Halaman utama Jelajahi Bantuan
Masuk
golang
/
netmaker
cermin dari https://github.com/gravitl/netmaker
2
0
Fork 0
Berkas Masalah 0 Wiki
Jelajahi Sumber

add egress id to acl group

abhishek9686 4 bulan lalu
induk
0f9f66ee91
melakukan
3642a4c9b3
4 mengubah file dengan 59 tambahan dan 23 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 2 1
      controllers/acls.go
  2. 26 14
      controllers/egress.go
  3. 30 7
      logic/acls.go
  4. 1 1
      models/acl.go

+ 2 - 1
controllers/acls.go
Tampilan Berkas 

@@ -51,7 +51,8 @@ func aclPolicyTypes(w http.ResponseWriter, r *http.Request) {
 
 		DstGroupTypes: []models.AclGroupType{
 
 			models.NodeTagID,
 
 			models.NodeID,
 
-			models.EgressRange,
 
+			//models.EgressRange,
 
+			models.EgressID,
 
 			// models.NetmakerIPAclID,
 
 			// models.NetmakerSubNetRangeAClID,
 
 		},

+ 26 - 14
controllers/egress.go
Tampilan Berkas 

@@ -41,11 +41,17 @@ func createEgress(w http.ResponseWriter, r *http.Request) {
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 	}
 
-	egressRange, err := logic.NormalizeCIDR(req.Range)
 
-	if err != nil {
 
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
-		return
 
+	var egressRange string
 
+	if !req.IsInetGw {
 
+		egressRange, err = logic.NormalizeCIDR(req.Range)
 
+		if err != nil {
 
+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
+			return
 
+		}
 
+	} else {
 
+		egressRange = "*"
 
 	}
 
+
 
 	e := models.Egress{
 
 		ID:          uuid.New().String(),
 
 		Name:        req.Name,
 
@@ -127,22 +133,24 @@ func updateEgress(w http.ResponseWriter, r *http.Request) {
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 	}
 
-	egressRange, err := logic.NormalizeCIDR(req.Range)
 
-	if err != nil {
 
-		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
-		return
 
+	var egressRange string
 
+	if !req.IsInetGw {
 
+		egressRange, err = logic.NormalizeCIDR(req.Range)
 
+		if err != nil {
 
+			logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
+			return
 
+		}
 
+	} else {
 
+		egressRange = "*"
 
 	}
 
+
 
 	e := models.Egress{ID: req.ID}
 
 	err = e.Get()
 
 	if err != nil {
 
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 
 		return
 
 	}
 
-	e.Nodes = make(datatypes.JSONMap)
 
-	e.Tags = make(datatypes.JSONMap)
 
-	for nodeID, metric := range req.Nodes {
 
-		e.Nodes[nodeID] = metric
 
-	}
 
+
 
 	var updateNat bool
 
 	var updateInetGw bool
 
 	if req.Nat != e.Nat {
 
@@ -151,7 +159,11 @@ func updateEgress(w http.ResponseWriter, r *http.Request) {
 
 	if req.IsInetGw != e.IsInetGw {
 
 		updateInetGw = true
 
 	}
 
-
 
+	e.Nodes = make(datatypes.JSONMap)
 
+	e.Tags = make(datatypes.JSONMap)
 
+	for nodeID, metric := range req.Nodes {
 
+		e.Nodes[nodeID] = metric
 
+	}
 
 	e.Range = egressRange
 
 	e.Description = req.Description
 
 	e.Name = req.Name

+ 30 - 7
logic/acls.go
Tampilan Berkas 

@@ -293,13 +293,22 @@ func checkIfAclTagisValid(t models.AclPolicyTag, netID models.NetworkID, policyT
 
 		if isSrc {
 
 			return false
 
 		}
 
-		// _, rangesMap, err := GetEgressRanges(netID)
 
-		// if err != nil {
 
-		// 	return false
 
-		// }
 
-		// if _, ok := rangesMap[t.Value]; !ok {
 
-		// 	return false
 
-		// }
 
+	// _, rangesMap, err := GetEgressRanges(netID)
 
+	// if err != nil {
 
+	// 	return false
 
+	// }
 
+	// if _, ok := rangesMap[t.Value]; !ok {
 
+	// 	return false
 
+	// }
 
+	case models.EgressID:
 
+		e := models.Egress{
 
+			ID: t.Value,
 
+		}
 
+		err := e.Get()
 
+		if err != nil {
 
+			return false
 
+		}
 
+
 
 	case models.UserAclID:
 
 		if policyType == models.DevicePolicy {
 
 			return false
 
@@ -388,6 +397,20 @@ func IsAclPolicyValid(acl models.Acl) bool {
 
 	return true
 
 }
 
 
+func UniqueAclPolicyTags(tags []models.AclPolicyTag) []models.AclPolicyTag {
 
+	seen := make(map[string]bool)
 
+	var result []models.AclPolicyTag
 
+
 
+	for _, tag := range tags {
 
+		key := fmt.Sprintf("%v-%s", tag.ID, tag.Value)
 
+		if !seen[key] {
 
+			seen[key] = true
 
+			result = append(result, tag)
 
+		}
 
+	}
 
+	return result
 
+}
 
+
 
 // UpdateAcl - updates allowed fields on acls and commits to DB
 
 func UpdateAcl(newAcl, acl models.Acl) error {
 
 	if !acl.Default {

+ 1 - 1
models/acl.go
Tampilan Berkas 

@@ -60,6 +60,7 @@ const (
 
 	NodeTagID                AclGroupType = "tag"
 
 	NodeID                   AclGroupType = "device"
 
 	EgressRange              AclGroupType = "egress-range"
 
+	EgressID                 AclGroupType = "egress-id"
 
 	NetmakerIPAclID          AclGroupType = "ip"
 
 	NetmakerSubNetRangeAClID AclGroupType = "ipset"
 
 )
 
@@ -92,7 +93,6 @@ type Acl struct {
 
 	Port             []string                `json:"ports"`
 
 	AllowedDirection AllowedTrafficDirection `json:"allowed_traffic_direction"`
 
 	Enabled          bool                    `json:"enabled"`
 
-	ReferenceID      string                  `json:"reference_id"`
 
 	CreatedBy        string                  `json:"created_by"`
 
 	CreatedAt        time.Time               `json:"created_at"`
 
 }