* support wide width splash page
* add enable_self_enrollment param to mfa-method config
* build and implement mfa setup-card display only component
* fix transition bug navigating away from mfa method
* rename mfa card
* WIP implement self-enrollment workflow
* wip integration tests
* convert mfa-form to typescript
* remove unused import
* show alert whenver there is a QR code
* organze mfa steps into Mfa::VerifyForm and Mfa::SelfEnroll
* WIP stretch goals of mfa redesign
* add copyright headers
* update test
* add support for multiple constraints with self-enrollment
* remove comment
* fix multi-method UX
* fix state for failed validation
* remove changing button for error states
* add error handling and validation messages
* minor cleanup for params
* first round of cleanup and reorganization
* final round of logic cleanup and organization
* touch ups after testing with live backend
* fix comment
* final test cleanup!
* Apply suggestions from code review
* improve mirage error handling to more accurately mimic real failures
* add test coverage
* make qr rendering logic easier
* address PR feedback
* submit enroll form on enter, remove code digit number from copy, reset enroll state
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* updates auth method options route to use form and api client
* updates auth method config and section routes to use api client and open api form
* updates display attrs for auth method configs
* fixes plugin identity util fields tests
* fixes js lint error
* updates enable-tune-form tests
* hides specific form field for jwt/oidc auth config types
* Revert "updates display attrs for auth method configs"
This reverts commit 5d382f79276f56b3fdbe64fcbc9c8365c5f4b421.
* Revert "fixes plugin identity util fields tests"
This reverts commit 6d4acbe3228c796745f2dea6279c1540bb053c62.
* fixes config section test
* bumps api client version
* updates auth config form options component to use proper endpoint
* fixes enable tune form tests
* fixes auth config form options tests
* fixes type errors in snapshot-manage component
* updates recover_source_path arg to undefined so it is not included in the query params
* fixes remaining test failures related to user_lockout_config
---------
Co-authored-by: Vault Automation <github-team-secure-vault-core@hashicorp.com>
* build mirage handler for snapshot recovery endpoints
* WIP add namespace and mount fields to read/recover form
* change option to engine object
* update badge color according to status and make loaded snapshot reqs within root ns
* wip read reqs and view
* add recovery banner and form validation
* move read view into modal
* tidying
* organize
* tests
* style fixes
* error handling
* tests
* update requests with snapshot params
* style fix
* yarn lock update for latest spec updates
* tests
* add polling for snapshot status
* disable button when not in ready state
* reset errors
* don't poll during tests
* remove todo
* test updates
* fix ns select + test
* remove todo
* styling, tidy, mount options, engine types
* lots of tidying, add manual mount input, slower polling
* make read + recover requests in selected namespace
* link to child ns if recovering there
* test updates
* centralize recovery data values
* type, state and error improvements
---------
Co-authored-by: claire bontempo <cbontempo@hashicorp.com>
Co-authored-by: Lane Wetmore <lane.wetmore@hashicorp.com>
* updates api client vars to snake_case for custom messages
* updates api client vars to snake_case for tools
* updates api client vars to snake_case for sync
* updates api client vars to snake_case for secrets engine
* updates api client vars to snake_case for auth
* updates api client vars to snake_case for usage
* updates api client dep to point to gh repo
* fixes custom-messages service unit tests
* fixes configure-ssh test
* fixes configure-ssh test...again
* change entity_id to camel casing, remove "backends" key from stored auth data
* fix tokenExpirationEpoch returning NaN, use authSuccess in auth service tests
* camel case mfa_requirement references
* refactor auth service
* implement api service for token method
* implement api service in standard auth methods
* add lookupSelf request to persistAuthData method in auht service instead of calling in components
* implement api service in oidc-jwt component
* implement api service in okta component
* implement api service in saml component
* use api service for wrapped_token query param
* remaining test updates, enterprise tests and stabilize auth helpers
* upate renew() to use new persistAuthData method, add a test
* revert as this will be addressed upstream
* rename supported-login-methods to auth-form-helpers and delete old supported-auth-backends helper, update tests
* cleanup normalize after testing mfa validation for each auth method
* update type declarations, set displayName in each method component
* stabilize redirect tests by waiting for login before asserting url
* stabilize tests
* modernize typescript syntax, move error const to util
* use mirage instead of vault server to resolve test race conditions
* fix file import
* updates auth method list and config views to use api service
* adds capabilities checks to auth methods route
* fixes auth method config tests
* updates SecretsEngine type to Mount
* updates listingVisibility value in config test
* adds missing copyright header
* [UI] Ember Data Migration - Secrets Engine Resource (#30791)
* adds base factory for resources and secrets engine resource
* updates dashboard and secret-engine list route to fetch mounts from api service
* updates secret backends routes to use api service
* updates secrets engine config routes to use api service
* updates secrets backend route to use internal mounts endpoint and fixes error handling
* updates property casing in config details card component
* fixes dashboard tests
