resolve merge conflicts

controllers/tags.go

@@ -216,6 +216,11 @@ func deleteTag(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 		return
 	}
+	// check if active policy is using the tag
+	if logic.CheckIfTagAsActivePolicy(tag.ID, tag.Network) {
+		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("tag is currently in use by an active policy"), "badrequest"))
+		return
+	}
 	err = logic.DeleteTag(models.TagID(tagID), true)
 	if err != nil {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))

logic/acls.go

@@ -301,6 +301,9 @@ func UpdateAcl(newAcl, acl models.Acl) error {
 		acl.Name = newAcl.Name
 		acl.Src = newAcl.Src
 		acl.Dst = newAcl.Dst
+		acl.AllowedDirection = newAcl.AllowedDirection
+		acl.Port = newAcl.Port
+		acl.Proto = newAcl.Proto
 	}
 	acl.Enabled = newAcl.Enabled
 	d, err := json.Marshal(acl)
@@ -625,6 +628,25 @@ func UpdateDeviceTag(OldID, newID models.TagID, netID models.NetworkID) {
 	}
 }
 
+func CheckIfTagAsActivePolicy(tagID models.TagID, netID models.NetworkID) bool {
+	acls := listDevicePolicies(netID)
+	for _, acl := range acls {
+		for _, srcTagI := range acl.Src {
+			if srcTagI.ID == models.DeviceAclID {
+				if tagID.String() == srcTagI.Value {
+					return true
+				}
+			}
+		}
+		for _, dstTagI := range acl.Dst {
+			if dstTagI.ID == models.DeviceAclID {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 // RemoveDeviceTagFromAclPolicies - remove device tag from acl policies
 func RemoveDeviceTagFromAclPolicies(tagID models.TagID, netID models.NetworkID) error {
 	acls := listDevicePolicies(netID)
@@ -793,5 +815,5 @@ func GetAclRulesForNode(node *models.Node) (rules map[string]models.AclRule) {
 			}
 		}
 	}
-	return
+	return rules
 }

logic/acls/nodeacls/modify.go

@@ -25,6 +25,9 @@ func CreateNodeACL(networkID NetworkID, nodeID NodeID, defaultVal byte) (acls.AC
 	acls.AclMutex.Lock()
 	var newNodeACL = make(acls.ACL)
 	for existingNodeID := range currentNetworkACL {
+		if currentNetworkACL[existingNodeID] == nil {
+			currentNetworkACL[existingNodeID] = make(acls.ACL)
+		}
 		currentNetworkACL[existingNodeID][acls.AclID(nodeID)] = defaultVal // set the old nodes to default value for new node
 		newNodeACL[existingNodeID] = defaultVal                            // set the old nodes in new node ACL to default value
 	}

logic/extpeers.go

@@ -2,6 +2,7 @@ package logic
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"net"
 	"reflect"
@@ -9,6 +10,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/goombaio/namegenerator"
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic/acls"
@@ -281,13 +283,41 @@ func CreateExtClient(extclient *models.ExtClient) error {
 	}
 
 	if extclient.ClientID == "" {
-		extclient.ClientID = models.GenerateNodeName()
+		extclient.ClientID, err = GenerateNodeName(extclient.Network)
+		if err != nil {
+			return err
+		}
 	}
 
 	extclient.LastModified = time.Now().Unix()
 	return SaveExtClient(extclient)
 }
 
+// GenerateNodeName - generates a random node name
+func GenerateNodeName(network string) (string, error) {
+	seed := time.Now().UTC().UnixNano()
+	nameGenerator := namegenerator.NewNameGenerator(seed)
+	var name string
+	cnt := 0
+	for {
+		if cnt > 10 {
+			return "", errors.New("couldn't generate random name, try again")
+		}
+		cnt += 1
+		name = nameGenerator.Generate()
+		if len(name) > 15 {
+			continue
+		}
+		_, err := GetExtClient(name, network)
+		if err == nil {
+			// config exists with same name
+			continue
+		}
+		break
+	}
+	return name, nil
+}
+
 // SaveExtClient - saves an ext client to database
 func SaveExtClient(extclient *models.ExtClient) error {
 	key, err := GetRecordKey(extclient.ClientID, extclient.Network)

logic/peers.go

@@ -239,6 +239,13 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
 					peerEndpoint = peerHost.EndpointIPv6
 				}
 			}
+			if node.IsRelay && peer.RelayedBy == node.ID.String() && !peer.IsStatic {
+				// don't set endpoint on relayed peer
+				peerEndpoint = nil
+			}
+			if isFailOverPeer && peer.FailedOverBy == node.ID && !peer.IsStatic {
+				peerEndpoint = nil
+			}
 
 			peerConfig.Endpoint = &net.UDPAddr{
 				IP:   peerEndpoint,

models/acl.go

@@ -62,16 +62,16 @@ type AclPolicy struct {
 }
 
 type Acl struct {
-	ID               string         `json:"id"`
-	Default          bool           `json:"default"`
-	MetaData         string         `json:"meta_data"`
-	Name             string         `json:"name"`
-	NetworkID        NetworkID      `json:"network_id"`
-	RuleType         AclPolicyType  `json:"policy_type"`
-	Src              []AclPolicyTag `json:"src_type"`
-	Dst              []AclPolicyTag `json:"dst_type"`
-	Proto            []Protocol     // tcp, udp, etc.
-	Port             []int
+	ID               string                  `json:"id"`
+	Default          bool                    `json:"default"`
+	MetaData         string                  `json:"meta_data"`
+	Name             string                  `json:"name"`
+	NetworkID        NetworkID               `json:"network_id"`
+	RuleType         AclPolicyType           `json:"policy_type"`
+	Src              []AclPolicyTag          `json:"src_type"`
+	Dst              []AclPolicyTag          `json:"dst_type"`
+	Proto            []Protocol              `json:"protocol"` // tcp, udp, etc.
+	Port             []int                   `json:"ports"`
 	AllowedDirection AllowedTrafficDirection `json:"allowed_traffic_direction"`
 	Enabled          bool                    `json:"enabled"`
 	CreatedBy        string                  `json:"created_by"`

pro/controllers/failover.go

@@ -219,6 +219,14 @@ func failOverME(w http.ResponseWriter, r *http.Request) {
 		)
 		return
 	}
+	if peerNode.IsFailOver {
+		logic.ReturnErrorResponse(
+			w,
+			r,
+			logic.FormatError(errors.New("peer is acting as failover"), "badrequest"),
+		)
+		return
+	}
 	if node.IsRelayed && node.RelayedBy == peerNode.ID.String() {
 		logic.ReturnErrorResponse(
 			w,

pro/logic/failover.go

@@ -3,6 +3,7 @@ package logic
 import (
 	"errors"
 	"net"
+	"sync"
 
 	"github.com/google/uuid"
 	"github.com/gravitl/netmaker/logger"
@@ -11,8 +12,11 @@ import (
 	"golang.org/x/exp/slog"
 )
 
-func SetFailOverCtx(failOverNode, victimNode, peerNode models.Node) error {
+var failOverCtxMutex = &sync.RWMutex{}
 
+func SetFailOverCtx(failOverNode, victimNode, peerNode models.Node) error {
+	failOverCtxMutex.Lock()
+	defer failOverCtxMutex.Unlock()
 	if peerNode.FailOverPeers == nil {
 		peerNode.FailOverPeers = make(map[string]struct{})
 	}