bcmmbaga
73be8c8a32
fix merge
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 19:00:59 +03:00
bcmmbaga
f61c914fd7
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage
...
# Conflicts:
# management/server/file_store.go
2024-09-26 18:51:47 +03:00
bcmmbaga
4575ae2841
add store lock
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 18:46:23 +03:00
bcmmbaga
ca6a9fd602
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage
2024-09-26 16:39:52 +03:00
bcmmbaga
871595d15f
Merge branch 'main' into refactor-get-account-by-token
...
# Conflicts:
# management/server/sql_store.go
2024-09-26 16:39:17 +03:00
bcmmbaga
30253b0565
Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage
2024-09-26 16:34:36 +03:00
bcmmbaga
dc82c2d1ce
fix add missing policy source posture checks
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 16:34:19 +03:00
bcmmbaga
3b4bcdf5a4
refactor posture checks save and deletion
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-26 16:28:49 +03:00
bcmmbaga
87c8430e99
add store policy save and method
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 22:47:54 +03:00
pascal-fischer
1e4a0f77e2
Add get DB method to store ( #2650 )
2024-09-25 18:22:27 +02:00
bcmmbaga
c384874d7d
fix tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 15:04:57 +03:00
bcmmbaga
b815393180
fix lint
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 13:02:08 +03:00
bcmmbaga
41b212f610
Refactor store
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 12:53:20 +03:00
bcmmbaga
16174f0478
Refactor route, setupkey, nameserver and dns to get record(s) from store
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-25 12:52:42 +03:00
bcmmbaga
d14b855670
Refactor user permissions and retrieves PAT
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 22:57:04 +03:00
bcmmbaga
eab85644cd
Refactor retrieval of policy and posture checks
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 21:57:33 +03:00
bcmmbaga
7561706627
add GetGroupByID from store and refactor
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 19:55:33 +03:00
bcmmbaga
1ffe89d20d
add GetGroupByName from store
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 16:36:57 +03:00
bcmmbaga
28840383e1
refactor
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-24 13:30:13 +03:00
bcmmbaga
d9f612d623
remove locks
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-23 20:12:57 +03:00
pascal-fischer
d47be154ea
[misc] Fix ip range posture check example ( #2628 )
2024-09-23 10:02:03 +02:00
bcmmbaga
7601a17150
fix tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-22 23:44:10 +03:00
bcmmbaga
8f98adddf6
refactor handlers to use GetAccountIDFromToken
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-22 15:14:31 +03:00
bcmmbaga
26dd045da5
Merge branch 'main' into refactor-get-account-by-token
2024-09-20 14:08:09 +03:00
bcmmbaga
4d9bb7ea35
refactor getAccountWithAuthorizationClaims to return account id
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-20 14:07:44 +03:00
Bethuel Mmbaga
35c892aea3
[management] Restrict accessible peers to user-owned peers for non-admins ( #2618 )
...
* Restrict accessible peers to user-owned peers for non-admin users
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add service user test
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* reuse account from token
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* return error when peer not found
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-20 12:36:58 +03:00
bcmmbaga
9631cb4fb3
fix tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 19:05:21 +03:00
bcmmbaga
8f9c54f6c2
remove GetUserByID from account manager
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 17:03:04 +03:00
bcmmbaga
f60a4234b1
revert handles change
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 16:40:47 +03:00
bcmmbaga
021fc8f33e
fix merge
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 16:11:20 +03:00
bcmmbaga
a4c4158bcf
Merge branch 'main' into refactor-get-account-by-token
2024-09-18 16:03:55 +03:00
bcmmbaga
720d36a290
refactor getAccountWithAuthorizationClaims
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 15:55:52 +03:00
bcmmbaga
ccab3b427f
refactor getAccountFromToken
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-18 14:24:39 +03:00
bcmmbaga
e5d55d3c10
refactor handlers to get account when necessary
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-17 23:15:54 +03:00
bcmmbaga
3cf1b02f31
refactor jwt groups extractor
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-17 18:18:59 +03:00
pascal-fischer
6c50b0c84b
[management] Add transaction to addPeer ( #2469 )
...
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
2024-09-16 15:47:03 +02:00
bcmmbaga
258b30cf48
refactor access control middleware and user access by JWT groups
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-16 13:33:36 +03:00
Bethuel Mmbaga
82739e2832
[management] fix legacy decrypting of empty values ( #2595 )
...
* allow legacy decrypting on empty values
* validate source size and padding limits
* added tests
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-09-15 16:22:46 +02:00
Bethuel Mmbaga
170e842422
[management] Add accessible peers endpoint ( #2579 )
...
* move accessible peer to separate endpoint in api doc
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add endpoint to get accessible peers
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Update management/server/http/api/openapi.yml
Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>
* Update management/server/http/api/openapi.yml
Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>
* Update management/server/http/peers_handler.go
Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: pascal-fischer <32096965+pascal-fischer@users.noreply.github.com>
2024-09-12 16:19:27 +03:00
Bethuel Mmbaga
cf6210a6f4
[management] Add GCM encryption and migrate legacy encrypted events ( #2569 )
...
* Add AES-GCM encryption
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* migrate legacy encrypted data to AES-GCM encryption
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor and use transaction when migrating data
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Add events migration tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix lint
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* skip migrating record on error
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Preallocate capacity for nonce to avoid allocations in Seal
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-11 20:09:57 +03:00
Viktor Liu
2d1bf3982d
[relay] Improve relay messages ( #2574 )
...
Co-authored-by: Zoltán Papp <zoltan.pmail@gmail.com>
2024-09-11 16:20:30 +02:00
pascal-fischer
f43a0a0177
[client] Retry on tun creation for darwin ( #2564 )
...
The interface creation on macOS seems to be asynchronus why the tun.create methode somethimes failes becasue the interface is not ready yet. To work around this issue we introduce a retry on tun.create
2024-09-09 19:02:10 +02:00
benniekiss
12c36312b5
[management] Auto update geolite ( #2297 )
...
introduces helper functions to fetch and verify database versions, downloads new files if outdated, and deletes old ones. It also refactors filename handling to improve clarity and consistency, adding options to disable auto-updating via a flag. The changes aim to simplify GeoLite database management for admins.
2024-09-09 18:27:42 +02:00
Zoltan Papp
0c039274a4
[relay] Feature/relay integration ( #2244 )
...
This update adds new relay integration for NetBird clients. The new relay is based on web sockets and listens on a single port.
- Adds new relay implementation with websocket with single port relaying mechanism
- refactor peer connection logic, allowing upgrade and downgrade from/to P2P connection
- peer connections are faster since it connects first to relay and then upgrades to P2P
- maintains compatibility with old clients by not using the new relay
- updates infrastructure scripts with new relay service
2024-09-08 12:06:14 +02:00
Maycon Santos
a7e46bf7b1
Reduce test logs ( #2550 )
2024-09-06 16:28:19 +02:00
Maycon Santos
95174d4619
Update route API doc with max domain number ( #2516 )
2024-09-02 17:40:34 +02:00
Harry Kodden
00944bcdbf
[management] Add support to ECDSA public Keys ( #2461 )
...
Update the JWT validation logic to handle ECDSA keys in addition to the existing RSA keys
---------
Co-authored-by: Harry Kodden <harry.kodden@surf.nl>
Co-authored-by: Bethuel Mmbaga <bethuelmbaga12@gmail.com>
2024-08-27 16:37:55 +02:00
Bethuel Mmbaga
d97b03656f
[management] Refactor HTTP metrics ( #2476 )
...
* Add logging for slow SQL queries in SaveAccount and GetAccount
* Add resource count log for large accounts
* Refactor metrics middleware to simplify counters and histograms
* Update log levels and remove redundant resource count check
2024-08-23 19:42:55 +03:00
pascal-fischer
0f0415b92a
rename request buffer and update default interval ( #2459 )
2024-08-21 11:44:52 +02:00
pascal-fischer
3ed90728e6
[management] Add buffering for getAccount requests during login ( #2449 )
2024-08-20 20:06:01 +02:00