ui: Support for Node Identities

ui-v2/app/adapters/role.js

@@ -50,6 +50,7 @@ export default Adapter.extend({
         Description: serialized.Description,
         Policies: serialized.Policies,
         ServiceIdentities: serialized.ServiceIdentities,
+        NodeIdentities: serialized.NodeIdentities,
         ...Namespace(serialized.Namespace),
       }}
     `;
@@ -66,6 +67,7 @@ export default Adapter.extend({
         Description: serialized.Description,
         Policies: serialized.Policies,
         ServiceIdentities: serialized.ServiceIdentities,
+        NodeIdentities: serialized.NodeIdentities,
         ...Namespace(serialized.Namespace),
       }}
     `;

ui-v2/app/adapters/token.js

@@ -53,6 +53,7 @@ export default Adapter.extend({
         Policies: serialized.Policies,
         Roles: serialized.Roles,
         ServiceIdentities: serialized.ServiceIdentities,
+        NodeIdentities: serialized.NodeIdentities,
         Local: serialized.Local,
         ...Namespace(serialized.Namespace),
       }}
@@ -84,6 +85,7 @@ export default Adapter.extend({
         Policies: serialized.Policies,
         Roles: serialized.Roles,
         ServiceIdentities: serialized.ServiceIdentities,
+        NodeIdentities: serialized.NodeIdentities,
         Local: serialized.Local,
         ...Namespace(serialized.Namespace),
       }}

ui-v2/app/components/consul-intention-form/index.hbs

@@ -3,7 +3,7 @@
     <div role="group">
       <fieldset>
         <h2>Source</h2>
-        <label data-test-source-element class="type-text{{if _item.error.SourceName ' has-error'}}">
+        <label data-test-source-element class="type-select{{if _item.error.SourceName ' has-error'}}">
           <span>Source Service</span>
           <PowerSelectWithCreate
               @options={{_services}}
@@ -23,7 +23,7 @@
           <em>Search for an existing service, or enter any Service name.</em>
         </label>
   {{#if (env 'CONSUL_NSPACES_ENABLED')}}
-        <label data-test-source-nspace class="type-text{{if _item.error.SourceNS ' has-error'}}">
+        <label data-test-source-nspace class="type-select{{if _item.error.SourceNS ' has-error'}}">
           <span>Source Namespace</span>
           <PowerSelectWithCreate
               @options={{_nspaces}}
@@ -46,7 +46,7 @@
       </fieldset>
       <fieldset>
         <h2>Destination</h2>
-        <label data-test-destination-element class="type-text{{if _item.error.DestinationName ' has-error'}}">
+        <label data-test-destination-element class="type-select{{if _item.error.DestinationName ' has-error'}}">
           <span>Destination Service</span>
           <PowerSelectWithCreate
               @options={{_services}}
@@ -66,7 +66,7 @@
           <em>Search for an existing service, or enter any Service name.</em>
         </label>
   {{#if (env 'CONSUL_NSPACES_ENABLED')}}
-        <label data-test-destination-nspace class="type-text{{if _item.error.DestinationNS ' has-error'}}">
+        <label data-test-destination-nspace class="type-select{{if _item.error.DestinationNS ' has-error'}}">
           <span>Destination Namespace</span>
           <PowerSelectWithCreate
               @options={{_nspaces}}

ui-v2/app/components/consul-token-list/index.hbs

@@ -10,7 +10,7 @@
           </dd>
         </dl>
 {{/if}}
-<a href={{href-to 'dc.acls.tokens.edit' item.AccessorID}}>{{substr item.AccessorID -8}}</a>
+        <a href={{href-to 'dc.acls.tokens.edit' item.AccessorID}}>{{substr item.AccessorID -8}}</a>
     </BlockSlot>
     <BlockSlot @name="details">
         <dl>
@@ -23,7 +23,9 @@
   {{#let (get policies 'management') as |management|}}
     {{#if (gt management.length 0)}}
         <dl>
-          <dt>Management</dt>
+          <dt>
+            Management
+          </dt>
           <dd>
               {{#each (get policies 'management') as |item|}}
                 <span data-test-policy class={{policy/typeof item}}>{{item.Name}}</span>
@@ -32,26 +34,34 @@
         </dl>
     {{/if}}
   {{/let}}
+  {{#let (get policies 'identities') as |identities|}}
+    {{#if (gt identities.length 0)}}
         <dl>
           <dt>Identities</dt>
           <dd>
-              {{#each (append (get policies 'identities')) as |item|}}
-                <span data-test-policy class={{policy/typeof item}}>Service Identity: {{item.Name}}</span>
+              {{#each identities as |item|}}
+                <span data-test-policy class={{policy/typeof item}}>{{if (eq item.template 'service-identity') 'Service' 'Node'}} Identity: {{item.Name}}</span>
               {{/each}}
           </dd>
         </dl>
+    {{/if}}
+  {{/let}}
+  {{#let (append (get policies 'policies') item.Roles) as |policies|}}
+    {{#if (gt policies.length 0)}}
         <dl>
           <dt>Rules</dt>
           <dd>
             {{#if (token/is-legacy item) }}
               Legacy tokens have embedded rules.
             {{ else }}
-              {{#each (append (get policies 'policies') item.Roles) as |item|}}
+              {{#each policies as |item|}}
                 <span data-test-policy class={{policy/typeof item}}>{{item.Name}}</span>
               {{/each}}
             {{/if}}
           </dd>
         </dl>
+    {{/if}}
+  {{/let}}
 {{/let}}
         <dl>
           <dt>Description</dt>

ui-v2/app/components/node-identity/index.hbs

@@ -0,0 +1,6 @@
+node "{{name}}" {
+	policy = "write"
+}
+service_prefix "" {
+	policy = "read"
+}

ui-v2/app/components/node-identity/index.js

@@ -0,0 +1,5 @@
+import Component from '@ember/component';
+
+export default Component.extend({
+  tagName: '',
+});

ui-v2/app/components/policy-form/index.hbs

@@ -3,11 +3,11 @@
   {{#yield-slot name='template'}}
   {{else}}
     <header>
-      Policy{{if allowServiceIdentity ' or service identity?' ''}}
+      Policy{{if allowIdentity ' or identity?' ''}}
     </header>
-  {{#if allowServiceIdentity}}
+  {{#if allowIdentity}}
     <p>
-      A Service Identity is default policy with a configurable service name. This saves you some time and effort you're using Consul for Connect features.
+      Identities are default policies with configurable names. They save you some time and effort you're using Consul for Connect features.
     </p>
     {{! this should use radio-group }}
     <div role="radiogroup" class={{if item.error.Type ' has-error'}}>
@@ -34,28 +34,50 @@
     </label>
     <label class="type-text" data-test-rules>
         <span>Rules <a href="{{env 'CONSUL_DOCS_URL'}}/guides/acl.html#rule-specification" rel="help noopener noreferrer" target="_blank">(HCL Format)</a></span>
-{{#if (eq item.template '') }}
+{{#if (eq item.template 'service-identity')}}
+        <CodeEditor @readonly={{true}} @name={{concat name "[Rules]"}} @syntax="hcl" @oninput={{action "change" (concat name "[Rules]")}}>
+          {{~component 'service-identity' name=item.Name~}}
+        </CodeEditor>
+{{else if (eq item.template 'node-identity')}}
+        <CodeEditor @readonly={{true}} @name={{concat name "[Rules]"}} @syntax="hcl" @oninput={{action "change" (concat name "[Rules]")}}>
+          {{~component 'node-identity' name=item.Name~}}
+        </CodeEditor>
+{{else}}
         <CodeEditor @syntax="hcl" @class={{if item.error.Rules "error"}} @name={{concat name "[Rules]"}} @value={{item.Rules}} @onkeyup={{action "change" (concat name "[Rules]")}} />
         {{#if item.error.Rules}}
           <strong>{{item.error.Rules.validation}}</strong>
         {{/if}}
-{{else}}
-        <CodeEditor @readonly={{true}} @name={{concat name "[Rules]"}} @syntax="hcl" @oninput={{action "change" (concat name "[Rules]")}}>
-          {{~component 'service-identity' name=item.Name~}}
-        </CodeEditor>
 {{/if}}
     </label>
+{{#if (eq item.template 'node-identity')}}
+
+    <DataSource @src="/*/*/datacenters"
+      @onchange={{action (mut datacenters) value="data"}}
+    />
+    <label class="type-select" data-test-datacenter>
+      <span>Datacenter</span>
+      <PowerSelect
+          @options={{map-by 'Name' datacenters}}
+          @searchField="Name"
+          @selected={{or item.Datacenter dc}}
+          @searchPlaceholder="Type a datacenter name"
+          @onChange={{action "change" "Datacenter"}} as |Name|>
+            {{Name}}
+      </PowerSelect>
+    </label>
+{{else}}
     <div class="type-toggle">
       <span>Valid datacenters</span>
       <label>
         <input type="checkbox" name="{{name}}[isScoped]" checked={{if (not isScoped) 'checked' }} onchange={{action 'change'}} />
         <span>All</span>
       </label>
     </div>
-{{#if isScoped }}
+  {{#if isScoped }}
     <DataSource @src="/*/*/datacenters"
       @onchange={{action (mut datacenters) value="data"}}
     />
+
     <div class="checkbox-group" role="group">
       {{#each datacenters as |dc| }}
         <label class="type-checkbox">
@@ -72,6 +94,9 @@
 {{/if}}
       {{/each}}
     </div>
+
+
+  {{/if}}
 {{/if}}
 {{#if (eq item.template '') }}
   <label class="type-text">

