feat(go): don't use uuid for default groups;

pro/logic/migrate.go

@@ -16,6 +16,10 @@ func MigrateGroups() {
 	groupMapping := make(map[models.UserGroupID]models.UserGroupID)
 
 	for _, group := range groups {
+		if group.Default {
+			continue
+		}
+
 		newGroupID := models.UserGroupID(uuid.NewString())
 		groupMapping[group.ID] = newGroupID
 
@@ -41,7 +45,6 @@ func MigrateGroups() {
 }
 
 func MigrateUserRoleAndGroups(user models.User) {
-	var err error
 	if user.PlatformRoleID == models.AdminRole || user.PlatformRoleID == models.SuperAdminRole {
 		return
 	}
@@ -53,21 +56,21 @@ func MigrateUserRoleAndGroups(user models.User) {
 			if err != nil {
 				continue
 			}
-			var g models.UserGroup
+			var groupID models.UserGroupID
 			if user.PlatformRoleID == models.ServiceUser {
-				g, err = GetDefaultNetworkUserGroup(models.NetworkID(gwNode.Network))
+				groupID = GetDefaultNetworkUserGroupID(models.NetworkID(gwNode.Network))
 			} else {
-				g, err = GetDefaultNetworkAdminGroup(models.NetworkID(gwNode.Network))
+				groupID = GetDefaultNetworkAdminGroupID(models.NetworkID(gwNode.Network))
 			}
 			if err != nil {
 				continue
 			}
-			user.UserGroups[g.ID] = struct{}{}
+			user.UserGroups[groupID] = struct{}{}
 		}
 	}
 	if len(user.NetworkRoles) > 0 {
 		for netID, netRoles := range user.NetworkRoles {
-			var g models.UserGroup
+			var groupID models.UserGroupID
 			adminAccess := false
 			for netRoleID := range netRoles {
 				permTemplate, err := logic.GetRole(netRoleID)
@@ -79,18 +82,15 @@ func MigrateUserRoleAndGroups(user models.User) {
 			}
 
 			if user.PlatformRoleID == models.ServiceUser {
-				g, err = GetDefaultNetworkUserGroup(netID)
+				groupID = GetDefaultNetworkUserGroupID(netID)
 			} else {
 				if adminAccess {
-					g, err = GetDefaultNetworkAdminGroup(netID)
+					groupID = GetDefaultNetworkAdminGroupID(netID)
 				} else {
-					g, err = GetDefaultNetworkUserGroup(netID)
+					groupID = GetDefaultNetworkUserGroupID(netID)
 				}
 			}
-			if err != nil {
-				continue
-			}
-			user.UserGroups[g.ID] = struct{}{}
+			user.UserGroups[groupID] = struct{}{}
 			user.NetworkRoles = make(map[models.NetworkID]map[models.UserRoleID]struct{})
 		}
 

pro/logic/user_mgmt.go

@@ -16,9 +16,9 @@ import (
 	"golang.org/x/exp/slog"
 )
 
-const (
-	globalNetworksAdminGroupName = "All Networks Admin Group"
-	globalNetworksUserGroupName  = "All Networks User Group"
+var (
+	globalNetworksAdminGroupID = models.UserGroupID(fmt.Sprintf("global-%s-grp", models.NetworkAdmin))
+	globalNetworksUserGroupID  = models.UserGroupID(fmt.Sprintf("global-%s-grp", models.NetworkUser))
 )
 
 var ServiceUserPermissionTemplate = models.UserRolePermissionTemplate{
@@ -118,9 +118,9 @@ func UserRolesInit() {
 func UserGroupsInit() {
 	// create default network groups
 	var NetworkGlobalAdminGroup = models.UserGroup{
-		ID:       models.UserGroupID(uuid.NewString()),
+		ID:       globalNetworksAdminGroupID,
 		Default:  true,
-		Name:     globalNetworksAdminGroupName,
+		Name:     "All Networks Admin Group",
 		MetaData: "can manage configuration of all networks",
 		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
 			models.AllNetworks: {
@@ -129,8 +129,8 @@ func UserGroupsInit() {
 		},
 	}
 	var NetworkGlobalUserGroup = models.UserGroup{
-		ID:      models.UserGroupID(uuid.NewString()),
-		Name:    globalNetworksUserGroupName,
+		ID:      globalNetworksUserGroupID,
+		Name:    "All Networks User Group",
 		Default: true,
 		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
 			models.AllNetworks: {
@@ -222,7 +222,7 @@ func CreateDefaultNetworkRolesAndGroups(netID models.NetworkID) {
 
