* [pve-devel] [PATCH manager 2/4] ui: api token: remove unused fixed user property
2024-10-31 13:46 [pve-devel] [PATCH manager 1/4] ui: api token: remove record context from TokenView add button handler Daniel Kral
@ 2024-10-31 13:46 ` Daniel Kral
2024-10-31 13:46 ` [pve-devel] [PATCH manager 3/4] fix #5722: ui: api token: allow unprivileged users to create their own api tokens Daniel Kral
2024-10-31 13:46 ` [pve-devel] [PATCH manager 4/4] ui: api token: allow unprivileged users to modify " Daniel Kral
2 siblings, 0 replies; 4+ messages in thread
From: Daniel Kral @ 2024-10-31 13:46 UTC (permalink / raw)
To: pve-devel
In earlier versions of the Proxmox VE WebGUI, a separate TokenView
window could be created from a submenu item in the user's menu in the
Workspace toolbar at the top. This submenu item was dropped in the
commit `2ac41a189a7b6853013d1b07bb9788612620ff29` (ui: drop login-user
fixed token edit due to multi window/z-index issues).
This change removes the unused TokenView window component with all
unused references to the `fixedUser` property, which is always unused as
the only provider for this property was the TokenView window component.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
Please correct me if I'm missing something here, but I couldn't find a
usage of the TokenView window or fixedUser property anywhere else and I
assumed that it won't be needed in the future anymore.
This will make the fix for #5722 clearer to implement.
www/manager6/dc/TokenEdit.js | 3 +-
www/manager6/dc/TokenView.js | 62 ------------------------------------
2 files changed, 1 insertion(+), 64 deletions(-)
diff --git a/www/manager6/dc/TokenEdit.js b/www/manager6/dc/TokenEdit.js
index 3b25c739..d1c8300a 100644
--- a/www/manager6/dc/TokenEdit.js
+++ b/www/manager6/dc/TokenEdit.js
@@ -8,7 +8,6 @@ Ext.define('PVE.dc.TokenEdit', {
isAdd: true,
isCreate: false,
- fixedUser: false,
method: 'POST',
url: '/api2/extjs/access/users/',
@@ -33,7 +32,7 @@ Ext.define('PVE.dc.TokenEdit', {
{
xtype: 'pmxDisplayEditField',
cbind: {
- editable: (get) => get('isCreate') && !get('fixedUser'),
+ editable: '{isCreate}',
},
submitValue: true,
editConfig: {
diff --git a/www/manager6/dc/TokenView.js b/www/manager6/dc/TokenView.js
index eb910feb..7d6d4274 100644
--- a/www/manager6/dc/TokenView.js
+++ b/www/manager6/dc/TokenView.js
@@ -7,9 +7,6 @@ Ext.define('PVE.dc.TokenView', {
stateful: true,
stateId: 'grid-tokens',
- // use fixed user
- fixedUser: undefined,
-
initComponent: function() {
let me = this;
@@ -22,34 +19,6 @@ Ext.define('PVE.dc.TokenView', {
});
let reload = function() {
- if (me.fixedUser) {
- Proxmox.Utils.API2Request({
- url: `/access/users/${encodeURIComponent(me.fixedUser)}/token`,
- method: 'GET',
- failure: function(response, opts) {
- Proxmox.Utils.setErrorMask(me, response.htmlStatus);
- me.load_task.delay(me.load_delay);
- },
- success: function(response, opts) {
- Proxmox.Utils.setErrorMask(me, false);
- let result = Ext.decode(response.responseText);
- let data = result.data || [];
- let records = [];
- Ext.Array.each(data, function(token) {
- let r = {};
- r.id = me.fixedUser + '!' + token.tokenid;
- r.userid = me.fixedUser;
- r.tokenid = token.tokenid;
- r.comment = token.comment;
- r.expire = token.expire;
- r.privsep = token.privsep === 1;
- records.push(r);
- });
- store.loadData(records);
- },
- });
- return;
- }
Proxmox.Utils.API2Request({
url: '/access/users/?full=1',
method: 'GET',
@@ -108,13 +77,8 @@ Ext.define('PVE.dc.TokenView', {
