탐색 도움말
로그인
golang
/
netmaker
의 미러 https://github.com/gravitl/netmaker
2
0
포크 0
파일 이슈 0 위키
브렌치: NET-1349-b
브랜치 태그
netmaker
/
logic
/
clients.go

clients.go 2.3 KB
고유링크 히스토리 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. package logic
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"sort"
    6. 

  6. 

  7. 	"github.com/gravitl/netmaker/logic/acls"
    8. 

  8. 	"github.com/gravitl/netmaker/models"
    9. 

  9. 	"golang.org/x/exp/slog"
    10. 

  10. )
    11. 

  11. 

  12. // functions defined here, handle client ACLs, should be set on ee
    13. 

  13. 

  14. var (
    15. 

  15. 	// DenyClientNodeAccess - function to handle adding a node to an ext client's denied node set
    16. 

  16. 	DenyClientNodeAccess = func(ec *models.ExtClient, clientOrNodeID string) bool {
    17. 

  17. 		return true
    18. 

  18. 	}
    19. 

  19. 	// IsClientNodeAllowed - function to check if an ext client's denied node set contains a node ID
    20. 

  20. 	IsClientNodeAllowed = func(ec *models.ExtClient, clientOrNodeID string) bool {
    21. 

  21. 		return true
    22. 

  22. 	}
    23. 

  23. 	// AllowClientNodeAccess - function to handle removing a node ID from ext client's denied nodes, thus allowing it
    24. 

  24. 	AllowClientNodeAccess = func(ec *models.ExtClient, clientOrNodeID string) bool {
    25. 

  25. 		return true
    26. 

  26. 	}
    27. 

  27. 	SetClientDefaultACLs = func(ec *models.ExtClient) error {
    28. 

  28. 		// allow all on CE
    29. 

  29. 		networkAcls := acls.ACLContainer{}
    30. 

  30. 		networkAcls, err := networkAcls.Get(acls.ContainerID(ec.Network))
    31. 

  31. 		if err != nil {
    32. 

  32. 			slog.Error("failed to get network acls", "error", err)
    33. 

  33. 			return err
    34. 

  34. 		}
    35. 

  35. 		networkAcls[acls.AclID(ec.ClientID)] = acls.ACL{}
    36. 

  36. 		for objId := range networkAcls {
    37. 

  37. 			networkAcls[objId][acls.AclID(ec.ClientID)] = acls.Allowed
    38. 

  38. 			networkAcls[acls.AclID(ec.ClientID)][objId] = acls.Allowed
    39. 

  39. 		}
    40. 

  40. 		delete(networkAcls[acls.AclID(ec.ClientID)], acls.AclID(ec.ClientID))
    41. 

  41. 		if _, err = networkAcls.Save(acls.ContainerID(ec.Network)); err != nil {
    42. 

  42. 			slog.Error("failed to update network acls", "error", err)
    43. 

  43. 			return err
    44. 

  44. 		}
    45. 

  45. 		return nil
    46. 

  46. 	}
    47. 

  47. 	SetClientACLs = func(ec *models.ExtClient, newACLs map[string]struct{}) {
    48. 

  48. 	}
    49. 

  49. 	UpdateProNodeACLs = func(node *models.Node) error {
    50. 

  50. 		return nil
    51. 

  51. 	}
    52. 

  52. )
    53. 

  53. 

  54. // SortExtClient - Sorts slice of ExtClients by their ClientID alphabetically with numbers first
    55. 

  55. func SortExtClient(unsortedExtClient []models.ExtClient) {
    56. 

  56. 	sort.Slice(unsortedExtClient, func(i, j int) bool {
    57. 

  57. 		return unsortedExtClient[i].ClientID < unsortedExtClient[j].ClientID
    58. 

  58. 	})
    59. 

  59. }
    60. 

  60. 

  61. // GetExtClientByName - gets an ext client by name
    62. 

  62. func GetExtClientByName(ID string) (models.ExtClient, error) {
    63. 

  63. 	clients, err := GetAllExtClients()
    64. 

  64. 	if err != nil {
    65. 

  65. 		return models.ExtClient{}, err
    66. 

  66. 	}
    67. 

  67. 	for i := range clients {
    68. 

  68. 		if clients[i].ClientID == ID {
    69. 

  69. 			return clients[i], nil
    70. 

  70. 		}
    71. 

  71. 	}
    72. 

  72. 	return models.ExtClient{}, errors.New("client not found")
    73. 

  73. }
    74.