NET-1164:PublishDeletedClientPeerUpdate when deleting user from RAGW (#2912)

* PublishDeletedClientPeerUpdate when deleting user from RAGW * update ACLs after extClient is removed
2025-10-06 11:56:39 +08:00 · 2024-05-03 08:55:38 +02:00 · 2024-05-03 08:55:38 +02:00 · 1ad837ad72
commit 1ad837ad72
parent 26e6ad53d1
3 changed files with 43 additions and 24 deletions
--- a/controllers/ext_client.go
+++ b/controllers/ext_client.go
@ -15,7 +15,6 @@ import (
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
-	"github.com/gravitl/netmaker/logic/acls"
 	"github.com/gravitl/netmaker/servercfg"

 	"github.com/gravitl/netmaker/models"
@ -605,36 +604,17 @@ func deleteExtClient(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = logic.DeleteExtClient(params["network"], params["clientid"])
+	err = logic.DeleteExtClientAndCleanup(extclient)
 	if err != nil {
-		logger.Log(0, r.Header.Get("user"),
-			fmt.Sprintf("failed to delete extclient [%s],network [%s]: %v", clientid, network, err))
+		slog.Error("deleteExtClient: ", "Error", err.Error())
 		err = errors.New("Could not delete extclient " + params["clientid"])
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}

-	// delete client acls
-	var networkAcls acls.ACLContainer
-	networkAcls, err = networkAcls.Get(acls.ContainerID(network))
-	if err != nil {
-		slog.Error("failed to get network acls", "err", err)
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
-		return
-	}
-	for objId := range networkAcls {
-		delete(networkAcls[objId], acls.AclID(clientid))
-	}
-	delete(networkAcls, acls.AclID(clientid))
-	if _, err = networkAcls.Save(acls.ContainerID(network)); err != nil {
-		slog.Error("failed to update network acls", "err", err)
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
-		return
-	}
-
 	go func() {
 		if err := mq.PublishDeletedClientPeerUpdate(&extclient); err != nil {
-			logger.Log(1, "error setting ext peers on "+ingressnode.ID.String()+": "+err.Error())
+			slog.Error("error setting ext peers on " + ingressnode.ID.String() + ": " + err.Error())
 		}
 		if servercfg.IsDNSMode() {
 			logic.SetDNS()
--- a/logic/extpeers.go
+++ b/logic/extpeers.go
@ -11,6 +11,7 @@ import (

 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
+	"github.com/gravitl/netmaker/logic/acls"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/servercfg"
 	"golang.org/x/exp/slog"
@ -95,6 +96,35 @@ func DeleteExtClient(network string, clientid string) error {
 	return nil
 }

+// DeleteExtClientAndCleanup - deletes an existing ext client and update ACLs
+func DeleteExtClientAndCleanup(extClient models.ExtClient) error {
+
+	//delete extClient record
+	err := DeleteExtClient(extClient.Network, extClient.ClientID)
+	if err != nil {
+		slog.Error("DeleteExtClientAndCleanup-remove extClient record: ", "Error", err.Error())
+		return err
+	}
+
+	//update ACLs
+	var networkAcls acls.ACLContainer
+	networkAcls, err = networkAcls.Get(acls.ContainerID(extClient.Network))
+	if err != nil {
+		slog.Error("DeleteExtClientAndCleanup-update network acls: ", "Error", err.Error())
+		return err
+	}
+	for objId := range networkAcls {
+		delete(networkAcls[objId], acls.AclID(extClient.ClientID))
+	}
+	delete(networkAcls, acls.AclID(extClient.ClientID))
+	if _, err = networkAcls.Save(acls.ContainerID(extClient.Network)); err != nil {
+		slog.Error("DeleteExtClientAndCleanup-update network acls:", "Error", err.Error())
+		return err
+	}
+
+	return nil
+}
+
 // GetNetworkExtClients - gets the ext clients of given network
 func GetNetworkExtClients(network string) ([]models.ExtClient, error) {
 	var extclients []models.ExtClient
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@ -10,6 +10,7 @@ import (
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
+	"github.com/gravitl/netmaker/mq"
 	"github.com/gravitl/netmaker/servercfg"
 	"golang.org/x/exp/slog"
 )
@ -114,7 +115,15 @@ func removeUserFromRemoteAccessGW(w http.ResponseWriter, r *http.Request) {
 		}
 		for _, extclient := range extclients {
 			if extclient.OwnerID == user.UserName && remoteGwID == extclient.IngressGatewayID {
-				logic.DeleteExtClient(extclient.Network, extclient.ClientID)
+				err = logic.DeleteExtClientAndCleanup(extclient)
+				if err != nil {
+					slog.Error("failed to delete extclient",
+						"id", extclient.ClientID, "owner", user.UserName, "error", err)
+				} else {
+					if err := mq.PublishDeletedClientPeerUpdate(&extclient); err != nil {
+						slog.Error("error setting ext peers: " + err.Error())
+					}
+				}
 			}
 		}
 		if servercfg.IsDNSMode() {