fix node id acl validation

2025-09-11 23:54:22 +08:00 · 2025-01-27 12:25:35 +05:30 · 2025-01-27 12:25:35 +05:30 · 1db150c65b
commit 1db150c65b
parent 0e3e9162c7
2 changed files with 24 additions and 9 deletions
--- a/logic/acls.go
+++ b/logic/acls.go
@ -290,11 +290,19 @@ func IsAclPolicyValid(acl models.Acl) bool {
 			if srcI.Value == "*" {
 				continue
 			}
-			// check if tag is valid
-			_, err := GetTag(models.TagID(srcI.Value))
-			if err != nil {
-				return false
+			if srcI.ID == models.NodeTagID {
+				// check if tag is valid
+				_, err := GetTag(models.TagID(srcI.Value))
+				if err != nil {
+					return false
+				}
+			} else {
+				_, err := GetNodeByID(srcI.Value)
+				if err != nil {
+					return false
+				}
 			}
+
 		}
 		for _, dstI := range acl.Dst {

@ -307,10 +315,17 @@ func IsAclPolicyValid(acl models.Acl) bool {
 			if dstI.Value == "*" {
 				continue
 			}
-			// check if tag is valid
-			_, err := GetTag(models.TagID(dstI.Value))
-			if err != nil {
-				return false
+			if dstI.ID == models.NodeTagID {
+				// check if tag is valid
+				_, err := GetTag(models.TagID(dstI.Value))
+				if err != nil {
+					return false
+				}
+			} else {
+				_, err := GetNodeByID(dstI.Value)
+				if err != nil {
+					return false
+				}
 			}
 		}
 	}
--- a/models/acl.go
+++ b/models/acl.go
@ -58,7 +58,7 @@ const (
 	UserAclID                AclGroupType = "user"
 	UserGroupAclID           AclGroupType = "user-group"
 	NodeTagID                AclGroupType = "tag"
-	NodeID                   AclGroupType = "node_id"
+	NodeID                   AclGroupType = "device"
 	NetmakerIPAclID          AclGroupType = "ip"
 	NetmakerSubNetRangeAClID AclGroupType = "ipset"
 )