]>
Commit | Line | Data |
---|---|---|
9a75448b DM |
1 | Ext.define('PVE.dc.AuthEdit', { |
2 | extend: 'PVE.window.Edit', | |
3 | alias: ['widget.pveDcAuthEdit'], | |
4 | ||
5 | isAdd: true, | |
6 | ||
7 | initComponent : function() { | |
8 | var me = this; | |
9 | ||
10 | me.create = !me.realm; | |
11 | ||
12 | var url; | |
13 | var method; | |
14 | var serverlist; | |
15 | ||
16 | if (me.create) { | |
17 | url = '/api2/extjs/access/domains'; | |
18 | method = 'POST'; | |
19 | } else { | |
20 | url = '/api2/extjs/access/domains/' + me.realm; | |
21 | method = 'PUT'; | |
22 | } | |
23 | ||
24 | var column1 = [ | |
25 | { | |
26 | xtype: me.create ? 'textfield' : 'displayfield', | |
9a75448b DM |
27 | name: 'realm', |
28 | fieldLabel: gettext('Realm'), | |
29 | value: me.realm, | |
30 | allowBlank: false | |
31 | } | |
32 | ]; | |
33 | ||
34 | if (me.authType === 'ad') { | |
35 | ||
36 | me.subject = gettext('Active Directory Server'); | |
37 | ||
38 | column1.push({ | |
39 | xtype: 'textfield', | |
40 | name: 'domain', | |
41 | fieldLabel: gettext('Domain'), | |
42 | emptyText: 'company.net', | |
43 | allowBlank: false | |
44 | }); | |
45 | ||
46 | } else if (me.authType === 'ldap') { | |
47 | ||
48 | me.subject = gettext('LDAP Server'); | |
49 | ||
50 | column1.push({ | |
51 | xtype: 'textfield', | |
52 | name: 'base_dn', | |
53 | fieldLabel: gettext('Base Domain Name'), | |
54 | emptyText: 'CN=Users,DC=Company,DC=net', | |
55 | allowBlank: false | |
56 | }); | |
57 | ||
58 | column1.push({ | |
59 | xtype: 'textfield', | |
60 | name: 'user_attr', | |
61 | emptyText: 'uid / sAMAccountName', | |
62 | fieldLabel: gettext('User Attribute Name'), | |
63 | allowBlank: false | |
64 | }); | |
65 | } else if (me.authType === 'pve') { | |
66 | ||
67 | if (me.create) throw 'unknown auth type'; | |
68 | ||
69 | me.subject = 'Proxmox VE authentication server'; | |
70 | ||
71 | } else if (me.authType === 'pam') { | |
72 | ||
73 | if (me.create) throw 'unknown auth type'; | |
74 | ||
75 | me.subject = 'linux PAM'; | |
76 | ||
77 | } else { | |
78 | throw 'unknown auth type '; | |
79 | } | |
80 | ||
81 | column1.push({ | |
82 | xtype: 'pvecheckbox', | |
83 | fieldLabel: gettext('Default'), | |
84 | name: 'default', | |
85 | uncheckedValue: 0 | |
86 | }); | |
87 | ||
88 | var column2 = []; | |
89 | ||
90 | if (me.authType === 'ldap' || me.authType === 'ad') { | |
a2f35eb2 | 91 | column2.push( |
9a75448b DM |
92 | { |
93 | xtype: 'textfield', | |
94 | fieldLabel: gettext('Server'), | |
95 | name: 'server1', | |
96 | allowBlank: false | |
97 | }, | |
98 | { | |
99 | xtype: 'pvetextfield', | |
100 | fieldLabel: gettext('Fallback Server'), | |
101 | deleteEmpty: !me.create, | |
102 | name: 'server2' | |
103 | }, | |
104 | { | |
105 | xtype: 'numberfield', | |
106 | name: 'port', | |
107 | fieldLabel: gettext('Port'), | |
108 | minValue: 1, | |
109 | maxValue: 65535, | |
110 | emptyText: gettext('Default'), | |
111 | submitEmptyText: false | |
112 | }, | |
113 | { | |
114 | xtype: 'pvecheckbox', | |
115 | fieldLabel: 'SSL', | |
116 | name: 'secure', | |
117 | uncheckedValue: 0 | |
118 | } | |
a2f35eb2 | 119 | ); |
9a75448b DM |
120 | } |
121 | ||
122 | // Two Factor Auth settings | |
123 | ||
124 | column2.push({ | |
125 | xtype: 'pveKVComboBox', | |
126 | name: 'tfa', | |
127 | deleteEmpty: !me.create, | |
128 | value: '', | |
129 | fieldLabel: gettext('TFA'), | |
f2782813 | 130 | comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']], |
9a75448b DM |
131 | listeners: { |
132 | change: function(f, value) { | |
133 | if (!me.rendered) { | |
134 | return; | |
135 | } | |
136 | me.down('field[name=oath_step]').setVisible(value === 'oath'); | |
137 | me.down('field[name=oath_digits]').setVisible(value === 'oath'); | |
138 | me.down('field[name=yubico_api_id]').setVisible(value === 'yubico'); | |
139 | me.down('field[name=yubico_api_key]').setVisible(value === 'yubico'); | |
