mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-16 11:37:04 +02:00
Code Issues Projects Releases Wiki Activity
2b51e09bda
vault/ui/app/models/ldap/config.js
Jordan Reimer a8b593614e
LDAP/AD Secrets Engine (#20790) 
* adds ldap ember engine (#20786)

* adds ldap as mountable and supported secrets engine (#20793)

* removes active directory as mountable secrets engine (#20798)

* LDAP Config Ember Data Setup (#20863)

* adds secret-engine-path adapter

* adds model, adapater and serializer for ldap config

* adds test for ldap config adapter

* addresses PR feedback

* updates remaining instances of getURL in secrets-engine-path adapter

* adds underscore to getURL method in kubernetes/config adapter

* adds check config vars test for kubernetes/config adapter

* adds comment regarding primaryKey in secrets-engine-path adapter

* adds tab-page-header component for ldap secrets engine (#20941)

* LDAP Config Route (#21059)

* converts secret-mount-path service to ts and moves kubernetes fetch-config decorator to core addon and converts to ts

* adds ldap config route

* fixes withConfig import path in kubernetes roles route

* updates types in ldap config route

* adds unit tests for fetch-secret-config decorator

* updates comments in fetch-secret-config decorator

* renames fetch-secret-config decorator

* LDAP Configure Page Component (#21384)

* adds ldap page configure component

* removes pauseTest and updates radio card selector in ldap config test

* LDAP Configuration (#21430)

* adds ldap configuration route

* adds secrets-engine-mount-config component to core addon

* adds ldap config-cta component

* adds display fields to ldap configuration page and test

* fixes ldap config-cta test

* adds yield to secrets-engine-mount-config component

* fixes tests

* LDAP Overview Route and Page Component (#21579)

* adds ldap overview route and page component

* changes toolbar link action type for create role on overview page

* LDAP Role Model, Adapter and Serializer (#21655)

* adds model, adapter and serializer for ldap roles

* addresses review feedback

* changes ldap role type from tracked prop to attr and sets in adapter for query methods

* adds assertions to verify that frontend only props are returned from query methods in ldap role adapter

* LDAP Library Model, Adapter and Serializer (#21728)

* adds model, adapter and serializer for ldap library

* updates capitalization and punction for ldap role and library form fields

* LDAP Roles Create and Edit (#21818)

* moves stringify and jsonify helpers to core addon

* adds validation error for ttl picker in form field component

* adds ldap roles create and edit routes and page component

* adds ldap mirage handler and factory for roles

* adds example workflow to json editor component

* adds tests for ldap page create and edit component

* addresses feedback

* LDAP Role Details (#22036)

* adds ldap role route to pass down model to child routes

* adds ldap role details route and page component

* updates ldap role model capabilities checks

* adds periods to error messages

* removes modelFor from ldap roles edit and details routes

* adds flash message on ldap role delete success

* LDAP Roles (#22070)

* adds ldap roles route and page component

* update ldap role adapter tests and adds adapter options to query for partialErrorInfo

* updates ldap role adapter based on PR feedback

* adds filter-input component to core addon

* updates ldap roles page to use filter-input component

* updates ldap role adapter tests

* LDAP Role Credentials (#22142)

* adds ldap roles route and page component

* update ldap role adapter tests and adds adapter options to query for partialErrorInfo

* adds credentials actions to ldap roles list menu and fixes rotate action in details view

* adds ldap role credentials route and page component

* adds tests for ldap role credentials

* LDAP Library Create and Edit (#22171)

* adds ldap library create/edit routes and page component

* adds ldap library create-and-edit tests and library mirage factory

* updates form-field component to display validation errors and warnings for all fields

* updates ldap library edit route class name

* updates ldap library model interface name

* adds missing period in flash message

* LDAP Libraries (#22184)

* updates interface and class names in ldap roles route

* adds ldap libraries route and page component

* fixes lint error

* LDAP Library Details (#22200)

* updates interface and class names in ldap roles route

* adds ldap libraries route and page component

* fixes lint error

* adds ldap library details route and page component

* LDAP Library Details Configuration (#22201)

* updates interface and class names in ldap roles route

* adds ldap libraries route and page component

* fixes lint error

* adds ldap library details route and page component

* adds ldap library details configuration route and page component

* updates ldap library check-in enforcement value mapping

* fixes issue in code mirror modifier after merging upgrade

* fixes failing database secrets test

* LDAP Library Account Details (#22287)

* adds route and page component for ldap library accounts

* adds ldap component for checked out accounts

* updates ldap library adapter tests

* LDAP Library Check-out (#22289)

* adds route and page component for ldap library accounts

* adds ldap component for checked out accounts

* adds route and page component for ldap library checkout

* addresses PR feedback

* LDAP Overview Cards (#22325)

* adds overview cards to ldap overview route

* adds create library toolbar action to ldap overview route

* adds acceptance tests for ldap workflows (#22375)

* Fetch Secrets Engine Config Decorator Docs (#22416)

* removes uneccesary asyncs from ldap route model hooks

* updates ldap overview route class name

* adds documentation for fetch-secrets-engine-config decorator

* add changelog

* adding back external links, missed due to merge.

