create default groups and roles

controllers/network.go

@@ -473,7 +473,7 @@ func createNetwork(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 		return
 	}
-	logic.CreateDefaultNetworkRoles(network.NetID)
+	logic.CreateDefaultNetworkRolesAndGroups(models.NetworkID(network.NetID))
 	go func() {
 		defaultHosts := logic.GetDefaultHosts()
 		for i := range defaultHosts {

logic/user_mgmt.go

@@ -42,7 +42,7 @@ var RemoveNetworkRoleFromUsers = func(host models.Host, node models.Node) {}
 
 var InitialiseRoles = userRolesInit
 var DeleteNetworkRoles = func(netID string) {}
-var CreateDefaultNetworkRoles = func(netID string) {}
+var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {}
 
 // GetRole - fetches role template by id
 func GetRole(roleID models.UserRoleID) (models.UserRolePermissionTemplate, error) {

pro/controllers/users.go

@@ -174,6 +174,12 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// check platform role
+	_, err = logic.GetRole(models.UserRoleID(inviteReq.PlatformRoleID))
+	if err != nil {
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
+		return
+	}
 	for _, inviteeEmail := range inviteReq.UserEmails {
 		// check if user with email exists, then ignore
 		_, err := logic.GetUser(inviteeEmail)
@@ -182,10 +188,11 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 			continue
 		}
 		invite := models.UserInvite{
-			Email:        inviteeEmail,
-			UserGroups:   inviteReq.UserGroups,
-			NetworkRoles: inviteReq.NetworkRoles,
-			InviteCode:   logic.RandomString(8),
+			Email:          inviteeEmail,
+			PlatformRoleID: inviteReq.PlatformRoleID,
+			UserGroups:     inviteReq.UserGroups,
+			NetworkRoles:   inviteReq.NetworkRoles,
+			InviteCode:     logic.RandomString(8),
 		}
 		u, err := url.Parse(fmt.Sprintf("%s/invite?email=%s&invite_code=%s",
 			servercfg.GetFrontendURL(), url.QueryEscape(invite.Email), url.QueryEscape(invite.InviteCode)))

pro/initialize.go

@@ -124,7 +124,7 @@ func InitPro() {
 	logic.NetworkPermissionsCheck = proLogic.NetworkPermissionsCheck
 	logic.GlobalPermissionsCheck = proLogic.GlobalPermissionsCheck
 	logic.DeleteNetworkRoles = proLogic.DeleteNetworkRoles
-	logic.CreateDefaultNetworkRoles = proLogic.CreateDefaultNetworkRoles
+	logic.CreateDefaultNetworkRolesAndGroups = proLogic.CreateDefaultNetworkRolesAndGroups
 	logic.FilterNetworksByRole = proLogic.FilterNetworksByRole
 	logic.IsGroupsValid = proLogic.IsGroupsValid
 	logic.IsNetworkRolesValid = proLogic.IsNetworkRolesValid

pro/logic/user_mgmt.go

@@ -72,20 +72,20 @@ func UserRolesInit() {
 
 }
 
-func CreateDefaultNetworkRoles(netID string) {
+func CreateDefaultNetworkRolesAndGroups(netID models.NetworkID) {
 	var NetworkAdminPermissionTemplate = models.UserRolePermissionTemplate{
-		ID:                 models.UserRoleID(fmt.Sprintf("%s_%s", netID, models.NetworkAdmin)),
+		ID:                 models.UserRoleID(fmt.Sprintf("%s-%s", netID, models.NetworkAdmin)),
 		Default:            false,
-		NetworkID:          models.NetworkID(netID),
+		NetworkID:          netID,
 		FullAccess:         true,
 		NetworkLevelAccess: make(map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope),
 	}
 
 	var NetworkUserPermissionTemplate = models.UserRolePermissionTemplate{
-		ID:                  models.UserRoleID(fmt.Sprintf("%s_%s", netID, models.NetworkUser)),
+		ID:                  models.UserRoleID(fmt.Sprintf("%s-%s", netID, models.NetworkUser)),
 		Default:             false,
 		FullAccess:          false,
-		NetworkID:           models.NetworkID(netID),
+		NetworkID:           netID,
 		DenyDashboardAccess: false,
 		NetworkLevelAccess: map[models.RsrcType]map[models.RsrcID]models.RsrcPermissionScope{
 			models.RemoteAccessGwRsrc: {
@@ -109,6 +109,30 @@ func CreateDefaultNetworkRoles(netID string) {
 	database.Insert(NetworkAdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
 	d, _ = json.Marshal(NetworkUserPermissionTemplate)
 	database.Insert(NetworkUserPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
+
+	// create default network groups
+	var NetworkAdminGroup = models.UserGroup{
+		ID: models.UserGroupID(fmt.Sprintf("%s-%s-grp", netID, models.NetworkAdmin)),
+		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
+			netID: {
+				models.UserRoleID(fmt.Sprintf("%s-%s", netID, models.NetworkAdmin)): {},
+			},
+		},
+		MetaData: "The network role was automatically created by Netmaker.",
+	}
+	var NetworkUserGroup = models.UserGroup{
+		ID: models.UserGroupID(fmt.Sprintf("%s-%s-grp", netID, models.NetworkUser)),
+		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
+			netID: {
+				models.UserRoleID(fmt.Sprintf("%s-%s", netID, models.NetworkUser)): {},
+			},
+		},
+		MetaData: "The network role was automatically created by Netmaker.",
+	}
+	d, _ = json.Marshal(NetworkAdminGroup)
+	database.Insert(NetworkAdminGroup.ID.String(), string(d), database.USER_GROUPS_TABLE_NAME)
+	d, _ = json.Marshal(NetworkUserGroup)
+	database.Insert(NetworkUserGroup.ID.String(), string(d), database.USER_GROUPS_TABLE_NAME)
 }
 
 func DeleteNetworkRoles(netID string) {