luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/routes/vault/cluster/secrets/backend/secret-edit.js
Matthew Irish 7bf3476be9
Ui kv preflight endpoints (#4439) 
* remove unused response-wrapping route and controller

* move to using the internal mounts endpoint for the secrets list and individual engine lookup

* remove errors about sys/mounts access because we don't need it anymore 🎉

* use modelFor instead of peekRecord for looking up the secret-engine

* remove test because we removed that error page - in the worst case scenario, a user will only have access to cubbyhole, but will see that in the secrets engines list

* make the dev CSP the same as the Go CSP

* update serializer to handle SSH responses as well as new engine fetches

* back out some changes to ttl-picker and field test object so that tests pass

* get rid of trailing space in the secret engine link

* add secrets-engine  adapater tests for new query behavior
2018-04-24 16:30:44 -05:00

148 lines
4.6 KiB
JavaScript
Raw Blame History

import Ember from 'ember';
import utils from 'vault/lib/key-utils';
import UnloadModelRoute from 'vault/mixins/unload-model-route';
export default Ember.Route.extend(UnloadModelRoute, {
capabilities(secret) {
const { backend } = this.paramsFor('vault.cluster.secrets.backend');
let backendModel = this.modelFor('vault.cluster.secrets.backend');
let backendType = backendModel.get('type');
let version = backendModel.get('options.version');
let path;
if (backendType === 'transit') {
path = backend + '/keys/' + secret;
} else if (backendType === 'ssh' || backendType === 'aws') {
path = backend + '/roles/' + secret;
} else if (version && version === 2) {
path = backend + '/data/' + secret;
} else {
path = backend + '/' + secret;
}
return this.store.findRecord('capabilities', path);
},
backendType() {
return this.modelFor('vault.cluster.secrets.backend').get('type');
},
templateName: 'vault/cluster/secrets/backend/secretEditLayout',
beforeModel() {
// currently there is no recursive delete for folders in vault, so there's no need to 'edit folders'
// perhaps in the future we could recurse _for_ users, but for now, just kick them
// back to the list
const { secret } = this.paramsFor(this.routeName);
const parentKey = utils.parentKeyForKey(secret);
const mode = this.routeName.split('.').pop();
if (mode === 'edit' && utils.keyIsFolder(secret)) {
if (parentKey) {
return this.transitionTo('vault.cluster.secrets.backend.list', parentKey);
} else {
return this.transitionTo('vault.cluster.secrets.backend.list-root');
}
}
},
modelType(backend, secret) {
let types = {
transit: 'transit-key',
ssh: 'role-ssh',
aws: 'role-aws',
pki: secret && secret.startsWith('cert/') ? 'pki-certificate' : 'role-pki',
};
let backendModel = this.modelFor('vault.cluster.secrets.backend', backend);
let defaultType = 'secret';
if (backendModel.get('type') === 'kv' && backendModel.get('options.version') === 2) {
defaultType = 'secret-v2';
}
return types[backendModel.get('type')] || defaultType;
},
model(params) {
let { secret } = params;
const { backend } = this.paramsFor('vault.cluster.secrets.backend');
const modelType = this.modelType(backend, secret);
if (!secret) {
secret = '\u0020';
}
if (modelType === 'pki-certificate') {
secret = secret.replace('cert/', '');
}
return Ember.RSVP.hash({
secret: this.store.queryRecord(modelType, { id: secret, backend }),
capabilities: this.capabilities(secret),
});
},
setupController(controller, model) {
this._super(...arguments);
const { secret } = this.paramsFor(this.routeName);
const { backend } = this.paramsFor('vault.cluster.secrets.backend');
const preferAdvancedEdit =
this.controllerFor('vault.cluster.secrets.backend').get('preferAdvancedEdit') || false;
const backendType = this.backendType();
model.secret.setProperties({ backend });
controller.setProperties({
model: model.secret,
capabilities: model.capabilities,
baseKey: { id: secret },
// mode will be 'show', 'edit', 'create'
mode: this.routeName.split('.').pop().replace('-root', ''),
backend,
preferAdvancedEdit,
backendType,
});
},
resetController(controller) {
if (controller.reset && typeof controller.reset === 'function') {
controller.reset();
}
},
actions: {
error(error) {
const { secret } = this.paramsFor(this.routeName);
const { backend } = this.paramsFor('vault.cluster.secrets.backend');
Ember.set(error, 'keyId', backend + '/' + secret);
Ember.set(error, 'backend', backend);
return true;
},
refreshModel() {
this.refresh();
},
willTransition(transition) {
const mode = this.routeName.split('.').pop();
if (mode === 'show') {
return transition;
}
if (this.get('hasChanges')) {
if (
window.confirm(
'You have unsaved changes. Navigating away will discard these changes. Are you sure you want to discard your changes?'
)
) {
this.unloadModel();
this.set('hasChanges', false);
return transition;
} else {
transition.abort();
return false;
}
}
},
hasDataChanges(hasChanges) {
this.set('hasChanges', hasChanges);
},
toggleAdvancedEdit(bool) {
this.controller.set('preferAdvancedEdit', bool);
this.controllerFor('vault.cluster.secrets.backend').set('preferAdvancedEdit', bool);
},
},
});
Reference in a new issue View git blame Copy permalink