[pve-manager.git] / www / manager6 / dc / AuthEdit.js

Ext.define('PVE.dc.AuthEdit', {
    extend: 'Proxmox.window.Edit',
    alias: ['widget.pveDcAuthEdit'],

    isAdd: true,

    initComponent : function() {
        var me = this;

        me.isCreate = !me.realm;

        var url;
        var method;
        var serverlist;

        if (me.isCreate) {
            url = '/api2/extjs/access/domains';
            method = 'POST';
        } else {
            url = '/api2/extjs/access/domains/' + me.realm;
            method = 'PUT';
        }

        var column1 = [
            {
                xtype: me.isCreate ? 'textfield' : 'displayfield',
                name: 'realm',
                fieldLabel: gettext('Realm'),
                value: me.realm,
                allowBlank: false
            }
	];

	if (me.authType === 'ad') {

	    me.subject = gettext('Active Directory Server');

            column1.push({
                xtype: 'textfield',
                name: 'domain',
                fieldLabel: gettext('Domain'),
                emptyText: 'company.net',
                allowBlank: false
            });

	} else if (me.authType === 'ldap') {

	    me.subject = gettext('LDAP Server');

            column1.push({
                xtype: 'textfield',
                name: 'base_dn',
                fieldLabel: gettext('Base Domain Name'),
		emptyText: 'CN=Users,DC=Company,DC=net',
                allowBlank: false
            });

            column1.push({
                xtype: 'textfield',
                name: 'user_attr',
                emptyText: 'uid / sAMAccountName',
                fieldLabel: gettext('User Attribute Name'),
                allowBlank: false
            });
	} else if (me.authType === 'pve') {

	    if (me.isCreate) {
		throw 'unknown auth type';
	    }

	    me.subject = 'Proxmox VE authentication server';

	} else if (me.authType === 'pam') {

	    if (me.isCreate) {
		throw 'unknown auth type';
	    }

	    me.subject = 'linux PAM';

	} else {
	    throw 'unknown auth type ';
	}

        column1.push({
            xtype: 'proxmoxcheckbox',
            fieldLabel: gettext('Default'),
            name: 'default',
            uncheckedValue: 0
        });

        var column2 = [];

	if (me.authType === 'ldap' || me.authType === 'ad') {
	    column2.push(
		{
                    xtype: 'textfield',
                    fieldLabel: gettext('Server'),
                    name: 'server1',
                    allowBlank: false
		},
		{
                    xtype: 'proxmoxtextfield',
                    fieldLabel: gettext('Fallback Server'),
		    deleteEmpty: !me.isCreate,
		    name: 'server2'
		},
		{
                    xtype: 'proxmoxintegerfield',
                    name: 'port',
                    fieldLabel: gettext('Port'),
                    minValue: 1,
                    maxValue: 65535,
		    emptyText: gettext('Default'),
		    submitEmptyText: false
		},
		{
                    xtype: 'proxmoxcheckbox',
                    fieldLabel: 'SSL',
                    name: 'secure',
                    uncheckedValue: 0
		}
            );
	}

	// Two Factor Auth settings

        column2.push({
            xtype: 'proxmoxKVComboBox',
            name: 'tfa',
	    deleteEmpty: !me.isCreate,
	    value: '',
            fieldLabel: gettext('TFA'),
	    comboItems: [ ['__default__', Proxmox.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
	    listeners: {
		change: function(f, value) {
		    if (!me.rendered) {
			return;
		    }
		    me.down('field[name=oath_step]').setVisible(value === 'oath');
		    me.down('field[name=oath_digits]').setVisible(value === 'oath');
		    me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
		    me.down('field[name=yubico_url]').setVisible(value === 'yubico');
		}
	    }
        });

	column2.push({
            xtype: 'proxmoxintegerfield',
            name: 'oath_step',
	    value: '',
	    minValue: 10,
	    emptyText: Proxmox.Utils.defaultText + ' (30)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH time step'
        });

