Merge pull request #3122 from gravitl/master

Master

.github/workflows/branchtest.yml

@@ -3,7 +3,7 @@ name: Deploy and Test Branch
 on:
   workflow_dispatch:
     inputs:
-      branches:
+      branch:
         description: 'Branch to deploy and test'
         required: true
         default: 'develop'
@@ -28,28 +28,40 @@ jobs:
     if: ${{ needs.skip-check.outputs.skip != 'true' }}
     outputs:
       netclientbranch: ${{ steps.getbranch.outputs.netclientbranch }}
+      netmakerbranch: ${{ steps.getbranch.outputs.netmakerbranch }}
     steps:
-      - name: checkout
+      - name: Determine branches
+        id: determine_branches
+        run: |
+          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
+            echo "NETMAKER_BRANCH=${{ github.event.inputs.branch }}" >> $GITHUB_ENV
+            echo "NETCLIENT_BRANCH=${{ github.event.inputs.branch }}" >> $GITHUB_ENV
+          else
+            echo "NETMAKER_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV
+            echo "NETCLIENT_BRANCH=develop" >> $GITHUB_ENV
+          fi
+      - name: Checkout netclient repository
         uses: actions/checkout@v4
         with:
           repository: gravitl/netclient
-          ref: ${{ github.event_name == 'workflow_dispatch' && inputs.branch || 'develop' }}
+          fetch-depth: 0
-      - name: check if branch exists
+      - name: Check if netclient branch exists and set output
         id: getbranch 
         run: |
-          if git show-ref ${{ github.head_ref}}; then
+          if git ls-remote --heads origin ${{ env.NETCLIENT_BRANCH }} | grep -q ${{ env.NETCLIENT_BRANCH }}; then
-            echo branch exists
+            echo "netclient branch ${{ env.NETCLIENT_BRANCH }} exists"
-            echo "netclientbranch=${{ github.head_ref }}" >> $GITHUB_OUTPUT
+            echo "netclientbranch=${{ env.NETCLIENT_BRANCH }}" >> $GITHUB_OUTPUT
           else
-            echo branch does not exist
+            echo "netclient branch ${{ env.NETCLIENT_BRANCH }} does not exist, using develop"
             echo "netclientbranch=develop" >> $GITHUB_OUTPUT
           fi
+          echo "netmakerbranch=${{ env.NETMAKER_BRANCH }}" >> $GITHUB_OUTPUT
 
   branchtest:
     uses: gravitl/devops/.github/workflows/testdeploybranch.yml@master
     needs: [getbranch, skip-check]
     with:
       netclientbranch: ${{ needs.getbranch.outputs.netclientbranch }}
-      netmakerbranch: ${{ github.event_name == 'workflow_dispatch' && inputs.branch || github.head_ref }}
+      netmakerbranch: ${{ needs.getbranch.outputs.netmakerbranch }}
       tag: ${{ github.run_id }}-${{ github.run_attempt }}
-    secrets: inherit          
+    secrets: inherit

pro/controllers/users.go

@@ -206,6 +206,10 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 	}
 	for _, inviteeEmail := range inviteReq.UserEmails {
 		// check if user with email exists, then ignore
+		if !email.IsValid(inviteeEmail) {
+			logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("invalid email "+inviteeEmail), "badrequest"))
+			return
+		}
 		_, err := logic.GetUser(inviteeEmail)
 		if err == nil {
 			// user exists already, so ignore
@@ -228,6 +232,14 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 			slog.Error("failed to parse to invite url", "error", err)
 			return
 		}
+		if servercfg.DeployedByOperator() {
+			u, err = url.Parse(fmt.Sprintf("%s/invite?tenant_id=%s&email=%s&invite_code=%s",
+				proLogic.GetAccountsUIHost(), url.QueryEscape(servercfg.GetNetmakerTenantID()), url.QueryEscape(invite.Email), url.QueryEscape(invite.InviteCode)))
+			if err != nil {
+				slog.Error("failed to parse to invite url", "error", err)
+				return
+			}
+		}
 		invite.InviteURL = u.String()
 		err = logic.InsertUserInvite(invite)
 		if err != nil {

pro/email/email.go

@@ -2,6 +2,7 @@ package email
 
 import (
 	"context"
+	"regexp"
 
 	"github.com/gravitl/netmaker/servercfg"
 )
@@ -52,3 +53,8 @@ type Notification struct {
 func GetClient() (e EmailSender) {
 	return client
 }
+
+func IsValid(email string) bool {
+	emailRegex := regexp.MustCompile(`^[a-z0-9._%+\-]+@[a-z0-9.\-]+\.[a-z]{2,4}$`)
+	return emailRegex.MatchString(email)
+}

pro/license.go

@@ -20,6 +20,7 @@ import (
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/ncutils"
+	proLogic "github.com/gravitl/netmaker/pro/logic"
 	"github.com/gravitl/netmaker/servercfg"
 )
 
@@ -206,7 +207,7 @@ func validateLicenseKey(encryptedData []byte, publicKey *[32]byte) ([]byte, bool
 
 	req, err := http.NewRequest(
 		http.MethodPost,
-		getAccountsHost()+"/api/v1/license/validate",
+		proLogic.GetAccountsHost()+"/api/v1/license/validate",
 		bytes.NewReader(requestBody),
 	)
 	if err != nil {
@@ -255,17 +256,6 @@ func validateLicenseKey(encryptedData []byte, publicKey *[32]byte) ([]byte, bool
 	return nil, false, err
 }
 
-func getAccountsHost() string {
-	switch servercfg.GetEnvironment() {
-	case "dev":
-		return accountsHostDevelopment
-	case "staging":
-		return accountsHostStaging
-	default:
-		return accountsHostProduction
-	}
-}
-
 func cacheResponse(response []byte) error {
 	lrc := licenseResponseCache{
 		Body: response,

pro/license_test.go

@@ -4,11 +4,13 @@
 package pro
 
 import (
-	"github.com/gravitl/netmaker/config"
 	"testing"
+
+	"github.com/gravitl/netmaker/config"
+	proLogic "github.com/gravitl/netmaker/pro/logic"
 )
 
-func Test_getAccountsHost(t *testing.T) {
+func Test_GetAccountsHost(t *testing.T) {
 	tests := []struct {
 		name string
 		envK string
@@ -69,8 +71,8 @@ func Test_getAccountsHost(t *testing.T) {
 			if tt.envK != "" {
 				t.Setenv(tt.envK, tt.envV)
 			}
-			if got := getAccountsHost(); got != tt.want {
+			if got := proLogic.GetAccountsHost(); got != tt.want {
-				t.Errorf("getAccountsHost() = %v, want %v", got, tt.want)
+				t.Errorf("GetAccountsHost() = %v, want %v", got, tt.want)
 			}
 		})
 	}

pro/logic/security.go

@@ -7,6 +7,27 @@ import (
 
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
+	"github.com/gravitl/netmaker/servercfg"
+)
+
+// constants for accounts api hosts
+const (
+	// accountsHostDevelopment is the accounts api host for development environment
+	accountsHostDevelopment = "https://api.dev.accounts.netmaker.io"
+	// accountsHostStaging is the accounts api host for staging environment
+	accountsHostStaging = "https://api.staging.accounts.netmaker.io"
+	// accountsHostProduction is the accounts api host for production environment
+	accountsHostProduction = "https://api.accounts.netmaker.io"
+)
+
+// constants for accounts UI hosts
+const (
+	// accountsUIHostDevelopment is the accounts UI host for development environment
+	accountsUIHostDevelopment = "https://account.dev.netmaker.io"
+	// accountsUIHostStaging is the accounts UI host for staging environment
+	accountsUIHostStaging = "https://account.staging.netmaker.io"
+	// accountsUIHostProduction is the accounts UI host for production environment
+	accountsUIHostProduction = "https://account.netmaker.io"
 )
 
 func NetworkPermissionsCheck(username string, r *http.Request) error {
@@ -186,3 +207,25 @@ func checkPermissionScopeWithReqMethod(scope models.RsrcPermissionScope, reqmeth
 	}
 	return errors.New("operation not permitted")
 }
+
+func GetAccountsHost() string {
+	switch servercfg.GetEnvironment() {
+	case "dev":
+		return accountsHostDevelopment
+	case "staging":
+		return accountsHostStaging
+	default:
+		return accountsHostProduction
+	}
+}
+
+func GetAccountsUIHost() string {
+	switch servercfg.GetEnvironment() {
+	case "dev":
+		return accountsUIHostDevelopment
+	case "staging":
+		return accountsUIHostStaging
+	default:
+		return accountsUIHostProduction
+	}
+}

pro/logic/user_mgmt.go

@@ -380,7 +380,6 @@ func DeleteRole(rid models.UserRoleID, force bool) error {
 			}
 		}
 	}
-
 	return database.DeleteRecord(database.USER_PERMISSIONS_TABLE_NAME, rid.String())
 }
 

pro/types.go

@@ -7,16 +7,6 @@ import (
 	"errors"
 )
 
-// constants for accounts api hosts
-const (
-	// accountsHostDevelopment is the accounts api host for development environment
-	accountsHostDevelopment = "https://api.dev.accounts.netmaker.io"
-	// accountsHostStaging is the accounts api host for staging environment
-	accountsHostStaging = "https://api.staging.accounts.netmaker.io"
-	// accountsHostProduction is the accounts api host for production environment
-	accountsHostProduction = "https://api.accounts.netmaker.io"
-)
-
 const (
 	license_cache_key          = "license_response_cache"
 	license_validation_err_msg = "invalid license"