From 63a4212e81b906d44d0c297aafefbd9efc66966e Mon Sep 17 00:00:00 2001 From: hashishaw Date: Wed, 9 Mar 2022 18:30:39 +0000 Subject: [PATCH 1/3] backport of commit 8917416bc4f6319e0f2a466d63f0293224e05d7f --- ui/app/routes/vault/cluster.js | 27 +++++++++++++---- ui/tests/acceptance/managed-namespace-test.js | 30 ++++++++++++++++++- 2 files changed, 50 insertions(+), 7 deletions(-) diff --git a/ui/app/routes/vault/cluster.js b/ui/app/routes/vault/cluster.js index 2d36978ef17f..f613e8c0991b 100644 --- a/ui/app/routes/vault/cluster.js +++ b/ui/app/routes/vault/cluster.js @@ -10,6 +10,16 @@ import ModelBoundaryRoute from 'vault/mixins/model-boundary-route'; const POLL_INTERVAL_MS = 10000; +export const getManagedNamespace = (nsParam, root) => { + if (!nsParam || nsParam.replaceAll('/', '') === root) return root; + // Check if param starts with root and / + if (nsParam.startsWith(`${root}/`)) { + return nsParam; + } + // Otherwise prepend the given param with the root + return `${root}/${nsParam}`; +}; + export default Route.extend(ModelBoundaryRoute, ClusterRoute, { namespaceService: service('namespace'), version: service(), @@ -38,20 +48,25 @@ export default Route.extend(ModelBoundaryRoute, ClusterRoute, { const params = this.paramsFor(this.routeName); let namespace = params.namespaceQueryParam; const currentTokenName = this.auth.get('currentTokenName'); - // if no namespace queryParam and user authenticated, - // use user's root namespace to redirect to properly param'd url - if (this.featureFlagService.managedNamespaceRoot && this.version.isOSS) { + const managedRoot = this.featureFlagService.managedNamespaceRoot; + if (managedRoot && this.version.isOSS) { + // eslint-disable-next-line no-console console.error('Cannot use Cloud Admin Namespace flag with OSS Vault'); } - if (!namespace && currentTokenName && !Ember.testing) { + if (typeof managedRoot === 'string') { + let managed = getManagedNamespace(namespace, managedRoot); + if (managed !== namespace) { + this.transitionTo({ queryParams: { namespace: managed } }); + } + } else if (!namespace && currentTokenName && !Ember.testing) { + // if no namespace queryParam and user authenticated, + // use user's root namespace to redirect to properly param'd url const storage = getStorage().getItem(currentTokenName); namespace = storage?.userRootNamespace; // only redirect if something other than nothing if (namespace) { this.transitionTo({ queryParams: { namespace } }); } - } else if (!namespace && !!this.featureFlagService.managedNamespaceRoot) { - this.transitionTo({ queryParams: { namespace: this.featureFlagService.managedNamespaceRoot } }); } this.namespaceService.setNamespace(namespace); const id = this.getClusterId(params); diff --git a/ui/tests/acceptance/managed-namespace-test.js b/ui/tests/acceptance/managed-namespace-test.js index 43a3824561b9..950164ff8484 100644 --- a/ui/tests/acceptance/managed-namespace-test.js +++ b/ui/tests/acceptance/managed-namespace-test.js @@ -3,6 +3,7 @@ import { currentURL, visit, fillIn } from '@ember/test-helpers'; import { setupApplicationTest } from 'ember-qunit'; import Pretender from 'pretender'; import logout from 'vault/tests/pages/logout'; +import { getManagedNamespace } from 'vault/routes/vault/cluster'; const FEATURE_FLAGS_RESPONSE = { feature_flags: ['VAULT_CLOUD_ADMIN_NAMESPACE'], @@ -37,7 +38,6 @@ module('Acceptance | Enterprise | Managed namespace root', function (hooks) { await visit('/vault/auth'); assert.ok(currentURL().startsWith('/vault/auth'), 'Redirected to auth'); assert.ok(currentURL().includes('?namespace=admin'), 'with base namespace'); - assert.dom('[data-test-namespace-toolbar]').doesNotExist('Normal namespace toolbar does not