From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 14/16] gui: add API token UI
Date: Wed, 28 Oct 2020 12:37:15 +0100 [thread overview]
Message-ID: <20201028113717.827644-5-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20201028113717.827644-1-f.gruenbichler@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
www/Makefile | 2 +
www/NavigationTree.js | 6 ++
www/Utils.js | 8 ++
www/config/TokenView.js | 218 ++++++++++++++++++++++++++++++++++++++++
www/window/TokenEdit.js | 213 +++++++++++++++++++++++++++++++++++++++
5 files changed, 447 insertions(+)
create mode 100644 www/config/TokenView.js
create mode 100644 www/window/TokenEdit.js
diff --git a/www/Makefile b/www/Makefile
index 75d389d9..ab056c8c 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -13,12 +13,14 @@ JSSRC= \
data/RunningTasksStore.js \
button/TaskButton.js \
config/UserView.js \
+ config/TokenView.js \
config/RemoteView.js \
config/ACLView.js \
config/SyncView.js \
config/VerifyView.js \
window/UserEdit.js \
window/UserPassword.js \
+ window/TokenEdit.js \
window/VerifyJobEdit.js \
window/RemoteEdit.js \
window/SyncJobEdit.js \
diff --git a/www/NavigationTree.js b/www/NavigationTree.js
index 6524a5c3..d4e5d966 100644
--- a/www/NavigationTree.js
+++ b/www/NavigationTree.js
@@ -34,6 +34,12 @@ Ext.define('PBS.store.NavigationStore', {
path: 'pbsUserView',
leaf: true,
},
+ {
+ text: gettext('API Token'),
+ iconCls: 'fa fa-user-o',
+ path: 'pbsTokenView',
+ leaf: true,
+ },
{
text: gettext('Permissions'),
iconCls: 'fa fa-unlock',
diff --git a/www/Utils.js b/www/Utils.js
index 221a2f2b..58319345 100644
--- a/www/Utils.js
+++ b/www/Utils.js
@@ -84,6 +84,14 @@ Ext.define('PBS.Utils', {
return `Datastore ${what} ${id}`;
},
+ extractTokenUser: function(tokenid) {
+ return tokenid.match(/^(.+)!([^!]+)$/)[1];
+ },
+
+ extractTokenName: function(tokenid) {
+ return tokenid.match(/^(.+)!([^!]+)$/)[2];
+ },
+
constructor: function() {
var me = this;
diff --git a/www/config/TokenView.js b/www/config/TokenView.js
new file mode 100644
index 00000000..88b3f194
--- /dev/null
+++ b/www/config/TokenView.js
@@ -0,0 +1,218 @@
+Ext.define('pbs-tokens', {
+ extend: 'Ext.data.Model',
+ fields: [
+ 'tokenid', 'tokenname', 'user', 'comment',
+ { type: 'boolean', name: 'enable', defaultValue: true },
+ { type: 'date', dateFormat: 'timestamp', name: 'expire' },
+ ],
+ idProperty: 'tokenid',
+});
+
+Ext.define('pbs-users-with-tokens', {
+ extend: 'Ext.data.Model',
+ fields: [
+ 'userid', 'firstname', 'lastname', 'email', 'comment',
+ { type: 'boolean', name: 'enable', defaultValue: true },
+ { type: 'date', dateFormat: 'timestamp', name: 'expire' },
+ 'tokens',
+ ],
+ idProperty: 'userid',
+ proxy: {
+ type: 'proxmox',
+ url: '/api2/json/access/users/?include_tokens=1',
+ },
+});
+
+Ext.define('PBS.config.TokenView', {
+ extend: 'Ext.grid.GridPanel',
+ alias: 'widget.pbsTokenView',
+
+ stateful: true,
+ stateId: 'grid-tokens',
+
+ title: gettext('API Tokens'),
+
+ controller: {
+ xclass: 'Ext.app.ViewController',
+
+ init: function(view) {
+ view.userStore = Ext.create('Proxmox.data.UpdateStore', {
+ autoStart: true,
+ interval: 5 * 1000,
+ storeId: 'pbs-users-with-tokens',
+ storeid: 'pbs-users-with-tokens',
+ model: 'pbs-users-with-tokens',
+ });
+ view.userStore.on('load', this.onLoad, this);
