]>
Commit | Line | Data |
---|---|---|
0542cfdf DC |
1 | Ext.define('pmx-acls', { |
2 | extend: 'Ext.data.Model', | |
3 | fields: [ | |
4 | 'path', 'ugid', 'ugid_type', 'roleid', 'propagate', | |
5 | { | |
6 | name: 'aclid', | |
7 | calculate: function(data) { | |
bfa0146c | 8 | return `${data.path} for ${data.ugid} - ${data.roleid}`; |
0542cfdf DC |
9 | }, |
10 | }, | |
11 | ], | |
12 | idProperty: 'aclid', | |
13 | proxy: { | |
14 | type: 'proxmox', | |
15 | url: '/api2/json/access/acl', | |
16 | }, | |
17 | }); | |
18 | ||
19 | Ext.define('PBS.config.ACLView', { | |
20 | extend: 'Ext.grid.GridPanel', | |
21 | alias: 'widget.pbsACLView', | |
22 | ||
ee1458b6 | 23 | title: gettext('Permissions'), |
0542cfdf | 24 | |
09f1f288 TL |
25 | // Show only those permissions, which can affect this and children paths. |
26 | // That means that also higher up, "shorter" paths are included, as those | |
27 | // can have a say in the rights on the asked path. | |
0542cfdf | 28 | aclPath: undefined, |
09f1f288 TL |
29 | |
30 | // tell API to only return ACLs matching exactly the aclPath config. | |
0542cfdf DC |
31 | aclExact: undefined, |
32 | ||
33 | controller: { | |
34 | xclass: 'Ext.app.ViewController', | |
35 | ||
184a3763 | 36 | addUserACL: function() { |
0542cfdf DC |
37 | let me = this; |
38 | let view = me.getView(); | |
184a3763 | 39 | Ext.create('PBS.window.ACLEdit', { |
0542cfdf | 40 | path: view.aclPath, |
184a3763 | 41 | aclType: 'user', |
0542cfdf DC |
42 | listeners: { |
43 | destroy: function() { | |
44 | me.reload(); | |
45 | }, | |
46 | }, | |
184a3763 | 47 | }).show(); |
0542cfdf DC |
48 | }, |
49 | ||
184a3763 FG |
50 | addTokenACL: function() { |
51 | let me = this; | |
52 | let view = me.getView(); | |
53 | Ext.create('PBS.window.ACLEdit', { | |
54 | path: view.aclPath, | |
55 | aclType: 'token', | |
56 | listeners: { | |
57 | destroy: function() { | |
58 | me.reload(); | |
59 | }, | |
60 | }, | |
61 | }).show(); | |
62 | }, | |
63 | ||
64 | ||
0542cfdf DC |
65 | removeACL: function(btn, event, rec) { |
66 | let me = this; | |
67 | Proxmox.Utils.API2Request({ | |
65b0cea6 | 68 | url: '/access/acl', |
0542cfdf DC |
69 | method: 'PUT', |
70 | params: { | |
71 | 'delete': 1, | |
72 | path: rec.data.path, | |
73 | role: rec.data.roleid, | |
8b600f99 | 74 | 'auth-id': rec.data.ugid, |
0542cfdf DC |
75 | }, |
76 | callback: function() { | |
77 | me.reload(); | |
78 | }, | |
65b0cea6 | 79 | failure: function(response, opts) { |
0542cfdf DC |
80 | Ext.Msg.alert(gettext('Error'), response.htmlStatus); |
81 | }, | |
82 | }); | |
83 | }, | |
84 | ||
85 | reload: function() { this.getView().getStore().rstore.load(); }, | |
86 | ||
87 | init: function(view) { | |
88 | let proxy = view.getStore().rstore.getProxy(); | |
89 | ||
90 | let params = {}; | |
09f1f288 | 91 | if (typeof view.aclPath === "string") { |
f3b4820d FG |
92 | let pathFilter = Ext.create('Ext.util.Filter', { |
93 | filterPath: view.aclPath, | |
09f1f288 | 94 | filterAtoms: view.aclPath.split('/'), |
f3b4820d FG |
95 | filterFn: function(item) { |
96 | let me = this; | |
09f1f288 TL |
97 | let path = item.data.path; |
98 | if (path === "/" || path === me.filterPath) { | |
