open-vault/ui/app/models/secret-engine.js
2018-08-28 00:03:55 -05:00

147 lines
4.3 KiB
JavaScript

import Ember from 'ember';
import DS from 'ember-data';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import { fragment } from 'ember-data-model-fragments/attributes';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
const { attr } = DS;
const { computed } = Ember;
//identity will be managed separately and the inclusion
//of the system backend is an implementation detail
const LIST_EXCLUDED_BACKENDS = ['system', 'identity'];
export default DS.Model.extend({
path: attr('string'),
accessor: attr('string'),
name: attr('string'),
type: attr('string', {
label: 'Secret engine type',
}),
description: attr('string', {
editType: 'textarea',
}),
config: fragment('mount-config', { defaultValue: {} }),
options: fragment('mount-options', { defaultValue: {} }),
local: attr('boolean', {
helpText:
'When replication is enabled, a local mount will not be replicated across clusters. This can only be specified at mount time.',
}),
sealWrap: attr('boolean', {
helpText:
'When enabled - if a seal supporting seal wrapping is specified in the configuration, all critical security parameters (CSPs) in this backend will be seal wrapped. (For K/V mounts, all values will be seal wrapped.) This can only be specified at mount time.',
}),
modelTypeForKV: computed('engineType', 'options.version', function() {
let type = this.get('engineType');
let version = this.get('options.version');
let modelType = 'secret';
if ((type === 'kv' || type === 'generic') && version === 2) {
modelType = 'secret-v2';
}
return modelType;
}),
formFields: computed('engineType', function() {
let type = this.get('engineType');
let fields = [
'type',
'path',
'description',
'accessor',
'local',
'sealWrap',
'config.{defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
];
if (type === 'kv' || type === 'generic') {
fields.push('options.{version}');
}
return fields;
}),
formFieldGroups: computed('engineType', function() {
let type = this.get('engineType');
let defaultGroup = { default: ['path'] };
if (type === 'kv' || type === 'generic') {
defaultGroup.default.push('options.{version}');
}
return [
defaultGroup,
{
'Method Options': [
'description',
'config.listingVisibility',
'local',
'sealWrap',
'config.{defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
],
},
];
}),
attrs: computed('formFields', function() {
return expandAttributeMeta(this, this.get('formFields'));
}),
fieldGroups: computed('formFieldGroups', function() {
return fieldToAttrs(this, this.get('formFieldGroups'));
}),
// namespaces introduced types with a `ns_` prefix for built-in engines
// so we need to strip that to normalize the type
engineType: computed('type', function() {
return (this.get('type') || '').replace(/^ns_/, '');
}),
shouldIncludeInList: computed('engineType', function() {
return !LIST_EXCLUDED_BACKENDS.includes(this.get('engineType'));
}),
localDisplay: Ember.computed('local', function() {
return this.get('local') ? 'local' : 'replicated';
}),
// ssh specific ones
privateKey: attr('string'),
publicKey: attr('string'),
generateSigningKey: attr('boolean', {
defaultValue: true,
}),
saveCA(options) {
if (this.get('type') !== 'ssh') {
return;
}
if (options.isDelete) {
this.setProperties({
privateKey: null,
publicKey: null,
generateSigningKey: false,
});
}
return this.save({
adapterOptions: {
options: options,
apiPath: 'config/ca',
attrsToSend: ['privateKey', 'publicKey', 'generateSigningKey'],
},
});
},
saveZeroAddressConfig() {
return this.save({
adapterOptions: {
adapterMethod: 'saveZeroAddressConfig',
},
});
},
zeroAddressPath: lazyCapabilities(apiPath`${'id'}/config/zeroaddress`, 'id'),
canEditZeroAddress: computed.alias('zeroAddressPath.canUpdate'),
// aws backend attrs
lease: attr('string'),
leaseMax: attr('string'),
});