2021-03-26 00:17:52 +08:00
|
|
|
package controller
|
|
|
|
|
|
|
|
|
|
import (
|
2021-04-16 02:48:10 +08:00
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
2022-04-23 04:01:58 +08:00
|
|
|
"fmt"
|
2021-04-16 02:48:10 +08:00
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
2021-08-10 03:32:04 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
"github.com/gorilla/mux"
|
2021-07-22 06:55:19 +08:00
|
|
|
"github.com/gravitl/netmaker/database"
|
2021-12-07 04:31:08 +08:00
|
|
|
"github.com/gravitl/netmaker/logger"
|
2021-10-06 03:02:09 +08:00
|
|
|
"github.com/gravitl/netmaker/logic"
|
2022-02-26 05:28:58 +08:00
|
|
|
"github.com/gravitl/netmaker/logic/acls"
|
2021-04-16 02:48:10 +08:00
|
|
|
"github.com/gravitl/netmaker/models"
|
2022-02-21 00:12:51 +08:00
|
|
|
"github.com/gravitl/netmaker/mq"
|
2021-05-09 22:52:42 +08:00
|
|
|
"github.com/gravitl/netmaker/servercfg"
|
2021-03-26 00:17:52 +08:00
|
|
|
)
|
|
|
|
|
|
2022-02-15 00:01:33 +08:00
|
|
|
// ALL_NETWORK_ACCESS - represents all networks
|
2021-07-15 04:47:05 +08:00
|
|
|
const ALL_NETWORK_ACCESS = "THIS_USER_HAS_ALL"
|
2022-02-15 00:01:33 +08:00
|
|
|
|
|
|
|
|
// NO_NETWORKS_PRESENT - represents no networks
|
2021-07-15 04:47:05 +08:00
|
|
|
const NO_NETWORKS_PRESENT = "THIS_USER_HAS_NONE"
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
func networkHandlers(r *mux.Router) {
|
2021-07-15 04:47:05 +08:00
|
|
|
r.HandleFunc("/api/networks", securityCheck(false, http.HandlerFunc(getNetworks))).Methods("GET")
|
2021-07-03 11:25:36 +08:00
|
|
|
r.HandleFunc("/api/networks", securityCheck(true, http.HandlerFunc(createNetwork))).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(false, http.HandlerFunc(getNetwork))).Methods("GET")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(false, http.HandlerFunc(updateNetwork))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/nodelimit", securityCheck(true, http.HandlerFunc(updateNetworkNodeLimit))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(true, http.HandlerFunc(deleteNetwork))).Methods("DELETE")
|
2022-02-22 04:38:46 +08:00
|
|
|
r.HandleFunc("/api/networks/{networkname}/keyupdate", securityCheck(true, http.HandlerFunc(keyUpdate))).Methods("POST")
|
2021-07-03 11:25:36 +08:00
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys", securityCheck(false, http.HandlerFunc(createAccessKey))).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys", securityCheck(false, http.HandlerFunc(getAccessKeys))).Methods("GET")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys/{name}", securityCheck(false, http.HandlerFunc(deleteAccessKey))).Methods("DELETE")
|
2022-03-04 23:46:46 +08:00
|
|
|
// ACLs
|
2022-02-26 05:28:58 +08:00
|
|
|
r.HandleFunc("/api/networks/{networkname}/acls", securityCheck(true, http.HandlerFunc(updateNetworkACL))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/acls", securityCheck(true, http.HandlerFunc(getNetworkACL))).Methods("GET")
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2022-09-03 04:42:51 +08:00
|
|
|
// swagger:route GET /api/networks networks getNetworks
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Lists all networks.
