mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-07 21:54:54 +08:00
add acl allow/deny subcommands
This commit is contained in:
Anish Mukherjee
parent
a98a116bf7
commit
8b62bdec62
4 changed files with 113 additions and 34 deletions
43
cli/cmd/acl/allow.go
Normal file
43
cli/cmd/acl/allow.go
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
package acl
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"github.com/gravitl/netmaker/cli/functions"
|
||||
"github.com/gravitl/netmaker/logic/acls"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
var aclAllowCmd = &cobra.Command{
|
||||
Use: "allow [NETWORK NAME] [FROM_NODE_NAME] [TO_NODE_NAME]",
|
||||
Args: cobra.ExactArgs(3),
|
||||
Short: "Allow access from one node to another",
|
||||
Long: `Allow access from one node to another`,
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
nameIDMap := make(map[string]string)
|
||||
for _, node := range *functions.GetNodes(args[0]) {
|
||||
nameIDMap[strings.ToLower(node.Name)] = node.ID
|
||||
}
|
||||
fromNodeID, ok := nameIDMap[strings.ToLower(args[1])]
|
||||
if !ok {
|
||||
log.Fatalf("Node %s doesn't exists", args[1])
|
||||
}
|
||||
toNodeID, ok := nameIDMap[strings.ToLower(args[2])]
|
||||
if !ok {
|
||||
log.Fatalf("Node %s doesn't exists", args[2])
|
||||
}
|
||||
payload := acls.ACLContainer(map[acls.AclID]acls.ACL{
|
||||
acls.AclID(fromNodeID): map[acls.AclID]byte{
|
||||
acls.AclID(toNodeID): acls.Allowed,
|
||||
},
|
||||
})
|
||||
functions.UpdateACL(args[0], &payload)
|
||||
fmt.Println("Success")
|
||||
},
|
||||
}
|
||||
|
||||
func init() {
|
||||
rootCmd.AddCommand(aclAllowCmd)
|
||||
}
|
||||
43
cli/cmd/acl/deny.go
Normal file
43
cli/cmd/acl/deny.go
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
package acl
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"github.com/gravitl/netmaker/cli/functions"
|
||||
"github.com/gravitl/netmaker/logic/acls"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
var aclDenyCmd = &cobra.Command{
|
||||
Use: "deny [NETWORK NAME] [FROM_NODE_NAME] [TO_NODE_NAME]",
|
||||
Args: cobra.ExactArgs(3),
|
||||
Short: "Deny access from one node to another",
|
||||
Long: `Deny access from one node to another`,
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
nameIDMap := make(map[string]string)
|
||||
for _, node := range *functions.GetNodes(args[0]) {
|
||||
nameIDMap[strings.ToLower(node.Name)] = node.ID
|
||||
}
|
||||
fromNodeID, ok := nameIDMap[strings.ToLower(args[1])]
|
||||
if !ok {
|
||||
log.Fatalf("Node %s doesn't exists", args[1])
|
||||
}
|
||||
toNodeID, ok := nameIDMap[strings.ToLower(args[2])]
|
||||
if !ok {
|
||||
log.Fatalf("Node %s doesn't exists", args[2])
|
||||
}
|
||||
payload := acls.ACLContainer(map[acls.AclID]acls.ACL{
|
||||
acls.AclID(fromNodeID): map[acls.AclID]byte{
|
||||
acls.AclID(toNodeID): acls.NotAllowed,
|
||||
},
|
||||
})
|
||||
functions.UpdateACL(args[0], &payload)
|
||||
fmt.Println("Success")
|
||||
},
|
||||
}
|
||||
|
||||
func init() {
|
||||
rootCmd.AddCommand(aclDenyCmd)
|
||||
}
|
||||
|
|
@ -1,7 +1,11 @@
|
|||
package acl
|
||||
|
||||
import (
|
||||
"os"
|
||||
|
||||
"github.com/gravitl/netmaker/cli/functions"
|
||||
"github.com/gravitl/netmaker/logic/acls"
|
||||
"github.com/guumaster/tablewriter"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
|
|
@ -11,7 +15,29 @@ var aclListCmd = &cobra.Command{
|
|||
Short: "List all ACLs associated with a network",
|
||||
Long: `List all ACLs associated with a network`,
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
functions.PrettyPrint(functions.GetACL(args[0]))
|
||||
aclSource := (map[acls.AclID]acls.ACL)(*functions.GetACL(args[0]))
|
||||
nodes := functions.GetNodes(args[0])
|
||||
idNameMap := make(map[string]string)
|
||||
for _, node := range *nodes {
|
||||
idNameMap[node.ID] = node.Name
|
||||
}
|
||||
table := tablewriter.NewWriter(os.Stdout)
|
||||
table.SetHeader([]string{"From", "To", "Status"})
|
||||
for id, acl := range aclSource {
|
||||
for k, v := range (map[acls.AclID]byte)(acl) {
|
||||
row := []string{idNameMap[string(id)], idNameMap[string(k)]}
|
||||
switch v {
|
||||
case acls.NotAllowed:
|
||||
row = append(row, "Not Allowed")
|
||||
case acls.NotPresent:
|
||||
row = append(row, "Not Present")
|
||||
case acls.Allowed:
|
||||
row = append(row, "Allowed")
|
||||
}
|
||||
table.Append(row)
|
||||
}
|
||||
}
|
||||
table.Render()
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,33 +0,0 @@
|
|||
package acl
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/gravitl/netmaker/cli/functions"
|
||||
"github.com/gravitl/netmaker/logic/acls"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
var aclUpdatetCmd = &cobra.Command{
|
||||
Use: "update [NETWORK NAME] [/path/to/updated_acl.json]",
|
||||
Args: cobra.ExactArgs(2),
|
||||
Short: "Update an ACL associated with a network",
|
||||
Long: `Update an ACL associated with a network`,
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
content, err := os.ReadFile(args[1])
|
||||
if err != nil {
|
||||
log.Fatal("Error when opening file: ", err)
|
||||
}
|
||||
acl := &acls.ACLContainer{}
|
||||
if err := json.Unmarshal(content, acl); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
functions.PrettyPrint(functions.UpdateACL(args[0], acl))
|
||||
},
|
||||
}
|
||||
|
||||
func init() {
|
||||
rootCmd.AddCommand(aclUpdatetCmd)
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue