mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 04:27:02 +02:00
Code Issues Projects Releases Wiki Activity
a2de4c75cd
vault/ui/app/models/pki/config/crl.js
claire bontempo 5e5e61b5a8
UI: add pki cluster config parameters (#20724) 
* add config directory, rename crl and urls models

* fix imports

* add cluster config fields to edit form

* reorder url save

* update tests

* add to details page

* add details test;

* fix adapter name

* fix cluster adapter test name

* combine adapter tests

* update imports

* fix git diff

* move crl and urls adapters to config folder

* add config file

* woops add config adapter

* final renaming!!

* fix imports after naming to base

* add cluster to beforeModel hook

* hide help text

* maybe you should write tests that actually pass, claire

* seriously claire its embarrassing
2023-05-23 15:24:53 -07:00

99 lines
3.2 KiB
JavaScript
Raw Blame History

/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: MPL-2.0
*/
import Model, { attr } from '@ember-data/model';
import { withFormFields } from 'vault/decorators/model-form-fields';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
const formFieldGroups = [
{
'Certificate Revocation List (CRL)': ['expiry', 'autoRebuildGracePeriod', 'deltaRebuildInterval'],
},
{
'Online Certificate Status Protocol (OCSP)': ['ocspExpiry'],
},
{ 'Unified Revocation': ['crossClusterRevocation', 'unifiedCrl', 'unifiedCrlOnExistingPaths'] },
];
@withFormFields(null, formFieldGroups)
export default class PkiConfigCrlModel extends Model {
// This model uses the backend value as the model ID
@attr('boolean') autoRebuild;
@attr('string', {
label: 'Auto-rebuild on',
labelDisabled: 'Auto-rebuild off',
mapToBoolean: 'autoRebuild',
isOppositeValue: false,
editType: 'ttl',
helperTextEnabled: 'Vault will rebuild the CRL in the below grace period before expiration',
helperTextDisabled: 'Vault will not automatically rebuild the CRL',
})
autoRebuildGracePeriod;
@attr('boolean') enableDelta;
@attr('string', {
label: 'Delta CRL building on',
labelDisabled: 'Delta CRL building off',
mapToBoolean: 'enableDelta',
isOppositeValue: false,
editType: 'ttl',
helperTextEnabled: 'Vault will rebuild the delta CRL at the interval below:',
helperTextDisabled: 'Vault will not rebuild the delta CRL at an interval',
})
deltaRebuildInterval;
@attr('boolean') disable;
@attr('string', {
label: 'Expiry',
labelDisabled: 'No expiry',
mapToBoolean: 'disable',
isOppositeValue: true,
editType: 'ttl',
helperTextDisabled: 'The CRL will not be built.',
helperTextEnabled: 'The CRL will expire after:',
})
expiry;
@attr('boolean') ocspDisable;
@attr('string', {
label: 'OCSP responder APIs enabled',
labelDisabled: 'OCSP responder APIs disabled',
mapToBoolean: 'ocspDisable',
isOppositeValue: true,
editType: 'ttl',
helperTextEnabled: "Requests about a certificate's status will be valid for:",
helperTextDisabled: 'Requests cannot be made to check if an individual certificate is valid.',
})
ocspExpiry;
// enterprise only params
@attr('boolean', {
label: 'Cross-cluster revocation',
helpText:
'Enables cross-cluster revocation request queues. When a serial not issued on this local cluster is passed to the /revoke endpoint, it is replicated across clusters and revoked by the issuing cluster if it is online.',
})
crossClusterRevocation;
@attr('boolean', {
label: 'Unified CRL',
helpText:
'Enables unified CRL and OCSP building. This synchronizes all revocations between clusters; a single, unified CRL will be built on the active node of the primary performance replication (PR) cluster.',
})
unifiedCrl;
@attr('boolean', {
label: 'Unified CRL on existing paths',
helpText:
'If enabled, existing CRL and OCSP paths will return the unified CRL instead of a response based on cluster-local data.',
})
unifiedCrlOnExistingPaths;
@lazyCapabilities(apiPath`${'id'}/config/crl`, 'id') crlPath;
get canSet() {
return this.crlPath.get('canUpdate') !== false;
}
}
Reference in New Issue View Git Blame Copy Permalink