mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-19 05:31:10 +02:00
f634808ed4
* UI: Implement overview page for KV v2 (#28162) * build json editor patch form * finish patch component and tests * add tab to each route * and path route * add overview tab to tests * update overview to use updated_time instead of created_time * redirect relevant secret.details to secret.index * compute secretState in component instead of pass as arg * add capabilities service * add error handling to fetchSubkeys adapter request * add overview tabs to test * add subtext to overview card * remaining redirects in secret edit * remove create new version from popup menu * fix breadcrumbs for overview * separate adding capabilities service * add service to kv engine * Revert "separate adding capabilities service" This reverts commit bb70b12ab7dbcde0fbd2d4d81768e5c8b1c420cc. * Revert "add service to kv engine" This reverts commit bfa880535ef7d529d7610936b2c1aae55673d23f. * update navigation test * consistently navigate to secret.index route to be explicit * finish overview navigation tests * add copyright header * update delete tests * fix nav testrs * cleanup secret edit redirects * remove redundant async/awaits * fix create test * edge case tests * secret acceptance tests * final component tests * rename kvSecretDetails external route to kvSecretOverview * add comment * UI: Add patch route and implement Page::Secret::Patch page component (sidebranch) (#28192) * add tab to each route * and path route * add overview tab to tests * update overview to use updated_time instead of created_time * redirect relevant secret.details to secret.index * compute secretState in component instead of pass as arg * add capabilities service * add error handling to fetchSubkeys adapter request * add patch route and put in page component * add patch secret action to subkeys card * fix component name * add patch capability * alphabetize computed capabilities * update links, cleanup selectors * fix more merge conflict stuff * add capabilities test * add models to patch link * add test for patch route * rename external route * add error templates * make notes about enterprise tests, filter one * remove errors, transition (redirect) instead * redirect patch routes * UI: Move fetching secret data to child route (#28198) * remove @secret from metadata details * use metadata model instead of secret in paths page * put delete back into kv/data adapter * grant access in control group test * update metadata route and permissions * remove secret from parent route, only fetch in details route * change more permissions to route perms, add tests * revert overview redirect from list view * wrap model in conditional for perms * remove redundant canReadCustomMetadata check * rename adapter method * handle overview 404 * remove comment * add customMetadata as an arg * update grantAccess in test * make version param easier to follow * VAULT-30494 handle 404 jira * refactor capabilities to return an object * update create tests * add test for default truthy capabilities * remove destroy-all-versions from kv/data adapter * UI: Add enterprise checks (#28215) * add enterprise check for subkey card * add max height and scroll to subkey card * only fetch subkeys if enterprise * remove check in overview * add test * Update ui/tests/integration/components/kv/page/kv-page-overview-test.js * fix test failures (#28222) * add assertion * add optional chaining * create/delete versioned secret in each module * wait for transition * add another waitUntil * UI: Add patch latest version to toolbar (#28223) * add patch latest version action to toolbar * make isPatchAllowed arg all encompassing * no longer need model check * use hash so both promises fire at the same time * add subkeys to policy * Update ui/lib/kv/addon/routes/secret.js * add changelog * small cleanup items! (#28229) * add conditional for enterprise checking tabs * cleanup fetchMultiplePaths method * add test * remove todo comment, ticket created and design wants to hold off * keep transition, update comments * cleanup tests, add index to breadcrumbs * add some test coverage * toggle so value is readable
304 lines
10 KiB
JavaScript
304 lines
10 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import { module, test } from 'qunit';
|
|
import { setupRenderingTest } from 'vault/tests/helpers';
|
|
import { setupEngine } from 'ember-engines/test-support';
|
|
import { setupMirage } from 'ember-cli-mirage/test-support';
|
|
import { Response } from 'miragejs';
|
|
import { hbs } from 'ember-cli-htmlbars';
|
|
import { click, fillIn, findAll, render, typeIn } from '@ember/test-helpers';
|
|
import codemirror from 'vault/tests/helpers/codemirror';
|
|
import { FORM } from 'vault/tests/helpers/kv/kv-selectors';
|
|
import sinon from 'sinon';
|
|
import { setRunOptions } from 'ember-a11y-testing/test-support';
|
|
|
|
module('Integration | Component | kv-v2 | Page::Secrets::Create', function (hooks) {
|
|
setupRenderingTest(hooks);
|
|
setupEngine(hooks, 'kv');
|
|
setupMirage(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
this.store = this.owner.lookup('service:store');
|
|
this.router = this.owner.lookup('service:router');
|
|
this.transitionStub = sinon.stub(this.router, 'transitionTo');
|
|
this.backend = 'my-kv-engine';
|
|
this.path = 'my-secret';
|
|
this.maxVersions = 10;
|
|
this.secret = this.store.createRecord('kv/data', { backend: this.backend, casVersion: 0 });
|
|
this.metadata = this.store.createRecord('kv/metadata', { backend: this.backend });
|
|
this.breadcrumbs = [
|
|
{ label: 'Secrets', route: 'secrets', linkExternal: true },
|
|
{ label: this.backend, route: 'list' },
|
|
{ label: 'create' },
|
|
];
|
|
setRunOptions({
|
|
rules: {
|
|
// TODO fix JSONEditor, KVObjectEditor, MaskedInput
|
|
label: { enabled: false },
|
|
'color-contrast': { enabled: false }, // JSONEditor only
|
|
},
|
|
});
|
|
});
|
|
|
|
hooks.afterEach(function () {
|
|
this.router.transitionTo.restore();
|
|
});
|
|
|
|
test('it saves secret data and metadata', async function (assert) {
|
|
assert.expect(5);
|
|
this.server.post(`${this.backend}/data/${this.path}`, (schema, req) => {
|
|
assert.ok(true, 'Request made to save secret');
|
|
const payload = JSON.parse(req.requestBody);
|
|
assert.propEqual(payload, {
|
|
data: { foo: 'bar' },
|
|
options: { cas: 0 },
|
|
});
|
|
return {
|
|
request_id: 'bd76db73-605d-fcbc-0dad-d44a008f9b95',
|
|
data: {
|
|
created_time: '2023-07-28T18:47:32.924809Z',
|
|
custom_metadata: null,
|
|
deletion_time: '',
|
|
destroyed: false,
|
|
version: 1,
|
|
},
|
|
};
|
|
});
|
|
|
|
this.server.post(`${this.backend}/metadata/${this.path}`, (schema, req) => {
|
|
assert.ok(true, 'Request made to save metadata');
|
|
const payload = JSON.parse(req.requestBody);
|
|
assert.propEqual(payload, {
|
|
cas_required: false,
|
|
custom_metadata: {
|
|
'my-custom': 'metadata',
|
|
},
|
|
delete_version_after: '0s',
|
|
max_versions: 10,
|
|
});
|
|
});
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
await fillIn(FORM.inputByAttr('path'), this.path);
|
|
await fillIn(FORM.keyInput(), 'foo');
|
|
await fillIn(FORM.maskedValueInput(), 'bar');
|
|
|
|
await click(FORM.toggleMetadata);
|
|
await fillIn(`[data-test-field="customMetadata"] ${FORM.keyInput()}`, 'my-custom');
|
|
await fillIn(`[data-test-field="customMetadata"] ${FORM.valueInput()}`, 'metadata');
|
|
await fillIn(FORM.inputByAttr('maxVersions'), this.maxVersions);
|
|
|
|
await click(FORM.saveBtn);
|
|
const [actual] = this.transitionStub.lastCall.args;
|
|
assert.strictEqual(
|
|
actual,
|
|
'vault.cluster.secrets.backend.kv.secret.index',
|
|
'router transitions to secret overview route on save'
|
|
);
|
|
});
|
|
|
|
test('it does not send request to save secret metadata if fields are unchanged', async function (assert) {
|
|
// this test contains two assertions, but only expects one because a request to kv/metadata
|
|
// should NOT happen if its form inputs have not been edited
|
|
assert.expect(1);
|
|
this.server.post(`${this.backend}/data/${this.path}`, () => {
|
|
assert.ok(true, 'Request only made to save secret');
|
|
return {
|
|
request_id: 'bd76db73-605d-fcbc-0dad-d44a008f9b95',
|
|
data: {
|
|
created_time: '2023-07-28T18:47:32.924809Z',
|
|
custom_metadata: null,
|
|
deletion_time: '',
|
|
destroyed: false,
|
|
version: 1,
|
|
},
|
|
};
|
|
});
|
|
|
|
this.server.post(`${this.backend}/metadata/${this.path}`, () => {
|
|
// this assertion should not be hit!!
|
|
assert.notOk(true, 'Request should not be made to save metadata');
|
|
return new Response(403, {}, { errors: ['This request should not have been made'] });
|
|
});
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
await fillIn(FORM.inputByAttr('path'), this.path);
|
|
await fillIn(FORM.keyInput(), 'foo');
|
|
await fillIn(FORM.maskedValueInput(), 'bar');
|
|
await click(FORM.saveBtn);
|
|
});
|
|
|
|
test('it saves nested secrets', async function (assert) {
|
|
assert.expect(3);
|
|
const pathToSecret = 'path/to/secret/';
|
|
this.secret.path = pathToSecret;
|
|
this.server.post(`${this.backend}/data/${pathToSecret + this.path}`, (schema, req) => {
|
|
assert.ok(true, 'Request made to save secret');
|
|
const payload = JSON.parse(req.requestBody);
|
|
assert.propEqual(payload, {
|
|
data: { foo: 'bar' },
|
|
options: { cas: 0 },
|
|
});
|
|
return {
|
|
request_id: 'bd76db73-605d-fcbc-0dad-d44a008f9b95',
|
|
data: {
|
|
created_time: '2023-07-28T18:47:32.924809Z',
|
|
custom_metadata: null,
|
|
deletion_time: '',
|
|
destroyed: false,
|
|
version: 1,
|
|
},
|
|
};
|
|
});
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
assert.dom(FORM.inputByAttr('path')).hasValue(pathToSecret);
|
|
await typeIn(FORM.inputByAttr('path'), this.path);
|
|
await fillIn(FORM.keyInput(), 'foo');
|
|
await fillIn(FORM.maskedValueInput(), 'bar');
|
|
await click(FORM.saveBtn);
|
|
});
|
|
|
|
test('it renders API errors', async function (assert) {
|
|
// this test contains an extra assertion because a request to kv/metadata
|
|
// should NOT happen if kv/data fails
|
|
assert.expect(3);
|
|
this.server.post(`${this.backend}/data/${this.path}`, () => {
|
|
return new Response(500, {}, { errors: ['nope'] });
|
|
});
|
|
|
|
this.server.post(`${this.backend}/metadata/${this.path}`, () => {
|
|
// this assertion should not be hit because the request to save secret data failed!!