|
2022-09-03 04:42:51 +08:00
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: getNetworksSliceResponse
|
2021-04-13 12:42:35 +08:00
|
|
|
func getNetworks(w http.ResponseWriter, r *http.Request) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
headerNetworks := r.Header.Get("networks")
|
|
|
|
|
networksSlice := []string{}
|
|
|
|
|
marshalErr := json.Unmarshal([]byte(headerNetworks), &networksSlice)
|
|
|
|
|
if marshalErr != nil {
|
2022-07-13 14:01:25 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "error unmarshalling networks: ",
|
2022-07-12 22:50:32 +08:00
|
|
|
marshalErr.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(marshalErr, "badrequest"))
|
2021-04-13 11:19:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
allnetworks := []models.Network{}
|
2022-02-19 07:26:20 +08:00
|
|
|
var err error
|
2021-07-15 04:47:05 +08:00
|
|
|
if networksSlice[0] == ALL_NETWORK_ACCESS {
|
2021-10-27 00:27:29 +08:00
|
|
|
allnetworks, err = logic.GetNetworks()
|
2021-09-28 05:51:20 +08:00
|
|
|
if err != nil && !database.IsEmptyRecord(err) {
|
2022-07-13 14:01:25 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to fetch networks: ", err.Error())
|
2021-07-15 04:47:05 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
for _, network := range networksSlice {
|
2021-10-27 00:27:29 +08:00
|
|
|
netObject, parentErr := logic.GetParentNetwork(network)
|
2021-07-15 04:47:05 +08:00
|
|
|
if parentErr == nil {
|
2022-02-19 08:47:20 +08:00
|
|
|
allnetworks = append(allnetworks, netObject)
|
2021-07-15 04:47:05 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-11-17 01:20:48 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
|
|
|
|
for i, net := range allnetworks {
|
|
|
|
|
net.AccessKeys = logic.RemoveKeySensitiveInfo(net.AccessKeys)
|
|
|
|
|
allnetworks[i] = net
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-21 22:05:41 +08:00
|
|
|
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(2, r.Header.Get("user"), "fetched networks.")
|
2021-05-30 23:26:10 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2022-02-21 22:05:41 +08:00
|
|
|
json.NewEncoder(w).Encode(allnetworks)
|
2021-05-30 23:26:10 +08:00
|
|
|
}
|
|
|
|
|
|
2022-09-11 12:51:59 +08:00
|
|
|
// swagger:route GET /api/networks/{networkname} networks getNetwork
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Get a network.
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: networkBodyResponse
|
2021-04-13 12:42:35 +08:00
|
|
|
func getNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
// set header.
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
2021-12-08 01:46:55 +08:00
|
|
|
network, err := logic.GetNetwork(netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), fmt.Sprintf("failed to fetch network [%s] info: %v",
|
|
|
|
|
netname, err))
|
2021-05-01 19:57:49 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-17 01:20:48 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
|
|
|
|
network.AccessKeys = logic.RemoveKeySensitiveInfo(network.AccessKeys)
|
|
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(2, r.Header.Get("user"), "fetched network", netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route POST /api/networks/{networkname}/keyupdate networks keyUpdate
|
|
|
|
|
//
|
|
|
|
|
// Update keys for a network.
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: networkBodyResponse
|
2021-04-06 06:09:21 +08:00
|
|
|
func keyUpdate(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
2021-12-08 01:46:55 +08:00
|
|
|
network, err := logic.KeyUpdate(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), fmt.Sprintf("failed to update keys for network [%s]: %v",
|
|
|
|
|
netname, err))
|
2021-04-16 02:48:10 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
2021-04-13 11:19:01 +08:00
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(2, r.Header.Get("user"), "updated key on network", netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
2022-02-05 00:40:29 +08:00
|
|
|
nodes, err := logic.GetNetworkNodes(netname)
|
|
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, "failed to retrieve network nodes for network", netname, err.Error())
|
2022-02-05 00:40:29 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
for _, node := range nodes {
|
2022-02-22 04:38:46 +08:00
|
|
|
logger.Log(2, "updating node ", node.Name, " for a key update")
|
2022-02-21 00:12:51 +08:00
|
|
|
if node.IsServer != "yes" {
|
2022-02-22 04:38:46 +08:00
|
|
|
if err = mq.NodeUpdate(&node); err != nil {
|
|
|
|
|
logger.Log(1, "failed to send update to node during a network wide key update", node.Name, node.ID, err.Error())
|
|
|
|
|
}
|
2022-02-21 00:12:51 +08:00
|
|
|
}
|
2022-02-05 00:40:29 +08:00
|
|
|
}
|
2021-05-01 19:57:49 +08:00
|
|
|
}
|
2021-04-13 11:19:01 +08:00
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route PUT /api/networks/{networkname} networks updateNetwork
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Update a network.
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: networkBodyResponse
|
2021-04-13 12:42:35 +08:00
|
|
|
func updateNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var network models.Network
|
2021-07-15 04:47:05 +08:00
|
|
|
netname := params["networkname"]
|
2022-02-19 07:26:20 +08:00
|
|
|
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to get network info: ",
|
|
|
|
|
err.Error())
|
2021-04-16 02:48:10 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-24 06:24:34 +08:00
|
|
|
var newNetwork models.Network
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&newNetwork)
|
2021-04-16 20:02:12 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
|
|
|
|
|
err.Error())
|
2021-04-16 20:02:12 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-23 22:47:49 +08:00
|
|
|
|
2022-01-06 02:41:11 +08:00
|
|
|
if !servercfg.GetRce() {
|
|
|
|
|
newNetwork.DefaultPostDown = network.DefaultPostDown
|
|
|
|
|
newNetwork.DefaultPostUp = network.DefaultPostUp
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-13 07:35:46 +08:00
|
|
|
rangeupdate4, rangeupdate6, localrangeupdate, holepunchupdate, err := logic.UpdateNetwork(&network, &newNetwork)
|
2021-05-04 05:51:38 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to update network: ",
|
|
|
|
|
err.Error())
|
2021-05-04 05:51:38 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2022-05-13 07:35:46 +08:00
|
|
|
if rangeupdate4 {
|
2021-10-27 00:27:29 +08:00
|
|
|
err = logic.UpdateNetworkNodeAddresses(network.NetID)
|
2021-07-24 06:24:34 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to update network [%s] ipv4 addresses: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2021-07-24 06:24:34 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-05-13 07:35:46 +08:00
|
|
|
if rangeupdate6 {
|
|
|
|
|
err = logic.UpdateNetworkNodeAddresses6(network.NetID)
|
|
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to update network [%s] ipv6 addresses: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2022-05-13 07:35:46 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-24 06:24:34 +08:00
|
|
|
if localrangeupdate {
|
2021-10-27 00:27:29 +08:00
|
|
|
err = logic.UpdateNetworkLocalAddresses(network.NetID)
|
2021-07-24 06:24:34 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to update network [%s] local addresses: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2021-07-24 06:24:34 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-02-03 12:38:57 +08:00
|
|
|
if holepunchupdate {
|
|
|
|
|
err = logic.UpdateNetworkHolePunching(network.NetID, newNetwork.DefaultUDPHolePunch)
|
|
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to update network [%s] hole punching: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2022-02-03 12:38:57 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-05-13 07:35:46 +08:00
|
|
|
if rangeupdate4 || rangeupdate6 || localrangeupdate || holepunchupdate {
|
2022-02-03 12:38:57 +08:00
|
|
|
nodes, err := logic.GetNetworkNodes(network.NetID)
|
|
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to get network [%s] nodes: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2022-02-03 12:38:57 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
for _, node := range nodes {
|
2022-08-19 23:25:39 +08:00
|
|
|
runUpdates(&node, true)
|
2022-02-03 12:38:57 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "updated network", netname)
|
2021-05-04 05:51:38 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2021-07-24 06:24:34 +08:00
|
|
|
json.NewEncoder(w).Encode(newNetwork)
|
2021-05-04 05:51:38 +08:00
|
|
|
}
|
|
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route PUT /api/networks/{networkname}/nodelimit networks updateNetworkNodeLimit
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Update a network's node limit.
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: networkBodyResponse
|
2021-07-03 11:25:36 +08:00
|
|
|
func updateNetworkNodeLimit(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var network models.Network
|
|
|
|
|
netname := params["networkname"]
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to get network [%s] nodes: %v",
|
|
|
|
|
network.NetID, err.Error()))
|
2021-07-15 04:47:05 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
|
2021-07-24 06:24:34 +08:00
|
|
|
var networkChange models.Network
|
2021-07-15 04:47:05 +08:00
|
|
|
|
2022-07-12 22:50:32 +08:00
|
|
|
err = json.NewDecoder(r.Body).Decode(&networkChange)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
|
|
|
|
|
err.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
if networkChange.NodeLimit != 0 {
|
2021-07-22 06:55:19 +08:00
|
|
|
network.NodeLimit = networkChange.NodeLimit
|
|
|
|
|
data, err := json.Marshal(&network)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
"error marshalling resp: ", err.Error())
|
2021-07-15 04:47:05 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
database.Insert(network.NetID, string(data), database.NETWORKS_TABLE_NAME)
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "updated network node limit on", netname)
|
2021-07-15 04:47:05 +08:00
|
|
|
}
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
|
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route PUT /api/networks/{networkname}/acls networks updateNetworkACL
|
|
|
|
|
//
|
|
|
|
|
// Update a network ACL (Access Control List).
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: aclContainerResponse
|
2022-02-26 05:28:58 +08:00
|
|
|
func updateNetworkACL(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
netname := params["networkname"]
|
|
|
|
|
var networkACLChange acls.ACLContainer
|
|
|
|
|
networkACLChange, err := networkACLChange.Get(acls.ContainerID(netname))
|
|
|
|
|
if err != nil {
|
2022-07-13 18:53:37 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to fetch ACLs for network [%s]: %v", netname, err))
|
2022-02-26 05:28:58 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-07-13 18:53:37 +08:00
|
|
|
err = json.NewDecoder(r.Body).Decode(&networkACLChange)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
|
|
|
|
|
err.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-02-26 05:28:58 +08:00
|
|
|
newNetACL, err := networkACLChange.Save(acls.ContainerID(netname))
|
|
|
|
|
if err != nil {
|
2022-07-13 18:53:37 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to update ACLs for network [%s]: %v", netname, err))
|
2022-02-26 05:28:58 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-03-11 01:37:52 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "updated ACLs for network", netname)
|
|
|
|
|
|
|
|
|
|
// send peer updates
|
|
|
|
|
if servercfg.IsMessageQueueBackend() {
|
2022-03-11 03:55:25 +08:00
|
|
|
serverNode, err := logic.GetNetworkServerLocal(netname)
|
2022-03-11 01:37:52 +08:00
|
|
|
if err != nil {
|
|
|
|
|
logger.Log(1, "failed to find server node after ACL update on", netname)
|
|
|
|
|
} else {
|
2022-03-11 03:55:25 +08:00
|
|
|
if err = logic.ServerUpdate(&serverNode, false); err != nil {
|
|
|
|
|
logger.Log(1, "failed to update server node after ACL update on", netname)
|
|
|
|
|
}
|
2022-07-07 17:52:43 +08:00
|
|
|
if err = mq.PublishPeerUpdate(&serverNode, false); err != nil {
|
2022-03-11 01:37:52 +08:00
|
|
|
logger.Log(0, "failed to publish peer update after ACL update on", netname)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-26 05:28:58 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(newNetACL)
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route GET /api/networks/{networkname}/acls networks getNetworkACL
|
|
|
|
|
//
|
|
|
|
|
// Get a network ACL (Access Control List).
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: aclContainerResponse
|
2022-02-26 05:28:58 +08:00
|
|
|
func getNetworkACL(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
netname := params["networkname"]
|
|
|
|
|
var networkACL acls.ACLContainer
|
|
|
|
|
networkACL, err := networkACL.Get(acls.ContainerID(netname))
|
|
|
|
|
if err != nil {
|
2022-07-13 18:53:37 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to fetch ACLs for network [%s]: %v", netname, err))
|
2022-02-26 05:28:58 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-03-11 01:37:52 +08:00
|
|
|
logger.Log(2, r.Header.Get("user"), "fetched acl for network", netname)
|
2022-02-26 05:28:58 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(networkACL)
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route DELETE /api/networks/{networkname} networks deleteNetwork
|
|
|
|
|
//
|
|
|
|
|
// Delete a network. Will not delete if there are any nodes that belong to the network.
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: stringJSONResponse
|
2021-04-13 12:42:35 +08:00
|
|
|
func deleteNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
// Set header
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
var params = mux.Vars(r)
|
2021-05-01 11:07:25 +08:00
|
|
|
network := params["networkname"]
|
2022-02-19 07:26:20 +08:00
|
|
|
err := logic.DeleteNetwork(network)
|
2021-04-13 11:19:01 +08:00
|
|
|
if err != nil {
|
2021-05-28 22:04:07 +08:00
|
|
|
errtype := "badrequest"
|
2021-07-15 04:47:05 +08:00
|
|
|
if strings.Contains(err.Error(), "Node check failed") {
|
2021-05-28 22:04:07 +08:00
|
|
|
errtype = "forbidden"
|
|
|
|
|
}
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"),
|
|
|
|
|
fmt.Sprintf("failed to delete network [%s]: %v", network, err))
|
2021-05-28 22:04:07 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, errtype))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "deleted network", network)
|
2021-05-01 11:07:25 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2021-07-22 06:55:19 +08:00
|
|
|
json.NewEncoder(w).Encode("success")
|
2021-05-01 11:07:25 +08:00
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route POST /api/networks networks createNetwork
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Create a network.
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: networkBodyResponse
|
2021-04-13 12:42:35 +08:00
|
|
|
func createNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
var network models.Network
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
// we decode our body request params
|
2021-04-13 12:42:35 +08:00
|
|
|
err := json.NewDecoder(r.Body).Decode(&network)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
|
|
|
|
|
err.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2022-04-21 03:15:29 +08:00
|
|
|
if network.AddressRange == "" && network.AddressRange6 == "" {
|
2022-07-12 22:50:32 +08:00
|
|
|
err := errors.New("IPv4 or IPv6 CIDR required")
|
|
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
|
|
|
|
err.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2022-04-21 03:15:29 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-17 22:08:28 +08:00
|
|
|
network, err = logic.CreateNetwork(network)
|
2021-05-01 11:07:25 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
|
|
|
|
err.Error())
|
2021-05-01 11:07:25 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
|
2021-09-28 05:51:20 +08:00
|
|
|
if servercfg.IsClientMode() != "off" {
|
2022-04-22 17:21:35 +08:00
|
|
|
_, err := logic.ServerJoin(&network)
|
2022-01-18 06:44:12 +08:00
|
|
|
if err != nil {
|
2021-12-08 01:46:55 +08:00
|
|
|
logic.DeleteNetwork(network.NetID)
|
2021-09-11 03:48:18 +08:00
|
|
|
if err == nil {
|
2022-02-18 22:49:58 +08:00
|
|
|
err = errors.New("Failed to add server to network " + network.NetID)
|
2021-09-11 03:48:18 +08:00
|
|
|
}
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to create network: ",
|
|
|
|
|
err.Error())
|
2021-12-08 01:46:55 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
2021-09-11 03:48:18 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-08 01:46:55 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "created network", network.NetID)
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
2022-03-17 22:08:28 +08:00
|
|
|
json.NewEncoder(w).Encode(network)
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route POST /api/networks/{networkname}/keys networks createAccessKey
|
|
|
|
|
//
|
|
|
|
|
// Create a network access key.
