Re: [pbs-devel] [PATCH proxmox-backup 5/5] fix #3887: ui: add regenerate token button

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: Proxmox Backup Server development discussion
	<pbs-devel@lists.proxmox.com>,
	Hannes Laimer <h.laimer@proxmox.com>
Subject: Re: [pbs-devel] [PATCH proxmox-backup 5/5] fix #3887: ui: add regenerate token button
Date: Wed, 21 Dec 2022 12:04:24 +0100	[thread overview]
Message-ID: <da84f24f-2f20-3b97-a9e4-2ad02ad7f9ff@proxmox.com> (raw)
In-Reply-To: <20221220145714.63985-6-h.laimer@proxmox.com>

On 20/12/2022 15:57, Hannes Laimer wrote:
> Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
> ---
>  www/config/TokenView.js | 30 ++++++++++++++++++++++++++++++
>  1 file changed, 30 insertions(+)
> 
> diff --git a/www/config/TokenView.js b/www/config/TokenView.js
> index 6282a4d4..745f1378 100644
> --- a/www/config/TokenView.js
> +++ b/www/config/TokenView.js
> @@ -100,6 +100,30 @@ Ext.define('PBS.config.TokenView', {
>  	    }).show();
>  	},
>  
> +	regenerateToken: function() {

note that with using a proxmoxButton this has the signature of

(button, event, rec)

where the record probably should be enough to avoid pulling out the selection manually.

> +            let me = this;
> +            let view = me.getView();
> +            let selection = view.getSelection();
> +            if (selection.length < 1) return;
> +            let tokenid = selection[0].data.tokenid;
> +            let user = PBS.Utils.extractTokenUser(tokenid);
> +            let tokenname = PBS.Utils.extractTokenName(tokenid);
> +            Proxmox.Utils.API2Request({
> +                method: "POST",
> +                url: `/access/users/${user}/token/${tokenname}/regenerate`,
> +                success: function(res, opt) {
> +                    Ext.create("PBS.window.TokenShow", {
> +                        autoShow: true,
> +                        tokenid: res.result.data.tokenid,
> +                        secret: res.result.data.value,
> +                    });
> +                },
> +                failure: function(response, opt) {
> +                    Ext.Msg.alert(gettext("Error"), response.htmlStatus);
> +                },

would prefer a arrow fn here:

failure: res => Ext.Msg.alert(gettext("Error"), res.htmlStatus),

> +            });
> +        },
> +
>  	showPermissions: function() {
>  	    let me = this;
>  	    let view = me.getView();
> @@ -174,6 +198,12 @@ Ext.define('PBS.config.TokenView', {
>  	    handler: 'showPermissions',
>  	    disabled: true,
>  	},
> +	{
> +	    xtype: 'proxmoxButton',
> +	    text: gettext('Regenerate'),
> +	    handler: 'regenerateToken',

I'd really set the proxmoxButton's config for confirming and auto-selecting
the no choice by default to avoid that an "sneeze-and-click" accident revokes
access of an in-use token without any confirmation prompt at all.

E.g., add something like:

    dangerous: true,
    confirmMsg: rec => Ext.String.format(
        gettext("Regenerate the secret of the API token '{0}'? All current use-sites will loose access!"),
        rec.data.tokenid, // <- just a guesstimate, didn't actually test this
    ),

The function could also just be a plain text without referencing the token ID,
but IMO it has some non-negligible value to show such things in confirmations.

> +	    disabled: true,
> +	},
>      ],
>  
>      viewConfig: {
))))

     prev parent reply	other threads:[~2022-12-21 11:04 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-20 14:57 [pbs-devel] [PATCH proxmox-backup 0/5] ACL removal on user/token deletion + token regeneration Hannes Laimer
2022-12-20 14:57 ` [pbs-devel] [PATCH proxmox-backup 1/5] pbs-config: add delete_authid to ACL-tree Hannes Laimer
2022-12-20 14:57 ` [pbs-devel] [PATCH proxmox-backup 2/5] fix #4382: api2: remove permissions of token on deletion Hannes Laimer
2022-12-20 14:57 ` [pbs-devel] [PATCH proxmox-backup 3/5] fix #4382: api2: remove permissions and tokens of user " Hannes Laimer
2022-12-21  9:23   ` Thomas Lamprecht
2022-12-20 14:57 ` [pbs-devel] [PATCH proxmox-backup 4/5] fix #3887: api2: add regenerate token endpoint Hannes Laimer
2022-12-21  9:56   ` Thomas Lamprecht
2022-12-21 10:53     ` Fabian Grünbichler
2022-12-21 13:06       ` Thomas Lamprecht
2022-12-20 14:57 ` [pbs-devel] [PATCH proxmox-backup 5/5] fix #3887: ui: add regenerate token button Hannes Laimer
2022-12-21 11:04   ` Thomas Lamprecht [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=da84f24f-2f20-3b97-a9e4-2ad02ad7f9ff@proxmox.com \
    --to=t.lamprecht@proxmox.com \
    --cc=h.laimer@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal