gui: add API token ACLs

and the needed API token selector.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2020-10-28 11:07:27 +01:00 committed by Wolfgang Bumiller
parent b2da7fbd1c
commit 184a37635b
4 changed files with 155 additions and 39 deletions

View File

@ -6,6 +6,7 @@ IMAGES := \
JSSRC= \
form/UserSelector.js \
form/TokenSelector.js \
form/RemoteSelector.js \
form/DataStoreSelector.js \
form/CalendarEvent.js \

View File

@ -31,19 +31,35 @@ Ext.define('PBS.config.ACLView', {
controller: {
xclass: 'Ext.app.ViewController',
addACL: function() {
addUserACL: function() {
let me = this;
let view = me.getView();
Ext.create('PBS.window.ACLEdit', {
Ext.create('PBS.window.ACLEdit', {
path: view.aclPath,
aclType: 'user',
listeners: {
destroy: function() {
me.reload();
},
},
}).show();
}).show();
},
addTokenACL: function() {
let me = this;
let view = me.getView();
Ext.create('PBS.window.ACLEdit', {
path: view.aclPath,
aclType: 'token',
listeners: {
destroy: function() {
me.reload();
},
},
}).show();
},
removeACL: function(btn, event, rec) {
let me = this;
Proxmox.Utils.API2Request({
@ -106,10 +122,22 @@ Ext.define('PBS.config.ACLView', {
tbar: [
{
xtype: 'proxmoxButton',
text: gettext('Add'),
handler: 'addACL',
selModel: false,
menu: {
xtype: 'menu',
items: [
{
text: gettext('User Permission'),
iconCls: 'fa fa-fw fa-user',
handler: 'addUserACL',
},
{
text: gettext('API Token Permission'),
iconCls: 'fa fa-fw fa-user-o',
handler: 'addTokenACL',
},
],
},
},
{
xtype: 'proxmoxStdRemoveButton',
@ -127,7 +155,7 @@ Ext.define('PBS.config.ACLView', {
dataIndex: 'path',
},
{
header: gettext('User/Group'),
header: gettext('User/Group/API Token'),
width: 100,
sortable: true,
renderer: Ext.String.htmlEncode,

72
www/form/TokenSelector.js Normal file
View File

@ -0,0 +1,72 @@
Ext.define('PBS.form.TokenSelector', {
extend: 'Proxmox.form.ComboGrid',
alias: 'widget.pbsTokenSelector',
allowBlank: false,
autoSelect: false,
valueField: 'tokenid',
displayField: 'tokenid',
editable: true,
anyMatch: true,
forceSelection: true,
store: {
model: 'pbs-tokens',
params: {
enabled: 1,
},
sorters: 'tokenid',
},
initComponent: function() {
let me = this;
me.userStore = Ext.create('Ext.data.Store', {
model: 'pbs-users-with-tokens',
});
me.userStore.on('load', this.onLoad, this);
me.userStore.load();
me.callParent();
},
onLoad: function(store, data, success) {
if (!success) return;
let tokenStore = this.store;
let records = [];
Ext.Array.each(data, function(user) {
let tokens = user.data.tokens || [];
Ext.Array.each(tokens, function(token) {
let r = {};
r.tokenid = token.tokenid;
r.comment = token.comment;
r.expire = token.expire;
r.enable = token.enable;
records.push(r);
});
});
tokenStore.loadData(records);
},
listConfig: {
columns: [
{
header: gettext('API Token'),
sortable: true,
dataIndex: 'tokenid',
renderer: Ext.String.htmlEncode,
flex: 1,
},
{
header: gettext('Comment'),
sortable: false,
dataIndex: 'comment',
renderer: Ext.String.htmlEncode,
flex: 1,
},
],
},
});

View File

@ -14,7 +14,53 @@ Ext.define('PBS.window.ACLEdit', {
// caller can give a static path
path: undefined,
subject: gettext('User Permission'),
initComponent: function() {
let me = this;
me.items = [];
me.items.push({
xtype: 'pbsPermissionPathSelector',
fieldLabel: gettext('Path'),
editable: !me.path,
value: me.path,
name: 'path',
allowBlank: false,
});
if (me.aclType === 'user') {
me.subject = gettext('User Permission');
me.items.push({
xtype: 'pbsUserSelector',
fieldLabel: gettext('User'),
name: 'auth_id',
allowBlank: false,
});
} else if (me.aclType === 'token') {
me.subject = gettext('API Token Permission');
me.items.push({
xtype: 'pbsTokenSelector',
fieldLabel: gettext('API Token'),
name: 'auth_id',
allowBlank: false,
});
}
me.items.push({
xtype: 'pmxRoleSelector',
name: 'role',
value: 'NoAccess',
fieldLabel: gettext('Role'),
});
me.items.push({
xtype: 'proxmoxcheckbox',
name: 'propagate',
checked: true,
uncheckedValue: 0,
fieldLabel: gettext('Propagate'),
});
me.callParent();
},
getValues: function(dirtyOnly) {
let me = this;
@ -26,35 +72,4 @@ Ext.define('PBS.window.ACLEdit', {
return values;
},
items: [
{
xtype: 'pbsPermissionPathSelector',
fieldLabel: gettext('Path'),
cbind: {
editable: '{!path}',
value: '{path}',
},
name: 'path',
allowBlank: false,
},
{
xtype: 'pbsUserSelector',
fieldLabel: gettext('User'),
name: 'auth_id',
allowBlank: false,
},
{
xtype: 'pmxRoleSelector',
name: 'role',
value: 'NoAccess',
fieldLabel: gettext('Role'),
},
{
xtype: 'proxmoxcheckbox',
name: 'propagate',
checked: true,
uncheckedValue: 0,
fieldLabel: gettext('Propagate'),
},
],
});