open-vault/ui/app/models/database/connection.js
Jordan Reimer 5c2a08de6d
Ember Upgrade to 3.24 (#13443)
* Update browserslist

* Add browserslistrc

* ember-cli-update --to 3.26, fix conflicts

* Run codemodes that start with ember-*

* More codemods - before cp*

* More codemods (curly data-test-*)

* WIP ember-basic-dropdown template errors

* updates ember-basic-dropdown and related deps to fix build issues

* updates basic dropdown instances to new version API

* updates more deps -- ember-template-lint is working again

* runs no-implicit-this codemod

* creates and runs no-quoteless-attributes codemod

* runs angle brackets codemod

* updates lint:hbs globs to only touch hbs files

* removes yield only templates

* creates and runs deprecated args transform

* supresses lint error for invokeAction on LinkTo component

* resolves remaining ambiguous path lint errors

* resolves simple-unless lint errors

* adds warnings for deprecated tagName arg on LinkTo components

* adds warnings for remaining curly component invocation

* updates global template lint rules

* resolves remaining template lint errors

* disables some ember specfic lint rules that target pre octane patterns

* js lint fix run

* resolves remaining js lint errors

* fixes test run

* adds npm-run-all dep

* fixes test attribute issues

* fixes console acceptance tests

* fixes tests

* adds yield only wizard/tutorial-active template

* fixes more tests

* attempts to fix more flaky tests

* removes commented out settled in transit test

* updates deprecations workflow and adds initializer to filter by version

* updates flaky policies acl old test

* updates to flaky transit test

* bumps ember deps down to LTS version

* runs linters after main merge

* fixes client count tests after bad merge conflict fixes

* fixes client count history test

* more updates to lint config

* another round of hbs lint fixes after extending stylistic rule

* updates lint-staged commands

* removes indent eslint rule since it seems to break things

* fixes bad attribute in transform-edit-form template

* test fixes

* fixes enterprise tests

* adds changelog

* removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters

* flaky test fix

Co-authored-by: hashishaw <cshaw@hashicorp.com>
2021-12-16 20:44:29 -07:00

203 lines
7.5 KiB
JavaScript

import Model, { attr } from '@ember-data/model';
import { computed } from '@ember/object';
import { alias, or } from '@ember/object/computed';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
import { AVAILABLE_PLUGIN_TYPES } from '../../utils/database-helpers';
/**
* fieldsToGroups helper fn
* @param {array} arr any subset of "fields" from AVAILABLE_PLUGIN_TYPES
* @param {*} key item by which to group the fields. If item has no group it will be under "default"
* @returns array of objects where the key is default or the name of the option group, and the value is an array of attr names
*/
const fieldsToGroups = function (arr, key = 'subgroup') {
const fieldGroups = [];
const byGroup = arr.reduce(function (rv, x) {
(rv[x[key]] = rv[x[key]] || []).push(x);
return rv;
}, {});
Object.keys(byGroup).forEach((key) => {
const attrsArray = byGroup[key].map((obj) => obj.attr);
const group = key === 'undefined' ? 'default' : key;
fieldGroups.push({ [group]: attrsArray });
});
return fieldGroups;
};
export default Model.extend({
backend: attr('string', {
readOnly: true,
}),
// required
name: attr('string', {
label: 'Connection name',
}),
plugin_name: attr('string', {
label: 'Database plugin',
possibleValues: AVAILABLE_PLUGIN_TYPES,
noDefault: true,
}),
// standard
verify_connection: attr('boolean', {
label: 'Connection will be verified',
defaultValue: true,
}),
allowed_roles: attr('array', {
readOnly: true,
}),
password_policy: attr('string', {
label: 'Use custom password policy',
editType: 'optionalText',
subText: 'Specify the name of an existing password policy.',
defaultSubText:
'Unless a custom policy is specified, Vault will use a default: 20 characters with at least 1 uppercase, 1 lowercase, 1 number, and 1 dash character.',
defaultShown: 'Default',
docLink: 'https://www.vaultproject.io/docs/concepts/password-policies',
}),
// common fields
connection_url: attr('string', {
label: 'Connection URL',
subText:
'The connection string used to connect to the database. This allows for simple templating of username and password of the root user in the {{field_name}} format.',
}),
url: attr('string', {
label: 'URL',
subText: `The URL for Elasticsearch's API ("https://localhost:9200").`,
}),
username: attr('string', {
subText: `The name of the user to use as the "root" user when connecting to the database.`,
}),
password: attr('string', {
subText: 'The password to use when connecting with the above username.',
editType: 'password',
}),
// optional
ca_cert: attr('string', {
label: 'CA certificate',
subText: `The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity.`,
}),
ca_path: attr('string', {
label: 'CA path',
subText: `The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity.`,
}),
client_cert: attr('string', {
label: 'Client certificate',
subText: 'The path to the certificate for the Elasticsearch client to present for communication.',
}),
client_key: attr('string', {
subText: 'The path to the key for the Elasticsearch client to use for communication.',
}),
hosts: attr('string', {}),
host: attr('string', {}),
port: attr('string', {}),
write_concern: attr('string', {
subText: 'Optional. Must be in JSON. See our documentation for help.',
allowReset: true,
editType: 'json',
theme: 'hashi short',
defaultShown: 'Default',
}),
username_template: attr('string', {
editType: 'optionalText',
subText: 'Enter the custom username template to use.',
defaultSubText:
'Template describing how dynamic usernames are generated. Vault will use the default for this plugin.',
docLink: 'https://www.vaultproject.io/docs/concepts/username-templating',
defaultShown: 'Default',
}),
max_open_connections: attr('number', {
defaultValue: 4,
}),
max_idle_connections: attr('number', {
defaultValue: 0,
}),
max_connection_lifetime: attr('string', {
defaultValue: '0s',
}),
insecure: attr('boolean', {
label: 'Disable SSL verification',
defaultValue: false,
}),
tls: attr('string', {
label: 'TLS Certificate Key',
helpText:
'x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.',
editType: 'file',
}),
tls_ca: attr('string', {
label: 'TLS CA',
helpText:
'x509 CA file for validating the certificate presented by the MongoDB server. Must be PEM encoded.',
editType: 'file',
}),
tls_server_name: attr('string', {
label: 'TLS server name',
subText: 'If set, this name is used to set the SNI host when connecting via 1TLS.',
}),
root_rotation_statements: attr({
subText: `The database statements to be executed to rotate the root user's credentials. If nothing is entered, Vault will use a reasonable default.`,
editType: 'stringArray',
defaultShown: 'Default',
}),
isAvailablePlugin: computed('plugin_name', function () {
return !!AVAILABLE_PLUGIN_TYPES.find((a) => a.value === this.plugin_name);
}),
showAttrs: computed('plugin_name', function () {
const fields = AVAILABLE_PLUGIN_TYPES.find((a) => a.value === this.plugin_name)
.fields.filter((f) => f.show !== false)
.map((f) => f.attr);
fields.push('allowed_roles');
return expandAttributeMeta(this, fields);
}),
fieldAttrs: computed('plugin_name', function () {
// for both create and edit fields
let fields = ['plugin_name', 'name', 'connection_url', 'verify_connection', 'password_policy'];
if (this.plugin_name) {
fields = AVAILABLE_PLUGIN_TYPES.find((a) => a.value === this.plugin_name)
.fields.filter((f) => !f.group)
.map((field) => field.attr);
}
return expandAttributeMeta(this, fields);
}),
pluginFieldGroups: computed('plugin_name', function () {
if (!this.plugin_name) {
return null;
}
let pluginFields = AVAILABLE_PLUGIN_TYPES.find((a) => a.value === this.plugin_name).fields.filter(
(f) => f.group === 'pluginConfig'
);
let groups = fieldsToGroups(pluginFields, 'subgroup');
return fieldToAttrs(this, groups);
}),
statementFields: computed('plugin_name', function () {
if (!this.plugin_name) {
return expandAttributeMeta(this, ['root_rotation_statements']);
}
let fields = AVAILABLE_PLUGIN_TYPES.find((a) => a.value === this.plugin_name)
.fields.filter((f) => f.group === 'statements')
.map((field) => field.attr);
return expandAttributeMeta(this, fields);
}),
/* CAPABILITIES */
editConnectionPath: lazyCapabilities(apiPath`${'backend'}/config/${'id'}`, 'backend', 'id'),
canEdit: alias('editConnectionPath.canUpdate'),
canDelete: alias('editConnectionPath.canDelete'),
resetConnectionPath: lazyCapabilities(apiPath`${'backend'}/reset/${'id'}`, 'backend', 'id'),
canReset: or('resetConnectionPath.canUpdate', 'resetConnectionPath.canCreate'),
rotateRootPath: lazyCapabilities(apiPath`${'backend'}/rotate-root/${'id'}`, 'backend', 'id'),
canRotateRoot: or('rotateRootPath.canUpdate', 'rotateRootPath.canCreate'),
rolePath: lazyCapabilities(apiPath`${'backend'}/role/*`, 'backend'),
staticRolePath: lazyCapabilities(apiPath`${'backend'}/static-role/*`, 'backend'),
canAddRole: or('rolePath.canCreate', 'staticRolePath.canCreate'),
});