mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-22 00:06:04 +08:00
restructuring continued
This commit is contained in:
parent
3e693361a5
commit
92f9dafd2e
|
@ -72,7 +72,7 @@ func grpcAuthorize(ctx context.Context) error {
|
|||
|
||||
authToken := authHeader[0]
|
||||
|
||||
mac, network, err := logic.VerifyToken(authToken)
|
||||
nodeID, mac, network, err := logic.VerifyToken(authToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -83,9 +83,10 @@ func grpcAuthorize(ctx context.Context) error {
|
|||
return status.Errorf(codes.Unauthenticated, "Unauthorized. Network does not exist: "+network)
|
||||
}
|
||||
emptynode := models.Node{}
|
||||
node, err := logic.GetNodeByMacAddress(network, mac)
|
||||
node, err := logic.GetNodeByIDorMacAddress(nodeID, mac, network)
|
||||
if database.IsEmptyRecord(err) {
|
||||
if node, err = logic.GetDeletedNodeByMacAddress(network, mac); err == nil {
|
||||
// == DELETE replace logic after 2 major version updates ==
|
||||
if node, err = logic.GetDeletedNodeByID(node.ID); err == nil {
|
||||
if functions.RemoveDeletedNode(node.ID) {
|
||||
return status.Errorf(codes.Unauthenticated, models.NODE_DELETE)
|
||||
}
|
||||
|
@ -112,17 +113,18 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
|
|||
return nil, err
|
||||
}
|
||||
|
||||
macaddress := reqNode.MacAddress
|
||||
nodeID := reqNode.ID
|
||||
network := reqNode.Network
|
||||
password := reqNode.Password
|
||||
macaddress := reqNode.MacAddress
|
||||
|
||||
var result models.NodeAuth
|
||||
var err error
|
||||
// err := errors.New("generic server error")
|
||||
|
||||
if macaddress == "" {
|
||||
if nodeID == "" {
|
||||
//TODO: Set Error response
|
||||
err = errors.New("missing mac address")
|
||||
err = errors.New("missing node ID")
|
||||
return nil, err
|
||||
} else if password == "" {
|
||||
err = errors.New("missing password")
|
||||
|
@ -137,7 +139,7 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
|
|||
if err = json.Unmarshal([]byte(value), &result); err != nil {
|
||||
continue // finish going through nodes
|
||||
}
|
||||
if result.MacAddress == macaddress && result.Network == network {
|
||||
if result.ID == nodeID && result.Network == network {
|
||||
break
|
||||
}
|
||||
}
|
||||
|
@ -150,7 +152,7 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
|
|||
return nil, err
|
||||
} else {
|
||||
//Create a new JWT for the node
|
||||
tokenString, err := logic.CreateJWT(macaddress, result.Network)
|
||||
tokenString, err := logic.CreateJWT(result.ID, macaddress, result.Network)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
@ -25,11 +25,11 @@ func extClientHandlers(r *mux.Router) {
|
|||
r.HandleFunc("/api/extclients/{network}/{clientid}/{type}", securityCheck(false, http.HandlerFunc(getExtClientConf))).Methods("GET")
|
||||
r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(updateExtClient))).Methods("PUT")
|
||||
r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(deleteExtClient))).Methods("DELETE")
|
||||
r.HandleFunc("/api/extclients/{network}/{macaddress}", securityCheck(false, http.HandlerFunc(createExtClient))).Methods("POST")
|
||||
r.HandleFunc("/api/extclients/{network}/{nodeid}", securityCheck(false, http.HandlerFunc(createExtClient))).Methods("POST")
|
||||
}
|
||||
|
||||
func checkIngressExists(network string, macaddress string) bool {
|
||||
node, err := logic.GetNodeByMacAddress(network, macaddress)
|
||||
func checkIngressExists(nodeID string) bool {
|
||||
node, err := logic.GetNodeByID(nodeID)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
@ -122,7 +122,7 @@ func getExtClientConf(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
gwnode, err := logic.GetNodeByMacAddress(client.Network, client.IngressGatewayID)
|
||||
gwnode, err := logic.GetNodeByID(client.IngressGatewayID)
|
||||
if err != nil {
|
||||
logger.Log(1, fmt.Sprintf("%s %s %s", r.Header.Get("user"), "Could not retrieve Ingress Gateway Node", client.IngressGatewayID))
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
|
@ -211,8 +211,8 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
|
|||
var params = mux.Vars(r)
|
||||
|
||||
networkName := params["network"]
|
||||
macaddress := params["macaddress"]
|
||||
ingressExists := checkIngressExists(networkName, macaddress)
|
||||
nodeid := params["nodeid"]
|
||||
ingressExists := checkIngressExists(nodeid)
|
||||
if !ingressExists {
|
||||
returnErrorResponse(w, r, formatError(errors.New("ingress does not exist"), "internal"))
|
||||
return
|
||||
|
@ -220,8 +220,8 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
var extclient models.ExtClient
|
||||
extclient.Network = networkName
|
||||
extclient.IngressGatewayID = macaddress
|
||||
node, err := logic.GetNodeByMacAddress(networkName, macaddress)
|
||||
extclient.IngressGatewayID = nodeid
|
||||
node, err := logic.GetNodeByIDorMacAddress(nodeid, nodeid, networkName)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
|
|
|
@ -19,17 +19,17 @@ func nodeHandlers(r *mux.Router) {
|
|||
|
||||
r.HandleFunc("/api/nodes", authorize(false, "user", http.HandlerFunc(getAllNodes))).Methods("GET")
|
||||
r.HandleFunc("/api/nodes/{network}", authorize(true, "network", http.HandlerFunc(getNetworkNodes))).Methods("GET")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(getNode))).Methods("GET")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(updateNode))).Methods("PUT")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(deleteNode))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/createrelay", authorize(true, "user", http.HandlerFunc(createRelay))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/deleterelay", authorize(true, "user", http.HandlerFunc(deleteRelay))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/creategateway", authorize(true, "user", http.HandlerFunc(createEgressGateway))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/deletegateway", authorize(true, "user", http.HandlerFunc(deleteEgressGateway))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/createingress", securityCheck(false, http.HandlerFunc(createIngressGateway))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/deleteingress", securityCheck(false, http.HandlerFunc(deleteIngressGateway))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{macaddress}/approve", authorize(true, "user", http.HandlerFunc(uncordonNode))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}", createNode).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(getNode))).Methods("GET")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(updateNode))).Methods("PUT")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(deleteNode))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/createrelay", authorize(true, "user", http.HandlerFunc(createRelay))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deleterelay", authorize(true, "user", http.HandlerFunc(deleteRelay))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/creategateway", authorize(true, "user", http.HandlerFunc(createEgressGateway))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deletegateway", authorize(true, "user", http.HandlerFunc(deleteEgressGateway))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/createingress", securityCheck(false, http.HandlerFunc(createIngressGateway))).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deleteingress", securityCheck(false, http.HandlerFunc(deleteIngressGateway))).Methods("DELETE")
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/approve", authorize(true, "user", http.HandlerFunc(uncordonNode))).Methods("POST")
|
||||
// r.HandleFunc("/api/nodes/{network}", createNode).Methods("POST")
|
||||
r.HandleFunc("/api/nodes/adm/{network}/lastmodified", authorize(true, "network", http.HandlerFunc(getLastModified))).Methods("GET")
|
||||
r.HandleFunc("/api/nodes/adm/{network}/authenticate", authenticate).Methods("POST")
|
||||
|
||||
|
@ -78,7 +78,7 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
|
|||
if err := json.Unmarshal([]byte(value), &result); err != nil {
|
||||
continue
|
||||
}
|
||||
if result.MacAddress == authRequest.MacAddress && result.IsPending != "yes" && result.Network == networkname {
|
||||
if (result.ID == authRequest.ID || result.MacAddress == authRequest.MacAddress) && result.IsPending != "yes" && result.Network == networkname {
|
||||
break
|
||||
}
|
||||
}
|
||||
|
@ -97,7 +97,7 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
|
|||
returnErrorResponse(response, request, errorResponse)
|
||||
return
|
||||
} else {
|
||||
tokenString, _ := logic.CreateJWT(authRequest.MacAddress, result.Network)
|
||||
tokenString, _ := logic.CreateJWT(authRequest.ID, authRequest.MacAddress, result.Network)
|
||||
|
||||
if tokenString == "" {
|
||||
errorResponse.Code = http.StatusBadRequest
|
||||
|
@ -177,11 +177,11 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
|
|||
}
|
||||
|
||||
var isAuthorized = false
|
||||
var macaddress = ""
|
||||
var nodeID = ""
|
||||
username, networks, isadmin, errN := logic.VerifyUserToken(authToken)
|
||||
isnetadmin := isadmin
|
||||
if errN == nil && isadmin {
|
||||
macaddress = "mastermac"
|
||||
nodeID = "mastermac"
|
||||
isAuthorized = true
|
||||
r.Header.Set("ismasterkey", "yes")
|
||||
}
|
||||
|
@ -191,7 +191,7 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
|
|||
}
|
||||
}
|
||||
//The mastermac (login with masterkey from config) can do everything!! May be dangerous.
|
||||
if macaddress == "mastermac" {
|
||||
if nodeID == "mastermac" {
|
||||
isAuthorized = true
|
||||
r.Header.Set("ismasterkey", "yes")
|
||||
//for everyone else, there's poor man's RBAC. The "cases" are defined in the routes in the handlers
|
||||
|
@ -201,12 +201,12 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
|
|||
case "all":
|
||||
isAuthorized = true
|
||||
case "nodes":
|
||||
isAuthorized = (macaddress != "") || isnetadmin
|
||||
isAuthorized = (nodeID != "") || isnetadmin
|
||||
case "network":
|
||||
if isnetadmin {
|
||||
isAuthorized = true
|
||||
} else {
|
||||
node, err := logic.GetNodeByMacAddress(params["network"], macaddress)
|
||||
node, err := logic.GetNodeByID(nodeID)
|
||||
if err != nil {
|
||||
errorResponse = models.ErrorResponse{
|
||||
Code: http.StatusUnauthorized, Message: "W1R3: Missing Auth Token.",
|
||||
|
@ -220,7 +220,7 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
|
|||
if isnetadmin {
|
||||
isAuthorized = true
|
||||
} else {
|
||||
isAuthorized = (macaddress == params["macaddress"])
|
||||
isAuthorized = (nodeID == params["netid"])
|
||||
}
|
||||
case "user":
|
||||
isAuthorized = true
|
||||
|
@ -315,12 +315,12 @@ func getNode(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
var params = mux.Vars(r)
|
||||
|
||||
node, err := logic.GetNode(params["macaddress"], params["network"])
|
||||
node, err := logic.GetNodeByID(params["nodeid"])
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(2, r.Header.Get("user"), "fetched node", params["macaddress"])
|
||||
logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"])
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
}
|
||||
|
@ -414,7 +414,7 @@ func createNode(w http.ResponseWriter, r *http.Request) {
|
|||
func uncordonNode(w http.ResponseWriter, r *http.Request) {
|
||||
var params = mux.Vars(r)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
node, err := logic.UncordonNode(params["network"], params["macaddress"])
|
||||
node, err := logic.UncordonNode(params["nodeid"])
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
|
@ -434,7 +434,7 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
gateway.NetID = params["network"]
|
||||
gateway.NodeID = params["macaddress"]
|
||||
gateway.NodeID = params["nodeid"]
|
||||
node, err := logic.CreateEgressGateway(gateway)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
|
@ -448,14 +448,14 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
|
|||
func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
var params = mux.Vars(r)
|
||||
nodeMac := params["macaddress"]
|
||||
nodeid := params["nodeid"]
|
||||
netid := params["network"]
|
||||
node, err := logic.DeleteEgressGateway(netid, nodeMac)
|
||||
node, err := logic.DeleteEgressGateway(netid, nodeid)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeMac, "on network", netid)
|
||||
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeid, "on network", netid)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
}
|
||||
|
@ -465,14 +465,14 @@ func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
|
|||
func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
var params = mux.Vars(r)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
nodeMac := params["macaddress"]
|
||||
nodeid := params["nodeid"]
|
||||
netid := params["network"]
|
||||
node, err := logic.CreateIngressGateway(netid, nodeMac)
|
||||
node, err := logic.CreateIngressGateway(netid, nodeid)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(1, r.Header.Get("user"), "created ingress gateway on node", nodeMac, "on network", netid)
|
||||
logger.Log(1, r.Header.Get("user"), "created ingress gateway on node", nodeid, "on network", netid)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
}
|
||||
|
@ -480,13 +480,13 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
|||
func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
var params = mux.Vars(r)
|
||||
nodeMac := params["macaddress"]
|
||||
node, err := logic.DeleteIngressGateway(params["network"], nodeMac)
|
||||
nodeid := params["nodeid"]
|
||||
node, err := logic.DeleteIngressGateway(params["network"], nodeid)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeMac)
|
||||
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
}
|
||||
|
@ -498,7 +498,7 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
var node models.Node
|
||||
//start here
|
||||
node, err := logic.GetNodeByMacAddress(params["network"], params["macaddress"])
|
||||
node, err := logic.GetNodeByID(params["nodeid"])
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
|
@ -560,17 +560,18 @@ func deleteNode(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
// get params
|
||||
var params = mux.Vars(r)
|
||||
var node, err = logic.GetNode(params["macaddress"], params["network"])
|
||||
var nodeid = params["nodeid"]
|
||||
var node, err = logic.GetNodeByID(nodeid)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
err = logic.DeleteNode(&node, false)
|
||||
err = logic.DeleteNodeByMacAddress(&node, false)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
|
||||
logger.Log(1, r.Header.Get("user"), "Deleted node", params["macaddress"], "from network", params["network"])
|
||||
returnSuccessResponse(w, r, params["macaddress"]+" deleted.")
|
||||
logger.Log(1, r.Header.Get("user"), "Deleted node", nodeid, "from network", params["network"])
|
||||
returnSuccessResponse(w, r, nodeid+" deleted.")
|
||||
}
|
||||
|
|
|
@ -21,15 +21,21 @@ type NodeServiceServer struct {
|
|||
// NodeServiceServer.ReadNode - reads node and responds with gRPC
|
||||
