mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-30 18:17:55 +00:00
ca14c1919f
* adds mirage factories for mfa methods and login enforcement * adds mirage handler for mfa config endpoints * adds mirage identity manager for uuids * updates mfa test to use renamed mfaLogin mirage handler * updates mfa login workflow for push methods (#15214) * MFA Login Enforcement Model (#15244) * adds mfa login enforcement model, adapter and serializer * updates mfa methods to hasMany realtionship and transforms property names * updates login enforcement adapter to use urlForQuery over buildURL * Model for mfa method (#15218) * Model for mfa method * Added adapter and serializer for mfa method - Updated mfa method model - Basic route to handle list view - Added MFA to access nav * Show landing page if methods are not configured * Updated adapter,serializer - Backend is adding new endpoint to list all the mfa methods * Updated landing page - Added MFA diagram - Created helper to resolve full path for assets like images * Remove ember assign * Fixed failing test * MFA method and enforcement list view (#15353) * MFA method and enforcement list view - Added new route for list views - List mfa methods along with id, type and icon - Added client side pagination to list views * Throw error if method id is not present * MFA Login Enforcement Form (#15410) * adds mfa login enforcement form and header components and radio card component * skips login enforcement form tests for now * adds jsdoc annotations for mfa-login-enforcement-header component * adds error handling when fetching identity targets in login enforcement form component * updates radio-card label elements * MFA Login Enforcement Create and Edit routes (#15422) * adds mfa login enforcement form and header components and radio card component * skips login enforcement form tests for now * updates to login enforcement form to fix issues hydrating methods and targets from model when editing * updates to mfa-config mirage handler and login enforcement handler * fixes issue with login enforcement serializer normalizeItems method throwing error on save * updates to mfa route structure * adds login enforcement create and edit routes * MFA Login Enforcement Read Views (#15462) * adds login enforcement read views * skip mfa-method-list-item test for now * MFA method form (#15432) * MFA method form - Updated model for form attributes - Form for editing, creating mfa methods * Added comments * Update model for mfa method * Refactor buildURL in mfa method adapter * Update adapter to handle mfa create * Fixed adapter to handle create mfa response * Sidebranch: MFA end user setup (#15273) * initial setup of components and route * fix navbar * replace parent component with controller * use auth service to return entity id * adapter and some error handling: * clean up adapter and handle warning * wip * use library for qrCode generation * clear warning and QR code display fix * flow for restart setup * add documentation * clean up * fix warning issue * handle root user * remove comment * update copy * fix margin * address comment * MFA Guided Setup Route (#15479) * adds mfa method create route with type selection workflow * updates mfa method create route links to use DocLink component * MFA Guided Setup Config View (#15486) * adds mfa guided setup config view * resets type query param on mfa method create route exit * hide next button if type is not selected in mfa method create route * updates to sure correct state when changing mfa method type in guided setup * Enforcement view at MFA method level (#15485) - List enforcements for each mfa method - Delete MFA method if no enforcements are present - Moved method, enforcement list item component to mfa folder * MFA Login Enforcement Validations (#15498) * adds model and form validations for mfa login enforcements * updates mfa login enforcement validation messages * updates validation message for mfa login enforcement targets * adds transition action to configure mfa button on landing page * unset enforcement on preference change in mfa guided setup workflow * Added validations for mfa method model (#15506) * UI/mfa breadcrumbs and small fixes (#15499) * add active class when on index * breadcrumbs * remove box-shadow to match designs * fix refresh load mfa-method * breadcrumb create * add an empty state the enforcements list view * change to beforeModel * UI/mfa small bugs (#15522) * remove pagintion and fix on methods list view * fix enforcements * Fix label for value on radio-card (#15542) * MFA Login Enforcement Component Tests (#15539) * adds tests for mfa-login-enforcement-header component * adds tests for mfa-login-enforcement-form component * Remove default values from mfa method model (#15540) - use passcode had a default value, as a result it was being sent with all the mfa method types during save and edit flows.. * UI/mfa small cleanup (#15549) * data-test-mleh -> data-test-mfa * Only one label per radio card * Remove unnecessary async * Simplify boolean logic * Make mutation clear * Revert "data-test-mleh -> data-test-mfa" This reverts commit 31430df7bb42580a976d082667cb6ed1f09c3944. * updates mfa login enforcement form to only display auth method types for current mounts as targets (#15547) * remove token type (#15548) * remove token type * conditional param * removes type from mfa method payload and fixes bug transitioning to method route on save success * removes punctuation from mfa form error message string match * updates qr-code component invocation to angle bracket * Re-trigger CI jobs with empty commit Co-authored-by: Arnav Palnitkar <arnav@hashicorp.com> Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com> Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com> Co-authored-by: Michele Degges <mdeggies@gmail.com>
252 lines
9.8 KiB
JavaScript
252 lines
9.8 KiB
JavaScript
import { module, test } from 'qunit';
|
|
import { setupRenderingTest } from 'ember-qunit';
|
|
import { render, click, fillIn } from '@ember/test-helpers';
|
|
import { hbs } from 'ember-cli-htmlbars';
|
|
import { setupMirage } from 'ember-cli-mirage/test-support';
|
|
|
|
module('Integration | Component | mfa-login-enforcement-form', function (hooks) {
|
|
setupRenderingTest(hooks);
|
|
setupMirage(hooks);
|
|
|
|
hooks.beforeEach(function () {
|
|
this.store = this.owner.lookup('service:store');
|
|
this.model = this.store.createRecord('mfa-login-enforcement');
|
|
this.server.get('/sys/auth', () => ({
|
|
data: { 'userpass/': { type: 'userpass', accessor: 'auth_userpass_1234' } },
|
|
}));
|
|
this.server.get('/identity/mfa/method', () => ({
|
|
data: {
|
|
key_info: {
|
|
123456: { type: 'totp' },
|
|
},
|
|
keys: ['123456'],
|
|
},
|
|
}));
|
|
});
|
|
|
|
test('it should render correct fields', async function (assert) {
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@onClose={{fn (mut this.didClose)}}
|
|
@onSave={{fn (mut this.didSave)}}
|
|
/>
|
|
`);
|
|
|
|
const fields = {
|
|
name: {
|
|
label: 'Name',
|
|
subText:
|
|
'The name for this enforcement. Giving it a name means that you can refer to it again later. This name will not be editable later.',
|
|
},
|
|
methods: {
|
|
label: 'MFA methods',
|
|
subText: 'The MFA method(s) that this enforcement will apply to.',
|
|
},
|
|
targets: {
|
|
label: 'Targets',
|
|
subText:
|
|
'The list of authentication types, authentication mounts, groups, and/or entities that will require this MFA configuration.',
|
|
},
|
|
};
|
|
|
|
const subTexts = this.element.querySelectorAll('[data-test-label-subtext]');
|
|
Object.keys(fields).forEach((field, index) => {
|
|
const { label, subText } = fields[field];
|
|
assert.dom(`[data-test-mlef-label="${field}"]`).hasText(label, `${field} field label renders`);
|
|
assert.dom(subTexts[index]).hasText(subText, `${subText} field label sub text renders`);
|
|
});
|
|
assert.dom('[data-test-mlef-input="name"]').exists(`Name field input renders`);
|
|
assert.dom('[data-test-mlef-search="methods"]').exists('MFA method search select renders');
|
|
assert.dom('[data-test-mlef-select="target-type"]').exists('Target type selector renders');
|
|
assert.dom('[data-test-mlef-select="accessor"]').exists('Auth mount target selector renders by default');
|
|
});
|
|
|
|
test('it should render inline', async function (assert) {
|
|
this.errors = this.model.validate().state;
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@isInline={{true}}
|
|
@modelErrors={{this.errors}}
|
|
/>
|
|
`);
|
|
|
|
assert.dom('[data-test-mlef-input="name"]').exists(`Name field input renders`);
|
|
assert.dom('[data-test-mlef-search="methods"]').doesNotExist('MFA method search select does not render');
|
|
assert.dom('[data-test-mlef-select="target-type"]').exists('Target type selector renders');
|
|
assert
|
|
.dom('[data-test-inline-error-message]')
|
|
.exists({ count: 2 }, 'External validation errors are displayed');
|
|
});
|
|
|
|
test('it should display field validation errors on save', async function (assert) {
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@onClose={{fn (mut this.didClose)}}
|
|
@onSave={{fn (mut this.didSave)}}
|
|
/>
|
|
`);
|
|
|
|
await click('[data-test-mlef-save]');
|
|
const errors = this.element.querySelectorAll('[data-test-inline-error-message]');
|
|
assert.dom(errors[0]).hasText('Name is required', 'Name error message renders');
|
|
assert.dom(errors[1]).hasText('At least one MFA method is required', 'Methods error message renders');
|
|
assert
|
|
.dom(errors[2])
|
|
.hasText(
|
|
"At least one target is required. If you've selected one, click 'Add' to make sure it's added to this enforcement.",
|
|
'Targets error message renders'
|
|
);
|
|
});
|
|
|
|
test('it should save new enforcement', async function (assert) {
|
|
assert.expect(5);
|
|
|
|
this.server.post('/identity/mfa/login-enforcement/bar', () => {
|
|
assert.ok(true, 'save request sent to server');
|
|
return {};
|
|
});
|
|
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@onClose={{fn (mut this.didClose)}}
|
|
@onSave={{fn (mut this.didSave) true}}
|
|
/>
|
|
`);
|
|
|
|
await fillIn('[data-test-mlef-input="name"]', 'bar');
|
|
await click('.ember-basic-dropdown-trigger');
|
|
await click('.ember-power-select-option');
|
|
await fillIn('[data-test-mlef-select="accessor"] select', 'auth_userpass_1234');
|
|
await click('[data-test-mlef-add-target]');
|
|
await click('[data-test-mlef-save]');
|
|
assert.true(this.didSave, 'onSave callback triggered');
|
|
assert.equal(this.model.name, 'bar', 'Name property set on model');
|
|
assert.equal(this.model.mfa_methods.firstObject.id, '123456', 'Mfa method added to model');
|
|
assert.equal(
|
|
this.model.auth_method_accessors.firstObject,
|
|
'auth_userpass_1234',
|
|
'Target saved to correct model property'
|
|
);
|
|
});
|
|
|
|
test('it should populate fields with model data', async function (assert) {
|
|
this.model.name = 'foo';
|
|
const [method] = (await this.store.query('mfa-method', {})).toArray();
|
|
this.model.mfa_methods.addObject(method);
|
|
this.model.auth_method_accessors.addObject('auth_userpass_1234');
|
|
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@onClose={{fn (mut this.didClose)}}
|
|
@onSave={{fn (mut this.didSave) true}}
|
|
/>
|
|
`);
|
|
|
|
assert.dom('[data-test-mlef-input="name"]').hasValue('foo', 'Name input is populated');
|
|
assert.dom('.search-select-list-item').includesText('TOTP', 'MFA method type renders in selected option');
|
|
assert
|
|
.dom('.search-select-list-item small')
|
|
.hasText('123456', 'MFA method id renders in selected option');
|
|
assert
|
|
.dom('[data-test-row-label="Authentication mount"]')
|
|
.hasText('Authentication mount', 'Selected target type renders');
|
|
assert
|
|
.dom('[data-test-value-div="Authentication mount"]')
|
|
.hasText('auth_userpass_1234', 'Selected target value renders');
|
|
|
|
await click('[data-test-mlef-remove-target]');
|
|
await click('[data-test-mlef-save]');
|
|
assert
|
|
.dom('[data-test-inline-error-message]')
|
|
.includesText('At least one target is required', 'Target is removed');
|
|
assert.notOk(this.model.auth_method_accessors.length, 'Target is removed from appropriate model prop');
|
|
|
|
await fillIn('[data-test-mlef-select="accessor"] select', 'auth_userpass_1234');
|
|
await click('[data-test-mlef-add-target]');
|
|
await click('[data-test-selected-list-button="delete"]');
|
|
await click('[data-test-mlef-save]');
|
|
assert
|
|
.dom('[data-test-inline-error-message]')
|
|
.hasText('At least one MFA method is required', 'Target is removed');
|
|
});
|
|
|
|
test('it should add and remove targets', async function (assert) {
|
|
assert.expect();
|
|
|
|
this.server.get('/identity/entity/id', () => ({
|
|
data: {
|
|
key_info: { 1234: { name: 'foo entity' } },
|
|
keys: ['1234'],
|
|
},
|
|
}));
|
|
this.server.get('/identity/group/id', () => ({
|
|
data: {
|
|
key_info: { 1234: { name: 'bar group' } },
|
|
keys: ['1234'],
|
|
},
|
|
}));
|
|
this.model.auth_method_accessors.addObject('auth_userpass_1234');
|
|
this.model.auth_method_types.addObject('userpass');
|
|
const [entity] = (await this.store.query('identity/entity', {})).toArray();
|
|
this.model.identity_entities.addObject(entity);
|
|
const [group] = (await this.store.query('identity/group', {})).toArray();
|
|
this.model.identity_groups.addObject(group);
|
|
|
|
await render(hbs`
|
|
<MfaLoginEnforcementForm
|
|
@model={{this.model}}
|
|
@onClose={{fn (mut this.didClose)}}
|
|
@onSave={{fn (mut this.didSave) true}}
|
|
/>
|
|
`);
|
|
|
|
const targets = [
|
|
{
|
|
label: 'Authentication mount',
|
|
value: 'auth_userpass_1234',
|
|
key: 'auth_method_accessors',
|
|
type: 'accessor',
|
|
},
|
|
{ label: 'Authentication method', value: 'userpass', key: 'auth_method_types', type: 'method' },
|
|
{ label: 'Group', value: 'bar group 1234', key: 'identity_groups', type: 'identity/group' },
|
|
{ label: 'Entity', value: 'foo entity 1234', key: 'identity_entities', type: 'identity/entity' },
|
|
];
|
|
|
|
for (const [index, target] of targets.entries()) {
|
|
// target populated from model
|
|
assert
|
|
.dom(`[data-test-row-label="${target.label}"]`)
|
|
.hasText(target.label, `${target.label} target populated with correct type label`);
|
|
assert
|
|
.dom(`[data-test-value-div="${target.label}"]`)
|
|
.hasText(target.value, `${target.label} target populated with correct value`);
|
|
// remove target
|
|
await click(`[data-test-mlef-remove-target="${target.label}"]`);
|
|
assert
|
|
.dom('[data-test-mlef-target]')
|
|
.exists({ count: targets.length - (index + 1) }, `${target.label} target removed`);
|
|
assert.notOk(this.model[target.key].length, `${target.label} removed from correct model prop`);
|
|
}
|
|
// add targets
|
|
for (const target of targets) {
|
|
await fillIn('[data-test-mlef-select="target-type"] select', target.type);
|
|
if (['Group', 'Entity'].includes(target.label)) {
|
|
await click(`[data-test-mlef-search="${target.type}"] .ember-basic-dropdown-trigger`);
|
|
await click('.ember-power-select-option');
|
|
} else {
|
|
const key = target.label === 'Authentication method' ? 'auth-method' : 'accessor';
|
|
const value = target.label === 'Authentication method' ? 'userpass' : 'auth_userpass_1234';
|
|
await fillIn(`[data-test-mlef-select="${key}"] select`, value);
|
|
}
|
|
await click('[data-test-mlef-add-target]');
|
|
assert.ok(this.model[target.key].length, `${target.label} added to correct model prop`);
|
|
}
|
|
assert.dom('[data-test-mlef-target]').exists({ count: 4 }, 'All targets were added back');
|
|
});
|
|
});
|