[pve-manager.git] / www / manager6 / dc / AuthEdit.js

Ext.define('PVE.dc.AuthEdit', {
    extend: 'PVE.window.Edit',
    alias: ['widget.pveDcAuthEdit'],

    isAdd: true,

    initComponent : function() {
        var me = this;

        me.create = !me.realm;

        var url;
        var method;
        var serverlist;

        if (me.create) {
            url = '/api2/extjs/access/domains';
            method = 'POST';
        } else {
            url = '/api2/extjs/access/domains/' + me.realm;
            method = 'PUT';
        }

        var column1 = [
            {
                xtype: me.create ? 'textfield' : 'displayfield',
                name: 'realm',
                fieldLabel: gettext('Realm'),
                value: me.realm,
                allowBlank: false
            }
	];

	if (me.authType === 'ad') {

	    me.subject = gettext('Active Directory Server');

            column1.push({
                xtype: 'textfield',
                name: 'domain',
                fieldLabel: gettext('Domain'),
                emptyText: 'company.net',
                allowBlank: false
            });

	} else if (me.authType === 'ldap') {

	    me.subject = gettext('LDAP Server');

            column1.push({
                xtype: 'textfield',
                name: 'base_dn',
                fieldLabel: gettext('Base Domain Name'),
		emptyText: 'CN=Users,DC=Company,DC=net',
                allowBlank: false
            });

            column1.push({
                xtype: 'textfield',
                name: 'user_attr',
                emptyText: 'uid / sAMAccountName',
                fieldLabel: gettext('User Attribute Name'),
                allowBlank: false
            });
	} else if (me.authType === 'pve') {

	    if (me.create) throw 'unknown auth type';

	    me.subject = 'Proxmox VE authentication server';

	} else if (me.authType === 'pam') {

	    if (me.create) throw 'unknown auth type';

	    me.subject = 'linux PAM';

	} else {
	    throw 'unknown auth type ';
	}

        column1.push({
            xtype: 'pvecheckbox',
            fieldLabel: gettext('Default'),
            name: 'default',
            uncheckedValue: 0
        });

        var column2 = [];

	if (me.authType === 'ldap' || me.authType === 'ad') {
	    column2.push(
		{
                    xtype: 'textfield',
                    fieldLabel: gettext('Server'),
                    name: 'server1',
                    allowBlank: false
		},
		{
                    xtype: 'pvetextfield',
                    fieldLabel: gettext('Fallback Server'),
		    deleteEmpty: !me.create,
		    name: 'server2'
		},
		{
                    xtype: 'numberfield',
                    name: 'port',
                    fieldLabel: gettext('Port'),
                    minValue: 1,
                    maxValue: 65535,
		    emptyText: gettext('Default'),
		    submitEmptyText: false
		},
		{
                    xtype: 'pvecheckbox',
                    fieldLabel: 'SSL',
                    name: 'secure',
                    uncheckedValue: 0
		}
            );
	}

	// Two Factor Auth settings

        column2.push({
            xtype: 'pveKVComboBox',
            name: 'tfa',
	    deleteEmpty: !me.create,
	    value: '',
            fieldLabel: gettext('TFA'),
	    comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
	    listeners: {
		change: function(f, value) {
		    if (!me.rendered) {
			return;
		    }
		    me.down('field[name=oath_step]').setVisible(value === 'oath');
		    me.down('field[name=oath_digits]').setVisible(value === 'oath');
		    me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_url]').setVisible(value === 'yubico');
		}
	    }
        });

	column2.push({
            xtype: 'numberfield',
            name: 'oath_step',
	    value: '',
	    minValue: 10,
	    step: 1,
	    allowDecimals: false,
	    allowBlank: true,
	    emptyText: PVE.Utils.defaultText + ' (30)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH time step'
        });

	column2.push({
            xtype: 'numberfield',
            name: 'oath_digits',
	    value: '',
	    minValue: 6,
	    maxValue: 8,
	    step: 1,
	    allowDecimals: false,
	    allowBlank: true,
	    emptyText: PVE.Utils.defaultText + ' (6)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH password length'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_id',
	    hidden: true,
            fieldLabel: 'Yubico API Id'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_key',
	    hidden: true,
            fieldLabel: 'Yubico API Key'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_url',
	    hidden: true,
            fieldLabel: 'Yubico URL'
        });

	var ipanel = Ext.create('PVE.panel.InputPanel', {
	    column1: column1,
	    column2: column2,
	    columnB: [{
		xtype: 'textfield',
		name: 'comment',
		fieldLabel: gettext('Comment')
            }],
	    onGetValues: function(values) {
		if (!values.port) {
		    if (!me.create) {
			PVE.Utils.assemble_field_data(values, { 'delete': 'port' });
		    }
		    delete values.port;
		}

		if (me.create) {
		    values.type = me.authType;
		}

		if (values.tfa === 'oath') {
		    values.tfa = "type=oath";
		    if (values.oath_step) {
			values.tfa += ",step=" + values.oath_step;
		    }
		    if (values.oath_digits) {
			values.tfa += ",digits=" + values.oath_digits;
		    }
		} else if (values.tfa === 'yubico') {
		    values.tfa = "type=yubico";
		    values.tfa += ",id=" + values.yubico_api_id;
		    values.tfa += ",key=" + values.yubico_api_key;
		    if (values.yubico_url) {
			values.tfa += ",url=" + values.yubico_url;
		    }
		} else {
		    delete values.tfa;
		}

		delete values.oath_step;
		delete values.oath_digits;
		delete values.yubico_api_id;
		delete values.yubico_api_key;
		delete values.yubico_url;
		
		return values;
	    }
	});

