
Joshua Ogle 406b73d22c Make popup menus consistent 2018-05-25 12:05:20 -06:00
Matthew Irish 463a3ebea9
UI - identity details (#4502)
* add popups
* add ability to disable entity and banner when entity is disabled
* re-add alias-popup template
* add accpetance tests for creating entities
* add more entity creation acceptance tests
* add delete to edit-form
* add more identity tests and associated selectors
* add onSuccess hook and use UnloadModel route mixins
* add ability to toggle entity disabling from the popover
* fix store list cache because unloadAll isn't synchronous
* fill out tests for identity items and aliases
* add ability to enable entity from the detail page
* toArray on the peekAll
* fix other tests/behavior that relied on a RecordArray
* adjust layout for disabled entity and label for disabling an entity on the edit form
* add item-details integration tests
* move disable field on the entity form
* use ghost buttons for delete in identity and policy edit forms
* adding computed macros for lazy capability fetching and using them in the identity models
2018-05-23 22:10:21 -05:00
Matthew Irish 23778935b0
UI - make engine list more consistent with the auth method list (#4598)
* remove expanding behavior from engines list and add a configuration route

* use page header component, secret tab component for the template on the secret engine configuration route

* move abstraction to secret-list-header and remove secret-tabs

* add attrs to secret engine model and adjust mount controller code to support that

* fix top level nav so that we can use the back button properly

* fix tests
2018-05-23 11:25:52 -05:00
Peter Schultz a786ef8a4a Fix capability test for policies in UI (#4566)
Fix incorrect path for capability check in the policies UI.

Fixes #4564.
2018-05-14 17:20:07 -05:00
Matthew Irish 7f4dbe3fd2
Ui kv v2 redux (#4393)
* remove header used for backwards compatibility in KV mounts, and use v1 paths for v1, v2 paths for v2

* make the model hook always run

* simplify adapter & serializer code for secrets

* update tests

* fix lease tests

* address review feedback
2018-04-19 21:26:25 -05:00
Matthew Irish 5ea3f7512a
Update ui to reflect config changes for kv. versioned -> version (#4310)
* update ui to reflect config changes for kv. versioned -> version
* options not config
* tweak version display in the ui
2018-04-09 16:49:52 -05:00
Matthew Irish 067495ccce
UI - new backends (#4302)
* allow mounting of gcp secrets engine

* add models for azure auth method

* add azure as a mountable auth method

* make dev CSP more like built-in CSP

* id -> ID
2018-04-09 14:44:53 -05:00
Matthew Irish cff34e983f
UI - pki updates (#4291)
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
2018-04-08 21:09:29 -05:00
Matthew Irish 4b885c080c
Ui request forwarding error (#4275)
* add ember-cli-content-security-policy
* only enable client side CSP when not in production - the go side handles this otherwise
* add service that handles and stores CSP violations via the securitypolicyviolation event
* update auth form component to show a specialized message when there's a CSP error
* move to computed prop for showing the CSP error message
* fix typos
2018-04-05 16:36:33 -05:00