2023-03-14 14:18:55 +01:00
|
|
|
/**
|
|
|
|
* Copyright (c) HashiCorp, Inc.
|
|
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
|
|
*/
|
|
|
|
|
2021-03-11 09:29:11 +00:00
|
|
|
import BaseAbility from './base';
|
|
|
|
import { inject as service } from '@ember/service';
|
|
|
|
|
2023-02-06 17:27:49 -06:00
|
|
|
import { isLegacy } from 'consul-ui/helpers/token/is-legacy';
|
2021-03-11 09:29:11 +00:00
|
|
|
import { isAnonymous } from 'consul-ui/helpers/token/is-anonymous';
|
|
|
|
|
|
|
|
export default class TokenAbility extends BaseAbility {
|
|
|
|
@service('env') env;
|
|
|
|
|
|
|
|
resource = 'acl';
|
|
|
|
segmented = false;
|
|
|
|
|
|
|
|
get canRead() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && super.canRead;
|
|
|
|
}
|
|
|
|
|
|
|
|
get canCreate() {
|
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && super.canCreate;
|
|
|
|
}
|
|
|
|
|
|
|
|
get canDelete() {
|
|
|
|
return (
|
|
|
|
this.env.var('CONSUL_ACLS_ENABLED') &&
|
|
|
|
!isAnonymous([this.item]) &&
|
|
|
|
this.item.AccessorID !== this.token.AccessorID &&
|
|
|
|
super.canDelete
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
get canDuplicate() {
|
2023-02-06 17:27:49 -06:00
|
|
|
return this.env.var('CONSUL_ACLS_ENABLED') && !isLegacy([this.item]) && super.canWrite;
|
2021-03-11 09:29:11 +00:00
|
|
|
}
|
|
|
|
}
|