Net 1227 v1 (#3066)

* generalise smtp config

* copy over smtp vars

* env new line

* fix master key api access

* comment user tests

* fix network and user invite for master key access

* remove email sender type

* user mgmt commands

* check user role on CE

* user role nmtcl cmds

* user groups commands

* fix role and groups command

* fix user create cmd

* add usage info

* rm user role check

* fix user update cmd

* fix static check

* add backwards comptability support for extclient api for mobile

* rm debug logs

* set frontend url from base domain if empty

controllers/middleware.go

@@ -6,7 +6,6 @@ import (
 	"strings"
 
 	"github.com/gorilla/mux"
-	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
 )
@@ -105,7 +104,6 @@ func userMiddleWare(handler http.Handler) http.Handler {
 		}
 
 		r.Header.Set("RSRC_TYPE", r.Header.Get("TARGET_RSRC"))
-		logger.Log(0, "URL ------> ", route)
 		handler.ServeHTTP(w, r)
 	})
 }

pro/auth/google.go

@@ -69,22 +69,17 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 		handleOauthNotConfigured(w)
 		return
 	}
-	logger.Log(0, "CALLBACK ----> 1")
-
-	logger.Log(0, "CALLBACK ----> 2")
 	var inviteExists bool
 	// check if invite exists for User
 	in, err := logic.GetUserInvite(content.Email)
 	if err == nil {
 		inviteExists = true
 	}
-	logger.Log(0, fmt.Sprintf("CALLBACK ----> 3  %v", inviteExists))
 	// check if user approval is already pending
 	if !inviteExists && logic.IsPendingUser(content.Email) {
 		handleOauthUserSignUpApprovalPending(w)
 		return
 	}
-	logger.Log(0, "CALLBACK ----> 4")
 	_, err = logic.GetUser(content.Email)
 	if err != nil {
 		if database.IsEmptyRecord(err) { // user must not exist, so try to make one
@@ -95,7 +90,6 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 					return
 				}
-				logger.Log(0, "CALLBACK ----> 4.0")
 
 				if err = logic.CreateUser(&user); err != nil {
 					handleSomethingWentWrong(w)
@@ -124,7 +118,6 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	logger.Log(0, "CALLBACK ----> 6")
 	user, err := logic.GetUser(content.Email)
 	if err != nil {
 		logger.Log(0, "error fetching user: ", err.Error())
@@ -186,7 +179,6 @@ func getGoogleUserInfo(state string, code string) (*OAuthUser, error) {
 	if err != nil {
 		return nil, fmt.Errorf("failed reading response body: %s", err.Error())
 	}
-	logger.Log(0, fmt.Sprintf("---------------> USERINFO: %v, token: %s", string(contents), token.AccessToken))
 	var userInfo = &OAuthUser{}
 	if err = json.Unmarshal(contents, userInfo); err != nil {
 		return nil, fmt.Errorf("failed parsing email from response data: %s", err.Error())

pro/controllers/users.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"strings"
 
 	"github.com/gorilla/mux"
 	"github.com/gravitl/netmaker/database"
@@ -218,8 +219,12 @@ func inviteUsers(w http.ResponseWriter, r *http.Request) {
 			NetworkRoles:   inviteReq.NetworkRoles,
 			InviteCode:     logic.RandomString(8),
 		}
+		frontendURL := strings.TrimSuffix(servercfg.GetFrontendURL(), "/")
+		if frontendURL == "" {
+			frontendURL = fmt.Sprintf("https://dashboard.%s", servercfg.GetNmBaseDomain())
+		}
 		u, err := url.Parse(fmt.Sprintf("%s/invite?email=%s&invite_code=%s",
-			servercfg.GetFrontendURL(), url.QueryEscape(invite.Email), url.QueryEscape(invite.InviteCode)))
+			frontendURL, url.QueryEscape(invite.Email), url.QueryEscape(invite.InviteCode)))
 		if err != nil {
 			slog.Error("failed to parse to invite url", "error", err)
 			return
@@ -808,21 +813,18 @@ func removeUserFromRemoteAccessGW(w http.ResponseWriter, r *http.Request) {
 func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 	// set header.
 	w.Header().Set("Content-Type", "application/json")
-	logger.Log(0, "------------> 1. getUserRemoteAccessGwsV1")
 	var params = mux.Vars(r)
 	username := params["username"]
 	if username == "" {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("required params username"), "badrequest"))
 		return
 	}
-	logger.Log(0, "------------> 2. getUserRemoteAccessGwsV1")
 	user, err := logic.GetUser(username)
 	if err != nil {
 		logger.Log(0, username, "failed to fetch user: ", err.Error())
 		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("failed to fetch user %s, error: %v", username, err), "badrequest"))
 		return
 	}
-	logger.Log(0, "------------> 3. getUserRemoteAccessGwsV1")
 	remoteAccessClientID := r.URL.Query().Get("remote_access_clientid")
 	var req models.UserRemoteGwsReq
 	if remoteAccessClientID == "" {
@@ -833,7 +835,6 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	logger.Log(0, "------------> 4. getUserRemoteAccessGwsV1")
 	reqFromMobile := r.URL.Query().Get("from_mobile") == "true"
 	if req.RemoteAccessClientID == "" && remoteAccessClientID == "" {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("remote access client id cannot be empty"), "badrequest"))
@@ -843,13 +844,11 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 		req.RemoteAccessClientID = remoteAccessClientID
 	}
 	userGws := make(map[string][]models.UserRemoteGws)
-	logger.Log(0, "------------> 5. getUserRemoteAccessGwsV1")
 	allextClients, err := logic.GetAllExtClients()
 	if err != nil {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}
-	logger.Log(0, "------------> 6. getUserRemoteAccessGwsV1")
 	userGwNodes := proLogic.GetUserRAGNodes(*user)
 	logger.Log(0, fmt.Sprintf("1. User Gw Nodes: %+v", userGwNodes))
 	for _, extClient := range allextClients {
@@ -890,7 +889,6 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 	logger.Log(0, fmt.Sprintf("2. User Gw Nodes: %+v", userGwNodes))
 	// add remaining gw nodes to resp
 	for gwID := range userGwNodes {
-		logger.Log(0, "RAG ---> 1")
 		node, err := logic.GetNodeByID(gwID)
 		if err != nil {
 			continue
@@ -901,7 +899,6 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 		if node.PendingDelete {
 			continue
 		}
-		logger.Log(0, "RAG ---> 2")
 		host, err := logic.GetHost(node.HostID.String())
 		if err != nil {
 			continue
@@ -910,7 +907,6 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 		if err != nil {
 			slog.Error("failed to get node network", "error", err)
 		}
-		logger.Log(0, "RAG ---> 3")
 		gws := userGws[node.Network]
 
