ホーム エクスプローラ ヘルプ
サインイン
golang
/
netmaker
同期ミラー https://github.com/gravitl/netmaker
2
0
フォーク 0
ファイル 課題 0 Wiki
ソースを参照

add service type to default acl polices

abhishek9686 8 ヶ月 前
6f5398e758
コミット
73eed6e583
2 ファイル変更40 行追加35 行削除
分割表示 差分情報を表示
  1. 26 23
      logic/acls.go
  2. 14 12
      pro/logic/user_mgmt.go

+ 26 - 23
logic/acls.go
ファイルの表示 

@@ -39,14 +39,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 	_, _ = ListAclsByNetwork(netID)
 
 	if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-nodes")) {
 
 		defaultDeviceAcl := models.Acl{
 
-			ID:        fmt.Sprintf("%s.%s", netID, "all-nodes"),
 
-			Name:      "All Nodes",
 
-			MetaData:  "This Policy allows all nodes in the network to communicate with each other",
 
-			Default:   true,
 
-			NetworkID: netID,
 
-			Proto:     models.ALL,
 
-			Port:      []string{},
 
-			RuleType:  models.DevicePolicy,
 
+			ID:          fmt.Sprintf("%s.%s", netID, "all-nodes"),
 
+			Name:        "All Nodes",
 
+			MetaData:    "This Policy allows all nodes in the network to communicate with each other",
 
+			Default:     true,
 
+			NetworkID:   netID,
 
+			Proto:       models.ALL,
 
+			ServiceType: models.Any,
 
+			Port:        []string{},
 
+			RuleType:    models.DevicePolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
 					ID:    models.DeviceAclID,
 
@@ -66,14 +67,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 	}
 
 	if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-users")) {
 
 		defaultUserAcl := models.Acl{
 
-			ID:        fmt.Sprintf("%s.%s", netID, "all-users"),
 
-			Default:   true,
 
-			Name:      "All Users",
 
-			MetaData:  "This policy gives access to everything in the network for an user",
 
-			NetworkID: netID,
 
-			Proto:     models.ALL,
 
-			Port:      []string{},
 
-			RuleType:  models.UserPolicy,
 
+			ID:          fmt.Sprintf("%s.%s", netID, "all-users"),
 
+			Default:     true,
 
+			Name:        "All Users",
 
+			MetaData:    "This policy gives access to everything in the network for an user",
 
+			NetworkID:   netID,
 
+			Proto:       models.ALL,
 
+			ServiceType: models.Any,
 
+			Port:        []string{},
 
+			RuleType:    models.UserPolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
 					ID:    models.UserAclID,
 
@@ -94,13 +96,14 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 
 	if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-remote-access-gws")) {
 
 		defaultUserAcl := models.Acl{
 
-			ID:        fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
 
-			Default:   true,
 
-			Name:      "All Remote Access Gateways",
 
-			NetworkID: netID,
 
-			Proto:     models.ALL,
 
-			Port:      []string{},
 
-			RuleType:  models.DevicePolicy,
 
+			ID:          fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
 
+			Default:     true,
 
+			Name:        "All Remote Access Gateways",
 
+			NetworkID:   netID,
 
+			Proto:       models.ALL,
 
+			ServiceType: models.Any,
 
+			Port:        []string{},
 
+			RuleType:    models.DevicePolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
 					ID:    models.DeviceAclID,

+ 14 - 12
pro/logic/user_mgmt.go
ファイルの表示 

@@ -1207,12 +1207,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 
 
 	if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin)) {
 
 		defaultUserAcl := models.Acl{
 
-			ID:        fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
 
-			Name:      "Network Admin",
 
-			MetaData:  "This Policy allows all network admins to communicate with all remote access gateways",
 
-			Default:   true,
 
-			NetworkID: netID,
 
-			RuleType:  models.UserPolicy,
 
+			ID:          fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
 
+			Name:        "Network Admin",
 
+			MetaData:    "This Policy allows all network admins to communicate with all remote access gateways",
 
+			Default:     true,
 
+			ServiceType: models.Any,
 
+			NetworkID:   netID,
 
+			RuleType:    models.UserPolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
 					ID:    models.UserGroupAclID,
 
@@ -1238,12 +1239,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 
 
 	if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser)) {
 
 		defaultUserAcl := models.Acl{
 
-			ID:        fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
 
-			Name:      "Network User",
 
-			MetaData:  "This Policy allows all network users to communicate with all remote access gateways",
 
-			Default:   true,
 
-			NetworkID: netID,
 
-			RuleType:  models.UserPolicy,
 
+			ID:          fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
 
+			Name:        "Network User",
 
+			MetaData:    "This Policy allows all network users to communicate with all remote access gateways",
 
+			Default:     true,
 
+			ServiceType: models.Any,
 
+			NetworkID:   netID,
 
+			RuleType:    models.UserPolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
 					ID:    models.UserGroupAclID,