- Add namespace support

- Fix issue with Identifies
- Remove dashboard coming soon language

app/elements/dash-board.html

@@ -47,12 +47,6 @@
 			<div class="center">
 				<div class="vertical center">
 					<iron-icon id="dashboard" icon="dashboard"></iron-icon>
-					<div>
-						<div class="shaded">Dashboard</div>
-					</div>
-					<div>
-						<div class="shaded">Coming Soon!</div>
-					</div>
 				</div>
 			</div>
 		</div>

app/elements/elements.html

@@ -13,6 +13,7 @@
 -->
 
 <!-- Iron Elements -->
+<link rel="import" href="../bower_components/iron-collapse/iron-collapse.html">
 <link rel="import" href="../bower_components/iron-flex-layout/iron-flex-layout.html">
 <link rel="import" href="../bower_components/iron-icons/iron-icons.html">
 <link rel="import" href="../bower_components/iron-icons/communication-icons.html">

app/elements/login-form.html

@@ -73,6 +73,16 @@
 			paper-progress.bottombar {
 				--paper-progress-container-color: rgba(#ffffff, 0);
 			}
+			#collapse {
+				padding: 0em;
+				background-color: #d3d3d36e;
+				margin: 1em;
+				border-radius: 5px;
+			}
+			#optionalCollapsible {
+				margin: 0 2em;
+				padding-bottom: 1em;
+			}
 		</style>
 
 		<iron-ajax id="authenticateReq"
@@ -94,6 +104,7 @@
 			handle-as="json"
 			method="POST"
 			body="{{oidcBody}}"
+			headers="{{header}}"
 			content-type="application/json"
 			last-response="{{oidcResponse}}"
 			last-error={{loginError}}
@@ -167,11 +178,22 @@
 					<paper-input id="userfield" value="{{username}}" label="Username" disabled="{{loading}}"></paper-input>
 					<paper-input id="passfield" value="{{password}}" label="Password" type="password" disabled="{{loading}}"></paper-input>
 				</div>
-				<div>
-					<iron-a11y-keys target="[[targetrole]]" keys="enter" on-keys-pressed="_login"></iron-a11y-keys>
-					<paper-input id="rolefield" value="{{role}}" label="Role (optional)" disabled="{{loading}}"></paper-input>
-				</div>
 			</iron-pages>
+			<div id="trigger" on-tap="_toggleOptional" style="padding: 0 15px;">
+				<iron-icon icon="{{optionalIcon}}" hidden$="[[noIcons]]"></iron-icon>
+				More Options
+			</div>
+			<iron-collapse id="collapse" opened="{{optionalOpen}}">
+				<div id="optionalCollapsible">
+					<div>
+						<paper-input id="namespacefield" value="{{namespace}}" label="Namespace" disabled="{{loading}}"></paper-input>
+					</div>
+					<template is="dom-if" if="{{roleVisible}}">
+						<iron-a11y-keys target="[[targetrole]]" keys="enter" on-keys-pressed="_login"></iron-a11y-keys>
+						<paper-input id="rolefield" value="{{role}}" label="Role" disabled="{{loading}}"></paper-input>
+					</template>
+				</div>
+			</iron-collapse>
 			<div class="buttons">
 				<paper-button on-tap="_login" autofocus disabled="{{loading}}">Login</paper-button>
 			</div>
@@ -181,6 +203,8 @@
 		<app-localstorage-document key="page" data="{{page}}"></app-localstorage-document>
 		<app-localstorage-document key="urls" data="{{urls}}"></app-localstorage-document>
 		<app-localstorage-document key="username" data="{{username}}"></app-localstorage-document>
+		<app-localstorage-document key="namespace" data="{{namespace}}"></app-localstorage-document>
+		<app-localstorage-document key="optionalOpen" data="{{optionalOpen}}"></app-localstorage-document>
 
