diff --git a/controllers/hosts.go b/controllers/hosts.go index 6f844fd6..77f887f6 100644 --- a/controllers/hosts.go +++ b/controllers/hosts.go @@ -219,6 +219,20 @@ func updateHost(w http.ResponseWriter, r *http.Request) { } newHost := newHostData.ConvertAPIHostToNMHost(currHost) + + if newHost.Name != currHost.Name { + // update any rag role ids + for _, nodeID := range newHost.Nodes { + node, err := logic.GetNodeByID(nodeID) + if err == nil && node.IsIngressGateway { + role, err := logic.GetRole(models.GetRAGRoleID(node.Network, currHost.ID.String())) + if err == nil { + role.UiName = models.GetRAGRoleName(node.Network, newHost.Name) + logic.UpdateRole(role) + } + } + } + } logic.UpdateHost(newHost, currHost) // update the in memory struct values if err = logic.UpsertHost(newHost); err != nil { logger.Log(0, r.Header.Get("user"), "failed to update a host:", err.Error()) diff --git a/logic/gateway.go b/logic/gateway.go index 0fdffeca..87a41105 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -180,7 +180,8 @@ func CreateIngressGateway(netid string, nodeid string, ingress models.IngressReq } // create network role for this gateway CreateRole(models.UserRolePermissionTemplate{ - ID: models.GetRAGRoleName(node.Network, host.Name), + ID: models.GetRAGRoleID(node.Network, host.ID.String()), + UiName: models.GetRAGRoleName(node.Network, host.Name), NetworkID: models.NetworkID(node.Network), Default: true, NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{ @@ -258,7 +259,7 @@ func DeleteIngressGateway(nodeid string) (models.Node, []models.ExtClient, error if err != nil { return models.Node{}, removedClients, err } - go DeleteRole(models.GetRAGRoleName(node.Network, host.Name), true) + go DeleteRole(models.GetRAGRoleID(node.Network, host.ID.String()), true) err = SetNetworkNodesLastModified(node.Network) return node, removedClients, err } diff --git a/logic/hosts.go b/logic/hosts.go index d0282bb4..0fa8887e 100644 --- a/logic/hosts.go +++ b/logic/hosts.go @@ -269,6 +269,19 @@ func UpdateHostFromClient(newHost, currHost *models.Host) (sendPeerUpdate bool) currHost.IsStaticPort = newHost.IsStaticPort currHost.IsStatic = newHost.IsStatic currHost.MTU = newHost.MTU + if newHost.Name != currHost.Name { + // update any rag role ids + for _, nodeID := range newHost.Nodes { + node, err := GetNodeByID(nodeID) + if err == nil && node.IsIngressGateway { + role, err := GetRole(models.GetRAGRoleID(node.Network, currHost.ID.String())) + if err == nil { + role.UiName = models.GetRAGRoleName(node.Network, newHost.Name) + UpdateRole(role) + } + } + } + } currHost.Name = newHost.Name if len(newHost.NatType) > 0 && newHost.NatType != currHost.NatType { currHost.NatType = newHost.NatType diff --git a/logic/nodes.go b/logic/nodes.go index 45ce7549..2b0f7bf6 100644 --- a/logic/nodes.go +++ b/logic/nodes.go @@ -197,7 +197,7 @@ func DeleteNode(node *models.Node, purge bool) error { } host, err := GetHost(node.HostID.String()) if err == nil { - go DeleteRole(models.GetRAGRoleName(node.Network, host.Name), true) + go DeleteRole(models.GetRAGRoleID(node.Network, host.ID.String()), true) } } if node.IsRelayed { diff --git a/logic/user_mgmt.go b/logic/user_mgmt.go index ccb9d2b2..93d3b8e5 100644 --- a/logic/user_mgmt.go +++ b/logic/user_mgmt.go @@ -43,6 +43,8 @@ var IsNetworkRolesValid = func(networkRoles map[models.NetworkID]map[models.User return nil } +var UpdateRole = func(r models.UserRolePermissionTemplate) error { return nil } + var InitialiseRoles = userRolesInit var DeleteNetworkRoles = func(netID string) {} var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {} diff --git a/migrate/migrate.go b/migrate/migrate.go index 1ee4aaf1..fdf8f9f7 100644 --- a/migrate/migrate.go +++ b/migrate/migrate.go @@ -323,7 +323,8 @@ func syncUsers() { h, err := logic.GetHost(networkNodeI.HostID.String()) if err == nil { logic.CreateRole(models.UserRolePermissionTemplate{ - ID: models.GetRAGRoleName(networkNodeI.Network, h.Name), + ID: models.GetRAGRoleID(networkNodeI.Network, h.ID.String()), + UiName: models.GetRAGRoleName(networkNodeI.Network, h.Name), NetworkID: models.NetworkID(netI.NetID), NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{ models.RemoteAccessGwRsrc: { @@ -387,7 +388,7 @@ func syncUsers() { if err != nil { continue } - r, err := logic.GetRole(models.GetRAGRoleName(gwNode.Network, h.Name)) + r, err := logic.GetRole(models.GetRAGRoleID(gwNode.Network, h.ID.String())) if err != nil { continue } diff --git a/models/user_mgmt.go b/models/user_mgmt.go index b08f800b..3efa81bf 100644 --- a/models/user_mgmt.go +++ b/models/user_mgmt.go @@ -27,8 +27,12 @@ func (rid RsrcID) String() string { return string(rid) } -func GetRAGRoleName(netID, hostName string) UserRoleID { - return UserRoleID(fmt.Sprintf("netID-%s-rag-%s", netID, hostName)) +func GetRAGRoleName(netID, hostName string) string { + return fmt.Sprintf("netID-%s-rag-%s", netID, hostName) +} + +func GetRAGRoleID(netID, hostID string) UserRoleID { + return UserRoleID(fmt.Sprintf("netID-%s-rag-%s", netID, hostID)) } var RsrcTypeMap = map[RsrcType]struct{}{ @@ -112,6 +116,7 @@ type RsrcPermissionScope struct { type UserRolePermissionTemplate struct { ID UserRoleID `json:"id"` + UiName string `json:"ui_name"` Default bool `json:"default"` DenyDashboardAccess bool `json:"deny_dashboard_access"` FullAccess bool `json:"full_access"` diff --git a/pro/initialize.go b/pro/initialize.go index c888e6b3..ff5653fe 100644 --- a/pro/initialize.go +++ b/pro/initialize.go @@ -121,6 +121,7 @@ func InitPro() { mq.UpdateMetricsFallBack = proLogic.MQUpdateMetricsFallBack logic.GetFilteredNodesByUserAccess = proLogic.GetFilteredNodesByUserAccess logic.CreateRole = proLogic.CreateRole + logic.UpdateRole = proLogic.UpdateRole logic.DeleteRole = proLogic.DeleteRole logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck