diff --git a/ui/app/components/role-aws-edit.js b/ui/app/components/role-aws-edit.js index 0b5fb5ec6960..23e6f6ae5951 100644 --- a/ui/app/components/role-aws-edit.js +++ b/ui/app/components/role-aws-edit.js @@ -5,13 +5,8 @@ const { get, set } = Ember; const SHOW_ROUTE = 'vault.cluster.secrets.backend.show'; export default RoleEdit.extend({ - useARN: false, init() { this._super(...arguments); - const arn = get(this, 'model.arn'); - if (arn) { - set(this, 'useARN', true); - } }, actions: { @@ -24,11 +19,22 @@ export default RoleEdit.extend({ if (type === 'create' && Ember.isBlank(modelId)) { return; } - // clear the policy or arn before save depending on "useARN" - if (get(this, 'useARN')) { - set(this, 'model.policy', ''); - } else { - set(this, 'model.arn', ''); + + var credential_type = get(this, 'model.credential_type'); + if (credential_type == "iam_user") { + set(this, 'model.role_arns', []); + } + if (credential_type == "assumed_role") { + set(this, 'model.policy_arns', []); + } + if (credential_type == "federation_token") { + set(this, 'model.role_arns', []); + set(this, 'model.policy_arns', []); + } + + var policy_document = get(this, 'model.policy_document'); + if (policy_document == '{}') { + set(this, 'model.policy_document', ''); } this.persist('save', () => { diff --git a/ui/app/models/role-aws.js b/ui/app/models/role-aws.js index b90d5e842314..fb54d7add1ec 100644 --- a/ui/app/models/role-aws.js +++ b/ui/app/models/role-aws.js @@ -6,7 +6,7 @@ import { expandAttributeMeta } from 'vault/utils/field-to-attrs'; const { attr } = DS; const { computed } = Ember; -const CREATE_FIELDS = ['name', 'policy', 'arn']; +const CREATE_FIELDS = ['name', 'credential_type', 'credential_types', 'role_arns', 'policy_arns', 'policy_document']; export default DS.Model.extend({ backend: attr('string', { readOnly: true, @@ -16,13 +16,30 @@ export default DS.Model.extend({ fieldValue: 'id', readOnly: true, }), - arn: attr('string', { + credential_type: attr('string', { + defaultValue: "iam_user", + }), + credential_types: attr({ + label: 'Credential Types', + readOnly: true, + }), + role_arns: attr({ + editType: 'stringArray', + label: 'Role ARNs', + }), + policy_arns: attr({ + editType: 'stringArray', + }), + policy_document: attr('string', { + widget: 'json', + }), + /*arn: attr('string', { helpText: '', }), policy: attr('string', { helpText: '', widget: 'json', - }), + }),*/ attrs: computed(function() { let keys = CREATE_FIELDS.slice(0); return expandAttributeMeta(this, keys); diff --git a/ui/app/templates/partials/role-aws/form.hbs b/ui/app/templates/partials/role-aws/form.hbs index 18dbbc493d1e..16a0bd8388d4 100644 --- a/ui/app/templates/partials/role-aws/form.hbs +++ b/ui/app/templates/partials/role-aws/form.hbs @@ -13,42 +13,56 @@ {{/if}}
{{stringify (jsonify model.policy)}}
{{/info-table-row}}
{{else}}
- {{info-table-row label=(capitalize (or attr.options.label (humanize (dasherize attr.name)))) value=(get model attr.name)}}
+ {{#unless (eq attr.name "credential_type")}}
+ {{info-table-row label=(capitalize (or attr.options.label (humanize (dasherize attr.name)))) value=(get model attr.name)}}
+ {{/unless}}
{{/if}}
{{/each}}