github.com/hernad/nomad@v1.6.112/ui/app/routes/policies/new.js (about)

     1  /**
     2   * Copyright (c) HashiCorp, Inc.
     3   * SPDX-License-Identifier: MPL-2.0
     4   */
     5  
     6  import Route from '@ember/routing/route';
     7  import { inject as service } from '@ember/service';
     8  
     9  const INITIAL_POLICY_RULES = `# See https://developer.hashicorp.com/nomad/tutorials/access-control/access-control-policies for ACL Policy details
    10  
    11  # Example policy structure:
    12  
    13  namespace "default" {
    14    policy = "deny"
    15    capabilities = []
    16  }
    17  
    18  namespace "example-ns" {
    19    policy = "deny"
    20    capabilities = ["list-jobs", "read-job"]
    21    variables {
    22      # list access to variables in all paths, full access in nested/variables/*
    23      path "*" {
    24        capabilities = ["list"]
    25      }
    26      path "nested/variables/*" {
    27        capabilities = ["write", "read", "destroy", "list"]
    28      }
    29    }
    30  }
    31  
    32  host_volume "example-volume" {
    33    policy = "deny"
    34  }
    35  
    36  agent {
    37    policy = "deny"
    38  }
    39  
    40  node {
    41    policy = "deny"
    42  }
    43  
    44  quota {
    45    policy = "deny"
    46  }
    47  
    48  operator {
    49    policy = "deny"
    50  }
    51  
    52  # Possible Namespace Policies:
    53  #  * deny
    54  #  * read
    55  #  * write
    56  #  * scale
    57  
    58  # Possible Namespace Capabilities:
    59  #  * list-jobs
    60  #  * parse-job
    61  #  * read-job
    62  #  * submit-job
    63  #  * dispatch-job
    64  #  * read-logs
    65  #  * read-fs
    66  #  * alloc-exec
    67  #  * alloc-lifecycle
    68  #  * csi-write-volume
    69  #  * csi-mount-volume
    70  #  * list-scaling-policies
    71  #  * read-scaling-policy
    72  #  * read-job-scaling
    73  #  * scale-job
    74  
    75  # Possible Variables capabilities
    76  #  * write
    77  #  * read
    78  #  * destroy
    79  #  * list
    80  
    81  # Possible Policies for "agent", "node", "quota", "operator", and "host_volume":
    82  #  * deny
    83  #  * read
    84  #  * write
    85  `;
    86  
    87  export default class PoliciesNewRoute extends Route {
    88    @service can;
    89    @service router;
    90  
    91    beforeModel() {
    92      if (this.can.cannot('write policy')) {
    93        this.router.transitionTo('/policies');
    94      }
    95    }
    96  
    97    model() {
    98      return this.store.createRecord('policy', {
    99        name: '',
   100        rules: INITIAL_POLICY_RULES,
   101      });
   102    }
   103  
   104    resetController(controller, isExiting) {
   105      // If the user navigates away from /new, clear the path
   106      controller.set('path', null);
   107      if (isExiting) {
   108        // If user didn't save, delete the freshly created model
   109        if (controller.model.isNew) {
   110          controller.model.destroyRecord();
   111        }
   112      }
   113    }
   114  }