zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-05 08:47:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

restructuring continued

Browse Source
This commit is contained in:
0xdcarns
2022-01-10 17:52:21 -05:00
parent c033be41bb
commit 64e7791011
13 changed files with 178 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
controllers/auth_grpc.go
View File

@@ -72,7 +72,7 @@ func grpcAuthorize(ctx context.Context) error {
authToken := authHeader[0] authToken := authHeader[0]
mac, network, err := logic.VerifyToken(authToken) nodeID, mac, network, err := logic.VerifyToken(authToken)
if err != nil { if err != nil {
return err return err
} }
@@ -83,9 +83,10 @@ func grpcAuthorize(ctx context.Context) error {
return status.Errorf(codes.Unauthenticated, "Unauthorized. Network does not exist: "+network) return status.Errorf(codes.Unauthenticated, "Unauthorized. Network does not exist: "+network)
} }
emptynode := models.Node{} emptynode := models.Node{}
node, err := logic.GetNodeByMacAddress(network, mac) node, err := logic.GetNodeByIDorMacAddress(nodeID, mac, network)
if database.IsEmptyRecord(err) { if database.IsEmptyRecord(err) {
if node, err = logic.GetDeletedNodeByMacAddress(network, mac); err == nil { // == DELETE replace logic after 2 major version updates ==
if node, err = logic.GetDeletedNodeByID(node.ID); err == nil {
if functions.RemoveDeletedNode(node.ID) { if functions.RemoveDeletedNode(node.ID) {
return status.Errorf(codes.Unauthenticated, models.NODE_DELETE) return status.Errorf(codes.Unauthenticated, models.NODE_DELETE)
} }
@@ -112,17 +113,18 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
return nil, err return nil, err
} }
macaddress := reqNode.MacAddress nodeID := reqNode.ID
network := reqNode.Network network := reqNode.Network
password := reqNode.Password password := reqNode.Password
macaddress := reqNode.MacAddress
var result models.NodeAuth var result models.NodeAuth
var err error var err error
// err := errors.New("generic server error") // err := errors.New("generic server error")
if macaddress == "" { if nodeID == "" {
//TODO: Set Error response //TODO: Set Error response
err = errors.New("missing mac address") err = errors.New("missing node ID")
return nil, err return nil, err
} else if password == "" { } else if password == "" {
err = errors.New("missing password") err = errors.New("missing password")
@@ -137,7 +139,7 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
if err = json.Unmarshal([]byte(value), &result); err != nil { if err = json.Unmarshal([]byte(value), &result); err != nil {
continue // finish going through nodes continue // finish going through nodes
} }
if result.MacAddress == macaddress && result.Network == network { if result.ID == nodeID && result.Network == network {
break break
} }
} }
@@ -150,7 +152,7 @@ func (s *NodeServiceServer) Login(ctx context.Context, req *nodepb.Object) (*nod
return nil, err return nil, err
} else { } else {
//Create a new JWT for the node //Create a new JWT for the node
tokenString, err := logic.CreateJWT(macaddress, result.Network) tokenString, err := logic.CreateJWT(result.ID, macaddress, result.Network)
if err != nil { if err != nil {
return nil, err return nil, err

