luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/models/database/role.js
claire bontempo 9cc2f52bc1
UI: Glimmerize search select component (#17276) 
* initial commit for glimmerizing search-select

* fix credentials card tests

* WIP/fixing manually passed in options

* note for small change made in other PR

* still a work in progress, but maybe fixed some tests...maybe

* fix path filter config tests

* remove comments

* clean up merge conflicts

* remove redundant subLabel

* remove subLabel, change default label to form field size

* split up format method

* cleanup, try to keep types consistent

* change logic for ss lable

* remove comment

* cleanup naming

* fix incorrect glimmer change

* refactor to allow for parent handling selected options

* update jsdoc and reogranize functions

* add test to path filter config

* address comments, small cleanup

* add test for path filter config ss

* rearrange functions so git diff is easier to compare

* change isNotSectionHeader to isSectionHeader

* add more explicit test coverage, tidying for search select

* small doc tidy

* add comments, one more test! last cleanup!

* fix search select tests
2022-10-03 11:01:34 -07:00

139 lines
4.8 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import Model, { attr } from '@ember-data/model';
import { computed } from '@ember/object';
import { alias } from '@ember/object/computed';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { getRoleFields } from 'vault/utils/database-helpers';
export default Model.extend({
idPrefix: 'role/',
backend: attr('string', { readOnly: true }),
name: attr('string', {
label: 'Role name',
}),
database: attr('array', {
label: 'Database name',
editType: 'searchSelect',
fallbackComponent: 'string-list',
models: ['database/connection'],
selectLimit: 1,
onlyAllowExisting: true,
subText: 'The database for which credentials will be generated.',
}),
type: attr('string', {
label: 'Type of role',
noDefault: true,
possibleValues: ['static', 'dynamic'],
}),
default_ttl: attr({
editType: 'ttl',
defaultValue: '1h',
label: 'Generated credentialss Time-to-Live (TTL)',
helperTextDisabled: 'Vault will use a TTL of 1 hour.',
defaultShown: 'Engine default',
}),
max_ttl: attr({
editType: 'ttl',
defaultValue: '24h',
label: 'Generated credentialss maximum Time-to-Live (Max TTL)',
helperTextDisabled: 'Vault will use a TTL of 24 hours.',
defaultShown: 'Engine default',
}),
username: attr('string', {
subText: 'The database username that this Vault role corresponds to.',
}),
rotation_period: attr({
editType: 'ttl',
defaultValue: '24h',
helperTextDisabled:
'Specifies the amount of time Vault should wait before rotating the password. The minimum is 5 seconds. Default is 24 hours.',
helperTextEnabled: 'Vault will rotate password after',
}),
creation_statements: attr('array', {
editType: 'stringArray',
}),
revocation_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
rotation_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
rollback_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
renew_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
creation_statement: attr('string', {
editType: 'json',
allowReset: true,
theme: 'hashi short',
defaultShown: 'Default',
}),
revocation_statement: attr('string', {
editType: 'json',
allowReset: true,
theme: 'hashi short',
defaultShown: 'Default',
}),
/* FIELD ATTRIBUTES */
get fieldAttrs() {
// Main fields on edit/create form
let fields = ['name', 'database', 'type'];
return expandAttributeMeta(this, fields);
},
get showFields() {
let fields = ['name', 'database', 'type'];
fields = fields.concat(getRoleFields(this.type)).concat(['creation_statements']);
// elasticsearch does not support revocation statements: https://www.vaultproject.io/api-docs/secret/databases/elasticdb#parameters-1
if (this.database[0] !== 'elasticsearch') {
fields = fields.concat(['revocation_statements']);
}
return expandAttributeMeta(this, fields);
},
roleSettingAttrs: computed(function () {
// logic for which get displayed is on DatabaseRoleSettingForm
let allRoleSettingFields = [
'default_ttl',
'max_ttl',
'username',
'rotation_period',
'creation_statements',
'creation_statement', // for editType: JSON
'revocation_statements',
'revocation_statement', // only for MongoDB (editType: JSON)
'rotation_statements',
'rollback_statements',
'renew_statements',
];
return expandAttributeMeta(this, allRoleSettingFields);
}),
/* CAPABILITIES */
// only used for secretPath
path: attr('string', { readOnly: true }),
secretPath: lazyCapabilities(apiPath`${'backend'}/${'path'}/${'id'}`, 'backend', 'path', 'id'),
canEditRole: alias('secretPath.canUpdate'),
canDelete: alias('secretPath.canDelete'),
dynamicPath: lazyCapabilities(apiPath`${'backend'}/roles/+`, 'backend'),
canCreateDynamic: alias('dynamicPath.canCreate'),
staticPath: lazyCapabilities(apiPath`${'backend'}/static-roles/+`, 'backend'),
canCreateStatic: alias('staticPath.canCreate'),
credentialPath: lazyCapabilities(apiPath`${'backend'}/creds/${'id'}`, 'backend', 'id'),
staticCredentialPath: lazyCapabilities(apiPath`${'backend'}/static-creds/${'id'}`, 'backend', 'id'),
canGenerateCredentials: alias('credentialPath.canRead'),
canGetCredentials: alias('staticCredentialPath.canRead'),
databasePath: lazyCapabilities(apiPath`${'backend'}/config/${'database[0]'}`, 'backend', 'database'),
canUpdateDb: alias('databasePath.canUpdate'),
rotateRolePath: lazyCapabilities(apiPath`${'backend'}/rotate-role/${'id'}`, 'backend', 'id'),
canRotateRoleCredentials: alias('rotateRolePath.canUpdate'),
});
Reference in a new issue View git blame Copy permalink