Add policy rule source and destination resource

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-12-13 18:31:18 +01:00 · 2024-12-11 14:22:09 +01:00 · 2024-12-11 14:22:09 +01:00 · ac06f178fe
commit ac06f178fe
parent 60ee31df3e
3 changed files with 47 additions and 11 deletions
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@ -143,6 +143,13 @@ const (
 	PolicyRuleUpdateProtocolUdp  PolicyRuleUpdateProtocol = "udp"
 )

+// Defines values for ResourceType.
+const (
+	ResourceTypeDomain ResourceType = "domain"
+	ResourceTypeHost   ResourceType = "host"
+	ResourceTypeSubnet ResourceType = "subnet"
+)
+
 // Defines values for UserStatus.
 const (
 	UserStatusActive  UserStatus = "active"
@ -540,9 +547,6 @@ type NetworkResource struct {
 	Type NetworkResourceType `json:"type"`
 }

-// NetworkResourceType Network resource type based of the address
-type NetworkResourceType string
-
 // NetworkResourceRequest defines model for NetworkResourceRequest.
 type NetworkResourceRequest struct {
 	// Address Network resource address (either a direct host like 1.1.1.1 or 1.1.1.1/32, or a subnet like 192.168.178.0/24, or a domain like example.com)
@ -555,6 +559,9 @@ type NetworkResourceRequest struct {
 	Name string `json:"name"`
 }

+// NetworkResourceType Network resource type based of the address
+type NetworkResourceType string
+
 // NetworkRouter defines model for NetworkRouter.
 type NetworkRouter struct {
 	// Id Network Router Id
@ -873,10 +880,11 @@ type PolicyRule struct {
 	Bidirectional bool `json:"bidirectional"`

 	// Description Policy rule friendly description
-	Description *string `json:"description,omitempty"`
+	Description         *string   `json:"description,omitempty"`
+	DestinationResource *Resource `json:"destinationResource,omitempty"`

 	// Destinations Policy rule destination group IDs
-	Destinations []GroupMinimum `json:"destinations"`
+	Destinations *[]GroupMinimum `json:"destinations,omitempty"`

 	// Enabled Policy rule status
 	Enabled bool `json:"enabled"`
@ -894,10 +902,11 @@ type PolicyRule struct {
 	Ports *[]string `json:"ports,omitempty"`

 	// Protocol Policy rule type of the traffic
-	Protocol PolicyRuleProtocol `json:"protocol"`
+	Protocol       PolicyRuleProtocol `json:"protocol"`
+	SourceResource *Resource          `json:"sourceResource,omitempty"`

 	// Sources Policy rule source group IDs
-	Sources []GroupMinimum `json:"sources"`
+	Sources *[]GroupMinimum `json:"sources,omitempty"`
 }

 // PolicyRuleAction Policy rule accept or drops packets
@ -951,10 +960,11 @@ type PolicyRuleUpdate struct {
 	Bidirectional bool `json:"bidirectional"`

 	// Description Policy rule friendly description
-	Description *string `json:"description,omitempty"`
+	Description         *string   `json:"description,omitempty"`
+	DestinationResource *Resource `json:"destinationResource,omitempty"`

 	// Destinations Policy rule destination group IDs
-	Destinations []string `json:"destinations"`
+	Destinations *[]string `json:"destinations,omitempty"`

 	// Enabled Policy rule status
 	Enabled bool `json:"enabled"`
@ -972,10 +982,11 @@ type PolicyRuleUpdate struct {
 	Ports *[]string `json:"ports,omitempty"`

 	// Protocol Policy rule type of the traffic
-	Protocol PolicyRuleUpdateProtocol `json:"protocol"`
+	Protocol       PolicyRuleUpdateProtocol `json:"protocol"`
+	SourceResource *Resource                `json:"sourceResource,omitempty"`

 	// Sources Policy rule source group IDs
-	Sources []string `json:"sources"`
+	Sources *[]string `json:"sources,omitempty"`
 }

 // PolicyRuleUpdateAction Policy rule accept or drops packets
@ -1049,6 +1060,16 @@ type ProcessCheck struct {
 	Processes []Process `json:"processes"`
 }

+// Resource defines model for Resource.
+type Resource struct {
+	// Id Resource ID
+	Id   string       `json:"id"`
+	Type ResourceType `json:"type"`
+}
+
+// ResourceType defines model for ResourceType.
+type ResourceType string
+
 // Route defines model for Route.
 type Route struct {
 	// AccessControlGroups Access control group identifier associated with route.
--- a/management/server/networks/resources/types/resource.go
+++ b/management/server/networks/resources/types/resource.go
@ -12,6 +12,11 @@ import (
 	"github.com/netbirdio/netbird/management/server/http/api"
 )

+type Resource struct {
+	ID   string
+	Type string
+}
+
 type NetworkResourceType string

 const (
--- a/management/server/types/policyrule.go
+++ b/management/server/types/policyrule.go
@ -1,5 +1,9 @@
 package types

+import (
+	"github.com/netbirdio/netbird/management/server/networks/resources/types"
+)
+
 // PolicyUpdateOperationType operation type
 type PolicyUpdateOperationType int

@ -41,9 +45,15 @@ type PolicyRule struct {
 	// Destinations policy destination groups
 	Destinations []string `gorm:"serializer:json"`

+	// DestinationResource policy destination resource that the rule is applied to
+	DestinationResource types.Resource `gorm:"serializer:json"`
+
 	// Sources policy source groups
 	Sources []string `gorm:"serializer:json"`

+	// SourceResource policy source resource that the rule is applied to
+	SourceResource types.Resource `gorm:"serializer:json"`
+
 	// Bidirectional define if the rule is applicable in both directions, sources, and destinations
 	Bidirectional bool