[UI][Bugfix] VAULT-43725 Add validations for LDAP roles create / edit forms (#13757) (#13863) (#13964)

* LDAP create role name field should only contain lowercase and alphanumeric characters * Add changelog.. * Fix controller issue Co-authored-by: Kianna <30884335+kiannaquach@users.noreply.github.com>
2026-05-07 13:26:27 +02:00 · 2026-04-15 15:15:59 -04:00 · 2026-04-15 15:15:59 -04:00 · 7e75a27f68
commit 7e75a27f68
parent f62942aa3a
4 changed files with 34 additions and 7 deletions
--- a/changelog/_13757.txt
+++ b/changelog/_13757.txt
@ -0,0 +1,3 @@
+```release-note:bug
+ui: Add name field validation to LDAP create and edit roles forms. 
+```
--- a/ui/app/forms/secrets/ldap/roles/dynamic.ts
+++ b/ui/app/forms/secrets/ldap/roles/dynamic.ts
@ -84,7 +84,18 @@ export default class LdapDynamicRoleForm extends Form<LdapDynamicRoleFormData> {
  ];

  validations: Validations = {
-    name: [{ type: 'presence', message: 'Name is required' }],
+    name: [
+      { type: 'presence', message: 'Name is required' },
+      {
+        validator: ({ name }: LdapDynamicRoleFormData) => {
+          // Allow alphanumeric, hyphens, underscores, periods, and forward slashes
+          const validPattern = /^[a-z0-9\-_./]+$/;
+          return validPattern.test(name);
+        },
+        message:
+          'Name must be lowercase and can only contain alphanumeric characters, hyphens, underscores, periods, and forward slashes.',
+      },
+    ],
    creation_ldif: [{ type: 'presence', message: 'Creation LDIF is required.' }],
    deletion_ldif: [{ type: 'presence', message: 'Deletion LDIF is required.' }],
  };
--- a/ui/app/forms/secrets/ldap/roles/static.ts
+++ b/ui/app/forms/secrets/ldap/roles/static.ts
@ -8,11 +8,11 @@ import FormField from 'vault/utils/forms/field';
 import type { Validations } from 'vault/app-types';
 import type { LdapWriteStaticRoleRequest } from '@hashicorp/vault-client-typescript';

-type LdapDynamicRoleFormData = LdapWriteStaticRoleRequest & {
+type LdapStaticRoleFormData = LdapWriteStaticRoleRequest & {
  name: string;
 };

-export default class LdapStaticRoleForm extends Form<LdapDynamicRoleFormData> {
+export default class LdapStaticRoleForm extends Form<LdapStaticRoleFormData> {
  formFields = [
    new FormField('name', 'string', {
      label: 'Role name',
@ -38,7 +38,18 @@ export default class LdapStaticRoleForm extends Form<LdapDynamicRoleFormData> {
  ];

  validations: Validations = {
-    name: [{ type: 'presence', message: 'Name is required' }],
+    name: [
+      { type: 'presence', message: 'Name is required' },
+      {
+        validator: ({ name }: LdapStaticRoleFormData) => {
+          // Allow alphanumeric, hyphens, underscores, periods, and forward slashes
+          const validPattern = /^[a-z0-9\-_./]+$/;
+          return validPattern.test(name);
+        },
+        message:
+          'Name must be lowercase and can only contain alphanumeric characters, hyphens, underscores, periods, and forward slashes.',
+      },
+    ],
    username: [{ type: 'presence', message: 'Username is required.' }],
    rotation_period: [{ type: 'presence', message: 'Rotation Period is required.' }],
  };
--- a/ui/lib/ldap/addon/routes/error.ts
+++ b/ui/lib/ldap/addon/routes/error.ts
@ -8,14 +8,15 @@ import { service } from '@ember/service';

 import type Transition from '@ember/routing/transition';
 import type AdapterError from '@ember-data/adapter/error';
-import type SecretEngineModel from 'vault/models/secret-engine';
+import type SecretsEngineResource from 'vault/resources/secrets/engine';
 import type { Breadcrumb } from 'vault/vault/app-types';
 import type Controller from '@ember/controller';
 import type SecretMountPath from 'vault/services/secret-mount-path';
+import type { LdapApplicationModel } from './application';

 interface LdapErrorController extends Controller {
  breadcrumbs: Array<Breadcrumb>;
-  backend: SecretEngineModel;
+  backend: SecretsEngineResource;
 }

 export default class LdapErrorRoute extends Route {
@ -28,6 +29,7 @@ export default class LdapErrorRoute extends Route {
      { label: 'Secrets engines', route: 'secrets', linkExternal: true },
      { label: this.secretMountPath.currentPath, route: 'overview' },
    ];
-    controller.backend = this.modelFor('application') as SecretEngineModel;
+    const { secretsEngine } = this.modelFor('application') as LdapApplicationModel;
+    controller.backend = secretsEngine;
  }
 }