* fix(go): set persistent keep alive when registering host using sso;
* fix(go): run posture check violations on delete;
* fix(go): upsert node on approving pending host;
* fix(go): resolve concurrency issues during group delete cleanup;
* fix(go): update doc links;
* fix(go): add created and updated fields to host;
* fix(go): skip delete and update superadmin on sync users;
* fix(go): use conn directly for now;
* fix(go): remove acl for idp groups;
* fix(go): quote fields;
* fix(go): use filters with count;
* feat(go): add a search query;
* fix(go): cleanup acls;
* fix(go): review fixes;
* fix(go): remove additional loop;
* fix(go): fix
* v1.5.1: separate out idp sync and reset signals for HA
* v1.5.1: add grps with name for logging
* v1.5.1: clear posture check violations when all checks are deleted
* v1.5.1: set static when default host
* v1.5.1: fix db status check
* rm set max conns
* v1.5.1: reset auto assigned gw when disconnected
* fix(go): skip global network admin and user groups when splitting;
* v1.5.1: fix update node call from client
* fix(go): separate out migration from normal usage;
* fix(go): skip default groups;
* fix(go): create policies for existing groups on network create;
* fix(go): skip fatal log on clickhouse conn;
* fix(go): add posture check cleanup;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
* feat(go): add user schema;
* feat(go): migrate to user schema;
* feat(go): add audit fields;
* feat(go): remove unused fields from the network model;
* feat(go): add network schema;
* feat(go): migrate to network schema;
* refactor(go): add comment to clarify migration logic;
* fix(go): test failures;
* fix(go): test failures;
* feat(go): change membership table to store memberships at all scopes;
* feat(go): add schema for access grants;
* feat(go): remove nameservers from new networks table; ensure db passed for schema functions;
* feat(go): set max conns for sqlite to 1;
* fix(go): issues updating user account status;
* refactor(go): remove converters and access grants;
* refactor(go): add json tags in schema models;
* refactor(go): rename file to migrate_v1_6_0.go;
* refactor(go): add user groups and user roles tables; use schema tables;
* refactor(go): inline get and list from schema package;
* refactor(go): inline get network and list users from schema package;
* fix(go): staticcheck issues;
* fix(go): remove test not in use; fix test case;
* fix(go): validate network;
* fix(go): resolve static checks;
* fix(go): new models errors;
* fix(go): test errors;
* fix(go): handle no records;
* fix(go): add validations for user object;
* fix(go): set correct extclient status;
* fix(go): test error;
* feat(go): make schema the base package;
* feat(go): add host schema;
* feat(go): use schema host everywhere;
* feat(go): inline get host, list hosts and delete host;
* feat(go): use non-ptr value;
* feat(go): use save to upsert all fields;
* feat(go): use save to upsert all fields;
* feat(go): save turn endpoint as string;
* feat(go): check for gorm error record not found;
* fix(go): test failures;
* fix(go): update all network fields;
* fix(go): update all network fields;
* feat(go): add paginated list networks api;
* feat(go): add paginated list users api;
* feat(go): add paginated list hosts api;
* feat(go): add pagination to list groups api;
* fix(go): comment;
* fix(go): implement marshal and unmarshal text for custom types;
* fix(go): implement marshal and unmarshal json for custom types;
* fix(go): just use the old model for unmarshalling;
* fix(go): implement marshal and unmarshal json for custom types;
* feat(go): remove paginated list networks api;
* feat(go): use custom paginated response object;
* fix(go): ensure default values for page and per_page are used when not passed;
* fix(go): rename v1.6.0 to v1.5.1;
* fix(go): check for gorm.ErrRecordNotFound instead of database.IsEmptyRecord;
* fix(go): use host id, not pending host id;
* feat(go): add filters to paginated apis;
* feat(go): add filters to paginated apis;
* feat(go): remove check for max username length;
* feat(go): add filters to count as well;
* feat(go): use library to check email address validity;
* feat(go): ignore pagination if params not passed;
* fix(go): pagination issues;
* fix(go): check exists before using;
* fix(go): remove debug log;
* fix(go): use gorm err record not found;
* fix(go): use gorm err record not found;
* fix(go): use user principal name when creating pending user;
* fix(go): use schema package for consts;
* fix(go): prevent disabling superadmin user;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): swap is admin and is superadmin;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): remove dead code block;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2928837937
* fix(go): incorrect message when trying to disable self;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2928837934
* fix(go): use correct header;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): return after error response;
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): use correct order of params;
https://github.com/gravitl/netmaker/pull/3910#discussion_r2929593036
* fix(go): set default values for page and page size; use v2 instead of /list;
* Update logic/auth.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* Update schema/user_roles.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): syntax error;
* fix(go): set default values when page and per_page are not passed or 0;
* fix(go): use uuid.parse instead of uuid.must parse;
* fix(go): review errors;
* fix(go): review errors;
* Update controllers/user.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* Update controllers/user.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-163: fix errors:
* Update db/types/options.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* fix(go): persist return user in event;
* Update db/types/options.go
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-163: duplicate lines of code
* NM-163: fix(go): fix missing return and filter parsing in user controller
- Add missing return after error response in updateUserAccountStatus
to prevent double-response and spurious ext-client side-effects
- Use switch statements in listUsers to skip unrecognized
account_status and mfa_status filter values
* fix(go): check for both min and max page size;
* fix(go): enclose transfer superadmin in transaction;
* fix(go): review errors;
* fix(go): remove free tier checks;
* fix(go): review fixes;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
Co-authored-by: Vishal Dalwadi <51291657+VishalDalwadi@users.noreply.github.com>
Co-authored-by: tenki-reviewer[bot] <262613592+tenki-reviewer[bot]@users.noreply.github.com>
* NM-205: init virtual NAT for egress ranges
* NM-205: add virtual NAT to egress peer update model
* NM-205: add virtual nat to allowed ips if present
* NM-205: fix create api, update nat fields
* NM-205: fix virtual nat range assignment
* NM-210: use virtual ranges for allowed ips for egress ips
* NM-205: allows update of nat settings
* NM-205: fix migration of egress virtual ranges
* NM-205: fix update operations
* NM-205: if domain range is set,overiride nat setting to direct
* NM-205: validate NAT pool fields on net update, add nat mode egress metric range struct
* NM-205: fix nat egress range
* NM-205: add virtual egress ranges to extclient allowed Ips
* NM-205: add overlapping egress ranges
* NM-205: match egress cidr for virtual nat if less than prefix length
* NM-205: match egress cidr for virtual nat if less than prefix length
* NM-205: force update overlapping egress feature flag
* NM-205: disable virtual nat for ipv6
* NM-205: simplify egress update ops
* NM-205: fix tests
* NM-205: NAT pool update with prefix length validation
* NM-205: send virtual egress ranges for non egress nodes
* NM-205: assign virtual NAT on creation
* NM-195: add key tags info to posture check on join
* NM-195: add network user grps to posture check
* NM-195: add posture checks to middleware
* fix: return error when group network roles are set for specific networks and all networks;
* add all posture check to rsrc permission check func
* NM-202: fix egress domain routing
* fix: add username filter;
* feat: add fallback nameserver support;
* fix: add validation for pro as well;
* fix: skip fallback domains for user gws;
* fix: don't set domains for fallback dns servers;
* fix: validation fixes;
* fix: empty match domains for fallback nameservers;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
* feat: auto create default match all google dns nameserver;
* fix: set column name;
* feat: prevent default ns delete;
* fix: set status;
* fix: create dns nameserver on network creation;
* NM-188: optimise user DB writes on migration
* NM-188: remove user migration debug logs
* NM-188: add debug logs for user migration funcs
* NM-188: fix migration bug
* NM-188: update migration comments in the test file
* NM-188: fix static checks
* fix: save acl src and dst;
* fix: check for all network access;
---------
Co-authored-by: VishalDalwadi <dalwadivishal26@gmail.com>
* force update host dns field if node is acting as inet gw
* add old acl support checks
* move auto relay migration to pro pkg
* add check to avoid unsetting relayed node
* simplify auto assign gw logic
* send auto assign update on un relay
* set checking time to latest on updates
* fix HA auto Relay logic
* add relay node metrics to peer signal
* move auto relay peer check
* publish host peer update
* check and unset unrelayed auto peers
* use relay node mutex to avoid rac condition
* reset autorelayed peers on auto assign gw
* add auto realy handlers and logic funcs
* add pro func connectors
* Add auto relayed peer ips on peer update, set auto relay on gw creation
* add network id to signal, add autorelay nodes to peerudpate
* add autorelay peer update logic
* add nodes to peer update
* revert node model change
* reset auto relayed peers on the relay node on reset, add auto relay nodes to pull
* add logic api to update auto relay node
* add autoassigngw field to node, add logic to swith relay node in relayme udpate api
* add gw nodes to pull
* intilaise gw map
* HA relay functionality
* add autoassign gw option to enrollment key
* publish intant action to auto assign gw
* fix static checks
* unset relay if auto assign removed
* add host node model to auto relay info
* add host node model to auto relay info
* only use hostNode model for gws info
* handle autoassigned gw peer in the update
* handle autoassigned gw peer in the update
* handle peer updates for autoassigned gw peer
* unset auto assigned peer if relayed or failedovered
* enable egress routing peers with tags
* remove tag from egress when deleted
* fix egress tag functionality
* filter duplicate egress ips
* set default stun server if unset
* add version to status api
* sync deleted node udpate host deletion
* handle all resources tag on gw
* add egress domain ranges to node acls
* simplify extclient egress alloweips, handle nil acl rule
* fix static node status check for gw acls
* skip ns ip if contains network cidr
* skip ns ip if contains network cidr
* skip ns ip if contains network cidr
* add support for egress domain routing
* add domain info to egress range
* fix egress domain update
* send peer update domain resolution update
* add egress domain update in the peer update
* use range field for domain check
* add egress domain to host pull
* add egress domain model to egress host update
* add egress domain model to egress host update
* update egress domain model on acls
* add check of range if domain is set
* sync egress domains to dns system
* add egress domain to match domain list, fix egress nat rule for domains
* fix all rsrcs comms
* fix static checks
* fix egress acls on CE
* check for all resources access on a node
* simplify egress acl rules
* merged ce and pro acl rule func
* fix uni direction acl rule for static nodes
* allow relayed nodes traffic
* resolve merge conflicts
* remove anywhere dst rule on user node acls
* fix: broadcast user groups update for acl changes
* add egress domain ans routes to nodes
* add egress ranges to DST
* add all egress ranges for all resources
* fix DNS routing acls rules
* fix all rsrcs comms
* fix static checks
* fix egress acls on CE
* check for all resources access on a node
* simplify egress acl rules
* merged ce and pro acl rule func
* fix uni direction acl rule for static nodes
* allow relayed nodes traffic
* feat(go): prevent removing idp integration when oauth user is superadmin.
* feat(go): add suggestion for user;
* feat(go): remove usages of boolean fields on user;
* feat(go): set boolean fields correctly, but don't use;
* fix(go): static issues;
* feat(go): add suggestion for user;
* add pending hosts apis, migration logic for network auto join field
* fix pending hosts logic on join
* delete pending hosts on host delete
* ignore pedning device request if host in the network already
* add peer update on host approval
* feat(go): create default acl only for networks that are part of the group;
* feat(go): update acls on user group update and delete;
* feat(go): add migration for existing acls.
* feat(go): check for network roles in migration.
* feat(go): allow different session durations for client apps;
* feat(go): assume call is from netdesk app if header absent;
* feat(go): allow header;
* feat(go): set client jwt validity duration on migration.
VishalDalwadi