luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/adapters/secret-v2-version.js
Noelle Daley 899f0dc2cb
do not swallow ControlGroupErrors when viewing or editing kvv2 secrets (#7504) 
* do not swallow ControlGroupErrors when viewing or editing kvv2 secrets

* test kv v2 control group workflow

* do not manually clearModelCache when logging out since this already happens when leaving the logout route

* remove pauseTest

* update comments

* wip - looking into why restricted user can see the control group protected secret after it has already been unwrapped once

* strip version from query params so we can unwrap a secret after it is authorized

* use attachCapabilities instead of lazyCapabilities to ensure models are cleaned up properly

* remove comment

* make ControlGroupError extend AdapterError

* fix broken redirect_to test

* one day i will remember to remove my debugger statements; today is not that day

* no need to check for a ControlGroupError since it extends an AdapterError

* see if using EmberError instead of AdapterError fixes the browserstack tests

* Revert "see if using EmberError instead of AdapterError fixes the browserstack tests"

This reverts commit 14ddd67cacbf1ccecb8cc2d1f59a2c273866da72.
2019-10-04 13:15:33 -07:00

91 lines
2.7 KiB
JavaScript
Raw Blame History

/* eslint-disable */
import { isEmpty } from '@ember/utils';
import { get } from '@ember/object';
import ApplicationAdapter from './application';
import DS from 'ember-data';
import { encodePath } from 'vault/utils/path-encoding-helpers';
import ControlGroupError from 'vault/lib/control-group-error';
export default ApplicationAdapter.extend({
namespace: 'v1',
_url(backend, id, infix = 'data') {
let url = `${this.buildURL()}/${encodePath(backend)}/${infix}/`;
if (!isEmpty(id)) {
url = url + encodePath(id);
}
return url;
},
urlForFindRecord(id) {
let [backend, path, version] = JSON.parse(id);
let base = this._url(backend, path);
return version ? base + `?version=${version}` : base;
},
urlForQueryRecord(id) {
return this.urlForFindRecord(id);
},
findRecord() {
return this._super(...arguments).catch(errorOrModel => {
// if the response is a real 404 or if the secret is gated by a control group this will be an error,
// otherwise the response will be the body of a deleted / destroyed version
if (errorOrModel instanceof DS.AdapterError) {
throw errorOrModel;
}
return errorOrModel;
});
},
queryRecord(id, options) {
return this.ajax(this.urlForQueryRecord(id), 'GET', options).then(resp => {
if (options.wrapTTL) {
return resp;
}
resp.id = id;
resp.backend = backend;
return resp;
});
},
urlForCreateRecord(modelName, snapshot) {
let backend = snapshot.belongsTo('secret').belongsTo('engine').id;
let path = snapshot.attr('path');
return this._url(backend, path);
},
createRecord(store, modelName, snapshot) {
let backend = snapshot.belongsTo('secret').belongsTo('engine').id;
let path = snapshot.attr('path');
return this._super(...arguments).then(resp => {
resp.id = JSON.stringify([backend, path, resp.version]);
return resp;
});
},
urlForUpdateRecord(id) {
let [backend, path] = JSON.parse(id);
return this._url(backend, path);
},
v2DeleteOperation(store, id, deleteType = 'delete') {
let [backend, path, version] = JSON.parse(id);
// deleteType should be 'delete', 'destroy', 'undelete'
return this.ajax(this._url(backend, path, deleteType), 'POST', { data: { versions: [version] } }).then(
() => {
let model = store.peekRecord('secret-v2-version', id);
return model && model.rollbackAttributes() && model.reload();
}
);
},
handleResponse(status, headers, payload, requestData) {
// the body of the 404 will have some relevant information
if (status === 404 && get(payload, 'data.metadata')) {
return this._super(200, headers, payload, requestData);
}
return this._super(...arguments);
},
});
Reference in a new issue View git blame Copy permalink