Skip to content

Commit

Permalink
Enable generated items for more auth methods (#7513)
Browse files Browse the repository at this point in the history
* enable auth method item configuration in go code

* properly parse and list generated items

* make sure we only set name on attrs if a label comes from openAPI

* correctly construct paths object for method index route

* set sensitive property on password for userpass

* remove debugger statements

* pass method model to list route template to use paths on model for tabs

* update tab generation in generated item list, undo enabling userpass users

* enable openapi generated itams for certs and userpass, update ldap to no longer have action on list endpoint

* add editType to DisplayAttributes, pull tokenutil fields into field group

* show sensitive message for sensitive fields displayed in fieldGroupShow component

* grab sensitive and editType fields from displayAttrs in openapi-to-attrs util

* make sure we don't ask for paths for secret backends since that isn't setup yet

* fix styling of sensitive text for fieldGroupShow component

* update openapi-to-attrs util test to no longer include label by default, change debugger to console.err in path-help, remove dynamic ui auth methods from tab count test

* properly log errors to the console

* capitalize This value is sensitive...

* get rid of extra padding on bottom of fieldgroupshow

* make auth methods clickable and use new confirm ux

* Update sdk/framework/path.go

Co-Authored-By: Jim Kalafut <[email protected]>

* Update sdk/framework/path.go

Co-Authored-By: Jim Kalafut <[email protected]>

* add whitespace

* return intErr instead of err

* uncomment out helpUrl because we need it

* remove extra box class

* use const instead of let

* remove extra conditional since we already split the pathName later on

* ensure we request the correct url when listing generated items

* use const

* link to list and show pages

* remove dead code

* show nested item name instead of id

* add comments

* show tooltip for text-file inputs

* fix storybook

* remove extra filter

* add TODOs

* add comments

* comment out unused variables but leave them in function signature

* only link to auth methods that can be fully managed in the ui

* clean up comments

* only render tooltip if there is helpText

* rename id authMethodPath

* remove optionsForQuery since we don't need it

* add indentation

* standardize ConfirmMessage and show model name instead of id when editing

* standardize ConfirmMessage and show model name instead of id when editing

* add comments

* post to the correct updateUrl so we can edit users and groups

* use pop instead of slice

* add TODO for finding a better way to store ids

* ensure ids are handled the same way on list and show pages; fix editing and deleting

* add comment about difference between list and show urls

* use model.id instead of name since we do not need it

* remove dead code

* ensure list pages have page headers

* standardize using authMethodPath instead of method and remove dead code

* i love indentation

* remove more dead code

* use new Confirm

* show correct flash message when deleting an item

* update flash message for creating and updating

* use plus icon for creating group/user instead of an arrow
  • Loading branch information
madalynrose authored and Noelle Daley committed Oct 17, 2019
1 parent 0272c96 commit 8f4530b
Show file tree
Hide file tree
Showing 35 changed files with 444 additions and 229 deletions.
32 changes: 32 additions & 0 deletions builtin/credential/cert/path_certs.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ func pathListCerts(b *backend) *framework.Path {

HelpSynopsis: pathCertHelpSyn,
HelpDescription: pathCertHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "Certificate",
},
}
}

Expand All @@ -39,6 +43,9 @@ func pathCerts(b *backend) *framework.Path {
Type: framework.TypeString,
Description: `The public certificate that should be trusted.
Must be x509 PEM encoded.`,
DisplayAttrs: &framework.DisplayAttributes{
EditType: "file",
},
},

"allowed_names": &framework.FieldSchema{
Expand All @@ -47,36 +54,57 @@ Must be x509 PEM encoded.`,
At least one must exist in either the Common Name or SANs. Supports globbing.
This parameter is deprecated, please use allowed_common_names, allowed_dns_sans,
allowed_email_sans, allowed_uri_sans.`,
DisplayAttrs: &framework.DisplayAttributes{
Group: "Constraints",
},
},

"allowed_common_names": &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `A comma-separated list of names.
At least one must exist in the Common Name. Supports globbing.`,
DisplayAttrs: &framework.DisplayAttributes{
Group: "Constraints",
},
},

"allowed_dns_sans": &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `A comma-separated list of DNS names.
At least one must exist in the SANs. Supports globbing.`,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Allowed DNS SANs",
Group: "Constraints",
},
},

"allowed_email_sans": &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `A comma-separated list of Email Addresses.
At least one must exist in the SANs. Supports globbing.`,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Allowed Email SANs",
Group: "Constraints",
},
},

"allowed_uri_sans": &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `A comma-separated list of URIs.
At least one must exist in the SANs. Supports globbing.`,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Allowed URI SANs",
Group: "Constraints",
},
},

