mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-08 14:15:25 +08:00
add service type to default acl polices
This commit is contained in:
abhishek9686
parent
6f5398e758
commit
73eed6e583
2 changed files with 40 additions and 35 deletions
|
|
@ -39,14 +39,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
|
|||
_, _ = ListAclsByNetwork(netID)
|
||||
if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-nodes")) {
|
||||
defaultDeviceAcl := models.Acl{
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-nodes"),
|
||||
Name: "All Nodes",
|
||||
MetaData: "This Policy allows all nodes in the network to communicate with each other",
|
||||
Default: true,
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
Port: []string{},
|
||||
RuleType: models.DevicePolicy,
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-nodes"),
|
||||
Name: "All Nodes",
|
||||
MetaData: "This Policy allows all nodes in the network to communicate with each other",
|
||||
Default: true,
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
ServiceType: models.Any,
|
||||
Port: []string{},
|
||||
RuleType: models.DevicePolicy,
|
||||
Src: []models.AclPolicyTag{
|
||||
{
|
||||
ID: models.DeviceAclID,
|
||||
|
|
@ -66,14 +67,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
|
|||
}
|
||||
if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-users")) {
|
||||
defaultUserAcl := models.Acl{
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-users"),
|
||||
Default: true,
|
||||
Name: "All Users",
|
||||
MetaData: "This policy gives access to everything in the network for an user",
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
Port: []string{},
|
||||
RuleType: models.UserPolicy,
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-users"),
|
||||
Default: true,
|
||||
Name: "All Users",
|
||||
MetaData: "This policy gives access to everything in the network for an user",
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
ServiceType: models.Any,
|
||||
Port: []string{},
|
||||
RuleType: models.UserPolicy,
|
||||
Src: []models.AclPolicyTag{
|
||||
{
|
||||
ID: models.UserAclID,
|
||||
|
|
@ -94,13 +96,14 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
|
|||
|
||||
if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-remote-access-gws")) {
|
||||
defaultUserAcl := models.Acl{
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
|
||||
Default: true,
|
||||
Name: "All Remote Access Gateways",
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
Port: []string{},
|
||||
RuleType: models.DevicePolicy,
|
||||
ID: fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
|
||||
Default: true,
|
||||
Name: "All Remote Access Gateways",
|
||||
NetworkID: netID,
|
||||
Proto: models.ALL,
|
||||
ServiceType: models.Any,
|
||||
Port: []string{},
|
||||
RuleType: models.DevicePolicy,
|
||||
Src: []models.AclPolicyTag{
|
||||
{
|
||||
ID: models.DeviceAclID,
|
||||
|
|
|
|||
|
|
@ -1207,12 +1207,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
|
|||
|
||||
if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin)) {
|
||||
defaultUserAcl := models.Acl{
|
||||
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
|
||||
Name: "Network Admin",
|
||||
MetaData: "This Policy allows all network admins to communicate with all remote access gateways",
|
||||
Default: true,
|
||||
NetworkID: netID,
|
||||
RuleType: models.UserPolicy,
|
||||
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
|
||||
Name: "Network Admin",
|
||||
MetaData: "This Policy allows all network admins to communicate with all remote access gateways",
|
||||
Default: true,
|
||||
ServiceType: models.Any,
|
||||
NetworkID: netID,
|
||||
RuleType: models.UserPolicy,
|
||||
Src: []models.AclPolicyTag{
|
||||
{
|
||||
ID: models.UserGroupAclID,
|
||||
|
|
@ -1238,12 +1239,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
|
|||
|
||||
if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser)) {
|
||||
defaultUserAcl := models.Acl{
|
||||
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
|
||||
Name: "Network User",
|
||||
MetaData: "This Policy allows all network users to communicate with all remote access gateways",
|
||||
Default: true,
|
||||
NetworkID: netID,
|
||||
RuleType: models.UserPolicy,
|
||||
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
|
||||
Name: "Network User",
|
||||
MetaData: "This Policy allows all network users to communicate with all remote access gateways",
|
||||
Default: true,
|
||||
ServiceType: models.Any,
|
||||
NetworkID: netID,
|
||||
RuleType: models.UserPolicy,
|
||||
Src: []models.AclPolicyTag{
|
||||
{
|
||||
ID: models.UserGroupAclID,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue