mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-16 07:16:38 +00:00
[management] Add support for disabling resources and routing peers in networks (#3154)
* sync openapi changes Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add option to disable network resource(s) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add network resource enabled state from api Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add option to disable network router(s) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Add tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * migrate old network resources and routers Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
This commit is contained in:
Bethuel Mmbaga
@@ -101,7 +101,7 @@ func (m *managerImpl) CreateResource(ctx context.Context, userID string, resourc
|
||||
return nil, status.NewPermissionDeniedError()
|
||||
}
|
||||
|
||||
resource, err = types.NewNetworkResource(resource.AccountID, resource.NetworkID, resource.Name, resource.Description, resource.Address, resource.GroupIDs)
|
||||
resource, err = types.NewNetworkResource(resource.AccountID, resource.NetworkID, resource.Name, resource.Description, resource.Address, resource.GroupIDs, resource.Enabled)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to create new network resource: %w", err)
|
||||
}
|
||||
|
||||
@@ -40,9 +40,10 @@ type NetworkResource struct {
|
||||
GroupIDs []string `gorm:"-"`
|
||||
Domain string
|
||||
Prefix netip.Prefix `gorm:"serializer:json"`
|
||||
Enabled bool
|
||||
}
|
||||
|
||||
func NewNetworkResource(accountID, networkID, name, description, address string, groupIDs []string) (*NetworkResource, error) {
|
||||
func NewNetworkResource(accountID, networkID, name, description, address string, groupIDs []string, enabled bool) (*NetworkResource, error) {
|
||||
resourceType, domain, prefix, err := GetResourceType(address)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid address: %w", err)
|
||||
@@ -59,6 +60,7 @@ func NewNetworkResource(accountID, networkID, name, description, address string,
|
||||
Domain: domain,
|
||||
Prefix: prefix,
|
||||
GroupIDs: groupIDs,
|
||||
Enabled: enabled,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -75,6 +77,7 @@ func (n *NetworkResource) ToAPIResponse(groups []api.GroupMinimum) *api.NetworkR
|
||||
Type: api.NetworkResourceType(n.Type.String()),
|
||||
Address: addr,
|
||||
Groups: groups,
|
||||
Enabled: n.Enabled,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -86,6 +89,7 @@ func (n *NetworkResource) FromAPIRequest(req *api.NetworkResourceRequest) {
|
||||
}
|
||||
n.Address = req.Address
|
||||
n.GroupIDs = req.Groups
|
||||
n.Enabled = req.Enabled
|
||||
}
|
||||
|
||||
func (n *NetworkResource) Copy() *NetworkResource {
|
||||
@@ -100,6 +104,7 @@ func (n *NetworkResource) Copy() *NetworkResource {
|
||||
Domain: n.Domain,
|
||||
Prefix: n.Prefix,
|
||||
GroupIDs: n.GroupIDs,
|
||||
Enabled: n.Enabled,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -115,7 +120,7 @@ func (n *NetworkResource) ToRoute(peer *nbpeer.Peer, router *routerTypes.Network
|
||||
PeerGroups: nil,
|
||||
Masquerade: router.Masquerade,
|
||||
Metric: router.Metric,
|
||||
Enabled: true,
|
||||
Enabled: n.Enabled,
|
||||
Groups: nil,
|
||||
AccessControlGroups: nil,
|
||||
}
|
||||
|
||||
@@ -101,7 +101,7 @@ func Test_GetRouterReturnsPermissionDenied(t *testing.T) {
|
||||
func Test_CreateRouterSuccessfully(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
userID := "allowedUser"
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 9999)
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 9999, true)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
@@ -127,7 +127,7 @@ func Test_CreateRouterSuccessfully(t *testing.T) {
|
||||
func Test_CreateRouterFailsWithPermissionDenied(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
userID := "invalidUser"
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 9999)
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 9999, true)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
@@ -191,7 +191,7 @@ func Test_DeleteRouterFailsWithPermissionDenied(t *testing.T) {
|
||||
func Test_UpdateRouterSuccessfully(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
userID := "allowedUser"
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 1)
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 1, true)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
@@ -213,7 +213,7 @@ func Test_UpdateRouterSuccessfully(t *testing.T) {
|
||||
func Test_UpdateRouterFailsWithPermissionDenied(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
userID := "invalidUser"
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 1)
|
||||
router, err := types.NewNetworkRouter("testAccountId", "testNetworkId", "testPeerId", []string{}, false, 1, true)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
@@ -17,9 +17,10 @@ type NetworkRouter struct {
|
||||
PeerGroups []string `gorm:"serializer:json"`
|
||||
Masquerade bool
|
||||
Metric int
|
||||
Enabled bool
|
||||
}
|
||||
|
||||
func NewNetworkRouter(accountID string, networkID string, peer string, peerGroups []string, masquerade bool, metric int) (*NetworkRouter, error) {
|
||||
func NewNetworkRouter(accountID string, networkID string, peer string, peerGroups []string, masquerade bool, metric int, enabled bool) (*NetworkRouter, error) {
|
||||
if peer != "" && len(peerGroups) > 0 {
|
||||
return nil, errors.New("peer and peerGroups cannot be set at the same time")
|
||||
}
|
||||
@@ -32,6 +33,7 @@ func NewNetworkRouter(accountID string, networkID string, peer string, peerGroup
|
||||
PeerGroups: peerGroups,
|
||||
Masquerade: masquerade,
|
||||
Metric: metric,
|
||||
Enabled: enabled,
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -42,6 +44,7 @@ func (n *NetworkRouter) ToAPIResponse() *api.NetworkRouter {
|
||||
PeerGroups: &n.PeerGroups,
|
||||
Masquerade: n.Masquerade,
|
||||
Metric: n.Metric,
|
||||
Enabled: n.Enabled,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -56,6 +59,7 @@ func (n *NetworkRouter) FromAPIRequest(req *api.NetworkRouterRequest) {
|
||||
|
||||
n.Masquerade = req.Masquerade
|
||||
n.Metric = req.Metric
|
||||
n.Enabled = req.Enabled
|
||||
}
|
||||
|
||||
func (n *NetworkRouter) Copy() *NetworkRouter {
|
||||
@@ -67,6 +71,7 @@ func (n *NetworkRouter) Copy() *NetworkRouter {
|
||||
PeerGroups: n.PeerGroups,
|
||||
Masquerade: n.Masquerade,
|
||||
Metric: n.Metric,
|
||||
Enabled: n.Enabled,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
peerGroups []string
|
||||
masquerade bool
|
||||
metric int
|
||||
enabled bool
|
||||
expectedError bool
|
||||
}{
|
||||
// Valid cases
|
||||
@@ -22,6 +23,7 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
peerGroups: nil,
|
||||
masquerade: true,
|
||||
metric: 100,
|
||||
enabled: true,
|
||||
expectedError: false,
|
||||
},
|
||||
{
|
||||
@@ -32,6 +34,7 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
peerGroups: []string{"group-1", "group-2"},
|
||||
masquerade: false,
|
||||
metric: 200,
|
||||
enabled: false,
|
||||
expectedError: false,
|
||||
},
|
||||
{
|
||||
@@ -42,6 +45,7 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
peerGroups: nil,
|
||||
masquerade: true,
|
||||
metric: 300,
|
||||
enabled: true,
|
||||
expectedError: false,
|
||||
},
|
||||
|
||||
@@ -54,13 +58,14 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
peerGroups: []string{"group-3"},
|
||||
masquerade: false,
|
||||
metric: 400,
|
||||
enabled: false,
|
||||
expectedError: true,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
router, err := NewNetworkRouter(tt.accountID, tt.networkID, tt.peer, tt.peerGroups, tt.masquerade, tt.metric)
|
||||
router, err := NewNetworkRouter(tt.accountID, tt.networkID, tt.peer, tt.peerGroups, tt.masquerade, tt.metric, tt.enabled)
|
||||
|
||||
if tt.expectedError && err == nil {
|
||||
t.Fatalf("Expected an error, got nil")
|
||||
@@ -94,6 +99,10 @@ func TestNewNetworkRouter(t *testing.T) {
|
||||
if router.Metric != tt.metric {
|
||||
t.Errorf("Expected Metric %d, got %d", tt.metric, router.Metric)
|
||||
}
|
||||
|
||||
if router.Enabled != tt.enabled {
|
||||
t.Errorf("Expected Enabled %v, got %v", tt.enabled, router.Enabled)
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user