	column2.push({
            xtype: 'proxmoxintegerfield',
            name: 'oath_digits',
	    value: '',
	    minValue: 6,
	    maxValue: 8,
	    emptyText: Proxmox.Utils.defaultText + ' (6)',
	    submitEmptyText: false,
	    hidden: true,
            fieldLabel: 'OATH password length'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_id',
	    hidden: true,
            fieldLabel: 'Yubico API Id'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_api_key',
	    hidden: true,
            fieldLabel: 'Yubico API Key'
        });

	column2.push({
            xtype: 'textfield',
            name: 'yubico_url',
	    hidden: true,
            fieldLabel: 'Yubico URL'
        });

	var ipanel = Ext.create('PVE.panel.InputPanel', {
	    column1: column1,
	    column2: column2,
	    columnB: [{
		xtype: 'textfield',
		name: 'comment',
		fieldLabel: gettext('Comment')
            }],
	    onGetValues: function(values) {
		if (!values.port) {
		    if (!me.isCreate) {
			Proxmox.Utils.assemble_field_data(values, { 'delete': 'port' });
		    }
		    delete values.port;
		}

		if (me.isCreate) {
		    values.type = me.authType;
		}

		if (values.tfa === 'oath') {
		    values.tfa = "type=oath";
		    if (values.oath_step) {
			values.tfa += ",step=" + values.oath_step;
		    }
		    if (values.oath_digits) {
			values.tfa += ",digits=" + values.oath_digits;
		    }
		} else if (values.tfa === 'yubico') {
		    values.tfa = "type=yubico";
		    values.tfa += ",id=" + values.yubico_api_id;
		    values.tfa += ",key=" + values.yubico_api_key;
		    if (values.yubico_url) {
			values.tfa += ",url=" + values.yubico_url;
		    }
		} else {
		    delete values.tfa;
		}

		delete values.oath_step;
		delete values.oath_digits;
		delete values.yubico_api_id;
		delete values.yubico_api_key;
		delete values.yubico_url;
		
		return values;
	    }
	});

	Ext.applyIf(me, {
            url: url,
            method: method,
	    fieldDefaults: {
		labelWidth: 120
	    },
	    items: [ ipanel ]
        });

        me.callParent();

        if (!me.isCreate) {
            me.load({
                success: function(response, options) {
		    var data = response.result.data || {};
		    // just to be sure (should not happen)
		    if (data.type !== me.authType) {
			me.close();
			throw "got wrong auth type";
		    }

		    if (data.tfa) {
			var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
			data.tfa = tfacfg.type;
			if (tfacfg.type === 'yubico') {
			    data.yubico_api_key = tfacfg.key;
			    data.yubico_api_id = tfacfg.id;
			    data.yubico_url = tfacfg.url;
			} else if (tfacfg.type === 'oath') {
			    // step is a number before
			    /*jslint confusion: true*/
			    data.oath_step = tfacfg.step;
			    data.oath_digits = tfacfg.digits;
			    /*jslint confusion: false*/
			}
		    }

