Add limited dashboard view (#1738)

2026-04-18 08:16:39 +00:00 · 2024-03-27 16:11:45 +01:00
parent 68b377a28c
commit ea2d060f93
17 changed files with 466 additions and 41 deletions
--- a/management/server/peer_test.go
+++ b/management/server/peer_test.go
@@ -4,9 +4,8 @@ import (
 	"testing"
 	"time"

-	"github.com/stretchr/testify/assert"
-
 	"github.com/rs/xid"
+	"github.com/stretchr/testify/assert"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"

 	nbpeer "github.com/netbirdio/netbird/management/server/peer"
@@ -392,6 +391,8 @@ func TestDefaultAccountManager_GetPeer(t *testing.T) {
 		Id:   someUser,
 		Role: UserRoleUser,
 	}
+	account.Settings.RegularUsersViewBlocked = false
+
 	err = manager.Store.SaveAccount(account)
 	if err != nil {
 		t.Fatal(err)
@@ -480,3 +481,153 @@ func TestDefaultAccountManager_GetPeer(t *testing.T) {
 	}
 	assert.NotNil(t, peer)
 }
+
+func TestDefaultAccountManager_GetPeers(t *testing.T) {
+	testCases := []struct {
+		name                string
+		role                UserRole
+		limitedViewSettings bool
+		isServiceUser       bool
+		expectedPeerCount   int
+	}{
+		{
+			name:                "Regular user, no limited view settings, not a service user",
+			role:                UserRoleUser,
+			limitedViewSettings: false,
+			isServiceUser:       false,
+			expectedPeerCount:   1,
+		},
+		{
+			name:                "Service user, no limited view settings",
+			role:                UserRoleUser,
+			limitedViewSettings: false,
+			isServiceUser:       true,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Regular user, limited view settings",
+			role:                UserRoleUser,
+			limitedViewSettings: true,
+			isServiceUser:       false,
+			expectedPeerCount:   0,
+		},
+		{
+			name:                "Service user, limited view settings",
+			role:                UserRoleUser,
+			limitedViewSettings: true,
+			isServiceUser:       true,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Admin, no limited view settings, not a service user",
+			role:                UserRoleAdmin,
+			limitedViewSettings: false,
+			isServiceUser:       false,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Admin service user, no limited view settings",
+			role:                UserRoleAdmin,
+			limitedViewSettings: false,
+			isServiceUser:       true,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Admin, limited view settings",
+			role:                UserRoleAdmin,
+			limitedViewSettings: true,
+			isServiceUser:       false,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Admin Service user, limited view settings",
+			role:                UserRoleAdmin,
+			limitedViewSettings: true,
+			isServiceUser:       true,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Owner, no limited view settings",
+			role:                UserRoleOwner,
+			limitedViewSettings: true,
+			isServiceUser:       false,
+			expectedPeerCount:   2,
+		},
+		{
+			name:                "Owner, limited view settings",
+			role:                UserRoleOwner,
+			limitedViewSettings: true,
+			isServiceUser:       false,
+			expectedPeerCount:   2,
+		},
+	}
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			manager, err := createManager(t)
+			if err != nil {
+				t.Fatal(err)
+				return
+			}
+
+			// account with an admin and a regular user
+			accountID := "test_account"
+			adminUser := "account_creator"
+			someUser := "some_user"
+			account := newAccountWithId(accountID, adminUser, "")
+			account.Users[someUser] = &User{
+				Id:            someUser,
+				Role:          testCase.role,
+				IsServiceUser: testCase.isServiceUser,
+			}
+			account.Policies = []*Policy{}
+			account.Settings.RegularUsersViewBlocked = testCase.limitedViewSettings
+
+			err = manager.Store.SaveAccount(account)
+			if err != nil {
+				t.Fatal(err)
+				return
+			}
+
+			peerKey1, err := wgtypes.GeneratePrivateKey()
+			if err != nil {
+				t.Fatal(err)
+				return
+			}
+
+			peerKey2, err := wgtypes.GeneratePrivateKey()
+			if err != nil {
+				t.Fatal(err)
+				return
+			}
+
+			_, _, err = manager.AddPeer("", someUser, &nbpeer.Peer{
+				Key:  peerKey1.PublicKey().String(),
+				Meta: nbpeer.PeerSystemMeta{Hostname: "test-peer-1"},
+			})
+			if err != nil {
+				t.Errorf("expecting peer to be added, got failure %v", err)
+				return
+			}
+
+			_, _, err = manager.AddPeer("", adminUser, &nbpeer.Peer{
+				Key:  peerKey2.PublicKey().String(),
+				Meta: nbpeer.PeerSystemMeta{Hostname: "test-peer-2"},
+			})
+			if err != nil {
+				t.Errorf("expecting peer to be added, got failure %v", err)
+				return
+			}
+
+			peers, err := manager.GetPeers(accountID, someUser)
+			if err != nil {
+				t.Fatal(err)
+				return
+			}
+			assert.NotNil(t, peers)
+
+			assert.Len(t, peers, testCase.expectedPeerCount)
+
+		})
+	}
+
+}