-
Notifications
You must be signed in to change notification settings - Fork 4.6k
Expand file tree
/
Copy pathconnection.js
More file actions
163 lines (150 loc) · 5.14 KB
/
connection.js
File metadata and controls
163 lines (150 loc) · 5.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
import Model, { attr } from '@ember-data/model';
import { computed } from '@ember/object';
import { alias } from '@ember/object/computed';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import fieldToAttrs, { expandAttributeMeta } from 'vault/utils/field-to-attrs';
const AVAILABLE_PLUGIN_TYPES = [
{
value: 'mongodb-database-plugin',
displayName: 'MongoDB',
fields: [
{ attr: 'name' },
{ attr: 'plugin_name' },
{ attr: 'password_policy' },
{ attr: 'username', group: 'pluginConfig' },
{ attr: 'password', group: 'pluginConfig' },
{ attr: 'connection_url', group: 'pluginConfig' },
{ attr: 'write_concern' },
{ attr: 'creation_statements' },
],
},
];
export default Model.extend({
backend: attr('string', {
readOnly: true,
}),
name: attr('string', {
label: 'Connection Name',
}),
plugin_name: attr('string', {
label: 'Database plugin',
possibleValues: AVAILABLE_PLUGIN_TYPES,
noDefault: true,
}),
verify_connection: attr('boolean', {
defaultValue: true,
}),
allowed_roles: attr('array', {
readOnly: true,
}),
password_policy: attr('string', {
editType: 'optionalText',
subText:
'Unless a custom policy is specified, Vault will use a default: 20 characters with at least 1 uppercase, 1 lowercase, 1 number, and 1 dash character.',
}),
hosts: attr('string', {}),
host: attr('string', {}),
url: attr('string', {}),
port: attr('string', {}),
// connection_details
username: attr('string', {}),
password: attr('string', {
editType: 'password',
}),
connection_url: attr('string', {
subText:
'The connection string used to connect to the database. This allows for simple templating of username and password of the root user.',
}),
write_concern: attr('string', {
subText: 'Optional. Must be in JSON. See our documentation for help.',
editType: 'json',
theme: 'hashi short',
defaultShown: 'Default',
// defaultValue: '# For example: { "wmode": "majority", "wtimeout": 5000 }',
}),
max_open_connections: attr('string', {}),
max_idle_connections: attr('string'),
max_connection_lifetime: attr('string'),
tls: attr('string', {
label: 'TLS Certificate Key',
helpText:
'x509 certificate for connecting to the database. This must be a PEM encoded version of the private key and the certificate combined.',
editType: 'file',
}),
tls_ca: attr('string', {
label: 'TLS CA',
helpText:
'x509 CA file for validating the certificate presented by the MongoDB server. Must be PEM encoded.',
editType: 'file',
}),
root_rotation_statements: attr({
subText: `The database statements to be executed to rotate the root user's credentials. If nothing is entered, Vault will use a reasonable default.`,
editType: 'stringArray',
defaultShown: 'Default',
}),
allowedFields: computed(function() {
return [
// required
'plugin_name',
'name',
// fields
'connection_url', // * MongoDB, HanaDB, MSSQL, MySQL/MariaDB, Oracle, PostgresQL, Redshift
'verify_connection', // default true
'password_policy', // default ""
// plugin config
'username',
'password',
'hosts',
'host',
'url',
'port',
'write_concern',
'max_open_connections',
'max_idle_connections',
'max_connection_lifetime',
'tls',
'tls_ca',
];
}),
// for both create and edit fields
mainFields: computed('plugin_name', function() {
return ['plugin_name', 'name', 'connection_url', 'verify_connection', 'password_policy', 'pluginConfig'];
}),
showAttrs: computed('plugin_name', function() {
const f = [
'name',
'plugin_name',
'connection_url',
'write_concern',
'verify_connection',
'allowed_roles',
];
return expandAttributeMeta(this, f);
}),
pluginFieldGroups: computed('plugin_name', function() {
if (!this.plugin_name) {
return null;
}
let groups = [{ default: ['username', 'password', 'write_concern'] }];
// TODO: Get plugin options based on plugin
groups.push({
'TLS options': ['tls', 'tls_ca'],
});
return fieldToAttrs(this, groups);
}),
fieldAttrs: computed('mainFields', function() {
// Main Field Attrs only
return expandAttributeMeta(this, this.mainFields);
}),
/* CAPABILITIES */
editConnectionPath: lazyCapabilities(apiPath`${'backend'}/config/${'id'}`, 'backend', 'id'),
canEdit: alias('editConnectionPath.canUpdate'),
canDelete: alias('editConnectionPath.canDelete'),
resetConnectionPath: lazyCapabilities(apiPath`${'backend'}/reset/${'id'}`, 'backend', 'id'),
canReset: computed.or('resetConnectionPath.canUpdate', 'resetConnectionPath.canCreate'),
rotateRootPath: lazyCapabilities(apiPath`${'backend'}/rotate-root/${'id'}`, 'backend', 'id'),
canRotateRoot: computed.or('rotateRootPath.canUpdate', 'rotateRootPath.canCreate'),
rolePath: lazyCapabilities(apiPath`${'backend'}/role/*`, 'backend'),
staticRolePath: lazyCapabilities(apiPath`${'backend'}/static-role/*`, 'backend'),
canAddRole: computed.or('rolePath.canCreate', 'staticRolePath.canCreate'),
});