 		<paper-toast id="errortoast" class="fit-bottom error" duration="5000">
 			<iron-icon prefix icon="error-outline" style="padding-right: 7px;"></iron-icon>
@@ -242,6 +266,10 @@
 						type: String,
 						value: ''
 					},
+					roleVisible: {
+						type: Boolean,
+						value: false
+					},
 					backends: {
 						type: Array,
 						value: [],
@@ -281,6 +309,25 @@
 						type: Object,
 						notify: true
 					},
+					namespace: {
+						type: String,
+						value: '',
+						observer: '_watchNamespace'
+					},
+					namespaceLabel: {
+						type: String,
+						value: 'None',
+						notify: true,
+					},
+					optionalOpen: {
+						type: Boolean,
+						value: false,
+						observer: '_watchOptionalIcon'
+					},
+					optionalIcon: {
+						type: String,
+						value: 'expand-more'
+					},
 					page: {
 						type: Number,
 						value: 0,
@@ -327,14 +374,15 @@
 				_autofocus: function() {
 					// Close OIDC alert on all pages. Open selectively as needed.
 					this.$.oidctoast.close();
+					this.roleVisible = false;
 
 					// Set cursor autofocus for login/password fields
 					// TODO: autofocus on username field first if unset
 					if (this.page === 1) this.$.tokenfield.autofocus = true;
 					else if (this.page === 0) this.$.passfieldldap.autofocus = true;
 					else if (this.page === 2) this.$.passfield.autofocus = true;
 					else if (this.page === 3) {
-						this.$.rolefield.autofocus = true;
+						this.roleVisible = true;
 						if (!(this.oidcStarted)) this.$.oidctoast.open();
 					}
 				},
@@ -354,6 +402,7 @@
 								return;
 							}
 							this.authMethod = 'POST';
+							this.header = {"X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace};
 							this.authURL = this.url + 'v1/auth/ldap/login/' + this.username;
 							this.body = {"password": this.password };
 						} else if (this.page == 1) {
@@ -365,7 +414,7 @@
 							}
 							this.authMethod = 'GET';
 							this.authURL = this.url + 'v1/auth/token/lookup-self';
-							this.header = {"X-Vault-Token": this.token, "X-Cryptr-Version": app.cryptrVersion };
+							this.header = {"X-Vault-Token": this.token, "X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace };
 							this.body = '';
 						} else if (this.page == 2) {
 							if (!this.username && !this.password) { //Check fields have content
@@ -376,11 +425,13 @@
 							}
 							this.authMethod = 'POST';
 							this.authURL = this.url + 'v1/auth/userpass/login/' + this.username;
+							this.header = {"X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace};
 							this.body = {"password": this.password };
 						} else if (this.page == 3) {
 							if (this.oidcStarted) {
-								this.oidcURL = this.url + 'v1/auth/oidc/oidc/auth_url'
+								this.oidcURL = this.url + 'v1/auth/oidc/oidc/auth_url';
 								this.oidcBody = {"redirect_uri": "http://localhost:8250/oidc/callback", "role": this.role}
+								this.header = {"X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace};
 								this.loading = true;
 								this.$.oidcReq.generateRequest();
 							} else {
@@ -399,7 +450,7 @@
 					// UserPass / LDAP
 					if (this.loginResponse.auth && this.loginResponse.auth.client_token) {
 						this.loginResponse = this.loginResponse.auth;
-						this.header = {"X-Vault-Token": this.loginResponse.client_token, "X-Cryptr-Version": app.cryptrVersion };
+						this.header = {"X-Vault-Token": this.loginResponse.client_token, "X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace };
 					// Token Auth
 					} else if (this.loginResponse.data) {
 						this.loginResponse = this.loginResponse.data;
@@ -536,7 +587,7 @@
 					this.authMethod = 'GET';
 					this.authURL = this.url + 'v1/auth/oidc/oidc/callback?code=' + data.code + '&state=' + data.state;
 					this.body = '';
-					this.header = '';
+					this.header = {"X-Cryptr-Version": app.cryptrVersion, "X-Vault-Namespace": this.namespace};
 					this.push('authRequests', this.$.testReq.generateRequest());
 				},
 				_oidcAuthError: function(data) {
@@ -558,6 +609,19 @@
 						this.$.authenticateReq.generateRequest();
 						this.authRequests = [];
 					}
+				},
+				_appendNamespace: function() {
+					if (this.namespace != "") return '?namespace=' + this.namespace
+					else return ""
+				},
+				_toggleOptional: function() {
+					this.optionalOpen = !this.optionalOpen;
+				},
+				_watchOptionalIcon: function() {
+					this.optionalIcon = (this.optionalOpen) ? 'expand-more' : 'chevron-right';
+				},
+				_watchNamespace: function() {
+					this.namespaceLabel = (this.namespace) ? this.namespace : 'None'
 				}
 			});
 		})();