	Ext.applyIf(me, {
            url: url,
            method: method,
	    fieldDefaults: {
		labelWidth: 120
	    },
	    items: [ ipanel ]
        });

        me.callParent();

        if (!me.create) {
            me.load({
                success: function(response, options) {
		    var data = response.result.data || {};
		    // just to be sure (should not happen)
		    if (data.type !== me.authType) {
			me.close();
			throw "got wrong auth type";
		    }

		    if (data.tfa) {
			var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
			data.tfa = tfacfg.type;
			if (tfacfg.type === 'yubico') {
			    data.yubico_api_key = tfacfg.key;
			    data.yubico_api_id = tfacfg.id;
			    data.yubico_url = tfacfg.url;
			} else if (tfacfg.type === 'oath') {
			    data.oath_step = tfacfg.step;
			    data.oath_digits = tfacfg.digits;
			}
		    }

                    me.setValues(data);
                }
            });
        }
    }
});
Commit	Line	Data
9a75448b DM	1	Ext.define('PVE.dc.AuthEdit', {
	2	extend: 'PVE.window.Edit',
	3	alias: ['widget.pveDcAuthEdit'],
	4
	5	isAdd: true,
	6
	7	initComponent : function() {
	8	var me = this;
	9
	10	me.create = !me.realm;
	11
	12	var url;
	13	var method;
	14	var serverlist;
	15
	16	if (me.create) {
	17	url = '/api2/extjs/access/domains';
	18	method = 'POST';
	19	} else {
	20	url = '/api2/extjs/access/domains/' + me.realm;
	21	method = 'PUT';
	22	}
	23
	24	var column1 = [
	25	{
	26	xtype: me.create ? 'textfield' : 'displayfield',
9a75448b DM	27	name: 'realm',
	28	fieldLabel: gettext('Realm'),
	29	value: me.realm,
	30	allowBlank: false
	31	}
	32	];
	33
	34	if (me.authType === 'ad') {
	35
	36	me.subject = gettext('Active Directory Server');
	37
	38	column1.push({
	39	xtype: 'textfield',
	40	name: 'domain',
	41	fieldLabel: gettext('Domain'),
	42	emptyText: 'company.net',
	43	allowBlank: false
	44	});
	45
	46	} else if (me.authType === 'ldap') {
	47
	48	me.subject = gettext('LDAP Server');
	49
	50	column1.push({
	51	xtype: 'textfield',
	52	name: 'base_dn',
	53	fieldLabel: gettext('Base Domain Name'),
	54	emptyText: 'CN=Users,DC=Company,DC=net',
	55	allowBlank: false
	56	});
	57
	58	column1.push({
	59	xtype: 'textfield',
	60	name: 'user_attr',
	61	emptyText: 'uid / sAMAccountName',
	62	fieldLabel: gettext('User Attribute Name'),
	63	allowBlank: false
	64	});
	65	} else if (me.authType === 'pve') {
	66
	67	if (me.create) throw 'unknown auth type';
	68
	69	me.subject = 'Proxmox VE authentication server';
	70
	71	} else if (me.authType === 'pam') {
	72
	73	if (me.create) throw 'unknown auth type';
	74
	75	me.subject = 'linux PAM';
	76
	77	} else {
	78	throw 'unknown auth type ';
	79	}
	80
	81	column1.push({
	82	xtype: 'pvecheckbox',
	83	fieldLabel: gettext('Default'),
	84	name: 'default',
	85	uncheckedValue: 0
	86	});
	87
	88	var column2 = [];
	89
	90	if (me.authType === 'ldap' \|\| me.authType === 'ad') {
a2f35eb2	91	column2.push(
9a75448b DM	92	{
	93	xtype: 'textfield',
	94	fieldLabel: gettext('Server'),
	95	name: 'server1',
	96	allowBlank: false
	97	},
	98	{
	99	xtype: 'pvetextfield',
	100	fieldLabel: gettext('Fallback Server'),
	101	deleteEmpty: !me.create,
	102	name: 'server2'
	103	},
	104	{
	105	xtype: 'numberfield',
	106	name: 'port',
	107	fieldLabel: gettext('Port'),
	108	minValue: 1,
	109	maxValue: 65535,
	110	emptyText: gettext('Default'),
	111	submitEmptyText: false
	112	},
	113	{
	114	xtype: 'pvecheckbox',
	115	fieldLabel: 'SSL',
	116	name: 'secure',
	117	uncheckedValue: 0
	118	}
a2f35eb2	119	);
9a75448b DM	120	}
	121
	122	// Two Factor Auth settings
	123
	124	column2.push({
	125	xtype: 'pveKVComboBox',
	126	name: 'tfa',
	127	deleteEmpty: !me.create,
	128	value: '',
