open-vault/ui/app/templates/components/transit-form-edit.hbs
Chelsea Shaw bab5fe34f0
UI: Better default transit auto-rotation (#15474)
* TTL Picker convers to largest unit when value is number

* Initial value for transit auto-rotation period is 30d

* Add auto-rotation check to transit test

* Add changelog

* Add clarifying comment
2022-05-17 16:06:57 -05:00

106 lines
4 KiB
Handlebars

<form onsubmit={{@createOrUpdateKey}}>
<div class="box is-sideless is-fullwidth is-marginless">
<MessageError @model={{@key}} />
<NamespaceReminder @mode="edit" @noun="transit key" />
<div class="field">
<div class="b-checkbox">
<input
id="key-allows-delete"
type="checkbox"
checked={{@key.deletionAllowed}}
class="styled"
onchange={{@setValueOnKey}}
/>
<label for="key-allows-delete" class="is-label">
Allow deletion
</label>
</div>
</div>
<div class="field">
<TtlPicker2
@initialValue={{or @key.autoRotatePeriod "30d"}}
@initialEnabled={{not (eq @key.autoRotatePeriod "0s")}}
@label="Auto-rotation period"
@helperTextDisabled="Key will never be automatically rotated"
@helperTextEnabled="Key will be automatically rotated every"
@onChange={{@handleAutoRotateChange}}
@errorMessage={{if @autoRotateInvalid "Duration must be longer than 1 hour"}}
/>
</div>
<div class="field">
<label for="key-min-decrypt-version" class="is-label">Minimum decryption version</label>
<div class="control is-expanded">
<div class="select is-fullwidth">
<select
name="key-min-decrypt-version"
id="key-min-decrypt-version"
onchange={{action (mut @key.minDecryptionVersion) value="target.value"}}
>
{{#each @key.keyVersions as |version|}}
<option selected={{eq @key.minDecryptionVersion version}} value={{version}}>
<code>{{version}}</code>
</option>
{{/each}}
</select>
</div>
</div>
<p class="help">
The minimum decryption version required to reverse transformations performed with the encryption key. Results from
lower key versions may be rewrapped with the new key version using the
<code>rewrap</code>
action.
</p>
</div>
<div class="field">
<label for="key-min-encrypt-version" class="is-label">Minimum encryption version</label>
<div class="control is-expanded">
<div class="select is-fullwidth">
<select
name="key-min-encrypt-version"
id="key-min-encrypt-version"
onchange={{action (mut @key.minEncryptionVersion) value="target.value"}}
>
<option selected={{eq @key.minEncryptionVersion 0}} value={{0}}>
<code>Latest</code>
(currently
{{@key.latestVersion}})
</option>
{{#each @key.encryptionKeyVersions as |version|}}
<option selected={{eq @key.minEncryptionVersion version}} value={{version}}>
<code>{{version}}</code>
</option>
{{/each}}
</select>
</div>
</div>
<p class="help">
The minimum version of the key that can be used to encrypt plaintext, sign payloads, or generate HMACs. You will be
able to specify which version of the key to use for each of these actions. The value specified here must be greater
than or equal to that specified in the
<b>Minimum Decryption Version</b>
selection above.
</p>
</div>
</div>
<div class="field is-grouped is-grouped-split box is-fullwidth is-bottomless">
<div class="field is-grouped">
{{#if @capabilities.canUpdate}}
<div class="control">
<button type="submit" disabled={{@requestInFlight}} class="button is-primary {{if @requestInFlight 'is-loading'}}">
Update transit key
</button>
</div>
{{/if}}
<div class="control">
<SecretLink @mode="show" @secret={{@key.id}} class="button">
Cancel
</SecretLink>
</div>
</div>
{{#if (and @key.canDelete @capabilities.canDelete)}}
<ConfirmAction @buttonClasses="button" @onConfirmAction={{@deleteKey}}>
Delete transit key
</ConfirmAction>
{{/if}}
</div>
</form>