16
controllers/ext_client.go
View File

@@ -25,11 +25,11 @@ func extClientHandlers(r *mux.Router) {
r.HandleFunc("/api/extclients/{network}/{clientid}/{type}", securityCheck(false, http.HandlerFunc(getExtClientConf))).Methods("GET") r.HandleFunc("/api/extclients/{network}/{clientid}/{type}", securityCheck(false, http.HandlerFunc(getExtClientConf))).Methods("GET")
r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(updateExtClient))).Methods("PUT") r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(updateExtClient))).Methods("PUT")
r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(deleteExtClient))).Methods("DELETE") r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(deleteExtClient))).Methods("DELETE")
r.HandleFunc("/api/extclients/{network}/{macaddress}", securityCheck(false, http.HandlerFunc(createExtClient))).Methods("POST") r.HandleFunc("/api/extclients/{network}/{nodeid}", securityCheck(false, http.HandlerFunc(createExtClient))).Methods("POST")
} }
func checkIngressExists(network string, macaddress string) bool { func checkIngressExists(nodeID string) bool {
node, err := logic.GetNodeByMacAddress(network, macaddress) node, err := logic.GetNodeByID(nodeID)
if err != nil { if err != nil {
return false return false
} }
@@ -122,7 +122,7 @@ func getExtClientConf(w http.ResponseWriter, r *http.Request) {
return return
} }
gwnode, err := logic.GetNodeByMacAddress(client.Network, client.IngressGatewayID) gwnode, err := logic.GetNodeByID(client.IngressGatewayID)
if err != nil { if err != nil {
logger.Log(1, fmt.Sprintf("%s %s %s", r.Header.Get("user"), "Could not retrieve Ingress Gateway Node", client.IngressGatewayID)) logger.Log(1, fmt.Sprintf("%s %s %s", r.Header.Get("user"), "Could not retrieve Ingress Gateway Node", client.IngressGatewayID))
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
@@ -211,8 +211,8 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
var params = mux.Vars(r) var params = mux.Vars(r)
networkName := params["network"] networkName := params["network"]
macaddress := params["macaddress"] nodeid := params["nodeid"]
ingressExists := checkIngressExists(networkName, macaddress) ingressExists := checkIngressExists(nodeid)
if !ingressExists { if !ingressExists {
returnErrorResponse(w, r, formatError(errors.New("ingress does not exist"), "internal")) returnErrorResponse(w, r, formatError(errors.New("ingress does not exist"), "internal"))
return return
@@ -220,8 +220,8 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
var extclient models.ExtClient var extclient models.ExtClient
extclient.Network = networkName extclient.Network = networkName
extclient.IngressGatewayID = macaddress extclient.IngressGatewayID = nodeid
node, err := logic.GetNodeByMacAddress(networkName, macaddress) node, err := logic.GetNodeByIDorMacAddress(nodeid, nodeid, networkName)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return

75
controllers/node.go
View File

@@ -19,17 +19,17 @@ func nodeHandlers(r *mux.Router) {
r.HandleFunc("/api/nodes", authorize(false, "user", http.HandlerFunc(getAllNodes))).Methods("GET") r.HandleFunc("/api/nodes", authorize(false, "user", http.HandlerFunc(getAllNodes))).Methods("GET")
r.HandleFunc("/api/nodes/{network}", authorize(true, "network", http.HandlerFunc(getNetworkNodes))).Methods("GET") r.HandleFunc("/api/nodes/{network}", authorize(true, "network", http.HandlerFunc(getNetworkNodes))).Methods("GET")
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(getNode))).Methods("GET") r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(getNode))).Methods("GET")
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(updateNode))).Methods("PUT") r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(updateNode))).Methods("PUT")
r.HandleFunc("/api/nodes/{network}/{macaddress}", authorize(true, "node", http.HandlerFunc(deleteNode))).Methods("DELETE") r.HandleFunc("/api/nodes/{network}/{nodeid}", authorize(true, "node", http.HandlerFunc(deleteNode))).Methods("DELETE")
r.HandleFunc("/api/nodes/{network}/{macaddress}/createrelay", authorize(true, "user", http.HandlerFunc(createRelay))).Methods("POST") r.HandleFunc("/api/nodes/{network}/{nodeid}/createrelay", authorize(true, "user", http.HandlerFunc(createRelay))).Methods("POST")
r.HandleFunc("/api/nodes/{network}/{macaddress}/deleterelay", authorize(true, "user", http.HandlerFunc(deleteRelay))).Methods("DELETE") r.HandleFunc("/api/nodes/{network}/{nodeid}/deleterelay", authorize(true, "user", http.HandlerFunc(deleteRelay))).Methods("DELETE")
r.HandleFunc("/api/nodes/{network}/{macaddress}/creategateway", authorize(true, "user", http.HandlerFunc(createEgressGateway))).Methods("POST") r.HandleFunc("/api/nodes/{network}/{nodeid}/creategateway", authorize(true, "user", http.HandlerFunc(createEgressGateway))).Methods("POST")
r.HandleFunc("/api/nodes/{network}/{macaddress}/deletegateway", authorize(true, "user", http.HandlerFunc(deleteEgressGateway))).Methods("DELETE") r.HandleFunc("/api/nodes/{network}/{nodeid}/deletegateway", authorize(true, "user", http.HandlerFunc(deleteEgressGateway))).Methods("DELETE")
r.HandleFunc("/api/nodes/{network}/{macaddress}/createingress", securityCheck(false, http.HandlerFunc(createIngressGateway))).Methods("POST") r.HandleFunc("/api/nodes/{network}/{nodeid}/createingress", securityCheck(false, http.HandlerFunc(createIngressGateway))).Methods("POST")
r.HandleFunc("/api/nodes/{network}/{macaddress}/deleteingress", securityCheck(false, http.HandlerFunc(deleteIngressGateway))).Methods("DELETE") r.HandleFunc("/api/nodes/{network}/{nodeid}/deleteingress", securityCheck(false, http.HandlerFunc(deleteIngressGateway))).Methods("DELETE")
r.HandleFunc("/api/nodes/{network}/{macaddress}/approve", authorize(true, "user", http.HandlerFunc(uncordonNode))).Methods("POST") r.HandleFunc("/api/nodes/{network}/{nodeid}/approve", authorize(true, "user", http.HandlerFunc(uncordonNode))).Methods("POST")
r.HandleFunc("/api/nodes/{network}", createNode).Methods("POST") // r.HandleFunc("/api/nodes/{network}", createNode).Methods("POST")
r.HandleFunc("/api/nodes/adm/{network}/lastmodified", authorize(true, "network", http.HandlerFunc(getLastModified))).Methods("GET") r.HandleFunc("/api/nodes/adm/{network}/lastmodified", authorize(true, "network", http.HandlerFunc(getLastModified))).Methods("GET")
r.HandleFunc("/api/nodes/adm/{network}/authenticate", authenticate).Methods("POST") r.HandleFunc("/api/nodes/adm/{network}/authenticate", authenticate).Methods("POST")
@@ -78,7 +78,7 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
if err := json.Unmarshal([]byte(value), &result); err != nil { if err := json.Unmarshal([]byte(value), &result); err != nil {
continue continue
} }
if result.MacAddress == authRequest.MacAddress && result.IsPending != "yes" && result.Network == networkname { if (result.ID == authRequest.ID || result.MacAddress == authRequest.MacAddress) && result.IsPending != "yes" && result.Network == networkname {
break break
} }
} }
@@ -97,7 +97,7 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
returnErrorResponse(response, request, errorResponse) returnErrorResponse(response, request, errorResponse)
return return
} else { } else {
tokenString, _ := logic.CreateJWT(authRequest.MacAddress, result.Network) tokenString, _ := logic.CreateJWT(authRequest.ID, authRequest.MacAddress, result.Network)
if tokenString == "" { if tokenString == "" {
errorResponse.Code = http.StatusBadRequest errorResponse.Code = http.StatusBadRequest
@@ -177,11 +177,11 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
} }
var isAuthorized = false var isAuthorized = false
var macaddress = "" var nodeID = ""
username, networks, isadmin, errN := logic.VerifyUserToken(authToken) username, networks, isadmin, errN := logic.VerifyUserToken(authToken)
isnetadmin := isadmin isnetadmin := isadmin
if errN == nil && isadmin { if errN == nil && isadmin {
macaddress = "mastermac" nodeID = "mastermac"
isAuthorized = true isAuthorized = true
r.Header.Set("ismasterkey", "yes") r.Header.Set("ismasterkey", "yes")
} }
@@ -191,7 +191,7 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
} }
} }
//The mastermac (login with masterkey from config) can do everything!! May be dangerous. //The mastermac (login with masterkey from config) can do everything!! May be dangerous.
if macaddress == "mastermac" { if nodeID == "mastermac" {
isAuthorized = true isAuthorized = true
r.Header.Set("ismasterkey", "yes") r.Header.Set("ismasterkey", "yes")
//for everyone else, there's poor man's RBAC. The "cases" are defined in the routes in the handlers //for everyone else, there's poor man's RBAC. The "cases" are defined in the routes in the handlers
@@ -201,12 +201,12 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
case "all": case "all":
isAuthorized = true isAuthorized = true
case "nodes": case "nodes":
isAuthorized = (macaddress != "") || isnetadmin isAuthorized = (nodeID != "") || isnetadmin
case "network": case "network":
if isnetadmin { if isnetadmin {
isAuthorized = true isAuthorized = true
} else { } else {
node, err := logic.GetNodeByMacAddress(params["network"], macaddress) node, err := logic.GetNodeByID(nodeID)
if err != nil { if err != nil {
errorResponse = models.ErrorResponse{ errorResponse = models.ErrorResponse{
Code: http.StatusUnauthorized, Message: "W1R3: Missing Auth Token.", Code: http.StatusUnauthorized, Message: "W1R3: Missing Auth Token.",
@@ -220,7 +220,7 @@ func authorize(networkCheck bool, authNetwork string, next http.Handler) http.Ha
if isnetadmin { if isnetadmin {
isAuthorized = true isAuthorized = true
} else { } else {
isAuthorized = (macaddress == params["macaddress"]) isAuthorized = (nodeID == params["netid"])
} }
case "user": case "user":
isAuthorized = true isAuthorized = true
@@ -315,12 +315,12 @@ func getNode(w http.ResponseWriter, r *http.Request) {
var params = mux.Vars(r) var params = mux.Vars(r)
node, err := logic.GetNode(params["macaddress"], params["network"]) node, err := logic.GetNodeByID(params["nodeid"])
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(2, r.Header.Get("user"), "fetched node", params["macaddress"]) logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"])
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(node) json.NewEncoder(w).Encode(node)
} }
@@ -414,7 +414,7 @@ func createNode(w http.ResponseWriter, r *http.Request) {
func uncordonNode(w http.ResponseWriter, r *http.Request) { func uncordonNode(w http.ResponseWriter, r *http.Request) {
var params = mux.Vars(r) var params = mux.Vars(r)
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
node, err := logic.UncordonNode(params["network"], params["macaddress"]) node, err := logic.UncordonNode(params["nodeid"])
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
@@ -434,7 +434,7 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
return return
} }
gateway.NetID = params["network"] gateway.NetID = params["network"]
gateway.NodeID = params["macaddress"] gateway.NodeID = params["nodeid"]
node, err := logic.CreateEgressGateway(gateway) node, err := logic.CreateEgressGateway(gateway)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
@@ -448,14 +448,14 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
func deleteEgressGateway(w http.ResponseWriter, r *http.Request) { func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
var params = mux.Vars(r) var params = mux.Vars(r)
nodeMac := params["macaddress"] nodeid := params["nodeid"]
netid := params["network"] netid := params["network"]
node, err := logic.DeleteEgressGateway(netid, nodeMac) node, err := logic.DeleteEgressGateway(netid, nodeid)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeMac, "on network", netid) logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeid, "on network", netid)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(node) json.NewEncoder(w).Encode(node)
} }
@@ -465,14 +465,14 @@ func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
func createIngressGateway(w http.ResponseWriter, r *http.Request) { func createIngressGateway(w http.ResponseWriter, r *http.Request) {
var params = mux.Vars(r) var params = mux.Vars(r)
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
nodeMac := params["macaddress"] nodeid := params["nodeid"]
netid := params["network"] netid := params["network"]
node, err := logic.CreateIngressGateway(netid, nodeMac) node, err := logic.CreateIngressGateway(netid, nodeid)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(1, r.Header.Get("user"), "created ingress gateway on node", nodeMac, "on network", netid) logger.Log(1, r.Header.Get("user"), "created ingress gateway on node", nodeid, "on network", netid)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(node) json.NewEncoder(w).Encode(node)
} }
@@ -480,13 +480,13 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
func deleteIngressGateway(w http.ResponseWriter, r *http.Request) { func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
var params = mux.Vars(r) var params = mux.Vars(r)
nodeMac := params["macaddress"] nodeid := params["nodeid"]
node, err := logic.DeleteIngressGateway(params["network"], nodeMac) node, err := logic.DeleteIngressGateway(params["network"], nodeid)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeMac) logger.Log(1, r.Header.Get("user"), "deleted ingress gateway", nodeid)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(node) json.NewEncoder(w).Encode(node)
} }
@@ -498,7 +498,7 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
var node models.Node var node models.Node
//start here //start here
node, err := logic.GetNodeByMacAddress(params["network"], params["macaddress"]) node, err := logic.GetNodeByID(params["nodeid"])
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
@@ -560,17 +560,18 @@ func deleteNode(w http.ResponseWriter, r *http.Request) {
// get params // get params
var params = mux.Vars(r) var params = mux.Vars(r)
var node, err = logic.GetNode(params["macaddress"], params["network"]) var nodeid = params["nodeid"]
var node, err = logic.GetNodeByID(nodeid)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "badrequest")) returnErrorResponse(w, r, formatError(err, "badrequest"))
return return
} }
err = logic.DeleteNode(&node, false) err = logic.DeleteNodeByMacAddress(&node, false)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(1, r.Header.Get("user"), "Deleted node", params["macaddress"], "from network", params["network"]) logger.Log(1, r.Header.Get("user"), "Deleted node", nodeid, "from network", params["network"])
returnSuccessResponse(w, r, params["macaddress"]+" deleted.") returnSuccessResponse(w, r, nodeid+" deleted.")
} }

18
controllers/node_grpc.go
View File

@@ -21,15 +21,21 @@ type NodeServiceServer struct {
// NodeServiceServer.ReadNode - reads node and responds with gRPC // NodeServiceServer.ReadNode - reads node and responds with gRPC
func (s *NodeServiceServer) ReadNode(ctx context.Context, req *nodepb.Object) (*nodepb.Object, error) { func (s *NodeServiceServer) ReadNode(ctx context.Context, req *nodepb.Object) (*nodepb.Object, error) {
// convert string id (from proto) to mongoDB ObjectId // convert string id (from proto) to mongoDB ObjectId
macAndNetwork := strings.Split(req.Data, "###") var err error
var node models.Node
var macAndNetwork = make([]string, 2)
if strings.Contains(req.Data, "###") {
macAndNetwork = strings.Split(req.Data, "###")
if len(macAndNetwork) != 2 { if len(macAndNetwork) != 2 {
return nil, errors.New("could not read node, invalid node id given") return nil, errors.New("could not read node, invalid node id given")
} }
node, err := logic.GetNode(macAndNetwork[0], macAndNetwork[1]) }
node, err = logic.GetNodeByIDorMacAddress(req.Data, macAndNetwork[0], macAndNetwork[1])
if err != nil { if err != nil {
return nil, err return nil, err
} }
node.NetworkSettings, err = logic.GetNetworkSettings(node.Network) node.NetworkSettings, err = logic.GetNetworkSettings(node.Network)
if err != nil { if err != nil {
return nil, err return nil, err
@@ -101,10 +107,8 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.Object)
if err := json.Unmarshal([]byte(req.GetData()), &newnode); err != nil { if err := json.Unmarshal([]byte(req.GetData()), &newnode); err != nil {
return nil, err return nil, err
} }
macaddress := newnode.MacAddress
networkName := newnode.Network
node, err := logic.GetNodeByMacAddress(networkName, macaddress) node, err := logic.GetNodeByIDorMacAddress(newnode.ID, newnode.MacAddress, newnode.Network)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -140,7 +144,7 @@ func (s *NodeServiceServer) DeleteNode(ctx context.Context, req *nodepb.Object)
return nil, errors.New("node not found") return nil, errors.New("node not found")
} }
var node, err = logic.GetNode(nodeInfo[0], nodeInfo[1]) var node, err = logic.GetNode(nodeInfo[0], nodeInfo[1])
err = logic.DeleteNode(&node, true) err = logic.DeleteNodeByMacAddress(&node, true)
if err != nil { if err != nil {
return nil, err return nil, err
} }

13
controllers/node_test.go
View File

@@ -105,18 +105,13 @@ func TestUncordonNode(t *testing.T) {
deleteAllNetworks() deleteAllNetworks()
createNet() createNet()
node := createTestNode() node := createTestNode()
t.Run("BadNet", func(t *testing.T) { t.Run("BadID", func(t *testing.T) {
resp, err := logic.UncordonNode("badnet", node.MacAddress) resp, err := logic.UncordonNode("blahblah")
assert.Equal(t, models.Node{}, resp)
assert.EqualError(t, err, "no result found")
})
t.Run("BadMac", func(t *testing.T) {
resp, err := logic.UncordonNode("skynet", "01:02:03")
assert.Equal(t, models.Node{}, resp) assert.Equal(t, models.Node{}, resp)
assert.EqualError(t, err, "no result found") assert.EqualError(t, err, "no result found")
}) })
t.Run("Success", func(t *testing.T) { t.Run("Success", func(t *testing.T) {
resp, err := logic.UncordonNode("skynet", node.MacAddress) resp, err := logic.UncordonNode(node.ID)
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "no", resp.IsPending) assert.Equal(t, "no", resp.IsPending)
}) })
@@ -147,7 +142,7 @@ func TestValidateEgressGateway(t *testing.T) {
func deleteAllNodes() { func deleteAllNodes() {
nodes, _ := logic.GetAllNodes() nodes, _ := logic.GetAllNodes()
for _, node := range nodes { for _, node := range nodes {
logic.DeleteNode(&node, true) logic.DeleteNodeByMacAddress(&node, true)
} }
} }

8
controllers/relay.go
View File

@@ -20,7 +20,7 @@ func createRelay(w http.ResponseWriter, r *http.Request) {
return return
} }
relay.NetID = params["network"] relay.NetID = params["network"]
relay.NodeID = params["macaddress"] relay.NodeID = params["nodeid"]
node, err := logic.CreateRelay(relay) node, err := logic.CreateRelay(relay)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
@@ -34,14 +34,14 @@ func createRelay(w http.ResponseWriter, r *http.Request) {
func deleteRelay(w http.ResponseWriter, r *http.Request) { func deleteRelay(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
var params = mux.Vars(r) var params = mux.Vars(r)
nodeMac := params["macaddress"] nodeid := params["nodeid"]
netid := params["network"] netid := params["network"]
node, err := logic.DeleteRelay(netid, nodeMac) node, err := logic.DeleteRelay(netid, nodeid)
if err != nil { if err != nil {
returnErrorResponse(w, r, formatError(err, "internal")) returnErrorResponse(w, r, formatError(err, "internal"))
return return
} }
logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeMac, "on network", netid) logger.Log(1, r.Header.Get("user"), "deleted egress gateway", nodeid, "on network", netid)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(node) json.NewEncoder(w).Encode(node)
} }

