[pve-devel] [PATCH v4 manager] 1145 Warn if datacenter firewall is disabled

Mon Mar 4 11:26:54 CET 2019

This looks cleaner now, nice!
Some minor things inline.

> Christian Ebner <c.ebner at proxmox.com> hat am 4. März 2019 um 10:29 geschrieben:
> 
> 
> This warns the user that the datacenter firewall is disabled when editing the
> host or the VM/CT firewall status.
> 
> Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
> ---
> 
> Version 4:
>     * Code refactored to be more declarative as suggested
>     * Removed warning about pve-firewall service not running
>     * Fixed logic of checkbox being checked/unchecked
> 
>  www/manager6/Makefile                   |  1 +
>  www/manager6/grid/FirewallEnableEdit.js | 52 +++++++++++++++++++++++++++++++++
>  www/manager6/grid/FirewallOptions.js    | 25 ++++++++++++++--
>  3 files changed, 75 insertions(+), 3 deletions(-)
>  create mode 100644 www/manager6/grid/FirewallEnableEdit.js
> 
> diff --git a/www/manager6/Makefile b/www/manager6/Makefile
> index e75f0de6..951242d4 100644
> --- a/www/manager6/Makefile
> +++ b/www/manager6/Makefile
> @@ -89,6 +89,7 @@ JSSRC= 				                 	\
>  	grid/FirewallRules.js				\
>  	grid/FirewallAliases.js				\
>  	grid/FirewallOptions.js				\
> +	grid/FirewallEnableEdit.js		    	\
>  	tree/ResourceTree.js				\
>  	panel/IPSet.js					\
>  	panel/ConfigPanel.js				\
> diff --git a/www/manager6/grid/FirewallEnableEdit.js b/www/manager6/grid/FirewallEnableEdit.js
> new file mode 100644
> index 00000000..ff73f948
> --- /dev/null
> +++ b/www/manager6/grid/FirewallEnableEdit.js
> @@ -0,0 +1,52 @@
> +Ext.define('PVE.FirewallEnableEdit', {
> +    extend: 'Proxmox.window.Edit',
> +    alias: ['widget.pveFirewallEnableEdit'],
> +
> +    subject: gettext('Firewall'),
> +    fieldDefaults: {
> +	labelWidth: 100
> +    },
> +

Is this still necessary, you set the labelwidth in the descendant anyway?

> +    items: [
> +	{
> +	    xtype: 'proxmoxcheckbox',
> +	    name: 'enable',
> +	    itemId: 'enablecheckbox',
> +	    uncheckedValue: 0,
> +	    defaultValue: 0,
> +	    checked: false,
> +	    deleteDefaultValue: false,
> +	    labelWidth: 120,
> +	    fieldLabel: gettext('Firewall')
> +	},
> +	{
> +	    xtype: 'displayfield',
> +	    name: 'warning',
> +	    itemId: 'warning',
> +	    userCls: 'pve-hint',
> +	    value: 'Warning! Firewall disabled at datacenter level!',

Maybe we want to translate it?

> +	    hidden: true
> +	}
> +    ],
> +
> +    beforeShow: function() {
> +	var me = this;
> +
> +	var checkbox = me.down('#enablecheckbox');
> +	checkbox.defaultValue = me.defaultValue;
> +	checkbox.checked = me.defaultValue ? true : false;
> +
> +	Proxmox.Utils.API2Request({
> +	    url: '/api2/extjs/cluster/firewall/options',
> +	    method: 'GET',
> +	    failure: function(response, opts) {
> +		Ext.Msg.alert(gettext('Error'), response.htmlStatus);
> +	    },
> +	    success: function(response, opts) {
> +		if (!response.result.data.enable) {
> +		    me.down('#warning').setVisible(true);
> +		}
> +	    }
> +	});
> +    }
> +});
> diff --git a/www/manager6/grid/FirewallOptions.js b/www/manager6/grid/FirewallOptions.js
> index cddbdbbf..bb83742f 100644
> --- a/www/manager6/grid/FirewallOptions.js
> +++ b/www/manager6/grid/FirewallOptions.js
> @@ -64,9 +64,18 @@ Ext.define('PVE.FirewallOptions', {
>  	    };
>  	};
>  
> -
>  	if (me.fwtype === 'node') {
> -	    add_boolean_row('enable', gettext('Firewall'), 1);
> +	    me.rows.enable = {
> +		required: true,
> +		defaultValue: 1,
> +		header: gettext('Firewall'),
> +		renderer: Proxmox.Utils.format_boolean,
> +		editor: {
> +		    xtype: 'pveFirewallEnableEdit',
> +		    fwtype: me.fwtype,
> +		    defaultValue: 1
> +		}
> +	    };

Is fwtype used in the child component?

>  	    add_boolean_row('nosmurfs', gettext('SMURFS filter'), 1);
>  	    add_boolean_row('tcpflags', gettext('TCP flags filter'), 0);
>  	    add_boolean_row('ndp', 'NDP', 1);
> @@ -78,7 +87,17 @@ Ext.define('PVE.FirewallOptions', {
>  	    add_log_row('tcp_flags_log_level', 120);
>  	    add_log_row('smurf_log_level');
>  	} else if (me.fwtype === 'vm') {
> -	    add_boolean_row('enable', gettext('Firewall'), 0);
> +	    me.rows.enable = {
> +		required: true,
> +		defaultValue: 0,
> +		header: gettext('Firewall'),
> +		renderer: Proxmox.Utils.format_boolean,
> +		editor: {
> +		    xtype: 'pveFirewallEnableEdit',
> +		    fwtype: me.fwtype,
> +		    defaultValue: 0
> +		}
> +	    };
>  	    add_boolean_row('dhcp', 'DHCP', 1);
>  	    add_boolean_row('ndp', 'NDP', 1);
>  	    add_boolean_row('radv', gettext('Router Advertisement'), 0);
> -- 
> 2.11.0
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel