gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-06 13:14:24 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #3395 from gravitl/master

Browse source 
Master
This commit is contained in:
Abhishek K 2025-03-25 16:21:18 +04:00 committed by GitHub
commit d10a623915
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
logic/acls.go
View file

@ -675,6 +675,12 @@ func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
} else {
peerTags = peer.Tags
}
if nodeTags == nil {
nodeTags = make(map[models.TagID]struct{})
}
if peerTags == nil {
peerTags = make(map[models.TagID]struct{})
}
nodeTags[models.TagID(nodeId)] = struct{}{}
peerTags[models.TagID(peerId)] = struct{}{}
if checkDefaultPolicy {
@ -920,6 +926,12 @@ func IsNodeAllowedToCommunicateV1(node, peer models.Node, checkDefaultPolicy boo
} else {
peerTags = peer.Tags
}
if nodeTags == nil {
nodeTags = make(map[models.TagID]struct{})
}
if peerTags == nil {
peerTags = make(map[models.TagID]struct{})
}
nodeTags[models.TagID(nodeId)] = struct{}{}
peerTags[models.TagID(peerId)] = struct{}{}
if checkDefaultPolicy {
@ -1073,6 +1085,12 @@ func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool)
} else {
peerTags = peer.Tags
}
if nodeTags == nil {
nodeTags = make(map[models.TagID]struct{})
}
if peerTags == nil {
peerTags = make(map[models.TagID]struct{})
}
nodeTags[models.TagID(nodeId)] = struct{}{}
peerTags[models.TagID(peerId)] = struct{}{}
if checkDefaultPolicy {
@ -1403,6 +1421,9 @@ func getUserAclRulesForNode(targetnode *models.Node,
} else {
targetNodeTags = maps.Clone(targetnode.Tags)
}
if targetNodeTags == nil {
targetNodeTags = make(map[models.TagID]struct{})
}
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
for _, acl := range acls {
if !acl.Enabled {
@ -1488,6 +1509,9 @@ func checkIfAnyPolicyisUniDirectional(targetNode models.Node) bool {
} else {
targetNodeTags = maps.Clone(targetNode.Tags)
}
if targetNodeTags == nil {
targetNodeTags = make(map[models.TagID]struct{})
}
targetNodeTags[models.TagID(targetNode.ID.String())] = struct{}{}
targetNodeTags["*"] = struct{}{}
acls, _ := ListAclsByNetwork(models.NetworkID(targetNode.Network))
@ -1548,6 +1572,9 @@ func GetAclRulesForNode(targetnodeI *models.Node) (rules map[string]models.AclRu
} else {
targetNodeTags = maps.Clone(targetnode.Tags)
}
if targetNodeTags == nil {
targetNodeTags = make(map[models.TagID]struct{})
}
targetNodeTags[models.TagID(targetnode.ID.String())] = struct{}{}
targetNodeTags["*"] = struct{}{}
for _, acl := range acls {