+ view.on('destroy', view.userStore.stopUpdate);
+ Proxmox.Utils.monStoreErrors(view, view.userStore);
+ },
+
+ reload: function() { this.getView().userStore.load(); },
+
+ onLoad: function(store, data, success) {
+ if (!success) return;
+
+ let tokenStore = this.getView().store.rstore;
+
+ let records = [];
+ Ext.Array.each(data, function(user) {
+ let tokens = user.data.tokens || [];
+ Ext.Array.each(tokens, function(token) {
+ let r = {};
+ r.tokenid = token.tokenid;
+ r.comment = token.comment;
+ r.expire = token.expire;
+ r.enable = token.enable;
+ records.push(r);
+ });
+ });
+
+ tokenStore.loadData(records);
+ tokenStore.fireEvent('load', tokenStore, records, true);
+ },
+
+ addToken: function() {
+ let me = this;
+ Ext.create('PBS.window.TokenEdit', {
+ isCreate: true,
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+ editToken: function() {
+ let me = this;
+ let view = me.getView();
+ let selection = view.getSelection();
+ if (selection.length < 1) return;
+ Ext.create('PBS.window.TokenEdit', {
+ user: PBS.Utils.extractTokenUser(selection[0].data.tokenid),
+ tokenname: PBS.Utils.extractTokenName(selection[0].data.tokenid),
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+ showPermissions: function() {
+ let me = this;
+ let view = me.getView();
+ let selection = view.getSelection();
+
+ if (selection.length < 1) return;
+
+ Ext.create('Proxmox.PermissionView', {
+ auth_id: selection[0].data.tokenid,
+ auth_id_name: 'auth_id',
+ }).show();
+ },
+
+ renderUser: function(tokenid) {
+ return Ext.String.htmlEncode(PBS.Utils.extractTokenUser(tokenid));
+ },
+
+ renderTokenname: function(tokenid) {
+ return Ext.String.htmlEncode(PBS.Utils.extractTokenName(tokenid));
+ },
+
+ },
+
+ listeners: {
+ activate: 'reload',
+ itemdblclick: 'editToken',
+ },
+
+ store: {
+ type: 'diff',
+ autoDestroy: true,
+ autoDestroyRstore: true,
+ sorters: 'tokenid',
+ model: 'pbs-tokens',
+ rstore: {
+ type: 'store',
+ proxy: 'memory',
+ storeid: 'pbs-tokens',
+ model: 'pbs-tokens',
+ },
+ },
+
+ tbar: [
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Add'),
+ handler: 'addToken',
+ selModel: false,
+ },
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Edit'),
+ handler: 'editToken',
+ disabled: true,
+ },
+ {
+ xtype: 'proxmoxStdRemoveButton',
+ baseurl: '/access/users/',
+ callback: 'reload',
+ getUrl: function(rec) {
+ let tokenid = rec.getId();
+ let user = PBS.Utils.extractTokenUser(tokenid);
+ let tokenname = PBS.Utils.extractTokenName(tokenid);
+ return '/access/users/' + encodeURIComponent(user) + '/token/' + encodeURIComponent(tokenname);
+ },
+ },
+ {
+ xtype: 'proxmoxButton',
+ text: gettext('Permissions'),
+ handler: 'showPermissions',
+ disabled: true,
+ },
+ ],
+
+ viewConfig: {
+ trackOver: false,
+ },
+
+ columns: [
+ {
+ header: gettext('User'),
+ width: 200,
+ sortable: true,
+ renderer: 'renderUser',
+ dataIndex: 'tokenid',
+ },
+ {
+ header: gettext('Token name'),
+ width: 100,
+ sortable: true,
+ renderer: 'renderTokenname',
+ dataIndex: 'tokenid',
+ },
+ {
+ header: gettext('Enabled'),
+ width: 80,
+ sortable: true,
+ renderer: Proxmox.Utils.format_boolean,
+ dataIndex: 'enable',
+ },
+ {
+ header: gettext('Expire'),
+ width: 80,
+ sortable: true,
+ renderer: Proxmox.Utils.format_expire,
+ dataIndex: 'expire',
+ },
+ {
+ header: gettext('Comment'),
+ sortable: false,
+ renderer: Ext.String.htmlEncode,
+ dataIndex: 'comment',
+ flex: 1,
+ },
+ ],
+});
diff --git a/www/window/TokenEdit.js b/www/window/TokenEdit.js
new file mode 100644
index 00000000..6b41ae9d
--- /dev/null
+++ b/www/window/TokenEdit.js
@@ -0,0 +1,213 @@
+Ext.define('PBS.window.TokenEdit', {
+ extend: 'Proxmox.window.Edit',
+ alias: 'widget.pbsTokenEdit',
+ mixins: ['Proxmox.Mixin.CBind'],
+
+ onlineHelp: 'user_mgmt',
+
+ user: undefined,
+ tokenname: undefined,
+
+ isAdd: true,
+ isCreate: false,
+ fixedUser: false,
+
+ subject: gettext('API token'),
+
+ fieldDefaults: { labelWidth: 120 },
+
+ items: {
+ xtype: 'inputpanel',
+ column1: [
+ {
+ xtype: 'pmxDisplayEditField',
+ cbind: {
+ editable: (get) => get('isCreate') && !get('fixedUser'),
+ },
+ editConfig: {
+ xtype: 'pbsUserSelector',
+ allowBlank: false,
+ },
+ name: 'user',
+ value: Proxmox.UserName,
+ renderer: Ext.String.htmlEncode,
+ fieldLabel: gettext('User'),
+ },
+ {
+ xtype: 'pmxDisplayEditField',
+ cbind: {
+ editable: '{isCreate}',
+ },
+ name: 'tokenname',
+ fieldLabel: gettext('Token Name'),
+ minLength: 2,
+ allowBlank: false,
+ },
+ ],
+
+ column2: [
+ {
+ xtype: 'datefield',
+ name: 'expire',
+ emptyText: Proxmox.Utils.neverText,
+ format: 'Y-m-d',
+ submitFormat: 'U',
+ fieldLabel: gettext('Expire'),
+ },
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('Enabled'),
+ name: 'enable',
+ uncheckedValue: 0,
+ defaultValue: 1,
+ checked: true,
+ },
+ ],
+
+ columnB: [
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'comment',
+ fieldLabel: gettext('Comment'),
+ },
+ ],
+ },
+
+ getValues: function(dirtyOnly) {
+ var me = this;
+
+ var values = me.callParent(arguments);
+
+ // hack: ExtJS datefield does not submit 0, so we need to set that
+ if (!values.expire) {
+ values.expire = 0;
+ }
+
+ if (me.isCreate) {
+ me.url = '/api2/extjs/access/users/';
+ let uid = encodeURIComponent(values.user);
+ let tid = encodeURIComponent(values.tokenname);
+ delete values.user;
+ delete values.tokenname;
+
+ me.url += `${uid}/token/${tid}`;
+ }
+
+ return values;
+ },
+
+ setValues: function(values) {
+ var me = this;
+
+ if (Ext.isDefined(values.expire)) {
+ if (values.expire) {
+ values.expire = new Date(values.expire * 1000);
+ } else {
+ // display 'never' instead of '1970-01-01'
+ values.expire = null;
+ }
+ }
+
+ me.callParent([values]);
+ },
+
+ initComponent: function() {
+ let me = this;
+
+ me.url = '/api2/extjs/access/users/';
+
+ me.callParent();
+
+ if (me.isCreate) {
+ me.method = 'POST';
+ } else {
+ me.method = 'PUT';
+
+ let uid = encodeURIComponent(me.user);
+ let tid = encodeURIComponent(me.tokenname);
+
+ me.url += `${uid}/token/${tid}`;
+ me.load({
+ success: function(response, options) {
+ let values = response.result.data;
+ values.user = me.user;
+ values.tokenname = me.tokenname;
+ me.setValues(values);
+ },
+ });
+ }
+ },
+
+ apiCallDone: function(success, response, options) {
+ let res = response.result.data;
+ if (!success || !res || !res.value) {
+ return;
+ }
+
+ Ext.create('PBS.window.TokenShow', {
+ autoShow: true,
+ tokenid: res.tokenid,
+ secret: res.value,
+ });
+ },
+});
+
+Ext.define('PBS.window.TokenShow', {
+ extend: 'Ext.window.Window',
+ alias: ['widget.pbsTokenShow'],