 	// create default network groups
 	var NetworkAdminGroup = models.UserGroup{
-		ID:      models.UserGroupID(uuid.NewString()),
+		ID:      GetDefaultNetworkAdminGroupID(netID),
 		Name:    fmt.Sprintf("%s Admin Group", netID),
 		Default: true,
 		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
@@ -233,7 +233,7 @@ func CreateDefaultNetworkRolesAndGroups(netID models.NetworkID) {
 		MetaData: fmt.Sprintf("can manage your network `%s` configuration including adding and removing devices.", netID),
 	}
 	var NetworkUserGroup = models.UserGroup{
-		ID:      models.UserGroupID(uuid.NewString()),
+		ID:      GetDefaultNetworkUserGroupID(netID),
 		Name:    fmt.Sprintf("%s User Group", netID),
 		Default: true,
 		NetworkRoles: map[models.NetworkID]map[models.UserRoleID]struct{}{
@@ -256,28 +256,28 @@ func DeleteNetworkRoles(netID string) {
 		return
 	}
 
-	defaultAdminGrp, _ := GetDefaultNetworkAdminGroup(models.NetworkID(netID))
-	defaultUserGrp, _ := GetDefaultNetworkUserGroup(models.NetworkID(netID))
+	defaultAdminGrpID := GetDefaultNetworkAdminGroupID(models.NetworkID(netID))
+	defaultUserGrpID := GetDefaultNetworkUserGroupID(models.NetworkID(netID))
 	for _, user := range users {
 		var upsert bool
 		if _, ok := user.NetworkRoles[models.NetworkID(netID)]; ok {
 			delete(user.NetworkRoles, models.NetworkID(netID))
 			upsert = true
 		}
-		if _, ok := user.UserGroups[defaultUserGrp.ID]; ok {
-			delete(user.UserGroups, defaultUserGrp.ID)
+		if _, ok := user.UserGroups[defaultUserGrpID]; ok {
+			delete(user.UserGroups, defaultUserGrpID)
 			upsert = true
 		}
-		if _, ok := user.UserGroups[defaultAdminGrp.ID]; ok {
-			delete(user.UserGroups, defaultAdminGrp.ID)
+		if _, ok := user.UserGroups[defaultAdminGrpID]; ok {
+			delete(user.UserGroups, defaultAdminGrpID)
 			upsert = true
 		}
 		if upsert {
 			logic.UpsertUser(user)
 		}
 	}
-	database.DeleteRecord(database.USER_GROUPS_TABLE_NAME, defaultUserGrp.ID.String())
-	database.DeleteRecord(database.USER_GROUPS_TABLE_NAME, defaultAdminGrp.ID.String())
+	database.DeleteRecord(database.USER_GROUPS_TABLE_NAME, defaultUserGrpID.String())
+	database.DeleteRecord(database.USER_GROUPS_TABLE_NAME, defaultAdminGrpID.String())
 	userGs, _ := ListUserGroups()
 	for _, userGI := range userGs {
 		if _, ok := userGI.NetworkRoles[models.NetworkID(netID)]; ok {
@@ -532,7 +532,16 @@ func ValidateUpdateGroupReq(g models.UserGroup) error {
 
 // CreateUserGroup - creates new user group
 func CreateUserGroup(g models.UserGroup) error {
-	g.ID = models.UserGroupID(uuid.NewString())
+	// default groups are currently created directly in the db.
+	// this check is only to prevent future errors.
+	if g.Default && g.ID == "" {
+		return errors.New("group id cannot be empty for default group")
+	}
+
+	if !g.Default {
+		g.ID = models.UserGroupID(uuid.NewString())
+	}
+
 	// check if the group already exists
 	if g.Name == "" {
 		return errors.New("group name cannot be empty")
@@ -569,66 +578,12 @@ func GetUserGroup(gid models.UserGroupID) (models.UserGroup, error) {
 	return ug, nil
 }
 
