|
|
@@ -10,6 +10,7 @@ import (
|
|
|
"sync"
|
|
|
"time"
|
|
|
|
|
|
+ "github.com/google/uuid"
|
|
|
"github.com/gravitl/netmaker/database"
|
|
|
"github.com/gravitl/netmaker/models"
|
|
|
"github.com/gravitl/netmaker/servercfg"
|
|
|
@@ -647,6 +648,12 @@ func IsUserAllowedToCommunicate(userName string, peer models.Node) (bool, []mode
|
|
|
// IsPeerAllowed - checks if peer needs to be added to the interface
|
|
|
func IsPeerAllowed(node, peer models.Node, checkDefaultPolicy bool) bool {
|
|
|
var nodeId, peerId string
|
|
|
+ if peer.IsFailOver && node.FailedOverBy != uuid.Nil && node.FailedOverBy == peer.ID {
|
|
|
+ return true
|
|
|
+ }
|
|
|
+ if node.IsFailOver && peer.FailedOverBy != uuid.Nil && peer.FailedOverBy == node.ID {
|
|
|
+ return true
|
|
|
+ }
|
|
|
if node.IsStatic {
|
|
|
nodeId = node.StaticNode.ClientID
|
|
|
node = node.StaticNode.ConvertToStaticNode()
|
|
|
@@ -898,6 +905,12 @@ func uniquePolicies(items []models.Acl) []models.Acl {
|
|
|
// IsNodeAllowedToCommunicate - check node is allowed to communicate with the peer // ADD ALLOWED DIRECTION - 0 => node -> peer, 1 => peer-> node,
|
|
|
func IsNodeAllowedToCommunicateV1(node, peer models.Node, checkDefaultPolicy bool) (bool, []models.Acl) {
|
|
|
var nodeId, peerId string
|
|
|
+ if peer.IsFailOver && node.FailedOverBy != uuid.Nil && node.FailedOverBy == peer.ID {
|
|
|
+ return true, []models.Acl{}
|
|
|
+ }
|
|
|
+ if node.IsFailOver && peer.FailedOverBy != uuid.Nil && peer.FailedOverBy == node.ID {
|
|
|
+ return true, []models.Acl{}
|
|
|
+ }
|
|
|
if node.IsStatic {
|
|
|
nodeId = node.StaticNode.ClientID
|
|
|
node = node.StaticNode.ConvertToStaticNode()
|
Abhishek K