NET-822: Add extra data for RAC gws resp (#2732)

* add extclient allowed ips to rac resp * add gw peer public key * fix static check
2026-01-07 03:14:03 +08:00 · 2023-12-13 17:30:43 +04:00 · 2023-12-13 17:30:43 +04:00 · 9f1b722c19
commit 9f1b722c19
parent 8aa185d880
4 changed files with 37 additions and 1 deletions
--- a/logic/extpeers.go
+++ b/logic/extpeers.go
@ -438,3 +438,35 @@ func getExtpeersExtraRoutes(network string) (egressRoutes []models.EgressNetwork
 	}
 	return
 }
+
+func GetExtclientAllowedIPs(client models.ExtClient) (allowedIPs []string) {
+	gwnode, err := GetNodeByID(client.IngressGatewayID)
+	if err != nil {
+		logger.Log(0,
+			fmt.Sprintf("failed to get ingress gateway node [%s] info: %v", client.IngressGatewayID, err))
+		return
+	}
+
+	network, err := GetParentNetwork(client.Network)
+	if err != nil {
+		logger.Log(1, "Could not retrieve Ingress Gateway Network", client.Network)
+		return
+	}
+	if IsInternetGw(gwnode) {
+		egressrange := "0.0.0.0/0"
+		if gwnode.Address6.IP != nil && client.Address6 != "" {
+			egressrange += "," + "::/0"
+		}
+		allowedIPs = []string{egressrange}
+	} else {
+		allowedIPs = []string{network.AddressRange}
+
+		if network.AddressRange6 != "" {
+			allowedIPs = append(allowedIPs, network.AddressRange6)
+		}
+		if egressGatewayRanges, err := GetEgressRangesOnNetwork(&client); err == nil {
+			allowedIPs = append(allowedIPs, egressGatewayRanges...)
+		}
+	}
+	return
+}
--- a/models/extclient.go
+++ b/models/extclient.go
@ -10,6 +10,7 @@ type ExtClient struct {
 	Address                string              `json:"address" bson:"address"`
 	Address6               string              `json:"address6" bson:"address6"`
 	ExtraAllowedIPs        []string            `json:"extraallowedips" bson:"extraallowedips"`
+	AllowedIPs             []string            `json:"allowed_ips"`
 	IngressGatewayID       string              `json:"ingressgatewayid" bson:"ingressgatewayid"`
 	IngressGatewayEndpoint string              `json:"ingressgatewayendpoint" bson:"ingressgatewayendpoint"`
 	LastModified           int64               `json:"lastmodified" bson:"lastmodified"`
--- a/models/structs.go
+++ b/models/structs.go
@ -70,6 +70,7 @@ type UserRemoteGws struct {
 	Connected         bool      `json:"connected"`
 	IsInternetGateway bool      `json:"is_internet_gateway"`
 	GwClient          ExtClient `json:"gw_client"`
+	GwPeerPublicKey   string    `json:"gw_peer_public_key"`
 }

 // UserRemoteGwsReq - struct to hold user remote acccess gws req
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@ -195,7 +195,7 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {

 			if _, ok := user.RemoteGwIDs[node.ID.String()]; ok {
 				gws := userGws[node.Network]
-
+				extClient.AllowedIPs = logic.GetExtclientAllowedIPs(extClient)
 				gws = append(gws, models.UserRemoteGws{
 					GwID:              node.ID.String(),
 					GWName:            host.Name,
@ -203,6 +203,7 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
 					GwClient:          extClient,
 					Connected:         true,
 					IsInternetGateway: node.IsInternetGateway,
+					GwPeerPublicKey:   host.PublicKey.String(),
 				})
 				userGws[node.Network] = gws
 				delete(user.RemoteGwIDs, node.ID.String())
@ -235,6 +236,7 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
 			GWName:            host.Name,
 			Network:           node.Network,
 			IsInternetGateway: node.IsInternetGateway,
+			GwPeerPublicKey:   host.PublicKey.String(),
 		})
 		userGws[node.Network] = gws
 	}