Enforcement view at MFA method level

ui/app/adapters/mfa-method.js

@@ -31,6 +31,10 @@ export default class MfaMethodAdapter extends ApplicationAdapter {
     return this.createOrUpdate(...arguments);
   }
 
+  urlForDeleteRecord(id, modelName, snapshot) {
+    return this.buildURL(modelName, id, snapshot, 'POST');
+  }
+
   query(store, type, query) {
     const url = this.urlForQuery(query, type.modelName);
     return this.ajax(url, 'GET', {

ui/app/controllers/vault/cluster/access/mfa/methods/method/index.js

@@ -0,0 +1,22 @@
+import Controller from '@ember/controller';
+import { inject as service } from '@ember/service';
+import { action } from '@ember/object';
+
+export default class MfaMethodController extends Controller {
+  @service router;
+  @service flashMessages;
+
+  queryParams = ['tab'];
+  tab = 'config';
+
+  @action
+  async deleteMethod() {
+    try {
+      await this.model.method.destroyRecord();
+      this.flashMessages.success('MFA method deleted successfully deleted.');
+      this.router.transitionTo('vault.cluster.access.mfa.methods');
+    } catch (error) {
+      this.flashMessages.danger(`There was an error deleting this MFA method.`);
+    }
+  }
+}

ui/app/routes/vault/cluster/access/mfa/methods/method.js

@@ -1,8 +1,22 @@
 import Route from '@ember/routing/route';
-
+import { hash } from 'rsvp';
 export default class MfaMethodRoute extends Route {
   model({ id }) {
-    return this.store.findRecord('mfa-method', id);
+    return hash({
+      method: this.store.findRecord('mfa-method', id).then((data) => data),
+      enforcements: this.store
+        .query('mfa-login-enforcement', {})
+        .then((data) => {
+          let filteredEnforcements = data.filter((item) => {
+            let results = item.hasMany('mfa_methods').ids();
+            return results.includes(id);
+          });
+          return filteredEnforcements;
+        })
+        .catch(() => {
+          // Do nothing
+        }),
+    });
   }
   setupController(controller, model) {
     controller.set('model', model);

ui/app/templates/components/mfa/login-enforcement-list-item.hbs

@@ -0,0 +1,32 @@
+<LinkedBlock class="list-item-row" @params={{array "vault.cluster.access.mfa.enforcements.enforcement" @model.id}}>
+  <div class="level is-mobile">
+    <div class="level-left">
+      <div>
+        <Icon @name="lock" />
+        <span class="has-text-weight-semibold has-text-black">
+          {{@model.name}}
+        </span>
+      </div>
+    </div>
+    <div class="level-right is-flex is-paddingless is-marginless">
+      <div class="level-item">
+        <PopupMenu>
+          <nav class="menu">
+            <ul class="menu-list">
+              <li>
+                <LinkTo @route="vault.cluster.access.mfa.enforcements.enforcement" @model={{@model.name}}>
+                  Details
+                </LinkTo>
+              </li>
+              <li>
+                <LinkTo @route="vault.cluster.access.mfa.enforcements.enforcement.edit" @model={{@model.name}}>
+                  Edit
+                </LinkTo>
+              </li>
+            </ul>
+          </nav>
+        </PopupMenu>
+      </div>
+    </div>
+  </div>
+</LinkedBlock>

ui/app/templates/vault/cluster/access/mfa/enforcements/enforcement/index.hbs

@@ -69,7 +69,7 @@
   {{/each}}
 {{else if (eq this.tab "methods")}}
   {{#each this.model.mfa_methods as |method|}}
-    <MfaMethodListItem @model={{method}} />
+    <Mfa::MethodListItem @model={{method}} />
   {{/each}}
 {{/if}}
 

ui/app/templates/vault/cluster/access/mfa/enforcements/index.hbs

@@ -18,38 +18,7 @@
 
 {{#if this.model.meta.total}}
   {{#each this.model as |item|}}
-    <LinkedBlock class="list-item-row" @params={{array "vault.cluster.access.mfa.enforcements.enforcement" item.id}}>
-      <div class="level is-mobile">
-        <div class="level-left">
-          <div>
-            <Icon @name="lock" />
-            <span class="has-text-weight-semibold has-text-black">
-              {{item.name}}
-            </span>
-          </div>
-        </div>
-        <div class="level-right is-flex is-paddingless is-marginless">
-          <div class="level-item">
-            <PopupMenu>
-              <nav class="menu">
-                <ul class="menu-list">
-                  <li>
-                    <LinkTo @route="vault.cluster.access.mfa.enforcements.enforcement" @model={{item.name}}>
-                      Details
-                    </LinkTo>
-                  </li>
-                  <li>
-                    <LinkTo @route="vault.cluster.access.mfa.enforcements.enforcement.edit" @model={{item.name}}>
-                      Edit
-                    </LinkTo>
-                  </li>
-                </ul>
-              </nav>
-            </PopupMenu>
-          </div>
-        </div>
-      </div>
-    </LinkedBlock>
+    <Mfa::LoginEnforcementListItem @model={{item}} />
   {{/each}}
 {{/if}}
 {{#if (gt this.model.meta.lastPage 1)}}

ui/app/templates/vault/cluster/access/mfa/methods/index.hbs

@@ -18,7 +18,7 @@
 
 {{#if this.model.meta.total}}
   {{#each this.model as |item|}}
-    <MfaMethodListItem @model={{item}} />
+    <Mfa::MethodListItem @model={{item}} />
   {{/each}}
 {{/if}}
 {{#if (gt this.model.meta.lastPage 1)}}

ui/app/templates/vault/cluster/access/mfa/methods/method/edit.hbs

@@ -2,15 +2,15 @@
   <p.levelLeft>
     <h1 class="title is-3">
       Configure
-      {{this.model.name}}
+      {{this.model.method.name}}
       MFA
     </h1>
   </p.levelLeft>
 </PageHeader>
 
 <Mfa::MethodForm
-  @model={{this.model}}
+  @model={{this.model.method}}
   @hasActions={{true}}
-  @onSave={{transition-to "vault.cluster.access.mfa.methods.method" this.model.id}}
-  @onClose={{transition-to "vault.cluster.access.mfa.methods.method" this.model.id}}
+  @onSave={{transition-to "vault.cluster.access.mfa.methods.method" this.model.method.id}}
+  @onClose={{transition-to "vault.cluster.access.mfa.methods.method" this.model.method.id}}
 />

ui/app/templates/vault/cluster/access/mfa/methods/method/index.hbs

@@ -1,34 +1,78 @@
 <PageHeader as |p|>
   <p.levelLeft>
     <h1 class="title is-3">
-      <Icon @size="24" @name={{this.model.type}} />
-      {{this.model.name}}
+      <Icon @size="24" @name={{this.model.method.type}} />
+      {{this.model.method.name}}
     </h1>
   </p.levelLeft>
 </PageHeader>
 
-<Toolbar>
-  <ToolbarActions>
-    <ToolbarLink @params={{array "vault.cluster.access.mfa.methods.method.edit" this.model.id}}>
-      Edit
-    </ToolbarLink>
-  </ToolbarActions>
-</Toolbar>
+<div class="tabs-container box is-sideless is-fullwidth is-paddingless is-marginless">
+  <nav class="tabs">
+    <ul>
+      <LinkTo @route="vault.cluster.access.mfa.methods.method" @query={{hash tab="config"}}>
+        Configuration
+      </LinkTo>
+      <LinkTo @route="vault.cluster.access.mfa.methods.method" @query={{hash tab="enforcements"}}>
+        Enforcements
+      </LinkTo>
+    </ul>
+  </nav>
+</div>
 
-<div class="box is-fullwidth is-sideless is-paddingless is-marginless">
-  {{#each this.model.attrs as |attr|}}
-    {{#if (eq attr.type "object")}}
-      <InfoTableRow
-        @alwaysRender={{not (is-empty-value (get @model attr.name))}}
-        @label={{or attr.options.label (to-label attr.name)}}
-        @value={{stringify (get @model attr.name)}}
+{{#if (eq this.tab "config")}}
+  <Toolbar>
+    <ToolbarActions>
+      <ConfirmAction
+        @buttonClasses="toolbar-link"
+        @disabled={{not (is-empty this.model.enforcements)}}
+        @onConfirmAction={{this.deleteMethod}}
+        @confirmTitle="Are you sure?"
+        @confirmMessage="Deleting this MFA configuration is permanent, and it will no longer be available."
+        @confirmButtonText="Delete"
+      >
+        Delete
+      </ConfirmAction>
+      <ToolbarLink @params={{array "vault.cluster.access.mfa.methods.method.edit" this.model.method.id}}>
+        Edit
+      </ToolbarLink>
+    </ToolbarActions>
+  </Toolbar>
+  <div class="box is-fullwidth is-sideless is-paddingless is-marginless">
+    {{#each this.model.method.attrs as |attr|}}
+      {{#if (eq attr.type "object")}}
+        <InfoTableRow
+          @alwaysRender={{not (is-empty-value (get this.model.method attr.name))}}
+          @label={{or attr.options.label (to-label attr.name)}}
+          @value={{stringify (get this.model.method attr.name)}}
+        />
+      {{else}}
+        <InfoTableRow
+          @alwaysRender={{not (is-empty-value (get this.model.method attr.name))}}
+          @label={{or attr.options.label (to-label attr.name)}}
+          @value={{get this.model.method attr.name}}
+        />
+      {{/if}}
+    {{/each}}
+  </div>
+{{else if (eq this.tab "enforcements")}}
+  <Toolbar>
+    <ToolbarActions>
+      <ToolbarLink @type="add" @params={{array "vault.cluster.access.mfa.enforcements.create"}}>
+        New enforcement
+      </ToolbarLink>
+    </ToolbarActions>
+  </Toolbar>
+  <div class="box is-fullwidth is-sideless is-paddingless is-marginless">
+    {{#if (is-empty this.model.enforcements)}}
+      <EmptyState
+        @title="No enforcements found."
+        @message="No enforcements are applied to this MFA method. Edit an existing enforcement or add a new one to get started."
       />
     {{else}}
-      <InfoTableRow
-        @alwaysRender={{not (is-empty-value (get @model attr.name))}}
-        @label={{or attr.options.label (to-label attr.name)}}
-        @value={{get @model attr.name}}
-      />
+      {{#each this.model.enforcements as |item|}}
+        <Mfa::LoginEnforcementListItem @model={{item}} />
+      {{/each}}
     {{/if}}
-  {{/each}}
-</div>
+  </div>
+{{/if}}