mgr/dashboard: fix bucket encryption checkbox

Fixes: https://tracker.ceph.com/issues/58474
The encryption checkbox in the bucket creation form remains disabled after setting the vault authentication method as agent.

Signed-off-by: Aashish Sharma <aasharma@redhat.com>
(cherry picked from commit aea92059f4fd795e3556b0c67638dd1045ce5fdc)

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
index 88c394232e9509f72f3a7428804c367133962ba3..b991eb0ce34a90d7b0fbb7c2a2befc65211940f7 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
+++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.html
@@ -170,25 +170,7 @@
         </div>
       </div>
 
-      <div *ngIf="configForm.getValue('auth_method') == 'agent'">
-        <div class="form-group row">
-          <label class="cd-col-form-label required"
-                 for="role"
-                 i18n>Role
-          </label>
-          <div class="cd-col-form-input">
-            <input id="role"
-                   name="role"
-                   class="form-control"
-                   formControlName="role">
-            <span class="invalid-feedback"
-                  *ngIf="configForm.showError('role', frm, 'required')"
-                  i18n>This field is required.</span>
-          </div>
-        </div>
-      </div>
-
-      <div *ngIf="configForm.getValue('encryptionType') == 'aws:kms' || configForm.getValue('encryptionType') == 'AES256'">
+      <div *ngIf="configForm.getValue('encryptionType') === 'aws:kms' || configForm.getValue('encryptionType') === 'AES256'">
         <div class="form-group row">
           <label class="cd-col-form-label"
                  for="ssl_cert">

diff --git a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
index 2b45055679e595095788f994b1b8d3306c397a37..bc181a7605d59f1b5824ec257a00bd010489ca5a 100644 (file)
--- a/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/ceph/rgw/rgw-config-modal/rgw-config-modal.component.ts
@@ -80,14 +80,6 @@ export class RgwConfigModalComponent implements OnInit {
       ssl_cert: [null, CdValidators.sslCert()],
       client_cert: [null, CdValidators.pemCert()],
       client_key: [null, CdValidators.sslPrivKey()],
-      role: [
-        null,
-        [
-          CdValidators.requiredIf({
-            auth_method: 'agent'
-          })
-        ]
-      ],
       kmsEnabled: [{ value: false }],
       s3Enabled: [{ value: false }]
     });

diff --git a/src/pybind/mgr/dashboard/services/ceph_service.py b/src/pybind/mgr/dashboard/services/ceph_service.py
index f90c4e6fd64183722e5466673e726eebfc46685b..422375f4aff55cbbc8ee087e34ea3b3e4ac9408f 100644 (file)
--- a/src/pybind/mgr/dashboard/services/ceph_service.py
+++ b/src/pybind/mgr/dashboard/services/ceph_service.py
@@ -211,13 +211,11 @@ class CephService(object):
             kms_vault_token: str = CephService.send_command('mon', 'config get',
                                                             who=name_to_config_section(full_daemon_name),  # noqa E501 #pylint: disable=line-too-long
                                                             key='rgw_crypt_vault_token_file')  # noqa E501 #pylint: disable=line-too-long
-            if (
-                kms_vault_auth.strip() != ""
-                and kms_vault_engine.strip() != ""
-                and kms_vault_address.strip() != ""
-                and kms_vault_token.strip() != ""
-            ):
-                kms_vault_configured = True
+            if (kms_vault_auth.strip() != "" and kms_vault_engine.strip() != "" and kms_vault_address.strip() != ""):  # noqa E501 #pylint: disable=line-too-long
+                if(kms_vault_auth == 'token' and kms_vault_token.strip() == ""):
+                    kms_vault_configured = False
+                else:
+                    kms_vault_configured = True
 
         if sse_s3_backend.strip() == 'vault':
             s3_vault_auth: str = CephService.send_command('mon', 'config get',
@@ -233,13 +231,12 @@ class CephService(object):
             s3_vault_token: str = CephService.send_command('mon', 'config get',
                                                            who=name_to_config_section(full_daemon_name),  # noqa E501 #pylint: disable=line-too-long
                                                            key='rgw_crypt_sse_s3_vault_token_file')  # noqa E501 #pylint: disable=line-too-long
-            if (
-                s3_vault_auth.strip() != ""
-                and s3_vault_engine.strip() != ""
-                and s3_vault_address.strip() != ""
-                and s3_vault_token.strip() != ""
-            ):
-                s3_vault_configured = True
+
+            if (s3_vault_auth.strip() != "" and s3_vault_engine.strip() != "" and s3_vault_address.strip() != ""):  # noqa E501 #pylint: disable=line-too-long
+                if(s3_vault_auth == 'token' and s3_vault_token.strip() == ""):
+                    s3_vault_configured = False
+                else:
+                    s3_vault_configured = True
 
         vault_stats.append(kms_vault_configured)
         vault_stats.append(s3_vault_configured)