[pbs-devel] [PATCH v4 proxmox-widget-toolkit 0/5] add LDAP realm support UI

[Lukas Wagner <l.wagner@proxmox.com>]

This patch series adds support for adding LDAP realms, including user sync.

The GUI is mostly based on the implementation from PVE, with some slight
adaptations - for details, please refer to the commit messages.
The GUI components were added to the widget-toolkit repo, at some point PVE
could be adapted to use the same implemention as PBS.

Changes v3 --> v4:
  * Only include the widget-toolkit patches, since the rest has already been
    applied.
  * use the `let me = this` pattern in the sync ui - strictly it is not needed,
    but it may prevent errors if the code is ever modified.
  * Fix bug reported by Friedrich [1], where a particular combination of
    attributes could trigger a `value not defined in enumeration` error

Changes v2 --> v3:
  * Dropped the `Ldap` prefix for structs from the `proxmox-ldap` crate
  * minor clippy fixes
  * added a `OpenIdAuthenticator` that implements dummy-implements
    `ProxmoxAuthenticator` - otherwise, manually adding users to
    OpenId realms does not work
  * Changed the naming of the different authenticators in `auth.rs`
    e.g PAM --> PamAuthenticator, LDAP --> LdapAuthenticator
    This allows us to drop some clippy-allow directives

Changes v1 --> v2:
  * add pbs_config::exists helper function
  * Remove now unused `password` field from `LdapRealmConfig`, add
    additional password paramter to routes which need it
  * Only log a warning instead of failing completely when removing a
    stored password does not work
  * Proper naming for `DeleteableProperty` struct
  * Document that the domain config lock must be held when
    the LDAP password helper functions are called.
    Also added a &BackupLockGuard as a parameter, to make sure that
    at least *something* is locked.
  * moved `handle_worker` function to the `proxmox_rest_server` crate,
    so that it is usable for both, the LDAP management CLI and the debug
    CLI.
  * Made user authentication async,
   `ProxmoxAuthenticator::authenticate_user` now returns a boxed future
  * Promoted `src/server/ldap.rs` to be its own crate - this will be
    useful when PVE uses the same LDAP implemenation via perlmod one
    day.


[1] https://lists.proxmox.com/pipermail/pbs-devel/2023-February/005938.html

Lukas Wagner (5):
  auth ui: add LDAP realm edit panel
  auth ui: add LDAP sync UI
  auth ui: add `onlineHelp` for AuthEditLDAP
  auth ui: add `firstname` and `lastname` sync-attribute fields
  auth ui: fix `value not defined in enumeration` error

 src/Makefile               |   2 +
 src/Schema.js              |  12 ++
 src/panel/AuthView.js      |  24 +++
 src/window/AuthEditLDAP.js | 376 +++++++++++++++++++++++++++++++++++++
 src/window/SyncWindow.js   | 192 +++++++++++++++++++
 5 files changed, 606 insertions(+)
 create mode 100644 src/window/AuthEditLDAP.js
 create mode 100644 src/window/SyncWindow.js

-- 
2.30.2