12
logic/gateway.go
View File

@@ -13,7 +13,7 @@ import (
// CreateEgressGateway - creates an egress gateway // CreateEgressGateway - creates an egress gateway
func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, error) { func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, error) {
node, err := GetNodeByMacAddress(gateway.NetID, gateway.NodeID) node, err := GetNodeByID(gateway.NodeID)
if node.OS == "windows" || node.OS == "macos" { // add in darwin later if node.OS == "windows" || node.OS == "macos" { // add in darwin later
return models.Node{}, errors.New(node.OS + " is unsupported for egress gateways") return models.Node{}, errors.New(node.OS + " is unsupported for egress gateways")
} }
@@ -80,9 +80,9 @@ func ValidateEgressGateway(gateway models.EgressGatewayRequest) error {
} }
// DeleteEgressGateway - deletes egress from node // DeleteEgressGateway - deletes egress from node
func DeleteEgressGateway(network, macaddress string) (models.Node, error) { func DeleteEgressGateway(network, nodeid string) (models.Node, error) {
node, err := GetNodeByMacAddress(network, macaddress) node, err := GetNodeByID(nodeid)
if err != nil { if err != nil {
return models.Node{}, err return models.Node{}, err
} }
@@ -115,10 +115,10 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) {
} }
// CreateIngressGateway - creates an ingress gateway // CreateIngressGateway - creates an ingress gateway
func CreateIngressGateway(netid string, macaddress string) (models.Node, error) { func CreateIngressGateway(netid string, nodeid string) (models.Node, error) {
node, err := GetNodeByMacAddress(netid, macaddress) node, err := GetNodeByID(nodeid)
if node.OS == "windows" || node.OS == "macos" { // add in darwin later if node.OS == "windows" || node.OS == "darwin" { // add in darwin later
return models.Node{}, errors.New(node.OS + " is unsupported for ingress gateways") return models.Node{}, errors.New(node.OS + " is unsupported for ingress gateways")
} }

13
logic/jwts.go
View File

@@ -12,11 +12,12 @@ import (
var jwtSecretKey = []byte("(BytesOverTheWire)") var jwtSecretKey = []byte("(BytesOverTheWire)")
// CreateJWT func will used to create the JWT while signing in and signing out // CreateJWT func will used to create the JWT while signing in and signing out
func CreateJWT(macaddress string, network string) (response string, err error) { func CreateJWT(uuid string, macAddress string, network string) (response string, err error) {
expirationTime := time.Now().Add(5 * time.Minute) expirationTime := time.Now().Add(5 * time.Minute)
claims := &models.Claims{ claims := &models.Claims{
MacAddress: macaddress, ID: uuid,
Network: network, Network: network,
MacAddress: macAddress,
StandardClaims: jwt.StandardClaims{ StandardClaims: jwt.StandardClaims{
ExpiresAt: expirationTime.Unix(), ExpiresAt: expirationTime.Unix(),
}, },
@@ -73,13 +74,13 @@ func VerifyUserToken(tokenString string) (username string, networks []string, is
} }
// VerifyToken - gRPC [nodes] Only // VerifyToken - gRPC [nodes] Only
func VerifyToken(tokenString string) (macaddress string, network string, err error) { func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) {
claims := &models.Claims{} claims := &models.Claims{}
//this may be a stupid way of serving up a master key //this may be a stupid way of serving up a master key
//TODO: look into a different method. Encryption? //TODO: look into a different method. Encryption?
if tokenString == servercfg.GetMasterKey() { if tokenString == servercfg.GetMasterKey() {
return "mastermac", "", nil return "mastermac", "", "", nil
} }
token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) { token, err := jwt.ParseWithClaims(tokenString, claims, func(token *jwt.Token) (interface{}, error) {
@@ -87,7 +88,7 @@ func VerifyToken(tokenString string) (macaddress string, network string, err err
}) })
if token != nil { if token != nil {
return claims.MacAddress, claims.Network, nil return claims.ID, claims.MacAddress, claims.Network, nil
} }
return "", "", err return "", "", "", err
} }

46
logic/nodes.go
View File

@@ -64,8 +64,8 @@ func GetSortedNetworkServerNodes(network string) ([]models.Node, error) {
} }
// UncordonNode - approves a node to join a network // UncordonNode - approves a node to join a network
func UncordonNode(network, macaddress string) (models.Node, error) { func UncordonNode(nodeid string) (models.Node, error) {
node, err := GetNodeByMacAddress(network, macaddress) node, err := GetNodeByID(nodeid)
if err != nil { if err != nil {
return models.Node{}, err return models.Node{}, err
} }
@@ -296,6 +296,7 @@ func SetNodeDefaults(node *models.Node) {
} }
// GetRecordKey - get record key // GetRecordKey - get record key
// depricated
func GetRecordKey(id string, network string) (string, error) { func GetRecordKey(id string, network string) (string, error) {
if id == "" || network == "" { if id == "" || network == "" {
return "", errors.New("unable to get record key") return "", errors.New("unable to get record key")
@@ -379,6 +380,28 @@ func GetNodeRelay(network string, relayedNodeAddr string) (models.Node, error) {
return relay, errors.New("could not find relay for node " + relayedNodeAddr) return relay, errors.New("could not find relay for node " + relayedNodeAddr)
} }
// GetNodeByIDorMacAddress - gets the node, if a mac address exists, but not id, then it should delete it and recreate in DB with new ID
func GetNodeByIDorMacAddress(uuid string, macaddress string, network string) (models.Node, error) {
var node models.Node
var err error
node, err = GetNodeByID(uuid)
if err != nil && macaddress != "" && network != "" {
node, err = GetNodeByMacAddress(network, macaddress)
if err != nil {
return models.Node{}, err
}
err = DeleteNodeByMacAddress(&node, true) // remove node
if err != nil {
return models.Node{}, err
}
err = CreateNode(&node)
if err != nil {
return models.Node{}, err
}
}
return node, err
}
// GetNodeByID - get node by uuid, should have been set by create // GetNodeByID - get node by uuid, should have been set by create
func GetNodeByID(uuid string) (models.Node, error) { func GetNodeByID(uuid string) (models.Node, error) {
var record, err = database.FetchRecord(database.NODES_TABLE_NAME, uuid) var record, err = database.FetchRecord(database.NODES_TABLE_NAME, uuid)
@@ -391,3 +414,22 @@ func GetNodeByID(uuid string) (models.Node, error) {
} }
return node, nil return node, nil
} }
// GetDeletedNodeByID - get a deleted node
func GetDeletedNodeByID(uuid string) (models.Node, error) {
var node models.Node
record, err := database.FetchRecord(database.DELETED_NODES_TABLE_NAME, uuid)
if err != nil {
return models.Node{}, err
}
if err = json.Unmarshal([]byte(record), &node); err != nil {
return models.Node{}, err
}
SetNodeDefaults(&node)
return node, nil
}

13
logic/relay.go
View File

@@ -12,7 +12,7 @@ import (
// CreateRelay - creates a relay // CreateRelay - creates a relay
func CreateRelay(relay models.RelayRequest) (models.Node, error) { func CreateRelay(relay models.RelayRequest) (models.Node, error) {
node, err := GetNodeByMacAddress(relay.NetID, relay.NodeID) node, err := GetNodeByID(relay.NodeID)
if node.OS == "macos" { // add in darwin later if node.OS == "macos" { // add in darwin later
return models.Node{}, errors.New(node.OS + " is unsupported for relay") return models.Node{}, errors.New(node.OS + " is unsupported for relay")
} }
@@ -106,9 +106,9 @@ func UpdateRelay(network string, oldAddrs []string, newAddrs []string) {
} }
// DeleteRelay - deletes a relay // DeleteRelay - deletes a relay
func DeleteRelay(network, macaddress string) (models.Node, error) { func DeleteRelay(network, nodeid string) (models.Node, error) {
node, err := GetNodeByMacAddress(network, macaddress) node, err := GetNodeByID(nodeid)
if err != nil { if err != nil {
return models.Node{}, err return models.Node{}, err
} }
@@ -121,15 +121,12 @@ func DeleteRelay(network, macaddress string) (models.Node, error) {
node.RelayAddrs = []string{} node.RelayAddrs = []string{}
node.SetLastModified() node.SetLastModified()
node.PullChanges = "yes" node.PullChanges = "yes"
key, err := GetRecordKey(node.MacAddress, node.Network)
if err != nil {
return models.Node{}, err
}
data, err := json.Marshal(&node) data, err := json.Marshal(&node)
if err != nil { if err != nil {
return models.Node{}, err return models.Node{}, err
} }
if err = database.Insert(key, string(data), database.NODES_TABLE_NAME); err != nil { if err = database.Insert(nodeid, string(data), database.NODES_TABLE_NAME); err != nil {
return models.Node{}, err return models.Node{}, err
} }
if err = NetworkNodesUpdatePullChanges(network); err != nil { if err = NetworkNodesUpdatePullChanges(network); err != nil {

2
logic/server.go
View File

@@ -214,7 +214,7 @@ func ServerLeave(mac string, network string) error {
if err != nil { if err != nil {
return err return err
} }
return DeleteNode(&serverNode, true) return DeleteNodeByMacAddress(&serverNode, true)
} }
/** /**

38
logic/util.go
View File

@@ -42,8 +42,8 @@ func SetNetworkServerPeers(node *models.Node) {
} }
} }
// DeleteNode - deletes a node from database or moves into delete nodes table // DeleteNodeByMacAddress - deletes a node from database or moves into delete nodes table
func DeleteNode(node *models.Node, exterminate bool) error { func DeleteNodeByMacAddress(node *models.Node, exterminate bool) error {
var err error var err error
var key = node.ID var key = node.ID
if !exterminate { if !exterminate {
@@ -104,8 +104,10 @@ func CreateNode(node *models.Node) error {
if err != nil { if err != nil {
return err return err
} }
node.ID = uuid.NewString()
//Create a JWT for the node //Create a JWT for the node
tokenString, _ := CreateJWT(node.MacAddress, node.Network) tokenString, _ := CreateJWT(node.ID, node.MacAddress, node.Network)
if tokenString == "" { if tokenString == "" {
//returnErrorResponse(w, r, errorResponse) //returnErrorResponse(w, r, errorResponse)
return err return err
@@ -115,8 +117,6 @@ func CreateNode(node *models.Node) error {
return err return err
} }
node.ID = uuid.NewString()
nodebytes, err := json.Marshal(&node) nodebytes, err := json.Marshal(&node)
if err != nil { if err != nil {
return err return err
@@ -180,6 +180,34 @@ func GetNode(macaddress string, network string) (models.Node, error) {
return node, err return node, err
} }
// DeleteNodeByID - deletes a node from database or moves into delete nodes table
func DeleteNodeByID(node *models.Node, exterminate bool) error {
var err error
var key = node.ID
if !exterminate {
node.Action = models.NODE_DELETE
nodedata, err := json.Marshal(&node)
if err != nil {
return err
}
err = database.Insert(key, string(nodedata), database.DELETED_NODES_TABLE_NAME)
if err != nil {
return err
}
} else {
if err := database.DeleteRecord(database.DELETED_NODES_TABLE_NAME, key); err != nil {
logger.Log(2, err.Error())
}
}
if err = database.DeleteRecord(database.NODES_TABLE_NAME, key); err != nil {
return err
}
if servercfg.IsDNSMode() {
SetDNS()
}
return removeLocalServer(node)
}
// GetNodePeers - fetches peers for a given node // GetNodePeers - fetches peers for a given node
func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error) { func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error) {
var peers []models.Node var peers []models.Node

7
models/structs.go
View File

@@ -8,6 +8,7 @@ const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
// AuthParams - struct for auth params // AuthParams - struct for auth params
type AuthParams struct { type AuthParams struct {
MacAddress string `json:"macaddress"` MacAddress string `json:"macaddress"`
ID string `json:"id"`
Password string `json:"password"` Password string `json:"password"`
} }
@@ -49,8 +50,9 @@ type SuccessfulUserLoginResponse struct {
// Claims is a struct that will be encoded to a JWT. // Claims is a struct that will be encoded to a JWT.
// jwt.StandardClaims is an embedded type to provide expiry time // jwt.StandardClaims is an embedded type to provide expiry time
type Claims struct { type Claims struct {
Network string ID string
MacAddress string MacAddress string
Network string
jwt.StandardClaims jwt.StandardClaims
} }
@@ -70,7 +72,8 @@ type ErrorResponse struct {
type NodeAuth struct { type NodeAuth struct {
Network string Network string
Password string Password string
MacAddress string MacAddress string // Depricated
ID string
} }
// SuccessResponse is struct for sending error message with code. // SuccessResponse is struct for sending error message with code.