mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-19 05:31:10 +02:00
3abca46464
* manual cherry pick to deal with all the merge things * changelog * test fixes * Update 28148.txt * fix tests failures after main merge * fix test failures after main merge * Add Access Type and conditionally render WIF fields (#28149) * initial work. * remove access_type * better no model logic well kind of * rollback attrs * remove defaults * stopping point * wip changing back to sidebranch * hustling shuffling and serializing * some of the component test coverage * disable acces type if editing * test coverage * hide max retries that sneaky bugger * cleanup * cleanup * Update root-config.js * remove flash message check, locally passes great but on ci flaky * clean up * thank you chelsea * test clean up per enterprise vs community * address pr comments * welp a miss add * UI (sidebranch) WIF Issuer field (#28187) * Add type declaration files for aws config models * use updated task syntax for save method on configure-aws * fix types on edit route * fetch issuer on configure edit page if aws + enterprise * track issuer within configure-aws component * add placeholder support on form-field * Add warning if issuer changed from previous value or could not be read * cleanup * preliminary tests * dont use while loop so we can test the modal * tests * cleanup * fix tests * remove extra tracked value and duplicate changed attrs check * modal footer --------- Co-authored-by: Angel Garbarino <argarbarino@gmail.com> * Display issuer on Configuration details (#28209) * display issuer on configuration details * workflow complete, now on to testing * handle issuer things * fix all the broken tests things * add test coveragE: * cleanup * rename model/adapter * Update configure-aws.ts * Update aws-configuration-test.js * 90 percent there for pr comments * last one for tonight * a few more because why not * hasDirtyAttributes fixes * revert back to previous noRead->queryIssuerError --------- Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
116 lines
3.4 KiB
JavaScript
116 lines
3.4 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import Model, { attr } from '@ember-data/model';
|
|
|
|
export default class MountConfigModel extends Model {
|
|
@attr({
|
|
label: 'Default Lease TTL',
|
|
editType: 'ttl',
|
|
})
|
|
defaultLeaseTtl;
|
|
|
|
@attr({
|
|
label: 'Max Lease TTL',
|
|
editType: 'ttl',
|
|
})
|
|
maxLeaseTtl;
|
|
|
|
@attr({
|
|
label: 'Request keys excluded from HMACing in audit',
|
|
editType: 'stringArray',
|
|
helpText: "Keys that will not be HMAC'd by audit devices in the request data object.",
|
|
})
|
|
auditNonHmacRequestKeys;
|
|
|
|
@attr({
|
|
label: 'Response keys excluded from HMACing in audit',
|
|
editType: 'stringArray',
|
|
helpText: "Keys that will not be HMAC'd by audit devices in the response data object.",
|
|
})
|
|
auditNonHmacResponseKeys;
|
|
|
|
@attr('mountVisibility', {
|
|
editType: 'boolean',
|
|
label: 'List method when unauthenticated',
|
|
defaultValue: false,
|
|
})
|
|
listingVisibility;
|
|
|
|
@attr({
|
|
label: 'Allowed passthrough request headers',
|
|
helpText: 'Headers to allow and pass from the request to the backend',
|
|
editType: 'stringArray',
|
|
})
|
|
passthroughRequestHeaders;
|
|
|
|
@attr({
|
|
label: 'Allowed response headers',
|
|
helpText: 'Headers to allow, allowing a plugin to include them in the response.',
|
|
editType: 'stringArray',
|
|
})
|
|
allowedResponseHeaders;
|
|
|
|
@attr('string', {
|
|
label: 'Token type',
|
|
helpText:
|
|
'The type of token that should be generated via this role. For `default-service` and `default-batch` service and batch tokens will be issued respectively, unless the auth method explicitly requests a different type.',
|
|
possibleValues: ['default-service', 'default-batch', 'batch', 'service'],
|
|
noDefault: true,
|
|
})
|
|
tokenType;
|
|
|
|
@attr({
|
|
editType: 'stringArray',
|
|
})
|
|
allowedManagedKeys;
|
|
|
|
@attr('string', {
|
|
label: 'Plugin version',
|
|
subText:
|
|
'Specifies the semantic version of the plugin to use, e.g. "v1.0.0". If unspecified, the server will select any matching un-versioned plugin that may have been registered, the latest versioned plugin registered, or a built-in plugin in that order of precedence.',
|
|
})
|
|
pluginVersion;
|
|
|
|
// identityTokenKey is yielded in a named block on the mount-backend-form component
|
|
@attr({
|
|
label: 'Identity token key',
|
|
subText: `A named key to sign tokens. If not provided, this will default to Vault's OIDC default key.`,
|
|
editType: 'yield',
|
|
})
|
|
identityTokenKey;
|
|
|
|
// Auth mount userLockoutConfig params, added to user_lockout_config object in saveModel method
|
|
@attr('string', {
|
|
label: 'Lockout threshold',
|
|
subText: 'Specifies the number of failed login attempts after which the user is locked out, e.g. 15.',
|
|
})
|
|
lockoutThreshold;
|
|
|
|
@attr({
|
|
label: 'Lockout duration',
|
|
helperTextEnabled: 'The duration for which a user will be locked out, e.g. "5s" or "30m".',
|
|
editType: 'ttl',
|
|
helperTextDisabled: 'No lockout duration configured.',
|
|
})
|
|
lockoutDuration;
|
|
|
|
@attr({
|
|
label: 'Lockout counter reset',
|
|
helperTextEnabled:
|
|
'The duration after which the lockout counter is reset with no failed login attempts, e.g. "5s" or "30m".',
|
|
editType: 'ttl',
|
|
helperTextDisabled: 'No reset duration configured.',
|
|
})
|
|
lockoutCounterReset;
|
|
|
|
@attr('boolean', {
|
|
label: 'Disable lockout for this mount',
|
|
subText: 'If checked, disables the user lockout feature for this mount.',
|
|
})
|
|
lockoutDisable;
|
|
// end of user_lockout_config params
|
|
}
|