mirror of
https://github.com/status-im/consul.git
synced 2025-01-21 11:09:13 +00:00
6d7a95f82d
* ui: Adds model layer required for SSO 1. oidc-provider ember-data triplet plus repo, plus addition of torii addon 2. Make blocking queries support a Cache-Control: no-cache header 3. Tweaks to the token model layer in preparation for SSO work * Fix up meta related Cache-Control tests * Add tests adapter tests for URL shapes * Reset Cache-Control to the original value, return something from logout
162 lines
5.0 KiB
JavaScript
162 lines
5.0 KiB
JavaScript
import Adapter from './application';
|
|
import { inject as service } from '@ember/service';
|
|
|
|
import { SLUG_KEY } from 'consul-ui/models/token';
|
|
import { FOREIGN_KEY as DATACENTER_KEY } from 'consul-ui/models/dc';
|
|
import { NSPACE_KEY } from 'consul-ui/models/nspace';
|
|
|
|
import { env } from 'consul-ui/env';
|
|
import nonEmptySet from 'consul-ui/utils/non-empty-set';
|
|
|
|
let Namespace;
|
|
if (env('CONSUL_NSPACES_ENABLED')) {
|
|
Namespace = nonEmptySet('Namespace');
|
|
} else {
|
|
Namespace = () => ({});
|
|
}
|
|
// TODO: Update to use this.formatDatacenter()
|
|
export default Adapter.extend({
|
|
store: service('store'),
|
|
|
|
requestForQuery: function(request, { dc, ns, index, role, policy }) {
|
|
return request`
|
|
GET /v1/acl/tokens?${{ role, policy, dc }}
|
|
|
|
${{
|
|
...this.formatNspace(ns),
|
|
index,
|
|
}}
|
|
`;
|
|
},
|
|
requestForQueryRecord: function(request, { dc, ns, index, id }) {
|
|
if (typeof id === 'undefined') {
|
|
throw new Error('You must specify an id');
|
|
}
|
|
return request`
|
|
GET /v1/acl/token/${id}?${{ dc }}
|
|
|
|
${{
|
|
...this.formatNspace(ns),
|
|
index,
|
|
}}
|
|
`;
|
|
},
|
|
requestForCreateRecord: function(request, serialized, data) {
|
|
const params = {
|
|
...this.formatDatacenter(data[DATACENTER_KEY]),
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token?${params}
|
|
|
|
${{
|
|
Description: serialized.Description,
|
|
Policies: serialized.Policies,
|
|
Roles: serialized.Roles,
|
|
ServiceIdentities: serialized.ServiceIdentities,
|
|
Local: serialized.Local,
|
|
...Namespace(serialized.Namespace),
|
|
}}
|
|
`;
|
|
},
|
|
requestForUpdateRecord: function(request, serialized, data) {
|
|
// TODO: here we check data['Rules'] not serialized['Rules']
|
|
// data.Rules is not undefined, and serialized.Rules is not null
|
|
// revisit this at some point we should probably use serialized here
|
|
|
|
// If a token has Rules, use the old API
|
|
if (typeof data['Rules'] !== 'undefined') {
|
|
// https://www.consul.io/api/acl/legacy.html#update-acl-token
|
|
// as we are using the old API we don't need to specify a nspace
|
|
return request`
|
|
PUT /v1/acl/update?${this.formatDatacenter(data[DATACENTER_KEY])}
|
|
|
|
${serialized}
|
|
`;
|
|
}
|
|
const params = {
|
|
...this.formatDatacenter(data[DATACENTER_KEY]),
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token/${data[SLUG_KEY]}?${params}
|
|
|
|
${{
|
|
Description: serialized.Description,
|
|
Policies: serialized.Policies,
|
|
Roles: serialized.Roles,
|
|
ServiceIdentities: serialized.ServiceIdentities,
|
|
Local: serialized.Local,
|
|
...Namespace(serialized.Namespace),
|
|
}}
|
|
`;
|
|
},
|
|
requestForDeleteRecord: function(request, serialized, data) {
|
|
const params = {
|
|
...this.formatDatacenter(data[DATACENTER_KEY]),
|
|
...this.formatNspace(data[NSPACE_KEY]),
|
|
};
|
|
return request`
|
|
DELETE /v1/acl/token/${data[SLUG_KEY]}?${params}
|
|
`;
|
|
},
|
|
requestForSelf: function(request, serialized, { dc, index, secret }) {
|
|
// TODO: Change here and elsewhere to use Authorization Bearer Token
|
|
// https://github.com/hashicorp/consul/pull/4502
|
|
return request`
|
|
GET /v1/acl/token/self?${{ dc }}
|
|
X-Consul-Token: ${secret}
|
|
Cache-Control: no-store
|
|
|
|
${{ index }}
|
|
`;
|
|
},
|
|
requestForCloneRecord: function(request, serialized, data) {
|
|
// this uses snapshots
|
|
const id = data[SLUG_KEY];
|
|
if (typeof id === 'undefined') {
|
|
throw new Error('You must specify an id');
|
|
}
|
|
const params = {
|
|
...this.formatDatacenter(data[DATACENTER_KEY]),
|
|
...this.formatNspace(data[NSPACE_KEY]),
|
|
};
|
|
return request`
|
|
PUT /v1/acl/token/${id}/clone?${params}
|
|
`;
|
|
},
|
|
// TODO: self doesn't get passed a snapshot right now
|
|
// ideally it would just for consistency
|
|
// thing is its probably not the same shape as a 'Token',
|
|
// plus we can't create Snapshots as they are private, see services/store.js
|
|
self: function(store, type, id, unserialized) {
|
|
return this.request(
|
|
function(adapter, request, serialized, data) {
|
|
return adapter.requestForSelf(request, serialized, data);
|
|
},
|
|
function(serializer, respond, serialized, data) {
|
|
return serializer.respondForSelf(respond, serialized, data);
|
|
},
|
|
unserialized,
|
|
type.modelName
|
|
);
|
|
},
|
|
clone: function(store, type, id, snapshot) {
|
|
return this.request(
|
|
function(adapter, request, serialized, data) {
|
|
return adapter.requestForCloneRecord(request, serialized, data);
|
|
},
|
|
(serializer, respond, serialized, data) => {
|
|
// here we just have to pass through the dc (like when querying)
|
|
// eventually the id is created with this dc value and the id taken from the
|
|
// json response of `acls/token/*/clone`
|
|
const params = {
|
|
...this.formatDatacenter(data[DATACENTER_KEY]),
|
|
...this.formatNspace(data[NSPACE_KEY]),
|
|
};
|
|
return serializer.respondForQueryRecord(respond, params);
|
|
},
|
|
snapshot,
|
|
type.modelName
|
|
);
|
|
},
|
|
});
|