From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 26B981FF183 for ; Wed, 22 Oct 2025 15:11:36 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id AEEEB189CE; Wed, 22 Oct 2025 15:12:02 +0200 (CEST) From: Shannon Sterz To: pdm-devel@lists.proxmox.com Date: Wed, 22 Oct 2025 15:11:16 +0200 Message-ID: <20251022131126.358790-1-s.sterz@proxmox.com> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1761138681453 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.056 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp v2 00/10] add support for checking acl permissions in (yew) front-ends X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" this patch series adds support for querying acl entries from the front-end. it also makes it possible to reactively render ui components depending on the user's privileges and refreshes this information every time a new ticket is set. the first four patches make it possible to use the AclTree by itself in the ui. first by creating a new feature that exposes only it and some types to dependent crates. then some functions that basically just query the AclTree are moved to the AclTree itself to make it easier to re-use them. the third patch derives Debug and PartialEq on the AclTree and AclTreeNode to make it easier to handle these types in the ui. finally the last commit allows to query all of a user's acl entries via the API_METHOD_READ_ACL endpoint. the next two patches first add an AclContext and AclContextProvider implementation to proxmox-yew-comp. these allow applications to provide acl information that components can hook into and get reactively re-rendered. it also triggers reloading the acl information every time a user logs in or a ticket gets refreshed. lastly, proxmox-datacenter-manager is adapted to use this new functionality. the seventh commit moves the AccessControlConfig to the shared api types crate, so we can re-use it in the front-end. then an AclContextProvider is added to the main ui component. this allows components to retrieve said AclContext and use it to conditionally render ui components. the last two commits add just such functionality to the notes section of the pdm ui. Follow-up --------- if this series is applied, more ui components will need to be hooked into the context to more widely use this functionality accross the application. proxmox: Shannon Sterz (4): access-control: add acl feature to only expose types and the AclTree access-control: move functions querying privileges to the AclTree access-control: derive Debug and PartialEq on AclTree and AclTreeNode access-control: allow reading all acls of the current authid proxmox-access-control/Cargo.toml | 6 +- proxmox-access-control/src/acl.rs | 132 +++++++++++++++++- proxmox-access-control/src/api/acl.rs | 37 ++++- .../src/cached_user_info.rs | 91 +----------- proxmox-access-control/src/init.rs | 13 +- proxmox-access-control/src/lib.rs | 4 +- 6 files changed, 184 insertions(+), 99 deletions(-) proxmox-yew-comp: Shannon Sterz (2): acl_context: add AclContext and AclContextProvider http_helpers: reload LocalAclTree when logging in or refreshing a ticket Cargo.toml | 2 +- src/acl_context.rs | 204 ++++++++++++++++++++++++++++++++++++++++++++ src/http_helpers.rs | 5 ++ src/lib.rs | 3 + 4 files changed, 213 insertions(+), 1 deletion(-) create mode 100644 src/acl_context.rs proxmox-datacenter-manager: Shannon Sterz (2): server/api-types: move AccessControlConfig to shared api types ui: add an AclContext via the AclContextProvider to the main app ui lib/pdm-api-types/Cargo.toml | 1 + lib/pdm-api-types/src/acl.rs | 158 ++++++++++++++++++++++++++++++++++ server/src/acl.rs | 162 +---------------------------------- ui/Cargo.toml | 1 + ui/src/main.rs | 14 ++- 5 files changed, 173 insertions(+), 163 deletions(-) proxmox-yew-comp: Shannon Sterz (1): notes view: allow hiding the toolbar if editing isn't supported src/notes_view.rs | 36 +++++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 13 deletions(-) proxmox-datacenter-manager: Shannon Sterz (1): ui: main menu: use the AclContext to hide the Notes if appropriate ui/src/main_menu.rs | 66 +++++++++++++++++++++++++++++++-------------- 1 file changed, 46 insertions(+), 20 deletions(-) Summary over all repositories: 17 files changed, 639 insertions(+), 296 deletions(-) -- Generated by git-murpp 0.8.1 _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel