* use format-copy-value helper for copy text in Hds::Copy::Button
* delete helper and revert masked input
* update certificate card to format to string
* add test
* add changelog;
* Fix openAPI test for JWT
* Revert "Fix openAPI test for JWT"
This reverts commit ad5d1f4ca5.
* Fix openAPI test for JWT
* Prevent jwks pairs from showing in UI until we have a component to handle the data
* Request resultant-acl only from users root namespace
* Update permissions adapter to always call resultant-acl at users root, with test
* Update resultant-acl to accept failType
* Update permissions service to set permissionsBanner based on resultant-acl contents
* wire it up
* add changelog
* cleanup unused adapter changes
* use getter for shared namespace logic
* Address comments
* Fix serailizer warning mesage
* Reset pageFilter when exiting
* Add start and end time validation and fix bugs
* Fix failing tests
* Add validation tests
* Set end time in contorller
* Address feedback
* Remove new date
* Put new Date back
* oidc provider test stability
* ldap role error object to adapter error object so we can amend the message.
* userpass stability
* missed the assert modification
* unique provider and app names
* Client Count Routing Updates (#24733)
* updates client count routing for sync and future additions
* adds copyright header to clients sync template
* adds missing copyright headers
* UI: Adds secret_syncs to mirage /activity endpoint (#24846)
* add secret_syncs to mirage endpoint
* import clients handler
* UI: Set up client charts for incoming sync data (#24852)
* sum stacked bar values for tooltip total
* make tooltip dynamic based on chartLegend
* remove redundant helper
* add secret_syncs to client count utils
* move sum function to helper
* update horizontal bar chart to include sync_clients
* calculate sum of bars in tooltip
* rename color palette const, define chart legends in each parent component instead of token.js
* update tooltips
* update mirage handler to add sys/ namespace
* update mirage handler to add sys/ namespace
* use pushObject
* update test
* UI: Secret sync bar chart (#24926)
* install lineal
* add ember-style-modifier dep
* Add client count types for serialized data
* Add sync bar chart component with tests
* Chart is responsive
* address comments
* Clients Counts Parent Route (#24899)
* adds interfaces for clients models
* moves date formatting logic from clients activity adapter to utils file
* adds clients counts route
* updates links to clients route to point to top level and updates redirect to counts overview route
* removes clients base route and moves overview and sync routes under counts
* adds clients counts page component
* converts clients route to ts
* adds billing start timestamp to clients config mirage response and updates counts route to always attempt to fetch activity
* fixes issue with updating namespace and auth mount query params always triggering client counts route model hook
* adds tests for clients counts page component
* adds missing copyright header to client-counts type file
* Update ui/app/components/clients/page/counts.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* fixes bad import in sync-bar-chart
* updates clients counts route to bypass query if there is not start_time
* pins d3-shape to 1.3.7 for now -- makes lineal play nice with old charts
* fixes sync bar chart tooltip assertion
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* UI: convert line-chart to lineal (#24961)
* lineal chart alongside svg
* Add version-history to sync handler for testing
* line chart is TS, test updated
* remove d3-shape resolution
* fix clients/token-test
* use chartHeight in running-total template
* use M/yy key instead of timestamp, chart is responsive
* Add test for swapping datasets
* add more edge case tests
* more test
* remove untrue assertion
* fix weird decimal when between 1.1k and 2k
* address feedback
* Update line-chart to use timestamp instead of month key
* Add timestamp to all places where month is on the clients activity response
* Client Counts Overview (#24969)
* adds counts base component for use in client counts child routes
* adds clients counts overview page component
* splits out monthly new chart from clients running total component
* adds missing copyright headers
* moves running total related assertions from token to overview acceptance test
* removes new client assertions from running-total test and adds tests for monthly-new component
* updates copy in running-total component
* fixes clients overview tests
* fixes timestamp stub not being restored in monthly-new test
* fixes mfa-login test
* renames counts component to activity
* removes unused selectedAuthMethod arg from running-total component
* adds timestamp back to running-total component
* Secrets sync UI: add sync page component (#24982)
* adds counts base component for use in client counts child routes
* adds clients counts overview page component
* splits out monthly new chart from clients running total component
* adds missing copyright headers
* move sync-bar-chart to charts/ folder