exist'); assert.dom('[data-test-managed-namespace-toolbar]').exists('Managed namespace toolbar exists'); assert.dom('[data-test-managed-namespace-root]').hasText('/admin', 'Shows /admin namespace prefix'); @@ -50,4 +50,32 @@ module('Acceptance | Enterprise | Managed namespace root', function (hooks) { 'Correctly prepends root to namespace' ); }); + + test('getManagedNamespace helper works as expected', function (assert) { + let managedNs = getManagedNamespace(null, 'admin'); + assert.equal(managedNs, 'admin', 'returns root ns when no namespace present'); + managedNs = getManagedNamespace('admin/', 'admin'); + assert.equal(managedNs, 'admin', 'returns root ns when matches passed ns'); + managedNs = getManagedNamespace('adminfoo/', 'admin'); + assert.equal( + managedNs, + 'admin/adminfoo/', + 'appends passed namespace to root even if it matches without slashes' + ); + managedNs = getManagedNamespace('admin/foo/', 'admin'); + assert.equal(managedNs, 'admin/foo/', 'returns passed namespace if it starts with root and /'); + }); + + test('it redirects to root prefixed ns when non-root passed', async function (assert) { + await logout.visit(); + await visit('/vault/auth?namespace=admindev'); + assert.ok(currentURL().startsWith('/vault/auth'), 'Redirected to auth'); + assert.ok( + currentURL().includes(`?namespace=${encodeURIComponent('admin/admindev')}`), + 'with appended namespace' + ); + + assert.dom('[data-test-managed-namespace-root]').hasText('/admin', 'Shows /admin namespace prefix'); + assert.dom('input#namespace').hasValue('/admindev', 'Input has /dev value'); + }); }); From ee3ad0afe2b0ba5de1781bdb0cf0d1f443404391 Mon Sep 17 00:00:00 2001 From: hashishaw Date: Wed, 9 Mar 2022 18:33:39 +0000 Subject: [PATCH 2/3] backport of commit c6848e3f1dbb61853d70a08061e630f4e183ac02 --- ui/app/routes/vault/cluster.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ui/app/routes/vault/cluster.js b/ui/app/routes/vault/cluster.js index f613e8c0991b..9f80e82e7d91 100644 --- a/ui/app/routes/vault/cluster.js +++ b/ui/app/routes/vault/cluster.js @@ -53,12 +53,7 @@ export default Route.extend(ModelBoundaryRoute, ClusterRoute, { // eslint-disable-next-line no-console console.error('Cannot use Cloud Admin Namespace flag with OSS Vault'); } - if (typeof managedRoot === 'string') { - let managed = getManagedNamespace(namespace, managedRoot); - if (managed !== namespace) { - this.transitionTo({ queryParams: { namespace: managed } }); - } - } else if (!namespace && currentTokenName && !Ember.testing) { + if (!namespace && currentTokenName && !Ember.testing) { // if no namespace queryParam and user authenticated, // use user's root namespace to redirect to properly param'd url const storage = getStorage().getItem(currentTokenName); @@ -67,6 +62,11 @@ export default Route.extend(ModelBoundaryRoute, ClusterRoute, { if (namespace) { this.transitionTo({ queryParams: { namespace } }); } + } else if (managedRoot !== null) { + let managed = getManagedNamespace(namespace, managedRoot); + if (managed !== namespace) { + this.transitionTo({ queryParams: { namespace: managed } }); + } } this.namespaceService.setNamespace(namespace); const id = this.getClusterId(params); From 1409670d4f4d6c8ed8ba1179471d767685726d1d Mon Sep 17 00:00:00 2001 From: hashishaw Date: Wed, 9 Mar 2022 18:53:31 +0000 Subject: [PATCH 3/3] backport of commit d72845d740e9d135ac547e55d113eb17033dc69e --- changelog/14422.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelog/14422.txt diff --git a/changelog/14422.txt b/changelog/14422.txt new file mode 100644 index 000000000000..edfc380677cc --- /dev/null +++ b/changelog/14422.txt @@ -0,0 +1,3 @@ +```release-note:bug +ui: Redirects to managed namespace if incorrect namespace in URL param +``` \ No newline at end of file