netmaker/logic/pro/proacls/nodes.go

package proacls

import (
	"github.com/gravitl/netmaker/logic/acls"
	"github.com/gravitl/netmaker/logic/acls/nodeacls"
	"github.com/gravitl/netmaker/models"
)

// AdjustNodeAcls - adjusts ACLs based on a node's default value
func AdjustNodeAcls(node *models.Node, networkNodes []models.Node) error {
	networkID := nodeacls.NetworkID(node.Network)
	nodeID := nodeacls.NodeID(node.ID.String())
	currentACLs, err := nodeacls.FetchAllACLs(networkID)
	if err != nil {
		return err
	}

	for i := range networkNodes {
		currentNodeID := nodeacls.NodeID(networkNodes[i].ID.String())
		if currentNodeID == nodeID {
			continue
		}
		// 2 cases
		// both allow - allow
		// either 1 denies - deny
		if node.DoesACLDeny() || networkNodes[i].DoesACLDeny() {
			currentACLs.ChangeAccess(acls.AclID(nodeID), acls.AclID(currentNodeID), acls.NotAllowed)
		} else if node.DoesACLAllow() || networkNodes[i].DoesACLAllow() {
			currentACLs.ChangeAccess(acls.AclID(nodeID), acls.AclID(currentNodeID), acls.Allowed)
		}
	}

	_, err = currentACLs.Save(acls.ContainerID(node.Network))
	return err
}
initial commit 2022-09-14 03:25:56 +08:00			`package proacls`

			`import (`
			`"github.com/gravitl/netmaker/logic/acls"`
			`"github.com/gravitl/netmaker/logic/acls/nodeacls"`
			`"github.com/gravitl/netmaker/models"`
			`)`

			`// AdjustNodeAcls - adjusts ACLs based on a node's default value`
refactor join also removes server node suspect there may be issues with proxy and UI interactions with nodes 2022-12-21 04:29:09 +08:00			`func AdjustNodeAcls(node *models.Node, networkNodes []models.Node) error {`
initial commit 2022-09-14 03:25:56 +08:00			`networkID := nodeacls.NetworkID(node.Network)`
refactor join also removes server node suspect there may be issues with proxy and UI interactions with nodes 2022-12-21 04:29:09 +08:00			`nodeID := nodeacls.NodeID(node.ID.String())`
initial commit 2022-09-14 03:25:56 +08:00			`currentACLs, err := nodeacls.FetchAllACLs(networkID)`
			`if err != nil {`
			`return err`
			`}`

			`for i := range networkNodes {`
refactor join also removes server node suspect there may be issues with proxy and UI interactions with nodes 2022-12-21 04:29:09 +08:00			`currentNodeID := nodeacls.NodeID(networkNodes[i].ID.String())`
initial commit 2022-09-14 03:25:56 +08:00			`if currentNodeID == nodeID {`
			`continue`
			`}`
			`// 2 cases`
			`// both allow - allow`
			`// either 1 denies - deny`
fixed default node acl logic 2022-09-17 02:09:04 +08:00			`if node.DoesACLDeny() \|\| networkNodes[i].DoesACLDeny() {`
initial commit 2022-09-14 03:25:56 +08:00			`currentACLs.ChangeAccess(acls.AclID(nodeID), acls.AclID(currentNodeID), acls.NotAllowed)`
fixed default node acl logic 2022-09-17 02:09:04 +08:00			`} else if node.DoesACLAllow() \|\| networkNodes[i].DoesACLAllow() {`
			`currentACLs.ChangeAccess(acls.AclID(nodeID), acls.AclID(currentNodeID), acls.Allowed)`
initial commit 2022-09-14 03:25:56 +08:00			`}`
			`}`

			`_, err = currentACLs.Save(acls.ContainerID(node.Network))`
			`return err`
			`}`