* update types and rename chart
* rename template file
* moves running total related assertions from token to overview acceptance test
* removes new client assertions from running-total test and adds tests for monthly-new component
* updates copy in running-total component
* fixes clients overview tests
* fixes timestamp stub not being restored in monthly-new test
* fixes mfa-login test
* fix 0 values erroring charts
* separate timestamp again
* address merge conflicts
* finish building sync chart component WIP css
* renames counts component to activity
* update import
* revert name to dataKey
* update styling for charts without legends
* use monthly stat chart component for layout
* use monthly chart stats in monthly new
* implement stat wrapper;
* remove extra grid div
* rename component
* fix legend css;
* update test[
* remove arbitrarily setting max
* add single month view
* use stat text
* update line chart tests
* rename line chart
* update tests
---------
Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
* update selectors
* add sync page tests
* Secrets Sync UI: Add secrets syncs to csv export (#25056)
* update mirage and add sync clients to export csv
* fix sync legend label
* remove word
* update copy in modal
* update mirage
* fix attribution tooltip text
* Clients Counts Token Route (#25019)
* renames token route and page component back to dashboard
* adds client counts token route and page component
* updates charts in token page to use ChartContainer component
* adds tests for clients token page component
* restore clients dashboard test
* use var for chart title sync page
* updates clients token page to show usage stats when querying single month
* updates token page clients averages to only include entity and non-entity clients in calculation
* fixes monthly total counts lower than new clients in mirage handler
* fixes token test
---------
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
* Clients Usage Stats/Running Total Updates (#25094)
* updates clients usage counts and running totals
* updates usage stats total copy
* fixes client counts overview tests
* Secrets sync UI: cleanup and consolidation of components (#25090)
* rename authMethod to mountPath
* generalize count template copy
* add todo to delete monthly new component
* rename to tokenTab
* wrap filters in conditional checking for start timestamp
* some users may not have access to /config endpoint
* fix querying when user has no billing date permissions and clicks current billing period
* extend activity component from counts page
* Revert "extend activity component from counts page"
This reverts commit 1d0e85c82f.
* rename to startTimestampISO
* remove timestamp from route and just use activity model responseTimestamp
* fix chart y domain max
* fix typos in usage stat and running totals component
* delete backing class for display only template;
* updates tests
* adds comment for fetching license to get start date for billing
* cleans up unused client counts files (#25157)
* adds changelog
* fix assertion copy
* adds changelog description
* updates enterprise sidebar nav test
---------
Co-authored-by: clairebontempo@gmail.com <clairebontempo@gmail.com>
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* improve overview test
* Add custom waiter to maybe-query-record
* add custom waiter to console/ui-panel
* Add flash message check for better visibility into flakiness
* trying to find what's wrong with PKI
* create role happy path uses root token
* make all policy names on pki workflow unique
* some secret test cleanup, not the main offenders
* remove uncessary settled
* Update kv-run-commands.js
* Update kv-run-commands.js
* Update kv-data-fields-test.js
* some missed fixes that were outside the original cherry pick
* remove overview test things
* move testWaiter to logAndOutput command
* nope not working
---------
Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
* UI: [VAULT-21521] Initial config-ui engine and routes set up (#23922)
* UI: [VAULT-21526] Create adapter, serializer, and model files (#23947)
* UI: [VAULT-21588] Add Custom Messages to the sidebar (#23946)
* UI: [VAULT-21527] Mirage setup (#24000)
* UI: [VAULT-21530] Custom Messages List View w/ Pagination and LazyPaginatedQuery (#24133)
* UI: Add list to adapter query param (#24187)
* UI: [VAULT-21532] Create message (#24407)
* WIP create message
* Add breadcrumns
* Create and edit form
* Add save to create/edit form
* Add cancel and todo
* Fix cancel route
* Fix breadcrumb label to be title case
* add start time logic
* Update breadcrumb
* Fix breadcrumbs and merge conflict test
* Update create form description
* Fix sidenav so it always highlights
* Fix up forms
* Mostly working create form
* Form cleanup
* Fix link title and href form fields
* Default startTime
* Fix messages
* Update dropdown to use the updated ConfirmAction component
* Update create and edit form
* Add wip tests
* Fix breadcrumb formatter
* Comment out test
* Update create message test
* Update more tests
* Add comment for fixing date on edit
* Update Message form
* Code cleanup!
* Add validation tests
* Remove authenticated from route model
* SOme more code cleanup
* Add controller so authenticated is parsed
* Working radio buttons
* Use an object instead of arrays
* Wip date form
* Fix license headers
* Fix license headers addition of files
* Fix copyright format issues and clean up code
* Fix tests
* Rename FormField radio getter and ay11 improvements
* Address feedback
* Fix specific date so it remembers the values
* Address feedback!
* Update more form fields
* Use formfield action instead
* Update to every
* Update syntax of onchange
* Fix tests
* Update willDestroy so it doesnt break tests
* Remove set and brodcast datetimelocal
* Put FormField back the way it was in favor of putting FormField to a seperate PR
* Remove getter in formfield component file
* Address more feedback
* Put back test
* Update datetime string format var name and location
* UI: [VAULT-21534 VAULT-21533 VAULT-21536] edit, preview, and delete custom message (#24603)
* Working edit
* VAULT-21536 update delete message and create/update flash message
* VAULT-21533 add preview modal
* Update serializer
* Preview refinements
* Move preview to its own component
* Move breadcrumbs to setupController
* Add more tests
* Address some feedback
* Address more feedback!
* Update serailizer
* Remove stylesheet
* Add comment
* UI: [VAULT-21435] Message details (#24645)
* WIP
* Fix timezone bug
* Fix date issues on create/edit form
* Add details screen
* Use allFields instead of formFields
* Fix tests
* Address comments!
* UI: VAULT-21538 unauth endpoint message display (#24665)
* WIP unauth display
* Add modal custom message
* Close multiple modals
* Update todo with ticket number
* On init make custom message request
* Use serializer
* Update fetchMessages
* Add copyright headers
* Add services and serializers
* Send null instead of empty strings
* Fix tests!
* Add copywrite headers
* Add some acceptance tests
* Test cleanup
* Put tests back
* pass hooks to module
* Move module out
* Seperate tests
* Copywrite
* Add aria-prohibited-attr runList options
* Code cleanup
* Add date-time-local transform
* Add copyright headers
* Remove comments
* Remove date transform stuff for now!
* Put getISODateFormat back into the serailize function
* UI: Date time local transform (#24694)
* Date time local
* Add deserialize
* Add copyright header
* check if date exists
* Use parseISO for date strings since datefns requires this in new update
* Update tests
* Ensure we cehck for an ISOString
* Add checks so tests wont fail
* Update parseISO
* Address feedback
* UI: multiple banner message on create and edit form (#24742)
* WIP multiple banner message on create and edit form
* Fix tests
* Put checks back
* Add try/catch to query
* Fix breadcrumbs
* Add page size to pagination
* Add multiple modal message tests
* Address feedback
* Check for valid form first
* Add extra checks
* Address feedback
* Move getter to the route
* Fix tests!
* Address more feedback
* Use still when cancelling
* Update multiple banner modal
* Fix tests
* Set user confirmation to empty string
* UI: VAULT-21539 auth messages display (#24842)
* WIP auth message display
* Move block to show only when authenticated
* VAULT-22046 working search by name
* Some code clean up
* Fix merge conflict
* Add tests
* Fetch messages again after creation
* UI: [VAULT-22908] Update kv object editor, add max number of messages reached modal, small improvements (#24918)
* Update kv object editor to only use a single row
* continute using kv editype
* Fix failing dashboard tests!
