From 1c20cf36825ab368b6748ff3fd1f422bd2682a20 Mon Sep 17 00:00:00 2001
From: Vishal Dalwadi <dalwadivishal26@gmail.com>
Date: Thu, 19 Jun 2025 21:53:52 +0530
Subject: [PATCH 1/2] fix(go): mask only if set;

---
 controllers/server.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/controllers/server.go b/controllers/server.go
index 675a9910..916a4256 100644
--- a/controllers/server.go
+++ b/controllers/server.go
@@ -247,7 +247,10 @@ func getConfig(w http.ResponseWriter, r *http.Request) {
 // @Success     200 {object} config.ServerSettings
 func getSettings(w http.ResponseWriter, r *http.Request) {
 	scfg := logic.GetServerSettings()
-	scfg.ClientSecret = logic.Mask()
+	if scfg.ClientSecret != "" {
+		scfg.ClientSecret = logic.Mask()
+	}
+
 	logic.ReturnSuccessResponseWithJson(w, r, scfg, "fetched server settings successfully")
 }
 

From e606401066bc4e00903c049b318b56091af163bc Mon Sep 17 00:00:00 2001
From: abhishek9686 <abhi281342@gmail.com>
Date: Mon, 23 Jun 2025 21:31:29 +0530
Subject: [PATCH 2/2] create default user policy on CE

---
 logic/user_mgmt.go | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/logic/user_mgmt.go b/logic/user_mgmt.go
index 0e58374e..d2c5282a 100644
--- a/logic/user_mgmt.go
+++ b/logic/user_mgmt.go
@@ -2,6 +2,8 @@ package logic
 
 import (
 	"encoding/json"
+	"fmt"
+	"time"
 
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/models"
@@ -60,7 +62,39 @@ var InitialiseRoles = userRolesInit
 var IntialiseGroups = func() {}
 var DeleteNetworkRoles = func(netID string) {}
 var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {}
-var CreateDefaultUserPolicies = func(netID models.NetworkID) {}
+var CreateDefaultUserPolicies = func(netID models.NetworkID) {
+	if netID.String() == "" {
+		return
+	}
+	if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-users")) {
+		defaultUserAcl := models.Acl{
+			ID:          fmt.Sprintf("%s.%s", netID, "all-users"),
+			Default:     true,
+			Name:        "All Users",
+			MetaData:    "This policy gives access to everything in the network for an user",
+			NetworkID:   netID,
+			Proto:       models.ALL,
+			ServiceType: models.Any,
+			Port:        []string{},
+			RuleType:    models.UserPolicy,
+			Src: []models.AclPolicyTag{
+				{
+					ID:    models.UserAclID,
+					Value: "*",
+				},
+			},
+			Dst: []models.AclPolicyTag{{
+				ID:    models.NodeTagID,
+				Value: "*",
+			}},
+			AllowedDirection: models.TrafficDirectionUni,
+			Enabled:          true,
+			CreatedBy:        "auto",
+			CreatedAt:        time.Now().UTC(),
+		}
+		InsertAcl(defaultUserAcl)
+	}
+}
 var GetUserGroupsInNetwork = func(netID models.NetworkID) (networkGrps map[models.UserGroupID]models.UserGroup) { return }
 var GetUserGroup = func(groupId models.UserGroupID) (userGrps models.UserGroup, err error) { return }
 var AddGlobalNetRolesToAdmins = func(u *models.User) {}