mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-22 07:01:09 +02:00
31051ef1e4
* change entity_id to camel casing, remove "backends" key from stored auth data * fix tokenExpirationEpoch returning NaN, use authSuccess in auth service tests * camel case mfa_requirement references * refactor auth service * implement api service for token method * implement api service in standard auth methods * add lookupSelf request to persistAuthData method in auht service instead of calling in components * implement api service in oidc-jwt component * implement api service in okta component * implement api service in saml component * use api service for wrapped_token query param * remaining test updates, enterprise tests and stabilize auth helpers * upate renew() to use new persistAuthData method, add a test * revert as this will be addressed upstream * rename supported-login-methods to auth-form-helpers and delete old supported-auth-backends helper, update tests * cleanup normalize after testing mfa validation for each auth method * update type declarations, set displayName in each method component * stabilize redirect tests by waiting for login before asserting url * stabilize tests * modernize typescript syntax, move error const to util * use mirage instead of vault server to resolve test race conditions * fix file import
97 lines
2.7 KiB
JavaScript
97 lines
2.7 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import { service } from '@ember/service';
|
|
import { alias, or } from '@ember/object/computed';
|
|
import Component from '@ember/component';
|
|
import { computed } from '@ember/object';
|
|
import { task } from 'ember-concurrency';
|
|
|
|
export default Component.extend({
|
|
tagName: '',
|
|
auth: service(),
|
|
controlGroup: service(),
|
|
|
|
// public API
|
|
model: null,
|
|
|
|
didReceiveAttrs() {
|
|
this._super(...arguments);
|
|
const accessor = this.model.id;
|
|
const data = this.controlGroup.wrapInfoForAccessor(accessor);
|
|
this.set('controlGroupResponse', data);
|
|
},
|
|
|
|
currentUserEntityId: alias('auth.authData.entityId'),
|
|
|
|
currentUserIsRequesting: computed('currentUserEntityId', 'model.requestEntity.id', function () {
|
|
if (!this.model.requestEntity) return false;
|
|
return this.currentUserEntityId === this.model.requestEntity.id;
|
|
}),
|
|
|
|
currentUserHasAuthorized: computed('currentUserEntityId', 'model.authorizations.@each.id', function () {
|
|
const authorizations = this.model.authorizations || [];
|
|
return Boolean(authorizations.find((authz) => authz.id === this.currentUserEntityId));
|
|
}),
|
|
|
|
isSuccess: or('currentUserHasAuthorized', 'model.approved'),
|
|
requestorName: computed('currentUserIsRequesting', 'model.requestEntity', function () {
|
|
const entity = this.model.requestEntity;
|
|
|
|
if (this.currentUserIsRequesting) {
|
|
return 'You';
|
|
}
|
|
if (entity && entity.name) {
|
|
return entity.name;
|
|
}
|
|
return 'Someone';
|
|
}),
|
|
|
|
bannerPrefix: computed('model.approved', 'currentUserHasAuthorized', function () {
|
|
if (this.currentUserHasAuthorized) {
|
|
return 'Thanks!';
|
|
}
|
|
if (this.model.approved) {
|
|
return 'Success!';
|
|
}
|
|
return 'Locked';
|
|
}),
|
|
|
|
bannerText: computed('model.approved', 'currentUserIsRequesting', 'currentUserHasAuthorized', function () {
|
|
const isApproved = this.model.approved;
|
|
const { currentUserHasAuthorized, currentUserIsRequesting } = this;
|
|
if (currentUserHasAuthorized) {
|
|
return 'You have given authorization';
|
|
}
|
|
if (currentUserIsRequesting && isApproved) {
|
|
return 'You have been given authorization';
|
|
}
|
|
if (isApproved) {
|
|
return 'This Control Group has been authorized';
|
|
}
|
|
if (currentUserIsRequesting) {
|
|
return 'The path you requested is locked by a Control Group';
|
|
}
|
|
return 'Someone is requesting access to a path locked by a Control Group';
|
|
}),
|
|
|
|
refresh: task(function* () {
|
|
try {
|
|
yield this.model.reload();
|
|
} catch (e) {
|
|
this.set('errors', e);
|
|
}
|
|
}).drop(),
|
|
|
|
authorize: task(function* () {
|
|
try {
|
|
yield this.model.save();
|
|
yield this.refresh.perform();
|
|
} catch (e) {
|
|
this.set('errors', e);
|
|
}
|
|
}).drop(),
|
|
});
|