[pbs-devel] [PATCH proxmox-backup 16/16] gui: add API token ACLs
Fabian Grünbichler
f.gruenbichler at proxmox.com
Wed Oct 28 12:37:17 CET 2020
and the needed API token selector.
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
www/Makefile | 1 +
www/config/ACLView.js | 42 +++++++++++++++++++----
www/form/TokenSelector.js | 72 +++++++++++++++++++++++++++++++++++++++
www/window/ACLEdit.js | 69 ++++++++++++++++++++++---------------
4 files changed, 150 insertions(+), 34 deletions(-)
create mode 100644 www/form/TokenSelector.js
diff --git a/www/Makefile b/www/Makefile
index ab056c8c..18e77b19 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -6,6 +6,7 @@ IMAGES := \
JSSRC= \
form/UserSelector.js \
+ form/TokenSelector.js \
form/RemoteSelector.js \
form/DataStoreSelector.js \
form/CalendarEvent.js \
diff --git a/www/config/ACLView.js b/www/config/ACLView.js
index d552b029..67bf04f8 100644
--- a/www/config/ACLView.js
+++ b/www/config/ACLView.js
@@ -31,19 +31,35 @@ Ext.define('PBS.config.ACLView', {
controller: {
xclass: 'Ext.app.ViewController',
- addACL: function() {
+ addUserACL: function() {
let me = this;
let view = me.getView();
- Ext.create('PBS.window.ACLEdit', {
+ Ext.create('PBS.window.ACLEdit', {
path: view.aclPath,
+ aclType: 'user',
listeners: {
destroy: function() {
me.reload();
},
},
- }).show();
+ }).show();
},
+ addTokenACL: function() {
+ let me = this;
+ let view = me.getView();
+ Ext.create('PBS.window.ACLEdit', {
+ path: view.aclPath,
+ aclType: 'token',
+ listeners: {
+ destroy: function() {
+ me.reload();
+ },
+ },
+ }).show();
+ },
+
+
removeACL: function(btn, event, rec) {
let me = this;
Proxmox.Utils.API2Request({
@@ -106,10 +122,22 @@ Ext.define('PBS.config.ACLView', {
tbar: [
{
- xtype: 'proxmoxButton',
text: gettext('Add'),
- handler: 'addACL',
- selModel: false,
+ menu: {
+ xtype: 'menu',
+ items: [
+ {
+ text: gettext('User Permission'),
+ iconCls: 'fa fa-fw fa-user',
+ handler: 'addUserACL',
+ },
+ {
+ text: gettext('API Token Permission'),
+ iconCls: 'fa fa-fw fa-user-o',
+ handler: 'addTokenACL',
+ },
+ ],
+ },
},
{
xtype: 'proxmoxStdRemoveButton',
@@ -127,7 +155,7 @@ Ext.define('PBS.config.ACLView', {
dataIndex: 'path',
},
{
- header: gettext('User/Group'),
+ header: gettext('User/Group/API Token'),
width: 100,
sortable: true,
renderer: Ext.String.htmlEncode,
diff --git a/www/form/TokenSelector.js b/www/form/TokenSelector.js
new file mode 100644
index 00000000..502fe827
--- /dev/null
+++ b/www/form/TokenSelector.js
@@ -0,0 +1,72 @@
+Ext.define('PBS.form.TokenSelector', {
+ extend: 'Proxmox.form.ComboGrid',
+ alias: 'widget.pbsTokenSelector',
+
+ allowBlank: false,
+ autoSelect: false,
+ valueField: 'tokenid',
+ displayField: 'tokenid',
+
+ editable: true,
+ anyMatch: true,
+ forceSelection: true,
+
+ store: {
+ model: 'pbs-tokens',
+ params: {
+ enabled: 1,
+ },
+ sorters: 'tokenid',
+ },
+
+ initComponent: function() {
+ let me = this;
+ me.userStore = Ext.create('Ext.data.Store', {
+ model: 'pbs-users-with-tokens',
+ });
+ me.userStore.on('load', this.onLoad, this);
+ me.userStore.load();
+
+ me.callParent();
+ },
+
+ onLoad: function(store, data, success) {
+ if (!success) return;
+
+ let tokenStore = this.store;
+
+ let records = [];
+ Ext.Array.each(data, function(user) {
+ let tokens = user.data.tokens || [];
+ Ext.Array.each(tokens, function(token) {
+ let r = {};
+ r.tokenid = token.tokenid;
+ r.comment = token.comment;
+ r.expire = token.expire;
+ r.enable = token.enable;
+ records.push(r);
+ });
+ });
+
+ tokenStore.loadData(records);
+ },
+
+ listConfig: {
+ columns: [
+ {
+ header: gettext('API Token'),
+ sortable: true,
+ dataIndex: 'tokenid',
+ renderer: Ext.String.htmlEncode,
+ flex: 1,
+ },
+ {
+ header: gettext('Comment'),
+ sortable: false,
+ dataIndex: 'comment',
+ renderer: Ext.String.htmlEncode,
+ flex: 1,
+ },
+ ],
+ },
+});
diff --git a/www/window/ACLEdit.js b/www/window/ACLEdit.js
index ffeb9e81..42db1ff6 100644
--- a/www/window/ACLEdit.js
+++ b/www/window/ACLEdit.js
@@ -14,47 +14,62 @@ Ext.define('PBS.window.ACLEdit', {
// caller can give a static path
path: undefined,
- subject: gettext('User Permission'),
-
- getValues: function(dirtyOnly) {
+ initComponent: function() {
let me = this;
- let values = me.callParent(arguments);
- if (me.path) {
- values.path = me.path;
- }
- return values;
- },
+ me.items = [];
- items: [
- {
+ me.items.push({
xtype: 'pbsPermissionPathSelector',
fieldLabel: gettext('Path'),
- cbind: {
- editable: '{!path}',
- value: '{path}',
- },
+ editable: !me.path,
+ value: me.path,
name: 'path',
allowBlank: false,
- },
- {
- xtype: 'pbsUserSelector',
- fieldLabel: gettext('User'),
- name: 'auth_id',
- allowBlank: false,
- },
- {
+ });
+
+ if (me.aclType === 'user') {
+ me.subject = gettext('User Permission');
+ me.items.push({
+ xtype: 'pbsUserSelector',
+ fieldLabel: gettext('User'),
+ name: 'auth_id',
+ allowBlank: false,
+ });
+ } else if (me.aclType === 'token') {
+ me.subject = gettext('API Token Permission');
+ me.items.push({
+ xtype: 'pbsTokenSelector',
+ fieldLabel: gettext('API Token'),
+ name: 'auth_id',
+ allowBlank: false,
+ });
+ }
+ me.items.push({
xtype: 'pmxRoleSelector',
name: 'role',
value: 'NoAccess',
fieldLabel: gettext('Role'),
- },
- {
+ });
+ me.items.push({
xtype: 'proxmoxcheckbox',
name: 'propagate',
checked: true,
uncheckedValue: 0,
fieldLabel: gettext('Propagate'),
- },
- ],
+ });
+
+ me.callParent();
+ },
+
+ getValues: function(dirtyOnly) {
+ let me = this;
+ let values = me.callParent(arguments);
+
+ if (me.path) {
+ values.path = me.path;
+ }
+ return values;
+ },
+
});
--
2.20.1
More information about the pbs-devel
mailing list