app/elements/secrets-init.html

@@ -98,7 +98,7 @@
 				_listSecrets: function(key) {
 					// Todo: Check for list permissions on folder before executing
 					// Execute list on a folder
-					if (!key.startsWith('sys') && !key.startsWith('cubbyhole')) {
+					if (!key.startsWith('sys') && !key.startsWith('cubbyhole') && !key.startsWith('identity')) {
 						// Track completed requests
 						this.push('completedRequests', key);
 
@@ -160,7 +160,7 @@
 				},
 				_addSecret: function(location) {
 					var parts = location.split('/');
-					if (!['sys', 'auth', 'cubbyhole'].includes(parts[0])) {
+					if (!['sys', 'auth', 'cubbyhole', 'identity'].includes(parts[0])) {
 						var type = location.endsWith('/') ? 'folder' : 'secret';
 						var permissions = [];
 						var keys = Object.keys(this.secretAccess).sort(function(a, b){ return b.length > a.length;}); //Sort by longest key to prioritize individual secret policies rather than wildcards
@@ -231,8 +231,8 @@
 					var folderFound = false;
 					for (var key in this.access) {
 						var parts = key.split('/');
-						if (!['sys', 'auth', 'cubbyhole'].includes(parts[0])) this.secretAccess[key] = this.access[key];
-						if (this.access[key].capabilities.indexOf('deny') < 0) {
+						if (!['sys', 'auth', 'cubbyhole', 'identity'].includes(parts[0])) this.secretAccess[key] = this.access[key];
+						if ('capabilities' in this.access[key] && this.access[key].capabilities.indexOf('deny') < 0) {
 							if (key.endsWith('/*') || key.endsWith('/')) {
 								if (!['data', 'delete', 'destroy', 'undelete'].includes(parts[1])) {
 									folderFound = true;
@@ -248,8 +248,13 @@
 									}
 									this._listSecrets(key);
 								}
-							}
-							else this._addSecret(key);
+							} else if (key == '*') { //Support root access, including root Namespace users
+								folderFound = true;
+								for (var i in this.backends) {
+									if (this.backends[i].type === '2') this._listSecrets(this.backends[i].name + '/metadata/');
+									else this._listSecrets(this.backends[i].name);
+								}
+							} else this._addSecret(key);
 						}
 					}
 					if (!folderFound) this.loading = false;

app/elements/user-info.html

@@ -20,13 +20,12 @@
 		}
 	</style>
 	<template>
-
-        <paper-item>
+    <paper-item>
 			<paper-icon-button icon="refresh" on-click="_refreshKeys" style="margin-right: 20px"></paper-icon-button>
-            <iron-icon icon="account-circle" style="color: #888"></iron-icon>
-            <span class="noselect name">{{upperUser}}</span>
-            <paper-button raised on-click="logout">Logout</paper-button>
-        </paper-item>
+        <iron-icon icon="account-circle" style="color: #888"></iron-icon>
+        <span class="noselect name">{{upperUser}}</span>
+        <paper-button raised on-click="logout">Logout</paper-button>
+    </paper-item>
 	</template>
 
 	<script>

app/index.html

@@ -31,7 +31,7 @@
 <body unresolved>
 	<template is="dom-bind" id="app">
 		<div id="blocker"></div>  <!-- blocker: an element to obscure background-loading content at load time. -->
-		<login-form status="{{status}}" username="{{u}}" url="{{url}}" header="{{header}}" login-response="{{loginResponse}}" loading="{{loading}}" backends="{{backends}}"></login-form>
+		<login-form status="{{status}}" username="{{u}}" url="{{url}}" header="{{header}}" login-response="{{loginResponse}}" loading="{{loading}}" backends="{{backends}}" namespace-label="{{namespaceLabel}}"></login-form>
 		<login-status id="login-status" status="{{status}}" url="{{url}}" header="{{header}}"></login-status>
 		<secrets-init status="{{status}}" header="{{header}}" deferred-requests="{{deferredRequests}}" completed-requests="{{completedRequests}}" folder-route="{{folderRoute}}" login-response="{{loginResponse}}" secrets="{{secrets}}" access="{{access}}" loading="{{loading}}" backends="{{backends}}" index-all-secrets="{{indexAllSecrets}}"></secrets-init>
 
@@ -46,7 +46,7 @@
 					<span class="menu-name noselect">Cryptr</span>
 				</paper-toolbar>
 
-				<div style="height: calc(100vh - 100px); overflow: scroll; padding-left: 10px;">
+				<div style="height: calc(100vh - 128px); overflow: scroll; padding-left: 10px;">
 					<span id="drawerMenuText" class="noselect">HOME</span>
 					<paper-menu attr-for-selected="data-route" selected="{{route}}">
 						<a data-route="home" href="{{baseUrl}}" class="noselect">
@@ -85,9 +85,12 @@
 
 				</div>
 
-				<!-- <div class="bottom-corner" style="color: #737373;">
-					<paper-icon-button icon="settings"></paper-icon-button>
-				</div> -->
+				<div id="namespaceBar" class="noselect" style="width: {{drawerWidth}}">
+					<paper-item>
+						<iron-icon prefix icon="tab-unselected" style="min-width: 24px; padding-right: 7px;"></iron-icon>
+						<b style="padding-right: 5px;">Namespace:</b> {{namespaceLabel}}
+					</paper-item>
+				</div>
 			</paper-scroll-header-panel>
 
 			<!-- Main Area -->

app/package.json

@@ -1,7 +1,7 @@
 {
   "name": "cryptr",
   "author": "Jacob Crowther <crowther@adobe.com>",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "description": "A GUI for Vault",
   "repository": {
     "url": "https://github.com/jcrowthe/cryptr.git"

app/scripts/app.js

@@ -18,7 +18,7 @@ app.baseUrl = '/';
 app.url = 'start';
 app.secretRoute = '';
 app.folderRoute = '';
-app.cryptrVersion = "0.2.0";
+app.cryptrVersion = "0.6.0";
 
 // Index filtering and sorting
 app.filterFolders = function(item) {

app/styles/app-theme.html

@@ -117,6 +117,13 @@
 
 
 	/* General styles */
+
+	#namespaceBar {
+		height: 48px;
+	  background-color: #353d4a;
+	  color: #c0c1c3;
+	}
+
 	.bottombar {
 		position: fixed;
 		left: 0;
@@ -142,6 +149,7 @@
 		color: var(--secondary-text-color);
 		background-color: var(--drawer-menu-color);
 		border-bottom: none;
+		height: 80px;
 	}
 
 	.menu-name {

package.json

@@ -1,7 +1,7 @@
 {
     "name": "cryptr",
     "author": "Jacob Crowther <crowther@adobe.com>",
-    "version": "0.5.0",
+    "version": "0.6.0",
     "description": "A GUI for Vault",
     "main": "app/index.js",
     "repository": {