mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-05 09:03:54 -04:00
review comments
This commit is contained in:
crn4
@@ -95,7 +95,7 @@ func (s *BaseServer) EventStore() activity.Store {
|
|||||||
|
|
||||||
func (s *BaseServer) APIHandler() http.Handler {
|
func (s *BaseServer) APIHandler() http.Handler {
|
||||||
return Create(s, func() http.Handler {
|
return Create(s, func() http.Handler {
|
||||||
httpAPIHandler, err := nbhttp.NewAPIHandler(context.Background(), s.AccountManager(), s.NetworksManager(), s.ResourcesManager(), s.RoutesManager(), s.GroupsManager(), s.GeoLocationManager(), s.AuthManager(), s.Metrics(), s.IntegratedValidator(), s.ProxyController(), s.PermissionsManager(), s.PeersManager(), s.SettingsManager(), s.ZonesManager(), s.RecordsManager(), s.NetworkMapController(), s.IdpManager(), s.ServiceManager(), s.ReverseProxyDomainManager(), s.AccessLogsManager(), s.ReverseProxyGRPCServer(), s.Config.ReverseProxy.TrustedHTTPProxies, s.ProxyManager())
|
httpAPIHandler, err := nbhttp.NewAPIHandler(context.Background(), s.AccountManager(), s.NetworksManager(), s.ResourcesManager(), s.RoutesManager(), s.GroupsManager(), s.GeoLocationManager(), s.AuthManager(), s.Metrics(), s.IntegratedValidator(), s.ProxyController(), s.PermissionsManager(), s.PeersManager(), s.SettingsManager(), s.ZonesManager(), s.RecordsManager(), s.NetworkMapController(), s.IdpManager(), s.ServiceManager(), s.ReverseProxyDomainManager(), s.AccessLogsManager(), s.ReverseProxyGRPCServer(), s.Config.ReverseProxy.TrustedHTTPProxies)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("failed to create API handler: %v", err)
|
log.Fatalf("failed to create API handler: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -196,7 +196,11 @@ func (s *ProxyServiceServer) GetMappingUpdate(req *proto.GetMappingUpdateRequest
|
|||||||
|
|
||||||
existingProxy, err := s.proxyManager.GetAccountProxy(ctx, *accountID)
|
existingProxy, err := s.proxyManager.GetAccountProxy(ctx, *accountID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.WithContext(ctx).Debugf("failed to get account proxy for %s: %v", *accountID, err)
|
if s, ok := nbstatus.FromError(err); ok && s.ErrorType == nbstatus.NotFound {
|
||||||
|
log.WithContext(ctx).Debugf("no existing BYOP proxy for account %s", *accountID)
|
||||||
|
} else {
|
||||||
|
return status.Errorf(codes.Internal, "failed to check existing proxy: %v", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if existingProxy != nil && existingProxy.ID != proxyID {
|
if existingProxy != nil && existingProxy.ID != proxyID {
|
||||||
if existingProxy.Status == proxy.StatusConnected {
|
if existingProxy.Status == proxy.StatusConnected {
|
||||||
@@ -465,12 +469,21 @@ func (s *ProxyServiceServer) SendServiceUpdate(update *proto.GetMappingUpdateRes
|
|||||||
}
|
}
|
||||||
s.connectedProxies.Range(func(key, value interface{}) bool {
|
s.connectedProxies.Range(func(key, value interface{}) bool {
|
||||||
conn := value.(*proxyConnection)
|
conn := value.(*proxyConnection)
|
||||||
|
connUpdate := update
|
||||||
if conn.accountID != nil && len(updateAccountIDs) > 0 {
|
if conn.accountID != nil && len(updateAccountIDs) > 0 {
|
||||||
if _, ok := updateAccountIDs[*conn.accountID]; !ok {
|
if _, ok := updateAccountIDs[*conn.accountID]; !ok {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
filtered := filterMappingsForAccount(update.Mapping, *conn.accountID)
|
||||||
|
if len(filtered) == 0 {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
connUpdate = &proto.GetMappingUpdateResponse{
|
||||||
|
Mapping: filtered,
|
||||||
|
InitialSyncComplete: update.InitialSyncComplete,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
resp := s.perProxyMessage(update, conn.proxyID)
|
resp := s.perProxyMessage(connUpdate, conn.proxyID)
|
||||||
if resp == nil {
|
if resp == nil {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
