From 4aff870f6c386c70978bde07564a1a7a69eac3ab Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Fri, 12 Jan 2024 17:16:07 +0100 Subject: [PATCH] window: add Active Directory auth panel As AD realms are mostly just LDAP, reuse the LDAP panel and just show/hide some elements based on the type. Signed-off-by: Christoph Heiss --- src/Makefile | 1 + src/Schema.js | 10 ++++++++++ src/window/AuthEditAD.js | 14 ++++++++++++++ src/window/AuthEditLDAP.js | 25 ++++++++++++++++++++++--- 4 files changed, 47 insertions(+), 3 deletions(-) create mode 100644 src/window/AuthEditAD.js diff --git a/src/Makefile b/src/Makefile index 01145b1..89f9962 100644 --- a/src/Makefile +++ b/src/Makefile @@ -95,6 +95,7 @@ JSSRC= \ window/AuthEditBase.js \ window/AuthEditOpenId.js \ window/AuthEditLDAP.js \ + window/AuthEditAD.js \ window/TfaWindow.js \ window/AddTfaRecovery.js \ window/AddTotp.js \ diff --git a/src/Schema.js b/src/Schema.js index 841527f..7833fc0 100644 --- a/src/Schema.js +++ b/src/Schema.js @@ -29,6 +29,16 @@ Ext.define('Proxmox.Schema', { // a singleton pwchange: false, sync: true, }, + ad: { + name: gettext('Active Directory Server'), + ipanel: 'pmxAuthADPanel', + syncipanel: 'pmxAuthADSyncPanel', + add: true, + edit: true, + tfa: true, + pwchange: false, + sync: true, + }, }, // to add or change existing for product specific ones overrideAuthDomains: function(extra) { diff --git a/src/window/AuthEditAD.js b/src/window/AuthEditAD.js new file mode 100644 index 0000000..0de7494 --- /dev/null +++ b/src/window/AuthEditAD.js @@ -0,0 +1,14 @@ +Ext.define('Proxmox.panel.ADInputPanel', { + extend: 'Proxmox.panel.LDAPInputPanel', + xtype: 'pmxAuthADPanel', + + type: 'ad', + onlineHelp: 'user-realms-ad', +}); + +Ext.define('Proxmox.panel.ADSyncInputPanel', { + extend: 'Proxmox.panel.LDAPSyncInputPanel', + xtype: 'pmxAuthADSyncPanel', + + type: 'ad', +}); diff --git a/src/window/AuthEditLDAP.js b/src/window/AuthEditLDAP.js index eb9700a..105fd19 100644 --- a/src/window/AuthEditLDAP.js +++ b/src/window/AuthEditLDAP.js @@ -64,6 +64,12 @@ Ext.define('Proxmox.panel.LDAPInputPanel', { return values; }, + cbindData: function(config) { + return { + isLdap: this.type === 'ldap', + isAd: this.type === 'ad', + }; + }, column1: [ { @@ -80,15 +86,21 @@ Ext.define('Proxmox.panel.LDAPInputPanel', { xtype: 'proxmoxtextfield', fieldLabel: gettext('Base Domain Name'), name: 'base-dn', - allowBlank: false, emptyText: 'cn=Users,dc=company,dc=net', + cbind: { + hidden: '{!isLdap}', + allowBlank: '{!isLdap}', + }, }, { xtype: 'proxmoxtextfield', fieldLabel: gettext('User Attribute Name'), name: 'user-attr', - allowBlank: false, emptyText: 'uid / sAMAccountName', + cbind: { + hidden: '{!isLdap}', + allowBlank: '{!isLdap}', + }, }, { xtype: 'proxmoxcheckbox', @@ -103,7 +115,14 @@ Ext.define('Proxmox.panel.LDAPInputPanel', { fieldLabel: gettext('Bind Domain Name'), name: 'bind-dn', allowBlank: false, - emptyText: 'cn=user,dc=company,dc=net', + cbind: { + emptyText: get => get('isAd') ? 'user@company.net' : 'cn=user,dc=company,dc=net', + autoEl: get => get('isAd') ? { + tag: 'div', + 'data-qtip': + gettext('LDAP DN syntax can be used as well, e.g. cn=user,dc=company,dc=net'), + } : {}, + }, bind: { disabled: "{anonymous_search}", },