-func GetDefaultGlobalNetworksAdminGroup() (models.UserGroup, error) {
-	groups, err := ListUserGroups()
-	if err != nil {
-		return models.UserGroup{}, err
-	}
-
-	for _, group := range groups {
-		if group.Default && group.Name == globalNetworksAdminGroupName {
-			return group, nil
-		}
-	}
-
-	return models.UserGroup{}, errors.New("default global networks admin group not found")
+func GetDefaultNetworkAdminGroupID(networkID models.NetworkID) models.UserGroupID {
+	return models.UserGroupID(fmt.Sprintf("%s-%s-grp", networkID, models.NetworkAdmin))
 }
 
-func GetDefaultGlobalNetworksUserGroup() (models.UserGroup, error) {
-	groups, err := ListUserGroups()
-	if err != nil {
-		return models.UserGroup{}, err
-	}
-
-	for _, group := range groups {
-		if group.Default && group.Name == globalNetworksUserGroupName {
-			return group, nil
-		}
-	}
-
-	return models.UserGroup{}, errors.New("default global networks user group not found")
-}
-
-func GetDefaultNetworkAdminGroup(networkID models.NetworkID) (models.UserGroup, error) {
-	groups, err := ListUserGroups()
-	if err != nil {
-		return models.UserGroup{}, err
-	}
-
-	groupName := fmt.Sprintf("%s Admin Group", networkID)
-	for _, group := range groups {
-		if group.Default && group.Name == groupName {
-			return group, nil
-		}
-	}
-
-	return models.UserGroup{}, errors.New("default network admin group not found")
-}
-
-func GetDefaultNetworkUserGroup(networkID models.NetworkID) (models.UserGroup, error) {
-	groups, err := ListUserGroups()
-	if err != nil {
-		return models.UserGroup{}, err
-	}
-
-	groupName := fmt.Sprintf("%s User Group", networkID)
-	for _, group := range groups {
-		if group.Default && group.Name == groupName {
-			return group, nil
-		}
-	}
-
-	return models.UserGroup{}, errors.New("default network user group not found")
+func GetDefaultNetworkUserGroupID(networkID models.NetworkID) models.UserGroupID {
+	return models.UserGroupID(fmt.Sprintf("%s-%s-grp", networkID, models.NetworkUser))
 }
 
 // ListUserGroups - lists user groups
@@ -1205,8 +1160,7 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 	}
 
 	if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin)) {
-		globalAdminGroup, _ := GetDefaultGlobalNetworksAdminGroup()
-		networkAdminGroup, _ := GetDefaultNetworkAdminGroup(netID)
+		networkAdminGroupID := GetDefaultNetworkAdminGroupID(netID)
 
 		defaultUserAcl := models.Acl{
 			ID:          fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
@@ -1220,11 +1174,11 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 			Src: []models.AclPolicyTag{
 				{
 					ID:    models.UserGroupAclID,
-					Value: globalAdminGroup.ID.String(),
+					Value: globalNetworksAdminGroupID.String(),
 				},
 				{
 					ID:    models.UserGroupAclID,
-					Value: networkAdminGroup.ID.String(),
+					Value: networkAdminGroupID.String(),
 				},
 			},
 			Dst: []models.AclPolicyTag{
@@ -1241,8 +1195,7 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 	}
 
 	if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser)) {
-		globalUserGroup, _ := GetDefaultGlobalNetworksUserGroup()
-		networkUserGroup, _ := GetDefaultNetworkUserGroup(netID)
+		networkUserGroupID := GetDefaultNetworkUserGroupID(netID)
 
 		defaultUserAcl := models.Acl{
 			ID:          fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
@@ -1256,11 +1209,11 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {
 			Src: []models.AclPolicyTag{
 				{
 					ID:    models.UserGroupAclID,
-					Value: globalUserGroup.ID.String(),
+					Value: globalNetworksAdminGroupID.String(),
 				},
 				{
 					ID:    models.UserGroupAclID,
-					Value: networkUserGroup.ID.String(),
+					Value: networkUserGroupID.String(),
 				},
 			},
 
@@ -1300,7 +1253,5 @@ func AddGlobalNetRolesToAdmins(u *models.User) {
 	}
 	u.UserGroups = make(map[models.UserGroupID]struct{})
 
-	globalAdminGroup, _ := GetDefaultGlobalNetworksAdminGroup()
-
-	u.UserGroups[globalAdminGroup.ID] = struct{}{}
+	u.UserGroups[globalNetworksAdminGroupID] = struct{}{}
 }