[pbs-devel] [PATCH proxmox-widget-toolkit v2 12/15] window: add Active Directory auth panel
Christoph Heiss
c.heiss at proxmox.com
Wed Aug 16 16:47:42 CEST 2023
As AD realms are mostly just LDAP, reuse the LDAP panel and just
show/hide some elements based on the type.
Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---
Changes v1 -> v2:
* Change AD bind-dn `emptyText to use AD syntax
* Add tooltip to bind-dn field to inform user that LDAP syntax can be
used as well
* Move case-sensitive checkbox to separate patch
src/Makefile | 1 +
src/Schema.js | 10 ++++++++++
src/window/AuthEditAD.js | 14 ++++++++++++++
src/window/AuthEditLDAP.js | 25 ++++++++++++++++++++++---
4 files changed, 47 insertions(+), 3 deletions(-)
create mode 100644 src/window/AuthEditAD.js
diff --git a/src/Makefile b/src/Makefile
index 21fbe76..52094c5 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -95,6 +95,7 @@ JSSRC= \
window/AuthEditBase.js \
window/AuthEditOpenId.js \
window/AuthEditLDAP.js \
+ window/AuthEditAD.js \
window/TfaWindow.js \
window/AddTfaRecovery.js \
window/AddTotp.js \
diff --git a/src/Schema.js b/src/Schema.js
index a7ffdf8..7f491f2 100644
--- a/src/Schema.js
+++ b/src/Schema.js
@@ -29,6 +29,16 @@ Ext.define('Proxmox.Schema', { // a singleton
pwchange: false,
sync: true,
},
+ ad: {
+ name: gettext('Active Directory Server'),
+ ipanel: 'pmxAuthADPanel',
+ syncipanel: 'pmxAuthADSyncPanel',
+ add: true,
+ edit: true,
+ tfa: true,
+ pwchange: false,
+ sync: true,
+ },
},
// to add or change existing for product specific ones
overrideAuthDomains: function(extra) {
diff --git a/src/window/AuthEditAD.js b/src/window/AuthEditAD.js
new file mode 100644
index 0000000..0de7494
--- /dev/null
+++ b/src/window/AuthEditAD.js
@@ -0,0 +1,14 @@
+Ext.define('Proxmox.panel.ADInputPanel', {
+ extend: 'Proxmox.panel.LDAPInputPanel',
+ xtype: 'pmxAuthADPanel',
+
+ type: 'ad',
+ onlineHelp: 'user-realms-ad',
+});
+
+Ext.define('Proxmox.panel.ADSyncInputPanel', {
+ extend: 'Proxmox.panel.LDAPSyncInputPanel',
+ xtype: 'pmxAuthADSyncPanel',
+
+ type: 'ad',
+});
diff --git a/src/window/AuthEditLDAP.js b/src/window/AuthEditLDAP.js
index 6aafb98..8cb7c80 100644
--- a/src/window/AuthEditLDAP.js
+++ b/src/window/AuthEditLDAP.js
@@ -64,6 +64,12 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
return values;
},
+ cbindData: function(config) {
+ return {
+ isLdap: this.type === 'ldap',
+ isAd: this.type === 'ad',
+ };
+ },
column1: [
{
@@ -80,15 +86,21 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
xtype: 'proxmoxtextfield',
fieldLabel: gettext('Base Domain Name'),
name: 'base-dn',
- allowBlank: false,
emptyText: 'cn=Users,dc=company,dc=net',
+ cbind: {
+ hidden: '{!isLdap}',
+ allowBlank: '{!isLdap}',
+ },
},
{
xtype: 'proxmoxtextfield',
fieldLabel: gettext('User Attribute Name'),
name: 'user-attr',
- allowBlank: false,
emptyText: 'uid / sAMAccountName',
+ cbind: {
+ hidden: '{!isLdap}',
+ allowBlank: '{!isLdap}',
+ },
},
{
xtype: 'proxmoxcheckbox',
@@ -103,7 +115,14 @@ Ext.define('Proxmox.panel.LDAPInputPanel', {
fieldLabel: gettext('Bind Domain Name'),
name: 'bind-dn',
allowBlank: false,
- emptyText: 'cn=user,dc=company,dc=net',
+ cbind: {
+ emptyText: get => get('isAd') ? 'user at company.net' : 'cn=user,dc=company,dc=net',
+ autoEl: get => get('isAd') ? {
+ tag: 'div',
+ 'data-qtip':
+ gettext('LDAP DN syntax can be used as well, e.g. cn=user,dc=company,dc=net'),
+ } : {},
+ },
bind: {
disabled: "{anonymous_search}",
},
--
2.41.0
More information about the pbs-devel
mailing list