mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-25 05:27:23 +08:00
719e0c254d
* add superadmin role, apis to create superadmin user * apis to attach and remove user from remote access gateways * add api to list user's remote client has gateway clients * remove code related user groups * remove networks and groups from user model * refactor user CRUD operations * fix network permission test * add superadmin to authorize func * remove user network and groups from cli * api to transfer superadmin role * add api to list users on a ingress gw * restrict user access to resources on server * deny request from remote access client if extclient is already created * fix user tests * fix static checks * fix static checks * add limits to extclient create handler * set username to superadmin on if masterkey is used * allow creation of extclients using masterkey * add migration func to assign superadmin role for existing admin user * check for superadmin on migration if users are present * allowe masterkey to extcleint apis * check ownerid * format error, on jwt token verification failure return unauthorized rather than forbidden * user update fix * move user remote functionality to ee * fix update user api * security patch * initalise ee user handlers * allow user to use master key to update any user * use slog * fix auth user test * table headers * remove user role, it's covered in middleware * setuser defaults fix
89 lines
3.3 KiB
Go
89 lines
3.3 KiB
Go
//go:build ee
|
|
// +build ee
|
|
|
|
package pro
|
|
|
|
import (
|
|
controller "github.com/gravitl/netmaker/controllers"
|
|
"github.com/gravitl/netmaker/logic"
|
|
"github.com/gravitl/netmaker/models"
|
|
"github.com/gravitl/netmaker/mq"
|
|
proControllers "github.com/gravitl/netmaker/pro/controllers"
|
|
proLogic "github.com/gravitl/netmaker/pro/logic"
|
|
"github.com/gravitl/netmaker/servercfg"
|
|
"golang.org/x/exp/slog"
|
|
)
|
|
|
|
// InitPro - Initialize Pro Logic
|
|
func InitPro() {
|
|
servercfg.IsPro = true
|
|
models.SetLogo(retrieveProLogo())
|
|
controller.HttpMiddlewares = append(
|
|
controller.HttpMiddlewares,
|
|
proControllers.OnlyServerAPIWhenUnlicensedMiddleware,
|
|
)
|
|
controller.HttpHandlers = append(
|
|
controller.HttpHandlers,
|
|
proControllers.MetricHandlers,
|
|
proControllers.RelayHandlers,
|
|
proControllers.UserHandlers,
|
|
)
|
|
logic.EnterpriseCheckFuncs = append(logic.EnterpriseCheckFuncs, func() {
|
|
// == License Handling ==
|
|
if err := ValidateLicense(); err != nil {
|
|
slog.Error(err.Error())
|
|
return
|
|
}
|
|
slog.Info("proceeding with Paid Tier license")
|
|
logic.SetFreeTierForTelemetry(false)
|
|
// == End License Handling ==
|
|
AddLicenseHooks()
|
|
resetFailover()
|
|
})
|
|
logic.EnterpriseFailoverFunc = proLogic.SetFailover
|
|
logic.EnterpriseResetFailoverFunc = proLogic.ResetFailover
|
|
logic.EnterpriseResetAllPeersFailovers = proLogic.WipeAffectedFailoversOnly
|
|
logic.DenyClientNodeAccess = proLogic.DenyClientNode
|
|
logic.IsClientNodeAllowed = proLogic.IsClientNodeAllowed
|
|
logic.AllowClientNodeAccess = proLogic.RemoveDeniedNodeFromClient
|
|
logic.SetClientDefaultACLs = proLogic.SetClientDefaultACLs
|
|
logic.SetClientACLs = proLogic.SetClientACLs
|
|
logic.UpdateProNodeACLs = proLogic.UpdateProNodeACLs
|
|
logic.GetMetrics = proLogic.GetMetrics
|
|
logic.UpdateMetrics = proLogic.UpdateMetrics
|
|
logic.DeleteMetrics = proLogic.DeleteMetrics
|
|
logic.GetAllowedIpsForRelayed = proLogic.GetAllowedIpsForRelayed
|
|
logic.RelayedAllowedIPs = proLogic.RelayedAllowedIPs
|
|
logic.UpdateRelayed = proLogic.UpdateRelayed
|
|
logic.SetRelayedNodes = proLogic.SetRelayedNodes
|
|
logic.RelayUpdates = proLogic.RelayUpdates
|
|
mq.UpdateMetrics = proLogic.MQUpdateMetrics
|
|
}
|
|
|
|
func resetFailover() {
|
|
nets, err := logic.GetNetworks()
|
|
if err == nil {
|
|
for _, net := range nets {
|
|
err = proLogic.ResetFailover(net.NetID)
|
|
if err != nil {
|
|
slog.Error("failed to reset failover", "network", net.NetID, "error", err.Error())
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func retrieveProLogo() string {
|
|
return `
|
|
__ __ ______ ______ __ __ ______ __ __ ______ ______
|
|
/\ "-.\ \ /\ ___\ /\__ _\ /\ "-./ \ /\ __ \ /\ \/ / /\ ___\ /\ == \
|
|
\ \ \-. \ \ \ __\ \/_/\ \/ \ \ \-./\ \ \ \ __ \ \ \ _"-. \ \ __\ \ \ __<
|
|
\ \_\\"\_\ \ \_____\ \ \_\ \ \_\ \ \_\ \ \_\ \_\ \ \_\ \_\ \ \_____\ \ \_\ \_\
|
|
\/_/ \/_/ \/_____/ \/_/ \/_/ \/_/ \/_/\/_/ \/_/\/_/ \/_____/ \/_/ /_/
|
|
|
|
___ ___ ____
|
|
____ ____ ____ / _ \ / _ \ / __ \ ____ ____ ____
|
|
/___/ /___/ /___/ / ___/ / , _// /_/ / /___/ /___/ /___/
|
|
/___/ /___/ /___/ /_/ /_/|_| \____/ /___/ /___/ /___/
|
|
|
|
`
|
|
}
|