"allowed_organizational_units": &framework.FieldSchema{
Type: framework.TypeCommaStringSlice,
Description: `A comma-separated list of Organizational Units names.
At least one must exist in the OU field.`,
DisplayAttrs: &framework.DisplayAttributes{
Group: "Constraints",
},
},

"required_extensions": &framework.FieldSchema{
Expand Down Expand Up @@ -137,6 +165,10 @@ certificate.`,

HelpSynopsis: pathCertHelpSyn,
HelpDescription: pathCertHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
ItemType: "Certificate",
},
}

tokenutil.AddTokenFields(p.Fields)
Expand Down
4 changes: 3 additions & 1 deletion builtin/credential/ldap/path_groups.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ func pathGroupsList(b *backend) *framework.Path {
HelpDescription: pathGroupHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "Group",
},
}
}
Expand Down Expand Up @@ -49,7 +50,8 @@ func pathGroups(b *backend) *framework.Path {
HelpSynopsis: pathGroupHelpSyn,
HelpDescription: pathGroupHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
Action: "Create",
ItemType: "Group",
},
}
}
Expand Down
5 changes: 3 additions & 2 deletions builtin/credential/ldap/path_users.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ func pathUsersList(b *backend) *framework.Path {
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
Action: "Create",
ItemType: "User",
},
}
}
Expand Down Expand Up @@ -56,7 +56,8 @@ func pathUsers(b *backend) *framework.Path {
HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
Action: "Create",
ItemType: "User",
},
}
}
Expand Down
3 changes: 3 additions & 0 deletions builtin/credential/okta/path_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,9 @@ func pathConfig(b *backend) *framework.Path {
ExistenceCheck: b.pathConfigExistenceCheck,

HelpSynopsis: pathConfigHelp,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Configure",
},
}

tokenutil.AddTokenFields(p.Fields)
Expand Down
8 changes: 8 additions & 0 deletions builtin/credential/okta/path_groups.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,10 @@ func pathGroupsList(b *backend) *framework.Path {

HelpSynopsis: pathGroupHelpSyn,
HelpDescription: pathGroupHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "Group",
},
}
}

Expand All @@ -45,6 +49,10 @@ func pathGroups(b *backend) *framework.Path {

HelpSynopsis: pathGroupHelpSyn,
HelpDescription: pathGroupHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
ItemType: "Group",
},
}
}

Expand Down
8 changes: 8 additions & 0 deletions builtin/credential/okta/path_users.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ func pathUsersList(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "User",
},
}
}

Expand Down Expand Up @@ -48,6 +52,10 @@ func pathUsers(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
ItemType: "User",
},
}
}

Expand Down
3 changes: 3 additions & 0 deletions builtin/credential/radius/path_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,9 @@ func pathConfig(b *backend) *framework.Path {

HelpSynopsis: pathConfigHelpSyn,
HelpDescription: pathConfigHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Configure",
},
}

tokenutil.AddTokenFields(p.Fields)
Expand Down
8 changes: 8 additions & 0 deletions builtin/credential/radius/path_users.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,10 @@ func pathUsersList(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "User",
},
}
}

Expand Down Expand Up @@ -49,6 +53,10 @@ func pathUsers(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
ItemType: "User",
},
}
}

Expand Down
11 changes: 11 additions & 0 deletions builtin/credential/userpass/path_users.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ func pathUsersList(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Navigation: true,
ItemType: "User",
},
}
}

Expand All @@ -37,6 +41,9 @@ func pathUsers(b *backend) *framework.Path {
"password": &framework.FieldSchema{
Type: framework.TypeString,
Description: "Password for this user.",
DisplayAttrs: &framework.DisplayAttributes{
Sensitive: true,
},
},

"policies": &framework.FieldSchema{
Expand Down Expand Up @@ -75,6 +82,10 @@ func pathUsers(b *backend) *framework.Path {

HelpSynopsis: pathUserHelpSyn,
HelpDescription: pathUserHelpDesc,
DisplayAttrs: &framework.DisplayAttributes{
Action: "Create",
ItemType: "User",
},
}

tokenutil.AddTokenFields(p.Fields)
Expand Down
7 changes: 7 additions & 0 deletions sdk/framework/path.go
Original file line number Diff line number Diff line change
Expand Up @@ -173,11 +173,18 @@ type DisplayAttributes struct {
// Navigation indicates that the path should be available as a navigation tab
Navigation bool `json:"navigation,omitempty"`

// ItemType is the type of item this path operates on
ItemType string `json:"itemType,omitempty"`

// Group is the suggested UI group to place this field in.
Group string `json:"group,omitempty"`

// Action is the verb to use for the operation.
Action string `json:"action,omitempty"`

// EditType is the type of form field needed for a property
// e.g. "textarea" or "file"
EditType string `json:"editType,omitempty"`
}

