Re: [pdm-devel] [RFC proxmox{, -datacenter-manager, -yew-comp} 0/8] make security groups expandable in firewall rules list

From: "Lukas Wagner" <l.wagner@proxmox.com>
To: "Proxmox Datacenter Manager development discussion"
	<pdm-devel@lists.proxmox.com>,
	"Hannes Laimer" <h.laimer@proxmox.com>
Subject: Re: [pdm-devel] [RFC proxmox{, -datacenter-manager, -yew-comp} 0/8] make security groups expandable in firewall rules list
Date: Tue, 09 Dec 2025 16:23:59 +0100	[thread overview]
Message-ID: <DETSFU51BOKO.2JJS3I3SNMNED@proxmox.com> (raw)
In-Reply-To: <20251205152543.91431-1-h.laimer@proxmox.com>

On Fri Dec 5, 2025 at 4:25 PM CET, Hannes Laimer wrote:
> This contains some rough edges, mostly UI wise, but I'd like to get some
> feedback on if we like this approach. Currently we don't really
> know what a security group actually contains, in the list currently it's
> a bit of a black box what a group actually does. Finding out what rules it
> contains is a little cumbersome. This should make that easier. It seemed
> like a good place too, I considerd an extra tab maybe. But especially
> for read-only I think this is better.

Yeah, I think approach could work. But I'd also be interested what other
think.

If we ever change the view so that rules are editable, I guess we could
keep it as is, but should probably keep the rules from the group
read-only in their expanded form. To edit the actual rules of the group,
some other form of UI would be good, maybe like you suggested, in a
separate tab on the 'Datacenter'/'Remote' level.
If we go this route, the 'expanded' rules could maybe use some form of
visual distinction from the rest, to avoid confusion about their
read-only status.

Regarding the UI, I'd maybe put the caret into a separate column; the
discontinued numbering seems a bit odd to me. Alternatively, the caret
could stay in the same column, but the group keeps its numbering, e.g.
like this

  1     .....
  2     .....
> 3     .....
  4     .....

expanded it could maybe look like

  1     .....
  2     .....
v 3     .....
   3.1  .....
   3.2  .....
  4     .....

But that's just some idea; maybe somebody has some other input here.

>
> This also contains a renaming, mostly cause I had it in the same repo
> already. If wanted, I can split that and send it separately. The
> pve-api.json patch contains changes from [1].
>
> [1] https://lore.proxmox.com/pve-devel/20251128145846.328173-1-h.laimer@proxmox.com/T/#u
>

Tested-by: Lukas Wagner <l.wagner@proxmox.com>

UI code was only skimmed, but I couldn't really find anything to
complain about:

Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>

_______________________________________________
pdm-devel mailing list
pdm-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pdm-devel