mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-17 12:07:02 +02:00
392b907989
* Remove component: diff version selector * delete SecretVersionMenu * remove secret logic from GetCredentialsCard * remove DiffVersionSelector hbs file and references * delete more css for diff version view * remove diff route * fix credential card selector * ui: refactor SecretFormShow (#22723) * refactor secret form show * fix selector typo * remove version route (#22738) * Remove old KV2 delete things (#23015) * remove kv2 old delete things * comment * Remove old metadata (#22747) * wip to remove metadata * review comments * UI/remove kv2 secret create or update (#23039) * remove is v2 param * permissions clean up * remove version things * remove excess from form show * clean up * created time was never a thing for cubbyhole, confirmed on api * update tune test * fix control group tests: * Remove kv v2 models (#23087) * remove is v2 param * permissions clean up * remove version things * remove excess from form show * clean up * created time was never a thing for cubbyhole, confirmed on api * update tune test * fix control group tests: * remove models * Update ui/app/models/secret-engine.js Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com> * blah prettier --------- Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com> * UI/config update (#23111) * sweep through clean up * remove component * remove unused selectors * remove unncessary --------- Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com> Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com> Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com> Co-authored-by: Angel Garbarino <angel@hashicorp.com>
444 lines
13 KiB
JavaScript
444 lines
13 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import sinon from 'sinon';
|
|
import { module, test } from 'qunit';
|
|
import { setupTest } from 'ember-qunit';
|
|
|
|
module('Unit | Model | secret-engine', function (hooks) {
|
|
setupTest(hooks);
|
|
hooks.beforeEach(function () {
|
|
this.store = this.owner.lookup('service:store');
|
|
});
|
|
|
|
module('formFields', function () {
|
|
test('it returns correct fields by default', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: '',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFields'), [
|
|
'type',
|
|
'path',
|
|
'description',
|
|
'accessor',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
]);
|
|
});
|
|
|
|
test('it returns correct fields for KV v1', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'kv',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFields'), [
|
|
'type',
|
|
'path',
|
|
'description',
|
|
'accessor',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
'version',
|
|
]);
|
|
});
|
|
|
|
test('it returns correct fields for KV v2', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'kv',
|
|
version: '2',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFields'), [
|
|
'type',
|
|
'path',
|
|
'description',
|
|
'accessor',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
'version',
|
|
'casRequired',
|
|
'deleteVersionAfter',
|
|
'maxVersions',
|
|
]);
|
|
});
|
|
|
|
test('it returns correct fields for keymgmt', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'keymgmt',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFields'), [
|
|
'type',
|
|
'path',
|
|
'description',
|
|
'accessor',
|
|
'local',
|
|
'sealWrap',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
]);
|
|
});
|
|
});
|
|
|
|
module('formFieldGroups', function () {
|
|
test('returns correct values by default', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'aws',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path'] },
|
|
{
|
|
'Method Options': [
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
test('returns correct values for KV', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'kv',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path', 'maxVersions', 'casRequired', 'deleteVersionAfter'] },
|
|
{
|
|
'Method Options': [
|
|
'version',
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
|
|
test('returns correct values for generic', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'generic',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path'] },
|
|
{
|
|
'Method Options': [
|
|
'version',
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.defaultLeaseTtl',
|
|
'config.maxLeaseTtl',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
|
|
test('returns correct values for database', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'database',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path', 'config.defaultLeaseTtl', 'config.maxLeaseTtl'] },
|
|
{
|
|
'Method Options': [
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
|
|
test('returns correct values for pki', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'pki',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path', 'config.defaultLeaseTtl', 'config.maxLeaseTtl', 'config.allowedManagedKeys'] },
|
|
{
|
|
'Method Options': [
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
|
|
test('returns correct values for keymgmt', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'keymgmt',
|
|
});
|
|
|
|
assert.deepEqual(model.get('formFieldGroups'), [
|
|
{ default: ['path'] },
|
|
{
|
|
'Method Options': [
|
|
'description',
|
|
'config.listingVisibility',
|
|
'local',
|
|
'sealWrap',
|
|
'config.allowedManagedKeys',
|
|
'config.auditNonHmacRequestKeys',
|
|
'config.auditNonHmacResponseKeys',
|
|
'config.passthroughRequestHeaders',
|
|
'config.allowedResponseHeaders',
|
|
],
|
|
},
|
|
]);
|
|
});
|
|
});
|
|
|
|
module('engineType', function () {
|
|
test('strips leading ns_ from type', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
// eg. ns_cubbyhole, ns_identity, ns_system
|
|
type: 'ns_identity',
|
|
});
|
|
assert.strictEqual(model.engineType, 'identity');
|
|
});
|
|
test('returns type by default', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'zebras',
|
|
});
|
|
assert.strictEqual(model.engineType, 'zebras');
|
|
});
|
|
});
|
|
|
|
module('icon', function () {
|
|
test('returns secrets if no engineType', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: '',
|
|
});
|
|
assert.strictEqual(model.icon, 'secrets');
|
|
});
|
|
test('returns secrets if kmip', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'kmip',
|
|
});
|
|
assert.strictEqual(model.icon, 'secrets');
|
|
});
|
|
test('returns key if keymgmt', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'keymgmt',
|
|
});
|
|
assert.strictEqual(model.icon, 'key');
|
|
});
|
|
test('returns engineType by default', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'ducks',
|
|
});
|
|
assert.strictEqual(model.icon, 'ducks');
|
|
});
|
|
});
|
|
|
|
module('shouldIncludeInList', function () {
|
|
test('returns false if excludeList includes type', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'system',
|
|
});
|
|
assert.false(model.shouldIncludeInList);
|
|
});
|
|
test('returns true if excludeList does not include type', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'hippos',
|
|
});
|
|
assert.true(model.shouldIncludeInList);
|
|
});
|
|
});
|
|
|
|
module('localDisplay', function () {
|
|
test('returns local if local', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
local: true,
|
|
});
|
|
assert.strictEqual(model.localDisplay, 'local');
|
|
});
|
|
test('returns replicated if !local', function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
local: false,
|
|
});
|
|
assert.strictEqual(model.localDisplay, 'replicated');
|
|
});
|
|
});
|
|
|
|
module('saveCA', function () {
|
|
test('does not call endpoint if type != ssh', async function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'not-ssh',
|
|
});
|
|
const saveSpy = sinon.spy(model, 'save');
|
|
await model.saveCA({});
|
|
assert.ok(saveSpy.notCalled, 'save not called');
|
|
});
|
|
test('calls save with correct params', async function (assert) {
|
|
assert.expect(4);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'ssh',
|
|
privateKey: 'private-key',
|
|
publicKey: 'public-key',
|
|
generateSigningKey: true,
|
|
});
|
|
const saveStub = sinon.stub(model, 'save').callsFake((params) => {
|
|
assert.deepEqual(
|
|
params,
|
|
{
|
|
adapterOptions: {
|
|
options: {},
|
|
apiPath: 'config/ca',
|
|
attrsToSend: ['privateKey', 'publicKey', 'generateSigningKey'],
|
|
},
|
|
},
|
|
'send correct params to save'
|
|
);
|
|
return;
|
|
});
|
|
|
|
await model.saveCA({});
|
|
assert.strictEqual(model.privateKey, 'private-key', 'value exists before save');
|
|
assert.strictEqual(model.publicKey, 'public-key', 'value exists before save');
|
|
assert.true(model.generateSigningKey, 'value true before save');
|
|
|
|
saveStub.restore();
|
|
});
|
|
test('sets properties when isDelete', async function (assert) {
|
|
assert.expect(7);
|
|
const model = this.store.createRecord('secret-engine', {
|
|
type: 'ssh',
|
|
privateKey: 'private-key',
|
|
publicKey: 'public-key',
|
|
generateSigningKey: true,
|
|
});
|
|
const saveStub = sinon.stub(model, 'save').callsFake((params) => {
|
|
assert.deepEqual(
|
|
params,
|
|
{
|
|
adapterOptions: {
|
|
options: { isDelete: true },
|
|
apiPath: 'config/ca',
|
|
attrsToSend: ['privateKey', 'publicKey', 'generateSigningKey'],
|
|
},
|
|
},
|
|
'send correct params to save'
|
|
);
|
|
return;
|
|
});
|
|
assert.strictEqual(model.privateKey, 'private-key', 'value exists before save');
|
|
assert.strictEqual(model.publicKey, 'public-key', 'value exists before save');
|
|
assert.true(model.generateSigningKey, 'value true before save');
|
|
|
|
await model.saveCA({ isDelete: true });
|
|
assert.strictEqual(model.privateKey, null, 'value null after save');
|
|
assert.strictEqual(model.publicKey, null, 'value null after save');
|
|
assert.false(model.generateSigningKey, 'value false after save');
|
|
saveStub.restore();
|
|
});
|
|
});
|
|
|
|
module('saveZeroAddressConfig', function () {
|
|
test('calls save with correct params', async function (assert) {
|
|
assert.expect(1);
|
|
const model = this.store.createRecord('secret-engine', {});
|
|
const saveStub = sinon.stub(model, 'save').callsFake((params) => {
|
|
assert.deepEqual(
|
|
params,
|
|
{
|
|
adapterOptions: {
|
|
adapterMethod: 'saveZeroAddressConfig',
|
|
},
|
|
},
|
|
'send correct params to save'
|
|
);
|
|
return;
|
|
});
|
|
await model.saveZeroAddressConfig();
|
|
saveStub.restore();
|
|
});
|
|
});
|
|
});
|