Commit Graph

731 Commits

Author SHA1 Message Date
bcmmbaga
53218f99bc
Merge branch 'feature/optimize-network-map-updates' into feature/validate-group-association 2024-10-21 12:37:24 +03:00
bcmmbaga
e5ecf0e5b3
Merge branch 'main' into feature/optimize-network-map-updates
# Conflicts:
#	management/server/peer/peer.go
2024-10-21 12:36:43 +03:00
bcmmbaga
ced28c4376
skip the update only last sent the serial is larger
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-21 11:01:01 +03:00
Maycon Santos
88e4fc2245
Release global lock on early error (#2760) 2024-10-19 18:32:17 +02:00
Maycon Santos
ccd4ae6315
Fix domain information is up to date check (#2754) 2024-10-17 19:21:35 +02:00
Bethuel Mmbaga
96d2207684
Fix JSON function compatibility for SQLite and PostgreSQL (#2746)
resolves the issue with json_array_length compatibility between SQLite and PostgreSQL. It adjusts the query to conditionally cast types:

PostgreSQL: Casts to json with ::json.
SQLite: Uses the text representation directly.
2024-10-16 17:55:30 +02:00
ctrl-zzz
49e65109d2
Add session expire functionality based on inactivity (#2326)
Implemented inactivity expiration by checking the status of a peer: after a configurable period of time following netbird down, the peer shows login required.
2024-10-13 14:52:43 +02:00
Maycon Santos
da3a053e2b
[management] Refactor getAccountIDWithAuthorizationClaims (#2715)
This change restructures the getAccountIDWithAuthorizationClaims method to improve readability, maintainability, and performance.

- have dedicated methods to handle possible cases
- introduced Store.UpdateAccountDomainAttributes and Store.GetAccountUsers methods
- Remove GetAccount and SaveAccount dependency
- added tests
2024-10-12 08:35:51 +02:00
bcmmbaga
cd92646348
enable diff nil structs comparison
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 19:33:17 +03:00
bcmmbaga
30a0d9c8c4
fix postgres tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 18:03:00 +03:00
bcmmbaga
a42ebb8202
fix management suite tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 15:26:05 +03:00
Misha Bragin
208a2b7169
Add billing user role (#2714) 2024-10-10 14:14:56 +02:00
bcmmbaga
15b83cb1e5
Merge branch 'feature/optimize-network-map-updates' into feature/validate-group-association 2024-10-10 13:59:02 +03:00
bcmmbaga
fdb1a1fe00
Merge branch 'main' into feature/optimize-network-map-updates 2024-10-10 13:57:34 +03:00
pascal-fischer
8284ae959c
[management] Move testdata to sql files (#2693) 2024-10-10 12:35:03 +02:00
bcmmbaga
8cabb07728
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 10:40:24 +03:00
bcmmbaga
57f7f43ecb
Merge branch 'feature/optimize-network-map-updates' into feature/validate-group-association
# Conflicts:
#	management/server/account.go
2024-10-10 09:46:32 +03:00
bcmmbaga
2e20a586cb
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 09:44:31 +03:00
bcmmbaga
ed3c3c214e
Merge branch 'main' into feature/optimize-network-map-updates
# Conflicts:
#	management/server/testdata/store.json
2024-10-10 09:31:55 +03:00
bcmmbaga
bdf114cd74
add peer tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-10 01:51:47 +03:00
bcmmbaga
ce7de03d6e
use generic differ for netip.Addr and netip.Prefix
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-09 23:49:41 +03:00
Maycon Santos
6ce09bca16
Add support to envsub go management configurations (#2708)
This change allows users to reference environment variables using Go template format, like {{ .EnvName }}

Moved the previous file test code to file_suite_test.go.
2024-10-09 20:46:23 +02:00
pascal-fischer
b79c1d64cc
[management] Make max open db conns configurable (#2713) 2024-10-09 20:17:25 +02:00
bcmmbaga
9ee08fc441
fix nameserver tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-09 17:04:20 +03:00
bcmmbaga
271bed5f73
upgrade diff package
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-09 17:01:40 +03:00
bcmmbaga
2a751645f9
fix group tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-09 17:00:29 +03:00
pascal-fischer
d4ef84fe6e
[management] Propagate error in store errors (#2709) 2024-10-09 14:33:58 +02:00
bcmmbaga
d4edde90c2
fix routes tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-09 13:52:43 +03:00
bcmmbaga
5cc07ba42a
fix nameserver tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 19:39:12 +03:00
bcmmbaga
70f1c394c1
fix typo
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 17:15:06 +03:00
bcmmbaga
c74a13e1a9
fix account and route tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 17:11:50 +03:00
bcmmbaga
1ed44b810c
fix user and setup key tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 16:51:00 +03:00
bcmmbaga
41acacfba5
add posture checks tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 15:50:13 +03:00
bcmmbaga
fc7157f82f
add policy tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-08 11:59:03 +03:00
Bethuel Mmbaga
2c1f5e46d5
[management] Validate peer ownership during login (#2704)
* check peer ownership in login

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* update error message

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-07 19:06:26 +03:00
bcmmbaga
63c510e80d
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-06 20:34:50 +03:00
pascal-fischer
dbec24b520
[management] Remove admin check on getAccountByID (#2699) 2024-10-06 17:01:13 +02:00
Bethuel Mmbaga
5897a48e29
fix wrong reference (#2695)
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-04 18:55:25 +03:00
Bethuel Mmbaga
8bf729c7b4
[management] Add AccountExists to AccountManager (#2694)
* Add AccountExists method to account manager interface

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove unused code

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-04 18:09:40 +03:00
Bethuel Mmbaga
7f09b39769
[management] Refactor User JWT group sync (#2690)
* Refactor GetAccountIDByUserOrAccountID

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* sync user jwt group changes

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* propagate jwt group changes to peers

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix no jwt groups synced

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests and lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Move the account peer update outside the transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* move updateUserPeersInGroups to account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* move event store outside of transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* get user with update lock

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Run jwt sync in transaction

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-04 17:17:01 +03:00
bcmmbaga
716009b791
Merge branch 'feature/optimize-network-map-updates' into feature/validate-group-association
# Conflicts:
#	management/server/account.go
#	management/server/peer.go
#	management/server/peer_test.go
#	management/server/policy.go
#	management/server/route.go
#	management/server/route_test.go
2024-10-04 10:46:41 +03:00
pascal-fischer
158936fb15
[management] Remove file store (#2689) 2024-10-03 15:50:35 +02:00
bcmmbaga
a915707d13
fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-10-03 14:12:53 +03:00
bcmmbaga
5108888163
Merge branch 'main' into feature/optimize-network-map-updates
# Conflicts:
#	management/server/account_test.go
#	management/server/peer.go
2024-10-03 14:10:46 +03:00
Maycon Santos
8934453b30
Update management base docker image (#2687) 2024-10-02 19:29:51 +03:00
Bethuel Mmbaga
ff7863785f
[management, client] Add access control support to network routes (#2100) 2024-10-02 13:41:00 +02:00
pascal-fischer
16179db599
[management] Propagate metrics (#2667) 2024-09-30 22:18:10 +02:00
adasauce
58ff7ab797
[management] improve zitadel idp error response detail by decoding errors (#2634)
* [management] improve zitadel idp error response detail by decoding errors

* [management] extend readZitadelError to be used for requestJWTToken

more generically parse the error returned by zitadel.

* fix lint

---------

Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-27 22:21:34 +03:00
Bethuel Mmbaga
acb73bd64a
[management] Remove redundant get account calls in GetAccountFromToken (#2615)
* refactor access control middleware and user access by JWT groups

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor jwt groups extractor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to get account when necessary

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix merge

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* revert handles change

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove GetUserByID from account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor getAccountWithAuthorizationClaims to return account id

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor handlers to use GetAccountIDFromToken

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* remove locks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByName from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add GetGroupByID from store and refactor

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor retrieval of policy and posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor user permissions and retrieves PAT

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor route, setupkey, nameserver and dns to get record(s) from store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Refactor store

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix lint

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix add missing policy source posture checks

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add store lock

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add get account

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-27 17:10:50 +03:00
pascal-fischer
1e4a0f77e2
Add get DB method to store (#2650) 2024-09-25 18:22:27 +02:00