OpenAPI CRUD views

ui/app/adapters/generated-item-list.js

@@ -0,0 +1,35 @@
+import { assign } from '@ember/polyfills';
+import ApplicationAdapter from './application';
+
+export default ApplicationAdapter.extend({
+  namespace: 'v1',
+  urlForItem() {},
+  optionsForQuery(id) {
+    let data = {};
+    if (!id) {
+      data['list'] = true;
+    }
+    return { data };
+  },
+
+  fetchByQuery(store, query) {
+    const { id, method, type } = query;
+    return this.ajax(this.urlForItem(method, id, type), 'GET', this.optionsForQuery(id)).then(resp => {
+      const data = {
+        id,
+        name: id,
+        method,
+      };
+
+      return assign({}, resp, data);
+    });
+  },
+
+  query(store, type, query) {
+    return this.fetchByQuery(store, query);
+  },
+
+  queryRecord(store, type, query) {
+    return this.fetchByQuery(store, query);
+  },
+});

ui/app/components/field-group-show.js

@@ -0,0 +1,21 @@
+/**
+ * @module FieldGroupShow
+ * FieldGroupShow components loop through a Model's fieldGroups
+ * to display their attributes
+ *
+ * @example
+ * ```js
+ * <FieldGroupShow @model={{model}} @showAllFields=true />
+ * ```
+ *
+ * @param model {Object} - the model
+ * @param [showAllFields=false] {boolean} - whether to show fields with empty values
+ */
+import Component from '@ember/component';
+import layout from '../templates/components/field-group-show';
+
+export default Component.extend({
+  layout,
+  model: null,
+  showAllFields: false,
+});

ui/app/components/generated-item.js

@@ -0,0 +1,52 @@
+import { inject as service } from '@ember/service';
+import Component from '@ember/component';
+import { computed } from '@ember/object';
+import { task } from 'ember-concurrency';
+import DS from 'ember-data';
+
+/**
+ * @module GeneratedItem
+ * The `GeneratedItem` is the form to configure generated items related to mounts (e.g. groups, roles, users)
+ *
+ * @example
+ * ```js
+ * <GeneratedItem @model={{model}} @mode={{mode}} @itemType={{itemType/>
+ * ```
+ *
+ * @property model=null {DS.Model} - The corresponding item model that is being configured.
+ * @property mode {String} - which config mode to use. either `show`, `edit`, or `create`
+ * @property itemType {String} - the type of item displayed
+ *
+ */
+
+export default Component.extend({
+  model: null,
+  itemType: null,
+  flashMessages: service(),
+  router: service(),
+  props: computed(function() {
+    return this.model.serialize();
+  }),
+  saveModel: task(function*() {
+    try {
+      yield this.model.save();
+    } catch (err) {
+      // AdapterErrors are handled by the error-message component
+      // in the form
+      if (err instanceof DS.AdapterError === false) {
+        throw err;
+      }
+      return;
+    }
+    this.router.transitionTo('vault.cluster.access.method.item.list').followRedirects();
+    this.flashMessages.success(`The ${this.itemType} configuration was saved successfully.`);
+  }).withTestWaiter(),
+  actions: {
+    deleteItem() {
+      this.model.destroyRecord().then(() => {
+        this.router.transitionTo('vault.cluster.access.method.item.list').followRedirects();
+        this.flashMessages.success(`${this.model.id} ${this.itemType} was deleted successfully.`);
+      });
+    },
+  },
+});

ui/app/components/section-tabs.js

@@ -2,13 +2,12 @@ import Component from '@ember/component';
 
 const SectionTabs = Component.extend({
   tagName: '',
-
   model: null,
   tabType: 'authSettings',
 });
 
 SectionTabs.reopenClass({
-  positionalParams: ['model', 'tabType'],
+  positionalParams: ['model', 'tabType', 'paths'],
 });
 
 export default SectionTabs;

ui/app/controllers/vault/cluster/access/method/item/list.js

@@ -0,0 +1,4 @@
+import Controller from '@ember/controller';
+import ListController from 'vault/mixins/list-controller';
+
+export default Controller.extend(ListController, {});

ui/app/helpers/tabs-for-auth-section.js

@@ -1,4 +1,6 @@
 import { helper as buildHelper } from '@ember/component/helper';
+import { pluralize } from 'ember-inflector';
+import { capitalize } from '@ember/string';
 
 const TABS_FOR_SETTINGS = {
   aws: [
@@ -73,19 +75,28 @@ const TABS_FOR_SETTINGS = {
 
 const TABS_FOR_SHOW = {};
 
-export function tabsForAuthSection([methodType, sectionType = 'authSettings']) {
+export function tabsForAuthSection([model, sectionType = 'authSettings', paths]) {
   let tabs;
-
   if (sectionType === 'authSettings') {
-    tabs = (TABS_FOR_SETTINGS[methodType] || []).slice();
+    tabs = (TABS_FOR_SETTINGS[model.type] || []).slice();
     tabs.push({
       label: 'Method Options',
       routeParams: ['vault.cluster.settings.auth.configure.section', 'options'],
     });
     return tabs;
   }
 
-  tabs = (TABS_FOR_SHOW[methodType] || []).slice();
+  if (paths) {
+    tabs = paths.map(path => {
+      let itemName = path.slice(1); //get rid of leading slash
+      return {
+        label: capitalize(pluralize(itemName)),
+        routeParams: ['vault.cluster.access.method.item.list', itemName],
+      };
+    });
+  } else {
+    tabs = (TABS_FOR_SHOW[model.type] || []).slice();
+  }
   tabs.push({
     label: 'Configuration',
     routeParams: ['vault.cluster.access.method.section', 'configuration'],

ui/app/models/auth-config/github.js

@@ -19,6 +19,7 @@ export default AuthConfig.extend({
       {
         'GitHub Options': ['baseUrl'],
       },
+      { TTLs: ['ttl', 'maxTtl'] },
     ];
     if (this.newFields) {
       groups = combineFieldGroups(groups, this.newFields, []);

ui/app/models/auth-config/ldap.js

@@ -1,50 +1,11 @@
 import { computed } from '@ember/object';
-import DS from 'ember-data';
 
 import AuthConfig from '../auth-config';
 import fieldToAttrs from 'vault/utils/field-to-attrs';
 import { combineFieldGroups } from 'vault/utils/openapi-to-attrs';
 
-const { attr } = DS;
-
 export default AuthConfig.extend({
   useOpenAPI: true,
-  binddn: attr('string', {
-    helpText: 'Used when performing user search. Example: cn=vault,ou=Users,dc=example,dc=com',
-  }),
-  bindpass: attr('string', {
-    helpText: 'Used along with binddn when performing user search',
-    sensitive: true,
-  }),
-  userdn: attr('string', {
-    helpText: 'Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com',
-  }),
-  userattr: attr('string', {
-    helpText:
-      'Attribute on user attribute object matching the username passed when authenticating. Examples: sAMAccountName, cn, uid',
-  }),
-  upndomain: attr('string', {
-    helpText:
-      'The userPrincipalDomain used to construct the UPN string for the authenticating user. The constructed UPN will appear as [username]@UPNDomain. Example: example.com, which will cause vault to bind as [email protected].',
-  }),
-
-  groupfilter: attr('string', {
-    helpText:
-      'Go template used when constructing the group membership query. The template can access the following context variables: [UserDN, Username]. The default is (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}})), which is compatible with several common directory schemas. To support nested group resolution for Active Directory, instead use the following query: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))',
-  }),
-  groupdn: attr('string', {
-    helpText:
-      'LDAP search base for group membership search. This can be the root containing either groups or users. Example: ou=Groups,dc=example,dc=com',
-  }),
-  groupattr: attr('string', {
-    helpText:
-      'LDAP attribute to follow on objects returned by groupfilter in order to enumerate user group membership. Examples: for groupfilter queries returning group objects, use: cn. For queries returning user objects, use: memberOf. The default is cn.',
-  }),
-  useTokenGroups: attr('boolean', {
-    helpText:
-      'Use the Active Directory tokenGroups constructed attribute to find the group memberships. This returns all security groups for the user, including nested groups. In an Active Directory environment with a large number of groups this method offers increased performance. Selecting this will cause Group DN, Attribute, and Filter to be ignored.',
-  }),
-
   fieldGroups: computed(function() {
     let groups = [
       {

ui/app/router.js

@@ -39,6 +39,12 @@ Router.map(function() {
         this.route('methods', { path: '/' });
         this.route('method', { path: '/:path' }, function() {
           this.route('index', { path: '/' });
+          this.route('item', { path: '/item/:item_type' }, function() {
+            this.route('list', { path: '/' });
+            this.route('create');
+            this.route('edit', { path: '/edit/:item_id' });
+            this.route('show', { path: '/show/:item_id' });
+          });
           this.route('section', { path: '/:section_name' });
         });
         this.route('leases', function() {

ui/app/routes/vault/cluster/access/method.js

@@ -1,9 +1,12 @@
 import { set } from '@ember/object';
 import Route from '@ember/routing/route';
 import DS from 'ember-data';
+import { inject as service } from '@ember/service';
 
 export default Route.extend({
+  pathHelp: service('path-help'),
   model(params) {
+    // eslint-disable-line rule
     const { path } = params;
     return this.store.findAll('auth-method').then(modelArray => {
       const model = modelArray.findBy('id', path);
@@ -12,7 +15,10 @@ export default Route.extend({
         set(error, 'httpStatus', 404);
         throw error;
       }
-      return model;
+      return this.pathHelp.getPaths(model.apiPath, path).then(paths => {
+        model.set('paths', paths);
+        return model;
+      });
     });
   },
 });

ui/app/routes/vault/cluster/access/method/item.js

@@ -0,0 +1,29 @@
+import { inject as service } from '@ember/service';
+import Route from '@ember/routing/route';
+import { singularize } from 'ember-inflector';
+
+export default Route.extend({
+  wizard: service(),
+  pathHelp: service('path-help'),
+
+  beforeModel() {
+    const { item_type: itemType } = this.paramsFor(this.routeName);
+    const { path: method } = this.paramsFor('vault.cluster.access.method');
+    let methodModel = this.modelFor('vault.cluster.access.method');
+    let { apiPath, type } = methodModel;
+    let modelType = `generated-${singularize(itemType)}-${type}`;
+    return this.pathHelp.getNewModel(modelType, method, apiPath, itemType);
+  },
+
+  setupController(controller) {
+    this._super(...arguments);
+    const { item_type: itemType } = this.paramsFor(this.routeName);
+    const { path } = this.paramsFor('vault.cluster.access.method');
+    const { apiPath } = this.modelFor('vault.cluster.access.method');
+    controller.set('itemType', itemType);
+    controller.set('method', path);
+    this.pathHelp.getPaths(apiPath, path, itemType).then(paths => {
+      controller.set('paths', Array.from(paths.list, pathInfo => pathInfo.path));
+    });
+  },
+});

ui/app/routes/vault/cluster/access/method/item/create.js

@@ -0,0 +1,28 @@
+import Route from '@ember/routing/route';
+import UnloadModelRoute from 'vault/mixins/unload-model-route';
+import UnsavedModelRoute from 'vault/mixins/unsaved-model-route';
+import { singularize } from 'ember-inflector';
+
+export default Route.extend(UnloadModelRoute, UnsavedModelRoute, {
+  model() {
+    const { item_type: itemType } = this.paramsFor('vault.cluster.access.method.item');
+    const methodModel = this.modelFor('vault.cluster.access.method');
+    const { type } = methodModel;
+    const { path: method } = this.paramsFor('vault.cluster.access.method');
+    const modelType = `generated-${singularize(itemType)}-${type}`;
+    return this.store.createRecord(modelType, {
+      itemType,
+      method,
+      adapterOptions: { path: `${method}/${itemType}` },
+    });
+  },
+
+  setupController(controller) {
+    this._super(...arguments);
+    const { item_type: itemType } = this.paramsFor('vault.cluster.access.method.item');
+    const { path: method } = this.paramsFor('vault.cluster.access.method');
+    controller.set('itemType', singularize(itemType));
+    controller.set('mode', 'create');
+    controller.set('method', method);
+  },
+});

ui/app/routes/vault/cluster/access/method/item/edit.js

@@ -0,0 +1,25 @@
+import Route from '@ember/routing/route';
+import UnloadModelRoute from 'vault/mixins/unload-model-route';
+import UnsavedModelRoute from 'vault/mixins/unsaved-model-route';
+import { singularize } from 'ember-inflector';
+
+export default Route.extend(UnloadModelRoute, UnsavedModelRoute, {
+  model(params) {
+    const methodModel = this.modelFor('vault.cluster.access.method');
+    const { type } = methodModel;
+    const { item_type: itemType } = this.paramsFor('vault.cluster.access.method.item');
+    let modelType = `generated-${singularize(itemType)}-${type}`;
+    return this.store.findRecord(modelType, params.item_id);
+  },
+
+  setupController(controller) {
+    this._super(...arguments);
+    const { item_type: itemType } = this.paramsFor('vault.cluster.access.method.item');
+    const { path: method } = this.paramsFor('vault.cluster.access.method');
+    const { item_id: itemName } = this.paramsFor(this.routeName);
+    controller.set('itemType', singularize(itemType));
+    controller.set('mode', 'edit');
+    controller.set('method', method);
+    controller.set('itemName', itemName);
+  },
+});