make frontend dial policies for private access names more unique (include frontend token) (#329)

This commit is contained in:
Michael Quigley 2023-05-18 13:19:16 -04:00
parent 1b70c6e013
commit 871bf2d528
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
3 changed files with 4 additions and 4 deletions

View File

@ -76,7 +76,7 @@ func (h *accessHandler) Handle(params share.AccessParams, principal *rest_model_
"zrokFrontendToken": feToken,
"zrokShareToken": shrToken,
}
if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+shr.ZId+"-dial", shr.ZId, []string{envZId}, addlTags, edge); err != nil {
if err := zrokEdgeSdk.CreateServicePolicyDial(feToken+"-"+envZId+"-"+shr.ZId+"-dial", shr.ZId, []string{envZId}, addlTags, edge); err != nil {
logrus.Errorf("unable to create dial policy for user '%v': %v", principal.Email, err)
return share.NewAccessInternalServerError()
}

View File

@ -35,11 +35,11 @@ func (a *accountRelaxAction) HandleAccount(acct *store.Account, _, _ int64, _ *B
switch shr.ShareMode {
case "public":
if err := relaxPublicShare(a.str, a.edge, shr, trx); err != nil {
return err
return errors.Wrap(err, "error relaxing public share")
}
case "private":
if err := relaxPrivateShare(a.str, a.edge, shr, trx); err != nil {
return err
return errors.Wrap(err, "error relaxing private share")
}
}
}

View File

@ -72,7 +72,7 @@ func relaxPrivateShare(str *store.Store, edge *rest_management_api_client.ZitiEd
"zrokFrontendToken": fe.Token,
"zrokShareToken": shr.Token,
}
if err := zrokEdgeSdk.CreateServicePolicyDial(env.ZId+"-"+shr.ZId+"-dial", shr.ZId, []string{env.ZId}, addlTags, edge); err != nil {
if err := zrokEdgeSdk.CreateServicePolicyDial(fe.Token+"-"+env.ZId+"-"+shr.ZId+"-dial", shr.ZId, []string{env.ZId}, addlTags, edge); err != nil {
return errors.Wrapf(err, "unable to create dial policy for frontend '%v'", fe.Token)
}