From 184a37635b10a4bea82a0d35d4b10b733a2eb09e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fabian=20Gr=C3=BCnbichler?= Date: Wed, 28 Oct 2020 11:07:27 +0100 Subject: [PATCH] gui: add API token ACLs MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit and the needed API token selector. Signed-off-by: Fabian Grünbichler --- www/Makefile | 1 + www/config/ACLView.js | 42 +++++++++++++++++++---- www/form/TokenSelector.js | 72 +++++++++++++++++++++++++++++++++++++++ www/window/ACLEdit.js | 69 ++++++++++++++++++++++--------------- 4 files changed, 150 insertions(+), 34 deletions(-) create mode 100644 www/form/TokenSelector.js diff --git a/www/Makefile b/www/Makefile index 77420a56..7135df9a 100644 --- a/www/Makefile +++ b/www/Makefile @@ -6,6 +6,7 @@ IMAGES := \ JSSRC= \ form/UserSelector.js \ + form/TokenSelector.js \ form/RemoteSelector.js \ form/DataStoreSelector.js \ form/CalendarEvent.js \ diff --git a/www/config/ACLView.js b/www/config/ACLView.js index d552b029..67bf04f8 100644 --- a/www/config/ACLView.js +++ b/www/config/ACLView.js @@ -31,19 +31,35 @@ Ext.define('PBS.config.ACLView', { controller: { xclass: 'Ext.app.ViewController', - addACL: function() { + addUserACL: function() { let me = this; let view = me.getView(); - Ext.create('PBS.window.ACLEdit', { + Ext.create('PBS.window.ACLEdit', { path: view.aclPath, + aclType: 'user', listeners: { destroy: function() { me.reload(); }, }, - }).show(); + }).show(); }, + addTokenACL: function() { + let me = this; + let view = me.getView(); + Ext.create('PBS.window.ACLEdit', { + path: view.aclPath, + aclType: 'token', + listeners: { + destroy: function() { + me.reload(); + }, + }, + }).show(); + }, + + removeACL: function(btn, event, rec) { let me = this; Proxmox.Utils.API2Request({ @@ -106,10 +122,22 @@ Ext.define('PBS.config.ACLView', { tbar: [ { - xtype: 'proxmoxButton', text: gettext('Add'), - handler: 'addACL', - selModel: false, + menu: { + xtype: 'menu', + items: [ + { + text: gettext('User Permission'), + iconCls: 'fa fa-fw fa-user', + handler: 'addUserACL', + }, + { + text: gettext('API Token Permission'), + iconCls: 'fa fa-fw fa-user-o', + handler: 'addTokenACL', + }, + ], + }, }, { xtype: 'proxmoxStdRemoveButton', @@ -127,7 +155,7 @@ Ext.define('PBS.config.ACLView', { dataIndex: 'path', }, { - header: gettext('User/Group'), + header: gettext('User/Group/API Token'), width: 100, sortable: true, renderer: Ext.String.htmlEncode, diff --git a/www/form/TokenSelector.js b/www/form/TokenSelector.js new file mode 100644 index 00000000..502fe827 --- /dev/null +++ b/www/form/TokenSelector.js @@ -0,0 +1,72 @@ +Ext.define('PBS.form.TokenSelector', { + extend: 'Proxmox.form.ComboGrid', + alias: 'widget.pbsTokenSelector', + + allowBlank: false, + autoSelect: false, + valueField: 'tokenid', + displayField: 'tokenid', + + editable: true, + anyMatch: true, + forceSelection: true, + + store: { + model: 'pbs-tokens', + params: { + enabled: 1, + }, + sorters: 'tokenid', + }, + + initComponent: function() { + let me = this; + me.userStore = Ext.create('Ext.data.Store', { + model: 'pbs-users-with-tokens', + }); + me.userStore.on('load', this.onLoad, this); + me.userStore.load(); + + me.callParent(); + }, + + onLoad: function(store, data, success) { + if (!success) return; + + let tokenStore = this.store; + + let records = []; + Ext.Array.each(data, function(user) { + let tokens = user.data.tokens || []; + Ext.Array.each(tokens, function(token) { + let r = {}; + r.tokenid = token.tokenid; + r.comment = token.comment; + r.expire = token.expire; + r.enable = token.enable; + records.push(r); + }); + }); + + tokenStore.loadData(records); + }, + + listConfig: { + columns: [ + { + header: gettext('API Token'), + sortable: true, + dataIndex: 'tokenid', + renderer: Ext.String.htmlEncode, + flex: 1, + }, + { + header: gettext('Comment'), + sortable: false, + dataIndex: 'comment', + renderer: Ext.String.htmlEncode, + flex: 1, + }, + ], + }, +}); diff --git a/www/window/ACLEdit.js b/www/window/ACLEdit.js index ffeb9e81..42db1ff6 100644 --- a/www/window/ACLEdit.js +++ b/www/window/ACLEdit.js @@ -14,47 +14,62 @@ Ext.define('PBS.window.ACLEdit', { // caller can give a static path path: undefined, - subject: gettext('User Permission'), - - getValues: function(dirtyOnly) { + initComponent: function() { let me = this; - let values = me.callParent(arguments); - if (me.path) { - values.path = me.path; - } - return values; - }, + me.items = []; - items: [ - { + me.items.push({ xtype: 'pbsPermissionPathSelector', fieldLabel: gettext('Path'), - cbind: { - editable: '{!path}', - value: '{path}', - }, + editable: !me.path, + value: me.path, name: 'path', allowBlank: false, - }, - { - xtype: 'pbsUserSelector', - fieldLabel: gettext('User'), - name: 'auth_id', - allowBlank: false, - }, - { + }); + + if (me.aclType === 'user') { + me.subject = gettext('User Permission'); + me.items.push({ + xtype: 'pbsUserSelector', + fieldLabel: gettext('User'), + name: 'auth_id', + allowBlank: false, + }); + } else if (me.aclType === 'token') { + me.subject = gettext('API Token Permission'); + me.items.push({ + xtype: 'pbsTokenSelector', + fieldLabel: gettext('API Token'), + name: 'auth_id', + allowBlank: false, + }); + } + me.items.push({ xtype: 'pmxRoleSelector', name: 'role', value: 'NoAccess', fieldLabel: gettext('Role'), - }, - { + }); + me.items.push({ xtype: 'proxmoxcheckbox', name: 'propagate', checked: true, uncheckedValue: 0, fieldLabel: gettext('Propagate'), - }, - ], + }); + + me.callParent(); + }, + + getValues: function(dirtyOnly) { + let me = this; + let values = me.callParent(arguments); + + if (me.path) { + values.path = me.path; + } + return values; + }, + }); -- 2.39.5