From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <c.heiss@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by lists.proxmox.com (Postfix) with ESMTPS id 3C06BC0E3B
for <pbs-devel@lists.proxmox.com>; Fri, 12 Jan 2024 17:17:28 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 55F7634B09
for <pbs-devel@lists.proxmox.com>; Fri, 12 Jan 2024 17:16:57 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
[94.136.29.106])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by firstgate.proxmox.com (Proxmox) with ESMTPS
for <pbs-devel@lists.proxmox.com>; Fri, 12 Jan 2024 17:16:55 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 61F444911D
for <pbs-devel@lists.proxmox.com>; Fri, 12 Jan 2024 17:16:55 +0100 (CET)
From: Christoph Heiss <c.heiss@proxmox.com>
To: pbs-devel@lists.proxmox.com
Date: Fri, 12 Jan 2024 17:16:07 +0100
Message-ID: <20240112161614.1012311-13-c.heiss@proxmox.com>
X-Mailer: git-send-email 2.42.0
In-Reply-To: <20240112161614.1012311-1-c.heiss@proxmox.com>
References: <20240112161614.1012311-1-c.heiss@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.003 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
T_SCC_BODY_TEXT_LINE -0.01 -
Subject: [pbs-devel] [PATCH widget-toolkit v3 12/13] window: add Active
Directory auth panel
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
<pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2024 16:17:28 -0000
As AD realms are mostly just LDAP, reuse the LDAP panel and just
show/hide some elements based on the type.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
---
src/Makefile | 1 +
src/Schema.js | 10 ++++++++++
src/window/AuthEditAD.js | 14 ++++++++++++++
src/window/AuthEditLDAP.js | 25 ++++++++++++++++++++++---
4 files changed, 47 insertions(+), 3 deletions(-)
create mode 100644 src/window/AuthEditAD.js
diff --git a/src/Makefile b/src/Makefile
index 01145b1..89f9962 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -95,6 +95,7 @@ JSSRC= \
window/AuthEditBase.js \
window/AuthEditOpenId.js \
window/AuthEditLDAP.js \
+ window/AuthEditAD.js \
window/TfaWindow.js \
window/AddTfaRecovery.js \
window/AddTotp.js \
diff --git a/src/Schema.js b/src/Schema.js
index 841527f..7833fc0 100644
--- a/src/Schema.js
+++ b/src/Schema.js
@@ -29,6 +29,16 @@ Ext.define('Proxmox.Schema', { // a singleton
pwchange: false,
sync: true,
},
+ ad: {
+ name: gettext('Active Directory Server'),
+ ipanel: 'pmxAuthADPanel',
+ syncipanel: 'pmxAuthADSyncPanel',
+ add: true,
+ edit: true,
+ tfa: true,
+ pwchange: false,
+ sync: true,
+ },
},
// to add or change existing for product specific ones
overrideAuthDomains: function(extra) {
diff --git a/src/window/AuthEditAD.js b/src/window/AuthEditAD.js
new file mode 100644
index 0000000..0de7494
--- /dev/null
+++ b/src/window/AuthEditAD.js
@@ -0,0 +1,14 @@
+Ext.define('Proxmox.panel.ADInputPanel', {
+ extend: 'Proxmox.panel.LDAPInputPanel',
+ xtype: 'pmxAuthADPanel',
+
+ type: 'ad',
+ onlineHelp: 'user-realms-ad',
+});
+
+Ext.define('Proxmox.panel.ADSyncInputPanel', {
+ extend: 'Proxmox.panel.LDAPSyncInputPanel',
+ xtype: 'pmxAuthADSyncPanel',
+
+ type: 'ad',
+});
diff --git a/src/window/AuthEditLDAP.js b/src/window/AuthEditLDAP.js
index eb9700a..105fd19 100644
--- a/src/window/AuthEditLDAP.js
+++ b/src/window/AuthEditLDAP.js
@@ -64,6 +64,12 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
return values;
},
+ cbindData: function(config) {
+ return {
+ isLdap: this.type === 'ldap',
+ isAd: this.type === 'ad',
+ };
+ },
column1: [
{
@@ -80,15 +86,21 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
xtype: 'proxmoxtextfield',
fieldLabel: gettext('Base Domain Name'),
name: 'base-dn',
- allowBlank: false,
emptyText: 'cn=Users,dc=company,dc=net',
+ cbind: {
+ hidden: '{!isLdap}',
+ allowBlank: '{!isLdap}',
+ },
},
{
xtype: 'proxmoxtextfield',
fieldLabel: gettext('User Attribute Name'),
name: 'user-attr',
- allowBlank: false,
emptyText: 'uid / sAMAccountName',
+ cbind: {
+ hidden: '{!isLdap}',
+ allowBlank: '{!isLdap}',
+ },
},
{
xtype: 'proxmoxcheckbox',
@@ -103,7 +115,14 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
fieldLabel: gettext('Bind Domain Name'),
name: 'bind-dn',
allowBlank: false,
- emptyText: 'cn=user,dc=company,dc=net',
+ cbind: {
+ emptyText: get => get('isAd') ? 'user@company.net' : 'cn=user,dc=company,dc=net',
+ autoEl: get => get('isAd') ? {
+ tag: 'div',
+ 'data-qtip':
+ gettext('LDAP DN syntax can be used as well, e.g. cn=user,dc=company,dc=net'),
+ } : {},
+ },
bind: {
disabled: "{anonymous_search}",
},
--
2.42.0