Enable generated items for more auth methods#7513
Conversation
kalafut
left a comment
kalafut
left a comment
There was a problem hiding this comment.
The Go changes are fine except for a couple minor items and one odd err change that need review.
johncowen
left a comment
johncowen
left a comment
There was a problem hiding this comment.
Hey @noelledaley !
I did an initial code only pass here and there seems to be a lot going on! Most of the things I've noted are just style things for the moment at least. I'm thinking of firing vault up and taking a closer look at this a bit later on, will shout you offline.
John
There was a problem hiding this comment.
No biggie, but the style:
paths.paths.filter(path => path.navigation)
was used everywhere else. I think here I personally like the more explicit style (this made me double think when I saw the less explicit style up above), but I think the more important point is to maybe change this so the style is all the same, whichever one you prefer.
… no longer have action on list endpoint
…lt, change debugger to console.err in path-help, remove dynamic ui auth methods from tab count test
… into ui-generated-items
|
I've updated this PR to address all of the bugs I initially found. I removed the list of bugs and improvements and included them below for posterity. Should be good to go! Bugfixes
Improvements
|
|
When deleting an item from the show page, the flash message is incorrect - it says "undefined" instead of the item id. |
|
We might want design to give this a once over, I'm not sure about the delete button in the header and the create button in the toolbar having a |
meirish
left a comment
meirish
left a comment
There was a problem hiding this comment.
@noelledaley Mentioned a couple of small things, but the could easily be addressed later, so I'll let you make the call when to merge. 👍
… into ui-generated-items
joshuaogle
left a comment
joshuaogle
left a comment
There was a problem hiding this comment.
Looks great! This is going to be such a nice start for these auth methods
* master: (41 commits) changelog++ cli: fix json output for namespace list command (#7705) Update CHANGELOG.md Vault Agent Template (#7652) hostutil: disable host info collection on openbsd (#7699) Shamir seals now come in two varieties: legacy and new-style. (#7694) Update Title for AWS Marketplace (#7683) Bump go builder version Fix kv mod import and vendoring Fixing a typo with the sample payload (#7688) Update CHANGELOG.md Enable generated items for more auth methods (#7513) Update OIDC provider doc Update OIDC provider doc (#7693) Create .bundle and set group when running container (#7684) updates vendored api/client.go (#7692) Update circle config logical: remove unneeded error check in handleLogicalInternal (#7691) Update Go version Docs: add examples for when a seal rewrap is useful (#7689) ...
| HelpSynopsis: pathCertHelpSyn, | ||
| HelpDescription: pathCertHelpDesc, | ||
| DisplayAttrs: &framework.DisplayAttributes{ | ||
| Action: "Create", |
There was a problem hiding this comment.
this is what allows us dynamically generate the form for creating a "nested item" -- i.e., a certificate nested under the cert auth method.
| At least one must exist in the SANs. Supports globbing.`, | ||
| DisplayAttrs: &framework.DisplayAttributes{ | ||
| Name: "Allowed URI SANs", | ||
| Group: "Constraints", |
There was a problem hiding this comment.
the Group specifies which field group the field should belong to. for example:
| HelpSynopsis: pathCertHelpSyn, | ||
| HelpDescription: pathCertHelpDesc, | ||
| DisplayAttrs: &framework.DisplayAttributes{ | ||
| Navigation: true, |
There was a problem hiding this comment.
this boolean describes whether the item should have a tab in the navigation:
|
|
||
| // EditType is the type of form field needed for a property | ||
| // e.g. "textarea" or "file" | ||
| EditType string `json:"editType,omitempty"` |
There was a problem hiding this comment.
these are all of the available keys for the DisplayAttributes map, which tells the UI how to display the "thing" (i.e. certificate) or specific form field. see the full list here:
https://github.com/hashicorp/vault/blob/master/sdk/framework/path.go#L169-L196
| } | ||
| helpUrl = `/v1/${apiPath}${path.slice(1)}?help=true`; | ||
|
|
||
| helpUrl = `/v1/${apiPath}${path.slice(1)}?help=true` || newModel.proto().getHelpUrl(backend); |
There was a problem hiding this comment.
this is how we construct the URL for making the request to OpenAPI. if the ?help-true suffix ever changes for some reason you'll need to update it here.
6 participants
Enable OpenApi for more Auth Methods
This PR enables OpenApi to fully manage the Userpass, Cert, Okta, and Radius auth methods within the UI.
In addition to enabling, disabling and configuring the auth method, this PR includes CRUD actions for:
QA Scenarios
openApiToAttrs(users' passwords, for example)openApiToAttrs