ui-v2/app/components/policy-form/index.js

@@ -4,7 +4,7 @@ import { get, set } from '@ember/object';
 export default FormComponent.extend({
   type: 'policy',
   name: 'policy',
-  allowServiceIdentity: true,
+  allowIdentity: true,
   classNames: ['policy-form'],
 
   isScoped: false,
@@ -20,6 +20,10 @@ export default FormComponent.extend({
         name: 'Service Identity',
         template: 'service-identity',
       },
+      {
+        name: 'Node Identity',
+        template: 'node-identity',
+      },
     ];
   },
   actions: {

ui-v2/app/components/policy-form/pageobject.js

@@ -8,7 +8,7 @@ export default (submitable, cancelable, radiogroup, text) => (
     prefix: 'policy',
     ...submitable(),
     ...cancelable(),
-    ...radiogroup('template', ['', 'service-identity'], 'policy'),
+    ...radiogroup('template', ['', 'service-identity', 'node-identity'], 'policy'),
     rules: {
       error: text('[data-test-rules] strong'),
     },

ui-v2/app/components/policy-selector/index.hbs

@@ -50,35 +50,48 @@
       <BlockSlot @name="row">
         <td class={{policy/typeof item}}>
 {{#if item.ID }}
-<a href={{href-to 'dc.acls.policies.edit' item.ID}}>{{item.Name}}</a>
+          <a href={{href-to 'dc.acls.policies.edit' item.ID}}>{{item.Name}}</a>
 {{else}}
           <a name={{item.Name}}>{{item.Name}}</a>
 {{/if}}
         </td>
       </BlockSlot>
       <BlockSlot @name="details">
-          {{#if (eq item.template '')}}
-            <DataSource
-              @src={{concat '/' item.Namespace '/' dc '/policy/' item.ID}}
-              @onchange={{action (mut loadedItem) value="data"}}
-              @loading="lazy"
-            />
-          {{/if}}
+{{#if (eq item.template '')}}
+        <DataSource
+          @src={{concat '/' item.Namespace '/' dc '/policy/' item.ID}}
+          @onchange={{action (mut loadedItem) value="data"}}
+          @loading="lazy"
+        />
+{{/if}}
+{{#if (eq item.template 'node-identity')}}
+          <dl>
+            <dt>Datacenter:</dt>
+            <dd>
+              {{item.Datacenter}}
+            </dd>
+          </dl>
+{{else}}
           <dl>
             <dt>Datacenters:</dt>
             <dd>
               {{join ', ' (policy/datacenters (or loadedItem item))}}
             </dd>
           </dl>
+{{/if}}
           <label class="type-text">
             <span>Rules <a href="{{env 'CONSUL_DOCS_URL'}}/guides/acl.html#rule-specification" rel="help noopener noreferrer" target="_blank">(HCL Format)</a></span>
-            {{#if (eq item.template '')}}
-              <CodeEditor @syntax="hcl" @readonly={{true}} @value={{or loadedItem.Rules item.Rules}} />
-            {{else}}
-              <CodeEditor @syntax="hcl" @readonly={{true}}>
-                {{~component 'service-identity' name=item.Name~}}
-              </CodeEditor>
-            {{/if}}
+{{#if (eq item.template 'service-identity')}}
+            <CodeEditor @syntax="hcl" @readonly={{true}}>
+              {{~component 'service-identity' name=item.Name~}}
+            </CodeEditor>
+{{else if (eq item.template 'node-identity')}}
+            <CodeEditor @syntax="hcl" @readonly={{true}}>
+              {{~component 'node-identity' name=item.Name~}}
+            </CodeEditor>
+{{else}}
+            <CodeEditor @syntax="hcl" @readonly={{true}} @value={{or loadedItem.Rules item.Rules}} />
+{{/if}}
           </label>
           <div>
             <ConfirmationDialog @message="Are you sure you want to remove this policy from this token?">

ui-v2/app/components/policy-selector/index.js

@@ -10,7 +10,7 @@ export default ChildSelectorComponent.extend({
   repo: service('repository/policy/component'),
   name: 'policy',
   type: 'policy',
-  allowServiceIdentity: true,
+  allowIdentity: true,
   classNames: ['policy-selector'],
   init: function() {
     this._super(...arguments);