From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id C551A1FF143 for ; Sat, 11 Apr 2026 10:51:56 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 72119525F; Sat, 11 Apr 2026 10:52:42 +0200 (CEST) From: Thomas Lamprecht To: c.ebner@proxmox.com Subject: Re: [PATCH proxmox-backup v2 19/27] ui: define and expose encryption key management menu item and windows Date: Sat, 11 Apr 2026 10:02:12 +0200 Message-ID: <20260411085154.1961287-8-t.lamprecht@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260410165454.1578501-20-c.ebner@proxmox.com> References: <20260411085154.1961287-1-t.lamprecht@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1775897455134 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.002 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [key.data] Message-ID-Hash: 6JUGGAXBVE4A57NP6RRIXPQRNQN6D3VZ X-Message-ID-Hash: 6JUGGAXBVE4A57NP6RRIXPQRNQN6D3VZ X-MailFrom: t.lamprecht@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: pbs-devel@lists.proxmox.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Backup Server development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Am 10.04.26 um 18:54 schrieb Christian Ebner: > diff --git a/www/config/EncryptionKeysView.js b/www/config/EncryptionKeysView.js > @@ -0,0 +1,324 @@ > > + archiveEncryptionKey: function () { > + ... > + if (selection[0].data.type === 'tape') { > + Ext.Msg.alert(gettext('Error'), gettext('cannot archive tape key')); Missing `return;` here - the code falls through to the API2Request below even after showing the error alert for tape keys. The enableFn on the button should prevent reaching this in practice, but it is still wrong. > + } > + reload: async function () { > + let [syncKeys, tapeKeys] = await Promise.all([syncKeysFuture, tapeKeysFuture]); Might profit from wrapping this in a try/catch - if the user lacks permissions for one of the two endpoints the entire panel dies with an unhandled promise rejection instead of showing partial results. nit: Type column with width 50 px might be rather narrow for icon + label, but did not checked out the result yet, so YMMV. nit: the synthetic tape key IDs are not super nice/telling on their own. The tape keys have a hint field that would be more meaningful to display (in addition?). > diff --git a/www/window/EncryptionKeysEdit.js b/www/window/EncryptionKeysEdit.js > @@ -0,0 +1,383 @@ > > + if (key.data === undefined) { > + return 'Does not seems like a valid Proxmox Backup key!'; nit: missing gettect for both validator strings, also: s/seems/seem/ > + { > + xtype: 'displayfield', > + name: 'crypt-key-fp', > + fieldLabel: gettext('Key Source'), > + padding: '2 0', > + }, Is this set anywhere? I could not find a matching field name in the API response nor this getting manually set. In fact, `rg -i 'crypt.?key.?fp'` shows only this lone instance here.