Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix static node id policy

abhishek9686 7 months ago
parent
fabc9f2920
commit
28af1156e6
1 changed files with 18 additions and 4 deletions
Unified View Show Diff Stats
  1. 18 4
      logic/acls.go

+ 18 - 4
logic/acls.go
View File 

@@ -604,14 +604,21 @@ func IsUserAllowedToCommunicate(userName string, peer models.Node) (bool, []mode
 
 
 
 // IsPeerAllowed - checks if peer needs to be added to the interface
 
 // IsPeerAllowed - checks if peer needs to be added to the interface
 
 func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
 
 func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
 
+	var nodeId, peerId string
 
 	if node.IsStatic {
 
 	if node.IsStatic {
 
+		nodeId = node.StaticNode.ClientID
 
 		node = node.StaticNode.ConvertToStaticNode()
 
 		node = node.StaticNode.ConvertToStaticNode()
 
+	} else {
 
+		nodeId = node.ID.String()
 
 	}
 
 	}
 
 	if peer.IsStatic {
 
 	if peer.IsStatic {
 
+		peerId = peer.StaticNode.ClientID
 
 		peer = peer.StaticNode.ConvertToStaticNode()
 
 		peer = peer.StaticNode.ConvertToStaticNode()
 
+	} else {
 
+		peerId = peer.ID.String()
 
 	}
 
 	}
 
-	node.Tags[models.TagID(node.ID.String())] = struct{}{}
 
-	peer.Tags[models.TagID(peer.ID.String())] = struct{}{}
 
+	node.Tags[models.TagID(nodeId)] = struct{}{}
 
+	peer.Tags[models.TagID(peerId)] = struct{}{}
 
 	if checkDefaultPolicy {
 
 	if checkDefaultPolicy {
 
 		// check default policy if all allowed return true
 
 		// check default policy if all allowed return true
 
 		defaultPolicy, err := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
 		defaultPolicy, err := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
@@ -707,14 +714,21 @@ func checkTagGroupPolicy(srcMap, dstMap map[string]struct{}, node, peer models.N
 
 
 
 // IsNodeAllowedToCommunicate - check node is allowed to communicate with the peer
 
 // IsNodeAllowedToCommunicate - check node is allowed to communicate with the peer
 
 func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool) (bool, []models.Acl) {
 
 func IsNodeAllowedToCommunicate(node, peer models.Node, checkDefaultPolicy bool) (bool, []models.Acl) {
 
+	var nodeId, peerId string
 
 	if node.IsStatic {
 
 	if node.IsStatic {
 
+		nodeId = node.StaticNode.ClientID
 
 		node = node.StaticNode.ConvertToStaticNode()
 
 		node = node.StaticNode.ConvertToStaticNode()
 
+	} else {
 
+		nodeId = node.ID.String()
 
 	}
 
 	}
 
 	if peer.IsStatic {
 
 	if peer.IsStatic {
 
+		peerId = peer.StaticNode.ClientID
 
 		peer = peer.StaticNode.ConvertToStaticNode()
 
 		peer = peer.StaticNode.ConvertToStaticNode()
 
+	} else {
 
+		peerId = peer.ID.String()
 
 	}
 
 	}
 
-	node.Tags[models.TagID(node.ID.String())] = struct{}{}
 
-	peer.Tags[models.TagID(peer.ID.String())] = struct{}{}
 
+	node.Tags[models.TagID(nodeId)] = struct{}{}
 
+	peer.Tags[models.TagID(peerId)] = struct{}{}
 
 	if checkDefaultPolicy {
 
 	if checkDefaultPolicy {
 
 		// check default policy if all allowed return true
 
 		// check default policy if all allowed return true
 
 		defaultPolicy, err := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)
 
 		defaultPolicy, err := GetDefaultPolicy(models.NetworkID(node.Network), models.DevicePolicy)