Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NET-674: clear extclients of an user when deleted, remove gw id from … #2634

Merged
merged 1 commit into from
Oct 17, 2023
Merged

NET-674: clear extclients of an user when deleted, remove gw id from … #2634

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions controllers/ext_client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -364,7 +364,7 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
extclient.RemoteAccessClientID == customExtClient.RemoteAccessClientID && nodeid == extclient.IngressGatewayID {
// extclient on the gw already exists for the remote access client
err = errors.New("remote client config already exists on the gateway")
slog.Error("failed to get extclients", "error", err)
slog.Error("failed to create extclient", "user", userName, "error", err)
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}
Expand Down Expand Up @@ -539,12 +539,12 @@ func deleteExtClient(w http.ResponseWriter, r *http.Request) {
if err != nil {
err = errors.New("Could not delete extclient " + params["clientid"])
logger.Log(0, r.Header.Get("user"),
fmt.Sprintf("failed to delete extclient [%s],network [%s]: %v", clientid, network, err))
fmt.Sprintf("failed to get extclient [%s],network [%s]: %v", clientid, network, err))
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
return
}
if !logic.IsUserAllowedAccessToExtClient(r.Header.Get("user"), extclient) {
slog.Error("failed to get extclient", "network", network, "clientID",
slog.Error("user not allowed to delete", "network", network, "clientID",
clientid, "error", errors.New("access is denied"))
logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("access is denied"), "forbidden"))
return
Expand Down
24 changes: 21 additions & 3 deletions controllers/node.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -571,10 +571,28 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
return
}

if servercfg.IsPro && wasFailover {
if err = logic.EnterpriseResetFailoverFunc(node.Network); err != nil {
logger.Log(1, "failed to reset failover list during failover create", node.ID.String(), node.Network)
if servercfg.IsPro {
if wasFailover {
if err = logic.EnterpriseResetFailoverFunc(node.Network); err != nil {
logger.Log(1, "failed to reset failover list during failover create", node.ID.String(), node.Network)
}
}
go func() {
users, err := logic.GetUsersDB()
if err == nil {
for _, user := range users {
if _, ok := user.RemoteGwIDs[nodeid]; ok {
delete(user.RemoteGwIDs, nodeid)
err = logic.UpsertUser(user)
if err != nil {
slog.Error("failed to get user", "user", user.UserName, "error", err)
}
}
}
} else {
slog.Error("failed to get users", "error", err)
}
}()
}

apiNode := node.ConvertToAPINode()
Expand Down
18 changes: 17 additions & 1 deletion controllers/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -525,7 +525,23 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return
}

// check and delete extclient with this ownerID
go func() {
extclients, err := logic.GetAllExtClients()
if err != nil {
slog.Error("failed to get extclients", "error", err)
return
}
for _, extclient := range extclients {
if extclient.OwnerID == user.UserName {
err = logic.DeleteExtClient(extclient.Network, extclient.ClientID)
if err != nil {
slog.Error("failed to delete extclient",
"id", extclient.ClientID, "owner", user.UserName, "error", err)
}
}
}
}()
logger.Log(1, username, "was deleted")
json.NewEncoder(w).Encode(params["username"] + " deleted.")
}
Expand Down
24 changes: 24 additions & 0 deletions logic/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,30 @@ func HasSuperAdmin() (bool, error) {
return false, err
}

// GetUsersDB - gets users
func GetUsersDB() ([]models.User, error) {

var users []models.User

collection, err := database.FetchRecords(database.USERS_TABLE_NAME)

if err != nil {
return users, err
}

for _, value := range collection {

var user models.User
err = json.Unmarshal([]byte(value), &user)
if err != nil {
continue // get users
}
users = append(users, user)
}

return users, err
}

// GetUsers - gets users
func GetUsers() ([]models.ReturnUser, error) {

Expand Down
6 changes: 6 additions & 0 deletions pro/controllers/users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,9 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
if node.PendingDelete {
continue
}
if !node.IsIngressGateway {
continue
}
host, err := logic.GetHost(node.HostID.String())
if err != nil {
continue
Expand Down Expand Up @@ -214,6 +217,9 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
if err != nil {
continue
}
if !node.IsIngressGateway {
continue
}
if node.PendingDelete {
continue
}
Expand Down