	129	fieldLabel: gettext('TFA'),
f2782813	130	comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
9a75448b DM	131	listeners: {
	132	change: function(f, value) {
	133	if (!me.rendered) {
	134	return;
	135	}
	136	me.down('field[name=oath_step]').setVisible(value === 'oath');
	137	me.down('field[name=oath_digits]').setVisible(value === 'oath');
	138	me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
	139	me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
	140	me.down('field[name=yubico_url]').setVisible(value === 'yubico');
	141	}
	142	}
	143	});
	144
	145	column2.push({
	146	xtype: 'numberfield',
	147	name: 'oath_step',
	148	value: '',
	149	minValue: 10,
	150	step: 1,
	151	allowDecimals: false,
	152	allowBlank: true,
	153	emptyText: PVE.Utils.defaultText + ' (30)',
	154	submitEmptyText: false,
	155	hidden: true,
	156	fieldLabel: 'OATH time step'
	157	});
	158
	159	column2.push({
	160	xtype: 'numberfield',
	161	name: 'oath_digits',
	162	value: '',
	163	minValue: 6,
	164	maxValue: 8,
	165	step: 1,
	166	allowDecimals: false,
	167	allowBlank: true,
	168	emptyText: PVE.Utils.defaultText + ' (6)',
	169	submitEmptyText: false,
	170	hidden: true,
	171	fieldLabel: 'OATH password length'
	172	});
	173
	174	column2.push({
	175	xtype: 'textfield',
	176	name: 'yubico_api_id',
	177	hidden: true,
	178	fieldLabel: 'Yubico API Id'
	179	});
	180
	181	column2.push({
	182	xtype: 'textfield',
	183	name: 'yubico_api_key',
	184	hidden: true,
	185	fieldLabel: 'Yubico API Key'
	186	});
	187
	188	column2.push({
	189	xtype: 'textfield',
	190	name: 'yubico_url',
	191	hidden: true,
	192	fieldLabel: 'Yubico URL'
	193	});
	194
195	var ipanel = Ext.create('PVE.panel.InputPanel', {
196	column1: column1,
197	column2: column2,
198	columnB: [{
199	xtype: 'textfield',
200	name: 'comment',
201	fieldLabel: gettext('Comment')
202	}],
203	onGetValues: function(values) {
204	if (!values.port) {
205	if (!me.create) {
206	PVE.Utils.assemble_field_data(values, { 'delete': 'port' });
207	}
208	delete values.port;
209	}
210
211	if (me.create) {
212	values.type = me.authType;
213	}
214
215	if (values.tfa === 'oath') {
216	values.tfa = "type=oath";
217	if (values.oath_step) {
218	values.tfa += ",step=" + values.oath_step;
219	}
220	if (values.oath_digits) {
221	values.tfa += ",digits=" + values.oath_digits;
222	}
223	} else if (values.tfa === 'yubico') {
224	values.tfa = "type=yubico";
225	values.tfa += ",id=" + values.yubico_api_id;
226	values.tfa += ",key=" + values.yubico_api_key;
227	if (values.yubico_url) {
228	values.tfa += ",url=" + values.yubico_url;
229	}
230	} else {
231	delete values.tfa;
232	}
233
234	delete values.oath_step;
235	delete values.oath_digits;
236	delete values.yubico_api_id;
237	delete values.yubico_api_key;
238	delete values.yubico_url;
239
240	return values;
241	}
242	});
243
244	Ext.applyIf(me, {
245	url: url,
246	method: method,
247	fieldDefaults: {
248	labelWidth: 120
249	},
250	items: [ ipanel ]
251	});
252
253	me.callParent();
254
255	if (!me.create) {
256	me.load({
257	success: function(response, options) {
258	var data = response.result.data \|\| {};
259	// just to be sure (should not happen)
260	if (data.type !== me.authType) {
261	me.close();
262	throw "got wrong auth type";
263	}
264
265	if (data.tfa) {
266	var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
267	data.tfa = tfacfg.type;
268	if (tfacfg.type === 'yubico') {
269	data.yubico_api_key = tfacfg.key;
270	data.yubico_api_id = tfacfg.id;
271	data.yubico_url = tfacfg.url;
272	} else if (tfacfg.type === 'oath') {
273	data.oath_step = tfacfg.step;
274	data.oath_digits = tfacfg.digits;
275	}
276	}
277
278	me.setValues(data);
279	}
280	});
281	}
282	}
283	});