mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-11-01 19:17:58 +00:00
d4766766f2
* runs ember-cli-update to 4.4.0 * updates yarn.lock * updates dependencies causing runtime errors (#17135) * Inject Store Service When Accessed Implicitly (#17345) * adds codemod for injecting store service * adds custom babylon parser with decorators-legacy plugin for jscodeshift transforms * updates inject-store-service codemod to only look for .extend object expressions and adds recast options * runs inject-store-service codemod on js files * replace query-params helper with hash (#17404) * Updates/removes dependencies throwing errors in Ember 4.4 (#17396) * updates ember-responsive to latest * updates ember-composable-helpers to latest and uses includes helper since contains was removed * updates ember-concurrency to latest * updates ember-cli-clipboard to latest * temporary workaround for toolbar-link component throwing errors for using params arg with LinkTo * adds missing store injection to auth configure route * fixes issue with string-list component throwing error for accessing prop in same computation * fixes non-iterable query params issue in mfa methods controller * refactors field-to-attrs to handle belongsTo rather than fragments * converts mount-config fragment to belongsTo on auth-method model * removes ember-api-actions and adds tune method to auth-method adapter * converts cluster replication attributes from fragment to relationship * updates ember-data, removes ember-data-fragments and updates yarn to latest * removes fragments from secret-engine model * removes fragment from test-form-model * removes commented out code * minor change to inject-store-service codemod and runs again on js files * Remove LinkTo positional params (#17421) * updates ember-cli-page-object to latest version * update toolbar-link to support link-to args and not positional params * adds replace arg to toolbar-link component * Clean up js lint errors (#17426) * replaces assert.equal to assert.strictEqual * update eslint no-console to error and disables invididual intended uses of console * cleans up hbs lint warnings (#17432) * Upgrade bug and test fixes (#17500) * updates inject-service codemod to take arg for service name and runs for flashMessages service * fixes hbs lint error after merging main * fixes flash messages * updates more deps * bug fixes * test fixes * updates ember-cli-content-security-policy and prevents default form submission throwing errors * more bug and test fixes * removes commented out code * fixes issue with code-mirror modifier sending change event on setup causing same computation error * Upgrade Clean Up (#17543) * updates deprecation workflow and filter * cleans up build errors, removes unused ivy-codemirror and sass and updates ember-cli-sass and node-sass to latest * fixes control groups test that was skipped after upgrade * updates control group service tests * addresses review feedback * updates control group service handleError method to use router.currentURL rather that transition.intent.url * adds changelog entry
110 lines
3.6 KiB
JavaScript
110 lines
3.6 KiB
JavaScript
import Model, { attr, hasMany } from '@ember-data/model';
|
|
import ArrayProxy from '@ember/array/proxy';
|
|
import PromiseProxyMixin from '@ember/object/promise-proxy-mixin';
|
|
import { methods } from 'vault/helpers/mountable-auth-methods';
|
|
import { withModelValidations } from 'vault/decorators/model-validations';
|
|
import { isPresent } from '@ember/utils';
|
|
import { inject as service } from '@ember/service';
|
|
|
|
const validations = {
|
|
name: [{ type: 'presence', message: 'Name is required' }],
|
|
mfa_methods: [{ type: 'presence', message: 'At least one MFA method is required' }],
|
|
targets: [
|
|
{
|
|
validator(model) {
|
|
// avoid async fetch of records here and access relationship ids to check for presence
|
|
const entityIds = model.hasMany('identity_entities').ids();
|
|
const groupIds = model.hasMany('identity_groups').ids();
|
|
return (
|
|
isPresent(model.auth_method_accessors) ||
|
|
isPresent(model.auth_method_types) ||
|
|
isPresent(entityIds) ||
|
|
isPresent(groupIds)
|
|
);
|
|
},
|
|
message:
|
|
"At least one target is required. If you've selected one, click 'Add' to make sure it's added to this enforcement.",
|
|
},
|
|
],
|
|
};
|
|
|
|
@withModelValidations(validations)
|
|
export default class MfaLoginEnforcementModel extends Model {
|
|
@service store;
|
|
@attr('string') name;
|
|
@hasMany('mfa-method') mfa_methods;
|
|
@attr('string') namespace_id;
|
|
@attr('array', { defaultValue: () => [] }) auth_method_accessors; // ["auth_approle_17a552c6"]
|
|
@attr('array', { defaultValue: () => [] }) auth_method_types; // ["userpass"]
|
|
@hasMany('identity/entity') identity_entities;
|
|
@hasMany('identity/group') identity_groups;
|
|
|
|
get targets() {
|
|
return ArrayProxy.extend(PromiseProxyMixin).create({
|
|
promise: this.prepareTargets(),
|
|
});
|
|
}
|
|
|
|
async prepareTargets() {
|
|
let authMethods;
|
|
const targets = [];
|
|
|
|
if (this.auth_method_accessors.length || this.auth_method_types.length) {
|
|
// fetch all auth methods and lookup by accessor to get mount path and type
|
|
try {
|
|
const { data } = await this.store.adapterFor('auth-method').findAll();
|
|
authMethods = Object.keys(data).map((key) => ({ path: key, ...data[key] }));
|
|
} catch (error) {
|
|
// swallow this error
|
|
}
|
|
}
|
|
|
|
if (this.auth_method_accessors.length) {
|
|
const selectedAuthMethods = authMethods.filter((model) => {
|
|
return this.auth_method_accessors.includes(model.accessor);
|
|
});
|
|
targets.addObjects(
|
|
selectedAuthMethods.map((method) => ({
|
|
icon: this.iconForMount(method.type),
|
|
link: 'vault.cluster.access.method',
|
|
linkModels: [method.path.slice(0, -1)],
|
|
title: method.path,
|
|
subTitle: method.accessor,
|
|
}))
|
|
);
|
|
}
|
|
|
|
this.auth_method_types.forEach((type) => {
|
|
const icon = this.iconForMount(type);
|
|
const mountCount = authMethods.filterBy('type', type).length;
|
|
targets.addObject({
|
|
key: 'auth_method_types',
|
|
icon,
|
|
title: type,
|
|
subTitle: `All ${type} mounts (${mountCount})`,
|
|
});
|
|
});
|
|
|
|
for (const key of ['identity_entities', 'identity_groups']) {
|
|
(await this[key]).forEach((model) => {
|
|
targets.addObject({
|
|
key,
|
|
icon: 'user',
|
|
link: 'vault.cluster.access.identity.show',
|
|
linkModels: [key.split('_')[1], model.id, 'details'],
|
|
title: model.name,
|
|
subTitle: model.id,
|
|
});
|
|
});
|
|
}
|
|
|
|
return targets;
|
|
}
|
|
|
|
iconForMount(type) {
|
|
const mountableMethods = methods();
|
|
const mount = mountableMethods.findBy('type', type);
|
|
return mount ? mount.glyph || mount.type : 'token';
|
|
}
|
|
}
|