Accueil Explorer Aide
Connexion
golang
/
netmaker
miroir de https://github.com/gravitl/netmaker
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

migrate default acl policies

abhishek9686 il y a 9 mois
Parent
2c854ecb29
commit
a3cfeccd1f
3 fichiers modifiés avec 41 ajouts et 0 suppressions
Vue séparée Afficher les stats Diff
  1. 36 0
      logic/acls.go
  2. 1 0
      migrate/migrate.go
  3. 4 0
      models/acl.go

+ 36 - 0
logic/acls.go
Voir le fichier 

@@ -19,6 +19,36 @@ var (
 
 	aclCacheMap   = make(map[string]models.Acl)
 
 )
 
 
+func MigrateDefaulAclPolicies(netID models.NetworkID) {
 
+	if netID.String() == "" {
 
+		return
 
+	}
 
+	acl, err := GetAcl(fmt.Sprintf("%s.%s", netID, "all-nodes"))
 
+	if err == nil {
 
+		if acl.Proto.String() == "" {
 
+			acl.Proto = models.ALL
 
+			acl.Port = []string{}
 
+			UpsertAcl(acl)
 
+		}
 
+	}
 
+	acl, err = GetAcl(fmt.Sprintf("%s.%s", netID, "all-users"))
 
+	if err == nil {
 
+		if acl.Proto.String() == "" {
 
+			acl.Proto = models.ALL
 
+			acl.Port = []string{}
 
+			UpsertAcl(acl)
 
+		}
 
+	}
 
+	acl, err = GetAcl(fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"))
 
+	if err == nil {
 
+		if acl.Proto.String() == "" {
 
+			acl.Proto = models.ALL
 
+			acl.Port = []string{}
 
+			UpsertAcl(acl)
 
+		}
 
+	}
 
+}
 
+
 
 // CreateDefaultAclNetworkPolicies - create default acl network policies
 
 func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 	if netID.String() == "" {
 
@@ -32,6 +62,8 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 			MetaData:  "This Policy allows all nodes in the network to communicate with each other",
 
 			Default:   true,
 
 			NetworkID: netID,
 
+			Proto:     models.ALL,
 
+			Port:      []string{},
 
 			RuleType:  models.DevicePolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
@@ -57,6 +89,8 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 			Name:      "All Users",
 
 			MetaData:  "This policy gives access to everything in the network for an user",
 
 			NetworkID: netID,
 
+			Proto:     models.ALL,
 
+			Port:      []string{},
 
 			RuleType:  models.UserPolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{
 
@@ -82,6 +116,8 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
 
 			Default:   true,
 
 			Name:      "All Remote Access Gateways",
 
 			NetworkID: netID,
 
+			Proto:     models.ALL,
 
+			Port:      []string{},
 
 			RuleType:  models.DevicePolicy,
 
 			Src: []models.AclPolicyTag{
 
 				{

+ 1 - 0
migrate/migrate.go
Voir le fichier 

@@ -439,5 +439,6 @@ func createDefaultTagsAndPolicies() {
 
 	for _, network := range networks {
 
 		logic.CreateDefaultTags(models.NetworkID(network.NetID))
 
 		logic.CreateDefaultAclNetworkPolicies(models.NetworkID(network.NetID))
 
+		logic.MigrateDefaulAclPolicies(models.NetworkID(network.NetID))
 
 	}
 
 }

+ 4 - 0
models/acl.go
Voir le fichier 

@@ -25,6 +25,10 @@ const (
 
 	ICMP Protocol = "icmp"
 
 )
 
 
+func (p Protocol) String() string {
 
+	return string(p)
 
+}
 
+
 
 type AclPolicyType string
 
 
 const (