From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 16/16] gui: add API token ACLs
Date: Wed, 28 Oct 2020 12:37:17 +0100 [thread overview]
Message-ID: <20201028113717.827644-7-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20201028113717.827644-1-f.gruenbichler@proxmox.com>
and the needed API token selector.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
www/Makefile | 1 +
www/config/ACLView.js | 42 +++++++++++++++++++----
www/form/TokenSelector.js | 72 +++++++++++++++++++++++++++++++++++++++
www/window/ACLEdit.js | 69 ++++++++++++++++++++++---------------
4 files changed, 150 insertions(+), 34 deletions(-)
create mode 100644 www/form/TokenSelector.js
diff --git a/www/Makefile b/www/Makefile
index ab056c8c..18e77b19 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -6,6 +6,7 @@ IMAGES := \
JSSRC= \
form/UserSelector.js \
+ form/TokenSelector.js \
form/RemoteSelector.js \
form/DataStoreSelector.js \
form/CalendarEvent.js \
diff --git a/www/config/ACLView.js b/www/config/ACLView.js
index d552b029..67bf04f8 100644
--- a/www/config/ACLView.js
+++ b/www/config/ACLView.js
@@ -31,19 +31,35 @@ Ext.define('PBS.config.ACLView', {
controller: {
xclass: 'Ext.app.ViewController',
- addACL: function() {
+ addUserACL: function() {
let me = this;
let view = me.getView();
- Ext.create('PBS.window.ACLEdit', {
+ Ext.create('PBS.window.ACLEdit', {
path: view.aclPath,
+ aclType: 'user',
listeners: {
destroy: function() {
me.reload();
},
},
- }).show();
+ }).show();
},
+ addTokenACL: function() {
+ let me = this;
+ let view = me.getView();
+ Ext.create('PBS.window.ACLEdit', {
+ path: view.aclPath,
+ aclType: 'token',
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+
removeACL: function(btn, event, rec) {
let me = this;
Proxmox.Utils.API2Request({
@@ -106,10 +122,22 @@ Ext.define('PBS.config.ACLView', {
tbar: [
{
- xtype: 'proxmoxButton',
text: gettext('Add'),
- handler: 'addACL',
- selModel: false,
+ menu: {
+ xtype: 'menu',
+ items: [
+ {
+ text: gettext('User Permission'),
+ iconCls: 'fa fa-fw fa-user',
+ handler: 'addUserACL',
+ },
+ {
+ text: gettext('API Token Permission'),
+ iconCls: 'fa fa-fw fa-user-o',
+ handler: 'addTokenACL',
+ },
+ ],
+ },
},
{
xtype: 'proxmoxStdRemoveButton',
@@ -127,7 +155,7 @@ Ext.define('PBS.config.ACLView', {
dataIndex: 'path',
},
{
- header: gettext('User/Group'),
+ header: gettext('User/Group/API Token'),
width: 100,
sortable: true,
renderer: Ext.String.htmlEncode,
diff --git a/www/form/TokenSelector.js b/www/form/TokenSelector.js
new file mode 100644
index 00000000..502fe827
--- /dev/null
+++ b/www/form/TokenSelector.js
@@ -0,0 +1,72 @@
+Ext.define('PBS.form.TokenSelector', {
+ extend: 'Proxmox.form.ComboGrid',
+ alias: 'widget.pbsTokenSelector',
+
+ allowBlank: false,
+ autoSelect: false,
+ valueField: 'tokenid',
+ displayField: 'tokenid',
+
+ editable: true,
+ anyMatch: true,
+ forceSelection: true,
+
+ store: {
+ model: 'pbs-tokens',
+ params: {
+ enabled: 1,
+ },
+ sorters: 'tokenid',
+ },
+
+ initComponent: function() {
+ let me = this;
+ me.userStore = Ext.create('Ext.data.Store', {
+ model: 'pbs-users-with-tokens',
+ });
+ me.userStore.on('load', this.onLoad, this);
+ me.userStore.load();
+
+ me.callParent();
+ },
+
+ onLoad: function(store, data, success) {
+ if (!success) return;
+
+ let tokenStore = this.store;
+
+ let records = [];
+ Ext.Array.each(data, function(user) {
+ let tokens = user.data.tokens || [];
+ Ext.Array.each(tokens, function(token) {
+ let r = {};
+ r.tokenid = token.tokenid;
+ r.comment = token.comment;
+ r.expire = token.expire;
+ r.enable = token.enable;
+ records.push(r);
+ });
+ });
+
+ tokenStore.loadData(records);
+ },
+
+ listConfig: {
+ columns: [
+ {
+ header: gettext('API Token'),
+ sortable: true,
+ dataIndex: 'tokenid',
+ renderer: Ext.String.htmlEncode,
+ flex: 1,
+ },
+ {
+ header: gettext('Comment'),
+ sortable: false,
+ dataIndex: 'comment',
+ renderer: Ext.String.htmlEncode,
+ flex: 1,
+ },
+ ],
+ },
+});
diff --git a/www/window/ACLEdit.js b/www/window/ACLEdit.js
