mirror of
https://github.com/status-im/consul.git
synced 2025-01-27 05:57:03 +00:00
5fb9df1640
* Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
175 lines
4.9 KiB
JavaScript
175 lines
4.9 KiB
JavaScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import Adapter from './application';
|
|
import { inject as service } from '@ember/service';
|
|
import { SLUG_KEY } from 'consul-ui/models/token';
|
|
|
|
export default class TokenAdapter extends Adapter {
|
|
@service('store') store;
|
|
|
|
requestForQuery(request, { dc, ns, partition, index, role, policy }) {
|
|
return request`
|
|
GET /v1/acl/tokens?${{ role, policy, dc }}
|
|
|
|
${{
|
|
ns,
|
|
partition,
|
|
index,
|
|
}}
|
|
`;
|
|
}
|
|
|
|
async requestForQueryRecord(request, { dc, ns, partition, index, id }) {
|
|
if (typeof id === 'undefined') {
|
|
throw new Error('You must specify an id');
|
|
}
|
|
const respond = await request`
|
|
GET /v1/acl/token/${id}?${{ dc }}
|
|
Cache-Control: no-store
|
|
|
|
${{
|
|
ns,
|
|
partition,
|
|
index,
|
|
}}
|
|
`;
|
|
respond((headers, body) => delete headers['x-consul-index']);
|
|
return respond;
|
|
}
|
|
|
|
requestForCreateRecord(request, serialized, data) {
|
|
const params = {
|
|
...this.formatDatacenter(data.Datacenter),
|
|
ns: data.Namespace,
|
|
partition: data.Partition,
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token?${params}
|
|
|
|
${{
|
|
Description: serialized.Description,
|
|
Policies: serialized.Policies,
|
|
Roles: serialized.Roles,
|
|
ServiceIdentities: serialized.ServiceIdentities,
|
|
NodeIdentities: serialized.NodeIdentities,
|
|
Local: serialized.Local,
|
|
}}
|
|
`;
|
|
}
|
|
|
|
requestForUpdateRecord(request, serialized, data) {
|
|
// TODO: here we check data['Rules'] not serialized['Rules'] data.Rules is
|
|
// not undefined, and serialized.Rules is not null revisit this at some
|
|
// point we should probably use serialized here
|
|
|
|
// If a token has Rules, use the old API
|
|
if (typeof data['Rules'] !== 'undefined') {
|
|
// https://www.consul.io/api/acl/legacy.html#update-acl-token
|
|
// as we are using the old API we don't need to specify a nspace
|
|
return request`
|
|
PUT /v1/acl/update?${this.formatDatacenter(data.Datacenter)}
|
|
|
|
${serialized}
|
|
`;
|
|
}
|
|
const params = {
|
|
...this.formatDatacenter(data.Datacenter),
|
|
ns: data.Namespace,
|
|
partition: data.Partition,
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token/${data[SLUG_KEY]}?${params}
|
|
|
|
${{
|
|
Description: serialized.Description,
|
|
AccessorID: serialized.AccessorID,
|
|
Policies: serialized.Policies,
|
|
Roles: serialized.Roles,
|
|
ServiceIdentities: serialized.ServiceIdentities,
|
|
NodeIdentities: serialized.NodeIdentities,
|
|
Local: serialized.Local,
|
|
}}
|
|
`;
|
|
}
|
|
|
|
requestForDeleteRecord(request, serialized, data) {
|
|
const params = {
|
|
dc: data.Datacenter,
|
|
ns: data.Namespace,
|
|
partition: data.Partition,
|
|
};
|
|
return request`
|
|
DELETE /v1/acl/token/${data[SLUG_KEY]}?${params}
|
|
`;
|
|
}
|
|
|
|
requestForSelf(request, serialized, { dc, index, secret }) {
|
|
// TODO: Change here and elsewhere to use Authorization Bearer Token
|
|
// https://github.com/hashicorp/consul/pull/4502
|
|
return request`
|
|
GET /v1/acl/token/self?${{ dc }}
|
|
X-Consul-Token: ${secret}
|
|
Cache-Control: no-store
|
|
|
|
${{ index }}
|
|
`;
|
|
}
|
|
|
|
requestForCloneRecord(request, serialized, data) {
|
|
// this uses snapshots
|
|
const id = data[SLUG_KEY];
|
|
if (typeof id === 'undefined') {
|
|
throw new Error('You must specify an id');
|
|
}
|
|
const params = {
|
|
dc: data.Datacenter,
|
|
ns: data.Namespace,
|
|
partition: data.Partition,
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token/${id}/clone?${params}
|
|
`;
|
|
}
|
|
|
|
// TODO: self doesn't get passed a snapshot right now ideally it would just
|
|
// for consistency thing is its probably not the same shape as a
|
|
// 'Token', plus we can't create Snapshots as they are private, see
|
|
// services/store.js
|
|
self(store, type, id, unserialized) {
|
|
return this.rpc(
|
|
function (adapter, request, serialized, data) {
|
|
return adapter.requestForSelf(request, serialized, data);
|
|
},
|
|
function (serializer, respond, serialized, data) {
|
|
return serializer.respondForSelf(respond, serialized, data);
|
|
},
|
|
unserialized,
|
|
type.modelName
|
|
);
|
|
}
|
|
|
|
clone(store, type, id, snapshot) {
|
|
return this.rpc(
|
|
function (adapter, request, serialized, data) {
|
|
return adapter.requestForCloneRecord(request, serialized, data);
|
|
},
|
|
(serializer, respond, serialized, data) => {
|
|
// here we just have to pass through the dc (like when querying)
|
|
// eventually the id is created with this dc value and the id taken from the
|
|
// json response of `acls/token/*/clone`
|
|
const params = {
|
|
dc: data.Datacenter,
|
|
ns: data.Namespace,
|
|
partition: data.Partition,
|
|
};
|
|
return serializer.respondForQueryRecord(respond, params);
|
|
},
|
|
snapshot,
|
|
type.modelName
|
|
);
|
|
}
|
|
}
|