* [pve-devel] [PATCH access-control/manager] add openid gui handling
@ 2021-07-01 12:24 Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list Dominik Csapak
` (7 more replies)
0 siblings, 8 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:24 UTC (permalink / raw)
To: pve-devel
for realm add/edit, as well as disabling/hiding irrelevant buttons
pve-access-control:
Dominik Csapak (1):
api: user: add realmtype to user list
src/PVE/API2/User.pm | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
pve-manager:
Dominik Csapak (6):
ui: dc/AuthEditBase: only add tfa field on auth modes that support
that
ui: dc: add AuthEditOpenId panel
ui: dc/UserView: disable TFA button based on realm type
ui: dc/UserView: disable Password button based on realm type
ui: Utils: refactor userid parsing to Utils
ui: Workspace: use domains info to hide password/tfa items
www/manager6/Makefile | 1 +
www/manager6/Utils.js | 40 +++++++++++++++-
www/manager6/Workspace.js | 19 ++++++++
www/manager6/dc/AuthEditBase.js | 14 ++++--
www/manager6/dc/AuthEditOpenId.js | 77 +++++++++++++++++++++++++++++++
www/manager6/dc/UserView.js | 22 ++++++++-
6 files changed, 165 insertions(+), 8 deletions(-)
create mode 100644 www/manager6/dc/AuthEditOpenId.js
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-02 11:48 ` [pve-devel] applied: " Thomas Lamprecht
2021-07-01 12:25 ` [pve-devel] [PATCH manager 1/6] ui: dc/AuthEditBase: only add tfa field on auth modes that support that Dominik Csapak
` (6 subsequent siblings)
7 siblings, 1 reply; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
this makes it much easier to determine if a user can e.g.
change a password or tfa, based on realm
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
src/PVE/API2/User.pm | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/src/PVE/API2/User.pm b/src/PVE/API2/User.pm
index 05de57f..f1249a8 100644
--- a/src/PVE/API2/User.pm
+++ b/src/PVE/API2/User.pm
@@ -149,7 +149,11 @@ __PACKAGE__->register_method ({
items => $token_info_extend->({
tokenid => get_standard_option('token-subid'),
}),
- }
+ },
+ realmtype => {
+ type => 'string',
+ description => 'The type of the users realm',
+ },
},
},
links => [ { rel => 'child', href => "{userid}" } ],
@@ -161,6 +165,9 @@ __PACKAGE__->register_method ({
my $usercfg = $rpcenv->{user_cfg};
my $authuser = $rpcenv->get_user();
+ my $domainscfg = cfs_read_file('domains.cfg');
+ my $domainids = $domainscfg->{ids};
+
my $res = [];
my $privs = [ 'User.Modify', 'Sys.Audit' ];
@@ -184,6 +191,12 @@ __PACKAGE__->register_method ({
$entry->{tokens} = [ map { { tokenid => $_, %{$entry->{tokens}->{$_}} } } sort keys %{$entry->{tokens}} ]
if defined($entry->{tokens});
+ my (undef, undef, $realm) = PVE::AccessControl::verify_username($user, 1);
+
+ if (defined($realm) && $domainids->{$realm}) {
+ $entry->{realmtype} = $domainids->{$realm}->{type};
+ }
+
$entry->{userid} = $user;
push @$res, $entry;
}
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 1/6] ui: dc/AuthEditBase: only add tfa field on auth modes that support that
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 2/6] ui: dc: add AuthEditOpenId panel Dominik Csapak
` (5 subsequent siblings)
7 siblings, 0 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
for now that are all, but we will ad one where that is not possible
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
www/manager6/Utils.js | 3 +++
www/manager6/dc/AuthEditBase.js | 14 +++++++++-----
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index 44d72c7b..d728c4be 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -733,17 +733,20 @@ Ext.define('PVE.Utils', {
ipanel: 'pveAuthADPanel',
syncipanel: 'pveAuthLDAPSyncPanel',
add: true,
+ tfa: true,
},
ldap: {
name: gettext('LDAP Server'),
ipanel: 'pveAuthLDAPPanel',
syncipanel: 'pveAuthLDAPSyncPanel',
add: true,
+ tfa: true,
},
pam: {
name: 'Linux PAM',
ipanel: 'pveAuthBasePanel',
add: false,
+ tfa: true,
},
pve: {
name: 'Proxmox VE authentication server',
diff --git a/www/manager6/dc/AuthEditBase.js b/www/manager6/dc/AuthEditBase.js
index f07052a0..e18fbc3b 100644
--- a/www/manager6/dc/AuthEditBase.js
+++ b/www/manager6/dc/AuthEditBase.js
@@ -24,6 +24,8 @@ Ext.define('PVE.panel.AuthBase', {
initComponent: function() {
let me = this;
+ let options = PVE.Utils.authSchema[me.type];
+
if (!me.column1) { me.column1 = []; }
if (!me.column2) { me.column2 = []; }
if (!me.columnB) { me.columnB = []; }
@@ -45,11 +47,13 @@ Ext.define('PVE.panel.AuthBase', {
uncheckedValue: 0,
});
- // last field of column2is tfa
- me.column2.push({
- xtype: 'pveTFASelector',
- deleteEmpty: !me.isCreate,
- });
+ if (options.tfa) {
+ // last field of column2is tfa
+ me.column2.push({
+ xtype: 'pveTFASelector',
+ deleteEmpty: !me.isCreate,
+ });
+ }
me.columnB.push({
xtype: 'textfield',
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 2/6] ui: dc: add AuthEditOpenId panel
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 1/6] ui: dc/AuthEditBase: only add tfa field on auth modes that support that Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 3/6] ui: dc/UserView: disable TFA button based on realm type Dominik Csapak
` (4 subsequent siblings)
7 siblings, 0 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
for adding and editing openid realms, does not support tfa
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
www/manager6/Makefile | 1 +
www/manager6/Utils.js | 6 +++
www/manager6/dc/AuthEditOpenId.js | 77 +++++++++++++++++++++++++++++++
3 files changed, 84 insertions(+)
create mode 100644 www/manager6/dc/AuthEditOpenId.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index 3e3fb6eb..ecd6657e 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -120,6 +120,7 @@ JSSRC= \
dc/AuthEditBase.js \
dc/AuthEditAD.js \
dc/AuthEditLDAP.js \
+ dc/AuthEditOpenId.js \
dc/AuthView.js \
dc/Backup.js \
dc/Cluster.js \
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index d728c4be..e642e283 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -742,6 +742,12 @@ Ext.define('PVE.Utils', {
add: true,
tfa: true,
},
+ openid: {
+ name: gettext('OpenID Server'),
+ ipanel: 'pveAuthOpenIDPanel',
+ add: true,
+ tfa: false,
+ },
pam: {
name: 'Linux PAM',
ipanel: 'pveAuthBasePanel',
diff --git a/www/manager6/dc/AuthEditOpenId.js b/www/manager6/dc/AuthEditOpenId.js
new file mode 100644
index 00000000..f82122e2
--- /dev/null
+++ b/www/manager6/dc/AuthEditOpenId.js
@@ -0,0 +1,77 @@
+Ext.define('PVE.panel.OpenIDInputPanel', {
+ extend: 'PVE.panel.AuthBase',
+ xtype: 'pveAuthOpenIDPanel',
+
+ initComponent: function() {
+ let me = this;
+
+ if (me.type !== 'openid') {
+ throw 'invalid type';
+ }
+
+ me.columnT = [
+ {
+ xtype: 'textfield',
+ name: 'issuer-url',
+ fieldLabel: gettext('Issuer URL'),
+ allowBlank: false,
+ },
+ ];
+
+ me.column1 = [
+ {
+ xtype: 'proxmoxtextfield',
+ fieldLabel: gettext('Client ID'),
+ name: 'client-id',
+ allowBlank: false,
+ },
+ {
+ xtype: 'proxmoxtextfield',
+ fieldLabel: gettext('Client Key'),
+ deleteEmpty: !me.isCreate,
+ name: 'client-key',
+ },
+ ];
+
+ me.column2 = [
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('Autocreate Users'),
+ name: 'autocreate',
+ value: 0,
+ deleteEmpty: !me.isCreate,
+ },
+ ];
+
+ if (me.isCreate) {
+ me.column2.push({
+ xtype: 'proxmoxKVComboBox',
+ name: 'username-claim',
+ value: '__default__',
+ deleteEmpty: !me.isCreate,
+ fieldLabel: gettext('Username Claim'),
+ comboItems: [
+ ['__default__', Proxmox.Utils.defaultText],
+ ['subject', 'subject'],
+ ['username', 'username'],
+ ['email', 'email'],
+ ],
+ });
+ }
+
+ me.callParent();
+ },
+ onGetValues: function(values) {
+ let me = this;
+
+ if (!values.verify) {
+ if (!me.isCreate) {
+ Proxmox.Utils.assemble_field_data(values, { 'delete': 'verify' });
+ }
+ delete values.verify;
+ }
+
+ return me.callParent([values]);
+ },
+});
+
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 3/6] ui: dc/UserView: disable TFA button based on realm type
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
` (2 preceding siblings ...)
2021-07-01 12:25 ` [pve-devel] [PATCH manager 2/6] ui: dc: add AuthEditOpenId panel Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 4/6] ui: dc/UserView: disable Password " Dominik Csapak
` (3 subsequent siblings)
7 siblings, 0 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
www/manager6/dc/UserView.js | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/www/manager6/dc/UserView.js b/www/manager6/dc/UserView.js
index 244c30f6..20ae3090 100644
--- a/www/manager6/dc/UserView.js
+++ b/www/manager6/dc/UserView.js
@@ -72,6 +72,15 @@ Ext.define('PVE.dc.UserView', {
text: 'TFA',
disabled: true,
selModel: sm,
+ enableFn: function(record) {
+ if (record.data.realmtype) {
+ let type = record.data.realmtype;
+ if (PVE.Utils.authSchema[type]) {
+ return !!PVE.Utils.authSchema[type].tfa;
+ }
+ }
+ return false;
+ },
handler: function(btn, event, rec) {
var d = rec.data;
var tfa_type = PVE.Parser.parseTfaType(d.keys);
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 4/6] ui: dc/UserView: disable Password button based on realm type
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
` (3 preceding siblings ...)
2021-07-01 12:25 ` [pve-devel] [PATCH manager 3/6] ui: dc/UserView: disable TFA button based on realm type Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 5/6] ui: Utils: refactor userid parsing to Utils Dominik Csapak
` (2 subsequent siblings)
7 siblings, 0 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
www/manager6/Utils.js | 5 +++++
www/manager6/dc/UserView.js | 9 +++++++++
2 files changed, 14 insertions(+)
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index e642e283..fbd2dfa8 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -734,6 +734,7 @@ Ext.define('PVE.Utils', {
syncipanel: 'pveAuthLDAPSyncPanel',
add: true,
tfa: true,
+ pwchange: true,
},
ldap: {
name: gettext('LDAP Server'),
@@ -741,23 +742,27 @@ Ext.define('PVE.Utils', {
syncipanel: 'pveAuthLDAPSyncPanel',
add: true,
tfa: true,
+ pwchange: true,
},
openid: {
name: gettext('OpenID Server'),
ipanel: 'pveAuthOpenIDPanel',
add: true,
tfa: false,
+ pwchange: false,
},
pam: {
name: 'Linux PAM',
ipanel: 'pveAuthBasePanel',
add: false,
tfa: true,
+ pwchange: true,
},
pve: {
name: 'Proxmox VE authentication server',
ipanel: 'pveAuthBasePanel',
add: false,
+ pwchange: true,
},
},
diff --git a/www/manager6/dc/UserView.js b/www/manager6/dc/UserView.js
index 20ae3090..957b7724 100644
--- a/www/manager6/dc/UserView.js
+++ b/www/manager6/dc/UserView.js
@@ -58,6 +58,15 @@ Ext.define('PVE.dc.UserView', {
text: gettext('Password'),
disabled: true,
selModel: sm,
+ enableFn: function(record) {
+ if (record.data.realmtype) {
+ let type = record.data.realmtype;
+ if (PVE.Utils.authSchema[type]) {
+ return !!PVE.Utils.authSchema[type].pwchange;
+ }
+ }
+ return false;
+ },
handler: function(btn, event, rec) {
Ext.create('Proxmox.window.PasswordEdit', {
userid: rec.data.userid,
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 5/6] ui: Utils: refactor userid parsing to Utils
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
` (4 preceding siblings ...)
