Most of the time this isn't an issue for job edits, but here we have
two "enable" checkboxes that control enabling newly synced users and
enabling the job itself, try to be absolutely clear on both to avoid
potential confusion.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
it's somewhat redundant as onbe is already at the realm view, but for
panel titles it slightly helps if one doesn't have to string together
such "clues" oneself, i.e., it's easier to see where one is - e.g.,
if switching from some other task back to the web UI again, and we
have enough space here, so we ain't winning anything if keeping it
short.
Also add an emptyText to the grid, mostly as view's without anything
always look a bit off (like an error happened on load and one forgot
to mask)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to make it consistent with the repositories ui, since having a checkbox
that is not clickable is confusing
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
by adding an empty text to the dropdown, and disabling the other
possibly invalid fields, so that it's clear why the panel is invalid
as soon as there is an ldap/ad realm, it gets autoselected anyway and
the fields get re-enabled.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
To get a fast overview in which groups each user is add a column that
shows all groups they are a member of.
To get that info we need to pass the 'full=1' parameter to the API
endpoint, which then adds tokens and groups for each user to the result.
This is basically only increasing transmission size a bit, as the
backend doesn't needs to do any extra parsing for this information.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
[T: Reword commit message ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
add a default virtual zone called 'localnetwork' in the ressource tree,
and handle permissions like a true sdn zone
(no conflict with true sdn zone is possible, as they have 8 characters max)
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
This is weird and buggy and breaches the unpriv./priv. separation of
our api daemons, so root-only for now and possibly removal soon.
note that this had several limitations already anyway, like running
in sync context and thus failing after 30s.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
One must not call gettext on the already formatted string, as we
cannot translate it for any possible value, rather the format string
it self needs to be gettext'd, then the translator can position the
variable template placeholders however it's correct for their
language without having to care about any value this could be called
with.
Fixes: d057929f ("ui: user view: fix calling order of gettext")
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The pool number is shown in a few places, having it easily accessible
can help to understand which pool a warning/error refers to.
For example, the PG ID consists of '{pool nr}.{pg nr}' and is shown in
every warning concerning that PG.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
Rather than failing with an error claiming that the job doesn't exist.
The disabled status will be visible in the result of the call.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Adds a default-on checkbox to the QEMU Guest Agent feature selector
controlling the 'fs-freeze-on-backup' option. If unchecked, an
additional warning is displayed that backups can potentially corrupt
with this setting off.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
the cloudinit options except for ipconfig are all modifiable with just
"VM.Config.Cloudinit".
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
nested conditionals stretching over multiple lines are always a bit hard to
untangle, so let's make it explicit:
1. is the interface a bridge
2. if it is, are we looking for one?
3. is it something else that we are looking for?
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Like it did here before 9f65a584 ("api: backup: update: check
permissions of delete params too") and like it does in the create
case.
This should not have a practical effect, it's mostly for consistency
and to avoid anybody reading anything into the different orders of
checks between update and create.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
In particular this ensures that the user is allowed to remove data on
the storage, because configuring low retention results in removed
older backups. Of course setting the storage itself also needs to
require the same privilege then.
This is a breaking API change, but it seems sensible to require
permissions on the affected storage too.
Jobs with a dumpdir setting can be configured by root only.
Suggested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
factor out the relevant privilege checks in a variable and reuse that,
also add the check in the run_editor (or wrap it with a check) so that
the edit windows don't open with a double click without those privileges
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Use enableFn to enable/disable the toolbar buttons according to the
existing privileges.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ D: adapted commit subject and added commit message ]
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The current VM.Console cap is wrong.
Only log panel needs VM.Console, the other ones only need VM.Audit.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ D: rewrite commit message a bit ]
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Commit e97c2601 ("change to debian font-awesome") removed the usage of
the in-tree font-awesome files, replacing them with the Debian package.
Thus clear out these leftovers out, as they are completely usused.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
GnuPG chokes on it otherwise...
Fixes: 00ea2e4b ("aplinfo: use sequioa for key ring generation")
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
a typical CRUD panel for adding/editing/removing realm sync jobs
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