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Responses:
|
|
|
|
|
// 200: accessKeyBodyResponse
|
|
|
|
|
//
|
2021-03-26 00:17:52 +08:00
|
|
|
// BEGIN KEY MANAGEMENT SECTION
|
|
|
|
|
func createAccessKey(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var accesskey models.AccessKey
|
|
|
|
|
//start here
|
2021-07-15 04:47:05 +08:00
|
|
|
netname := params["networkname"]
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to get network info: ",
|
|
|
|
|
err.Error())
|
2021-04-16 02:48:10 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&accesskey)
|
|
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "error decoding request body: ",
|
|
|
|
|
err.Error())
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-12-08 01:46:55 +08:00
|
|
|
key, err := logic.CreateAccessKey(accesskey, network)
|
2021-05-01 19:57:49 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), "failed to create access key: ",
|
|
|
|
|
err.Error())
|
2021-05-01 19:57:49 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "created access key", accesskey.Name, "on", netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(key)
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
|
2022-09-06 20:20:24 +08:00
|
|
|
// swagger:route GET /api/networks/{networkname}/keys networks getAccessKeys
|
|
|
|
|
//
|
|
|
|
|
// Get network access keys for a network.
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
2022-09-11 12:51:59 +08:00
|
|
|
//
|
|
|
|
|
// Responses:
|
|
|
|
|
// 200: accessKeySliceBodyResponse
|
2021-03-26 00:17:52 +08:00
|
|
|
func getAccessKeys(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
network := params["networkname"]
|
2021-12-08 01:46:55 +08:00
|
|
|
keys, err := logic.GetKeys(network)
|
2021-05-01 19:57:49 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), fmt.Sprintf("failed to get keys for network [%s]: %v",
|
|
|
|
|
network, err))
|
2021-05-01 19:57:49 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-15 05:50:20 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
2021-11-17 01:20:48 +08:00
|
|
|
keys = logic.RemoveKeySensitiveInfo(keys)
|
2021-11-15 05:50:20 +08:00
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(2, r.Header.Get("user"), "fetched access keys on network", network)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(keys)
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2022-09-11 12:51:59 +08:00
|
|
|
// swagger:route DELETE /api/networks/{networkname}/keys/{name} networks deleteAccessKey
|
2022-09-06 20:20:24 +08:00
|
|
|
//
|
|
|
|
|
// Delete a network access key.
|
|
|
|
|
//
|
|
|
|
|
// Schemes: https
|
|
|
|
|
//
|
|
|
|
|
// Security:
|
|
|
|
|
// oauth
|
|
|
|
|
//
|
2022-09-11 12:51:59 +08:00
|
|
|
// Responses:
|
|
|
|
|
// 200:
|
|
|
|
|
// *: stringJSONResponse
|
|
|
|
|
//
|
2021-12-08 01:46:55 +08:00
|
|
|
// delete key. Has to do a little funky logic since it's not a collection item
|
2021-03-26 00:17:52 +08:00
|
|
|
func deleteAccessKey(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-03-26 00:17:52 +08:00
|
|
|
keyname := params["name"]
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
2021-12-08 01:46:55 +08:00
|
|
|
err := logic.DeleteKey(keyname, netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2022-07-12 22:50:32 +08:00
|
|
|
logger.Log(0, r.Header.Get("user"), fmt.Sprintf("failed to delete key [%s] for network [%s]: %v",
|
|
|
|
|
keyname, netname, err))
|
2021-05-01 19:57:49 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-12-07 04:31:08 +08:00
|
|
|
logger.Log(1, r.Header.Get("user"), "deleted access key", keyname, "on network,", netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
}
|
