Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Update UI to Support Explicit AWS Credential Types #5139

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 16 additions & 10 deletions ui/app/components/role-aws-edit.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,8 @@ const { get, set } = Ember;
const SHOW_ROUTE = 'vault.cluster.secrets.backend.show';

export default RoleEdit.extend({
useARN: false,
init() {
this._super(...arguments);
const arn = get(this, 'model.arn');
if (arn) {
set(this, 'useARN', true);
}
},

actions: {
Expand All @@ -24,11 +19,22 @@ export default RoleEdit.extend({
if (type === 'create' && Ember.isBlank(modelId)) {
return;
}
// clear the policy or arn before save depending on "useARN"
if (get(this, 'useARN')) {
set(this, 'model.policy', '');
} else {
set(this, 'model.arn', '');

var credential_type = get(this, 'model.credential_type');
if (credential_type == "iam_user") {
set(this, 'model.role_arns', []);
}
if (credential_type == "assumed_role") {
set(this, 'model.policy_arns', []);
}
if (credential_type == "federation_token") {
set(this, 'model.role_arns', []);
set(this, 'model.policy_arns', []);
}

var policy_document = get(this, 'model.policy_document');
if (policy_document == '{}') {
set(this, 'model.policy_document', '');
}

this.persist('save', () => {
Expand Down
23 changes: 20 additions & 3 deletions ui/app/models/role-aws.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { expandAttributeMeta } from 'vault/utils/field-to-attrs';
const { attr } = DS;
const { computed } = Ember;

const CREATE_FIELDS = ['name', 'policy', 'arn'];
const CREATE_FIELDS = ['name', 'credential_type', 'credential_types', 'role_arns', 'policy_arns', 'policy_document'];
export default DS.Model.extend({
backend: attr('string', {
readOnly: true,
Expand All @@ -16,13 +16,30 @@ export default DS.Model.extend({
fieldValue: 'id',
readOnly: true,
}),
arn: attr('string', {
credential_type: attr('string', {
defaultValue: "iam_user",
}),
credential_types: attr({
label: 'Credential Types',
readOnly: true,
}),
role_arns: attr({
editType: 'stringArray',
label: 'Role ARNs',
}),
policy_arns: attr({
editType: 'stringArray',
}),
policy_document: attr('string', {
widget: 'json',
}),
/*arn: attr('string', {
helpText: '',
}),
policy: attr('string', {
helpText: '',
widget: 'json',
}),
}),*/
attrs: computed(function() {
let keys = CREATE_FIELDS.slice(0);
return expandAttributeMeta(this, keys);
Expand Down
78 changes: 46 additions & 32 deletions ui/app/templates/partials/role-aws/form.hbs
Original file line number Diff line number Diff line change
Expand Up @@ -13,42 +13,56 @@
</div>
{{/if}}
<div class="field">
<div class="level">
<div class="level-left">
{{#if useARN}}
<label for="arn" class="is-label">
ARN
</label>
{{else}}
<label for="policy" class="is-label">
Policy
</label>
{{/if}}
<label for="credential-type" class="is-label">
Credential Type
</label>
<div class="control is-expanded">
<div class="select is-fullwidth">
<select
name="credential-type"
id="credential-type"
onchange={{action (mut model.credential_type) value="target.value"}}
>
<option selected={{eq model.credential_types "iam_user"}} value="iam_user">
IAM User
</option>
<option selected={{eq model.credential_types "assumed_role"}} value="assumed_role">
Assumed Role
</option>
<option selected={{eq model.credential_types "federation_token"}} value="federation_token">
Federation Token
</option>
</select>
</div>
<div class="level-right">
<div class="control is-flex">
{{input
data-test-aws-toggle-use-arn=true
id="use-arn"
type="checkbox"
name="use-arn"
class="switch is-rounded is-success is-small"
checked=useARN
}}
<label for="use-arn">Use Amazon Resource Name</label>
</div>
</div>
</div>
{{#if (eq model.credential_type "assumed_role") }}
{{string-list
label="Role ARNs"
inputValue=model.role_arns
attr=model.role_arns
}}
{{/if}}
{{#if (eq model.credential_type "iam_user") }}
<div class="field">
<label for="policy_arns" class="is-label">
Policy ARNs
</label>
<div class="control">
{{input id="policy_arns" value=model.policy_arns class="input" data-test-input="policy_arns"}}
</div>
</div>
<div class="control">
{{#if useARN}}
{{input id="arn" value=model.arn class="input" data-test-input="arn"}}
{{else}}
{{/if}}
</div>
<div class="field">
<label for="policy_document" class="is-label">
Policy
</label>
<div class="control">
{{json-editor
value=(if model.policy (stringify (jsonify model.policy)) emptyData)
valueUpdated=(action "codemirrorUpdated" "policy")
}}
{{/if}}
</div>
value=(if model.policy_document (stringify (jsonify model.policy_document)) emptyData)
valueUpdated=(action "codemirrorUpdated" "policy_document")
}}
</div>
</div>
<div class="field is-grouped-split box is-fullwidth is-bottomless">
Expand Down
6 changes: 4 additions & 2 deletions ui/app/templates/partials/role-aws/show.hbs
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
<div class="box is-fullwidth is-sideless is-paddingless is-marginless">
{{#each model.attrs as |attr|}}
{{#if (eq attr.name "policy")}}
{{#if (eq attr.name "policy_document")}}
{{#info-table-row label=(capitalize (or attr.options.label (humanize (dasherize attr.name)))) value=model.policy}}
<pre><code class="is-paddingless">{{stringify (jsonify model.policy)}}</code></pre>
{{/info-table-row}}
{{else}}
{{info-table-row label=(capitalize (or attr.options.label (humanize (dasherize attr.name)))) value=(get model attr.name)}}
{{#unless (eq attr.name "credential_type")}}
{{info-table-row label=(capitalize (or attr.options.label (humanize (dasherize attr.name)))) value=(get model attr.name)}}
{{/unless}}
{{/if}}
{{/each}}
</div>