gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2024-09-20 15:26:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix rac apis

Browse source
This commit is contained in:
abhishek9686 2024-08-07 14:07:01 +05:30
parent 9eaffd1314
commit 30e1272ae9
5 changed files with 11 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
controllers/node.go
View file

@ -586,6 +586,7 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
logic.CreateRole(models.UserRolePermissionTemplate{ logic.CreateRole(models.UserRolePermissionTemplate{
ID: models.GetRAGRoleName(node.Network, host.Name), ID: models.GetRAGRoleName(node.Network, host.Name),
NetworkID: models.NetworkID(node.Network), NetworkID: models.NetworkID(node.Network),
Default: true,
NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{ NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{
models.RemoteAccessGwRsrc: { models.RemoteAccessGwRsrc: {
models.RsrcID(node.ID.String()): models.RsrcPermissionScope{ models.RsrcID(node.ID.String()): models.RsrcPermissionScope{
@ -651,7 +652,7 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
return return
} }
go logic.RemoveNetworkRoleFromUsers(*host, node) go logic.DeleteRole(models.GetRAGRoleName(node.Network, host.Name), true)
apiNode := node.ConvertToAPINode() apiNode := node.ConvertToAPINode()
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid) logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid)

5
logic/user_mgmt.go
View file

@ -28,6 +28,10 @@ var CreateRole = func(r models.UserRolePermissionTemplate) error {
return nil return nil
} }
var DeleteRole = func(r models.UserRoleID, force bool) error {
return nil
}
var FilterNetworksByRole = func(allnetworks []models.Network, user models.User) []models.Network { var FilterNetworksByRole = func(allnetworks []models.Network, user models.User) []models.Network {
return allnetworks return allnetworks
} }
@ -38,7 +42,6 @@ var IsGroupsValid = func(groups map[models.UserGroupID]struct{}) error {
var IsNetworkRolesValid = func(networkRoles map[models.NetworkID]map[models.UserRoleID]struct{}) error { var IsNetworkRolesValid = func(networkRoles map[models.NetworkID]map[models.UserRoleID]struct{}) error {
return nil return nil
} }
var RemoveNetworkRoleFromUsers = func(host models.Host, node models.Node) {}
var InitialiseRoles = userRolesInit var InitialiseRoles = userRolesInit
var DeleteNetworkRoles = func(netID string) {} var DeleteNetworkRoles = func(netID string) {}

2
pro/controllers/users.go
View file

@ -591,7 +591,7 @@ func deleteRole(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest")) logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest"))
return return
} }
err := proLogic.DeleteRole(models.UserRoleID(rid)) err := proLogic.DeleteRole(models.UserRoleID(rid), false)
if err != nil { if err != nil {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal")) logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
return return

2
pro/initialize.go
View file

@ -121,6 +121,7 @@ func InitPro() {
mq.UpdateMetricsFallBack = proLogic.MQUpdateMetricsFallBack mq.UpdateMetricsFallBack = proLogic.MQUpdateMetricsFallBack
logic.GetFilteredNodesByUserAccess = proLogic.GetFilteredNodesByUserAccess logic.GetFilteredNodesByUserAccess = proLogic.GetFilteredNodesByUserAccess
logic.CreateRole = proLogic.CreateRole logic.CreateRole = proLogic.CreateRole
logic.DeleteRole = proLogic.DeleteRole
logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck
logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck
logic.DeleteNetworkRoles = proLogic.DeleteNetworkRoles logic.DeleteNetworkRoles = proLogic.DeleteNetworkRoles
@ -128,7 +129,6 @@ func InitPro() {
logic.FilterNetworksByRole = proLogic.FilterNetworksByRole logic.FilterNetworksByRole = proLogic.FilterNetworksByRole
logic.IsGroupsValid = proLogic.IsGroupsValid logic.IsGroupsValid = proLogic.IsGroupsValid
logic.IsNetworkRolesValid = proLogic.IsNetworkRolesValid logic.IsNetworkRolesValid = proLogic.IsNetworkRolesValid
logic.RemoveNetworkRoleFromUsers = proLogic.RemoveNetworkRoleFromUsers
logic.InitialiseRoles = proLogic.UserRolesInit logic.InitialiseRoles = proLogic.UserRolesInit
} }

30
pro/logic/user_mgmt.go
View file

@ -9,7 +9,6 @@ import (
"github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/logger"
"github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/logic"
"github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/models"
"golang.org/x/exp/slog"
) )
var ServiceUserPermissionTemplate = models.UserRolePermissionTemplate{ var ServiceUserPermissionTemplate = models.UserRolePermissionTemplate{
@ -158,7 +157,7 @@ func DeleteNetworkRoles(netID string) {
roles, _ := ListNetworkRoles() roles, _ := ListNetworkRoles()
for _, role := range roles { for _, role := range roles {
if role.NetworkID.String() == netID { if role.NetworkID.String() == netID {
DeleteRole(role.ID) DeleteRole(role.ID, true)
} }
} }
} }
@ -325,7 +324,7 @@ func UpdateRole(r models.UserRolePermissionTemplate) error {
} }
// DeleteRole - deletes user role // DeleteRole - deletes user role
func DeleteRole(rid models.UserRoleID) error { func DeleteRole(rid models.UserRoleID, force bool) error {
if rid.String() == "" { if rid.String() == "" {
return errors.New("role id cannot be empty") return errors.New("role id cannot be empty")
} }
@ -337,7 +336,7 @@ func DeleteRole(rid models.UserRoleID) error {
if err != nil { if err != nil {
return err return err
} }
if role.Default { if !force && role.Default {
return errors.New("cannot delete default role") return errors.New("cannot delete default role")
} }
for _, user := range users { for _, user := range users {
@ -806,29 +805,6 @@ func IsNetworkRolesValid(networkRoles map[models.NetworkID]map[models.UserRoleID
return nil return nil
} }
func RemoveNetworkRoleFromUsers(host models.Host, node models.Node) {
users, err := logic.GetUsersDB()
if err == nil {
for _, user := range users {
// delete role from user
if netRoles, ok := user.NetworkRoles[models.NetworkID(node.Network)]; ok {
delete(netRoles, models.GetRAGRoleName(node.Network, host.Name))
user.NetworkRoles[models.NetworkID(node.Network)] = netRoles
err = logic.UpsertUser(user)
if err != nil {
slog.Error("failed to get user", "user", user.UserName, "error", err)
}
}
}
} else {
slog.Error("failed to get users", "error", err)
}
err = DeleteRole(models.GetRAGRoleName(node.Network, host.Name))
if err != nil {
slog.Error("failed to delete role: ", models.GetRAGRoleName(node.Network, host.Name), err)
}
}
// PrepareOauthUserFromInvite - init oauth user before create // PrepareOauthUserFromInvite - init oauth user before create
func PrepareOauthUserFromInvite(in models.UserInvite) (models.User, error) { func PrepareOauthUserFromInvite(in models.UserInvite) (models.User, error) {
var newPass, fetchErr = logic.FetchPassValue("") var newPass, fetchErr = logic.FetchPassValue("")