2021-07-01 12:25 ` [pve-devel] [PATCH manager 4/6] ui: dc/UserView: disable Password " Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items Dominik Csapak
2021-07-02 13:28 ` [pve-devel] applied-series: [PATCH access-control/manager] add openid gui handling Thomas Lamprecht
7 siblings, 0 replies; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
we'll need that again
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
www/manager6/Utils.js | 26 +++++++++++++++++++++++++-
www/manager6/dc/UserView.js | 4 ++--
2 files changed, 27 insertions(+), 3 deletions(-)
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index fbd2dfa8..d807a37e 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -1770,7 +1770,31 @@ Ext.define('PVE.Utils', {
}
return undefined;
},
-},
+
+ // returns username + realm
+ parse_userid: function(userid) {
+ if (!Ext.isString(userid)) {
+ return [undefined, undefined];
+ }
+
+ let match = userid.match(/^(.+)@([^@]+)$/);
+ if (match !== null) {
+ return [match[1], match[2]];
+ }
+
+ return [undefined, undefined];
+ },
+
+ render_username: function(userid) {
+ let username = PVE.Utils.parse_userid(userid)[0] || "";
+ return Ext.htmlEncode(username);
+ },
+
+ render_realm: function(userid) {
+ let username = PVE.Utils.parse_userid(userid)[1] || "";
+ return Ext.htmlEncode(username);
+ },
+ },
singleton: true,
constructor: function() {
diff --git a/www/manager6/dc/UserView.js b/www/manager6/dc/UserView.js
index 957b7724..79f7c52c 100644
--- a/www/manager6/dc/UserView.js
+++ b/www/manager6/dc/UserView.js
@@ -152,14 +152,14 @@ Ext.define('PVE.dc.UserView', {
header: gettext('User name'),
width: 200,
sortable: true,
- renderer: userid => Ext.String.htmlEncode(userid.match(/^(.+)(@[^@]+)$/)[1]),
+ renderer: PVE.Utils.render_username,
dataIndex: 'userid',
},
{
header: gettext('Realm'),
width: 100,
sortable: true,
- renderer: userid => Ext.String.htmlEncode(userid.match(/@([^@]+)$/)[1]),
+ renderer: PVE.Utils.render_realm,
dataIndex: 'userid',
},
{
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
` (5 preceding siblings ...)
2021-07-01 12:25 ` [pve-devel] [PATCH manager 5/6] ui: Utils: refactor userid parsing to Utils Dominik Csapak
@ 2021-07-01 12:25 ` Dominik Csapak
2021-07-02 13:28 ` [pve-devel] applied: " Thomas Lamprecht
2021-07-02 13:28 ` [pve-devel] applied-series: [PATCH access-control/manager] add openid gui handling Thomas Lamprecht
7 siblings, 1 reply; 11+ messages in thread
From: Dominik Csapak @ 2021-07-01 12:25 UTC (permalink / raw)
To: pve-devel
in the user menu
we have to make an additional api call here, since it is the only
place (currently) where we can get the realm type
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
alternatively, we could give that info in the index or the ticket
api call, but this has the advantage that we will load the
domains and can add them to the acl list (not included in this
series, would send that when this gets applied)
www/manager6/Workspace.js | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/www/manager6/Workspace.js b/www/manager6/Workspace.js
index b93ba669..066d46b6 100644
--- a/www/manager6/Workspace.js
+++ b/www/manager6/Workspace.js
@@ -172,6 +172,23 @@ Ext.define('PVE.StdWorkspace', {
}
},
});
+
+ Proxmox.Utils.API2Request({
+ url: '/access/domains',
+ method: 'GET',
+ success: function(response) {
+ let [_username, realm] = PVE.Utils.parse_userid(Proxmox.UserName);
+ response.result.data.forEach((domain) => {
+ if (domain.realm === realm) {
+ let schema = PVE.Utils.authSchema[domain.type];
+ if (schema) {
+ me.query('#tfaitem')[0].setHidden(!schema.tfa);
+ me.query('#passworditem')[0].setHidden(!schema.pwchange);
+ }
+ }
+ });
+ },
+ });
}
},
@@ -353,6 +370,7 @@ Ext.define('PVE.StdWorkspace', {
},
{
text: gettext('Password'),
+ itemId: 'passworditem',
iconCls: 'fa fa-fw fa-key',
handler: function() {
var win = Ext.create('Proxmox.window.PasswordEdit', {
@@ -363,6 +381,7 @@ Ext.define('PVE.StdWorkspace', {
},
{
text: 'TFA',
+ itemId: 'tfaitem',
iconCls: 'fa fa-fw fa-lock',
handler: function(btn, event, rec) {
var win = Ext.create('PVE.window.TFAEdit', {
--
2.30.2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] applied: [PATCH access-control 1/1] api: user: add realmtype to user list
2021-07-01 12:25 ` [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list Dominik Csapak
@ 2021-07-02 11:48 ` Thomas Lamprecht
0 siblings, 0 replies; 11+ messages in thread
From: Thomas Lamprecht @ 2021-07-02 11:48 UTC (permalink / raw)
To: Proxmox VE development discussion, Dominik Csapak
On 01.07.21 14:25, Dominik Csapak wrote:
> this makes it much easier to determine if a user can e.g.
> change a password or tfa, based on realm
>
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
> src/PVE/API2/User.pm | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
>
>
applied, thanks!
I renamed the property to kebab-style though, so 'realm-type'.
Also switched over to directly using the (already public) realm regex to
parse out the realm, as the call to verify_user here seemed a bit overkill
to me - holler if anything is off now.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] applied-series: [PATCH access-control/manager] add openid gui handling
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
` (6 preceding siblings ...)
2021-07-01 12:25 ` [pve-devel] [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items Dominik Csapak
@ 2021-07-02 13:28 ` Thomas Lamprecht
7 siblings, 0 replies; 11+ messages in thread
From: Thomas Lamprecht @ 2021-07-02 13:28 UTC (permalink / raw)
To: Proxmox VE development discussion, Dominik Csapak
On 01.07.21 14:24, Dominik Csapak wrote:
> for realm add/edit, as well as disabling/hiding irrelevant buttons
>
> pve-access-control:
>
> Dominik Csapak (1):
> api: user: add realmtype to user list
>
> src/PVE/API2/User.pm | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
>
> pve-manager:
>
> Dominik Csapak (6):
> ui: dc/AuthEditBase: only add tfa field on auth modes that support
> that
> ui: dc: add AuthEditOpenId panel
> ui: dc/UserView: disable TFA button based on realm type
> ui: dc/UserView: disable Password button based on realm type
> ui: Utils: refactor userid parsing to Utils
> ui: Workspace: use domains info to hide password/tfa items
>
> www/manager6/Makefile | 1 +
> www/manager6/Utils.js | 40 +++++++++++++++-
> www/manager6/Workspace.js | 19 ++++++++
> www/manager6/dc/AuthEditBase.js | 14 ++++--
> www/manager6/dc/AuthEditOpenId.js | 77 +++++++++++++++++++++++++++++++
> www/manager6/dc/UserView.js | 22 ++++++++-
> 6 files changed, 165 insertions(+), 8 deletions(-)
> create mode 100644 www/manager6/dc/AuthEditOpenId.js
>
applied series, thanks!
^ permalink raw reply [flat|nested] 11+ messages in thread
* [pve-devel] applied: [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items
2021-07-01 12:25 ` [pve-devel] [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items Dominik Csapak
@ 2021-07-02 13:28 ` Thomas Lamprecht
0 siblings, 0 replies; 11+ messages in thread
From: Thomas Lamprecht @ 2021-07-02 13:28 UTC (permalink / raw)
To: Proxmox VE development discussion, Dominik Csapak
On 01.07.21 14:25, Dominik Csapak wrote:
> in the user menu
>
> we have to make an additional api call here, since it is the only
> place (currently) where we can get the realm type
>
> Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
> ---
> alternatively, we could give that info in the index or the ticket
> api call, but this has the advantage that we will load the
> domains and can add them to the acl list (not included in this
> series, would send that when this gets applied)
>
> www/manager6/Workspace.js | 19 +++++++++++++++++++
> 1 file changed, 19 insertions(+)
>
>
applied, with the adaption for moving `parse_userid` to widget-toolkit squashed
into it, thanks!
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2021-07-02 13:28 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-01 12:24 [pve-devel] [PATCH access-control/manager] add openid gui handling Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH access-control 1/1] api: user: add realmtype to user list Dominik Csapak
2021-07-02 11:48 ` [pve-devel] applied: " Thomas Lamprecht
2021-07-01 12:25 ` [pve-devel] [PATCH manager 1/6] ui: dc/AuthEditBase: only add tfa field on auth modes that support that Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 2/6] ui: dc: add AuthEditOpenId panel Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 3/6] ui: dc/UserView: disable TFA button based on realm type Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 4/6] ui: dc/UserView: disable Password " Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 5/6] ui: Utils: refactor userid parsing to Utils Dominik Csapak
2021-07-01 12:25 ` [pve-devel] [PATCH manager 6/6] ui: Workspace: use domains info to hide password/tfa items Dominik Csapak
2021-07-02 13:28 ` [pve-devel] applied: " Thomas Lamprecht
2021-07-02 13:28 ` [pve-devel] applied-series: [PATCH access-control/manager] add openid gui handling Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox