From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 43A801FF16F for ; Tue, 16 Sep 2025 16:49:02 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4838617EF3; Tue, 16 Sep 2025 16:49:06 +0200 (CEST) From: Shannon Sterz To: pdm-devel@lists.proxmox.com Date: Tue, 16 Sep 2025 16:48:20 +0200 Message-ID: <20250916144827.551806-5-s.sterz@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20250916144827.551806-1-s.sterz@proxmox.com> References: <20250916144827.551806-1-s.sterz@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1758034103856 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.101 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment POISEN_SPAM_PILL 0.1 Meta: its spam POISEN_SPAM_PILL_2 0.1 random spam to be learned in bayes POISEN_SPAM_PILL_4 0.1 random spam to be learned in bayes SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pdm-devel] [PATCH yew-comp 3/5] auth_view/auth_edit_ldap: add support for active directory realms X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" by adapting the existing AuthEditLdap component to allow editing AD realms as well. after all, AD realms are just LDAP realms with some peculiarities. Signed-off-by: Shannon Sterz --- src/auth_edit_ldap.rs | 56 ++++++++++++++++++++++++++++++------------- src/auth_view.rs | 54 ++++++++++++++++++++++++++++++++++------- src/utils.rs | 3 ++- 3 files changed, 87 insertions(+), 26 deletions(-) diff --git a/src/auth_edit_ldap.rs b/src/auth_edit_ldap.rs index 4671a1e..162f828 100644 --- a/src/auth_edit_ldap.rs +++ b/src/auth_edit_ldap.rs @@ -34,6 +34,11 @@ pub struct AuthEditLDAP { #[builder(IntoPropValue, into_prop_value)] #[prop_or_default] pub realm: Option, + + /// Whether this panel is for an Active Directory realm + #[builder(IntoPropValue, into_prop_value)] + #[prop_or_default] + pub ad_realm: Option, } impl Default for AuthEditLDAP { @@ -162,7 +167,7 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html { .map(|v| matches!(v.as_str(), Some("ldap+starttls") | Some("ldaps"))) .unwrap_or(false); - InputPanel::new() + let mut input_panel = InputPanel::new() .class(Flex::Fill) .class(Overflow::Auto) .padding(4) @@ -175,22 +180,28 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html { .submit(!is_edit), ) .with_right_field(tr!("Server"), Field::new().name("server1").required(true)) - .with_field( - tr!("Base Domain Name"), - Field::new() - .name("base-dn") - .required(true) - .placeholder("cn=Users,dc=company,dc=net"), - ) .with_field(tr!("Default Realm"), Checkbox::new().name("default")); + + if !props.ad_realm.unwrap_or_default() { + input_panel = input_panel + .with_field( + tr!("Base Domain Name"), + Field::new() + .name("base-dn") + .required(true) + .placeholder("cn=Users,dc=company,dc=net"), + ) + .with_field( + tr!("User Attribute Name"), + Field::new() + .name("user-attr") + .required(true) + .placeholder("uid / sAMAccountName"), + ) + } + + input_panel .with_right_field(tr!("Fallback Server"), Field::new().name("server2")) - .with_field( - tr!("User Attribute Name"), - Field::new() - .name("user-attr") - .required(true) - .placeholder("uid / sAMAccountName"), - ) .with_right_field( tr!("Port"), Number::::new() @@ -228,7 +239,12 @@ fn render_general_form(form_ctx: FormContext, props: AuthEditLDAP) -> Html { .name("bind-dn") .required(!anonymous_search) .disabled(anonymous_search) - .placeholder("cn=user,dc=company,dc=net"), + .placeholder( + props + .ad_realm + .map(|_| "user@company.net") + .unwrap_or("cn=user,dc=company,dc=net"), + ), ) .with_right_field( tr!("Verify Certificate"), @@ -274,7 +290,13 @@ impl Component for ProxmoxAuthEditLDAP { } }; - EditWindow::new(action + ": " + &tr!("LDAP Server")) + let title = if props.ad_realm.unwrap_or_default() { + tr!("Active Directory Server") + } else { + tr!("LDAP Server") + }; + + EditWindow::new(action + ": " + &title) .loader( props .realm diff --git a/src/auth_view.rs b/src/auth_view.rs index 4d6e143..a70e80b 100644 --- a/src/auth_view.rs +++ b/src/auth_view.rs @@ -42,6 +42,11 @@ pub struct AuthView { #[builder(IntoPropValue, into_prop_value)] #[prop_or_default] ldap_base_url: Option, + + /// Allow to add/edit LDAP entries + #[builder(IntoPropValue, into_prop_value)] + #[prop_or_default] + ad_base_url: Option, } impl Default for AuthView { @@ -58,10 +63,12 @@ impl AuthView { #[derive(PartialEq)] pub enum ViewState { + AddAd, AddLDAP, AddOpenID, EditOpenID(AttrValue), EditLDAP(AttrValue), + EditAd(AttrValue), } pub enum Msg { @@ -146,14 +153,21 @@ impl LoadableComponent for ProxmoxAuthView { Some(info) => info, None => return true, }; - if props.openid_base_url.is_some() && info.ty == "openid" { - ctx.link() - .change_view(Some(ViewState::EditOpenID(info.realm.clone().into()))); - } - if props.ldap_base_url.is_some() && info.ty == "ldap" { - ctx.link() - .change_view(Some(ViewState::EditLDAP(info.realm.into()))); - } + + let view = match info.ty.as_str() { + "openid" if props.openid_base_url.is_some() => { + Some(ViewState::EditOpenID(info.realm.into())) + } + "ldap" if props.ldap_base_url.is_some() => { + Some(ViewState::EditLDAP(info.realm.into())) + } + "ad" if props.ad_base_url.is_some() => { + Some(ViewState::EditAd(info.realm.into())) + } + _ => return true, + }; + + ctx.link().change_view(view); true } Msg::Sync => { @@ -182,6 +196,14 @@ impl LoadableComponent for ProxmoxAuthView { let mut add_menu = Menu::new(); + if props.ad_base_url.is_some() { + add_menu.add_item( + MenuItem::new(tr!("Active Directory Server")) + .icon_class("fa fa-fw fa-address-book-o") + .on_select(ctx.link().change_view_callback(|_| Some(ViewState::AddAd))), + ); + } + if props.ldap_base_url.is_some() { add_menu.add_item( MenuItem::new(tr!("LDAP Server")) @@ -248,6 +270,22 @@ impl LoadableComponent for ProxmoxAuthView { let props = ctx.props(); match view_state { + ViewState::AddAd => Some( + AuthEditLDAP::new() + .base_url(props.ad_base_url.clone().unwrap()) + .on_close(ctx.link().change_view_callback(|_| None)) + .ad_realm(true) + .into(), + ), + ViewState::EditAd(realm) => Some( + AuthEditLDAP::new() + .base_url(props.ad_base_url.clone().unwrap()) + .realm(realm.clone()) + .on_close(ctx.link().change_view_callback(|_| None)) + .ad_realm(true) + .into(), + ), + ViewState::AddLDAP => Some( AuthEditLDAP::new() .base_url(props.ldap_base_url.clone().unwrap()) diff --git a/src/utils.rs b/src/utils.rs index bfdbccd..544ed76 100644 --- a/src/utils.rs +++ b/src/utils.rs @@ -293,7 +293,8 @@ pub fn get_auth_domain_info(ty: &str) -> Option { sync: false, }); } - if ty == "ldap" { + + if ty == "ldap" || ty == "ad" { return Some(AuthDomainInfo { ty: ty.to_string(), //description: tr!("LDAP Server"), -- 2.47.3 _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel