From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 6E4EA1FF17A for ; Tue, 9 Dec 2025 17:45:24 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id CC7559192; Tue, 9 Dec 2025 17:46:03 +0100 (CET) Message-ID: Date: Tue, 9 Dec 2025 17:45:28 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Lukas Wagner , Proxmox Datacenter Manager development discussion References: <20251205152543.91431-1-h.laimer@proxmox.com> Content-Language: en-US From: Hannes Laimer In-Reply-To: X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1765298722760 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.054 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox.com] Subject: Re: [pdm-devel] [RFC proxmox{, -datacenter-manager, -yew-comp} 0/8] make security groups expandable in firewall rules list X-BeenThere: pdm-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Datacenter Manager development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Datacenter Manager development discussion Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: pdm-devel-bounces@lists.proxmox.com Sender: "pdm-devel" Thanks for the feedback! some comments inline On 12/9/25 16:23, Lukas Wagner wrote: > On Fri Dec 5, 2025 at 4:25 PM CET, Hannes Laimer wrote: >> This contains some rough edges, mostly UI wise, but I'd like to get some >> feedback on if we like this approach. Currently we don't really >> know what a security group actually contains, in the list currently it's >> a bit of a black box what a group actually does. Finding out what rules it >> contains is a little cumbersome. This should make that easier. It seemed >> like a good place too, I considerd an extra tab maybe. But especially >> for read-only I think this is better. > > Yeah, I think approach could work. But I'd also be interested what other > think. > > If we ever change the view so that rules are editable, I guess we could > keep it as is, but should probably keep the rules from the group > read-only in their expanded form. To edit the actual rules of the group, > some other form of UI would be good, maybe like you suggested, in a > separate tab on the 'Datacenter'/'Remote' level. Since rules in groups are just rules so technically editing isn't a problem, but yes, might be a little confusing cause it would edit the rule for all instances where the group is used... maybe some "reduced editing" could also make sense, maybe just order and on/off, but that's a not relevant for this > If we go this route, the 'expanded' rules could maybe use some form of > visual distinction from the rest, to avoid confusion about their > read-only status. > yes, will add that for v2. > Regarding the UI, I'd maybe put the caret into a separate column; the > discontinued numbering seems a bit odd to me. Alternatively, the caret > could stay in the same column, but the group keeps its numbering, e.g. > like this > > 1 ..... > 2 ..... >> 3 ..... > 4 ..... > > expanded it could maybe look like > > > 1 ..... > 2 ..... > v 3 ..... > 3.1 ..... > 3.2 ..... > 4 ..... > I like this! > But that's just some idea; maybe somebody has some other input here. > >> >> This also contains a renaming, mostly cause I had it in the same repo >> already. If wanted, I can split that and send it separately. The >> pve-api.json patch contains changes from [1]. >> >> [1] https://lore.proxmox.com/pve-devel/20251128145846.328173-1-h.laimer@proxmox.com/T/#u >> > > > Tested-by: Lukas Wagner > > UI code was only skimmed, but I couldn't really find anything to > complain about: > > Reviewed-by: Lukas Wagner _______________________________________________ pdm-devel mailing list pdm-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel