Commit Graph

11 Commits (d295d976ce31bb0a7cbeb96aa99408148b3754f2)

Author SHA1 Message Date
John Cowen f21b17a1f2 UI: Improved Login/Logout flow inc SSO support (#7790)
* 6 new components for new login/logout flow, plus SSO support

UI Components:

1. AuthDialog: Wraps/orchestrates AuthForm and AuthProfile
2. AuthForm: Authorization form shown when logged out.
3. AuthProfile: Simple presentational component to show the users
'Profile'
4. OidcSelect: A 'select' component for selecting an OIDC provider,
dynamically uses either a single select menu or multiple buttons
depending on the amount of providers

Data Components:

1. JwtSource: Given an OIDC provider URL this component will request a
token from the provider and fire an donchange event when it has been
retrieved. Used by TokenSource.
2. TokenSource: Given a oidc provider name or a Consul SecretID,
TokenSource will use whichever method/API requests required to retrieve
Consul ACL Token, which is emitted to the onchange event handler.

Very basic README documentation included here, which is likely to be
refined somewhat.

* CSS required for new auth/SSO UI components

* Remaining app code required to tie the new auth/SSO work together

* CSS code required to help tie the auth/SSO work together

* Test code in order to get current tests passing with new auth/SSO flow

..plus extremely basics/skipped rendering tests for the new components

* Treat the secret received from the server as the truth

Previously we've always treated what the user typed as the truth, this
breaks down when using SSO as the user doesn't type anything to retrieve
a token. Therefore we change this so that we use the secret in the API
response as the truth.

* Make sure removing an dom tree from a buffer only removes its own tree
2020-05-12 17:14:51 +00:00
John Cowen 7f3b9d04ba ui: Use DataSources in ACLs area (#7681)
* ui: Use Datasource for loading related data in ACLs area

* ui: Use more manual cleanup for Controller event-sources

* Update reconcile to use nspace and add SyncTime to role/policy

* Use the correct value for nspace and dc (the one from the item itself)

* Remove the // check, we no longer need it. Add some TODO
2020-05-12 17:14:29 +00:00
John Cowen eb35d89893
ui: Run 2 separate test runs oss and ent (#7214)
* ui: Make API integration tests aware of CONSUL_NSPACES_ENABLED

* ui: Allow passing CONSUL_NSPACES_ENABLED in via the cli in ember

* ui: Add more makefile targets/package scripts to switch NSPACEs on/off

* ui: Ensure all acceptance tests continue to pass with NSPACEs on/off

This required a little tweaking of the dictionary, at some point
page-navigation and some of these little tweaks will no longer be
required

* ui: Try running CI frontend tests in two parellel runs oss/ent

* ui: Use correct make target, use different names for the reports
2020-02-07 11:02:53 +00:00
John Cowen 1ff8678df7
ui: Remove the Policy/Service Identity selector from nspaces (#7124)
When editing Nspaces, although you can assign policies to a nspace using
PolicyDefaults you cannot assign a Service Identity to a policy like you
can when adding a policy to a token.

This commit adds an extra attribute to our policy-form/policy-selector
component so you can disable this setting. At a later date we may change
this to have a conficgurable `<Slot />` instead.

Simple acceptance tests is included here
2020-01-28 09:39:09 +00:00
John Cowen 327aac9fe9
ui: Acceptance test improvements to prepare for more NS tests (#6980)
* ui: Acceptance test improvements to prepare for more NS tests

* ui: Namespace acceptance testing (#7005)

* Update api-double and consul-api-double for http.body

* Adds places where we missed passing the nspace through

* Hardcode nspace CRUD to use the default nspace for policies and roles

* Alter test helpers to allow us to control nspaces from the outside

* Amends to allow tests to account for namespace, move ns from queryParam

1. We decided to move how we pass the namespace value through to the
backend when performing write actions (create, update). Previoulsy we
were using the queryParam although using the post body is the preferred
method to send the Namespace details through to the backend.
2. Other various amends to take into account testing across multiple
namespaced scenarios

* Enable nspace testing by default

* Remove last few occurances of old style http assertions

We had informally 'deprecated' our old style of http assertions that
relied on the order of http calls (even though that order was not
important for the assertion). Following on from our namespace work we
removed the majority of the old occrances of these old style assertions.

This commit removes the remaining few, and also then cleans up the
assertions/http.js file to only include the ones we are using.

This reduces our available step count further and prevents any confusion
over the usage of the old types and the new types.

* ui: Namespace CRUD acceptance tests (#7016)

* Upgrade consul-api-double

* Add all the things required for testing:

1. edit and index page objects
2. enable CONSUL_NSPACE_COUNT cookie setting
3. enable mutating HTTP response bodies based on URL

* Add acceptance test for nspace edit/delete/list and searching
2020-01-24 12:26:28 +00:00
John Cowen 7044aa52c8 ui: Namespace Support (#6639)
Adds namespace support to the UI:

1. Namespace CRUD/management
2. Show Namespace in relevant areas (intentions, upstreams)
3. Main navigation bar improvements
4. Logic/integration to interact with a new `internal/acl/authorize` endpoint
2019-12-18 12:26:47 +00:00
John Cowen 174fcb557f
UI: Test readonly ServiceIdentity rules (#5865) 2019-06-04 17:55:10 +01:00
John Cowen 9013e53ebc
ui: Ensures nested policy forms are reset properly (#5838)
1. All {{ivy-codemirror}} components need 'refreshing' when they become
visible via our own `didAppear` method on the `{{code-editor}}`
component

(also see:)
- https://github.com/hashicorp/consul/pull/4190#discussion_r193270223
- 73db111db8 (r225264296)

2. On initial investigation, it looks like the component we are using
for the code editor doesn't distinguish between setting its `value`
programatically and a `keyup` event, i.e. an interaction from the user.
We currently pretend that whenever its `value` changes, it is a `keyup`
event. This means that when we reset the `value` to `""`
programmatically for form resetting purposes, a 'pretend keyup' event
would also be fired, which would in turn kick off the validation, which
would fail and show an error message for empty values in other fields of
the form - something that is perfectly valid if you haven't typed
anything yet. We solved this by checking for `isPristine` on fields that
are allowed to be empty before you have typed anything.
2019-06-04 15:57:35 +01:00
John Cowen 75e221d256
ui: ACL Policies. Catch all server errors (#5836)
Always show any server errors under Rules, not just invalid HCL
2019-06-04 15:53:10 +01:00
John Cowen 77ebad1b5e
ui: Make the Rules readonly when creating ServiceIdentities (#5784)
Skipped test added for nagging for the moment
2019-05-07 14:09:23 +01:00
John Cowen 482426b13e UI: ACL Roles (#5635)
Adds support for ACL Roles and Service Identities CRUD, along with necessary changes to Tokens, and the CSS improvements required.

Also includes refinements/improvements for easier testing of deeply nested components.

1. ember-data adapter/serializer/model triplet for Roles
2. repository, form/validations and searching filter for Roles
3. Moves potentially, repeated, or soon to to repeated functionality
into a mixin (mainly for 'many policy' relationships)
4. A few styling tweaks for little edge cases around roles
5. Router additions, Route, Controller and templates for Roles

Also see: 

* UI: ACL Roles cont. plus Service Identities (#5661 and #5720)
2019-05-01 18:22:37 +00:00