github.com/hernad/nomad@v1.6.112/ui/app/routes/policies/new.js (about) 1 /** 2 * Copyright (c) HashiCorp, Inc. 3 * SPDX-License-Identifier: MPL-2.0 4 */ 5 6 import Route from '@ember/routing/route'; 7 import { inject as service } from '@ember/service'; 8 9 const INITIAL_POLICY_RULES = `# See https://developer.hashicorp.com/nomad/tutorials/access-control/access-control-policies for ACL Policy details 10 11 # Example policy structure: 12 13 namespace "default" { 14 policy = "deny" 15 capabilities = [] 16 } 17 18 namespace "example-ns" { 19 policy = "deny" 20 capabilities = ["list-jobs", "read-job"] 21 variables { 22 # list access to variables in all paths, full access in nested/variables/* 23 path "*" { 24 capabilities = ["list"] 25 } 26 path "nested/variables/*" { 27 capabilities = ["write", "read", "destroy", "list"] 28 } 29 } 30 } 31 32 host_volume "example-volume" { 33 policy = "deny" 34 } 35 36 agent { 37 policy = "deny" 38 } 39 40 node { 41 policy = "deny" 42 } 43 44 quota { 45 policy = "deny" 46 } 47 48 operator { 49 policy = "deny" 50 } 51 52 # Possible Namespace Policies: 53 # * deny 54 # * read 55 # * write 56 # * scale 57 58 # Possible Namespace Capabilities: 59 # * list-jobs 60 # * parse-job 61 # * read-job 62 # * submit-job 63 # * dispatch-job 64 # * read-logs 65 # * read-fs 66 # * alloc-exec 67 # * alloc-lifecycle 68 # * csi-write-volume 69 # * csi-mount-volume 70 # * list-scaling-policies 71 # * read-scaling-policy 72 # * read-job-scaling 73 # * scale-job 74 75 # Possible Variables capabilities 76 # * write 77 # * read 78 # * destroy 79 # * list 80 81 # Possible Policies for "agent", "node", "quota", "operator", and "host_volume": 82 # * deny 83 # * read 84 # * write 85 `; 86 87 export default class PoliciesNewRoute extends Route { 88 @service can; 89 @service router; 90 91 beforeModel() { 92 if (this.can.cannot('write policy')) { 93 this.router.transitionTo('/policies'); 94 } 95 } 96 97 model() { 98 return this.store.createRecord('policy', { 99 name: '', 100 rules: INITIAL_POLICY_RULES, 101 }); 102 } 103 104 resetController(controller, isExiting) { 105 // If the user navigates away from /new, clear the path 106 controller.set('path', null); 107 if (isExiting) { 108 // If user didn't save, delete the freshly created model 109 if (controller.model.isNew) { 110 controller.model.destroyRecord(); 111 } 112 } 113 } 114 }