Bethuel Mmbaga
acb73bd64a
[management] Remove redundant get account calls in GetAccountFromToken ( #2615 )
...
* refactor access control middleware and user access by JWT groups
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor jwt groups extractor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor handlers to get account when necessary
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor getAccountFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor getAccountWithAuthorizationClaims
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* revert handles change
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* remove GetUserByID from account manager
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor getAccountWithAuthorizationClaims to return account id
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor handlers to use GetAccountIDFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* remove locks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add GetGroupByName from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add GetGroupByID from store and refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor retrieval of policy and posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor user permissions and retrieves PAT
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor route, setupkey, nameserver and dns to get record(s) from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* Refactor store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix lint
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix add missing policy source posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add store lock
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add get account
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-27 17:10:50 +03:00
Bethuel Mmbaga
35c892aea3
[management] Restrict accessible peers to user-owned peers for non-admins ( #2618 )
...
* Restrict accessible peers to user-owned peers for non-admin users
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* add service user test
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* reuse account from token
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
* return error when peer not found
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
2024-09-20 12:36:58 +03:00
pascal-fischer
765aba2c1c
Add context to throughout the project and update logging ( #2209 )
...
propagate context from all the API calls and log request ID, account ID and peer ID
---------
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
2024-07-03 11:33:02 +02:00
Misha Bragin
df4ca01848
Return system serial on a peer HTTP API call ( #1929 )
2024-05-06 14:49:03 +02:00
Maycon Santos
f0672b87bc
Add missing dns domain to tests to avoid verbose test logs ( #1724 )
2024-03-18 12:25:01 +01:00
Yury Gargay
27ed88f918
Implement lightweight method to check is peer has update channel ( #1351 )
...
Instead of GetAllConnectedPeers that need to traverse the whole
connections map in order to find one channel there.
2023-12-05 14:17:56 +01:00
Pascal Fischer
efd05ca023
fix api references
2023-11-28 15:15:51 +01:00
Pascal Fischer
a729c83b06
extract peer into seperate package
2023-11-28 13:45:26 +01:00
Yury Gargay
9e8725618e
Extend linter rules ( #1300 )
...
- dupword checks for duplicate words in the source code
- durationcheck checks for two durations multiplied together
- forbidigo forbids identifiers
- mirror reports wrong mirror patterns of bytes/strings usage
- misspell finds commonly misspelled English words in comments
- predeclared finds code that shadows one of Go's predeclared identifiers
- thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
Zoltan Papp
8be6e92563
Extend API with accessible peers ( #1284 )
...
Extend the peer and peers API endpoints with accessible peers.
2023-11-07 14:38:36 +01:00
Yury Gargay
659110f0d5
Rework peer connection status based on the update channel existence ( #1213 )
...
With this change, we don't need to update all peers on startup. We will
check the existence of an update channel when returning a list or single peer on API.
Then after restarting of server consumers of API will see peer not
connected status till the creation of an updated channel which indicates
peer successful connection.
2023-10-11 18:11:45 +02:00
pascal-fischer
59372ee159
API cleanup ( #824 )
...
removed all PATCH endpoints
updated path parameters for all endpoints
removed not implemented endpoints for api doc
minor description updates
2023-05-03 00:15:25 +02:00
Pascal Fischer
f1f90807e4
changed the naming convention for all handling objects and methods to have unified way
2023-02-28 15:01:24 +01:00