extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-02-01 10:59:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,657 Commits 156 Branches 207 Tags 209 MiB
1a37b12d1b
Commit Graph

605 Commits

Author SHA1 Message Date
bcmmbaga
1a37b12d1b
refactor user PAT 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-10-01 00:55:32 +03:00
bcmmbaga
d36d30dec4
refactor name server groups 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-10-01 00:54:53 +03:00
bcmmbaga
43eb7261e3
refactor account and dns settings 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-10-01 00:54:28 +03:00
bcmmbaga
9e47c94a7f
refactor setup keys 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-30 14:02:55 +03:00
bcmmbaga
edf67672ad
fix merge 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-27 22:31:26 +03:00
bcmmbaga
bc520412ba
Merge branch 'main' into refactor/get-account-usage 
# Conflicts:
#	management/server/file_store.go
#	management/server/http/posture_checks_handler.go
#	management/server/mock_server/account_mock.go
#	management/server/policy.go
#	management/server/sql_store.go
#	management/server/store.go
 2024-09-27 20:27:05 +03:00
Bethuel Mmbaga
acb73bd64a
[management] Remove redundant get account calls in GetAccountFromToken (#2615) 
* refactor access control middleware and user access by JWT groups

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor jwt groups extractor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to get account when necessary

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix merge

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* revert handles change

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove GetUserByID from account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims to return account id

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to use GetAccountIDFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove locks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByName from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByID from store and refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor retrieval of policy and posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor user permissions and retrieves PAT

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor route, setupkey, nameserver and dns to get record(s) from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix add missing policy source posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add store lock

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add get account

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-27 17:10:50 +03:00
bcmmbaga
96f18c2c8c
fix tests 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-26 19:46:37 +03:00
bcmmbaga
73be8c8a32
fix merge 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-26 19:00:59 +03:00
bcmmbaga
f61c914fd7
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage 
# Conflicts:
#	management/server/file_store.go
 2024-09-26 18:51:47 +03:00
bcmmbaga
4575ae2841
add store lock 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-26 18:46:23 +03:00
bcmmbaga
ca6a9fd602
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage 2024-09-26 16:39:52 +03:00
bcmmbaga
871595d15f
Merge branch 'main' into refactor-get-account-by-token 
# Conflicts:
#	management/server/sql_store.go
 2024-09-26 16:39:17 +03:00
bcmmbaga
30253b0565
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage 2024-09-26 16:34:36 +03:00
bcmmbaga
dc82c2d1ce
fix add missing policy source posture checks 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-26 16:34:19 +03:00
bcmmbaga
3b4bcdf5a4
refactor posture checks save and deletion 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-26 16:28:49 +03:00
bcmmbaga
87c8430e99
add store policy save and method 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-25 22:47:54 +03:00
pascal-fischer
1e4a0f77e2
Add get DB method to store (#2650) 2024-09-25 18:22:27 +02:00
bcmmbaga
c384874d7d
fix tests 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-25 15:04:57 +03:00
bcmmbaga
b815393180
fix lint 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-25 13:02:08 +03:00
bcmmbaga
41b212f610
Refactor store 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-25 12:53:20 +03:00
bcmmbaga
16174f0478
Refactor route, setupkey, nameserver and dns to get record(s) from store 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-25 12:52:42 +03:00
bcmmbaga
d14b855670
Refactor user permissions and retrieves PAT 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-24 22:57:04 +03:00
bcmmbaga
eab85644cd
Refactor retrieval of policy and posture checks 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-24 21:57:33 +03:00
bcmmbaga
7561706627
add GetGroupByID from store and refactor 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-24 19:55:33 +03:00
bcmmbaga
1ffe89d20d
add GetGroupByName from store 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-24 16:36:57 +03:00
bcmmbaga
28840383e1
refactor 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-24 13:30:13 +03:00
bcmmbaga
d9f612d623
remove locks 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-23 20:12:57 +03:00
pascal-fischer
d47be154ea
[misc] Fix ip range posture check example (#2628) 2024-09-23 10:02:03 +02:00
bcmmbaga
7601a17150
fix tests 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-22 23:44:10 +03:00
bcmmbaga
8f98adddf6
refactor handlers to use GetAccountIDFromToken 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-22 15:14:31 +03:00
bcmmbaga
26dd045da5
Merge branch 'main' into refactor-get-account-by-token 2024-09-20 14:08:09 +03:00
bcmmbaga
4d9bb7ea35
refactor getAccountWithAuthorizationClaims to return account id 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-20 14:07:44 +03:00
Bethuel Mmbaga
35c892aea3
[management] Restrict accessible peers to user-owned peers for non-admins (#2618) 
* Restrict accessible peers to user-owned peers for non-admin users

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add service user test

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* reuse account from token

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* return error when peer not found

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-20 12:36:58 +03:00
bcmmbaga
9631cb4fb3
fix tests 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 19:05:21 +03:00
bcmmbaga
8f9c54f6c2
remove GetUserByID from account manager 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 17:03:04 +03:00
bcmmbaga
f60a4234b1
revert handles change 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 16:40:47 +03:00
bcmmbaga
021fc8f33e
fix merge 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 16:11:20 +03:00
bcmmbaga
a4c4158bcf
Merge branch 'main' into refactor-get-account-by-token 2024-09-18 16:03:55 +03:00
bcmmbaga
720d36a290
refactor getAccountWithAuthorizationClaims 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 15:55:52 +03:00
bcmmbaga
ccab3b427f
refactor getAccountFromToken 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-18 14:24:39 +03:00
bcmmbaga
e5d55d3c10
refactor handlers to get account when necessary 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-17 23:15:54 +03:00
bcmmbaga
3cf1b02f31
refactor jwt groups extractor 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-17 18:18:59 +03:00
pascal-fischer
6c50b0c84b
[management] Add transaction to addPeer (#2469) 
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
 2024-09-16 15:47:03 +02:00
bcmmbaga
258b30cf48
refactor access control middleware and user access by JWT groups 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-16 13:33:36 +03:00
Bethuel Mmbaga
82739e2832
[management] fix legacy decrypting of empty values (#2595) 
* allow legacy decrypting on empty values

* validate source size and padding limits

* added tests

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
 2024-09-15 16:22:46 +02:00
Bethuel Mmbaga
170e842422
[management] Add accessible peers endpoint (#2579) 
* move accessible peer to separate endpoint in api doc

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add endpoint to get accessible peers

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Update management/server/http/api/openapi.yml

Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>

* Update management/server/http/api/openapi.yml

Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>

* Update management/server/http/peers_handler.go

Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>
 2024-09-12 16:19:27 +03:00
Bethuel Mmbaga
cf6210a6f4
[management] Add GCM encryption and migrate legacy encrypted events (#2569) 
* Add AES-GCM encryption

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* migrate legacy encrypted data to AES-GCM encryption

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor and use transaction when migrating data

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Add events migration tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* skip migrating record on error

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Preallocate capacity for nonce to avoid allocations in Seal

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-09-11 20:09:57 +03:00
Viktor Liu
2d1bf3982d
[relay] Improve relay messages (#2574) 
Co-authored-by: Zoltán Papp <zoltan.pmail@gmail.com>
 2024-09-11 16:20:30 +02:00
pascal-fischer
f43a0a0177
[client] Retry on tun creation for darwin (#2564) 
The interface creation on macOS seems to be asynchronus why the tun.create methode somethimes failes becasue the interface is not ready yet. To work around this issue we introduce a retry on tun.create
 2024-09-09 19:02:10 +02:00