Add management peer logout

Fix tests after peer validation

.github/workflows/sync-main.yml

@@ -0,0 +1,22 @@
+name: sync main
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.head_ref || github.actor_id }}
+  cancel-in-progress: true
+
+jobs:
+  trigger_sync_main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Trigger main branch sync
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: sync-main.yml
+          repo: ${{ secrets.UPSTREAM_REPO }}
+          token: ${{ secrets.NC_GITHUB_TOKEN }}
+          inputs: '{ "sha": "${{ github.sha }}" }'

management/server/account.go

@@ -112,6 +112,7 @@ type AccountManager interface {
 	GetPeer(accountID, peerID, userID string) (*nbpeer.Peer, error)
 	UpdateAccountSettings(accountID, userID string, newSettings *Settings) (*Account, error)
 	LoginPeer(login PeerLogin) (*nbpeer.Peer, *NetworkMap, error) // used by peer gRPC API
+	LogoutPeer(peerPubKey string) error                           // used by peer gRPC API
 	SyncPeer(sync PeerSync) (*nbpeer.Peer, *NetworkMap, error)    // used by peer gRPC API
 	GetAllConnectedPeers() (map[string]struct{}, error)
 	HasConnectedChannel(peerID string) bool

management/server/mock_server/account_mock.go

@@ -78,6 +78,7 @@ type MockAccountManager struct {
 	GetPeerFunc                     func(accountID, peerID, userID string) (*nbpeer.Peer, error)
 	UpdateAccountSettingsFunc       func(accountID, userID string, newSettings *server.Settings) (*server.Account, error)
 	LoginPeerFunc                   func(login server.PeerLogin) (*nbpeer.Peer, *server.NetworkMap, error)
+	LogoutPeerFunc                  func(peerPubKey string) error
 	SyncPeerFunc                    func(sync server.PeerSync) (*nbpeer.Peer, *server.NetworkMap, error)
 	InviteUserFunc                  func(accountID string, initiatorUserID string, targetUserEmail string) error
 	GetAllConnectedPeersFunc        func() (map[string]struct{}, error)
@@ -607,6 +608,14 @@ func (am *MockAccountManager) LoginPeer(login server.PeerLogin) (*nbpeer.Peer, *
 	return nil, nil, status.Errorf(codes.Unimplemented, "method LoginPeer is not implemented")
 }
 
+// LogoutPeer mocks LogoutPeer of the AccountManager interface
+func (am *MockAccountManager) LogoutPeer(peerPubKey string) error {
+	if am.LogoutPeerFunc != nil {
+		return am.LogoutPeerFunc(peerPubKey)
+	}
+	return status.Errorf(codes.Unimplemented, "method LogoutPeer is not implemented")
+}
+
 // SyncPeer mocks SyncPeer of the AccountManager interface
 func (am *MockAccountManager) SyncPeer(sync server.PeerSync) (*nbpeer.Peer, *server.NetworkMap, error) {
 	if am.SyncPeerFunc != nil {

management/server/peer.go

@@ -576,6 +576,31 @@ func (am *DefaultAccountManager) LoginPeer(login PeerLogin) (*nbpeer.Peer, *Netw
 	return peer, account.GetPeerNetworkMap(peer.ID, am.dnsDomain), nil
 }
 
+// LogoutPeer logs out registered peer by delete it and send updates to the remote peers.
+func (am *DefaultAccountManager) LogoutPeer(peerPubKey string) error {
+	account, err := am.Store.GetAccountByPeerPubKey(peerPubKey)
+	if err != nil {
+		if errStatus, ok := status.FromError(err); ok && errStatus.Type() == status.NotFound {
+			return status.Errorf(status.Unauthenticated, "peer is not registered")
+		}
+
+		log.Errorf("failed while logging out peer %s: %v", peerPubKey, err)
+		return status.Errorf(status.Internal, "failed while logging out peer")
+	}
+
+	peer, err := account.FindPeerByPubKey(peerPubKey)
+	if err != nil {
+		return status.Errorf(status.Unauthenticated, "peer is not registered")
+	}
+
+	// prevent logging out peer added by setup key
+	if peer.UserID == "" {
+		return status.Errorf(status.PermissionDenied, "peer was added by setup key")
+	}
+
+	return am.DeletePeer(account.Id, peer.ID, peer.UserID)
+}
+
 func checkIfPeerOwnerIsBlocked(peer *nbpeer.Peer, account *Account) error {
 	if peer.AddedWithSSOLogin() {
 		user, err := account.FindUser(peer.UserID)