140 | me.down('field[name=yubico_url]').setVisible(value === 'yubico'); | |
141 | } | |
142 | } | |
143 | }); | |
144 | ||
145 | column2.push({ | |
146 | xtype: 'numberfield', | |
147 | name: 'oath_step', | |
148 | value: '', | |
149 | minValue: 10, | |
150 | step: 1, | |
151 | allowDecimals: false, | |
152 | allowBlank: true, | |
153 | emptyText: PVE.Utils.defaultText + ' (30)', | |
154 | submitEmptyText: false, | |
155 | hidden: true, | |
156 | fieldLabel: 'OATH time step' | |
157 | }); | |
158 | ||
159 | column2.push({ | |
160 | xtype: 'numberfield', | |
161 | name: 'oath_digits', | |
162 | value: '', | |
163 | minValue: 6, | |
164 | maxValue: 8, | |
165 | step: 1, | |
166 | allowDecimals: false, | |
167 | allowBlank: true, | |
168 | emptyText: PVE.Utils.defaultText + ' (6)', | |
169 | submitEmptyText: false, | |
170 | hidden: true, | |
171 | fieldLabel: 'OATH password length' | |
172 | }); | |
173 | ||
174 | column2.push({ | |
175 | xtype: 'textfield', | |
176 | name: 'yubico_api_id', | |
177 | hidden: true, | |
178 | fieldLabel: 'Yubico API Id' | |
179 | }); | |
180 | ||
181 | column2.push({ | |
182 | xtype: 'textfield', | |
183 | name: 'yubico_api_key', | |
184 | hidden: true, | |
185 | fieldLabel: 'Yubico API Key' | |
186 | }); | |
187 | ||
188 | column2.push({ | |
189 | xtype: 'textfield', | |
190 | name: 'yubico_url', | |
191 | hidden: true, | |
192 | fieldLabel: 'Yubico URL' | |
193 | }); | |
194 | ||
195 | var ipanel = Ext.create('PVE.panel.InputPanel', { | |
196 | column1: column1, | |
197 | column2: column2, | |
198 | columnB: [{ | |
199 | xtype: 'textfield', | |
200 | name: 'comment', | |
201 | fieldLabel: gettext('Comment') | |
202 | }], | |
203 | onGetValues: function(values) { | |
204 | if (!values.port) { | |
205 | if (!me.create) { | |
206 | PVE.Utils.assemble_field_data(values, { 'delete': 'port' }); | |
207 | } | |
208 | delete values.port; | |
209 | } | |
210 | ||
211 | if (me.create) { | |
212 | values.type = me.authType; | |
213 | } | |
214 | ||
215 | if (values.tfa === 'oath') { | |
216 | values.tfa = "type=oath"; | |
217 | if (values.oath_step) { | |
218 | values.tfa += ",step=" + values.oath_step; | |
219 | } | |
220 | if (values.oath_digits) { | |
221 | values.tfa += ",digits=" + values.oath_digits; | |
222 | } | |
223 | } else if (values.tfa === 'yubico') { | |
224 | values.tfa = "type=yubico"; | |
225 | values.tfa += ",id=" + values.yubico_api_id; | |
226 | values.tfa += ",key=" + values.yubico_api_key; | |
227 | if (values.yubico_url) { | |
228 | values.tfa += ",url=" + values.yubico_url; | |
229 | } | |
230 | } else { | |
231 | delete values.tfa; | |
232 | } | |
233 | ||
234 | delete values.oath_step; | |
235 | delete values.oath_digits; | |
236 | delete values.yubico_api_id; | |
237 | delete values.yubico_api_key; | |
238 | delete values.yubico_url; | |
239 | ||
240 | return values; | |
241 | } | |
242 | }); | |
243 | ||
244 | Ext.applyIf(me, { | |
245 | url: url, | |
246 | method: method, | |
247 | fieldDefaults: { | |
248 | labelWidth: 120 | |
249 | }, | |
250 | items: [ ipanel ] | |
251 | }); | |
252 | ||
253 | me.callParent(); | |
254 | ||
255 | if (!me.create) { | |
256 | me.load({ | |
257 | success: function(response, options) { | |
258 | var data = response.result.data || {}; | |
259 | // just to be sure (should not happen) | |
260 | if (data.type !== me.authType) { | |
261 | me.close(); | |
262 | throw "got wrong auth type"; | |
263 | } | |
264 | ||
265 | if (data.tfa) { | |
266 | var tfacfg = PVE.Parser.parseTfaConfig(data.tfa); | |
267 | data.tfa = tfacfg.type; | |
268 | if (tfacfg.type === 'yubico') { | |
269 | data.yubico_api_key = tfacfg.key; | |
270 | data.yubico_api_id = tfacfg.id; | |
271 | data.yubico_url = tfacfg.url; | |
272 | } else if (tfacfg.type === 'oath') { | |
273 | data.oath_step = tfacfg.step; | |
274 | data.oath_digits = tfacfg.digits; | |
275 | } | |
276 | } | |
277 | ||
278 | me.setValues(data); | |
279 | } | |
280 | }); | |
281 | } | |
282 | } | |
283 | }); |