func (s *NodeServiceServer) ReadNode(ctx context.Context, req *nodepb.Object) (*nodepb.Object, error) {
|
||||
// convert string id (from proto) to mongoDB ObjectId
|
||||
macAndNetwork := strings.Split(req.Data, "###")
|
||||
|
||||
if len(macAndNetwork) != 2 {
|
||||
return nil, errors.New("could not read node, invalid node id given")
|
||||
var err error
|
||||
var node models.Node
|
||||
var macAndNetwork = make([]string, 2)
|
||||
if strings.Contains(req.Data, "###") {
|
||||
macAndNetwork = strings.Split(req.Data, "###")
|
||||
if len(macAndNetwork) != 2 {
|
||||
return nil, errors.New("could not read node, invalid node id given")
|
||||
}
|
||||
}
|
||||
node, err := logic.GetNode(macAndNetwork[0], macAndNetwork[1])
|
||||
|
||||
node, err = logic.GetNodeByIDorMacAddress(req.Data, macAndNetwork[0], macAndNetwork[1])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
node.NetworkSettings, err = logic.GetNetworkSettings(node.Network)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -101,10 +107,8 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.Object)
|
|||
if err := json.Unmarshal([]byte(req.GetData()), &newnode); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
macaddress := newnode.MacAddress
|
||||
networkName := newnode.Network
|
||||
|
||||
node, err := logic.GetNodeByMacAddress(networkName, macaddress)
|
||||
node, err := logic.GetNodeByIDorMacAddress(newnode.ID, newnode.MacAddress, newnode.Network)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -140,7 +144,7 @@ func (s *NodeServiceServer) DeleteNode(ctx context.Context, req *nodepb.Object)
|
|||
return nil, errors.New("node not found")
|
||||
}
|
||||
var node, err = logic.GetNode(nodeInfo[0], nodeInfo[1])
|
||||
err = logic.DeleteNode(&node, true)
|
||||
err = logic.DeleteNodeByMacAddress(&node, true)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
@ -105,18 +105,13 @@ func TestUncordonNode(t *testing.T) {
|
|||
deleteAllNetworks()
|
||||
createNet()
|
||||
node := createTestNode()
|
||||
t.Run("BadNet", func(t *testing.T) {
|
||||
resp, err := logic.UncordonNode("badnet", node.MacAddress)
|
||||
assert.Equal(t, models.Node{}, resp)
|
||||
assert.EqualError(t, err, "no result found")
|
||||
})
|
||||
t.Run("BadMac", func(t *testing.T) {
|
||||
resp, err := logic.UncordonNode("skynet", "01:02:03")
|
||||
t.Run("BadID", func(t *testing.T) {
|
||||
resp, err := logic.UncordonNode("blahblah")
|
||||
assert.Equal(t, models.Node{}, resp)
|
||||
assert.EqualError(t, err, "no result found")
|
||||
})
|
||||
t.Run("Success", func(t *testing.T) {
|
||||
resp, err := logic.UncordonNode("skynet", node.MacAddress)
|
||||
resp, err := logic.UncordonNode(node.ID)
|
||||
assert.Nil(t, err)
|
||||
assert.Equal(t, "no", resp.IsPending)
|
||||
})
|
||||
|
@ -147,7 +142,7 @@ func TestValidateEgressGateway(t *testing.T) {
|
|||
func deleteAllNodes() {
|
||||
nodes, _ := logic.GetAllNodes()
|
||||
for _, node := range nodes {
|
||||
logic.DeleteNode(&node, true)
|
||||
logic.DeleteNodeByMacAddress(&node, true)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ func createRelay(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
relay.NetID = params["network"]
|
||||
relay.NodeID = params["macaddress"]
|
||||
relay.NodeID = params["nodeid"]
|
||||
node, err := logic.CreateRelay(relay)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
|
@ -34,14 +34,14 @@ func createRelay(w http.ResponseWriter, r *http.Request) {
|
|||
func deleteRelay(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
var params = mux.Vars(r)
|
||||
nodeMac := params["macaddress"]
|
||||
nodeid := params["nodeid"]
|
||||
netid := params["network"]
|
||||
node, err := logic.DeleteRelay(netid, nodeMac)
|
||||
node, err := logic.DeleteRelay(netid, nodeid)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeMac, "on network", netid)
|
||||
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeid, "on network", netid)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
}
|
||||
|
|
|
@ -13,7 +13,7 @@ import (
|
|||
|
||||
// CreateEgressGateway - creates an egress gateway
|
||||
func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, error) {
|
||||
node, err := GetNodeByMacAddress(gateway.NetID, gateway.NodeID)
|
||||
node, err := GetNodeByID(gateway.NodeID)
|
||||
if node.OS == "windows" || node.OS == "macos" { // add in darwin later
|
||||
return models.Node{}, errors.New(node.OS + " is unsupported for egress gateways")
|
||||
}
|
||||
|
@ -80,9 +80,9 @@ func ValidateEgressGateway(gateway models.EgressGatewayRequest) error {
|
|||
}
|
||||
|
||||
// DeleteEgressGateway - deletes egress from node
|
||||
func DeleteEgressGateway(network, macaddress string) (models.Node, error) {
|
||||
func DeleteEgressGateway(network, nodeid string) (models.Node, error) {
|
||||
|
||||
node, err := GetNodeByMacAddress(network, macaddress)
|
||||
node, err := GetNodeByID(nodeid)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
@ -115,10 +115,10 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) {
|
|||
}
|
||||
|
||||
// CreateIngressGateway - creates an ingress gateway
|
||||
func CreateIngressGateway(netid string, macaddress string) (models.Node, error) {
|
||||
func CreateIngressGateway(netid string, nodeid string) (models.Node, error) {
|
||||
|
||||
node, err := GetNodeByMacAddress(netid, macaddress)
|
||||
if node.OS == "windows" || node.OS == "macos" { // add in darwin later
|
||||
node, err := GetNodeByID(nodeid)
|
||||
if node.OS == "windows" || node.OS == "darwin" { // add in darwin later
|
||||
return models.Node{}, errors.New(node.OS + " is unsupported for ingress gateways")
|
||||
}
|
||||
|
||||
|
|
|
@ -12,11 +12,12 @@ import (
|
|||
var jwtSecretKey = []byte("(BytesOverTheWire)")
|
||||
|
||||
// CreateJWT func will used to create the JWT while signing in and signing out
|
||||
func CreateJWT(macaddress string, network string) (response string, err error) {
|
||||
func CreateJWT(uuid string, macAddress string, network string) (response string, err error) {
|
||||
expirationTime := time.Now().Add(5 * time.Minute)
|
||||
claims := &models.Claims{
|
||||
MacAddress: macaddress,
|
||||
ID: uuid,
|
||||
Network: network,
|
||||
MacAddress: macAddress,
|
||||
StandardClaims: jwt.StandardClaims{
|
||||
ExpiresAt: expirationTime.Unix(),
|
||||
},
|
||||
|
@ -73,13 +74,13 @@ func VerifyUserToken(tokenString string) (username string, networks []string, is
|
|||
}
|
||||
|
||||
// VerifyToken - gRPC [nodes] Only
|
||||
func VerifyToken(tokenString string) (macaddress string, network string, err error) {
|
||||
func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) {
|
||||
claims := &models.Claims{}
|
||||
|
||||
//this may be a stupid way of serving up a master key
|
||||
//TODO: look into a different method. Encryption?
|
||||
if tokenString == servercfg.GetMasterKey() {
|
||||
return "mastermac", "", nil
|
||||
return "mastermac", "", "", nil
|
||||
}
|
||||
|
||||
token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
|
||||
|
@ -87,7 +88,7 @@ func VerifyToken(tokenString string) (macaddress string, network string, err err
|
|||
})
|
||||
|
||||
if token != nil {
|
||||
return claims.MacAddress, claims.Network, nil
|
||||
return claims.ID, claims.MacAddress, claims.Network, nil
|
||||
}
|
||||
return "", "", err
|
||||
return "", "", "", err
|
||||
}
|
||||
|
|
|
@ -64,8 +64,8 @@ func GetSortedNetworkServerNodes(network string) ([]models.Node, error) {
|
|||
}
|
||||
|
||||
// UncordonNode - approves a node to join a network
|
||||
func UncordonNode(network, macaddress string) (models.Node, error) {
|
||||
node, err := GetNodeByMacAddress(network, macaddress)
|
||||
func UncordonNode(nodeid string) (models.Node, error) {
|
||||
node, err := GetNodeByID(nodeid)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
@ -296,6 +296,7 @@ func SetNodeDefaults(node *models.Node) {
|
|||
}
|
||||
|
||||
// GetRecordKey - get record key
|
||||
// depricated
|
||||
func GetRecordKey(id string, network string) (string, error) {
|
||||
if id == "" || network == "" {
|
||||
return "", errors.New("unable to get record key")
|
||||
|
@ -379,6 +380,28 @@ func GetNodeRelay(network string, relayedNodeAddr string) (models.Node, error) {
|
|||
return relay, errors.New("could not find relay for node " + relayedNodeAddr)
|
||||
}
|
||||
|
||||
// GetNodeByIDorMacAddress - gets the node, if a mac address exists, but not id, then it should delete it and recreate in DB with new ID
|
||||
func GetNodeByIDorMacAddress(uuid string, macaddress string, network string) (models.Node, error) {
|
||||
var node models.Node
|
||||
var err error
|
||||
node, err = GetNodeByID(uuid)
|
||||
if err != nil && macaddress != "" && network != "" {
|
||||
node, err = GetNodeByMacAddress(network, macaddress)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
err = DeleteNodeByMacAddress(&node, true) // remove node
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
err = CreateNode(&node)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
}
|
||||
return node, err
|
||||
}
|
||||
|
||||
// GetNodeByID - get node by uuid, should have been set by create
|
||||
func GetNodeByID(uuid string) (models.Node, error) {
|
||||
var record, err = database.FetchRecord(database.NODES_TABLE_NAME, uuid)
|
||||
|
@ -391,3 +414,22 @@ func GetNodeByID(uuid string) (models.Node, error) {
|
|||
}
|
||||
return node, nil
|
||||
}
|
||||
|
||||
// GetDeletedNodeByID - get a deleted node
|
||||
func GetDeletedNodeByID(uuid string) (models.Node, error) {
|
||||
|
||||
var node models.Node
|
||||
|
||||
record, err := database.FetchRecord(database.DELETED_NODES_TABLE_NAME, uuid)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
||||
if err = json.Unmarshal([]byte(record), &node); err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
||||
SetNodeDefaults(&node)
|
||||
|
||||
return node, nil
|
||||
}
|
||||
|
|
|
@ -12,7 +12,7 @@ import (
|
|||
|
||||
// CreateRelay - creates a relay
|
||||
func CreateRelay(relay models.RelayRequest) (models.Node, error) {
|
||||
node, err := GetNodeByMacAddress(relay.NetID, relay.NodeID)
|
||||
node, err := GetNodeByID(relay.NodeID)
|
||||
if node.OS == "macos" { // add in darwin later
|
||||
return models.Node{}, errors.New(node.OS + " is unsupported for relay")
|
||||
}
|
||||
|
@ -106,9 +106,9 @@ func UpdateRelay(network string, oldAddrs []string, newAddrs []string) {
|
|||
}
|
||||
|
||||
// DeleteRelay - deletes a relay
|
||||
func DeleteRelay(network, macaddress string) (models.Node, error) {
|
||||
func DeleteRelay(network, nodeid string) (models.Node, error) {
|
||||
|
||||
node, err := GetNodeByMacAddress(network, macaddress)
|
||||
node, err := GetNodeByID(nodeid)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
@ -121,15 +121,12 @@ func DeleteRelay(network, macaddress string) (models.Node, error) {
|
|||
node.RelayAddrs = []string{}
|
||||
node.SetLastModified()
|
||||
node.PullChanges = "yes"
|
||||
key, err := GetRecordKey(node.MacAddress, node.Network)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
|
||||
data, err := json.Marshal(&node)
|
||||
if err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
if err = database.Insert(key, string(data), database.NODES_TABLE_NAME); err != nil {
|
||||
if err = database.Insert(nodeid, string(data), database.NODES_TABLE_NAME); err != nil {
|
||||
return models.Node{}, err
|
||||
}
|
||||
if err = NetworkNodesUpdatePullChanges(network); err != nil {
|
||||
|
|
|
@ -214,7 +214,7 @@ func ServerLeave(mac string, network string) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return DeleteNode(&serverNode, true)
|
||||
return DeleteNodeByMacAddress(&serverNode, true)
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -42,8 +42,8 @@ func SetNetworkServerPeers(node *models.Node) {
|
|||
}
|
||||
}
|
||||
|
||||
// DeleteNode - deletes a node from database or moves into delete nodes table
|
||||
func DeleteNode(node *models.Node, exterminate bool) error {
|
||||
// DeleteNodeByMacAddress - deletes a node from database or moves into delete nodes table
|
||||
func DeleteNodeByMacAddress(node *models.Node, exterminate bool) error {
|
||||
var err error
|
||||
var key = node.ID
|
||||
if !exterminate {
|
||||
|
@ -104,8 +104,10 @@ func CreateNode(node *models.Node) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
node.ID = uuid.NewString()
|
||||
|
||||
//Create a JWT for the node
|
||||
tokenString, _ := CreateJWT(node.MacAddress, node.Network)
|
||||
tokenString, _ := CreateJWT(node.ID, node.MacAddress, node.Network)
|
||||
if tokenString == "" {
|
||||
//returnErrorResponse(w, r, errorResponse)
|
||||
return err
|
||||
|
@ -115,8 +117,6 @@ func CreateNode(node *models.Node) error {
|
|||
return err
|
||||
}
|
||||
|
||||
node.ID = uuid.NewString()
|
||||
|
||||
nodebytes, err := json.Marshal(&node)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -180,6 +180,34 @@ func GetNode(macaddress string, network string) (models.Node, error) {
|
|||
return node, err
|
||||
}
|
||||
|
||||
// DeleteNodeByID - deletes a node from database or moves into delete nodes table
|
||||
func DeleteNodeByID(node *models.Node, exterminate bool) error {
|
||||
var err error
|
||||
var key = node.ID
|
||||
if !exterminate {
|
||||
node.Action = models.NODE_DELETE
|
||||
nodedata, err := json.Marshal(&node)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = database.Insert(key, string(nodedata), database.DELETED_NODES_TABLE_NAME)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
} else {
|
||||
if err := database.DeleteRecord(database.DELETED_NODES_TABLE_NAME, key); err != nil {
|
||||
logger.Log(2, err.Error())
|
||||
}
|
||||
}
|
||||
if err = database.DeleteRecord(database.NODES_TABLE_NAME, key); err != nil {
|
||||
return err
|
||||
}
|
||||
if servercfg.IsDNSMode() {
|
||||
SetDNS()
|
||||
}
|
||||
return removeLocalServer(node)
|
||||
}
|
||||
|
||||
// GetNodePeers - fetches peers for a given node
|
||||
func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error) {
|
||||
var peers []models.Node
|
||||
|
|
|
@ -8,6 +8,7 @@ const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
|
|||
// AuthParams - struct for auth params
|
||||
type AuthParams struct {
|
||||
MacAddress string `json:"macaddress"`
|
||||
ID string `json:"id"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
|
||||
|
@ -49,8 +50,9 @@ type SuccessfulUserLoginResponse struct {
|
|||
// Claims is a struct that will be encoded to a JWT.
|
||||
// jwt.StandardClaims is an embedded type to provide expiry time
|
||||
type Claims struct {
|
||||
Network string
|
||||
ID string
|
||||
MacAddress string
|
||||
Network string
|
||||
jwt.StandardClaims
|
||||
}
|
||||
|
||||
|
@ -70,7 +72,8 @@ type ErrorResponse struct {
|
|||
type NodeAuth struct {
|
||||
Network string
|
||||
Password string
|
||||
MacAddress string
|
||||
MacAddress string // Depricated
|
||||
ID string
|
||||
}
|
||||
|
||||
// SuccessResponse is struct for sending error message with code.
|
||||
|
|
Loading…
Reference in a new issue