* fixes issues with engine configuration
* updates api service to only set token header if value is defined in auth service
* fixes more tests
* Update ui/app/routes/vault/cluster/secrets/backend/configuration/index.js
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* removes alwaysRender from publicKey field in secret engine configuration details component
* removes unused hideToggle arg from secret engine mount config template
* updates kv config route to load secret-engine model
* fixes kv config route
---------
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* [UI] Ember Data Migration - Secrets Engine Forms (#30951)
* adds secrets engine form class
* updates mount-secret-backend route and form component to use secrets engine form class and api service
* updates to form class proxy for nested form data properties
* adds form classes for configurable secrets engines
* updates secrets engine config edit route and components to use form classes and api service
* adds missing copyright header
* fixes tests
* fixes type error
* updates configure-ssh component to use form class and api service
* updates configure-ssh tests
* updates configuration-wif component tests
* fixes mount secret backend and form tests
* adds method to normalize request key casing to api service
* addresses pr review feedback
* removes unused secrets engine config models, adapters and serializers (#30980)
* fixes azure config tests
* fixes more ent tests
---------
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* add dummy provider and wire it into the app
* add tests for analytics service
* add posthog provider
* wire in posthog
* add HVD limitation for analytics and add unit test
* filter out sensitive event properties
* add changelog
* run copywrite headers
* update logging tests for analytics service
* update changelog format
* disable telemetry in test mode
* remove unnecessary test
* self review
* Update vault-reporting addon with analytics tracking changes
* address review feedback
---------
Co-authored-by: Jim Wright <jim.wright@hashicorp.com>
* add request for custom login settings to auth route
* add tests to page integration before updating logic
* make tab component tests
* move form state logic to parent page component
* test updates for sanitizing query param in auth route
* add custom login feature
* add test for fetching login settings on ent only
* add changelog
* reword changelog
* rename variable from showOtherMethods to showAlternateView
* cleanup store
* cleanup comments per PR feedback
* abc
* VAULT-34672 render line breaks in description
* update endpoints after testing with live api
* add test coverage
* word
* remove backup types from test-ns for testing
* change to manually log in
* add error handling for no login settings
* add inheritance badge and make list item linkable
* adds field group support to forms
* adds forms for sync destination types
* adds type for sync destination form
* adds readonlyParams to sync-destinations helper and error handling to findDestination util
* updates sync destinations create/edit routes to use forms
* updates sync create-and-edit component to use form class and api service
* updates sync destinations tests
* make displayName a global helper
* rename authTabTypes to visibleMountsByType
* remove superfluous arg
* move all of mount displaying to component
* rename hasMountData to isVisibleMount, update comment
* more updates to api-client for sync
* updates sync destination-header component to use api service
* updates to sync types
* updates sync destination route to use api service
* updates sync destination mirage factory and handler
* refactors sync setup-models test helper and removes store
* refactors sync destination details route to function with api service data
* refactors sync destination secrets route to function with api service data
* adds sync destination edit route
* UI: Move `wrapped_token` login functionality to route (#30465)
* move token unwrap functionality to page component
* update mfa test
* remove wrapped_token logic from page component
* more cleanup to relocate unwrap logic
* move wrapped_token to route
* move unwrap tests to acceptance
* move mfa form back
* add some padding
* update mfa-form tests
* get param from params
* wait for auth form on back
* run rests
* UI: Add MFA support for SSO methods (#30489)
* initial implementation of mfa validation for sso methods
* update typescript interfaces
* add stopgap changes to auth service
* switch order backend is defined
* update login form for tests even though it will be deleted
* attempt to stabilize wrapped_query test
* =update login form test why not
* Update ui/app/components/auth/form/saml.ts
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
---------
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
* Move CSP error to page component (#30492)
* initial implementation of mfa validation for sso methods
* update typescript interfaces
* add stopgap changes to auth service
* switch order backend is defined
* update login form for tests even though it will be deleted
* attempt to stabilize wrapped_query test
* =update login form test why not
* move csp error to page component
* move csp error to page component
* Move fetching unauthenticated mounts to the route (#30509)
* rename namespace arg to namespaceQueryParam
* move fetch mounts to route
* add margin to sign in button spacing
* update selectors for oidc provider test
* add todo delete comments
* fix arg typo in test
* change method name
* fix args handling tab click
* remove tests that no longer relate to components functionality
* add tests for preselectedAuthType functionality
* move typescript interfaces, fix selector
* add await
* oops
* move format method down, make private
* move tab formatting to the route
* move to page object
* fix token unwrap aborting transition
* not sure what that is doing there..
* add comments
* rename to presetAuthType
* use did-insert instead
* UI: Implement `Auth::FormTemplate` (#30521)
* replace Auth::LoginForm with Auth::FormTemplate
* first round of test updates
* return null if mounts object is empty
* add comment and test for empty sys/internal/mounts data
* more test updates
* delete listing_visibility test, delete login-form component test
* update divs to Hds::Card::Container
* add overflow class
* remove unused getters
* move requesting stored auth type to page component
* fix typo
* Update ui/app/components/auth/form/oidc-jwt.ts
make comment make more sense
* small cleanup items, update imports
* Delete old auth components (#30527)
* delete old components
* update codeowners
* Update `with` query param functionality (#30537)
* update path input to type=hidden
* add test coverage
* update page test
* update auth route
* delete login form
* update ent test
* consolidate logic in getter
* add more comments
* more comments..
* rename selector
* refresh model as well
* redirect for invalid query params
* move unwrap to redirect
* only redirect on invalid query params
* add tests for query param
* test selector updates
* remove todos, update relevant ones with initials
* add changelog
---------
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
* improves path handling in capabilities service
* converts has-capability to class helper and adds pathKey and params args
* adds api service to sync engine
* updates sync types
* improves typings in paginate-list util
* adds api client error handling to error page component
* adds api utils for sync
* updates sync overview route and page component to use api service
* updates sync destinations route and page component to use api service
* adds missing copyright header
* fixes paginate-list regression
* fixes return type for has-capability helper
* Apply suggestions from code review
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* fixes page error tests
* resolves suggestions from review
* fixes has-capability usage errors
* fixes comment in capabilities service
* more test fixes
---------
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
* adds error parsing method to api service
* replaces apiErrorMessage util instances with api service parseError
* removes apiErrorMessage util and tests
* removes ApiError type
* fixes issue in isLocalStorageSupported error handling
* finish okta auth method
* convert to ts
* move login fields down
* rename arg to prep for mfa business
* build oidc-jwt auth component
* add tests for oidc-jwt component
* add loading and button text states depending on config
* cleanup error handling, prep for ts
* convert to typescript
* minor cleanup items
* add comments
* move auth tests to folder
* polish auth tests
* build auth::form-template component
* add components for other supported methods
* add comments, add tests
* convert to typesript
* conver base.js to typescript
* use getRelativePath helper
* fix logic for hiding advanced settings toggle, use getter for selecting tab index
* update tests
* how in the heck did that happen
* add punctuation to comments, clarify var name
* update loginFields to array of objects
* update tests
* add helper text and custom label tests
* woops, test was in the beforeEach block
* moves validators from model-helpers to forms directory
* creates validate util and updates model-validations directory to use it
* adds form and field classes
* updates validation types
* updates validators import in test
* adds readme for forms
* Update ui/app/utils/forms/validate.ts
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
---------
Co-authored-by: lane-wetmore <lane.wetmore@hashicorp.com>
* update namespace service to include admin namespace check
* add test
* whoops, copy pasta forgot to update assertion
* make comment clearer
* delete space
* adds codemirror types
* adds api error message util
* converts tools/wrap component to ts and updates wrap request to use api service
* adds comments to api and error message utils
* adds type to html element event import
* adds api service
* adds missing copyright headers
* Update ui/app/services/api.ts
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* removes response cache and comments from api service
* removes hide warnings condition from showWarnings middleware in api service
* splits out setHeaders test
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* adds linting for types to scripts and lint staged
* fixes issue with AdapterError type
* moves lint-staged setup out of package.json and into config file
* fixes ember data store service type
* fixes route params types
* fixes model types
* fixes general type errors
* fixes ts declaration errors in js files