@@ -494,6 +507,16 @@ func (s *ProxyServiceServer) ForceDisconnect(proxyID string) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func filterMappingsForAccount(mappings []*proto.ProxyMapping, accountID string) []*proto.ProxyMapping {
|
||||||
|
var filtered []*proto.ProxyMapping
|
||||||
|
for _, m := range mappings {
|
||||||
|
if m.AccountId == accountID {
|
||||||
|
filtered = append(filtered, m)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return filtered
|
||||||
|
}
|
||||||
|
|
||||||
// GetConnectedProxies returns a list of connected proxy IDs
|
// GetConnectedProxies returns a list of connected proxy IDs
|
||||||
func (s *ProxyServiceServer) GetConnectedProxies() []string {
|
func (s *ProxyServiceServer) GetConnectedProxies() []string {
|
||||||
var proxies []string
|
var proxies []string
|
||||||
|
|||||||
@@ -339,7 +339,7 @@ func (m *testValidateSessionProxyManager) Disconnect(_ context.Context, _ string
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *testValidateSessionProxyManager) Heartbeat(_ context.Context, _ string) error {
|
func (m *testValidateSessionProxyManager) Heartbeat(_ context.Context, _, _, _ string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -19,7 +19,6 @@ import (
|
|||||||
|
|
||||||
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/accesslogs"
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/accesslogs"
|
||||||
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service"
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service"
|
||||||
rpproxy "github.com/netbirdio/netbird/management/internals/modules/reverseproxy/proxy"
|
|
||||||
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/proxytoken"
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/proxytoken"
|
||||||
reverseproxymanager "github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service/manager"
|
reverseproxymanager "github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service/manager"
|
||||||
|
|
||||||
@@ -75,7 +74,7 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// NewAPIHandler creates the Management service HTTP API handler registering all the available endpoints.
|
// NewAPIHandler creates the Management service HTTP API handler registering all the available endpoints.
|
||||||
func NewAPIHandler(ctx context.Context, accountManager account.Manager, networksManager nbnetworks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager nbgroups.Manager, LocationManager geolocation.Geolocation, authManager auth.Manager, appMetrics telemetry.AppMetrics, integratedValidator integrated_validator.IntegratedValidator, proxyController port_forwarding.Controller, permissionsManager permissions.Manager, peersManager nbpeers.Manager, settingsManager settings.Manager, zManager zones.Manager, rManager records.Manager, networkMapController network_map.Controller, idpManager idpmanager.Manager, serviceManager service.Manager, reverseProxyDomainManager *manager.Manager, reverseProxyAccessLogsManager accesslogs.Manager, proxyGRPCServer *nbgrpc.ProxyServiceServer, trustedHTTPProxies []netip.Prefix, proxyMgr rpproxy.Manager) (http.Handler, error) {
|
func NewAPIHandler(ctx context.Context, accountManager account.Manager, networksManager nbnetworks.Manager, resourceManager resources.Manager, routerManager routers.Manager, groupsManager nbgroups.Manager, LocationManager geolocation.Geolocation, authManager auth.Manager, appMetrics telemetry.AppMetrics, integratedValidator integrated_validator.IntegratedValidator, proxyController port_forwarding.Controller, permissionsManager permissions.Manager, peersManager nbpeers.Manager, settingsManager settings.Manager, zManager zones.Manager, rManager records.Manager, networkMapController network_map.Controller, idpManager idpmanager.Manager, serviceManager service.Manager, reverseProxyDomainManager *manager.Manager, reverseProxyAccessLogsManager accesslogs.Manager, proxyGRPCServer *nbgrpc.ProxyServiceServer, trustedHTTPProxies []netip.Prefix) (http.Handler, error) {
|
||||||