 		gws = append(gws, models.UserRemoteGws{

pro/logic/security.go

@@ -5,7 +5,6 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
 )
@@ -16,7 +15,6 @@ func NetworkPermissionsCheck(username string, r *http.Request) error {
 	if err != nil {
 		return err
 	}
-	logger.Log(0, "NET MIDDL----> 1")
 	userRole, err := logic.GetRole(user.PlatformRoleID)
 	if err != nil {
 		return errors.New("access denied")
@@ -24,7 +22,6 @@ func NetworkPermissionsCheck(username string, r *http.Request) error {
 	if userRole.FullAccess {
 		return nil
 	}
-	logger.Log(0, "NET MIDDL----> 2")
 	// get info from header to determine the target rsrc
 	targetRsrc := r.Header.Get("TARGET_RSRC")
 	targetRsrcID := r.Header.Get("TARGET_RSRC_ID")
@@ -81,7 +78,6 @@ func checkNetworkAccessPermissions(netRoleID models.UserRoleID, username, reqSco
 	if err != nil {
 		return err
 	}
-	logger.Log(0, "NET MIDDL----> 3", string(netRoleID))
 	if networkPermissionScope.FullAccess {
 		return nil
 	}
@@ -92,7 +88,6 @@ func checkNetworkAccessPermissions(netRoleID models.UserRoleID, username, reqSco
 	if !ok {
 		return errors.New("access denied")
 	}
-	logger.Log(0, "NET MIDDL----> 4", string(netRoleID))
 	if allRsrcsTypePermissionScope, ok := rsrcPermissionScope[models.RsrcID(fmt.Sprintf("all_%s", targetRsrc))]; ok {
 		// handle extclient apis here
 		if models.RsrcType(targetRsrc) == models.ExtClientsRsrc && allRsrcsTypePermissionScope.SelfOnly && targetRsrcID != "" {
@@ -118,7 +113,6 @@ func checkNetworkAccessPermissions(netRoleID models.UserRoleID, username, reqSco
 			}
 		}
 	}
-	logger.Log(0, "NET MIDDL----> 5", string(netRoleID))
 	if targetRsrcID == "" {
 		return errors.New("target rsrc id is empty")
 	}
@@ -128,7 +122,6 @@ func checkNetworkAccessPermissions(netRoleID models.UserRoleID, username, reqSco
 			return nil
 		}
 	}
-	logger.Log(0, "NET MIDDL----> 6", string(netRoleID))
 	return errors.New("access denied")
 }
 

pro/logic/user_mgmt.go

@@ -533,7 +533,7 @@ func HasNetworkRsrcScope(permissionTemplate models.UserRolePermissionTemplate, n
 func GetUserRAGNodes(user models.User) (gws map[string]models.Node) {
 	gws = make(map[string]models.Node)
 	userGwAccessScope := GetUserNetworkRolesWithRemoteVPNAccess(user)
-	logger.Log(0, fmt.Sprintf("User Gw Access Scope: %+v", userGwAccessScope))
+	logger.Log(3, fmt.Sprintf("User Gw Access Scope: %+v", userGwAccessScope))
 	_, allNetAccess := userGwAccessScope["*"]
 	nodes, err := logic.GetAllNodes()
 	if err != nil {

servercfg/serverconf.go

@@ -809,3 +809,8 @@ func GetAllowedEmailDomains() string {
 	}
 	return allowedDomains
 }
+
+// GetNmBaseDomain - fetches nm base domain
+func GetNmBaseDomain() string {
+	return os.Getenv("NM_DOMAIN")
+}