|
|
@@ -10,6 +10,8 @@ import (
|
|
|
"github.com/gravitl/netmaker/database"
|
|
|
"github.com/gravitl/netmaker/logger"
|
|
|
"github.com/gravitl/netmaker/logic"
|
|
|
+ "github.com/gravitl/netmaker/logic/acls"
|
|
|
+ "github.com/gravitl/netmaker/logic/acls/nodeacls"
|
|
|
"github.com/gravitl/netmaker/models"
|
|
|
"github.com/gravitl/netmaker/netclient/ncutils"
|
|
|
"github.com/gravitl/netmaker/servercfg"
|
|
|
@@ -144,3 +146,21 @@ func SyncServerNetwork(network string) error {
|
|
|
*/
|
|
|
return nil
|
|
|
}
|
|
|
+
|
|
|
+// SetDefaultACLS - runs through each network to see if ACL's are set. If not, goes through each node in network and adds the default ACL
|
|
|
+func SetDefaultACLS() error {
|
|
|
+ // upgraded systems will not have ACL's set, which is why we need this function
|
|
|
+ nodes, err := logic.GetAllNodes()
|
|
|
+ if err != nil {
|
|
|
+ return err
|
|
|
+ }
|
|
|
+ for i := range nodes {
|
|
|
+ currentNodeACL, err := nodeacls.FetchNodeACL(nodeacls.NetworkID(nodes[i].Network), nodeacls.NodeID(nodes[i].ID))
|
|
|
+ if (err != nil && (database.IsEmptyRecord(err) || strings.Contains(err.Error(), "no node ACL present"))) || currentNodeACL == nil {
|
|
|
+ if _, err = nodeacls.CreateNodeACL(nodeacls.NetworkID(nodes[i].Network), nodeacls.NodeID(nodes[i].ID), acls.Allowed); err != nil {
|
|
|
+ logger.Log(1, "could not create a default ACL for node", nodes[i].ID)
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return nil
|
|
|
+}
|
dcarns