disabled: !caps.access['User.Modify'],
handler: function(btn, e) {
let data = {};
- if (me.fixedUser) {
- data.userid = me.fixedUser;
- data.fixedUser = true;
- }
let win = Ext.create('PVE.dc.TokenEdit', {
isCreate: true,
- fixedUser: me.fixedUser,
});
win.setValues(data);
win.on('destroy', reload);
@@ -168,7 +132,6 @@ Ext.define('PVE.dc.TokenView', {
let realm = Ext.String.htmlEncode(uid.substr(realmIndex));
return `${user} <span style='float:right;'>${realm}</span>`;
},
- hidden: !!me.fixedUser,
flex: 2,
},
{
@@ -204,31 +167,6 @@ Ext.define('PVE.dc.TokenView', {
},
});
- if (me.fixedUser) {
- reload();
- }
-
me.callParent();
},
});
-
-Ext.define('PVE.window.TokenView', {
- extend: 'Ext.window.Window',
- mixins: ['Proxmox.Mixin.CBind'],
-
- modal: true,
- subject: gettext('API Tokens'),
- scrollable: true,
- layout: 'fit',
- width: 800,
- height: 400,
- cbind: {
- title: gettext('API Tokens') + ' - {userid}',
- },
- items: [{
- xtype: 'pveTokenView',
- cbind: {
- fixedUser: '{userid}',
- },
- }],
-});
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pve-devel] [PATCH manager 4/4] ui: api token: allow unprivileged users to modify their own api tokens
2024-10-31 13:46 [pve-devel] [PATCH manager 1/4] ui: api token: remove record context from TokenView add button handler Daniel Kral
2024-10-31 13:46 ` [pve-devel] [PATCH manager 2/4] ui: api token: remove unused fixed user property Daniel Kral
2024-10-31 13:46 ` [pve-devel] [PATCH manager 3/4] fix #5722: ui: api token: allow unprivileged users to create their own api tokens Daniel Kral
@ 2024-10-31 13:46 ` Daniel Kral
2 siblings, 0 replies; 4+ messages in thread
From: Daniel Kral @ 2024-10-31 13:46 UTC (permalink / raw)
To: pve-devel
Allows unprivileged users to edit and remove their own API tokens, as
this is already allowed by the respective PUT and DELETE methods on the
API endpoint `/access/users/{userid}/token/{tokenid}`.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
As this cannot be seen in the diff directly: The run_editor is also used
when double-clicking the record item (in addition when clicking the Edit
button while the record item is selected).
This has not been requested in the BugZilla #5722, but has similar
intentions and made sense to include into this patch series as well.
www/manager6/dc/TokenView.js | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/www/manager6/dc/TokenView.js b/www/manager6/dc/TokenView.js
index d275a1c5..f71ab905 100644
--- a/www/manager6/dc/TokenView.js
+++ b/www/manager6/dc/TokenView.js
@@ -57,8 +57,12 @@ Ext.define('PVE.dc.TokenView', {
return `/access/users/${uid}/token/${tid}`;
};
+ let hasTokenCRUDPermissions = function(userid) {
+ return userid === Proxmox.UserName || !!caps.access['User.Modify'];
+ };
+
let run_editor = function(rec) {
- if (!caps.access['User.Modify']) {
+ if (!hasTokenCRUDPermissions(rec.data.userid)) {
return;
}
@@ -88,14 +92,14 @@ Ext.define('PVE.dc.TokenView', {
xtype: 'proxmoxButton',
text: gettext('Edit'),
disabled: true,
- enableFn: (rec) => !!caps.access['User.Modify'],
+ enableFn: (rec) => hasTokenCRUDPermissions(rec.data.userid),
selModel: sm,
handler: (btn, e, rec) => run_editor(rec),
},
{
xtype: 'proxmoxStdRemoveButton',
selModel: sm,
- enableFn: (rec) => !!caps.access['User.Modify'],
+ enableFn: (rec) => hasTokenCRUDPermissions(rec.data.userid),
callback: reload,
getUrl: urlFromRecord,
},
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 4+ messages in thread