proxmox-backup/www/config/UserView.js

Ext.define('pmx-users', {
    extend: 'Ext.data.Model',
    fields: [
	'userid', 'firstname', 'lastname', 'email', 'comment', 'totp-locked',
	{ type: 'boolean', name: 'enable', defaultValue: true },
	{ type: 'date', dateFormat: 'timestamp', name: 'expire' },
    ],
    idProperty: 'userid',
    proxy: {
	type: 'proxmox',
	url: '/api2/json/access/users',
    },
});

Ext.define('PBS.config.UserView', {
    extend: 'Ext.grid.GridPanel',
    alias: 'widget.pbsUserView',

    stateful: true,
    stateId: 'grid-users',

    title: gettext('Users'),

    controller: {
	xclass: 'Ext.app.ViewController',

	addUser: function() {
	    let me = this;
            Ext.create('PBS.window.UserEdit', {
		listeners: {
		    destroy: function() {
			me.reload();
		    },
		},
            }).show();
	},

	editUser: function() {
	    let me = this;
	    let view = me.getView();
	    let selection = view.getSelection();
	    if (selection.length < 1) return;

            Ext.create('PBS.window.UserEdit', {
                userid: selection[0].data.userid,
		listeners: {
		    destroy: function() {
			me.reload();
		    },
		},
            }).show();
	},

	setPassword: function() {
	    let me = this;
	    let view = me.getView();
	    let selection = view.getSelection();

	    if (selection.length < 1) return;

	    Ext.create('PBS.window.UserPassword', {
		url: '/api2/extjs/access/users/' + selection[0].data.userid,
	    }).show();
	},

	showPermissions: function() {
	    let me = this;
	    let view = me.getView();
	    let selection = view.getSelection();

	    if (selection.length < 1) return;

	    Ext.create('Proxmox.PermissionView', {
		auth_id: selection[0].data.userid,
		auth_id_name: 'auth-id',
	    }).show();
	},

	renderName: function(val, cell, rec) {
	    let name = [];
	    if (rec.data.firstname) {
		name.push(rec.data.firstname);
	    }
	    if (rec.data.lastname) {
		name.push(rec.data.lastname);
	    }
	    return name.join(' ');
	},

	renderUsername: function(userid) {
	    return Ext.String.htmlEncode(userid.match(/^(.+)@([^@]+)$/)[1]);
	},

	renderRealm: function(userid) {
	    return Ext.String.htmlEncode(userid.match(/^(.+)@([^@]+)$/)[2]);
	},

	reload: function() { this.getView().getStore().rstore.load(); },

	init: function(view) {
	    Proxmox.Utils.monStoreErrors(view, view.getStore().rstore);
	},

	unlockTfa: function(btn, event, rec) {
	    let me = this;
	    let view = me.getView();
	    Ext.Msg.confirm(
		Ext.String.format(gettext('Unlock TFA authentication for {0}'), rec.data.userid),
		gettext("Locked 2nd factors can happen if the user's password was leaked. Are you sure you want to unlock the user?"),
		function(btn_response) {
		    if (btn_response === 'yes') {
			Proxmox.Utils.API2Request({
			    url: `/access/users/${rec.data.userid}/unlock-tfa`,
			    waitMsgTarget: view,
			    method: 'PUT',
			    failure: function(response, options) {
				Ext.Msg.alert(gettext('Error'), response.htmlStatus);
			    },
			    success: function(response, options) {
				me.reload();
			    },
			});
		    }
		},
	    );
	},
    },

    listeners: {
	activate: 'reload',
	itemdblclick: 'editUser',
    },

    store: {
	type: 'diff',
	autoDestroy: true,
	autoDestroyRstore: true,
	sorters: 'userid',
	rstore: {
	    type: 'update',
	    storeid: 'pmx-users',
	    model: 'pmx-users',
	    autoStart: true,
	    interval: 5000,
	},
    },

    tbar: [
	{
	    xtype: 'proxmoxButton',
	    text: gettext('Add'),
	    handler: 'addUser',
	    selModel: false,
	},
	'-',
	{
	    xtype: 'proxmoxButton',
	    text: gettext('Edit'),
	    handler: 'editUser',
	    disabled: true,
	},
	{
	    xtype: 'proxmoxStdRemoveButton',
	    baseurl: '/access/users/',
	    enableFn: (rec) => rec.data.userid !== 'root@pam',
	    getUrl: (rec) =>
		`/access/users/${encodeURIComponent(rec.getId())}`,
	    callback: 'reload',
	},
	'-',
	{
	    xtype: 'proxmoxButton',
	    text: gettext('Change Password'),
	    handler: 'setPassword',
	    disabled: true,
	},
	{
	    xtype: 'proxmoxButton',
	    text: gettext('Show Permissions'),
	    handler: 'showPermissions',
	    disabled: true,
	},
	'-',
	{
	    xtype: 'proxmoxButton',
	    text: gettext('Unlock TFA'),
	    handler: 'unlockTfa',
	    enableFn: ({ data }) =>
	        data['totp-locked'] || (data['tfa-locked-until'] > (new Date().getTime() / 1000)),
	},
    ],

    viewConfig: {
	trackOver: false,
    },

    columns: [
	{
	    header: gettext('User name'),
	    width: 200,
	    sortable: true,
	    renderer: 'renderUsername',
	    dataIndex: 'userid',
	},
	{
	    header: gettext('Realm'),
	    width: 100,
	    sortable: true,
	    renderer: 'renderRealm',
	    dataIndex: 'userid',
	},
	{
	    header: gettext('Enabled'),
	    width: 80,
	    sortable: true,
	    renderer: Proxmox.Utils.format_boolean,
	    dataIndex: 'enable',
	},
	{
	    header: gettext('Expire'),
	    width: 80,
	    sortable: true,
	    renderer: Proxmox.Utils.format_expire,
	    dataIndex: 'expire',
	},
	{
	    header: gettext('Name'),
	    width: 150,
	    sortable: true,
	    dataIndex: 'firstname',
	    renderer: 'renderName',
	},
	{
	    header: gettext('TFA Lock'),
	    width: 120,
	    sortable: true,
	    dataIndex: 'totp-locked',
	    renderer: function(v, metaData, record) {
		let locked_until = record.data['tfa-locked-until'];
		if (locked_until !== undefined) {
		    let now = new Date().getTime() / 1000;
		    if (locked_until > now) {
			return gettext('Locked');
		    }
		}

		if (record.data['totp-locked']) {
		    return gettext('TOTP Locked');
		}

		return Proxmox.Utils.noText;
	    },
	},
	{
	    header: gettext('Comment'),
	    sortable: false,
	    renderer: Ext.String.htmlEncode,
	    dataIndex: 'comment',
	    flex: 1,
	},
    ],
});
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`Ext.define('pmx-users', {`
			`extend: 'Ext.data.Model',`
			`fields: [`
ui: user view: fix refresh for totp locked column by adding the 'totp-locked' column to the model a diff store can only know if a column has changed if the column is defined in the model, otherwise it'll only load it the first time (when the 'load' called on the diff store) Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2023-06-27 13:27:07 +02:00			`'userid', 'firstname', 'lastname', 'email', 'comment', 'totp-locked',`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`{ type: 'boolean', name: 'enable', defaultValue: true },`
			`{ type: 'date', dateFormat: 'timestamp', name: 'expire' },`
			`],`
			`idProperty: 'userid',`
			`proxy: {`
			`type: 'proxmox',`
			`url: '/api2/json/access/users',`
			`},`
			`});`

			`Ext.define('PBS.config.UserView', {`
			`extend: 'Ext.grid.GridPanel',`
			`alias: 'widget.pbsUserView',`

			`stateful: true,`
			`stateId: 'grid-users',`

			`title: gettext('Users'),`

			`controller: {`
			`xclass: 'Ext.app.ViewController',`

			`addUser: function() {`
			`let me = this;`
			`Ext.create('PBS.window.UserEdit', {`
			`listeners: {`
			`destroy: function() {`
			`me.reload();`
			`},`
			`},`
			`}).show();`
			`},`

			`editUser: function() {`
			`let me = this;`
			`let view = me.getView();`
			`let selection = view.getSelection();`
			`if (selection.length < 1) return;`

			`Ext.create('PBS.window.UserEdit', {`
			`userid: selection[0].data.userid,`
			`listeners: {`
			`destroy: function() {`
			`me.reload();`
			`},`
			`},`
			`}).show();`
			`},`

gui: user: fix #2898 add dialog to set password Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com> 2020-08-03 11:56:25 +02:00			`setPassword: function() {`
			`let me = this;`
			`let view = me.getView();`
			`let selection = view.getSelection();`

			`if (selection.length < 1) return;`

			`Ext.create('PBS.window.UserPassword', {`
			`url: '/api2/extjs/access/users/' + selection[0].data.userid,`
			`}).show();`
			`},`

gui: add permissions button to user view Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-10-21 09:42:56 +02:00			`showPermissions: function() {`
			`let me = this;`
			`let view = me.getView();`
			`let selection = view.getSelection();`

			`if (selection.length < 1) return;`

			`Ext.create('Proxmox.PermissionView', {`
			`auth_id: selection[0].data.userid,`
api: replace auth_id with auth-id in parameters, and fix up the completion for the ACL update parameter. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-10-30 15:18:41 +01:00			`auth_id_name: 'auth-id',`
gui: add permissions button to user view Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-10-21 09:42:56 +02:00			`}).show();`
			`},`

ui: UserView: render name as 'Firstname Lastname' instead of only the firstname Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-11-11 13:34:14 +01:00			`renderName: function(val, cell, rec) {`
			`let name = [];`
			`if (rec.data.firstname) {`
			`name.push(rec.data.firstname);`
			`}`
			`if (rec.data.lastname) {`
			`name.push(rec.data.lastname);`
			`}`
			`return name.join(' ');`
			`},`

ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`renderUsername: function(userid) {`
			`return Ext.String.htmlEncode(userid.match(/^(.+)@([^@]+)$/)[1]);`
			`},`

			`renderRealm: function(userid) {`
			`return Ext.String.htmlEncode(userid.match(/^(.+)@([^@]+)$/)[2]);`
			`},`

			`reload: function() { this.getView().getStore().rstore.load(); },`
ui: add missing monStoreErrors to actually show api errors on the list call Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-26 12:23:26 +02:00
			`init: function(view) {`
			`Proxmox.Utils.monStoreErrors(view, view.getStore().rstore);`
			`},`
ui: add missing unlockTfa handler Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Reviewed-by: Dominik Csapak <d.csapak@proxmox.com> Tested-by: Dominik Csapak <d.csapak@proxmox.com> 2023-06-27 12:04:51 +02:00
			`unlockTfa: function(btn, event, rec) {`
			`let me = this;`
			`let view = me.getView();`
			`Ext.Msg.confirm(`
			`Ext.String.format(gettext('Unlock TFA authentication for {0}'), rec.data.userid),`
			`gettext("Locked 2nd factors can happen if the user's password was leaked. Are you sure you want to unlock the user?"),`
			`function(btn_response) {`
			`if (btn_response === 'yes') {`
			`Proxmox.Utils.API2Request({`
			url: `/access/users/${rec.data.userid}/unlock-tfa`,
			`waitMsgTarget: view,`
			`method: 'PUT',`
			`failure: function(response, options) {`
			`Ext.Msg.alert(gettext('Error'), response.htmlStatus);`
			`},`
			`success: function(response, options) {`
			`me.reload();`
			`},`
			`});`
			`}`
			`},`
			`);`
			`},`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`},`

			`listeners: {`
			`activate: 'reload',`
			`itemdblclick: 'editUser',`
			`},`

			`store: {`
			`type: 'diff',`
			`autoDestroy: true,`
			`autoDestroyRstore: true,`
			`sorters: 'userid',`
			`rstore: {`
			`type: 'update',`
			`storeid: 'pmx-users',`
			`model: 'pmx-users',`
			`autoStart: true,`
			`interval: 5000,`
			`},`
			`},`

			`tbar: [`
			`{`
			`xtype: 'proxmoxButton',`
			`text: gettext('Add'),`
			`handler: 'addUser',`
			`selModel: false,`
			`},`
ui: access: stream line add/edit/.. button order and separators Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2021-01-18 09:33:29 +01:00			`'-',`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`{`
			`xtype: 'proxmoxButton',`
			`text: gettext('Edit'),`
			`handler: 'editUser',`
			`disabled: true,`
			`},`
			`{`
			`xtype: 'proxmoxStdRemoveButton',`
			`baseurl: '/access/users/',`
			`enableFn: (rec) => rec.data.userid !== 'root@pam',`
ui: add missing uri encoding in user edit and view userid parameter needs to be properly encoded when shown on the browser Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> Reviewed-by: Dominik Csapak <d.csapak@proxmox.com> 2021-01-19 14:33:23 +01:00			`getUrl: (rec) =>`
			`/access/users/${encodeURIComponent(rec.getId())}`,
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`callback: 'reload',`
			`},`
ui: access: stream line add/edit/.. button order and separators Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2021-01-18 09:33:29 +01:00			`'-',`
			`{`
			`xtype: 'proxmoxButton',`
			`text: gettext('Change Password'),`
			`handler: 'setPassword',`
			`disabled: true,`
			`},`
gui: add permissions button to user view Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-10-21 09:42:56 +02:00			`{`
			`xtype: 'proxmoxButton',`
ui: access: stream line add/edit/.. button order and separators Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2021-01-18 09:33:29 +01:00			`text: gettext('Show Permissions'),`
gui: add permissions button to user view Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-10-21 09:42:56 +02:00			`handler: 'showPermissions',`
			`disabled: true,`
			`},`
ui: add TFA lock status and unlock button Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2023-06-23 14:44:04 +02:00			`'-',`
			`{`
			`xtype: 'proxmoxButton',`
			`text: gettext('Unlock TFA'),`
			`handler: 'unlockTfa',`
ui: user view: fix eslint error Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2023-06-26 19:55:52 +02:00			`enableFn: ({ data }) =>`
			`data['totp-locked'] \|\| (data['tfa-locked-until'] > (new Date().getTime() / 1000)),`
ui: add TFA lock status and unlock button Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2023-06-23 14:44:04 +02:00			`},`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`],`

			`viewConfig: {`
			`trackOver: false,`
			`},`

			`columns: [`
			`{`
			`header: gettext('User name'),`
			`width: 200,`
			`sortable: true,`
			`renderer: 'renderUsername',`
			`dataIndex: 'userid',`
			`},`
			`{`
			`header: gettext('Realm'),`
			`width: 100,`
			`sortable: true,`
			`renderer: 'renderRealm',`
			`dataIndex: 'userid',`
			`},`
			`{`
			`header: gettext('Enabled'),`
			`width: 80,`
			`sortable: true,`
			`renderer: Proxmox.Utils.format_boolean,`
			`dataIndex: 'enable',`
			`},`
			`{`
			`header: gettext('Expire'),`
			`width: 80,`
			`sortable: true,`
			`renderer: Proxmox.Utils.format_expire,`
			`dataIndex: 'expire',`
			`},`
			`{`
			`header: gettext('Name'),`
			`width: 150,`
			`sortable: true,`
			`dataIndex: 'firstname',`
ui: UserView: render name as 'Firstname Lastname' instead of only the firstname Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-11-11 13:34:14 +01:00			`renderer: 'renderName',`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`},`
ui: add TFA lock status and unlock button Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2023-06-23 14:44:04 +02:00			`{`
			`header: gettext('TFA Lock'),`
			`width: 120,`
			`sortable: true,`
			`dataIndex: 'totp-locked',`
			`renderer: function(v, metaData, record) {`
			`let locked_until = record.data['tfa-locked-until'];`
			`if (locked_until !== undefined) {`
			`let now = new Date().getTime() / 1000;`
			`if (locked_until > now) {`
			`return gettext('Locked');`
			`}`
			`}`

			`if (record.data['totp-locked']) {`
			`return gettext('TOTP Locked');`
			`}`

			`return Proxmox.Utils.noText;`
			`},`
			`},`
ui: add UserManagement panel to add/edit users Signed-off-by: Dominik Csapak <d.csapak@proxmox.com> 2020-05-18 14:18:38 +02:00			`{`
			`header: gettext('Comment'),`
			`sortable: false,`
			`renderer: Ext.String.htmlEncode,`
			`dataIndex: 'comment',`
			`flex: 1,`
			`},`
			`],`
			`});`