[pve-manager.git] / www / manager6 / dc / AuthEdit.js

Ext.define('PVE.dc.AuthEdit', {
    extend: 'PVE.window.Edit',
    alias: ['widget.pveDcAuthEdit'],

    isAdd: true,

    initComponent : function() {
        var me = this;

        me.create = !me.realm;

        var url;
        var method;
        var serverlist;

        if (me.create) {
            url = '/api2/extjs/access/domains';
            method = 'POST';
        } else {
            url = '/api2/extjs/access/domains/' + me.realm;
            method = 'PUT';
        }

        var column1 = [
            {
                xtype: me.create ? 'textfield' : 'displayfield',
                name: 'realm',
                fieldLabel: gettext('Realm'),
                value: me.realm,
                allowBlank: false
            }
	];

	if (me.authType === 'ad') {

	    me.subject = gettext('Active Directory Server');

            column1.push({
                xtype: 'textfield',
                name: 'domain',
                fieldLabel: gettext('Domain'),
                emptyText: 'company.net',
                allowBlank: false
            });

	} else if (me.authType === 'ldap') {

	    me.subject = gettext('LDAP Server');

            column1.push({
                xtype: 'textfield',
                name: 'base_dn',
                fieldLabel: gettext('Base Domain Name'),
		emptyText: 'CN=Users,DC=Company,DC=net',
                allowBlank: false
            });

            column1.push({
                xtype: 'textfield',
                name: 'user_attr',
                emptyText: 'uid / sAMAccountName',
                fieldLabel: gettext('User Attribute Name'),
                allowBlank: false
            });
	} else if (me.authType === 'pve') {

	    if (me.create) {
		throw 'unknown auth type';
	    }

	    me.subject = 'Proxmox VE authentication server';

	} else if (me.authType === 'pam') {

	    if (me.create) {
		throw 'unknown auth type';
	    }

	    me.subject = 'linux PAM';

	} else {
	    throw 'unknown auth type ';
	}

        column1.push({
            xtype: 'pvecheckbox',
            fieldLabel: gettext('Default'),
            name: 'default',
            uncheckedValue: 0
        });

        var column2 = [];

	if (me.authType === 'ldap' || me.authType === 'ad') {
	    column2.push(
		{
                    xtype: 'textfield',
                    fieldLabel: gettext('Server'),
                    name: 'server1',
                    allowBlank: false
		},
		{
                    xtype: 'pvetextfield',
                    fieldLabel: gettext('Fallback Server'),
		    deleteEmpty: !me.create,
		    name: 'server2'
		},
		{
                    xtype: 'numberfield',
                    name: 'port',
                    fieldLabel: gettext('Port'),
                    minValue: 1,
                    maxValue: 65535,
		    emptyText: gettext('Default'),
		    submitEmptyText: false
		},
		{
                    xtype: 'pvecheckbox',
                    fieldLabel: 'SSL',
                    name: 'secure',
                    uncheckedValue: 0
		}
            );
	}

	// Two Factor Auth settings

        column2.push({
            xtype: 'pveKVComboBox',
            name: 'tfa',
	    deleteEmpty: !me.create,
	    value: '',
            fieldLabel: gettext('TFA'),
	    comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
	    listeners: {
		change: function(f, value) {
		    if (!me.rendered) {
			return;
		    }
		    me.down('field[name=oath_step]').setVisible(value === 'oath');
		    me.down('field[name=oath_digits]').setVisible(value === 'oath');
		    me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_url]').setVisible(value === 'yubico');
		}
	    }
        });

	column2.push({
            xtype: 'numberfield',
            name: 'oath_step',
	    value: '',
	    minValue: 10,
	    step: 1,
	    allowDecimals: false,
	    allowBlank: true,
	    emptyText: PVE.Utils.defaultText + ' (30)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH time step'
        });

	column2.push({
            xtype: 'numberfield',
            name: 'oath_digits',
	    value: '',
	    minValue: 6,
	    maxValue: 8,
	    step: 1,
	    allowDecimals: false,
	    allowBlank: true,
	    emptyText: PVE.Utils.defaultText + ' (6)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH password length'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_id',
	    hidden: true,
            fieldLabel: 'Yubico API Id'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_key',
	    hidden: true,
            fieldLabel: 'Yubico API Key'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_url',
	    hidden: true,
            fieldLabel: 'Yubico URL'
        });

	var ipanel = Ext.create('PVE.panel.InputPanel', {
	    column1: column1,
	    column2: column2,
	    columnB: [{
		xtype: 'textfield',
		name: 'comment',
		fieldLabel: gettext('Comment')
            }],
	    onGetValues: function(values) {
		if (!values.port) {
		    if (!me.create) {
			PVE.Utils.assemble_field_data(values, { 'delete': 'port' });
		    }
		    delete values.port;
		}

		if (me.create) {
		    values.type = me.authType;
		}

		if (values.tfa === 'oath') {
		    values.tfa = "type=oath";
		    if (values.oath_step) {
			values.tfa += ",step=" + values.oath_step;
		    }
		    if (values.oath_digits) {
			values.tfa += ",digits=" + values.oath_digits;
		    }
		} else if (values.tfa === 'yubico') {
		    values.tfa = "type=yubico";
		    values.tfa += ",id=" + values.yubico_api_id;
		    values.tfa += ",key=" + values.yubico_api_key;
		    if (values.yubico_url) {
			values.tfa += ",url=" + values.yubico_url;
		    }
		} else {
		    delete values.tfa;
		}

		delete values.oath_step;
		delete values.oath_digits;
		delete values.yubico_api_id;
		delete values.yubico_api_key;
		delete values.yubico_url;
		
		return values;
	    }
	});

	Ext.applyIf(me, {
            url: url,
            method: method,
	    fieldDefaults: {
		labelWidth: 120
	    },
	    items: [ ipanel ]
        });

        me.callParent();

        if (!me.create) {
            me.load({
                success: function(response, options) {
		    var data = response.result.data || {};
		    // just to be sure (should not happen)
		    if (data.type !== me.authType) {
			me.close();
			throw "got wrong auth type";
		    }

		    if (data.tfa) {
			var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
			data.tfa = tfacfg.type;
			if (tfacfg.type === 'yubico') {
			    data.yubico_api_key = tfacfg.key;
			    data.yubico_api_id = tfacfg.id;
			    data.yubico_url = tfacfg.url;
			} else if (tfacfg.type === 'oath') {
			    data.oath_step = tfacfg.step;
			    data.oath_digits = tfacfg.digits;
			}
		    }

                    me.setValues(data);
                }
            });
        }
    }
});
Commit	Line	Data
9a75448b DM	1	Ext.define('PVE.dc.AuthEdit', {
	2	extend: 'PVE.window.Edit',
	3	alias: ['widget.pveDcAuthEdit'],
	4
	5	isAdd: true,
	6
	7	initComponent : function() {
	8	var me = this;
	9
	10	me.create = !me.realm;
	11
	12	var url;
	13	var method;
	14	var serverlist;
	15
	16	if (me.create) {
	17	url = '/api2/extjs/access/domains';
	18	method = 'POST';
	19	} else {
	20	url = '/api2/extjs/access/domains/' + me.realm;
	21	method = 'PUT';
	22	}
	23
	24	var column1 = [
	25	{
	26	xtype: me.create ? 'textfield' : 'displayfield',
9a75448b DM	27	name: 'realm',
	28	fieldLabel: gettext('Realm'),
	29	value: me.realm,
	30	allowBlank: false
	31	}
	32	];
	33
	34	if (me.authType === 'ad') {
	35
	36	me.subject = gettext('Active Directory Server');
	37
	38	column1.push({
	39	xtype: 'textfield',
	40	name: 'domain',
	41	fieldLabel: gettext('Domain'),
	42	emptyText: 'company.net',
	43	allowBlank: false
	44	});
	45
	46	} else if (me.authType === 'ldap') {
	47
	48	me.subject = gettext('LDAP Server');
	49
	50	column1.push({
	51	xtype: 'textfield',
	52	name: 'base_dn',
	53	fieldLabel: gettext('Base Domain Name'),
	54	emptyText: 'CN=Users,DC=Company,DC=net',
	55	allowBlank: false
	56	});
	57
	58	column1.push({
	59	xtype: 'textfield',
	60	name: 'user_attr',
	61	emptyText: 'uid / sAMAccountName',
	62	fieldLabel: gettext('User Attribute Name'),
	63	allowBlank: false
	64	});
	65	} else if (me.authType === 'pve') {
	66
84de645d DC	67	if (me.create) {
	68	throw 'unknown auth type';
	69	}
9a75448b DM	70
	71	me.subject = 'Proxmox VE authentication server';
	72
	73	} else if (me.authType === 'pam') {
	74
84de645d DC	75	if (me.create) {
	76	throw 'unknown auth type';
	77	}
9a75448b DM	78
	79	me.subject = 'linux PAM';
	80
	81	} else {
	82	throw 'unknown auth type ';
	83	}
	84
	85	column1.push({
	86	xtype: 'pvecheckbox',
	87	fieldLabel: gettext('Default'),
	88	name: 'default',
	89	uncheckedValue: 0
	90	});
	91
	92	var column2 = [];
	93
	94	if (me.authType === 'ldap' \|\| me.authType === 'ad') {
a2f35eb2	95	column2.push(
9a75448b DM	96	{
	97	xtype: 'textfield',
	98	fieldLabel: gettext('Server'),
	99	name: 'server1',
	100	allowBlank: false
	101	},
	102	{
	103	xtype: 'pvetextfield',
	104	fieldLabel: gettext('Fallback Server'),
	105	deleteEmpty: !me.create,
	106	name: 'server2'
	107	},
	108	{
	109	xtype: 'numberfield',
	110	name: 'port',
	111	fieldLabel: gettext('Port'),
	112	minValue: 1,
	113	maxValue: 65535,
	114	emptyText: gettext('Default'),
	115	submitEmptyText: false
	116	},
	117	{
	118	xtype: 'pvecheckbox',
	119	fieldLabel: 'SSL',
	120	name: 'secure',
	121	uncheckedValue: 0
	122	}
a2f35eb2	123	);
9a75448b DM	124	}
	125
	126	// Two Factor Auth settings
	127
	128	column2.push({
	129	xtype: 'pveKVComboBox',
	130	name: 'tfa',
	131	deleteEmpty: !me.create,
