luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/models/secret-engine.js
Jordan Reimer 5c2a08de6d
Ember Upgrade to 3.24 (#13443) 
* Update browserslist

* Add browserslistrc

* ember-cli-update --to 3.26, fix conflicts

* Run codemodes that start with ember-*

* More codemods - before cp*

* More codemods (curly data-test-*)

* WIP ember-basic-dropdown template errors

* updates ember-basic-dropdown and related deps to fix build issues

* updates basic dropdown instances to new version API

* updates more deps -- ember-template-lint is working again

* runs no-implicit-this codemod

* creates and runs no-quoteless-attributes codemod

* runs angle brackets codemod

* updates lint:hbs globs to only touch hbs files

* removes yield only templates

* creates and runs deprecated args transform

* supresses lint error for invokeAction on LinkTo component

* resolves remaining ambiguous path lint errors

* resolves simple-unless lint errors

* adds warnings for deprecated tagName arg on LinkTo components

* adds warnings for remaining curly component invocation

* updates global template lint rules

* resolves remaining template lint errors

* disables some ember specfic lint rules that target pre octane patterns

* js lint fix run

* resolves remaining js lint errors

* fixes test run

* adds npm-run-all dep

* fixes test attribute issues

* fixes console acceptance tests

* fixes tests

* adds yield only wizard/tutorial-active template

* fixes more tests

* attempts to fix more flaky tests

* removes commented out settled in transit test

* updates deprecations workflow and adds initializer to filter by version

* updates flaky policies acl old test

* updates to flaky transit test

* bumps ember deps down to LTS version

* runs linters after main merge

* fixes client count tests after bad merge conflict fixes

* fixes client count history test

* more updates to lint config

* another round of hbs lint fixes after extending stylistic rule

* updates lint-staged commands

* removes indent eslint rule since it seems to break things

* fixes bad attribute in transform-edit-form template

* test fixes

* fixes enterprise tests

* adds changelog

* removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters

* flaky test fix

Co-authored-by: hashishaw <cshaw@hashicorp.com>
2021-12-16 20:44:29 -07:00

206 lines
6.6 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import Model, { attr } from '@ember-data/model';
import { computed } from '@ember/object';
import { fragment } from 'ember-data-model-fragments/attributes';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { validator, buildValidations } from 'ember-cp-validations';
// identity will be managed separately and the inclusion
// of the system backend is an implementation detail
const LIST_EXCLUDED_BACKENDS = ['system', 'identity'];
const Validations = buildValidations({
path: validator('presence', {
presence: true,
message: "Path can't be blank.",
}),
maxVersions: [
validator('number', {
allowString: true,
integer: true,
message: 'Maximum versions must be a number.',
}),
validator('length', {
min: 1,
max: 16,
message: 'You cannot go over 16 characters.',
}),
],
});
export default Model.extend(Validations, {
path: attr('string'),
accessor: attr('string'),
name: attr('string'),
type: attr('string', {
label: 'Secret engine type',
}),
description: attr('string', {
editType: 'textarea',
}),
config: fragment('mount-config', { defaultValue: {} }),
options: fragment('mount-options', { defaultValue: {} }),
local: attr('boolean', {
helpText:
'When Replication is enabled, a local mount will not be replicated across clusters. This can only be specified at mount time.',
}),
sealWrap: attr('boolean', {
helpText:
'When enabled - if a seal supporting seal wrapping is specified in the configuration, all critical security parameters (CSPs) in this backend will be seal wrapped. (For K/V mounts, all values will be seal wrapped.) This can only be specified at mount time.',
}),
// KV 2 additional config default options
maxVersions: attr('number', {
defaultValue: 0,
label: 'Maximum number of versions',
subText:
'The number of versions to keep per key. Once the number of keys exceeds the maximum number set here, the oldest version will be permanently deleted. This value applies to all keys, but a keys metadata settings can overwrite this value. When 0 is used or the value is unset, Vault will keep 10 versions.',
}),
casRequired: attr('boolean', {
defaultValue: false,
label: 'Require Check and Set',
subText:
'If checked, all keys will require the cas parameter to be set on all write requests. A keys metadata settings can overwrite this value.',
}),
deleteVersionAfter: attr({
defaultValue: 0,
editType: 'ttl',
label: 'Automate secret deletion',
helperTextDisabled: 'A secrets version must be manually deleted.',
helperTextEnabled: 'Delete all new versions of this secret after',
}),
modelTypeForKV: computed('engineType', 'options.version', function () {
let type = this.engineType;
let version = this.options?.version;
let modelType = 'secret';
if ((type === 'kv' || type === 'generic') && version === 2) {
modelType = 'secret-v2';
}
return modelType;
}),
isV2KV: computed.equal('modelTypeForKV', 'secret-v2'),
formFields: computed('engineType', 'options.version', function () {
let type = this.engineType;
let version = this.options?.version;
let fields = [
'type',
'path',
'description',
'accessor',
'local',
'sealWrap',
'config.{defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
];
if (type === 'kv' || type === 'generic') {
fields.push('options.{version}');
}
// version comes in as number not string
if (type === 'kv' && version === 2) {
fields.push('casRequired', 'deleteVersionAfter', 'maxVersions');
}
return fields;
}),
formFieldGroups: computed('engineType', function () {
let type = this.engineType;
let defaultGroup;
// KV has specific config options it adds on the enable engine. https://www.vaultproject.io/api/secret/kv/kv-v2#configure-the-kv-engine
if (type === 'kv') {
defaultGroup = { default: ['path', 'maxVersions', 'casRequired', 'deleteVersionAfter'] };
} else {
defaultGroup = { default: ['path'] };
}
let optionsGroup = {
'Method Options': [
'description',
'config.listingVisibility',
'local',
'sealWrap',
'config.{defaultLeaseTtl,maxLeaseTtl,auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
],
};
if (type === 'kv' || type === 'generic') {
optionsGroup['Method Options'].unshift('options.{version}');
}
if (type === 'database') {
// For the Database Secret Engine we want to highlight the defaultLeaseTtl and maxLeaseTtl, removing them from the options object
defaultGroup.default.push('config.{defaultLeaseTtl}', 'config.{maxLeaseTtl}');
return [
defaultGroup,
{
'Method Options': [
'description',
'config.listingVisibility',
'local',
'sealWrap',
'config.{auditNonHmacRequestKeys,auditNonHmacResponseKeys,passthroughRequestHeaders}',
],
},
];
}
return [defaultGroup, optionsGroup];
}),
attrs: computed('formFields', function () {
return expandAttributeMeta(this, this.formFields);
}),
fieldGroups: computed('formFieldGroups', function () {
return fieldToAttrs(this, this.formFieldGroups);
}),
// namespaces introduced types with a `ns_` prefix for built-in engines
// so we need to strip that to normalize the type
engineType: computed('type', function () {
return (this.type || '').replace(/^ns_/, '');
}),
shouldIncludeInList: computed('engineType', function () {
return !LIST_EXCLUDED_BACKENDS.includes(this.engineType);
}),
localDisplay: computed('local', function () {
return this.local ? 'local' : 'replicated';
}),
// ssh specific ones
privateKey: attr('string'),
publicKey: attr('string'),
generateSigningKey: attr('boolean', {
defaultValue: true,
}),
saveCA(options) {
if (this.type !== 'ssh') {
return;
}
if (options.isDelete) {
this.setProperties({
privateKey: null,
publicKey: null,
generateSigningKey: false,
});
}
return this.save({
adapterOptions: {
options: options,
apiPath: 'config/ca',
attrsToSend: ['privateKey', 'publicKey', 'generateSigningKey'],
},
});
},
saveZeroAddressConfig() {
return this.save({
adapterOptions: {
adapterMethod: 'saveZeroAddressConfig',
},
});
},
// aws backend attrs
lease: attr('string'),
leaseMax: attr('string'),
});
Reference in a new issue View git blame Copy permalink