From 1db150c65bbfea1b1b6fbd9161a5ae520d8e43f6 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Mon, 27 Jan 2025 12:25:35 +0530 Subject: [PATCH] fix node id acl validation --- logic/acls.go | 31 +++++++++++++++++++++++-------- models/acl.go | 2 +- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/logic/acls.go b/logic/acls.go index 48e95d8a..ac5a0028 100644 --- a/logic/acls.go +++ b/logic/acls.go @@ -290,11 +290,19 @@ func IsAclPolicyValid(acl models.Acl) bool { if srcI.Value == "*" { continue } - // check if tag is valid - _, err := GetTag(models.TagID(srcI.Value)) - if err != nil { - return false + if srcI.ID == models.NodeTagID { + // check if tag is valid + _, err := GetTag(models.TagID(srcI.Value)) + if err != nil { + return false + } + } else { + _, err := GetNodeByID(srcI.Value) + if err != nil { + return false + } } + } for _, dstI := range acl.Dst { @@ -307,10 +315,17 @@ func IsAclPolicyValid(acl models.Acl) bool { if dstI.Value == "*" { continue } - // check if tag is valid - _, err := GetTag(models.TagID(dstI.Value)) - if err != nil { - return false + if dstI.ID == models.NodeTagID { + // check if tag is valid + _, err := GetTag(models.TagID(dstI.Value)) + if err != nil { + return false + } + } else { + _, err := GetNodeByID(dstI.Value) + if err != nil { + return false + } } } } diff --git a/models/acl.go b/models/acl.go index 11b6bf4d..bd6524a1 100644 --- a/models/acl.go +++ b/models/acl.go @@ -58,7 +58,7 @@ const ( UserAclID AclGroupType = "user" UserGroupAclID AclGroupType = "user-group" NodeTagID AclGroupType = "tag" - NodeID AclGroupType = "node_id" + NodeID AclGroupType = "device" NetmakerIPAclID AclGroupType = "ip" NetmakerSubNetRangeAClID AclGroupType = "ipset" )