-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UI: Enable KV create secret with Control Group #22471
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
hashicorp-contributed-pr
If the PR is HashiCorp (i.e. not-community) contributed
label
Aug 21, 2023
Build Results: |
kiannaquach
reviewed
Aug 21, 2023
kiannaquach
approved these changes
Aug 21, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
CI Results: |
const data = { accessor, token, creation_path, creation_time, ttl }; | ||
// data.uiParams = { url: this.router.currentURL }; | ||
this.storeControlGroupToken(data); | ||
// In the read flow the accessor is marked once the user clicks "Visit" from the control group page |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you for these comments!
This was referenced Aug 21, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
Used to indicate a potential bug
hashicorp-contributed-pr
If the PR is HashiCorp (i.e. not-community) contributed
ui
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes the experience in the UI when attempting to create a new secret while a policy utilizing control groups. The example policy below which requires authorization for read, create, and update:
Before
Before, the submit button was disabled if there was an API error:
Once resubmit was enabled, there was a loop where each subsequent request to create the secret would generate a new control group accessor (which shows on the error banner):
After
I added notes to the codebase, but essentially we need to mark the token for unwrap when we handle the control group error in the control group, so that the next request attempts to unwrap instead of call the same POST endpoint.
Since I tested with a control group on read as well, I added a flash message to successful create or update in case the show page redirects to the control group page:
authorizing this request takes you back to the create page, but fixing that is out of scope of this fix.
A note about updating
This flow also technically enables secret updating via the UI with a control group, but if you navigate to the update page via the UI (rather than a direct link) the redirections will prevent you from ever reaching the update form because the UI re-fetches the secret data on the update page. This flow should be fully fixed with #22426 and the navigation refresh