* adds missing copyright headers
* fixes issue accessing capabilities model properties
* ignores AdapterError import type error
* more updates to AdapterError type
* adds comment to lint-staged config
* moves ember data store type to @ember-data namespace
* updates store import
* moves AdapterError type to @ember-data namespace
* turns ember-data import eslint rule back on
* make one component and make one test file for that component. remove the two components and associated files the new component replaces
* make access type subtext dynamic based on model type
* clean up
* clean up
* remove model attr for display purposes
* split out lease to another second config model type and make is-wif-engine helper
* welp missed the old controller
* small removal of overkill comment
* pr feedback
* save lease config if only thing changed
* error handling in acceptance test
* test fix
* replace notOk with throw
* move back error message
* clean up focused largely on wif component test
* replace ok with true
* transfer over all changes from original pr
* changelog
* add serialize catch for no empty string environment
* move ttl format logic to parent route
* Update 29047.txt
* clean up some comments
* Update changelog/29047.txt
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update changelog/29047.txt
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/components/secret-engine/configure-azure.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* first round of addressing pr comments, holding off on the issue save flow for error messaging to keep separate
* Update CODEOWNERS
merge issue
* small clean up tasks
* updates
* test coverage
* small cleanup
* small clean up
* clean up
* clean up getters on model
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* configuration details only changes
* azure configuration acceptance test
* clean up
* change attrs to display attrs and reuse formFields
* missed some
* clean up
* Update ui/app/helpers/mountable-secret-engines.js
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* remove extra conditional
* fix test for oss runs
* clean up the logic for checking if the model has been configured
* remove formatTtl
* fix broken conditional
* address pr comments
* clean up clean up everybody lets clean up
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* rename store to pagination, remove store extension
* initial update of service test
* remove superfluous helper
* replace store with pagination service in main app
* update kmip engine syntax
* add pagination to kmip engine
* update to pagination in config-ui engine
* update sync engine to use pagination service
* use pagination service in kv engine
* use pagination service in ldap engine
* use pagination in pki engine
* update renaming clearDataset functions
* link to jira VAULT-31721
* remove comment
* Track the last PKI auto-tidy time ran for use across nodes
- If the interval time for auto-tidy is longer then say a regularly
scheduled restart of Vault, auto-tidy is never run. This is due to
the time of the last run of tidy is only kept in memory and
initialized on startup to the current time
- Store the last run of any tidy, to maintain previous behavior, to
a cluster local file, which is read in/initialized upon a mount
initialization.
* Add auto-tidy configuration fields for backing off at startup
* Add new auto-tidy fields to UI
* Update api docs for auto-tidy
* Add cl
* Update field description text
* Apply Claire's suggestions from code review
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Implementing PR feedback from the UI team
* remove explicit defaults and types so we retrieve from backend, decouple enabling auto tidy from duration, move params to auto settings section
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: claire bontempo <cbontempo@hashicorp.com>
* UI: Implement overview page for KV v2 (#28162)
* build json editor patch form
* finish patch component and tests
* add tab to each route
* and path route
* add overview tab to tests
* update overview to use updated_time instead of created_time
* redirect relevant secret.details to secret.index
* compute secretState in component instead of pass as arg
* add capabilities service
* add error handling to fetchSubkeys adapter request
* add overview tabs to test
* add subtext to overview card
* remaining redirects in secret edit
* remove create new version from popup menu
* fix breadcrumbs for overview
* separate adding capabilities service
* add service to kv engine
* Revert "separate adding capabilities service"
This reverts commit bb70b12ab7dbcde0fbd2d4d81768e5c8b1c420cc.
* Revert "add service to kv engine"
This reverts commit bfa880535ef7d529d7610936b2c1aae55673d23f.
* update navigation test
* consistently navigate to secret.index route to be explicit
* finish overview navigation tests
* add copyright header
* update delete tests
* fix nav testrs
* cleanup secret edit redirects
* remove redundant async/awaits
* fix create test
* edge case tests
* secret acceptance tests
* final component tests
* rename kvSecretDetails external route to kvSecretOverview
* add comment
* UI: Add patch route and implement Page::Secret::Patch page component (sidebranch) (#28192)
* add tab to each route
* and path route
* add overview tab to tests
* update overview to use updated_time instead of created_time
* redirect relevant secret.details to secret.index
* compute secretState in component instead of pass as arg
* add capabilities service
* add error handling to fetchSubkeys adapter request
* add patch route and put in page component
* add patch secret action to subkeys card
* fix component name
* add patch capability
* alphabetize computed capabilities
* update links, cleanup selectors
* fix more merge conflict stuff
* add capabilities test
* add models to patch link
* add test for patch route
* rename external route
* add error templates
* make notes about enterprise tests, filter one
* remove errors, transition (redirect) instead
* redirect patch routes
* UI: Move fetching secret data to child route (#28198)
* remove @secret from metadata details
* use metadata model instead of secret in paths page
* put delete back into kv/data adapter
* grant access in control group test
* update metadata route and permissions
* remove secret from parent route, only fetch in details route
* change more permissions to route perms, add tests
* revert overview redirect from list view
* wrap model in conditional for perms
* remove redundant canReadCustomMetadata check
* rename adapter method
* handle overview 404
* remove comment
* add customMetadata as an arg
* update grantAccess in test
* make version param easier to follow
* VAULT-30494 handle 404 jira
* refactor capabilities to return an object
* update create tests
* add test for default truthy capabilities
* remove destroy-all-versions from kv/data adapter
* UI: Add enterprise checks (#28215)
* add enterprise check for subkey card
* add max height and scroll to subkey card
* only fetch subkeys if enterprise
* remove check in overview
* add test
* Update ui/tests/integration/components/kv/page/kv-page-overview-test.js
* fix test failures (#28222)
* add assertion
* add optional chaining
* create/delete versioned secret in each module
* wait for transition
* add another waitUntil
* UI: Add patch latest version to toolbar (#28223)
* add patch latest version action to toolbar
* make isPatchAllowed arg all encompassing
* no longer need model check
* use hash so both promises fire at the same time
* add subkeys to policy
* Update ui/lib/kv/addon/routes/secret.js
* add changelog
* small cleanup items! (#28229)
* add conditional for enterprise checking tabs
* cleanup fetchMultiplePaths method
* add test
* remove todo comment, ticket created and design wants to hold off
* keep transition, update comments
* cleanup tests, add index to breadcrumbs
* add some test coverage
* toggle so value is readable
* manual cherry pick to deal with all the merge things
* changelog
* test fixes
* Update 28148.txt
* fix tests failures after main merge
* fix test failures after main merge
* Add Access Type and conditionally render WIF fields (#28149)
* initial work.
* remove access_type
* better no model logic well kind of
* rollback attrs
* remove defaults
* stopping point
* wip changing back to sidebranch
* hustling shuffling and serializing
* some of the component test coverage
* disable acces type if editing
* test coverage
* hide max retries that sneaky bugger
* cleanup
* cleanup
* Update root-config.js
* remove flash message check, locally passes great but on ci flaky
* clean up
* thank you chelsea
* test clean up per enterprise vs community
* address pr comments
* welp a miss add
* UI (sidebranch) WIF Issuer field (#28187)
* Add type declaration files for aws config models
* use updated task syntax for save method on configure-aws
* fix types on edit route
* fetch issuer on configure edit page if aws + enterprise
* track issuer within configure-aws component
* add placeholder support on form-field
* Add warning if issuer changed from previous value or could not be read
* cleanup
* preliminary tests
* dont use while loop so we can test the modal
* tests
* cleanup
* fix tests
* remove extra tracked value and duplicate changed attrs check
* modal footer
---------
Co-authored-by: Angel Garbarino <argarbarino@gmail.com>
* Display issuer on Configuration details (#28209)
* display issuer on configuration details
* workflow complete, now on to testing
* handle issuer things
* fix all the broken tests things
* add test coveragE:
* cleanup
* rename model/adapter
* Update configure-aws.ts
* Update aws-configuration-test.js
* 90 percent there for pr comments
* last one for tonight
* a few more because why not
* hasDirtyAttributes fixes
* revert back to previous noRead->queryIssuerError
---------
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* add capabilities service
* remove from kv engine for now
* add canRead
* move await helper to addon
* add test
* update capabilities service to accommodate multiple paths
* address comments, make methods more explicit
* remove namespace key
* fix typo in test
* add namespace back!
* round out tests for other methods
* add test
* add comment
* initial changes with no test coverage
* test coverage and fixes
* additional edit config test coverage
* clean up
* clean up
* Address pr feedback
* welp missed an await
* missed
* take back
* Update configure-ssh-test.js
* setup the toggle to display mount configuration options
* whew.. getting there. aws only, borked for ssh
* another round, better than before
* masked things
* changelog
* fix broken oss test
* move to component
* handle ssh things and cleanup
* wip test coverage
* test coverage for the component
* copywrite header miss
* update no model error
* setup configuration aws acceptance tests
* update CONFIURABLE_SECRET_ENGINES
* acceptance tests for aws
* ssh configuration
* clean up
* remove comment
* move to confirm model before destructuring
* pr comments
* fix check for ssh config error
* add message check in api error test
* pr comments
* Add map between model types and helpUrls, update tests
* replace modelProto.getHelpUrl with new helper util
* Remove all useOpenApi and getHelpUrl instances from models
* Add missing auth config model type
