mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 15:26:04 +08:00
fix rac apis
This commit is contained in:
parent
9eaffd1314
commit
30e1272ae9
|
@ -586,6 +586,7 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||||
logic.CreateRole(models.UserRolePermissionTemplate{
|
logic.CreateRole(models.UserRolePermissionTemplate{
|
||||||
ID: models.GetRAGRoleName(node.Network, host.Name),
|
ID: models.GetRAGRoleName(node.Network, host.Name),
|
||||||
NetworkID: models.NetworkID(node.Network),
|
NetworkID: models.NetworkID(node.Network),
|
||||||
|
Default: true,
|
||||||
NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{
|
NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{
|
||||||
models.RemoteAccessGwRsrc: {
|
models.RemoteAccessGwRsrc: {
|
||||||
models.RsrcID(node.ID.String()): models.RsrcPermissionScope{
|
models.RsrcID(node.ID.String()): models.RsrcPermissionScope{
|
||||||
|
@ -651,7 +652,7 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
go logic.RemoveNetworkRoleFromUsers(*host, node)
|
go logic.DeleteRole(models.GetRAGRoleName(node.Network, host.Name), true)
|
||||||
|
|
||||||
apiNode := node.ConvertToAPINode()
|
apiNode := node.ConvertToAPINode()
|
||||||
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid)
|
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid)
|
||||||
|
|
|
@ -28,6 +28,10 @@ var CreateRole = func(r models.UserRolePermissionTemplate) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var DeleteRole = func(r models.UserRoleID, force bool) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
var FilterNetworksByRole = func(allnetworks []models.Network, user models.User) []models.Network {
|
var FilterNetworksByRole = func(allnetworks []models.Network, user models.User) []models.Network {
|
||||||
return allnetworks
|
return allnetworks
|
||||||
}
|
}
|
||||||
|
@ -38,7 +42,6 @@ var IsGroupsValid = func(groups map[models.UserGroupID]struct{}) error {
|
||||||
var IsNetworkRolesValid = func(networkRoles map[models.NetworkID]map[models.UserRoleID]struct{}) error {
|
var IsNetworkRolesValid = func(networkRoles map[models.NetworkID]map[models.UserRoleID]struct{}) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
var RemoveNetworkRoleFromUsers = func(host models.Host, node models.Node) {}
|
|
||||||
|
|
||||||
var InitialiseRoles = userRolesInit
|
var InitialiseRoles = userRolesInit
|
||||||
var DeleteNetworkRoles = func(netID string) {}
|
var DeleteNetworkRoles = func(netID string) {}
|
||||||
|
|
|
@ -591,7 +591,7 @@ func deleteRole(w http.ResponseWriter, r *http.Request) {
|
||||||
logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest"))
|
logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err := proLogic.DeleteRole(models.UserRoleID(rid))
|
err := proLogic.DeleteRole(models.UserRoleID(rid), false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
|
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
|
||||||
return
|
return
|
||||||
|
|
|
@ -121,6 +121,7 @@ func InitPro() {
|
||||||
mq.UpdateMetricsFallBack = proLogic.MQUpdateMetricsFallBack
|
mq.UpdateMetricsFallBack = proLogic.MQUpdateMetricsFallBack
|
||||||
logic.GetFilteredNodesByUserAccess = proLogic.GetFilteredNodesByUserAccess
|
logic.GetFilteredNodesByUserAccess = proLogic.GetFilteredNodesByUserAccess
|
||||||
logic.CreateRole = proLogic.CreateRole
|
logic.CreateRole = proLogic.CreateRole
|
||||||
|
logic.DeleteRole = proLogic.DeleteRole
|
||||||
logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck
|
logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck
|
||||||
logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck
|
logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck
|
||||||
logic.DeleteNetworkRoles = proLogic.DeleteNetworkRoles
|
logic.DeleteNetworkRoles = proLogic.DeleteNetworkRoles
|
||||||
|
@ -128,7 +129,6 @@ func InitPro() {
|
||||||
