this commit enforces passwords when using an non-anonymous bind.
hence, it removes the possibility of configuring unauthenticated binds
and brings the gui in-line with the backend.
Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
Fix a race that shows up in chrome/chromium by setting the data in
the view-model that is binded to form fields explicitly on edit, this
avoids a race where the default declared in the viewModel data got
applied after the form data was set, thus having the state out of
sync and so marking the field potentially as dirty even if it wasn't.
Reported-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
When using a string as bind config ExtJS maps this to the property
defined by the components defaultBindProperty, which is a bit to
subtle for my taste.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
...when editing LDAP realm sync settings and only a single property is
empty and thus to be deleted (e.g. values.delete = "filter").
If `delete` is a simple string and not an array,
`Proxmox.Utils.delete_if_default` simply creates a comma-separated list,
(e.g. value.delete = "filter,sync-attributes").
When the properties from the other panel are evaluated and added to the
the `delete` property, comma-separated list format is not considered,
leading to a final value for `delete` that could look like this:
value.delete = {
"server2",
"comment",
"filter,sync-attributes"
}
This commit fixes this by splitting `delete` in case it is a string.
Reported-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
This allows the user to set up a mapping for `firstname` and `lastname`
attributes for LDAP user syncs.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Taken and adapted from PVE.
Changes:
- Removed fields that are irrelevant for PBS for now (PBS has no
groups yet). If PVE is adapted to use the implementation from the
widget toolkit, the fields can simply be readded and somehow
feature-gated so that the fields are only visible/editable on PVE
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
The panel was mostly taken from from PVE, but altered slightly:
- bind-dn and bind-password are displayed under "General"
and not under "Sync". For some servers, we need to be bound
to lookup a user's domain from a given user id attribute.
In PVE, the bind-dn and bind-password fields are under
"Sync", which is a bit confusing if a user is not interested
in automatic user syncing.
- There is a 'anonymous search' checkbox. The value is not persisted
in the configuration, it merely enables/disables the
bind-dn and bind-password fiels to make their intent a bit more
clear.
- Instead of a 'secure' checkbox, a combobox for TLS mode is shown.
This way users can select between LDAP, STARTLS and LDAPS.
In PVE, the 'secure' config parameter is deprecated anyway, so
I took the opportunity to replace it with the 'mode' parameter
as described.
- Parameters now consistently use kebab-case for naming. If
PVE is modified to use the same panel, some sort of adapter
will be needed.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
