5c2a08de6d
* Update browserslist * Add browserslistrc * ember-cli-update --to 3.26, fix conflicts * Run codemodes that start with ember-* * More codemods - before cp* * More codemods (curly data-test-*) * WIP ember-basic-dropdown template errors * updates ember-basic-dropdown and related deps to fix build issues * updates basic dropdown instances to new version API * updates more deps -- ember-template-lint is working again * runs no-implicit-this codemod * creates and runs no-quoteless-attributes codemod * runs angle brackets codemod * updates lint:hbs globs to only touch hbs files * removes yield only templates * creates and runs deprecated args transform * supresses lint error for invokeAction on LinkTo component * resolves remaining ambiguous path lint errors * resolves simple-unless lint errors * adds warnings for deprecated tagName arg on LinkTo components * adds warnings for remaining curly component invocation * updates global template lint rules * resolves remaining template lint errors * disables some ember specfic lint rules that target pre octane patterns * js lint fix run * resolves remaining js lint errors * fixes test run * adds npm-run-all dep * fixes test attribute issues * fixes console acceptance tests * fixes tests * adds yield only wizard/tutorial-active template * fixes more tests * attempts to fix more flaky tests * removes commented out settled in transit test * updates deprecations workflow and adds initializer to filter by version * updates flaky policies acl old test * updates to flaky transit test * bumps ember deps down to LTS version * runs linters after main merge * fixes client count tests after bad merge conflict fixes * fixes client count history test * more updates to lint config * another round of hbs lint fixes after extending stylistic rule * updates lint-staged commands * removes indent eslint rule since it seems to break things * fixes bad attribute in transform-edit-form template * test fixes * fixes enterprise tests * adds changelog * removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters * flaky test fix Co-authored-by: hashishaw <cshaw@hashicorp.com>
143 lines
5 KiB
JavaScript
143 lines
5 KiB
JavaScript
import { currentRouteName, settled, find } from '@ember/test-helpers';
|
|
import { module, test } from 'qunit';
|
|
import { setupApplicationTest } from 'ember-qunit';
|
|
import { create } from 'ember-cli-page-object';
|
|
import page from 'vault/tests/pages/settings/mount-secret-backend';
|
|
import configPage from 'vault/tests/pages/secrets/backend/configuration';
|
|
import authPage from 'vault/tests/pages/auth';
|
|
import consoleClass from 'vault/tests/pages/components/console/ui-panel';
|
|
import logout from 'vault/tests/pages/logout';
|
|
import mountSecrets from 'vault/tests/pages/settings/mount-secret-backend';
|
|
|
|
const consoleComponent = create(consoleClass);
|
|
|
|
module('Acceptance | settings/mount-secret-backend', function (hooks) {
|
|
setupApplicationTest(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
return authPage.login();
|
|
});
|
|
|
|
test('it sets the ttl correctly when mounting', async function (assert) {
|
|
// always force the new mount to the top of the list
|
|
const path = `kv-${new Date().getTime()}`;
|
|
const defaultTTLHours = 100;
|
|
const maxTTLHours = 300;
|
|
const defaultTTLSeconds = defaultTTLHours * 60 * 60;
|
|
const maxTTLSeconds = maxTTLHours * 60 * 60;
|
|
|
|
await page.visit();
|
|
|
|
assert.equal(currentRouteName(), 'vault.cluster.settings.mount-secret-backend');
|
|
await page.selectType('kv');
|
|
await page
|
|
.next()
|
|
.path(path)
|
|
.toggleOptions()
|
|
.enableDefaultTtl()
|
|
.defaultTTLUnit('h')
|
|
.defaultTTLVal(defaultTTLHours)
|
|
.enableMaxTtl()
|
|
.maxTTLUnit('h')
|
|
.maxTTLVal(maxTTLHours)
|
|
.submit();
|
|
await configPage.visit({ backend: path });
|
|
assert.equal(configPage.defaultTTL, defaultTTLSeconds, 'shows the proper TTL');
|
|
assert.equal(configPage.maxTTL, maxTTLSeconds, 'shows the proper max TTL');
|
|
});
|
|
|
|
test('it sets the ttl when enabled then disabled', async function (assert) {
|
|
// always force the new mount to the top of the list
|
|
const path = `kv-${new Date().getTime()}`;
|
|
const maxTTLHours = 300;
|
|
const maxTTLSeconds = maxTTLHours * 60 * 60;
|
|
|
|
await page.visit();
|
|
|
|
assert.equal(currentRouteName(), 'vault.cluster.settings.mount-secret-backend');
|
|
await page.selectType('kv');
|
|
await page
|
|
.next()
|
|
.path(path)
|
|
.toggleOptions()
|
|
.enableDefaultTtl()
|
|
.enableDefaultTtl()
|
|
.enableMaxTtl()
|
|
.maxTTLUnit('h')
|
|
.maxTTLVal(maxTTLHours)
|
|
.submit();
|
|
await configPage.visit({ backend: path });
|
|
assert.equal(configPage.defaultTTL, 0, 'shows the proper TTL');
|
|
assert.equal(configPage.maxTTL, maxTTLSeconds, 'shows the proper max TTL');
|
|
});
|
|
|
|
test('it throws error if setting duplicate path name', async function (assert) {
|
|
const path = `kv-duplicate`;
|
|
|
|
await consoleComponent.runCommands([
|
|
// delete any kv-duplicate previously written here so that tests can be re-run
|
|
`delete sys/mounts/${path}`,
|
|
]);
|
|
|
|
await page.visit();
|
|
|
|
assert.equal(currentRouteName(), 'vault.cluster.settings.mount-secret-backend');
|
|
await page.selectType('kv');
|
|
await page.next().path(path).submit();
|
|
await page.secretList();
|
|
await settled();
|
|
await page.enableEngine();
|
|
await page.selectType('kv');
|
|
await page.next().path(path).submit();
|
|
assert.dom('.alert-banner-message-body').hasText('This mount path already exist.');
|
|
assert.equal(currentRouteName(), 'vault.cluster.settings.mount-secret-backend');
|
|
|
|
await page.secretList();
|
|
await settled();
|
|
assert
|
|
.dom(`[data-test-secret-backend-row=${path}]`)
|
|
.exists({ count: 1 }, 'renders only one instance of the engine');
|
|
});
|
|
|
|
test('version 2 with no update to config endpoint still allows mount of secret engine', async function (assert) {
|
|
let enginePath = `kv-noUpdate-${new Date().getTime()}`;
|
|
const V2_POLICY = `
|
|
path "${enginePath}/*" {
|
|
capabilities = ["list","create","read","sudo","delete"]
|
|
}
|
|
path "sys/mounts/*"
|
|
{
|
|
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
|
}
|
|
|
|
# List existing secrets engines.
|
|
path "sys/mounts"
|
|
{
|
|
capabilities = ["read"]
|
|
}
|
|
`;
|
|
await consoleComponent.runCommands([
|
|
// delete any previous mount with same name
|
|
`delete sys/mounts/${enginePath}`,
|
|
`write sys/policies/acl/kv-v2-degrade policy=${btoa(V2_POLICY)}`,
|
|
'write -field=client_token auth/token/create policies=kv-v2-degrade',
|
|
]);
|
|
await settled();
|
|
let userToken = consoleComponent.lastLogOutput;
|
|
await logout.visit();
|
|
await authPage.login(userToken);
|
|
// create the engine
|
|
await mountSecrets.visit();
|
|
await mountSecrets.selectType('kv');
|
|
await mountSecrets.next().path(enginePath).setMaxVersion(101).submit();
|
|
await settled();
|
|
assert.ok(
|
|
find('[data-test-flash-message]').textContent.trim(),
|
|
`You do not have access to the config endpoint. The secret engine was mounted, but the configuration settings were not saved.`
|
|
);
|
|
await configPage.visit({ backend: enginePath });
|
|
await settled();
|
|
assert.dom('[data-test-row-value="Maximum number of versions"]').hasText('Not set');
|
|
});
|
|
});
|