refact: conditional checks for token secret before fetch (#14134)

* refact: conditional checks for token secret before fetch * refact: guard all authRawReq calls * refact: safe-guard integration tests
hashicorp · Aug 17, 2022 · b9fec22 · b9fec22
1 parent 8ebd21e
commit b9fec22
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 45 deletions.
diff --git a/ui/app/services/system.js b/ui/app/services/system.js
@@ -1,6 +1,7 @@
 import Service, { inject as service } from '@ember/service';
 import { computed } from '@ember/object';
 import { alias } from '@ember/object/computed';
+import Ember from 'ember';
 import PromiseObject from '../utils/classes/promise-object';
 import PromiseArray from '../utils/classes/promise-array';
 import { namespace } from '../adapters/application';
@@ -16,64 +17,78 @@ export default class SystemService extends Service {
   @computed('activeRegion')
   get leader() {
     const token = this.token;
-
-    return PromiseObject.create({
-      promise: token
-        .authorizedRequest(`/${namespace}/status/leader`)
-        .then((res) => res.json())
-        .then((rpcAddr) => ({ rpcAddr }))
-        .then((leader) => {
-          // Dirty self so leader can be used as a dependent key
-          this.notifyPropertyChange('leader.rpcAddr');
-          return leader;
-        }),
-    });
+    if (token.secret || Ember.testing) {
+      return PromiseObject.create({
+        promise: token
+          .authorizedRequest(`/${namespace}/status/leader`)
+          .then((res) => res.json())
+          .then((rpcAddr) => ({ rpcAddr }))
+          .then((leader) => {
+            // Dirty self so leader can be used as a dependent key
+            this.notifyPropertyChange('leader.rpcAddr');
+            return leader;
+          }),
+      });
+    }
+    return null;
   }
 
   @computed
   get agent() {
     const token = this.token;
-    return PromiseObject.create({
-      promise: token
-        .authorizedRawRequest(`/${namespace}/agent/self`)
-        .then(jsonWithDefault({}))
-        .then((agent) => {
-          if (agent?.config?.Version) {
-            const { Version, VersionPrerelease, VersionMetadata } =
-              agent.config.Version;
-            agent.version = Version;
-            if (VersionPrerelease)
-              agent.version = `${agent.version}-${VersionPrerelease}`;
-            if (VersionMetadata)
-              agent.version = `${agent.version}+${VersionMetadata}`;
-          }
-          return agent;
-        }),
-    });
+
+    if (token.secret || Ember.testing) {
+      return PromiseObject.create({
+        promise: token
+          .authorizedRawRequest(`/${namespace}/agent/self`)
+          .then(jsonWithDefault({}))
+          .then((agent) => {
+            if (agent?.config?.Version) {
+              const { Version, VersionPrerelease, VersionMetadata } =
+                agent.config.Version;
+              agent.version = Version;
+              if (VersionPrerelease)
+                agent.version = `${agent.version}-${VersionPrerelease}`;
+              if (VersionMetadata)
+                agent.version = `${agent.version}+${VersionMetadata}`;
+            }
+            return agent;
+          }),
+      });
+    }
+    return null;
   }
 
   @computed
   get defaultRegion() {
     const token = this.token;
-    return PromiseObject.create({
-      promise: token
-        .authorizedRawRequest(`/${namespace}/agent/members`)
-        .then(jsonWithDefault({}))
-        .then((json) => {
-          return { region: json.ServerRegion };
-        }),
-    });
+
+    if (token.secret || Ember.testing) {
+      return PromiseObject.create({
+        promise: token
+          .authorizedRawRequest(`/${namespace}/agent/members`)
+          .then(jsonWithDefault({}))
+          .then((json) => {
+            return { region: json.ServerRegion };
+          }),
+      });
+    }
+    return null;
   }
 
   @computed
   get regions() {
     const token = this.token;
 
-    return PromiseArray.create({
-      promise: token
-        .authorizedRawRequest(`/${namespace}/regions`)
-        .then(jsonWithDefault([])),
-    });
+    if (token.secret || Ember.testing) {
+      return PromiseArray.create({
+        promise: token
+          .authorizedRawRequest(`/${namespace}/regions`)
+          .then(jsonWithDefault([])),
+      });
+    }
+
+    return null;
   }
 
   @computed('regions.[]')

diff --git a/ui/app/services/token.js b/ui/app/services/token.js
@@ -3,6 +3,7 @@ import { computed } from '@ember/object';
 import { alias, reads } from '@ember/object/computed';
 import { getOwner } from '@ember/application';
 import { assign } from '@ember/polyfills';
+import Ember from 'ember';
 import { task } from 'ember-concurrency';
 import queryString from 'query-string';
 import fetch from 'nomad-ui/utils/fetch';
@@ -31,9 +32,11 @@ export default class TokenService extends Service {
   @task(function* () {
     const TokenAdapter = getOwner(this).lookup('adapter:token');
     try {
-      var token = yield TokenAdapter.findSelf();
-      this.secret = token.secret;
-      return token;
+      if (this.secret || Ember.testing) {
+        var token = yield TokenAdapter.findSelf();
+        this.secret = token.secret;
+        return token;
+      }
     } catch (e) {
       const errors = e.errors ? e.errors.mapBy('detail') : [];
       if (errors.find((error) => error === 'ACL support disabled')) {
@@ -87,6 +90,8 @@ export default class TokenService extends Service {
     const headers = {};
     const token = this.secret;
 
+    if (!token && !Ember.testing) return null;
+
     if (token) {
       headers['X-Nomad-Token'] = token;
     }