// RequestExample is example of request data.
Expand Down
9 changes: 9 additions & 0 deletions sdk/helper/tokenutil/tokenutil.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: `Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.`,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Bound CIDRs",
Group: "Tokens",
},
},

Expand All @@ -84,6 +85,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: tokenExplicitMaxTTLHelp,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Explicit Maximum TTL",
Group: "Tokens",
},
},

Expand All @@ -92,6 +94,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "The maximum lifetime of the generated token",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Maximum TTL",
Group: "Tokens",
},
},

Expand All @@ -100,6 +103,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "If true, the 'default' policy will not automatically be added to generated tokens",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Do Not Attach 'default' Policy To Generated Tokens",
Group: "Tokens",
},
},

Expand All @@ -108,6 +112,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: tokenPeriodHelp,
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Period",
Group: "Tokens",
},
},

Expand All @@ -116,6 +121,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "Comma-separated list of policies",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Policies",
Group: "Tokens",
},
},

Expand All @@ -125,6 +131,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "The type of token to generate, service or batch",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Type",
Group: "Tokens",
},
},

Expand All @@ -133,6 +140,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "The initial ttl of the token to generate",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Generated Token's Initial TTL",
Group: "Tokens",
},
},

Expand All @@ -141,6 +149,7 @@ func TokenFields() map[string]*framework.FieldSchema {
Description: "The maximum number of times a token may be used, a value of zero means unlimited",
DisplayAttrs: &framework.DisplayAttributes{
Name: "Maximum Uses of Generated Tokens",
Group: "Tokens",
},
},
}
Expand Down
5 changes: 3 additions & 2 deletions ui/.storybook/preview-head.html
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
<meta name="kmip/config/environment" content="%7B%22modulePrefix%22%3A%22kmip%22%2C%22environment%22%3A%22development%22%7D" />
<meta name="open-api-explorer/config/environment" content="%7B%22modulePrefix%22%3A%22open-api-explorer%22%2C%22environment%22%3A%22development%22%2C%22APP%22%3A%7B%22NAMESPACE_ROOT_URLS%22%3A%5B%22sys/health%22%2C%22sys/seal-status%22%2C%22sys/license/features%22%5D%7D%7D" />
<meta name="replication/config/environment" content="%7B%22modulePrefix%22%3A%22replication%22%2C%22environment%22%3A%22development%22%7D" />
<meta name="vault/config/asset-manifest" content="%7B%22bundles%22%3A%7B%22kmip%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/kmip/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/kmip/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%2C%22open-api-explorer%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine-vendor.css%22%2C%22type%22%3A%22css%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine.css%22%2C%22type%22%3A%22css%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%2C%22replication%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/replication/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/replication/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%7D%7D" />
<meta name="vault/config/asset-manifest"
content="%7B%22bundles%22%3A%7B%22kmip%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/kmip/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/kmip/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%2C%22open-api-explorer%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine-vendor.css%22%2C%22type%22%3A%22css%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine.css%22%2C%22type%22%3A%22css%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/open-api-explorer/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%2C%22replication%22%3A%7B%22assets%22%3A%5B%7B%22uri%22%3A%22/ui/engines-dist/replication/assets/engine-vendor.js%22%2C%22type%22%3A%22js%22%7D%2C%7B%22uri%22%3A%22/ui/engines-dist/replication/assets/engine.js%22%2C%22type%22%3A%22js%22%7D%5D%7D%7D%7D" />
<link rel="stylesheet" href="/assets/vendor.css" />
<link rel="stylesheet" href="/assets/vault.css" />
<link rel="icon" href="/favicon.png" />
Expand All @@ -23,4 +24,4 @@
</script>
<script>runningTests = true;</script>
<script src="/assets/vendor.js"></script>
<script src="/assets/vault.js"></script>
<script src="/assets/vault.js"></script>
20 changes: 8 additions & 12 deletions ui/app/adapters/generated-item-list.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,29 +4,25 @@ import ApplicationAdapter from './application';
export default ApplicationAdapter.extend({
namespace: 'v1',
urlForItem() {},
optionsForQuery(id) {

fetchByQuery(store, query, isList) {
const { id } = query;
let data = {};
if (!id) {
data['list'] = true;
if (isList) {
data.list = true;
}
return { data };
},

fetchByQuery(store, query) {
const { id, method, type } = query;
return this.ajax(this.urlForItem(method, id, type), 'GET', this.optionsForQuery(id)).then(resp => {
return this.ajax(this.urlForItem(id, isList), 'GET', { data }).then(resp => {
const data = {
id,
name: id,
method,
method: id,
};

return assign({}, resp, data);
});
},

query(store, type, query) {
return this.fetchByQuery(store, query);
return this.fetchByQuery(store, query, true);
},

queryRecord(store, type, query) {
Expand Down
Loading

0 comments on commit 8f4530b

Please sign in to comment.