From 9775002e5e2df437a5bd0d23c39626f7628763b5 Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Tue, 14 Feb 2023 15:52:37 -0700 Subject: [PATCH 1/7] fix, need to test and write test for --- ui/app/models/database/role.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/app/models/database/role.js b/ui/app/models/database/role.js index b9690e9cf34a..c66a1bc5edec 100644 --- a/ui/app/models/database/role.js +++ b/ui/app/models/database/role.js @@ -1,6 +1,6 @@ import Model, { attr } from '@ember-data/model'; import { computed } from '@ember/object'; -import { alias } from '@ember/object/computed'; +import { alias, or } from '@ember/object/computed'; import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; import { expandAttributeMeta } from 'vault/utils/field-to-attrs'; import { getRoleFields } from 'vault/utils/database-helpers'; @@ -129,7 +129,7 @@ export default Model.extend({ canCreateStatic: alias('staticPath.canCreate'), credentialPath: lazyCapabilities(apiPath`${'backend'}/creds/${'id'}`, 'backend', 'id'), staticCredentialPath: lazyCapabilities(apiPath`${'backend'}/static-creds/${'id'}`, 'backend', 'id'), - canGenerateCredentials: alias('credentialPath.canRead'), + canGenerateCredentials: or('credentialPath.canRead', 'staticCredentialPath.canRead'), canGetCredentials: alias('staticCredentialPath.canRead'), databasePath: lazyCapabilities(apiPath`${'backend'}/config/${'database[0]'}`, 'backend', 'database'), canUpdateDb: alias('databasePath.canUpdate'), From 2a73ff03b9005e1aca6f8ef490222b07c3e58618 Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Wed, 15 Feb 2023 10:26:00 -0700 Subject: [PATCH 2/7] the fix --- ui/app/models/database/role.js | 5 +++-- ui/app/templates/components/database-role-edit.hbs | 7 ++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ui/app/models/database/role.js b/ui/app/models/database/role.js index c66a1bc5edec..e17c031343fc 100644 --- a/ui/app/models/database/role.js +++ b/ui/app/models/database/role.js @@ -1,6 +1,6 @@ import Model, { attr } from '@ember-data/model'; import { computed } from '@ember/object'; -import { alias, or } from '@ember/object/computed'; +import { alias } from '@ember/object/computed'; import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; import { expandAttributeMeta } from 'vault/utils/field-to-attrs'; import { getRoleFields } from 'vault/utils/database-helpers'; @@ -129,7 +129,8 @@ export default Model.extend({ canCreateStatic: alias('staticPath.canCreate'), credentialPath: lazyCapabilities(apiPath`${'backend'}/creds/${'id'}`, 'backend', 'id'), staticCredentialPath: lazyCapabilities(apiPath`${'backend'}/static-creds/${'id'}`, 'backend', 'id'), - canGenerateCredentials: or('credentialPath.canRead', 'staticCredentialPath.canRead'), + canGenerateCredentials: alias('credentialPath.canRead'), + canGenerateStaticCredentials: alias('staticCredentialPath.canRead'), canGetCredentials: alias('staticCredentialPath.canRead'), databasePath: lazyCapabilities(apiPath`${'backend'}/config/${'database[0]'}`, 'backend', 'database'), canUpdateDb: alias('databasePath.canUpdate'), diff --git a/ui/app/templates/components/database-role-edit.hbs b/ui/app/templates/components/database-role-edit.hbs index 5528c6f6ea95..673e0749d503 100644 --- a/ui/app/templates/components/database-role-edit.hbs +++ b/ui/app/templates/components/database-role-edit.hbs @@ -36,7 +36,12 @@ Rotate credentials {{/if}} - {{#if @model.canGenerateCredentials}} + {{#if + (or + (and (eq @model.type "static") @model.canGenerateStaticCredentials) + (and (eq @model.type "dynamic") @model.canGenerateCredentials) + ) + }} diff --git a/ui/tests/integration/components/database-role-edit-test.js b/ui/tests/integration/components/database-role-edit-test.js new file mode 100644 index 000000000000..3a80cf5cb244 --- /dev/null +++ b/ui/tests/integration/components/database-role-edit-test.js @@ -0,0 +1,45 @@ +import { module, test } from 'qunit'; +import { setupRenderingTest } from 'ember-qunit'; +import { render } from '@ember/test-helpers'; +import { hbs } from 'ember-cli-htmlbars'; +import { setupMirage } from 'ember-cli-mirage/test-support'; +import { capabilitiesStub } from 'vault/tests/helpers/stubs'; + +module('Integration | Component | database-role-edit meep', function (hooks) { + setupRenderingTest(hooks); + setupMirage(hooks); + + hooks.beforeEach(function () { + this.store = this.owner.lookup('service:store'); + this.store.pushPayload('database-role', { + modelName: 'database/role', + database: ['my-mongodb-database'], + backend: 'database', + type: 'static', + name: 'my-static-role', + id: 'my-static-role', + }); + this.store.pushPayload('database-role', { + modelName: 'database/role', + database: ['my-mongodb-database'], + backend: 'database', + type: 'dynamic', + name: 'my-dynamic-role', + id: 'my-dynamic-role', + }); + this.modelStatic = this.store.peekRecord('database/role', 'my-static-role'); + this.modelDynamic = this.store.peekRecord('database/role', 'my-dynamic-role'); + }); + + test('it should show Get credentials button when a user has the correct policy', async function (assert) { + this.server.post('/sys/capabilities-self', capabilitiesStub('database/static-creds/my-role', ['read'])); + await render(hbs``); + assert.dom('[data-test-database-role-creds="static"]').exists('Get credentials button exists'); + }); + + test('it should show Generate credentials button when a user has the correct policy', async function (assert) { + this.server.post('/sys/capabilities-self', capabilitiesStub('database/creds/my-role', ['read'])); + await render(hbs``); + assert.dom('[data-test-database-role-creds="dynamic"]').exists('Generate credentials button exists'); + }); +}); From 4fdc3fbc3f1bd34f98b68141dbb8b4792cfb9ccf Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Wed, 15 Feb 2023 16:11:37 -0700 Subject: [PATCH 4/7] changelog: --- changelog/19190.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changelog/19190.txt diff --git a/changelog/19190.txt b/changelog/19190.txt new file mode 100644 index 000000000000..480006b1ebc8 --- /dev/null +++ b/changelog/19190.txt @@ -0,0 +1,3 @@ +```release-note:bug +ui: show Get credentials button for static roles detail page when a user has the proper permissions. +``` From 405adbffc61a6684424ebdfdbe5f74be658a2c5a Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Thu, 16 Feb 2023 10:21:18 -0700 Subject: [PATCH 5/7] woops param already existed --- ui/app/models/database/role.js | 1 - ui/app/templates/components/database-role-edit.hbs | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/ui/app/models/database/role.js b/ui/app/models/database/role.js index e17c031343fc..b9690e9cf34a 100644 --- a/ui/app/models/database/role.js +++ b/ui/app/models/database/role.js @@ -130,7 +130,6 @@ export default Model.extend({ credentialPath: lazyCapabilities(apiPath`${'backend'}/creds/${'id'}`, 'backend', 'id'), staticCredentialPath: lazyCapabilities(apiPath`${'backend'}/static-creds/${'id'}`, 'backend', 'id'), canGenerateCredentials: alias('credentialPath.canRead'), - canGenerateStaticCredentials: alias('staticCredentialPath.canRead'), canGetCredentials: alias('staticCredentialPath.canRead'), databasePath: lazyCapabilities(apiPath`${'backend'}/config/${'database[0]'}`, 'backend', 'database'), canUpdateDb: alias('databasePath.canUpdate'), diff --git a/ui/app/templates/components/database-role-edit.hbs b/ui/app/templates/components/database-role-edit.hbs index 8ea36263d572..f6b1e85a5fad 100644 --- a/ui/app/templates/components/database-role-edit.hbs +++ b/ui/app/templates/components/database-role-edit.hbs @@ -38,7 +38,7 @@ {{/if}} {{#if (or - (and (eq @model.type "static") @model.canGenerateStaticCredentials) + (and (eq @model.type "static") @model.canGetCredentials) (and (eq @model.type "dynamic") @model.canGenerateCredentials) ) }} From 0383aff61a225cb2536944c7e4b57829622dd635 Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Thu, 16 Feb 2023 10:25:47 -0700 Subject: [PATCH 6/7] remove test coverage --- ui/tests/integration/components/database-role-edit-test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ui/tests/integration/components/database-role-edit-test.js b/ui/tests/integration/components/database-role-edit-test.js index 3a80cf5cb244..15304619f36b 100644 --- a/ui/tests/integration/components/database-role-edit-test.js +++ b/ui/tests/integration/components/database-role-edit-test.js @@ -5,7 +5,7 @@ import { hbs } from 'ember-cli-htmlbars'; import { setupMirage } from 'ember-cli-mirage/test-support'; import { capabilitiesStub } from 'vault/tests/helpers/stubs'; -module('Integration | Component | database-role-edit meep', function (hooks) { +module('Integration | Component | database-role-edit', function (hooks) { setupRenderingTest(hooks); setupMirage(hooks); From 4a670912f52c095357bc478032000d68133109cc Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Thu, 16 Feb 2023 10:45:06 -0700 Subject: [PATCH 7/7] Delete database-role-edit-test.js --- .../components/database-role-edit-test.js | 45 ------------------- 1 file changed, 45 deletions(-) delete mode 100644 ui/tests/integration/components/database-role-edit-test.js diff --git a/ui/tests/integration/components/database-role-edit-test.js b/ui/tests/integration/components/database-role-edit-test.js deleted file mode 100644 index 15304619f36b..000000000000 --- a/ui/tests/integration/components/database-role-edit-test.js +++ /dev/null @@ -1,45 +0,0 @@ -import { module, test } from 'qunit'; -import { setupRenderingTest } from 'ember-qunit'; -import { render } from '@ember/test-helpers'; -import { hbs } from 'ember-cli-htmlbars'; -import { setupMirage } from 'ember-cli-mirage/test-support'; -import { capabilitiesStub } from 'vault/tests/helpers/stubs'; - -module('Integration | Component | database-role-edit', function (hooks) { - setupRenderingTest(hooks); - setupMirage(hooks); - - hooks.beforeEach(function () { - this.store = this.owner.lookup('service:store'); - this.store.pushPayload('database-role', { - modelName: 'database/role', - database: ['my-mongodb-database'], - backend: 'database', - type: 'static', - name: 'my-static-role', - id: 'my-static-role', - }); - this.store.pushPayload('database-role', { - modelName: 'database/role', - database: ['my-mongodb-database'], - backend: 'database', - type: 'dynamic', - name: 'my-dynamic-role', - id: 'my-dynamic-role', - }); - this.modelStatic = this.store.peekRecord('database/role', 'my-static-role'); - this.modelDynamic = this.store.peekRecord('database/role', 'my-dynamic-role'); - }); - - test('it should show Get credentials button when a user has the correct policy', async function (assert) { - this.server.post('/sys/capabilities-self', capabilitiesStub('database/static-creds/my-role', ['read'])); - await render(hbs``); - assert.dom('[data-test-database-role-creds="static"]').exists('Get credentials button exists'); - }); - - test('it should show Generate credentials button when a user has the correct policy', async function (assert) { - this.server.post('/sys/capabilities-self', capabilitiesStub('database/creds/my-role', ['read'])); - await render(hbs``); - assert.dom('[data-test-database-role-creds="dynamic"]').exists('Generate credentials button exists'); - }); -});