|
|
||||||
// Register bypass paths for unauthenticated endpoints
|
// Register bypass paths for unauthenticated endpoints
|
||||||
if err := bypass.AddBypassPath("/api/instance"); err != nil {
|
if err := bypass.AddBypassPath("/api/instance"); err != nil {
|
||||||
|
|||||||
@@ -135,7 +135,7 @@ func BuildApiBlackBoxWithDBState(t testing_tools.TB, sqlFile string, expectedPee
|
|||||||
customZonesManager := zonesManager.NewManager(store, am, permissionsManager, "")
|
customZonesManager := zonesManager.NewManager(store, am, permissionsManager, "")
|
||||||
zoneRecordsManager := recordsManager.NewManager(store, am, permissionsManager)
|
zoneRecordsManager := recordsManager.NewManager(store, am, permissionsManager)
|
||||||
|
|
||||||
apiHandler, err := http2.NewAPIHandler(context.Background(), am, networksManagerMock, resourcesManagerMock, routersManagerMock, groupsManagerMock, geoMock, authManagerMock, metrics, validatorMock, proxyController, permissionsManager, peersManager, settingsManager, customZonesManager, zoneRecordsManager, networkMapController, nil, serviceManager, nil, nil, nil, nil, nil)
|
apiHandler, err := http2.NewAPIHandler(context.Background(), am, networksManagerMock, resourcesManagerMock, routersManagerMock, groupsManagerMock, geoMock, authManagerMock, metrics, validatorMock, proxyController, permissionsManager, peersManager, settingsManager, customZonesManager, zoneRecordsManager, networkMapController, nil, serviceManager, nil, nil, nil, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("Failed to create API handler: %v", err)
|
t.Fatalf("Failed to create API handler: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -5458,7 +5458,10 @@ func isUniqueConstraintError(err error) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
errStr := err.Error()
|
errStr := err.Error()
|
||||||
return strings.Contains(errStr, "UNIQUE constraint") || strings.Contains(errStr, "duplicate key")
|
return strings.Contains(errStr, "UNIQUE constraint") ||
|
||||||
|
strings.Contains(errStr, "duplicate key") ||
|
||||||
|
strings.Contains(errStr, "Duplicate entry") ||
|
||||||
|
strings.Contains(errStr, "Error 1062")
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SqlStore) DisconnectProxy(ctx context.Context, proxyID string) error {
|
func (s *SqlStore) DisconnectProxy(ctx context.Context, proxyID string) error {
|
||||||
|
|||||||
@@ -10011,35 +10011,6 @@ paths:
|
|||||||
"$ref": "#/components/responses/conflict"
|
"$ref": "#/components/responses/conflict"
|
||||||
'500':
|
'500':
|
||||||
"$ref": "#/components/responses/internal_error"
|
"$ref": "#/components/responses/internal_error"
|
||||||
/api/reverse-proxies/clusters/{clusterId}:
|
|
||||||
delete:
|
|
||||||
summary: Delete a self-hosted proxy cluster
|
|
||||||
description: Removes a self-hosted (BYOP) proxy cluster and disconnects it. Only self-hosted clusters can be deleted.
|
|
||||||
tags: [ Services ]
|
|
||||||
security:
|
|
||||||
- BearerAuth: [ ]
|
|
||||||
- TokenAuth: [ ]
|
|
||||||
parameters:
|
|
||||||
- in: path
|
|
||||||
name: clusterId
|
|
||||||
required: true
|
|
||||||
schema:
|
|
||||||
type: string
|
|
||||||
description: The unique identifier of the proxy cluster
|
|
||||||
responses:
|
|
||||||
'200':
|
|
||||||
description: Proxy cluster deleted successfully
|
|
||||||
content: { }
|
|
||||||
'400':
|
|
||||||
"$ref": "#/components/responses/bad_request"
|
|
||||||
'401':
|
|
||||||
"$ref": "#/components/responses/requires_authentication"
|
|
||||||
'403':
|
|
||||||
"$ref": "#/components/responses/forbidden"
|
|
||||||
'404':
|
|
||||||
"$ref": "#/components/responses/not_found"
|
|
||||||
'500':
|
|
||||||
"$ref": "#/components/responses/internal_error"
|
|
||||||
/api/reverse-proxies/services/{serviceId}:
|
/api/reverse-proxies/services/{serviceId}:
|
||||||
get:
|
get:
|
||||||
summary: Retrieve a Service
|
summary: Retrieve a Service
|
||||||
|
|||||||
Reference in New Issue
Block a user