+ mixins: ['Proxmox.Mixin.CBind'],
+
+ width: 600,
+ modal: true,
+ resizable: false,
+ title: gettext('Token Secret'),
+
+ items: [
+ {
+ xtype: 'container',
+ layout: 'form',
+ bodyPadding: 10,
+ border: false,
+ fieldDefaults: {
+ labelWidth: 100,
+ anchor: '100%',
+ },
+ padding: '0 10 10 10',
+ items: [
+ {
+ xtype: 'textfield',
+ fieldLabel: gettext('Token ID'),
+ cbind: {
+ value: '{tokenid}',
+ },
+ editable: false,
+ },
+ {
+ xtype: 'textfield',
+ fieldLabel: gettext('Secret'),
+ inputId: 'token-secret-value',
+ cbind: {
+ value: '{secret}',
+ },
+ editable: false,
+ },
+ ],
+ },
+ {
+ xtype: 'component',
+ border: false,
+ padding: '10 10 10 10',
+ userCls: 'pmx-hint',
+ html: gettext('Please record the API token secret - it will only be displayed now'),
+ },
+ ],
+ buttons: [
+ {
+ handler: function(b) {
+ document.getElementById('token-secret-value').select();
+ document.execCommand("copy");
+ },
+ text: gettext('Copy Secret Value'),
+ },
+ ],
+});
--
2.20.1
next prev parent reply other threads:[~2020-10-28 11:37 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-28 11:36 [pbs-devel] [PATCH proxmox-backup 00/16] API tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-widget-toolkit] add PermissionView Fabian Grünbichler
2020-10-28 16:18 ` [pbs-devel] applied: " Thomas Lamprecht
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 01/16] api: add Authid as wrapper around Userid Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox] rpcenv: rename user to auth_id Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 02/16] config: add token.shadow file Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 03/16] replace Userid with Authid Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 04/16] REST: extract and handle API tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 05/16] api: add API token endpoints Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 06/16] api: allow listing users + tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 07/16] api: add permissions endpoint Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 08/16] client/remote: allow using ApiToken + secret Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 09/16] owner checks: handle backups owned by API tokens Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 10/16] tasks: allow unpriv users to read their tokens' tasks Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 11/16] manager: add token commands Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 12/16] manager: add user permissions command Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 13/16] gui: add permissions button to user view Fabian Grünbichler
2020-10-28 11:37 ` Fabian Grünbichler [this message]
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 15/16] acls: allow viewing/editing user's token ACLs Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 16/16] gui: add API " Fabian Grünbichler
2020-10-29 14:23 ` [pbs-devel] applied: [PATCH proxmox-backup 00/16] API tokens Wolfgang Bumiller
2020-10-29 19:50 ` [pbs-devel] " Thomas Lamprecht
2020-10-30 8:03 ` Fabian Grünbichler
2020-10-30 8:48 ` Thomas Lamprecht
2020-10-30 9:55 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201028113717.827644-5-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.