management/server/policy_test.go

@@ -15,36 +15,44 @@ func TestAccount_getPeersByPolicy(t *testing.T) {
 	account := &Account{
 		Peers: map[string]*nbpeer.Peer{
 			"peerA": {
-				ID: "peerA",
-				IP: net.ParseIP("100.65.14.88"),
+				ID:     "peerA",
+				IP:     net.ParseIP("100.65.14.88"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerB": {
-				ID: "peerB",
-				IP: net.ParseIP("100.65.80.39"),
+				ID:     "peerB",
+				IP:     net.ParseIP("100.65.80.39"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerC": {
-				ID: "peerC",
-				IP: net.ParseIP("100.65.254.139"),
+				ID:     "peerC",
+				IP:     net.ParseIP("100.65.254.139"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerD": {
-				ID: "peerD",
-				IP: net.ParseIP("100.65.62.5"),
+				ID:     "peerD",
+				IP:     net.ParseIP("100.65.62.5"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerE": {
-				ID: "peerE",
-				IP: net.ParseIP("100.65.32.206"),
+				ID:     "peerE",
+				IP:     net.ParseIP("100.65.32.206"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerF": {
-				ID: "peerF",
-				IP: net.ParseIP("100.65.250.202"),
+				ID:     "peerF",
+				IP:     net.ParseIP("100.65.250.202"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerG": {
-				ID: "peerG",
-				IP: net.ParseIP("100.65.13.186"),
+				ID:     "peerG",
+				IP:     net.ParseIP("100.65.13.186"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerH": {
-				ID: "peerH",
-				IP: net.ParseIP("100.65.29.55"),
+				ID:     "peerH",
+				IP:     net.ParseIP("100.65.29.55"),
+				Status: &nbpeer.PeerStatus{},
 			},
 		},
 		Groups: map[string]*Group{
@@ -259,16 +267,19 @@ func TestAccount_getPeersByPolicyDirect(t *testing.T) {
 	account := &Account{
 		Peers: map[string]*nbpeer.Peer{
 			"peerA": {
-				ID: "peerA",
-				IP: net.ParseIP("100.65.14.88"),
+				ID:     "peerA",
+				IP:     net.ParseIP("100.65.14.88"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerB": {
-				ID: "peerB",
-				IP: net.ParseIP("100.65.80.39"),
+				ID:     "peerB",
+				IP:     net.ParseIP("100.65.80.39"),
+				Status: &nbpeer.PeerStatus{},
 			},
 			"peerC": {
-				ID: "peerC",
-				IP: net.ParseIP("100.65.254.139"),
+				ID:     "peerC",
+				IP:     net.ParseIP("100.65.254.139"),
+				Status: &nbpeer.PeerStatus{},
 			},
 		},
 		Groups: map[string]*Group{

management/server/route_test.go

@@ -1062,6 +1062,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
 			WtVersion: "development",
 			UIVersion: "development",
 		},
+		Status: &nbpeer.PeerStatus{},
 	}
 	account.Peers[peer1.ID] = peer1
 
@@ -1087,6 +1088,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
 			WtVersion: "development",
 			UIVersion: "development",
 		},
+		Status: &nbpeer.PeerStatus{},
 	}
 	account.Peers[peer2.ID] = peer2
 
@@ -1112,6 +1114,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
 			WtVersion: "development",
 			UIVersion: "development",
 		},
+		Status: &nbpeer.PeerStatus{},
 	}
 	account.Peers[peer3.ID] = peer3
 
@@ -1137,6 +1140,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
 			WtVersion: "development",
 			UIVersion: "development",
 		},
+		Status: &nbpeer.PeerStatus{},
 	}
 	account.Peers[peer4.ID] = peer4
 
@@ -1162,6 +1166,7 @@ func initTestRouteAccount(t *testing.T, am *DefaultAccountManager) (*Account, er
 			WtVersion: "development",
 			UIVersion: "development",
 		},
+		Status: &nbpeer.PeerStatus{},
 	}
 	account.Peers[peer5.ID] = peer5