From: Shannon Sterz <s.sterz@proxmox.com>
To: pdm-devel@lists.proxmox.com
Subject: [pdm-devel] [PATCH yew-comp 3/5] auth_view/auth_edit_ldap: add support for active directory realms
Date: Tue, 16 Sep 2025 16:48:20 +0200 [thread overview]
Message-ID: <20250916144827.551806-5-s.sterz@proxmox.com> (raw)
In-Reply-To: <20250916144827.551806-1-s.sterz@proxmox.com>
by adapting the existing AuthEditLdap component to allow editing AD
realms as well. after all, AD realms are just LDAP realms with some
peculiarities.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
src/auth_edit_ldap.rs | 56 ++++++++++++++++++++++++++++++-------------
src/auth_view.rs | 54 ++++++++++++++++++++++++++++++++++-------
src/utils.rs | 3 ++-
3 files changed, 87 insertions(+), 26 deletions(-)
diff --git a/src/auth_edit_ldap.rs b/src/auth_edit_ldap.rs
index 4671a1e..162f828 100644
--- a/src/auth_edit_ldap.rs
+++ b/src/auth_edit_ldap.rs
@@ -34,6 +34,11 @@ pub struct AuthEditLDAP {
#[builder(IntoPropValue, into_prop_value)]
#[prop_or_default]
pub realm: Option<AttrValue>,
+
+ /// Whether this panel is for an Active Directory realm
+ #[builder(IntoPropValue, into_prop_value)]
+ #[prop_or_default]
+ pub ad_realm: Option<bool>,
}
impl Default for AuthEditLDAP {
@@ -162,7 +167,7 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html {
.map(|v| matches!(v.as_str(), Some("ldap+starttls") | Some("ldaps")))
.unwrap_or(false);
- InputPanel::new()
+ let mut input_panel = InputPanel::new()
.class(Flex::Fill)
.class(Overflow::Auto)
.padding(4)
@@ -175,22 +180,28 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html {
.submit(!is_edit),
)
.with_right_field(tr!("Server"), Field::new().name("server1").required(true))
- .with_field(
- tr!("Base Domain Name"),
- Field::new()
- .name("base-dn")
- .required(true)
- .placeholder("cn=Users,dc=company,dc=net"),
- )
.with_field(tr!("Default Realm"), Checkbox::new().name("default"));
+
+ if !props.ad_realm.unwrap_or_default() {
+ input_panel = input_panel
+ .with_field(
+ tr!("Base Domain Name"),
+ Field::new()
+ .name("base-dn")
+ .required(true)
+ .placeholder("cn=Users,dc=company,dc=net"),
+ )
+ .with_field(
+ tr!("User Attribute Name"),
+ Field::new()
+ .name("user-attr")
+ .required(true)
+ .placeholder("uid / sAMAccountName"),
+ )
+ }
+
+ input_panel
.with_right_field(tr!("Fallback Server"), Field::new().name("server2"))
- .with_field(
- tr!("User Attribute Name"),
- Field::new()
- .name("user-attr")
- .required(true)
- .placeholder("uid / sAMAccountName"),
- )
.with_right_field(
tr!("Port"),
Number::<u16>::new()
@@ -228,7 +239,12 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html {
.name("bind-dn")
.required(!anonymous_search)
.disabled(anonymous_search)
- .placeholder("cn=user,dc=company,dc=net"),
+ .placeholder(
+ props
+ .ad_realm
+ .map(|_| "user@company.net")
+ .unwrap_or("cn=user,dc=company,dc=net"),
+ ),
)
.with_right_field(
tr!("Verify Certificate"),
@@ -274,7 +290,13 @@ impl Component for ProxmoxAuthEditLDAP {
}
};
- EditWindow::new(action + ": " + &tr!("LDAP Server"))
+ let title = if props.ad_realm.unwrap_or_default() {
+ tr!("Active Directory Server")
+ } else {
+ tr!("LDAP Server")
+ };
+
+ EditWindow::new(action + ": " + &title)
.loader(
props
.realm
diff --git a/src/auth_view.rs b/src/auth_view.rs
index 4d6e143..a70e80b 100644
--- a/src/auth_view.rs
+++ b/src/auth_view.rs
@@ -42,6 +42,11 @@ pub struct AuthView {
#[builder(IntoPropValue, into_prop_value)]
#[prop_or_default]
ldap_base_url: Option<AttrValue>,
+
+ /// Allow to add/edit LDAP entries
+ #[builder(IntoPropValue, into_prop_value)]
+ #[prop_or_default]
+ ad_base_url: Option<AttrValue>,
}
impl Default for AuthView {
@@ -58,10 +63,12 @@ impl AuthView {
#[derive(PartialEq)]
pub enum ViewState {
+ AddAd,
AddLDAP,
AddOpenID,
EditOpenID(AttrValue),
EditLDAP(AttrValue),
+ EditAd(AttrValue),
}
pub enum Msg {
@@ -146,14 +153,21 @@ impl LoadableComponent for ProxmoxAuthView {
Some(info) => info,
None => return true,
};
- if props.openid_base_url.is_some() && info.ty == "openid" {
- ctx.link()
- .change_view(Some(ViewState::EditOpenID(info.realm.clone().into())));
- }
- if props.ldap_base_url.is_some() && info.ty == "ldap" {
- ctx.link()
- .change_view(Some(ViewState::EditLDAP(info.realm.into())));
- }
+
+ let view = match info.ty.as_str() {
+ "openid" if props.openid_base_url.is_some() => {
+ Some(ViewState::EditOpenID(info.realm.into()))
+ }
+ "ldap" if props.ldap_base_url.is_some() => {
+ Some(ViewState::EditLDAP(info.realm.into()))
+ }
+ "ad" if props.ad_base_url.is_some() => {
+ Some(ViewState::EditAd(info.realm.into()))
+ }
+ _ => return true,
+ };
+
+ ctx.link().change_view(view);
true
}
Msg::Sync => {
@@ -182,6 +196,14 @@ impl LoadableComponent for ProxmoxAuthView {
let mut add_menu = Menu::new();
+ if props.ad_base_url.is_some() {
+ add_menu.add_item(
+ MenuItem::new(tr!("Active Directory Server"))
+ .icon_class("fa fa-fw fa-address-book-o")
+ .on_select(ctx.link().change_view_callback(|_| Some(ViewState::AddAd))),
+ );
+ }
+
if props.ldap_base_url.is_some() {
add_menu.add_item(
MenuItem::new(tr!("LDAP Server"))
@@ -248,6 +270,22 @@ impl LoadableComponent for ProxmoxAuthView {
let props = ctx.props();
match view_state {
+ ViewState::AddAd => Some(
+ AuthEditLDAP::new()
+ .base_url(props.ad_base_url.clone().unwrap())
+ .on_close(ctx.link().change_view_callback(|_| None))
+ .ad_realm(true)
+ .into(),
+ ),
+ ViewState::EditAd(realm) => Some(
+ AuthEditLDAP::new()
+ .base_url(props.ad_base_url.clone().unwrap())
+ .realm(realm.clone())
+ .on_close(ctx.link().change_view_callback(|_| None))
+ .ad_realm(true)
+ .into(),
+ ),
+
ViewState::AddLDAP => Some(
AuthEditLDAP::new()
.base_url(props.ldap_base_url.clone().unwrap())
diff --git a/src/utils.rs b/src/utils.rs
index bfdbccd..544ed76 100644
--- a/src/utils.rs
+++ b/src/utils.rs
@@ -293,7 +293,8 @@ pub fn get_auth_domain_info(ty: &str) -> Option<AuthDomainInfo> {
sync: false,
});
}
- if ty == "ldap" {
+
+ if ty == "ldap" || ty == "ad" {
return Some(AuthDomainInfo {
ty: ty.to_string(),
//description: tr!("LDAP Server"),
--
2.47.3
_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel
next prev parent reply other threads:[~2025-09-16 14:49 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-16 14:48 [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp 00/11] Add LDAP and AD realm support to Proxmox Datacenter Manager Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH proxmox 1/1] ldap: add types and sync features Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH yew-comp 1/5] auth_view: add default column and allow setting ldap realms as default Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH yew-comp 2/5] utils: add pdm realm to `get_auth_domain_info` Shannon Sterz
2025-09-16 14:48 ` Shannon Sterz [this message]
2025-09-16 14:48 ` [pdm-devel] [PATCH yew-comp 4/5] auth_edit_ldap: add helpers to properly edit ad & ldap realms Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH yew-comp 5/5] auth_view: implement syncing ldap and ad realms Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH datacenter-manager 1/5] config: add domain config plugins for " Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH datacenter-manager 2/5] server: add ldap and active directory authenticators Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH datacenter-manager 3/5] server: api: add api endpoints for configuring ldap & ad realms Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH datacenter-manager 4/5] api/auth: add endpoint to start ldap sync jobs Shannon Sterz
2025-09-16 14:48 ` [pdm-devel] [PATCH datacenter-manager 5/5] ui: add a panel to allow handling realms Shannon Sterz
2025-09-19 10:02 ` [pdm-devel] [PATCH datacenter-manager/proxmox/yew-comp 00/11] Add LDAP and AD realm support to Proxmox Datacenter Manager Christoph Heiss
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250916144827.551806-5-s.sterz@proxmox.com \
--to=s.sterz@proxmox.com \
--cc=pdm-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox