Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dynamic OpenAPI UI #6209

Merged
merged 103 commits into from
Feb 14, 2019
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
103 commits
Select commit Hold shift + click to select a range
d4667de
ping openapi and grab current model
Jan 15, 2019
0faf738
add debugger statements to figure out order of operations
Jan 16, 2019
64962a3
block in model generation strategy
meirish Jan 18, 2019
f150cee
make sure all form fields appear correctly for pki
Jan 23, 2019
ceed82f
hook up openapi for pki certificates
Jan 23, 2019
3e3ad11
hook up adding new fields for ssh roles
Jan 24, 2019
4abfc3d
combine fields and fieldgroups for aws, pki, ssh
Jan 28, 2019
71e764a
add flag to ignore openAPI if we only want the ones listed in the model
Jan 29, 2019
fe41675
add display names to pki
andaley Jan 29, 2019
196dcff
Add fields to support UI/display uses, along with OpenAPI mappings
Jan 16, 2019
a804c2c
wip - add pki
andaley Jan 29, 2019
1319bda
include new openAPI attributes, fix integer/number attr confusion
Jan 29, 2019
13172fd
add ldap auth
andaley Jan 29, 2019
ef21253
ping openapi and grab current model
Jan 15, 2019
e40df94
add debugger statements to figure out order of operations
Jan 16, 2019
7b10e5c
block in model generation strategy
meirish Jan 18, 2019
312acfa
make sure all form fields appear correctly for pki
Jan 23, 2019
4a11f69
hook up openapi for pki certificates
Jan 23, 2019
c6be8d5
hook up adding new fields for ssh roles
Jan 24, 2019
679a252
combine fields and fieldgroups for aws, pki, ssh
Jan 28, 2019
6e75002
add flag to ignore openAPI if we only want the ones listed in the model
Jan 29, 2019
2d947be
add display names to pki
andaley Jan 29, 2019
7b7fcd3
wip - add pki
andaley Jan 29, 2019
79dd45e
add ldap auth
andaley Jan 29, 2019
1762535
Merge branch 'openapi-models' of https://github.com/hashicorp/vault i…
andaley Jan 29, 2019
cf04a64
fix conflicts
Jan 30, 2019
5adad21
make ssh work without adding in new fields
Jan 30, 2019
82c85aa
remove cruft from role-pki
Jan 30, 2019
f175745
update api fields for pki certs
Jan 30, 2019
0302729
Merge branch 'master' into openapi-models
madalynrose Jan 30, 2019
15a8fad
handle url building for auth configs
andaley Jan 30, 2019
7d4eb59
finish ldap auth and handle url building for auth configs
andaley Jan 30, 2019
87dc76b
Merge branch 'openapi-models' of https://github.com/hashicorp/vault i…
andaley Jan 31, 2019
d222330
Merge branch 'master' into openapi-models
madalynrose Jan 31, 2019
aacf42c
add github auth backend
andaley Jan 31, 2019
9ce5229
create utils for combining fields and fieldGroups to reuse in models
Jan 31, 2019
abbeaaf
merge master
Jan 31, 2019
cbd08f1
fix combineFieldGroups util
andaley Jan 31, 2019
743c1ca
create newModel generator in pathHelp so we minimize duplicated code …
Jan 31, 2019
ebfe43e
use getNewModel for credentials, clean up secret-edit
Jan 31, 2019
91394fc
Merge branch 'master' into openapi-models
madalynrose Jan 31, 2019
66a17e1
add okta auth
andaley Jan 31, 2019
e964604
add okta fields to backend
andaley Feb 1, 2019
e5bdd21
add DisplayName to included TokenFields
andaley Feb 1, 2019
3905b29
Merge branch 'master' into openapi-models
madalynrose Feb 1, 2019
b04ffd5
add radius backend
andaley Feb 1, 2019
a87e2b6
Merge branch 'openapi-models' of https://github.com/hashicorp/vault i…
andaley Feb 1, 2019
22b872b
add certs auth backend
andaley Feb 1, 2019
b5e542b
Merge branch 'master' of https://github.com/hashicorp/vault into open…
andaley Feb 1, 2019
6b2f611
add certs auth backend and fix enabling github
andaley Feb 1, 2019
ad43ac4
start adding gcp auth backend
andaley Feb 1, 2019
7acae32
start adding azure auth backend
andaley Feb 1, 2019
922176d
start adding kubernetes auth backend
andaley Feb 1, 2019
f9b8295
Merge branch 'master' of github.com:hashicorp/vault into openapi-models
Feb 4, 2019
6b0c855
clean up eslint issues, fix useOpenApi usage in models/pathHelp
Feb 4, 2019
22456be
fix openAPI implementation, check for newFields not newFields.length,…
Feb 4, 2019
4b7dcc0
fix stringlist in forms to still include attr.name, adjust path-help …
Feb 4, 2019
37da5c3
fix auth config tests by passing in path instead of backend type
Feb 5, 2019
3a13bb3
redirect to config page after enabling an auth method
andaley Feb 5, 2019
d357a56
fix inverse relationship bug
Feb 5, 2019
6785231
solidify new auth flow
Feb 5, 2019
196b97d
fix ssh field label
andaley Feb 6, 2019
621039d
remove debugger statements
andaley Feb 6, 2019
75e4807
fix auth enable test
andaley Feb 6, 2019
11be1a4
have auth config redirect to list of mounts on successful save
Feb 7, 2019
af0b0f8
redirect when saving method options too
Feb 7, 2019
b0a153e
move redirect functonality back into components instead of the contro…
Feb 7, 2019
1ed2ac7
transition wizard when saving config
Feb 7, 2019
e7ae6a3
fix ssh list route
andaley Feb 7, 2019
452cea2
Merge branch 'openapi-models' of https://github.com/hashicorp/vault i…
andaley Feb 7, 2019
8c85705
fix unit tests
Feb 7, 2019
26e09cf
Merge branch 'openapi-models' of github.com:hashicorp/vault into open…
Feb 7, 2019
254237f
fix broken auth section test
andaley Feb 8, 2019
8d708b7
Merge branch 'openapi-models' of https://github.com/hashicorp/vault i…
andaley Feb 8, 2019
f049bc2
get ssh working
Feb 8, 2019
5e3f6b8
actually make ssh tests pass
Feb 8, 2019
452cf89
fix eslint error for unused variable
Feb 11, 2019
ea2052a
Merge branch 'master' into openapi-models
madalynrose Feb 11, 2019
07b7ad9
pull just frontend commits from openapi-models
Feb 11, 2019
18fa66a
remove debugger statement
Feb 11, 2019
5ed8710
Pull in updated plugins
jefferai Feb 12, 2019
f254246
Bump versions for release
jefferai Feb 12, 2019
85909e3
Cut version 1.0.3
jefferai Feb 12, 2019
04d0589
changelog++
briankassouf Feb 12, 2019
144e200
changelog++
briankassouf Feb 12, 2019
2cc38dd
Update transit docs
vishalnayak Feb 12, 2019
94106d5
add tests for openapi util
Feb 12, 2019
cad1052
Merge branch 'master' into openapi-models-ui
madalynrose Feb 12, 2019
0e741c9
Merge branch '1.1-beta' into openapi-models-ui
madalynrose Feb 12, 2019
6a30cb2
remote pathForType from pki cert adapter, add more test cases for ope…
Feb 12, 2019
7a728fb
Merge branch 'openapi-models-ui' of github.com:hashicorp/vault into o…
Feb 12, 2019
632189d
remove unnecessary lines per Matthew's review
Feb 13, 2019
ca1b124
move openAPI path information into the model so the service doesn't n…
Feb 13, 2019
3584c3e
remove all config from mount backend form
Feb 13, 2019
1785029
use try/catch in tasks instead of promises
Feb 13, 2019
f55e118
clean up roles
Feb 13, 2019
38333de
update openapi helper to use default as a fallback for defaultValue
Feb 14, 2019
656a63e
remove debugger
Feb 14, 2019
7311280
move routing and wizard stuff out of try/catch block for saving auth …
Feb 14, 2019
bc6ad9b
fix string concat in template
Feb 14, 2019
257bb7f
add comment about why we're still setting keyType for ssh role
Feb 14, 2019
132ce02
add a couple more test cases
Feb 14, 2019
b259aa6
grab path dynamically instead of declaring it in models
Feb 14, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/azure.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/gcp.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/github.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/kubernetes.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/ldap.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/okta.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
6 changes: 1 addition & 5 deletions ui/app/adapters/auth-config/radius.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
import AuthConfig from './_base';

export default AuthConfig.extend({
pathForType() {
return 'config';
},
});
export default AuthConfig.extend();
32 changes: 15 additions & 17 deletions ui/app/components/auth-config-form/config.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,23 +11,21 @@ const AuthConfigBase = Component.extend({
router: service(),
wizard: service(),
saveModel: task(function*() {
yield this.model
.save()
.then(() => {
if (this.wizard.currentMachine === 'authentication' && this.wizard.featureState === 'config') {
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE');
}
this.router.transitionTo('vault.cluster.access.methods').followRedirects();
this.flashMessages.success('The configuration was saved successfully.');
})
.catch(err => {
// AdapterErrors are handled by the error-message component
// in the form
if (err instanceof DS.AdapterError === false) {
throw err;
}
return;
});
try {
yield this.model.save();
if (this.wizard.currentMachine === 'authentication' && this.wizard.featureState === 'config') {
madalynrose marked this conversation as resolved.
Show resolved Hide resolved
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE');
}
this.router.transitionTo('vault.cluster.access.methods').followRedirects();
this.flashMessages.success('The configuration was saved successfully.');
} catch (err) {
// AdapterErrors are handled by the error-message component
// in the form
if (err instanceof DS.AdapterError === false) {
throw err;
}
return;
}
}),
});

Expand Down
32 changes: 15 additions & 17 deletions ui/app/components/auth-config-form/options.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,20 @@ export default AuthConfigComponent.extend({
saveModel: task(function*() {
let data = this.model.config.serialize();
data.description = this.model.description;
yield this.model
.tune(data)
.then(() => {
if (this.wizard.currentMachine === 'authentication' && this.wizard.featureState === 'config') {
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE');
}
this.router.transitionTo('vault.cluster.access.methods').followRedirects();
this.flashMessages.success('The configuration was saved successfully.');
})
.catch(err => {
// AdapterErrors are handled by the error-message component
// in the form
if (err instanceof DS.AdapterError === false) {
throw err;
}
return;
});
try {
yield this.model.tune(data);
if (this.wizard.currentMachine === 'authentication' && this.wizard.featureState === 'config') {
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE');
}
this.router.transitionTo('vault.cluster.access.methods').followRedirects();
this.flashMessages.success('The configuration was saved successfully.');
} catch (err) {
// AdapterErrors are handled by the error-message component
// in the form
if (err instanceof DS.AdapterError === false) {
throw err;
}
return;
}
}),
});
96 changes: 18 additions & 78 deletions ui/app/components/mount-backend-form.js
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ export default Component.extend({
*
*/
onMountSuccess() {},
onConfigError() {},
/*
* @param String
* @public
Expand All @@ -41,45 +40,29 @@ export default Component.extend({
*/
mountModel: null,

showConfig: false,
showEnable: false,

init() {
this._super(...arguments);
const type = this.get('mountType');
const type = this.mountType;
const modelType = type === 'secret' ? 'secret-engine' : 'auth-method';
const model = this.get('store').createRecord(modelType);
const model = this.store.createRecord(modelType);
this.set('mountModel', model);
},

mountTypes: computed('mountType', function() {
return this.get('mountType') === 'secret' ? ENGINES : METHODS;
return this.mountType === 'secret' ? ENGINES : METHODS;
}),

willDestroy() {
// if unsaved, we want to unload so it doesn't show up in the auth mount list
this.get('mountModel').rollbackAttributes();
},

changeConfigModel() {
let mount = this.get('mountModel');
if (this.get('mountType') === 'secret') {
return;
}
let configRef = mount.hasMany('authConfigs').value();
let currentConfig = configRef && configRef.get('firstObject');
if (currentConfig) {
// rollbackAttributes here will remove the the config model from the store
// because `isNew` will be true
currentConfig.rollbackAttributes();
currentConfig.unloadRecord();
}
return;
},

checkPathChange(type) {
let mount = this.get('mountModel');
let currentPath = mount.get('path');
let list = this.get('mountTypes');
let mount = this.mountModel;
let currentPath = mount.path;
let list = this.mountTypes;
// if the current path matches a type (meaning the user hasn't altered it),
// change it here to match the new type
let isUnchanged = list.findBy('type', currentPath);
Expand All @@ -89,7 +72,7 @@ export default Component.extend({
},

mountBackend: task(function*() {
const mountModel = this.get('mountModel');
const mountModel = this.mountModel;
const { type, path } = mountModel.getProperties('type', 'path');
try {
yield mountModel.save();
Expand All @@ -98,70 +81,27 @@ export default Component.extend({
return;
}

let mountType = this.get('mountType');
let mountType = this.mountType;
mountType = mountType === 'secret' ? `${mountType}s engine` : `${mountType} method`;
this.get('flashMessages').success(`Successfully mounted the ${type} ${mountType} at ${path}.`);
if (this.get('mountType') === 'secret') {
yield this.get('onMountSuccess')(type, path);
return;
}
yield this.get('saveConfig').perform(mountModel);
}).drop(),

advanceWizard() {
this.get('wizard').transitionFeatureMachine(
this.get('wizard.featureState'),
'CONTINUE',
this.get('mountModel').get('type')
);
},
saveConfig: task(function*(mountModel) {
const configRef = mountModel.hasMany('authConfigs').value();
const { type, path } = mountModel.getProperties('type', 'path');
if (!configRef) {
this.advanceWizard();
yield this.get('onMountSuccess')(type, path);
return;
}
const config = configRef.get('firstObject');
try {
if (config && Object.keys(config.changedAttributes()).length) {
yield config.save();
this.advanceWizard();
this.get('flashMessages').success(
`The config for ${type} ${this.get('mountType')} method at ${path} was saved successfully.`
);
}
yield this.get('onMountSuccess')(type, path);
} catch (err) {
this.get('flashMessages').danger(
`There was an error saving the configuration for ${type} ${this.get(
'mountType'
)} method at ${path}. ${err.errors.join(' ')}`
);
yield this.get('onConfigError')(mountModel.id);
}
this.flashMessages.success(`Successfully mounted the ${type} ${mountType} at ${path}.`);
yield this.onMountSuccess(type, path);
return;
}).drop(),

actions: {
onTypeChange(path, value) {
if (path === 'type') {
this.get('wizard').set('componentState', value);
this.changeConfigModel();
this.wizard.set('componentState', value);
this.checkPathChange(value);
}
},

toggleShowConfig(value) {
this.set('showConfig', value);
if (value === true && this.get('wizard.featureState') === 'idle') {
this.advanceWizard();
toggleShowEnable(value) {
this.set('showEnable', value);
if (value === true && this.wizard.featureState === 'idle') {
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE', this.mountModel.type);
} else {
this.get('wizard').transitionFeatureMachine(
this.get('wizard.featureState'),
'RESET',
this.get('mountModel').get('type')
);
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'RESET', this.mountModel.type);
}
},
},
Expand Down
8 changes: 2 additions & 6 deletions ui/app/controllers/vault/cluster/settings/auth/enable.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,9 @@ export default Controller.extend({
wizard: service(),
actions: {
onMountSuccess: function(type, path) {
// We have to remove the trailing '/' from the path to succcessfully redirect with the right params.
const authPath = path.slice(0, -1);
let transition = this.transitionToRoute('vault.cluster.settings.auth.configure', authPath);
this.wizard.transitionFeatureMachine(this.wizard.featureState, 'CONTINUE', type);
let transition = this.transitionToRoute('vault.cluster.settings.auth.configure', path);
return transition.followRedirects();
},
onConfigError: function(modelId) {
return this.transitionToRoute('vault.cluster.settings.auth.configure', modelId);
},
},
});
6 changes: 6 additions & 0 deletions ui/app/models/auth-config.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,10 @@ const { belongsTo } = DS;

export default DS.Model.extend({
backend: belongsTo('auth-method', { inverse: 'authConfigs', readOnly: true, async: false }),
getOpenApiInfo: function(backend) {
return {
helpUrl: `/v1/auth/${backend}/config?help=1`,
path: `/config`,
};
},
});
4 changes: 0 additions & 4 deletions ui/app/models/auth-config/kubernetes.js
Original file line number Diff line number Diff line change
Expand Up @@ -10,25 +10,21 @@ const { attr } = DS;
export default AuthConfig.extend({
useOpenAPI: true,
kubernetesHost: attr('string', {
label: 'Kubernetes Host',
helpText:
'Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server',
}),

kubernetesCaCert: attr('string', {
label: 'Kubernetes CA Certificate',
editType: 'file',
helpText: 'PEM encoded CA cert for use by the TLS client used to talk with the Kubernetes API',
}),

tokenReviewerJwt: attr('string', {
label: 'Token Reviewer JWT',
helpText:
'A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API',
}),

pemKeys: attr({
label: 'Service account verification keys',
editType: 'stringArray',
}),

Expand Down
4 changes: 0 additions & 4 deletions ui/app/models/auth-config/okta.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,18 @@ const { attr } = DS;
export default AuthConfig.extend({
useOpenAPI: true,
orgName: attr('string', {
label: 'Organization Name',
helpText: 'Name of the organization to be used in the Okta API',
}),
apiToken: attr('string', {
label: 'API Token',
helpText:
'Okta API token. This is required to query Okta for user group membership. If this is not supplied only locally configured groups will be enabled.',
}),
baseUrl: attr('string', {
label: 'Base URL',
helpText:
'If set, will be used as the base domain for API requests. Examples are okta.com, oktapreview.com, and okta-emea.com',
}),
bypassOktaMfa: attr('boolean', {
defaultValue: false,
label: 'Bypass Okta MFA',
helpText:
"Useful if Vault's built-in MFA mechanisms. Will also cause certain other statuses to be ignored, such as PASSWORD_EXPIRED",
}),
Expand Down
22 changes: 0 additions & 22 deletions ui/app/models/auth-config/radius.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,30 +9,8 @@ const { attr } = DS;
export default AuthConfig.extend({
useOpenAPI: true,
host: attr('string'),

port: attr('number', {
defaultValue: 1812,
}),

secret: attr('string'),

unregisteredUserPolicies: attr('string', {
label: 'Policies for unregistered users',
}),

dialTimeout: attr('number', {
defaultValue: 10,
}),

nasPort: attr('number', {
defaultValue: 10,
label: 'NAS Port',
}),

nasIdentifier: attr('string', {
label: 'NAS Identifier',
}),

fieldGroups: computed(function() {
let groups = [
{
Expand Down
Loading