mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-19 05:31:10 +02:00
e5b1f718f1
* Update browserslist * Add browserslistrc * ember-cli-update --to 3.26, fix conflicts * Run codemodes that start with ember-* * More codemods - before cp* * More codemods (curly data-test-*) * WIP ember-basic-dropdown template errors * updates ember-basic-dropdown and related deps to fix build issues * updates basic dropdown instances to new version API * updates more deps -- ember-template-lint is working again * runs no-implicit-this codemod * creates and runs no-quoteless-attributes codemod * runs angle brackets codemod * updates lint:hbs globs to only touch hbs files * removes yield only templates * creates and runs deprecated args transform * supresses lint error for invokeAction on LinkTo component * resolves remaining ambiguous path lint errors * resolves simple-unless lint errors * adds warnings for deprecated tagName arg on LinkTo components * adds warnings for remaining curly component invocation * updates global template lint rules * resolves remaining template lint errors * disables some ember specfic lint rules that target pre octane patterns * js lint fix run * resolves remaining js lint errors * fixes test run * adds npm-run-all dep * fixes test attribute issues * fixes console acceptance tests * fixes tests * adds yield only wizard/tutorial-active template * fixes more tests * attempts to fix more flaky tests * removes commented out settled in transit test * updates deprecations workflow and adds initializer to filter by version * updates flaky policies acl old test * updates to flaky transit test * bumps ember deps down to LTS version * runs linters after main merge * fixes client count tests after bad merge conflict fixes * fixes client count history test * more updates to lint config * another round of hbs lint fixes after extending stylistic rule * updates lint-staged commands * removes indent eslint rule since it seems to break things * fixes bad attribute in transform-edit-form template * test fixes * fixes enterprise tests * adds changelog * removes deprecated ember-concurrency-test-waiters dep and adds @ember/test-waiters * flaky test fix Co-authored-by: hashishaw <cshaw@hashicorp.com>
169 lines
4.6 KiB
JavaScript
169 lines
4.6 KiB
JavaScript
import Model, { attr } from '@ember-data/model';
|
|
import { alias } from '@ember/object/computed';
|
|
import { set, get, computed } from '@ember/object';
|
|
import clamp from 'vault/utils/clamp';
|
|
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
|
|
|
|
const ACTION_VALUES = {
|
|
encrypt: {
|
|
isSupported: 'supportsEncryption',
|
|
description: 'Looks up wrapping properties for the given token',
|
|
glyph: 'lock-fill',
|
|
},
|
|
decrypt: {
|
|
isSupported: 'supportsDecryption',
|
|
description: 'Decrypts the provided ciphertext using this key',
|
|
glyph: 'mail-open',
|
|
},
|
|
datakey: {
|
|
isSupported: 'supportsEncryption',
|
|
description: 'Generates a new key and value encrypted with this key',
|
|
glyph: 'key',
|
|
},
|
|
rewrap: {
|
|
isSupported: 'supportsEncryption',
|
|
description: 'Rewraps the ciphertext using the latest version of the named key',
|
|
glyph: 'reload',
|
|
},
|
|
sign: {
|
|
isSupported: 'supportsSigning',
|
|
description: 'Get the cryptographic signature of the given data',
|
|
glyph: 'pencil-tool',
|
|
},
|
|
hmac: {
|
|
isSupported: true,
|
|
description: 'Generate a data digest using a hash algorithm',
|
|
glyph: 'shuffle',
|
|
},
|
|
verify: {
|
|
isSupported: true,
|
|
description: 'Validate the provided signature for the given data',
|
|
glyph: 'check-circle',
|
|
},
|
|
export: {
|
|
isSupported: 'exportable',
|
|
description: 'Get the named key',
|
|
glyph: 'external-link',
|
|
},
|
|
};
|
|
|
|
export default Model.extend({
|
|
type: attr('string', {
|
|
defaultValue: 'aes256-gcm96',
|
|
}),
|
|
name: attr('string', {
|
|
label: 'Name',
|
|
fieldValue: 'id',
|
|
readOnly: true,
|
|
}),
|
|
deletionAllowed: attr('boolean'),
|
|
derived: attr('boolean'),
|
|
exportable: attr('boolean'),
|
|
minDecryptionVersion: attr('number', {
|
|
defaultValue: 1,
|
|
}),
|
|
minEncryptionVersion: attr('number', {
|
|
defaultValue: 0,
|
|
}),
|
|
latestVersion: attr('number'),
|
|
keys: attr('object'),
|
|
convergentEncryption: attr('boolean'),
|
|
convergentEncryptionVersion: attr('number'),
|
|
|
|
supportsSigning: attr('boolean'),
|
|
supportsEncryption: attr('boolean'),
|
|
supportsDecryption: attr('boolean'),
|
|
supportsDerivation: attr('boolean'),
|
|
|
|
setConvergentEncryption(val) {
|
|
if (val === true) {
|
|
set(this, 'derived', val);
|
|
}
|
|
set(this, 'convergentEncryption', val);
|
|
},
|
|
|
|
setDerived(val) {
|
|
if (val === false) {
|
|
set(this, 'convergentEncryption', val);
|
|
}
|
|
set(this, 'derived', val);
|
|
},
|
|
|
|
supportedActions: computed('type', function () {
|
|
return Object.keys(ACTION_VALUES)
|
|
.filter((name) => {
|
|
const { isSupported } = ACTION_VALUES[name];
|
|
return typeof isSupported === 'boolean' || get(this, isSupported);
|
|
})
|
|
.map((name) => {
|
|
const { description, glyph } = ACTION_VALUES[name];
|
|
return { name, description, glyph };
|
|
});
|
|
}),
|
|
|
|
canDelete: computed('deletionAllowed', 'lastLoadTS', function () {
|
|
const deleteAttrChanged = Boolean(this.changedAttributes().deletionAllowed);
|
|
return this.deletionAllowed && deleteAttrChanged === false;
|
|
}),
|
|
|
|
keyVersions: computed('validKeyVersions', function () {
|
|
let maxVersion = Math.max(...this.validKeyVersions);
|
|
let versions = [];
|
|
while (maxVersion > 0) {
|
|
versions.unshift(maxVersion);
|
|
maxVersion--;
|
|
}
|
|
return versions;
|
|
}),
|
|
|
|
encryptionKeyVersions: computed(
|
|
'keyVerisons',
|
|
'keyVersions',
|
|
'latestVersion',
|
|
'minDecryptionVersion',
|
|
function () {
|
|
const { keyVersions, minDecryptionVersion } = this;
|
|
|
|
return keyVersions
|
|
.filter((version) => {
|
|
return version >= minDecryptionVersion;
|
|
})
|
|
.reverse();
|
|
}
|
|
),
|
|
|
|
keysForEncryption: computed('minEncryptionVersion', 'latestVersion', function () {
|
|
let { minEncryptionVersion, latestVersion } = this;
|
|
let minVersion = clamp(minEncryptionVersion - 1, 0, latestVersion);
|
|
let versions = [];
|
|
while (latestVersion > minVersion) {
|
|
versions.push(latestVersion);
|
|
latestVersion--;
|
|
}
|
|
return versions;
|
|
}),
|
|
|
|
validKeyVersions: computed('keys', function () {
|
|
return Object.keys(this.keys);
|
|
}),
|
|
|
|
exportKeyTypes: computed('exportable', 'supportsEncryption', 'supportsSigning', 'type', function () {
|
|
let types = ['hmac'];
|
|
if (this.supportsSigning) {
|
|
types.unshift('signing');
|
|
}
|
|
if (this.supportsEncryption) {
|
|
types.unshift('encryption');
|
|
}
|
|
return types;
|
|
}),
|
|
|
|
backend: attr('string'),
|
|
|
|
rotatePath: lazyCapabilities(apiPath`${'backend'}/keys/${'id'}/rotate`, 'backend', 'id'),
|
|
canRotate: alias('rotatePath.canUpdate'),
|
|
secretPath: lazyCapabilities(apiPath`${'backend'}/keys/${'id'}`, 'backend', 'id'),
|
|
canRead: alias('secretPath.canUpdate'),
|
|
canEdit: alias('secretPath.canUpdate'),
|
|
});
|