* changelog

* fix test after merging in dashboard work

* Update 20790.txt

---------

Co-authored-by: Angel Garbarino <angel@hashicorp.com>
Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com>
2023-08-25 10:54:29 -06:00

130 lines
3.9 KiB
JavaScript
Raw Blame History

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: MPL-2.0
*/
import Model, { attr } from '@ember-data/model';
import { withFormFields } from 'vault/decorators/model-form-fields';
import { withModelValidations } from 'vault/decorators/model-validations';
const validations = {
binddn: [{ type: 'presence', message: 'Administrator distinguished name is required.' }],
bindpass: [{ type: 'presence', message: 'Administrator password is required.' }],
};
const formGroups = [
{ default: ['binddn', 'bindpass', 'url', 'password_policy'] },
{ 'TLS options': ['starttls', 'insecure_tls', 'certificate', 'client_tls_cert', 'client_tls_key'] },
{ 'More options': ['userdn', 'userattr', 'upndomain', 'connection_timeout', 'request_timeout'] },
];
@withModelValidations(validations)
@withFormFields(null, formGroups)
export default class LdapConfigModel extends Model {
@attr('string') backend; // dynamic path of secret -- set on response from value passed to queryRecord
@attr('string', {
label: 'Administrator Distinguished Name',
subText:
'Distinguished name of the administrator to bind (Bind DN) when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com.',
})
binddn;
@attr('string', {
label: 'Administrator Password',
subText: 'Password to use along with Bind DN when performing user search.',
})
bindpass;
@attr('string', {
label: 'URL',
subText: 'The directory server to connect to.',
})
url;
@attr('string', {
editType: 'optionalText',
label: 'Use custom password policy',
subText: 'Specify the name of an existing password policy.',
defaultSubText: 'Unless a custom policy is specified, Vault will use a default.',
defaultShown: 'Default',
docLink: '/vault/docs/concepts/password-policies',
})
password_policy;
@attr('string') schema;
@attr('boolean', {
label: 'Start TLS',
subText: 'If checked, or address contains “ldaps://”, creates an encrypted connection with LDAP.',
})
starttls;
@attr('boolean', {
label: 'Insecure TLS',
subText: 'If checked, skips LDAP server SSL certificate verification - insecure, use with caution!',
})
insecure_tls;
@attr('string', {
editType: 'file',
label: 'CA Certificate',
helpText: 'CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.',
})
certificate;
@attr('string', {
editType: 'file',
label: 'Client TLS Certificate',
helpText: 'Client certificate to provide to the LDAP server, must be x509 PEM encoded.',
})
client_tls_cert;
@attr('string', {
editType: 'file',
label: 'Client TLS Key',
helpText: 'Client key to provide to the LDAP server, must be x509 PEM encoded.',
})
client_tls_key;
@attr('string', {
label: 'Userdn',
helpText: 'The base DN under which to perform user search in library management and static roles.',
})
userdn;
@attr('string', {
label: 'Userattr',
subText: 'The attribute field name used to perform user search in library management and static roles.',
})
userattr;
@attr('string', {
label: 'Upndomain',
subText: 'The domain (userPrincipalDomain) used to construct a UPN string for authentication.',
})
upndomain;
@attr('number', {
editType: 'optionalText',
label: 'Connection Timeout',
subText: 'Specify the connection timeout length in seconds.',
defaultSubText: 'Vault will use the default of 30 seconds.',
defaultShown: 'Default 30 seconds.',
})
connection_timeout;
@attr('number', {
editType: 'optionalText',
label: 'Request Timeout',
subText: 'Specify the connection timeout length in seconds.',
defaultSubText: 'Vault will use the default of 90 seconds.',
defaultShown: 'Default 90 seconds.',
})
request_timeout;
async rotateRoot() {
const adapter = this.store.adapterFor('ldap/config');
return adapter.rotateRoot(this.backend);
}
}
Reference in New Issue View Git Blame Copy Permalink