Commit Graph

63 Commits

Author SHA1 Message Date
875b8d662c Clean up sqlite policy rules after deletion
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-27 15:40:37 +03:00
de99624610 Fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-26 20:15:23 +03:00
accada3311 Remove db lock on aggregate db calls
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-25 21:23:58 +03:00
71af7edd05 Refactor new account handling
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-25 17:43:39 +03:00
e17d8127e3 Remove unused store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-25 13:49:41 +03:00
ea51ce876e Remove group all checks for accounts during startup
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-22 18:07:23 +03:00
70b4628b5a Refactor account settings updates
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-22 17:53:15 +03:00
de3e67e7ae Add route store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-22 00:45:45 +03:00
6ea98f0ce7 Remove db query context and fix get user by id
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-20 22:44:06 +03:00
6a456c52bf Refactor user and PAT handling
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-19 23:42:27 +03:00
0ee56e14d9 fix lint
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-19 10:47:26 +03:00
a2fb274b86 remove duplicate store method
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-18 15:09:30 +03:00
a61e9da3e9 run peer ops in transaction
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-18 15:06:25 +03:00
f5e7449d01 Add lock for peer store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-14 19:24:51 +03:00
6315644065 Add peer store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-14 13:04:36 +03:00
218345e0ff Refactor name server groups to use store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-13 20:41:30 +03:00
560190519d Refactor dns settings to use store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-13 13:15:47 +03:00
32d1b2d602 Retrieve policy groups and posture checks once for validation
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-12 18:53:10 +03:00
2a59f04540 Merge branch 'posturechecks-get-account-refactoring' into policy-get-account-refactoring 2024-11-12 17:16:52 +03:00
a3abc211b3 Add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-12 17:11:56 +03:00
00023bf110 Merge branch 'groups-get-account-refactoring' into posturechecks-get-account-refactoring 2024-11-12 15:55:34 +03:00
0c0fd380bd Refactor policy get and save account to use store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-12 11:17:16 +03:00
ffce48ca5f Merge branch 'groups-get-account-refactoring' into policy-get-account-refactoring 2024-11-11 23:08:34 +03:00
d23b5c892b Retrieve modified peers once for group events
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-11 22:58:22 +03:00
664d1388aa fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-11 22:29:59 +03:00
010a8bfdc1 Merge branch 'main' into groups-get-account-refactoring
# Conflicts:
#	management/server/group.go
#	management/server/group/group.go
#	management/server/setupkey.go
#	management/server/sql_store.go
#	management/server/status/error.go
#	management/server/store.go
2024-11-11 21:10:02 +03:00
6cb697eed6 [management] Refactor setup key to use store methods (#2861)
* Refactor setup key handling to use store methods

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add lock to get account groups

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add check for regular user

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* get only required groups for auto-group validation

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add account lock and return auto groups map on validation

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix missing group removed from setup key activity

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Remove context from DB queries

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Add user permission check and add setup events into events to store slice

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Retrieve all groups once during setup key auto-group validation

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Fix lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Fix sonar

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-11 19:46:10 +03:00
174e07fefd Refactor posture checks to remove get and save account
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-11 12:37:19 +03:00
6dc185e141 Preserve store engine in SqlStore transactions
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-09 01:16:03 +03:00
d58cf50127 Merge branch 'setupkey-get-account-refactoring' into groups-get-account-refactoring
# Conflicts:
#	management/server/sql_store.go
2024-11-08 19:48:13 +03:00
40af1a50e3 Merge branch 'feature/get-account-refactoring' into setupkey-get-account-refactoring
# Conflicts:
#	management/server/sql_store.go
2024-11-08 19:17:28 +03:00
8126d95316 refactor GetGroupByID and add NewGroupNotFoundError
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-08 18:58:04 +03:00
0a70e4c5d4 Refactor groups to use store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-08 18:39:36 +03:00
669904cd06 [management] Remove context from database calls (#2863) 2024-11-08 15:49:00 +01:00
389c9619af Refactor setup key handling to use store methods
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-11-08 00:31:41 +03:00
7fef8f6758 [management] Enforce max conn of 1 for sqlite setups (#2855) 2024-11-07 16:32:35 +01:00
bac95ace18 [management] Add DB access duration to logs for context cancel (#2781) 2024-11-01 10:58:39 +01:00
10480eb52f [management] Setup key improvements (#2775) 2024-10-28 17:52:23 +01:00
96d2207684 Fix JSON function compatibility for SQLite and PostgreSQL (#2746)
resolves the issue with json_array_length compatibility between SQLite and PostgreSQL. It adjusts the query to conditionally cast types:

PostgreSQL: Casts to json with ::json.
SQLite: Uses the text representation directly.
2024-10-16 17:55:30 +02:00
da3a053e2b [management] Refactor getAccountIDWithAuthorizationClaims (#2715)
This change restructures the getAccountIDWithAuthorizationClaims method to improve readability, maintainability, and performance.

- have dedicated methods to handle possible cases
- introduced Store.UpdateAccountDomainAttributes and Store.GetAccountUsers methods
- Remove GetAccount and SaveAccount dependency
- added tests
2024-10-12 08:35:51 +02:00
8284ae959c [management] Move testdata to sql files (#2693) 2024-10-10 12:35:03 +02:00
b79c1d64cc [management] Make max open db conns configurable (#2713) 2024-10-09 20:17:25 +02:00
d4ef84fe6e [management] Propagate error in store errors (#2709) 2024-10-09 14:33:58 +02:00
8bf729c7b4 [management] Add AccountExists to AccountManager (#2694)
* Add AccountExists method to account manager interface

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove unused code

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-04 18:09:40 +03:00
7f09b39769 [management] Refactor User JWT group sync (#2690)
* Refactor GetAccountIDByUserOrAccountID

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* sync user jwt group changes

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* propagate jwt group changes to peers

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix no jwt groups synced

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests and lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Move the account peer update outside the transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* move updateUserPeersInGroups to account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* move event store outside of transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* get user with update lock

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Run jwt sync in transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-04 17:17:01 +03:00
158936fb15 [management] Remove file store (#2689) 2024-10-03 15:50:35 +02:00
acb73bd64a [management] Remove redundant get account calls in GetAccountFromToken (#2615)
* refactor access control middleware and user access by JWT groups

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor jwt groups extractor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to get account when necessary

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix merge

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* revert handles change

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove GetUserByID from account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims to return account id

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to use GetAccountIDFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove locks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByName from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByID from store and refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor retrieval of policy and posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor user permissions and retrieves PAT

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor route, setupkey, nameserver and dns to get record(s) from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix add missing policy source posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add store lock

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add get account

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-27 17:10:50 +03:00
1e4a0f77e2 Add get DB method to store (#2650) 2024-09-25 18:22:27 +02:00
6c50b0c84b [management] Add transaction to addPeer (#2469)
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
2024-09-16 15:47:03 +02:00
d97b03656f [management] Refactor HTTP metrics (#2476)
* Add logging for slow SQL queries in SaveAccount and GetAccount

* Add resource count log for large accounts

* Refactor metrics middleware to simplify counters and histograms

* Update log levels and remove redundant resource count check
2024-08-23 19:42:55 +03:00