* generalise smtp config
* copy over smtp vars
* env new line
* fix master key api access
* comment user tests
* fix network and user invite for master key access
* remove email sender type
* user mgmt commands
* check user role on CE
* user role nmtcl cmds
* user groups commands
* fix role and groups command
* fix user create cmd
* add usage info
* rm user role check
* fix user update cmd
* fix static check
* Move PKA field from models node to host level
* Move PKA field from api models node to host level
* Adapt logic package to node->host PKA
* Adapt migration-related code to node->host PKA
* Adapt cli code to node->host PKA
* Change host PKA default to 20s
* On IfaceDelta, check for PKA on host
* On handleHostRegister, set default PKA
* Use a default PKA
* Use int64 for api host pka
* Reorder imports
* Don't use host pka in iface delta
* Fix ConvertAPIHostToNMHost
* Add swagger doc for host PKA field
* Fix swagger.yml
* Set default PKA only for new hosts
* Remove TODO comment
* Remove redundant check
* Have api-host pka be specified in seconds
* add superadmin role, apis to create superadmin user
* apis to attach and remove user from remote access gateways
* add api to list user's remote client has gateway clients
* remove code related user groups
* remove networks and groups from user model
* refactor user CRUD operations
* fix network permission test
* add superadmin to authorize func
* remove user network and groups from cli
* api to transfer superadmin role
* add api to list users on a ingress gw
* restrict user access to resources on server
* deny request from remote access client if extclient is already created
* fix user tests
* fix static checks
* fix static checks
* add limits to extclient create handler
* set username to superadmin on if masterkey is used
* allow creation of extclients using masterkey
* add migration func to assign superadmin role for existing admin user
* check for superadmin on migration if users are present
* allowe masterkey to extcleint apis
* check ownerid
* format error, on jwt token verification failure return unauthorized rather than forbidden
* user update fix
* move user remote functionality to ee
* fix update user api
* security patch
* initalise ee user handlers
* allow user to use master key to update any user
* use slog
* fix auth user test
* table headers
* remove user role, it's covered in middleware
* setuser defaults fix
* Move ee code to ee package and unify ee status to IsPro
* Consolidate naming for paid/professional/enterprise version as "pro". Notes:
- Changes image tags
- Changes build tags
- Changes package names
- Doesn't change links to docs that mention "ee"
- Doesn't change parameters sent to PostHog that mention "ee"
* Revert docker image tag being -pro, back to -ee
* Revert go build tag being pro, back to ee
* Add build tags for some ee content
* [2] Revert go build tag being pro, back to ee
* Fix test workflow
* Add a json tag to be backwards compatible with frontend "IsEE" check
* Add a json tag for the serverconfig struct for IsEE
* Ammend json tag to Is_EE
* fix ee tags
---------
Co-authored-by: Abhishek Kondur <abhi281342@gmail.com>
* remove related fields and code
* remover metrics collection from server code
* fw update struct
* add ext client flag to metrics data
* simply nat types
* rm proxy update from cli
* return 401 instead of 403
* fixed http.StatusForbidden
* Tagged build version (temp)
* Unauthorized_Err when applicable
* untagged version
* fixed PUT /api/users/networks/user1
* - expired token redirs to login
- added `/api/enrollment_keys` for non-admins
- unit test for enrollment keys for non-admins
* handle user perms in `/hosts`
* removed debug
* misc
* - support masteradmin
- return hosts with partial access
* added `ismaster` to middleware
* model changes
* additional fields for extclient create
* add DNS to extclient config
* extclient name checks
* update extclient
* nmctl extclient
* final tweaks
* review comments
* add extclientdns to node on ingress creation
* fix to add ingress dns to api (#2296)
---------
Co-authored-by: Aceix <aceixsmartX@gmail.com>