                    me.setValues(data);
                }
            });
        }
    }
});
Commit	Line	Data
9a75448b	1	Ext.define('PVE.dc.AuthEdit', {
9fccc702	2	extend: 'Proxmox.window.Edit',
9a75448b DM	3	alias: ['widget.pveDcAuthEdit'],
	4
	5	isAdd: true,
	6
	7	initComponent : function() {
	8	var me = this;
	9
d5e771ce	10	me.isCreate = !me.realm;
9a75448b DM	11
	12	var url;
	13	var method;
	14	var serverlist;
	15
d5e771ce	16	if (me.isCreate) {
9a75448b DM	17	url = '/api2/extjs/access/domains';
	18	method = 'POST';
	19	} else {
	20	url = '/api2/extjs/access/domains/' + me.realm;
	21	method = 'PUT';
	22	}
	23
	24	var column1 = [
	25	{
d5e771ce	26	xtype: me.isCreate ? 'textfield' : 'displayfield',
9a75448b DM	27	name: 'realm',
	28	fieldLabel: gettext('Realm'),
	29	value: me.realm,
	30	allowBlank: false
	31	}
	32	];
	33
	34	if (me.authType === 'ad') {
	35
	36	me.subject = gettext('Active Directory Server');
	37
	38	column1.push({
	39	xtype: 'textfield',
	40	name: 'domain',
	41	fieldLabel: gettext('Domain'),
	42	emptyText: 'company.net',
	43	allowBlank: false
	44	});
	45
	46	} else if (me.authType === 'ldap') {
	47
	48	me.subject = gettext('LDAP Server');
	49
	50	column1.push({
	51	xtype: 'textfield',
	52	name: 'base_dn',
	53	fieldLabel: gettext('Base Domain Name'),
	54	emptyText: 'CN=Users,DC=Company,DC=net',
	55	allowBlank: false
	56	});
	57
	58	column1.push({
	59	xtype: 'textfield',
	60	name: 'user_attr',
	61	emptyText: 'uid / sAMAccountName',
	62	fieldLabel: gettext('User Attribute Name'),
	63	allowBlank: false
	64	});
	65	} else if (me.authType === 'pve') {
	66
d5e771ce	67	if (me.isCreate) {
84de645d DC	68	throw 'unknown auth type';
84de645d DC	69	}
9a75448b DM	70
	71	me.subject = 'Proxmox VE authentication server';
	72
	73	} else if (me.authType === 'pam') {
	74
d5e771ce	75	if (me.isCreate) {
84de645d DC	76	throw 'unknown auth type';
84de645d DC	77	}
9a75448b DM	78
	79	me.subject = 'linux PAM';
	80
	81	} else {
	82	throw 'unknown auth type ';
	83	}
	84
	85	column1.push({
896c0d50	86	xtype: 'proxmoxcheckbox',
9a75448b DM	87	fieldLabel: gettext('Default'),
	88	name: 'default',
	89	uncheckedValue: 0
	90	});
	91
	92	var column2 = [];
	93
	94	if (me.authType === 'ldap' \|\| me.authType === 'ad') {
a2f35eb2	95	column2.push(
9a75448b DM	96	{
	97	xtype: 'textfield',
	98	fieldLabel: gettext('Server'),
	99	name: 'server1',
	100	allowBlank: false
	101	},
	102	{
dbed4c1c	103	xtype: 'proxmoxtextfield',
9a75448b	104	fieldLabel: gettext('Fallback Server'),
d5e771ce	105	deleteEmpty: !me.isCreate,
9a75448b DM	106	name: 'server2'
	107	},
	108	{
bf96f60d	109	xtype: 'proxmoxintegerfield',
9a75448b DM	110	name: 'port',
	111	fieldLabel: gettext('Port'),
	112	minValue: 1,
	113	maxValue: 65535,
	114	emptyText: gettext('Default'),
	115	submitEmptyText: false
	116	},
	117	{
896c0d50	118	xtype: 'proxmoxcheckbox',
9a75448b DM	119	fieldLabel: 'SSL',
	120	name: 'secure',
	121	uncheckedValue: 0
	122	}
a2f35eb2	123	);
9a75448b DM	124	}
	125
	126	// Two Factor Auth settings
	127
	128	column2.push({
09cacce7	129	xtype: 'proxmoxKVComboBox',
9a75448b	130	name: 'tfa',
d5e771ce	131	deleteEmpty: !me.isCreate,
9a75448b DM	132	value: '',
9a75448b DM	133	fieldLabel: gettext('TFA'),
e7ade592	134	comboItems: [ ['__default__', Proxmox.Utils.noneText], ['oath', 'OATH'], ['yubico', 'Yubico']],
9a75448b DM	135	listeners: {
	136	change: function(f, value) {
	137	if (!me.rendered) {
	138	return;
	139	}
	140	me.down('field[name=oath_step]').setVisible(value === 'oath');
	141	me.down('field[name=oath_digits]').setVisible(value === 'oath');
	142	me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
	143	me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
	144	me.down('field[name=yubico_url]').setVisible(value === 'yubico');
	145	}
	146	}
	147	});
	148
	149	column2.push({
bf96f60d	150	xtype: 'proxmoxintegerfield',
9a75448b DM	151	name: 'oath_step',
	152	value: '',
	153	minValue: 10,
e7ade592	154	emptyText: Proxmox.Utils.defaultText + ' (30)',
9a75448b DM	155	submitEmptyText: false,
	156	hidden: true,
	157	fieldLabel: 'OATH time step'
	158	});
	159
	160	column2.push({
bf96f60d	161	xtype: 'proxmoxintegerfield',
9a75448b DM	162	name: 'oath_digits',
	163	value: '',
	164	minValue: 6,
	165	maxValue: 8,
e7ade592	166	emptyText: Proxmox.Utils.defaultText + ' (6)',
9a75448b DM	167	submitEmptyText: false,
	168	hidden: true,
	169	fieldLabel: 'OATH password length'
	170	});
	171
	172	column2.push({
	173	xtype: 'textfield',
	174	name: 'yubico_api_id',
	175	hidden: true,
	176	fieldLabel: 'Yubico API Id'
	177	});
	178
	179	column2.push({
	180	xtype: 'textfield',
	181	name: 'yubico_api_key',
	182	hidden: true,
	183	fieldLabel: 'Yubico API Key'
	184	});
	185
	186	column2.push({
	187	xtype: 'textfield',
	188	name: 'yubico_url',
	189	hidden: true,
	190	fieldLabel: 'Yubico URL'
	191	});
	192
	193	var ipanel = Ext.create('PVE.panel.InputPanel', {
	194	column1: column1,
	195	column2: column2,
	196	columnB: [{
	197	xtype: 'textfield',
	198	name: 'comment',
	199	fieldLabel: gettext('Comment')
	200	}],
	201	onGetValues: function(values) {
	202	if (!values.port) {
d5e771ce	203	if (!me.isCreate) {
e7ade592	204	Proxmox.Utils.assemble_field_data(values, { 'delete': 'port' });
9a75448b DM	205	}
	206	delete values.port;
	207	}
	208
d5e771ce	209	if (me.isCreate) {
9a75448b DM	210	values.type = me.authType;
	211	}
	212
	213	if (values.tfa === 'oath') {
	214	values.tfa = "type=oath";
	215	if (values.oath_step) {
	216	values.tfa += ",step=" + values.oath_step;
	217	}
	218	if (values.oath_digits) {
	219	values.tfa += ",digits=" + values.oath_digits;
	220	}
	221	} else if (values.tfa === 'yubico') {
	222	values.tfa = "type=yubico";
	223	values.tfa += ",id=" + values.yubico_api_id;
	224	values.tfa += ",key=" + values.yubico_api_key;
	225	if (values.yubico_url) {
	226	values.tfa += ",url=" + values.yubico_url;
	227	}
	228	} else {
	229	delete values.tfa;
	230	}
	231
	232	delete values.oath_step;
	233	delete values.oath_digits;
	234	delete values.yubico_api_id;
	235	delete values.yubico_api_key;
	236	delete values.yubico_url;
	237
	238	return values;
	239	}
	240	});
	241
	242	Ext.applyIf(me, {
	243	url: url,
	244	method: method,
	245	fieldDefaults: {
	246	labelWidth: 120
	247	},
	248	items: [ ipanel ]
	249	});
	250
	251	me.callParent();
	252
d5e771ce	253	if (!me.isCreate) {
9a75448b DM	254	me.load({
	255	success: function(response, options) {
	256	var data = response.result.data \|\| {};
	257	// just to be sure (should not happen)
	258	if (data.type !== me.authType) {
	259	me.close();
	260	throw "got wrong auth type";
	261	}
	262
	263	if (data.tfa) {
	264	var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
	265	data.tfa = tfacfg.type;
	266	if (tfacfg.type === 'yubico') {
	267	data.yubico_api_key = tfacfg.key;
	268	data.yubico_api_id = tfacfg.id;
	269	data.yubico_url = tfacfg.url;
	270	} else if (tfacfg.type === 'oath') {
ec0bd652 DC	271	// step is a number before
ec0bd652 DC	272	/jslint confusion: true/
9a75448b DM	273	data.oath_step = tfacfg.step;
9a75448b DM	274	data.oath_digits = tfacfg.digits;
ec0bd652	275	/jslint confusion: false/
9a75448b DM	276	}
	277	}
	278
	279	me.setValues(data);
	280	}
	281	});
	282	}
	283	}
	284	});