logic.FilterNetworksByRole = proLogic.FilterNetworksByRole
|
logic.FilterNetworksByRole = proLogic.FilterNetworksByRole
|
||||||
logic.IsGroupsValid = proLogic.IsGroupsValid
|
logic.IsGroupsValid = proLogic.IsGroupsValid
|
||||||
logic.IsNetworkRolesValid = proLogic.IsNetworkRolesValid
|
logic.IsNetworkRolesValid = proLogic.IsNetworkRolesValid
|
||||||
logic.RemoveNetworkRoleFromUsers = proLogic.RemoveNetworkRoleFromUsers
|
|
||||||
logic.InitialiseRoles = proLogic.UserRolesInit
|
logic.InitialiseRoles = proLogic.UserRolesInit
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@ import (
|
||||||
"github.com/gravitl/netmaker/logger"
|
"github.com/gravitl/netmaker/logger"
|
||||||
"github.com/gravitl/netmaker/logic"
|
"github.com/gravitl/netmaker/logic"
|
||||||
"github.com/gravitl/netmaker/models"
|
"github.com/gravitl/netmaker/models"
|
||||||
"golang.org/x/exp/slog"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var ServiceUserPermissionTemplate = models.UserRolePermissionTemplate{
|
var ServiceUserPermissionTemplate = models.UserRolePermissionTemplate{
|
||||||
|
@ -158,7 +157,7 @@ func DeleteNetworkRoles(netID string) {
|
||||||
roles, _ := ListNetworkRoles()
|
roles, _ := ListNetworkRoles()
|
||||||
for _, role := range roles {
|
for _, role := range roles {
|
||||||
if role.NetworkID.String() == netID {
|
if role.NetworkID.String() == netID {
|
||||||
DeleteRole(role.ID)
|
DeleteRole(role.ID, true)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -325,7 +324,7 @@ func UpdateRole(r models.UserRolePermissionTemplate) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// DeleteRole - deletes user role
|
// DeleteRole - deletes user role
|
||||||
func DeleteRole(rid models.UserRoleID) error {
|
func DeleteRole(rid models.UserRoleID, force bool) error {
|
||||||
if rid.String() == "" {
|
if rid.String() == "" {
|
||||||
return errors.New("role id cannot be empty")
|
return errors.New("role id cannot be empty")
|
||||||
}
|
}
|
||||||
|
@ -337,7 +336,7 @@ func DeleteRole(rid models.UserRoleID) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if role.Default {
|
if !force && role.Default {
|
||||||
return errors.New("cannot delete default role")
|
return errors.New("cannot delete default role")
|
||||||
}
|
}
|
||||||
for _, user := range users {
|
for _, user := range users {
|
||||||
|
@ -806,29 +805,6 @@ func IsNetworkRolesValid(networkRoles map[models.NetworkID]map[models.UserRoleID
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func RemoveNetworkRoleFromUsers(host models.Host, node models.Node) {
|
|
||||||
users, err := logic.GetUsersDB()
|
|
||||||
if err == nil {
|
|
||||||
for _, user := range users {
|
|
||||||
// delete role from user
|
|
||||||
if netRoles, ok := user.NetworkRoles[models.NetworkID(node.Network)]; ok {
|
|
||||||
delete(netRoles, models.GetRAGRoleName(node.Network, host.Name))
|
|
||||||
user.NetworkRoles[models.NetworkID(node.Network)] = netRoles
|
|
||||||
err = logic.UpsertUser(user)
|
|
||||||
if err != nil {
|
|
||||||
slog.Error("failed to get user", "user", user.UserName, "error", err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
slog.Error("failed to get users", "error", err)
|
|
||||||
}
|
|
||||||
err = DeleteRole(models.GetRAGRoleName(node.Network, host.Name))
|
|
||||||
if err != nil {
|
|
||||||
slog.Error("failed to delete role: ", models.GetRAGRoleName(node.Network, host.Name), err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// PrepareOauthUserFromInvite - init oauth user before create
|
// PrepareOauthUserFromInvite - init oauth user before create
|
||||||
func PrepareOauthUserFromInvite(in models.UserInvite) (models.User, error) {
|
func PrepareOauthUserFromInvite(in models.UserInvite) (models.User, error) {
|
||||||
var newPass, fetchErr = logic.FetchPassValue("")
|
var newPass, fetchErr = logic.FetchPassValue("")
|
||||||
|
|
Loading…
Reference in a new issue