[pve-devel] [PATCH manager v3] ui: fw: Close #2815: Add warning if fw is disabled

Dominic Jäger d.jaeger at proxmox.com
Fri Jul 24 10:54:25 CEST 2020


Currently people add firewall rules but forget to activate the firewall on
guest level. This commit adds a warning to the top bar of the firewall panel to
make them aware of this if necessary.

The existence of a rule alone should not yet trigger the warning. Only if it is
enabled but the whole firewall for that level is not.

Signed-off-by: Dominic Jäger <d.jaeger at proxmox.com>
---
v2->v3:
    - rebased
    - squashed both commits to make review easier
    - one whitespace error

 www/manager6/grid/FirewallRules.js | 43 ++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

diff --git a/www/manager6/grid/FirewallRules.js b/www/manager6/grid/FirewallRules.js
index ec2d1c84..9a9dd286 100644
--- a/www/manager6/grid/FirewallRules.js
+++ b/www/manager6/grid/FirewallRules.js
@@ -483,8 +483,26 @@ Ext.define('PVE.FirewallRules', {
 	    throw "no list_refs_url specified";
 	}
 
+	let checkWarning = function () {
+	    Proxmox.Utils.API2Request({
+		url: me.base_url.replace('rules', 'options'),
+		method: 'GET',
+		failure: function (response) {
+		    Ext.Msg.alert(gettext('Error'), response.htmlStatus);
+		},
+		success: function (response) {
+		    let warningRequired = !response.result.data.enable
+			&& me.store.findExact('enable', true) >= 0;
+		    me.down('displayfield[name=fw-warning]').setVisible(warningRequired)
+		},
+	    });
+	};
+
 	var store = Ext.create('Ext.data.Store',{
-	    model: 'pve-fw-rule'
+	    model: 'pve-fw-rule',
+	    listeners: {
+		    'load': checkWarning,
+	    },
 	});
 
 	var reload = function() {
@@ -606,12 +624,33 @@ Ext.define('PVE.FirewallRules', {
 	    }
 	});
 
+	let getLevel = (id) => {
+	    let invalid = 'this';
+	    let level = /root/.test(id) ? 'datacenter'
+		: /node/.test(id) ? 'node'
+		: /qemu/.test(id) ? 'VM'
+		: /lxc/.test(id) ? 'container'
+		: invalid;
+	    if (level === invalid) { console.warn(`Finding level failed for ${id}`)};
+	    return level;
+	};
+	me.warningField = Ext.create('Ext.form.field.Display',{
+	    xtype: 'displayfield',
+	    userCls: 'pmx-hint',
+	    name: 'fw-warning',
+	    margin: 'auto 0 0 0', // Avoid field randomly sticking at top
+	    value: gettext(`Warning: Firewall still disabled at `
+		+ `${getLevel(me.pveSelNode.id)} level! `
+		+ `This can be changed in Firewall->Options.`),
+	    hidden: true,
+	});
+
 	var tbar = me.tbar_prefix ? [ me.tbar_prefix ] : [];
 	tbar.push(me.addBtn, me.copyBtn);
 	if (me.groupBtn) {
 	    tbar.push(me.groupBtn);
 	}
-	tbar.push(me.removeBtn, me.editBtn);
+	tbar.push(me.removeBtn, me.editBtn, me.warningField);
 
 	var render_errors = function(name, value, metaData, record) {
 	    var errors = record.data.errors;
-- 
2.20.1





More information about the pve-devel mailing list