gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-08 06:04:20 +08:00
Code Issues Projects Releases Packages Wiki Activity

remove debug log, fix concurrent map write issue

Browse source
This commit is contained in:
abhishek9686 2025-02-13 22:53:05 +04:00
parent 7b04861476
commit bee1f4dda4
2 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
logic/acls.go
View file

@ -4,6 +4,7 @@ import (
"encoding/json"
"errors"
"fmt"
"maps"
"sort"
"sync"
"time"
@ -568,6 +569,8 @@ func IsUserAllowedToCommunicate(userName string, peer models.Node) (bool, []mode
// IsPeerAllowed - checks if peer needs to be added to the interface
func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
peerTags := maps.Clone(peer.Tags)
nodeTags := maps.Clone(node.Tags)
if node.IsStatic {
node = node.StaticNode.ConvertToStaticNode()
}
@ -597,12 +600,12 @@ func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
}
srcMap = convAclTagToValueMap(policy.Src)
dstMap = convAclTagToValueMap(policy.Dst)
for tagID := range node.Tags {
for tagID := range nodeTags {
if _, ok := dstMap[tagID.String()]; ok {
if _, ok := srcMap["*"]; ok {
return true
}
for tagID := range peer.Tags {
for tagID := range peerTags {
if _, ok := srcMap[tagID.String()]; ok {
return true
}
@ -612,19 +615,20 @@ func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
if _, ok := dstMap["*"]; ok {
return true
}
for tagID := range peer.Tags {
for tagID := range peerTags {
if _, ok := dstMap[tagID.String()]; ok {
return true
}
}
}
}
for tagID := range peer.Tags {
for tagID := range peerTags {
if _, ok := dstMap[tagID.String()]; ok {
if _, ok := srcMap["*"]; ok {
return true
}
for tagID := range node.Tags {
for tagID := range nodeTags {
if _, ok := srcMap[tagID.String()]; ok {
return true
@ -635,7 +639,7 @@ func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
if _, ok := dstMap["*"]; ok {
return true
}
for tagID := range node.Tags {
for tagID := range nodeTags {
if _, ok := dstMap[tagID.String()]; ok {
return true
}

3
logic/extpeers.go
View file

@ -456,9 +456,6 @@ func GetStaticNodeIps(node models.Node) (ips []net.IP) {
func GetFwRulesOnIngressGateway(node models.Node) (rules []models.FwRule) {
// fetch user access to static clients via policies
defer func() {
logger.Log(0, fmt.Sprintf("node.ID: %s, Rules: %+v\n", node.ID, rules))
}()
defaultUserPolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.UserPolicy)
defaultDevicePolicy, _ := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)