index ffeb9e81..42db1ff6 100644
--- a/www/window/ACLEdit.js
+++ b/www/window/ACLEdit.js
@@ -14,47 +14,62 @@ Ext.define('PBS.window.ACLEdit', {
// caller can give a static path
path: undefined,
- subject: gettext('User Permission'),
-
- getValues: function(dirtyOnly) {
+ initComponent: function() {
let me = this;
- let values = me.callParent(arguments);
- if (me.path) {
- values.path = me.path;
- }
- return values;
- },
+ me.items = [];
- items: [
- {
+ me.items.push({
xtype: 'pbsPermissionPathSelector',
fieldLabel: gettext('Path'),
- cbind: {
- editable: '{!path}',
- value: '{path}',
- },
+ editable: !me.path,
+ value: me.path,
name: 'path',
allowBlank: false,
- },
- {
- xtype: 'pbsUserSelector',
- fieldLabel: gettext('User'),
- name: 'auth_id',
- allowBlank: false,
- },
- {
+ });
+
+ if (me.aclType === 'user') {
+ me.subject = gettext('User Permission');
+ me.items.push({
+ xtype: 'pbsUserSelector',
+ fieldLabel: gettext('User'),
+ name: 'auth_id',
+ allowBlank: false,
+ });
+ } else if (me.aclType === 'token') {
+ me.subject = gettext('API Token Permission');
+ me.items.push({
+ xtype: 'pbsTokenSelector',
+ fieldLabel: gettext('API Token'),
+ name: 'auth_id',
+ allowBlank: false,
+ });
+ }
+ me.items.push({
xtype: 'pmxRoleSelector',
name: 'role',
value: 'NoAccess',
fieldLabel: gettext('Role'),
- },
- {
+ });
+ me.items.push({
xtype: 'proxmoxcheckbox',
name: 'propagate',
checked: true,
uncheckedValue: 0,
fieldLabel: gettext('Propagate'),
- },
- ],
+ });
+
+ me.callParent();
+ },
+
+ getValues: function(dirtyOnly) {
+ let me = this;
+ let values = me.callParent(arguments);
+
+ if (me.path) {
+ values.path = me.path;
+ }
+ return values;
+ },
+
});
--
2.20.1
next prev parent reply other threads:[~2020-10-28 11:37 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-28 11:36 [pbs-devel] [PATCH proxmox-backup 00/16] API tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-widget-toolkit] add PermissionView Fabian Grünbichler
2020-10-28 16:18 ` [pbs-devel] applied: " Thomas Lamprecht
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 01/16] api: add Authid as wrapper around Userid Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox] rpcenv: rename user to auth_id Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 02/16] config: add token.shadow file Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 03/16] replace Userid with Authid Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 04/16] REST: extract and handle API tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 05/16] api: add API token endpoints Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 06/16] api: allow listing users + tokens Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 07/16] api: add permissions endpoint Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 08/16] client/remote: allow using ApiToken + secret Fabian Grünbichler
2020-10-28 11:36 ` [pbs-devel] [PATCH proxmox-backup 09/16] owner checks: handle backups owned by API tokens Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 10/16] tasks: allow unpriv users to read their tokens' tasks Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 11/16] manager: add token commands Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 12/16] manager: add user permissions command Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 13/16] gui: add permissions button to user view Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 14/16] gui: add API token UI Fabian Grünbichler
2020-10-28 11:37 ` [pbs-devel] [PATCH proxmox-backup 15/16] acls: allow viewing/editing user's token ACLs Fabian Grünbichler
2020-10-28 11:37 ` Fabian Grünbichler [this message]
2020-10-29 14:23 ` [pbs-devel] applied: [PATCH proxmox-backup 00/16] API tokens Wolfgang Bumiller
2020-10-29 19:50 ` [pbs-devel] " Thomas Lamprecht
2020-10-30 8:03 ` Fabian Grünbichler
2020-10-30 8:48 ` Thomas Lamprecht
2020-10-30 9:55 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201028113717.827644-7-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox