* fix(go): set persistent keep alive when registering host using sso;
* fix(go): run posture check violations on delete;
* fix(go): upsert node on approving pending host;
* fix(go): resolve concurrency issues during group delete cleanup;
* fix(go): update doc links;
* fix(go): add created and updated fields to host;
* fix(go): skip delete and update superadmin on sync users;
* fix(go): use conn directly for now;
* fix(go): remove acl for idp groups;
* fix(go): quote fields;
* fix(go): use filters with count;
* feat(go): add a search query;
* fix(go): cleanup acls;
* fix(go): review fixes;
* fix(go): remove additional loop;
* fix(go): fix
* v1.5.1: separate out idp sync and reset signals for HA
* v1.5.1: add grps with name for logging
* v1.5.1: clear posture check violations when all checks are deleted
* v1.5.1: set static when default host
* v1.5.1: fix db status check
* rm set max conns
* v1.5.1: reset auto assigned gw when disconnected
* fix(go): skip global network admin and user groups when splitting;
* v1.5.1: fix update node call from client
* fix(go): separate out migration from normal usage;
* fix(go): skip default groups;
* fix(go): create policies for existing groups on network create;
* fix(go): skip fatal log on clickhouse conn;
* fix(go): add posture check cleanup;
* NM-288: populate relevant name for acl types for UI
* NM-288: populate grp names for posture check apis
* NM-228: add network grps api
* NM-288: add network users api
* now check each group's NetworkRoles for either the specific network ID or schema.AllNetworks (all_networks)
* NM-288: check and unassign auto gw when node is disconnected from cli
* NM-288: optimise network users api call
* NM-288: block auto assign when set to use inet gw
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
* fix(go): set persistent keep alive when registering host using sso;
* fix(go): run posture check violations on delete;
* fix(go): upsert node on approving pending host;
* fix(go): resolve concurrency issues during group delete cleanup;
* fix(go): update doc links;
* fix(go): add created and updated fields to host;
* fix(go): skip delete and update superadmin on sync users;
* fix(go): use conn directly for now;
* fix(go): remove acl for idp groups;
* fix(go): quote fields;
* fix(go): use filters with count;
* feat(go): add a search query;
* fix(go): cleanup acls;
* fix(go): review fixes;
* fix(go): remove additional loop;
* fix(go): fix
* v1.5.1: separate out idp sync and reset signals for HA
* v1.5.1: add grps with name for logging
* v1.5.1: clear posture check violations when all checks are deleted
* v1.5.1: set static when default host
* v1.5.1: fix db status check
* rm set max conns
* v1.5.1: reset auto assigned gw when disconnected
* fix(go): skip global network admin and user groups when splitting;
* v1.5.1: fix update node call from client
* fix(go): separate out migration from normal usage;
* fix(go): skip default groups;
* fix(go): create policies for existing groups on network create;
* fix(go): skip fatal log on clickhouse conn;
* fix(go): add posture check cleanup;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
* feat(go): add user schema;
* feat(go): migrate to user schema;
* feat(go): add audit fields;
* feat(go): remove unused fields from the network model;
* feat(go): add network schema;
* feat(go): migrate to network schema;
* refactor(go): add comment to clarify migration logic;
* fix(go): test failures;
* fix(go): test failures;
* feat(go): change membership table to store memberships at all scopes;
* feat(go): add schema for access grants;
* feat(go): remove nameservers from new networks table; ensure db passed for schema functions;
* feat(go): set max conns for sqlite to 1;
* fix(go): issues updating user account status;
* refactor(go): remove converters and access grants;
* refactor(go): add json tags in schema models;
* refactor(go): rename file to migrate_v1_6_0.go;
* refactor(go): add user groups and user roles tables; use schema tables;
* refactor(go): inline get and list from schema package;
* refactor(go): inline get network and list users from schema package;
* fix(go): staticcheck issues;
* fix(go): remove test not in use; fix test case;
* fix(go): validate network;
* fix(go): resolve static checks;
* fix(go): new models errors;
* fix(go): test errors;
* fix(go): handle no records;
* fix(go): add validations for user object;
* fix(go): set correct extclient status;
* fix(go): test error;
* feat(go): make schema the base package;
* feat(go): add host schema;
* feat(go): use schema host everywhere;
* feat(go): inline get host, list hosts and delete host;
* feat(go): use non-ptr value;
* feat(go): use save to upsert all fields;
* feat(go): use save to upsert all fields;
* feat(go): save turn endpoint as string;
* feat(go): check for gorm error record not found;
* fix(go): test failures;
* fix(go): update all network fields;
* fix(go): update all network fields;
* feat(go): add paginated list networks api;
* feat(go): add paginated list users api;
* feat(go): add paginated list hosts api;
* feat(go): add pagination to list groups api;
* fix(go): comment;
* fix(go): implement marshal and unmarshal text for custom types;
* fix(go): implement marshal and unmarshal json for custom types;
* fix(go): just use the old model for unmarshalling;
* fix(go): implement marshal and unmarshal json for custom types;
* feat(go): remove paginated list networks api;
* feat(go): use custom paginated response object;
* fix(go): ensure default values for page and per_page are used when not passed;
* fix(go): rename v1.6.0 to v1.5.1;
* fix(go): check for gorm.ErrRecordNotFound instead of database.IsEmptyRecord;
* fix(go): use host id, not pending host id;
* feat(go): add filters to paginated apis;
* feat(go): add filters to paginated apis;
* feat(go): remove check for max username length;
* feat(go): add filters to count as well;
* feat(go): use library to check email address validity;
* feat(go): ignore pagination if params not passed;
* fix(go): pagination issues;
* fix(go): check exists before using;
* fix(go): remove debug log;
* fix(go): use gorm err record not found;
* fix(go): use gorm err record not found;
* fix(go): use user principal name when creating pending user;
* fix(go): use schema package for consts;
* fix(go): prevent disabling superadmin user;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): swap is admin and is superadmin;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): remove dead code block;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2928837937
* fix(go): incorrect message when trying to disable self;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2928837934
* fix(go): use correct header;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): return after error response;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): use correct order of params;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2929593036
* fix(go): set default values for page and page size; use v2 instead of /list;
* Update logic/auth.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* Update schema/user_roles.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): syntax error;
* fix(go): set default values when page and per_page are not passed or 0;
* fix(go): use uuid.parse instead of uuid.must parse;
* fix(go): review errors;
* fix(go): review errors;
* Update controllers/user.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* Update controllers/user.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-163: fix errors:
* Update db/types/options.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): persist return user in event;
* Update db/types/options.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-163: duplicate lines of code
* NM-163: fix(go): fix missing return and filter parsing in user controller
- Add missing return after error response in updateUserAccountStatus
to prevent double-response and spurious ext-client side-effects
- Use switch statements in listUsers to skip unrecognized
account_status and mfa_status filter values
* fix(go): check for both min and max page size;
* fix(go): enclose transfer superadmin in transaction;
* fix(go): review errors;
* fix(go): remove free tier checks;
* fix(go): review fixes;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-205: init virtual NAT for egress ranges
* NM-205: add virtual NAT to egress peer update model
* NM-205: add virtual nat to allowed ips if present
* NM-205: fix create api, update nat fields
* NM-205: fix virtual nat range assignment
* NM-210: use virtual ranges for allowed ips for egress ips
* NM-205: allows update of nat settings
* NM-205: fix migration of egress virtual ranges
* NM-205: fix update operations
* NM-205: if domain range is set,overiride nat setting to direct
* NM-205: validate NAT pool fields on net update, add nat mode egress metric range struct
* NM-205: fix nat egress range
* NM-205: add virtual egress ranges to extclient allowed Ips
* NM-205: add overlapping egress ranges
* NM-205: match egress cidr for virtual nat if less than prefix length
* NM-205: match egress cidr for virtual nat if less than prefix length
* NM-205: force update overlapping egress feature flag
* NM-205: disable virtual nat for ipv6
* NM-205: simplify egress update ops
* NM-205: fix tests
* NM-205: NAT pool update with prefix length validation
* NM-205: send virtual egress ranges for non egress nodes
* NM-205: assign virtual NAT on creation
* NM-195: add key tags info to posture check on join
* NM-195: add network user grps to posture check
* NM-195: add posture checks to middleware
* fix: return error when group network roles are set for specific networks and all networks;
* add all posture check to rsrc permission check func
* NM-202: fix egress domain routing
* fix: add username filter;
* feat: add fallback nameserver support;
* fix: add validation for pro as well;
* fix: skip fallback domains for user gws;
* fix: don't set domains for fallback dns servers;
* fix: validation fixes;
* fix: empty match domains for fallback nameservers;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
* NM-195: add key tags info to posture check on join
* NM-195: add network user grps to posture check
* NM-195: add posture checks to middleware
* add all posture check to rsrc permission check func
* NM-195: cleanup deleted tags and user groups from posturechecks
* NM-195: add Nameserver to middleware
* NM-195: add key tags info to posture check on join
* NM-195: add network user grps to posture check
* NM-195: add posture checks to middleware
* add all posture check to rsrc permission check func
* NM-166: add device posture checks apis and logic
* NM-166: add severity level to posture check and api to fetch all available attributes
* NM-166: register posture check schema
* add periodic posture check evaluation of nodes
* NM-166: add os family and kernel version to host model for linux
* add posture check violations on host registration, api to fetch node violations
* NM-166: trigger posture checks on posture checks updates
* NM-166: add version clean func
* NM-166: add allowed values for posture check attributes to api
* NM-166: format violation messages
* NM-166: fix static check
* NM-166: fix static check
* NM-166: add OS info to update extclient api
* NM-166: add sysinfo funcs
* set if only new values are not empty
* format client location
* fix posture violation for static nodes
* skip non user nodes from posture checks
* NM-166: check posture checks by tags
* NM-166: set host location before posture check
* validate posture checks by OR condition
* run posture check violation on node update
* NM-166: allow join on unviolated networks
* NM-166: update response message when posture checks are violated
* NM-166: fix static check
* NM-166: add mutex for posture check runs
* NM-166: add OS family fields to api host model
* NM-166: run posture eval for gateway ops
* NM-166: add user groups to posture checks
* NM-166: add default all user grp
* NM-166: fix posture check eval for users
* NM-166: handle user nodes in the posture checks
* NM-166: fix posture check for new config
* NM-166: skip auto update check on users and show violation on disbaled static nodes
* NM-166: add min verison check for attr
* NM-166: fix static check
* NM-166: add default admin groups
* force update host dns field if node is acting as inet gw
* add old acl support checks
* move auto relay migration to pro pkg
* add check to avoid unsetting relayed node
* simplify auto assign gw logic
* send auto assign update on un relay
* set checking time to latest on updates
* fix HA auto Relay logic
* add relay node metrics to peer signal
* move auto relay peer check
* publish host peer update
* check and unset unrelayed auto peers
* use relay node mutex to avoid rac condition
* reset autorelayed peers on auto assign gw
* add device approval, gws HA to feature flags
* force update host dns field if node is acting as inet gw
* add old acl support checks
* move auto relay migration to pro pkg
* add check to avoid unsetting relayed node
* simplify auto assign gw logic
* send auto assign update on un relay
* set checking time to latest on updates
* fix HA auto Relay logic
* add relay node metrics to peer signal
* move auto relay peer check
* publish host peer update
* check and unset unrelayed auto peers
* use relay node mutex to avoid rac condition
* reset autorelayed peers on auto assign gw
* add auto realy handlers and logic funcs
* add pro func connectors
* Add auto relayed peer ips on peer update, set auto relay on gw creation
* add network id to signal, add autorelay nodes to peerudpate
* add autorelay peer update logic
* add nodes to peer update
* revert node model change
* reset auto relayed peers on the relay node on reset, add auto relay nodes to pull
* add logic api to update auto relay node
* add autoassigngw field to node, add logic to swith relay node in relayme udpate api
* add gw nodes to pull
* intilaise gw map
* HA relay functionality
* add autoassign gw option to enrollment key
* publish intant action to auto assign gw
* fix static checks
* unset relay if auto assign removed
* add host node model to auto relay info
* add host node model to auto relay info
* only use hostNode model for gws info
* handle autoassigned gw peer in the update
* handle autoassigned gw peer in the update
* handle peer updates for autoassigned gw peer
* unset auto assigned peer if relayed or failedovered
* enable egress routing peers with tags
* remove tag from egress when deleted
* fix egress tag functionality
* filter duplicate egress ips
* set default stun server if unset
* add version to status api
* sync deleted node udpate host deletion
* add host node update action
* add peer signal action to fallback api
* add replace peers to host pull
* add delete host action to fallback api
* update base go builder image
* update go builder tag
* check host port to avoid conflicts behind NAT
* fix connect/disconnect on api
* send pull signal on disconnect from UI
* fix panic on host join via user auth
* reset failover on disconnect
* add support for egress domain routing
* add domain info to egress range
* fix egress domain update
* send peer update domain resolution update
* add egress domain update in the peer update
* use range field for domain check
* add egress domain to host pull
* add egress domain model to egress host update
* add egress domain model to egress host update
* update egress domain model on acls
* add check of range if domain is set
* sync egress domains to dns system
* add egress domain to match domain list, fix egress nat rule for domains
* fix all rsrcs comms
* fix static checks
* fix egress acls on CE
* check for all resources access on a node
* simplify egress acl rules
* merged ce and pro acl rule func
* fix uni direction acl rule for static nodes
* allow relayed nodes traffic
* resolve merge conflicts
* remove anywhere dst rule on user node acls
* fix: broadcast user groups update for acl changes
* add egress domain ans routes to nodes
* add egress ranges to DST
* add all egress ranges for all resources
* fix DNS routing acls rules
* add pending hosts apis, migration logic for network auto join field
* fix pending hosts logic on join
* delete pending hosts on host delete
* ignore pedning device request if host in the network already
* add peer update on host approval
Abhishek Kondur