|
|
assert.ok(true, 'Request made to save metadata');
|
|
return new Response(403, {}, { errors: ['This request should not have been made'] });
|
|
});
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
await fillIn(FORM.inputByAttr('path'), this.path);
|
|
await click(FORM.saveBtn);
|
|
assert.dom(FORM.messageError).hasText('Error nope', 'it renders API error');
|
|
assert.dom(FORM.inlineAlert).hasText('There was an error submitting this form.');
|
|
await click(FORM.cancelBtn);
|
|
assert.ok(
|
|
this.transitionStub.calledWith('vault.cluster.secrets.backend.kv.list'),
|
|
'router transitions to secret list route on cancel'
|
|
);
|
|
});
|
|
|
|
test('it renders kv secret validations', async function (assert) {
|
|
assert.expect(6);
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
await typeIn(FORM.inputByAttr('path'), 'space ');
|
|
assert
|
|
.dom(FORM.validation('path'))
|
|
.hasText(
|
|
`Path contains whitespace. If this is desired, you'll need to encode it with %20 in API requests.`
|
|
);
|
|
|
|
await fillIn(FORM.inputByAttr('path'), ''); // clear input
|
|
await typeIn(FORM.inputByAttr('path'), 'slash/');
|
|
assert.dom(FORM.validation('path')).hasText(`Path can't end in forward slash '/'.`);
|
|
|
|
await typeIn(FORM.inputByAttr('path'), 'secret');
|
|
assert
|
|
.dom(FORM.validation('path'))
|
|
.doesNotExist('it removes validation on key up when secret contains slash but does not end in one');
|
|
|
|
await click(FORM.toggleJson);
|
|
codemirror().setValue('i am a string and not JSON');
|
|
assert
|
|
.dom(FORM.inlineAlert)
|
|
.hasText('JSON is unparsable. Fix linting errors to avoid data discrepancies.');
|
|
|
|
codemirror().setValue('{}'); // clear linting error
|
|
await fillIn(FORM.inputByAttr('path'), '');
|
|
await click(FORM.saveBtn);
|
|
const [pathValidation, formAlert] = findAll(FORM.inlineAlert);
|
|
assert.dom(pathValidation).hasText(`Path can't be blank.`);
|
|
assert.dom(formAlert).hasText('There is an error with this form.');
|
|
});
|
|
|
|
test('it toggles JSON view and saves modified data', async function (assert) {
|
|
assert.expect(4);
|
|
this.server.post(`${this.backend}/data/${this.path}`, (schema, req) => {
|
|
assert.ok(true, 'Request made to save secret');
|
|
const payload = JSON.parse(req.requestBody);
|
|
assert.propEqual(payload, {
|
|
data: { hello: 'there' },
|
|
options: { cas: 0 },
|
|
});
|
|
return {
|
|
request_id: 'bd76db73-605d-fcbc-0dad-d44a008f9b95',
|
|
data: {
|
|
created_time: '2023-07-28T18:47:32.924809Z',
|
|
custom_metadata: null,
|
|
deletion_time: '',
|
|
destroyed: false,
|
|
version: 1,
|
|
},
|
|
};
|
|
});
|
|
|
|
await render(
|
|
hbs`<Page::Secrets::Create
|
|
@secret={{this.secret}}
|
|
@metadata={{this.metadata}}
|
|
@breadcrumbs={{this.breadcrumbs}}
|
|
/>`,
|
|
{ owner: this.engine }
|
|
);
|
|
|
|
assert.dom(FORM.dataInputLabel({ isJson: false })).hasText('Secret data');
|
|
await click(FORM.toggleJson);
|
|
assert.dom(FORM.dataInputLabel({ isJson: true })).hasText('Secret data');
|
|
|
|
codemirror().setValue(`{ "hello": "there"}`);
|
|
await fillIn(FORM.inputByAttr('path'), this.path);
|
|
await click(FORM.saveBtn);
|
|
});
|
|
});
|