	132	value: '',
	133	fieldLabel: gettext('TFA'),
f2782813	134	comboItems: [ ['__default__', PVE.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
9a75448b DM	135	listeners: {
	136	change: function(f, value) {
	137	if (!me.rendered) {
	138	return;
	139	}
	140	me.down('field[name=oath_step]').setVisible(value === 'oath');
	141	me.down('field[name=oath_digits]').setVisible(value === 'oath');
	142	me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
	143	me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
	144	me.down('field[name=yubico_url]').setVisible(value === 'yubico');
	145	}
	146	}
	147	});
	148
	149	column2.push({
	150	xtype: 'numberfield',
	151	name: 'oath_step',
	152	value: '',
	153	minValue: 10,
	154	step: 1,
	155	allowDecimals: false,
	156	allowBlank: true,
	157	emptyText: PVE.Utils.defaultText + ' (30)',
	158	submitEmptyText: false,
	159	hidden: true,
	160	fieldLabel: 'OATH time step'
	161	});
	162
	163	column2.push({
	164	xtype: 'numberfield',
	165	name: 'oath_digits',
	166	value: '',
	167	minValue: 6,
	168	maxValue: 8,
	169	step: 1,
	170	allowDecimals: false,
	171	allowBlank: true,
	172	emptyText: PVE.Utils.defaultText + ' (6)',
	173	submitEmptyText: false,
	174	hidden: true,
	175	fieldLabel: 'OATH password length'
	176	});
	177
	178	column2.push({
	179	xtype: 'textfield',
	180	name: 'yubico_api_id',
	181	hidden: true,
	182	fieldLabel: 'Yubico API Id'
	183	});
	184
	185	column2.push({
	186	xtype: 'textfield',
	187	name: 'yubico_api_key',
	188	hidden: true,
	189	fieldLabel: 'Yubico API Key'
	190	});
	191
	192	column2.push({
	193	xtype: 'textfield',
	194	name: 'yubico_url',
	195	hidden: true,
	196	fieldLabel: 'Yubico URL'
	197	});
	198
199	var ipanel = Ext.create('PVE.panel.InputPanel', {
200	column1: column1,
201	column2: column2,
202	columnB: [{
203	xtype: 'textfield',
204	name: 'comment',
205	fieldLabel: gettext('Comment')
206	}],
207	onGetValues: function(values) {
208	if (!values.port) {
209	if (!me.create) {
210	PVE.Utils.assemble_field_data(values, { 'delete': 'port' });
211	}
212	delete values.port;
213	}
214
215	if (me.create) {
216	values.type = me.authType;
217	}
218
219	if (values.tfa === 'oath') {
220	values.tfa = "type=oath";
221	if (values.oath_step) {
222	values.tfa += ",step=" + values.oath_step;
223	}
224	if (values.oath_digits) {
225	values.tfa += ",digits=" + values.oath_digits;
226	}
227	} else if (values.tfa === 'yubico') {
228	values.tfa = "type=yubico";
229	values.tfa += ",id=" + values.yubico_api_id;
230	values.tfa += ",key=" + values.yubico_api_key;
231	if (values.yubico_url) {
232	values.tfa += ",url=" + values.yubico_url;
233	}
234	} else {
235	delete values.tfa;
236	}
237
238	delete values.oath_step;
239	delete values.oath_digits;
240	delete values.yubico_api_id;
241	delete values.yubico_api_key;
242	delete values.yubico_url;
243
244	return values;
245	}
246	});
247
248	Ext.applyIf(me, {
249	url: url,
250	method: method,
251	fieldDefaults: {
252	labelWidth: 120
253	},
254	items: [ ipanel ]
255	});
256
257	me.callParent();
258
259	if (!me.create) {
260	me.load({
261	success: function(response, options) {
262	var data = response.result.data \|\| {};
263	// just to be sure (should not happen)
264	if (data.type !== me.authType) {
265	me.close();
266	throw "got wrong auth type";
267	}
268
269	if (data.tfa) {
270	var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
271	data.tfa = tfacfg.type;
272	if (tfacfg.type === 'yubico') {
273	data.yubico_api_key = tfacfg.key;
274	data.yubico_api_id = tfacfg.id;
275	data.yubico_url = tfacfg.url;
276	} else if (tfacfg.type === 'oath') {
277	data.oath_step = tfacfg.step;
278	data.oath_digits = tfacfg.digits;
279	}
280	}
281
282	me.setValues(data);
283	}
284	});
285	}
286	}
287	});