]>
Commit | Line | Data |
---|---|---|
9a75448b DM |
1 | Ext.define('PVE.dc.AuthEdit', { |
2 | extend: 'PVE.window.Edit', | |
3 | alias: ['widget.pveDcAuthEdit'], | |
4 | ||
5 | isAdd: true, | |
6 | ||
7 | initComponent : function() { | |
8 | var me = this; | |
9 | ||
d5e771ce | 10 | me.isCreate = !me.realm; |
9a75448b DM |
11 | |
12 | var url; | |
13 | var method; | |
14 | var serverlist; | |
15 | ||
d5e771ce | 16 | if (me.isCreate) { |
9a75448b DM |
17 | url = '/api2/extjs/access/domains'; |
18 | method = 'POST'; | |
19 | } else { | |
20 | url = '/api2/extjs/access/domains/' + me.realm; | |
21 | method = 'PUT'; | |
22 | } | |
23 | ||
24 | var column1 = [ | |
25 | { | |
d5e771ce | 26 | xtype: me.isCreate ? 'textfield' : 'displayfield', |
9a75448b DM |
27 | name: 'realm', |
28 | fieldLabel: gettext('Realm'), | |
29 | value: me.realm, | |
30 | allowBlank: false | |
31 | } | |
32 | ]; | |
33 | ||
34 | if (me.authType === 'ad') { | |
35 | ||
36 | me.subject = gettext('Active Directory Server'); | |
37 | ||
38 | column1.push({ | |
39 | xtype: 'textfield', | |
40 | name: 'domain', | |
41 | fieldLabel: gettext('Domain'), | |
42 | emptyText: 'company.net', | |
43 | allowBlank: false | |
44 | }); | |
45 | ||
46 | } else if (me.authType === 'ldap') { | |
47 | ||
48 | me.subject = gettext('LDAP Server'); | |
49 | ||
50 | column1.push({ | |
51 | xtype: 'textfield', | |
52 | name: 'base_dn', | |
53 | fieldLabel: gettext('Base Domain Name'), | |
54 | emptyText: 'CN=Users,DC=Company,DC=net', | |
55 | allowBlank: false | |
56 | }); | |
57 | ||
58 | column1.push({ | |
59 | xtype: 'textfield', | |
60 | name: 'user_attr', | |
61 | emptyText: 'uid / sAMAccountName', | |
62 | fieldLabel: gettext('User Attribute Name'), | |
63 | allowBlank: false | |
64 | }); | |
65 | } else if (me.authType === 'pve') { | |
66 | ||
d5e771ce | 67 | if (me.isCreate) { |
84de645d DC |
68 | throw 'unknown auth type'; |
69 | } | |
9a75448b DM |
70 | |
71 | me.subject = 'Proxmox VE authentication server'; | |
72 | ||
73 | } else if (me.authType === 'pam') { | |
74 | ||
d5e771ce | 75 | if (me.isCreate) { |
84de645d DC |
76 | throw 'unknown auth type'; |
77 | } | |
9a75448b DM |
78 | |
79 | me.subject = 'linux PAM'; | |
80 | ||
81 | } else { | |
82 | throw 'unknown auth type '; | |
83 | } | |
84 | ||
85 | column1.push({ | |
86 | xtype: 'pvecheckbox', | |
87 | fieldLabel: gettext('Default'), | |
88 | name: 'default', | |
89 | uncheckedValue: 0 | |
90 | }); | |
91 | ||
92 | var column2 = []; | |
93 | ||
94 | if (me.authType === 'ldap' || me.authType === 'ad') { | |
a2f35eb2 | 95 | column2.push( |
9a75448b DM |
96 | { |
97 | xtype: 'textfield', | |
98 | fieldLabel: gettext('Server'), | |
99 | name: 'server1', | |
100 | allowBlank: false | |
101 | }, | |
102 | { | |
103 | xtype: 'pvetextfield', | |
104 | fieldLabel: gettext('Fallback Server'), | |
d5e771ce | 105 | deleteEmpty: !me.isCreate, |
9a75448b DM |
106 | name: 'server2' |
107 | }, | |
108 | { | |
8a7e5598 | 109 | xtype: 'pveIntegerField', |
9a75448b DM |
110 | name: 'port', |
111 | fieldLabel: gettext('Port'), | |
112 | minValue: 1, | |
113 | maxValue: 65535, | |
114 | emptyText: gettext('Default'), | |
115 | submitEmptyText: false | |
116 | }, | |
117 | { | |
118 | xtype: 'pvecheckbox', | |
119 | fieldLabel: 'SSL', | |
120 | name: 'secure', | |
121 | uncheckedValue: 0 | |
122 | } | |
a2f35eb2 | 123 | ); |
9a75448b DM |
124 | } |
125 | ||
126 | // Two Factor Auth settings | |
127 | ||
128 | column2.push({ | |
129 | xtype: 'pveKVComboBox', | |
130 | name: 'tfa', | |
d5e771ce | 131 | deleteEmpty: !me.isCreate, |
9a75448b DM |
132 | value: '', |
133 | fieldLabel: gettext('TFA'), | |
f2782813 | 134 | comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']], |
9a75448b DM |
135 | listeners: { |
136 | change: function(f, value) { | |
137 | if (!me.rendered) { | |
138 | return; | |
139 | } | |
140 | me.down('field[name=oath_step]').setVisible(value === 'oath'); | |
141 | me.down('field[name=oath_digits]').setVisible(value === 'oath'); | |
142 | me.down('field[name=yubico_api_id]').setVisible(value === 'yubico'); | |
143 | me.down('field[name=yubico_api_key]').setVisible(value === 'yubico'); | |
144 | me.down('field[name=yubico_url]').setVisible(value === 'yubico'); | |
145 | } | |
146 | } | |
147 | }); | |
148 | ||
149 | column2.push({ | |
8a7e5598 | 150 | xtype: 'pveIntegerField', |
9a75448b DM |
151 | name: 'oath_step', |
152 | value: '', | |
153 | minValue: 10, | |
9a75448b DM |
154 | emptyText: PVE.Utils.defaultText + ' (30)', |
155 | submitEmptyText: false, | |
156 | hidden: true, | |
157 | fieldLabel: 'OATH time step' | |
158 | }); | |
159 | ||
160 | column2.push({ | |
8a7e5598 | 161 | xtype: 'pveIntegerField', |
9a75448b DM |
162 | name: 'oath_digits', |
163 | value: '', | |
164 | minValue: 6, | |
165 | maxValue: 8, | |
9a75448b DM |
166 | emptyText: PVE.Utils.defaultText + ' (6)', |
167 | submitEmptyText: false, | |
168 | hidden: true, | |
169 | fieldLabel: 'OATH password length' | |
170 | }); | |
171 | ||
172 | column2.push({ | |
173 | xtype: 'textfield', | |
174 | name: 'yubico_api_id', | |
175 | hidden: true, | |
176 | fieldLabel: 'Yubico API Id' | |
177 | }); | |
178 | ||
179 | column2.push({ | |
180 | xtype: 'textfield', | |
181 | name: 'yubico_api_key', | |
182 | hidden: true, | |
183 | fieldLabel: 'Yubico API Key' | |
184 | }); | |
185 | ||
186 | column2.push({ | |
187 | xtype: 'textfield', | |
188 | name: 'yubico_url', | |
189 | hidden: true, | |
190 | fieldLabel: 'Yubico URL' | |
191 | }); | |
192 | ||
193 | var ipanel = Ext.create('PVE.panel.InputPanel', { | |
194 | column1: column1, | |
195 | column2: column2, | |
196 | columnB: [{ | |
197 | xtype: 'textfield', | |
198 | name: 'comment', | |
199 | fieldLabel: gettext('Comment') | |
200 | }], | |
201 | onGetValues: function(values) { | |
202 | if (!values.port) { | |
d5e771ce | 203 | if (!me.isCreate) { |
9a75448b DM |
204 | PVE.Utils.assemble_field_data(values, { 'delete': 'port' }); |
205 | } | |
206 | delete values.port; | |
207 | } | |
208 | ||
d5e771ce | 209 | if (me.isCreate) { |
9a75448b DM |
210 | values.type = me.authType; |
211 | } | |
212 | ||
213 | if (values.tfa === 'oath') { | |
214 | values.tfa = "type=oath"; | |
215 | if (values.oath_step) { | |
216 | values.tfa += ",step=" + values.oath_step; | |
217 | } | |
218 | if (values.oath_digits) { | |
219 | values.tfa += ",digits=" + values.oath_digits; | |
220 | } | |
221 | } else if (values.tfa === 'yubico') { | |
222 | values.tfa = "type=yubico"; | |
223 | values.tfa += ",id=" + values.yubico_api_id; | |
224 | values.tfa += ",key=" + values.yubico_api_key; | |
225 | if (values.yubico_url) { | |
226 | values.tfa += ",url=" + values.yubico_url; | |
227 | } | |
228 | } else { | |
229 | delete values.tfa; | |
230 | } | |
231 | ||
232 | delete values.oath_step; | |
233 | delete values.oath_digits; | |
234 | delete values.yubico_api_id; | |
235 | delete values.yubico_api_key; | |
236 | delete values.yubico_url; | |
237 | ||
238 | return values; | |
239 | } | |
240 | }); | |
241 | ||
242 | Ext.applyIf(me, { | |
243 | url: url, | |
244 | method: method, | |
245 | fieldDefaults: { | |
246 | labelWidth: 120 | |
247 | }, | |
248 | items: [ ipanel ] | |
249 | }); | |
250 | ||
251 | me.callParent(); | |
252 | ||
d5e771ce | 253 | if (!me.isCreate) { |
9a75448b DM |
254 | me.load({ |
255 | success: function(response, options) { | |
256 | var data = response.result.data || {}; | |
257 | // just to be sure (should not happen) | |
258 | if (data.type !== me.authType) { | |
259 | me.close(); | |
260 | throw "got wrong auth type"; | |
261 | } | |
262 | ||
263 | if (data.tfa) { | |
264 | var tfacfg = PVE.Parser.parseTfaConfig(data.tfa); | |
265 | data.tfa = tfacfg.type; | |
266 | if (tfacfg.type === 'yubico') { | |
267 | data.yubico_api_key = tfacfg.key; | |
268 | data.yubico_api_id = tfacfg.id; | |
269 | data.yubico_url = tfacfg.url; | |
270 | } else if (tfacfg.type === 'oath') { | |
ec0bd652 DC |
271 | // step is a number before |
272 | /*jslint confusion: true*/ | |
9a75448b DM |
273 | data.oath_step = tfacfg.step; |
274 | data.oath_digits = tfacfg.digits; | |
ec0bd652 | 275 | /*jslint confusion: false*/ |
9a75448b DM |
276 | } |
277 | } | |
278 | ||
279 | me.setValues(data); | |
280 | } | |
281 | }); | |
282 | } | |
283 | } | |
284 | }); |