[pve-devel] [PATCH manager 5/6] ui: dc/AuthEdit: add sync tab for ldap/ad realms

Dominik Csapak d.csapak at proxmox.com
Thu Apr 9 16:10:48 CEST 2020


this modifies AuthEditBase so that if there is a sync inputpanel specified,
we display it in a second tab (we need to modify the bodyPadding here,
else the whole window has too much padding)

we use the same panel for both ldap/ad, since the most options behave
the same (except for user_attribute, but the default for AD is
sAMAccount which i think is good enough for now, users can still
override it in the cli)

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
i have an idea to refactor the whole propertystring parsing/printing
but it needs more work, since i would have to move some code
to the widget-toolkit (the Parser class would have to be moved there)

but this has to wait for now (i really want to do this since
we have the same pattern quite some times, e.g. for the whole
net/disk/mp panels in lxc/qemu)

 www/manager6/Utils.js           |   2 +
 www/manager6/dc/AuthEditBase.js |  37 ++++++-
 www/manager6/dc/AuthEditLDAP.js | 185 ++++++++++++++++++++++++++++++++
 3 files changed, 221 insertions(+), 3 deletions(-)

diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index 27e81c1e..5e38b81d 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -570,11 +570,13 @@ Ext.define('PVE.Utils', { utilities: {
 	ad: {
 	    name: gettext('Active Directory Server'),
 	    ipanel: 'pveAuthADPanel',
+	    syncipanel: 'pveAuthLDAPSyncPanel',
 	    add: true,
 	},
 	ldap: {
 	    name: gettext('LDAP Server'),
 	    ipanel: 'pveAuthLDAPPanel',
+	    syncipanel: 'pveAuthLDAPSyncPanel',
 	    add: true,
 	},
 	pam: {
diff --git a/www/manager6/dc/AuthEditBase.js b/www/manager6/dc/AuthEditBase.js
index 5c4b6a90..cf7d97fe 100644
--- a/www/manager6/dc/AuthEditBase.js
+++ b/www/manager6/dc/AuthEditBase.js
@@ -91,13 +91,44 @@ Ext.define('PVE.dc.AuthEditBase', {
 
 	me.subject = authConfig.name;
 
-	Ext.apply(me, {
-	    items: [{
+	let items;
+	let bodyPadding;
+	if (authConfig.syncipanel) {
+	    bodyPadding = 0;
+	    items = {
+		xtype: 'tabpanel',
+		region: 'center',
+		layout: 'fit',
+		bodyPadding: 10,
+		items: [
+		    {
+			title: gettext('General'),
+			realm: me.realm,
+			xtype: authConfig.ipanel,
+			isCreate: me.isCreate,
+			type: me.authType,
+		    },
+		    {
+			title: gettext('Sync Options'),
+			realm: me.realm,
+			xtype: authConfig.syncipanel,
+			isCreate: me.isCreate,
+			type: me.authType,
+		    },
+		],
+	    };
+	} else {
+	    items = [{
 		realm: me.realm,
 		xtype: authConfig.ipanel,
 		isCreate: me.isCreate,
 		type: me.authType,
-	    }],
+	    }];
+	}
+
+	Ext.apply(me, {
+	    items,
+	    bodyPadding,
 	});
 
 	me.callParent();
diff --git a/www/manager6/dc/AuthEditLDAP.js b/www/manager6/dc/AuthEditLDAP.js
index 3c32a378..0ca6f6ac 100644
--- a/www/manager6/dc/AuthEditLDAP.js
+++ b/www/manager6/dc/AuthEditLDAP.js
@@ -59,3 +59,188 @@ Ext.define('PVE.panel.LDAPInputPanel', {
 	me.callParent();
     },
 });
+
+Ext.define('PVE.panel.LDAPSyncInputPanel', {
+    extend: 'Proxmox.panel.InputPanel',
+    xtype: 'pveAuthLDAPSyncPanel',
+
+    editableAttributes: ['email'],
+    editableDefaults: ['scope', 'full', 'enable-new', 'purge'],
+
+    // (de)construct the sync-attributes from the list above,
+    // not touching all others
+    onGetValues: function(values) {
+	let me = this;
+	me.editableDefaults.forEach((attr) => {
+	    if (values[attr]) {
+		me.default_opts[attr] = values[attr];
+		delete values[attr];
+	    } else {
+		delete me.default_opts[attr];
+	    }
+	});
+	values['sync-defaults-options'] = PVE.Parser.printPropertyString(me.default_opts);
+	me.editableAttributes.forEach((attr) => {
+	    if (values[attr]) {
+		me.sync_attributes[attr] = values[attr];
+		delete values[attr];
+	    } else {
+		delete me.sync_attributes[attr];
+	    }
+	});
+	values.sync_attributes = PVE.Parser.printPropertyString(me.sync_attributes);
+
+	PVE.Utils.delete_if_default(values, 'sync-defaults-options');
+	PVE.Utils.delete_if_default(values, 'sync_attributes');
+
+	return values;
+    },
+
+    setValues: function(values) {
+	let me = this;
+	me.sync_attributes = {};
+	if (values.sync_attributes) {
+	    me.sync_attributes = PVE.Parser.parsePropertyString(values.sync_attributes);
+	    delete values.sync_attributes;
+	    me.editableAttributes.forEach((attr) => {
+		if (me.sync_attributes[attr]) {
+		    values[attr] = me.sync_attributes[attr];
+		}
+	    });
+	}
+	me.default_opts = {};
+	if (values['sync-defaults-options']) {
+	    me.default_opts = PVE.Parser.parsePropertyString(values['sync-defaults-options']);
+	    delete values.default_opts;
+	    me.editableDefaults.forEach((attr) => {
+		if (me.default_opts[attr]) {
+		    values[attr] = me.default_opts[attr];
+		}
+	    });
+	}
+	return me.callParent([values]);
+    },
+
+    column1: [
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'bind_dn',
+	    deleteEmpty: true,
+	    emptyText: Proxmox.Utils.noneText,
+	    fieldLabel: gettext('Bind User'),
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    inputType: 'password',
+	    name: 'password',
+	    emptyText: gettext('Unchanged'),
+	    fieldLabel: gettext('Bind Password'),
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'email',
+	    fieldLabel: gettext('E-Mail attribute'),
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'group_name_attr',
+	    deleteEmpty: true,
+	    fieldLabel: gettext('Groupname attr.'),
+	},
+	{
+	    xtype: 'displayfield',
+	    value: gettext('Default Sync Options'),
+	},
+	{
+	    xtype: 'proxmoxKVComboBox',
+	    name: 'scope',
+	    emptyText: Proxmox.Utils.NoneText,
+	    fieldLabel: gettext('Scope'),
+	    value: '__default__',
+	    deleteEmpty: false,
+	    comboItems: [
+		['__default__', Proxmox.Utils.NoneText],
+		['users', gettext('Users')],
+		['groups', gettext('Groups')],
+		['both', gettext('Users and Groups')],
+	    ],
+	},
+	{
+	    xtype: 'proxmoxKVComboBox',
+	    value: '__default__',
+	    deleteEmpty: false,
+	    comboItems: [
+		['__default__', Proxmox.Utils.NoneText],
+		['1', Proxmox.Utils.yesText],
+		['0', Proxmox.Utils.noText],
+	    ],
+	    name: 'full',
+	    fieldLabel: gettext('Full'),
+	},
+    ],
+
+    column2: [
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'user_classes',
+	    fieldLabel: gettext('User classes'),
+	    deleteEmpty: true,
+	    emptyText: 'inetorgperson, posixaccount, person, user',
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'group_classes',
+	    fieldLabel: gettext('Group classes'),
+	    deleteEmpty: true,
+	    emptyText: 'groupOfNames, group, univentionGroup, ipausergroup',
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'filter',
+	    fieldLabel: gettext('User Filter'),
+	    deleteEmpty: true,
+	},
+	{
+	    xtype: 'proxmoxtextfield',
+	    name: 'group_filter',
+	    fieldLabel: gettext('Group Filter'),
+	    deleteEmpty: true,
+	},
+	{
+	    // fake for spacing
+	    xtype: 'displayfield',
+	    value: ' ',
+	},
+	{
+	    xtype: 'proxmoxKVComboBox',
+	    value: '__default__',
+	    deleteEmpty: false,
+	    comboItems: [
+		[
+		    '__default__',
+		    Ext.String.format(
+			gettext("{0} ({1})"),
+			Proxmox.Utils.yesText,
+			Proxmox.Utils.defaultText,
+		    ),
+		],
+		['1', Proxmox.Utils.yesText],
+		['0', Proxmox.Utils.noText],
+	    ],
+	    name: 'enable-new',
+	    fieldLabel: gettext('Enable new users'),
+	},
+	{
+	    xtype: 'proxmoxKVComboBox',
+	    value: '__default__',
+	    deleteEmpty: false,
+	    comboItems: [
+		['__default__', Proxmox.Utils.NoneText],
+		['1', Proxmox.Utils.yesText],
+		['0', Proxmox.Utils.noText],
+	    ],
+	    name: 'purge',
+	    fieldLabel: gettext('Purge'),
+	},
+    ],
+});
-- 
2.20.1





More information about the pve-devel mailing list