github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/ui/app/routes/policies/new.js

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/ui/app/routes/policies/new.js (about)

     1  import Route from '@ember/routing/route';
     2  import { inject as service } from '@ember/service';
     3  
     4  const INITIAL_POLICY_RULES = `# See https://developer.hashicorp.com/nomad/tutorials/access-control/access-control-policies for ACL Policy details
     5  
     6  # Example policy structure:
     7  
     8  namespace "default" {
     9    policy = "deny"
    10    capabilities = []
    11  }
    12  
    13  namespace "example-ns" {
    14    policy = "deny"
    15    capabilities = ["list-jobs", "read-job"]
    16    variables {
    17      # list access to variables in all paths, full access in nested/variables/*
    18      path "*" {
    19        capabilities = ["list"]
    20      }
    21      path "nested/variables/*" {
    22        capabilities = ["write", "read", "destroy", "list"]
    23      }
    24    }
    25  }
    26  
    27  host_volume "example-volume" {
    28    policy = "deny"
    29  }
    30  
    31  agent {
    32    policy = "deny"
    33  }
    34  
    35  node {
    36    policy = "deny"
    37  }
    38  
    39  quota {
    40    policy = "deny"
    41  }
    42  
    43  operator {
    44    policy = "deny"
    45  }
    46  
    47  # Possible Namespace Policies:
    48  #  * deny
    49  #  * read
    50  #  * write
    51  #  * scale
    52  
    53  # Possible Namespace Capabilities:
    54  #  * list-jobs
    55  #  * parse-job
    56  #  * read-job
    57  #  * submit-job
    58  #  * dispatch-job
    59  #  * read-logs
    60  #  * read-fs
    61  #  * alloc-exec
    62  #  * alloc-lifecycle
    63  #  * csi-write-volume
    64  #  * csi-mount-volume
    65  #  * list-scaling-policies
    66  #  * read-scaling-policy
    67  #  * read-job-scaling
    68  #  * scale-job
    69  
    70  # Possible Variables capabilities
    71  #  * write
    72  #  * read
    73  #  * destroy
    74  #  * list
    75  
    76  # Possible Policies for "agent", "node", "quota", "operator", and "host_volume":
    77  #  * deny
    78  #  * read
    79  #  * write
    80  `;
    81  
    82  export default class PoliciesNewRoute extends Route {
    83    @service can;
    84    @service router;
    85  
    86    beforeModel() {
    87      if (this.can.cannot('write policy')) {
    88        this.router.transitionTo('/policies');
    89      }
    90    }
    91  
    92    model() {
    93      return this.store.createRecord('policy', {
    94        name: '',
    95        rules: INITIAL_POLICY_RULES,
    96      });
    97    }
    98  
    99    resetController(controller, isExiting) {
   100      // If the user navigates away from /new, clear the path
   101      controller.set('path', null);
   102      if (isExiting) {
   103        // If user didn't save, delete the freshly created model
   104        if (controller.model.isNew) {
   105          controller.model.destroyRecord();
   106        }
   107      }
   108    }
   109  }