all lists on lists.proxmox.com
 help / color / mirror / Atom feed
From: Shannon Sterz <s.sterz@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [pdm-devel] [PATCH datacenter-manager v2 1/1] ui: main menu: use the AclContext to hide the Notes if appropriate
Date: Wed, 22 Oct 2025 15:11:26 +0200	[thread overview]
Message-ID: <20251022131126.358790-11-s.sterz@proxmox.com> (raw)
In-Reply-To: <20251022131126.358790-1-s.sterz@proxmox.com>

a user that does not have `PRIV_SYS_AUDIT` on `/system` is not allowed
to view the notes and one that lacks `PRIV_SYS_MODIFY` on
`/system/notes` is not allowed to edit them. so hide the respective ui
elements when a user does not have the necessary permissions.

Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
 ui/src/main_menu.rs | 66 +++++++++++++++++++++++++++++++--------------
 1 file changed, 46 insertions(+), 20 deletions(-)

diff --git a/ui/src/main_menu.rs b/ui/src/main_menu.rs
index 7650b63..c411367 100644
--- a/ui/src/main_menu.rs
+++ b/ui/src/main_menu.rs
@@ -9,9 +9,10 @@ use pwt::state::Selection;
 use pwt::widget::nav::{Menu, MenuItem, NavigationDrawer};
 use pwt::widget::{Container, Row, SelectionView, SelectionViewRenderInfo};

-use proxmox_yew_comp::{NotesView, XTermJs};
+use proxmox_yew_comp::{AclContext, NotesView, XTermJs};

 use pdm_api_types::remotes::RemoteType;
+use pdm_api_types::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};

 use crate::remotes::RemotesPanel;
 use crate::sdn::evpn::EvpnPanel;
@@ -62,11 +63,14 @@ impl MainMenu {

 pub enum Msg {
     Select(Key),
+    UpdateAcl(AclContext),
 }

 pub struct PdmMainMenu {
     active: Key,
     menu_selection: Selection,
+    acl_context: AclContext,
+    _acl_context_listener: ContextHandle<AclContext>,
 }

 fn register_view(
@@ -109,10 +113,17 @@ impl Component for PdmMainMenu {
     type Message = Msg;
     type Properties = MainMenu;

-    fn create(_ctx: &Context<Self>) -> Self {
+    fn create(ctx: &Context<Self>) -> Self {
+        let (acl_context, acl_context_listener) = ctx
+            .link()
+            .context(ctx.link().callback(Msg::UpdateAcl))
+            .expect("acl context not present");
+
         Self {
             active: Key::from("dashboard"),
             menu_selection: Selection::new(),
+            acl_context,
+            _acl_context_listener: acl_context_listener,
         }
     }

@@ -122,6 +133,10 @@ impl Component for PdmMainMenu {
                 self.active = key;
                 true
             }
+            Msg::UpdateAcl(acl_context) => {
+                self.acl_context = acl_context;
+                true
+            }
         }
     }

@@ -144,25 +159,36 @@ impl Component for PdmMainMenu {
             move |_| Dashboard::new().into(),
         );

-        register_view(
-            &mut menu,
-            &mut content,
-            tr!("Notes"),
-            "notes",
-            Some("fa fa-sticky-note-o"),
-            move |_| {
-                let notes = NotesView::new("/config/notes").on_submit(|notes| async move {
-                    proxmox_yew_comp::http_put("/config/notes", Some(serde_json::to_value(&notes)?))
-                        .await
-                });
+        if self.acl_context.check_privs(&["system"], PRIV_SYS_AUDIT) {
+            let allow_editing = self
+                .acl_context
+                .check_privs(&["system", "notes"], PRIV_SYS_MODIFY);

-                Container::new()
-                    .class("pwt-content-spacer")
-                    .class(pwt::css::FlexFit)
-                    .with_child(notes)
-                    .into()
-            },
-        );
+            register_view(
+                &mut menu,
+                &mut content,
+                tr!("Notes"),
+                "notes",
+                Some("fa fa-sticky-note-o"),
+                move |_| {
+                    let notes = NotesView::new("/config/notes")
+                        .on_submit(|notes| async move {
+                            proxmox_yew_comp::http_put(
+                                "/config/notes",
+                                Some(serde_json::to_value(&notes)?),
+                            )
+                            .await
+                        })
+                        .allow_editing(allow_editing);
+
+                    Container::new()
+                        .class("pwt-content-spacer")
+                        .class(pwt::css::FlexFit)
+                        .with_child(notes)
+                        .into()
+                },
+            )
+        }

         let mut config_submenu = Menu::new();

--
2.47.3



_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel


      parent reply	other threads:[~2025-10-22 13:11 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-22 13:11 [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp v2 00/10] add support for checking acl permissions in (yew) front-ends Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH proxmox v2 1/4] access-control: add acl feature to only expose types and the AclTree Shannon Sterz
2025-10-23  9:24   ` Dominik Csapak
2025-10-23 11:32     ` Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH proxmox v2 2/4] access-control: move functions querying privileges to " Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH proxmox v2 3/4] access-control: derive Debug and PartialEq on AclTree and AclTreeNode Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH proxmox v2 4/4] access-control: allow reading all acls of the current authid Shannon Sterz
2025-10-23  9:31   ` Dominik Csapak
2025-10-23 11:32     ` Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH yew-comp v2 1/2] acl_context: add AclContext and AclContextProvider Shannon Sterz
2025-10-23 10:00   ` Dominik Csapak
2025-10-23 11:33     ` Shannon Sterz
2025-10-23 11:39       ` Dominik Csapak
2025-10-22 13:11 ` [pdm-devel] [PATCH yew-comp v2 2/2] http_helpers: reload LocalAclTree when logging in or refreshing a ticket Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH datacenter-manager v2 1/2] server/api-types: move AccessControlConfig to shared api types Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH datacenter-manager v2 2/2] ui: add an AclContext via the AclContextProvider to the main app ui Shannon Sterz
2025-10-22 13:11 ` [pdm-devel] [PATCH yew-comp v2 1/1] notes view: allow hiding the toolbar if editing isn't supported Shannon Sterz
2025-10-23  9:36   ` Dominik Csapak
2025-10-23 11:33     ` Shannon Sterz
2025-10-22 13:11 ` Shannon Sterz [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20251022131126.358790-11-s.sterz@proxmox.com \
    --to=s.sterz@proxmox.com \
    --cc=pdm-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal