From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <m.heiserer@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 914E6C5FD
 for <pbs-devel@lists.proxmox.com>; Mon, 11 Apr 2022 12:20:26 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 854F2309B
 for <pbs-devel@lists.proxmox.com>; Mon, 11 Apr 2022 12:20:26 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 8CDF53090
 for <pbs-devel@lists.proxmox.com>; Mon, 11 Apr 2022 12:20:25 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 5EAB740854
 for <pbs-devel@lists.proxmox.com>; Mon, 11 Apr 2022 12:20:25 +0200 (CEST)
Message-ID: <23048c05-c2bc-19f1-e110-fc8772bc79a7@proxmox.com>
Date: Mon, 11 Apr 2022 12:20:24 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.7.0
Content-Language: en-US
To: Thomas Lamprecht <t.lamprecht@proxmox.com>,
 Proxmox Backup Server development discussion <pbs-devel@lists.proxmox.com>
References: <20220323130111.2552347-1-m.heiserer@proxmox.com>
 <20220323130111.2552347-2-m.heiserer@proxmox.com>
 <2ec9c9fd-ee83-754b-1206-56577f487dca@proxmox.com>
From: Matthias Heiserer <m.heiserer@proxmox.com>
In-Reply-To: <2ec9c9fd-ee83-754b-1206-56577f487dca@proxmox.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 1.456 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 NICE_REPLY_A           -3.086 Looks like a legit reply (A)
 SCC_BODY_URI_ONLY       0.001 -
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: Re: [pbs-devel] [PATCH proxmox-backup 2/3] fix #3939: set default
 value in domains endpoint
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Mon, 11 Apr 2022 10:20:26 -0000

On 11.04.2022 10:12, Thomas Lamprecht wrote:
> On 23.03.22 14:01, Matthias Heiserer wrote:
>> Because the default realm is stored in node.cfg, here we have to add
>> it to the returned information.
>>
>> Signed-off-by: Matthias Heiserer <m.heiserer@proxmox.com>
>> ---
>>   src/api2/access/domain.rs | 11 +++++++++--
>>   1 file changed, 9 insertions(+), 2 deletions(-)
>>
> 
>> @@ -24,17 +24,19 @@ use pbs_api_types::BasicRealmInfo;
>>   /// Authentication domain/realm index.
>>   fn list_domains(mut rpcenv: &mut dyn RpcEnvironment) -> Result<Vec<BasicRealmInfo>, Error> {
>>       let mut list = Vec::new();
>> +    let default_realm = node::config()?.0.default_realm;
> 
> feels not ideal to pull in the node config here, if we really need to add a config
> (see my bugzilla reply asking if the requester would be OK with just making the
> realm box stateful), then I'd actually add it in the domain config as priority
> flag (allow 0 to 100, default 50) which is then used for sorting the realms and
> also for auto-selecting the highest priority + name sorted realm.
If I'm not mistaken the realm selector on the login screen is already 
stateful.
Sorting sounds interesting, but how would we go about the default 
pam/pbs auth? They are not in the domains config, so i guess we have to 
add them there.
> 
> Same level of complexity in terms of what we need to safe (one new struct member),
> but avoids the need to always load+parse an extra config and also more features we
> can use it for.
> 
> Please note also that we'd like to have feature parity for the stuff that exists
> in PVE or PMG too.
Not sure I understand the point on feature parity. You mean that the 
default realm should be set in the realms view?