Use global routes for single-resource operations, keep project-scoped routes for lists/creates

Migrate handlers, frontend endpoints, hooks, pages, and tests to the hybrid
routing scheme where GET/DELETE/action on individual resources use global paths
(e.g. /vms/{id}) while list and create operations remain under /projects/{id}/.

Author: MalteJ

Cargo.lock

@@ -53,6 +53,6 @@ tonic-build = "0.12"
 
 [dev-dependencies]
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "signal", "sync", "time"] }
-reqwest = { version = "0.12", features = ["json"] }
+reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] }
 tokio-test = "0.4"
 portpicker = "0.1"

mvirt-api/Cargo.toml

@@ -229,6 +229,39 @@ impl ApiAuditLogger {
     }
 
     // Template events
+    // Security group events
+    pub fn security_group_created(&self, sg_id: &str, sg_name: &str) {
+        self.log_async(
+            LogLevel::Audit,
+            format!("Security group created: {} ({})", sg_name, sg_id),
+            vec![sg_id.to_string()],
+        );
+    }
+
+    pub fn security_group_deleted(&self, sg_id: &str) {
+        self.log_async(
+            LogLevel::Audit,
+            format!("Security group deleted: {}", sg_id),
+            vec![sg_id.to_string()],
+        );
+    }
+
+    pub fn security_group_rule_created(&self, sg_id: &str) {
+        self.log_async(
+            LogLevel::Audit,
+            format!("Security group rule created on: {}", sg_id),
+            vec![sg_id.to_string()],
+        );
+    }
+
+    pub fn security_group_rule_deleted(&self, sg_id: &str, rule_id: &str) {
+        self.log_async(
+            LogLevel::Audit,
+            format!("Security group rule {} deleted from: {}", rule_id, sg_id),
+            vec![sg_id.to_string()],
+        );
+    }
+
     pub fn template_import_started(&self, job_id: &str) {
         self.log_async(
             LogLevel::Audit,