* Fix failing test on sidebranch
* Fix tests and update validations
* Add optional tag
* Address feedback
* Add documentation
* Clear messages when logging out
* Fix tests!
* Add 100 message limit modal
* Add max message modal test
* Do more checks!
* Pair with Claire on the refactor of validator!
* Only show validationerror for multiple rows
* Update pageSize to 100 since when paginations are active it causes accessbility errors
* Fix tests!
* Add links to test
* Make banners dismissable
* Add cancel button
* Address feedback!
* Update test selectors
* Update validator
* Remove validations check in kvobjecteditor
* Revert validationError in kvobjecteditor template
* Put back if/else statements for link
* Add changelog
* UI: fix link bug and add colors (#24977)
* Fix edit bug and put transform back
* Edit badgeColor
* Add tests
* Revert changes to transform
* Edit badge colors
* remove universal object transform
* Update changelog filename
* UI: Add form inline warning (#24986)
* Add form inline warning
* Remove title
* Only show form warning for unauth
* Address feedback!
* improve overview test
* add new component for KVv2 dashboard quick actions card
* add changelog
* revert carry over test change from ember data work.
* redo test
* remove the check for v2 because test suite is strange on return value CI vs locally
* leverage isSectionHeader option to change component styling
* update destination models to include new params
* update form and details template to accommodate new fields
* remove extra horizontal line
* move is-empty-value to core addon and use in details template
* remove leftover or conditional
* update mirage and tests
* update form tests
* consolidate policies tests, remove page object for policies in favor of string selectors
* auth list test fix
* clean up pki-configuration test and only use error.errors if contents are string
* use mirage for version on landing page dashboard test
* changes not needed for upgrade but good clean up work.
* revert pki workflow changes
* remove unused test selector
* remove change to keep cleaner file count.
* add check on control groups
* remove space causing test problems
* use uuid for database backend name
---------
Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
* add deletion in progress banner
* update kv details banner to inline alert
* add logic for purge error
* add params to mirage
* comment in purge_initiated_at for mirage
* update flash message for deleting
* add test for banner
* transition to destination associations after delete
* redirect to details after delete instead of list
* remove attrs from serializer
* update mirage handler to mock purge_initiated_at
* remove trailing space from inline link
* add validation for white space
* remove icon for inline link
* clear banner if no mount selected
* unobfuscate key_vaul_uri
* add margin below buttons
* add tst for sync banner
* refactor sync form, checking for mountPath was unreliable...bad idea Claire
* missed a relationship
* send full payload of an edit database connection
* add role to Pki certificate
* use latest patch for ember/test-helpers
* clarify language on check-issuers decorator
* fix redirect from vault route
* add check that oidc provider is set up correctly
---------
Co-authored-by: Chelsea Shaw <cshaw@hashicorp.com>
* Fixed Oauth redirect not working on Android Chrome
This fixes the issue described in https://github.com/hashicorp/vault/issues/16778.
Navigation is blocked in Android chrome while redirecting back after OIDC authentication.
The issue is explained by the lead maintainer of
AppAuth(https://stackoverflow.com/a/41882732).
The latest Chrome version redirects to the app only if triggered by the user and not automatically redirect. Hence, a link is added in the UI to redirect back to the app.
* Update ui/app/templates/vault/cluster/oidc-provider.hbs
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* added requested changes
* Modified requested changes and added changelog
* Added requested change
* Modified requested changes
---------
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* updates destination name filter to use FilterInput component
* simplifies destinations list redirect condition
* fixes issue with sync destination type filter and issue filtering by both name and type
* unsets page query param in sync destination secrets route
* Fix UI when editing database roles
When using a database role the UI will try to update the database connection
associated to the role. This is to make sure that the role is allowed to
use this connection:
async _updateAllowedRoles(store, { role, backend, db, type = 'add' }) {
const connection = await store.queryRecord('database/connection', { backend, id: db });
const roles = [...connection.allowed_roles];
const allowedRoles = type === 'add' ? addToArray([roles, role]) : removeFromArray([roles, role]);
connection.allowed_roles = allowedRoles;
return connection.save();
},
async createRecord(store, type, snapshot) {
const serializer = store.serializerFor(type.modelName);
const data = serializer.serialize(snapshot);
const roleType = snapshot.attr('type');
const backend = snapshot.attr('backend');
const id = snapshot.attr('name');
const db = snapshot.attr('database');
try {
await this._updateAllowedRoles(store, {
role: id,
backend,
db: db[0],
});
} catch (e) {
throw new Error('Could not update allowed roles for selected database. Check Vault logs for details');
}
return this.ajax(this.urlFor(backend, id, roleType), 'POST', { data }).then(() => {
// ember data doesn't like 204s if it's not a DELETE
return {
data: assign({}, data, { id }),
};
});
},
This is intended to help the administrator as the role will only work if
it is allowed by the database connection.
This is however an issue if the person doing the update does not have
the permission to update the connection: they will not be able to use
the UI to update the role even though they have the appropriate permissions
to do so (using the CLI or the API will work for example).
This is often the case when the database connections are created by a
centralized system but a human operator needs to create the roles.
You can try this with the following test case:
$ cat main.tf
resource "vault_auth_backend" "userpass" {
type = "userpass"
}
resource "vault_generic_endpoint" "alice" {
depends_on = [vault_auth_backend.userpass]
path = "auth/userpass/users/alice"
ignore_absent_fields = true
data_json = jsonencode({
"policies" : ["root"],
"password" : "alice"
})
}
data "vault_policy_document" "db_admin" {
rule {
path = "database/roles/*"
capabilities = ["create", "read", "update", "delete", "list"]
}
}
resource "vault_policy" "db_admin" {
name = "db-admin"
policy = data.vault_policy_document.db_admin.hcl
}
resource "vault_generic_endpoint" "bob" {
depends_on = [vault_auth_backend.userpass]
path = "auth/userpass/users/bob"
ignore_absent_fields = true
data_json = jsonencode({
"policies" : [vault_policy.db_admin.name],
"password" : "bob"
})
}
resource "vault_mount" "db" {
path = "database"
type = "database"
}
resource "vault_database_secret_backend_connection" "postgres" {
backend = vault_mount.db.path
name = "postgres"
allowed_roles = ["*"]
verify_connection = false
postgresql {
connection_url = "postgres://username:password@localhost/database"
}
}
$ terraform apply --auto-approve
then using bob to create a role associated to the `postgres` connection.
This patch changes the way the UI does the update: it still tries to
update the database connection but if it fails to do so because it does not
have the permission it just silently skip this part and updates the role.
This also update the error message returned to the user in case of issues
to include the actual errors.
* Add changelog
* Also ignore error when deleting a role
* Address code review comments
---------
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* update header to refer to destination name
* teeny design improvements VAULT-22943
* update azure model attrs
* remove padding, add destination type to description VAULT-22930 VAULT-22943
* fix overview popupmenu nav to sync secrets VAULT-22944
* update sync banner, hyperlink secret
* redirect when all destinations are deleted VAULT-22945
* add keyVaultUri to credentials for editing
* fix extra space and test for sync banner
* use localName to get dynamic route section to fix pagination transition error
* add copy header remove duplicate app type
* add cloud param to azure mirage destination
* add comments
* enter line
* conditionally render view synced secrets button
* revert pagination route change
* combine buttons and add logic for args
* rename to route
* remove model arg
* docs(web repl): add initial docs about the UI REPL
* feature(repl): add link to the new docs in the REPL
* chore(repl): Web CLI or Broweser CLI -> Web REPL
* Use Hds::Link::Inline instead of DocLink
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/templates/components/console/ui-panel.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update website/content/docs/commands/web.mdx
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update website/content/docs/commands/web.mdx
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Fix typos and update phrasing.
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* docs(web repl): add a refrence to the repl docs on the ui config page
* Update KV version 2 reference
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* fix linting
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