99 | return true; | |
100 | } else if (path.length > me.filterPath.length) { | |
101 | return path.startsWith(me.filterPath + '/'); | |
102 | } | |
103 | let pathAtoms = path.split('/'); | |
104 | let commonLength = Math.min(pathAtoms.length, me.filterAtoms.length); | |
105 | for (let i = 1; i < commonLength; i++) { | |
106 | if (me.filterAtoms[i] !== pathAtoms[i]) { | |
107 | return false; | |
108 | } | |
f3b4820d | 109 | } |
09f1f288 | 110 | return true; |
f3b4820d FG |
111 | }, |
112 | }); | |
113 | view.getStore().addFilter(pathFilter); | |
0542cfdf DC |
114 | } |
115 | if (view.aclExact !== undefined) { | |
f3b4820d FG |
116 | if (view.aclPath !== undefined) { |
117 | params.path = view.aclPath; | |
118 | } | |
0542cfdf DC |
119 | params.exact = view.aclExact; |
120 | } | |
f3b4820d | 121 | |
0542cfdf | 122 | proxy.setExtraParams(params); |
12710fd3 | 123 | Proxmox.Utils.monStoreErrors(view, view.getStore().rstore); |
0542cfdf | 124 | }, |
ed216fd7 TL |
125 | control: { |
126 | '#': { // view | |
127 | activate: function() { | |
128 | this.getView().getStore().rstore.startUpdate(); | |
129 | }, | |
130 | deactivate: function() { | |
131 | this.getView().getStore().rstore.stopUpdate(); | |
132 | }, | |
133 | }, | |
134 | }, | |
0542cfdf DC |
135 | }, |
136 | ||
137 | store: { | |
138 | type: 'diff', | |
139 | autoDestroy: true, | |
140 | autoDestroyRstore: true, | |
bfa0146c | 141 | sorters: 'aclid', |
0542cfdf DC |
142 | rstore: { |
143 | type: 'update', | |
144 | storeid: 'pmx-acls', | |
145 | model: 'pmx-acls', | |
0542cfdf DC |
146 | interval: 5000, |
147 | }, | |
148 | }, | |
149 | ||
150 | tbar: [ | |
151 | { | |
0542cfdf | 152 | text: gettext('Add'), |
184a3763 FG |
153 | menu: { |
154 | xtype: 'menu', | |
155 | items: [ | |
156 | { | |
157 | text: gettext('User Permission'), | |
158 | iconCls: 'fa fa-fw fa-user', | |
159 | handler: 'addUserACL', | |
160 | }, | |
161 | { | |
162 | text: gettext('API Token Permission'), | |
163 | iconCls: 'fa fa-fw fa-user-o', | |
164 | handler: 'addTokenACL', | |
165 | }, | |
166 | ], | |
167 | }, | |
0542cfdf DC |
168 | }, |
169 | { | |
170 | xtype: 'proxmoxStdRemoveButton', | |
171 | handler: 'removeACL', | |
172 | callback: 'reload', | |
173 | }, | |
174 | ], | |
175 | ||
176 | columns: [ | |
177 | { | |
178 | header: gettext('Path'), | |
ba2e4b15 | 179 | width: 250, |
0542cfdf DC |
180 | sortable: true, |
181 | renderer: Ext.String.htmlEncode, | |
182 | dataIndex: 'path', | |
183 | }, | |
184 | { | |
184a3763 | 185 | header: gettext('User/Group/API Token'), |
54adea36 | 186 | width: 200, |
0542cfdf DC |
187 | sortable: true, |
188 | renderer: Ext.String.htmlEncode, | |
189 | dataIndex: 'ugid', | |
190 | }, | |
191 | { | |
192 | header: gettext('Role'), | |
54adea36 | 193 | width: 200, |
0542cfdf DC |
194 | sortable: true, |
195 | dataIndex: 'roleid', | |
196 | }, | |
197 | { | |
198 | header: gettext('Propagate'), | |
ba2e4b15 | 199 | flex: 1, // last element flex looks better |
0542cfdf DC |
200 | sortable: true, |
201 | renderer: Proxmox.Utils.format_boolean, | |
202 | dataIndex: 'propagate', | |
203 | }, | |
204 | ], | |
0542cfdf | 205 | }); |