mirror of
https://github.com/netbirdio/netbird.git
synced 2024-10-05 01:32:05 +02:00
e586eca16c
With this fix, all nested slices and pointers will be copied by value. Also, this fixes tests to compare the original and copy account by their values by marshaling them to JSON strings. Before that, they were copying the pointers that also passed the simple `=` compassion (as the addresses match).
98 lines
2.7 KiB
Go
98 lines
2.7 KiB
Go
package server
|
|
|
|
import "fmt"
|
|
|
|
// TrafficFlowType defines allowed direction of the traffic in the rule
|
|
type TrafficFlowType int
|
|
|
|
const (
|
|
// TrafficFlowBidirect allows traffic to both direction
|
|
TrafficFlowBidirect TrafficFlowType = iota
|
|
// TrafficFlowBidirectString allows traffic to both direction
|
|
TrafficFlowBidirectString = "bidirect"
|
|
// DefaultRuleName is a name for the Default rule that is created for every account
|
|
DefaultRuleName = "Default"
|
|
// DefaultRuleDescription is a description for the Default rule that is created for every account
|
|
DefaultRuleDescription = "This is a default rule that allows connections between all the resources"
|
|
// DefaultPolicyName is a name for the Default policy that is created for every account
|
|
DefaultPolicyName = "Default"
|
|
// DefaultPolicyDescription is a description for the Default policy that is created for every account
|
|
DefaultPolicyDescription = "This is a default policy that allows connections between all the resources"
|
|
)
|
|
|
|
// Rule of ACL for groups
|
|
type Rule struct {
|
|
// ID of the rule
|
|
ID string
|
|
|
|
// Name of the rule visible in the UI
|
|
Name string
|
|
|
|
// Description of the rule visible in the UI
|
|
Description string
|
|
|
|
// Disabled status of rule in the system
|
|
Disabled bool
|
|
|
|
// Source list of groups IDs of peers
|
|
Source []string
|
|
|
|
// Destination list of groups IDs of peers
|
|
Destination []string
|
|
|
|
// Flow of the traffic allowed by the rule
|
|
Flow TrafficFlowType
|
|
}
|
|
|
|
func (r *Rule) Copy() *Rule {
|
|
rule := &Rule{
|
|
ID: r.ID,
|
|
Name: r.Name,
|
|
Description: r.Description,
|
|
Disabled: r.Disabled,
|
|
Source: make([]string, len(r.Source)),
|
|
Destination: make([]string, len(r.Destination)),
|
|
Flow: r.Flow,
|
|
}
|
|
copy(rule.Source, r.Source)
|
|
copy(rule.Destination, r.Destination)
|
|
return rule
|
|
}
|
|
|
|
// EventMeta returns activity event meta related to this rule
|
|
func (r *Rule) EventMeta() map[string]any {
|
|
return map[string]any{"name": r.Name}
|
|
}
|
|
|
|
// ToPolicyRule converts a Rule to a PolicyRule object
|
|
func (r *Rule) ToPolicyRule() *PolicyRule {
|
|
if r == nil {
|
|
return nil
|
|
}
|
|
return &PolicyRule{
|
|
ID: r.ID,
|
|
Name: r.Name,
|
|
Enabled: !r.Disabled,
|
|
Description: r.Description,
|
|
Destinations: r.Destination,
|
|
Sources: r.Source,
|
|
Bidirectional: true,
|
|
Protocol: PolicyRuleProtocolALL,
|
|
Action: PolicyTrafficActionAccept,
|
|
}
|
|
}
|
|
|
|
// RuleToPolicy converts a Rule to a Policy query object
|
|
func RuleToPolicy(rule *Rule) (*Policy, error) {
|
|
if rule == nil {
|
|
return nil, fmt.Errorf("rule is empty")
|
|
}
|
|
return &Policy{
|
|
ID: rule.ID,
|
|
Name: rule.Name,
|
|
Description: rule.Description,
|
|
Enabled: !rule.Disabled,
|
|
Rules: []*PolicyRule{rule.ToPolicyRule()},
|
|
}, nil
|
|
}
|