fix linting issues in preauthkey tags
This commit is contained in:
parent
470c49394c
commit
8a8ec7476d
6 changed files with 19 additions and 19 deletions
2
db.go
2
db.go
|
@ -131,7 +131,7 @@ func (h *Headscale) initDB() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
err = db.AutoMigrate(&PreAuthKeyAclTag{})
|
err = db.AutoMigrate(&PreAuthKeyACLTag{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// nolint
|
//nolint
|
||||||
package headscale
|
package headscale
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -337,7 +337,7 @@ func (s *IntegrationCLITestSuite) TestPreAuthKeyCommand() {
|
||||||
|
|
||||||
// Test that tags are present
|
// Test that tags are present
|
||||||
for i := 0; i < count; i++ {
|
for i := 0; i < count; i++ {
|
||||||
assert.Equals(listedPreAuthKeys[i].AclTags, []string{"tag:test1,", "tag:test2"})
|
assert.Equal(s.T(), listedPreAuthKeys[i].AclTags, []string{"tag:test1", "tag:test2"})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Expire three keys
|
// Expire three keys
|
||||||
|
|
|
@ -19,6 +19,7 @@ const (
|
||||||
ErrPreAuthKeyExpired = Error("AuthKey expired")
|
ErrPreAuthKeyExpired = Error("AuthKey expired")
|
||||||
ErrSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used")
|
ErrSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used")
|
||||||
ErrNamespaceMismatch = Error("namespace mismatch")
|
ErrNamespaceMismatch = Error("namespace mismatch")
|
||||||
|
ErrPreAuthKeyACLTagInvalid = Error("AuthKey tag is invalid")
|
||||||
)
|
)
|
||||||
|
|
||||||
// PreAuthKey describes a pre-authorization key usable in a particular namespace.
|
// PreAuthKey describes a pre-authorization key usable in a particular namespace.
|
||||||
|
@ -30,14 +31,14 @@ type PreAuthKey struct {
|
||||||
Reusable bool
|
Reusable bool
|
||||||
Ephemeral bool `gorm:"default:false"`
|
Ephemeral bool `gorm:"default:false"`
|
||||||
Used bool `gorm:"default:false"`
|
Used bool `gorm:"default:false"`
|
||||||
AclTags []PreAuthKeyAclTag
|
ACLTags []PreAuthKeyACLTag
|
||||||
|
|
||||||
CreatedAt *time.Time
|
CreatedAt *time.Time
|
||||||
Expiration *time.Time
|
Expiration *time.Time
|
||||||
}
|
}
|
||||||
|
|
||||||
// PreAuthKeyAclTag describes an autmatic tag applied to a node when registered with the associated PreAuthKey
|
// PreAuthKeyACLTag describes an autmatic tag applied to a node when registered with the associated PreAuthKey.
|
||||||
type PreAuthKeyAclTag struct {
|
type PreAuthKeyACLTag struct {
|
||||||
ID uint64 `gorm:"primary_key"`
|
ID uint64 `gorm:"primary_key"`
|
||||||
PreAuthKeyID uint64
|
PreAuthKeyID uint64
|
||||||
Tag string
|
Tag string
|
||||||
|
@ -58,7 +59,7 @@ func (h *Headscale) CreatePreAuthKey(
|
||||||
|
|
||||||
for _, tag := range aclTags {
|
for _, tag := range aclTags {
|
||||||
if !strings.HasPrefix(tag, "tag:") {
|
if !strings.HasPrefix(tag, "tag:") {
|
||||||
return nil, fmt.Errorf("aclTag '%s' did not begin with 'tag:'", tag)
|
return nil, fmt.Errorf("%w: '%s' did not begin with 'tag:'", ErrPreAuthKeyACLTagInvalid, tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -87,8 +88,8 @@ func (h *Headscale) CreatePreAuthKey(
|
||||||
seenTags := map[string]bool{}
|
seenTags := map[string]bool{}
|
||||||
|
|
||||||
for _, tag := range aclTags {
|
for _, tag := range aclTags {
|
||||||
if seenTags[tag] == false {
|
if !seenTags[tag] {
|
||||||
if err := db.Save(&PreAuthKeyAclTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil {
|
if err := db.Save(&PreAuthKeyACLTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil {
|
||||||
return fmt.Errorf(
|
return fmt.Errorf(
|
||||||
"failed to ceate key tag in the database: %w",
|
"failed to ceate key tag in the database: %w",
|
||||||
err,
|
err,
|
||||||
|
@ -98,6 +99,7 @@ func (h *Headscale) CreatePreAuthKey(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -116,7 +118,7 @@ func (h *Headscale) ListPreAuthKeys(namespaceName string) ([]PreAuthKey, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
keys := []PreAuthKey{}
|
keys := []PreAuthKey{}
|
||||||
if err := h.db.Preload("Namespace").Preload("AclTags").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil {
|
if err := h.db.Preload("Namespace").Preload("ACLTags").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -141,7 +143,7 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er
|
||||||
// does not exist.
|
// does not exist.
|
||||||
func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error {
|
func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error {
|
||||||
return h.db.Transaction(func(db *gorm.DB) error {
|
return h.db.Transaction(func(db *gorm.DB) error {
|
||||||
if result := db.Unscoped().Where(PreAuthKeyAclTag{PreAuthKeyID: pak.ID}).Delete(&PreAuthKeyAclTag{}); result.Error != nil {
|
if result := db.Unscoped().Where(PreAuthKeyACLTag{PreAuthKeyID: pak.ID}).Delete(&PreAuthKeyACLTag{}); result.Error != nil {
|
||||||
return result.Error
|
return result.Error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -176,7 +178,7 @@ func (h *Headscale) UsePreAuthKey(k *PreAuthKey) error {
|
||||||
// If returns no error and a PreAuthKey, it can be used.
|
// If returns no error and a PreAuthKey, it can be used.
|
||||||
func (h *Headscale) checkKeyValidity(k string) (*PreAuthKey, error) {
|
func (h *Headscale) checkKeyValidity(k string) (*PreAuthKey, error) {
|
||||||
pak := PreAuthKey{}
|
pak := PreAuthKey{}
|
||||||
if result := h.db.Preload("Namespace").Preload("AclTags").First(&pak, "key = ?", k); errors.Is(
|
if result := h.db.Preload("Namespace").Preload("ACLTags").First(&pak, "key = ?", k); errors.Is(
|
||||||
result.Error,
|
result.Error,
|
||||||
gorm.ErrRecordNotFound,
|
gorm.ErrRecordNotFound,
|
||||||
) {
|
) {
|
||||||
|
@ -221,7 +223,7 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey {
|
||||||
Ephemeral: key.Ephemeral,
|
Ephemeral: key.Ephemeral,
|
||||||
Reusable: key.Reusable,
|
Reusable: key.Reusable,
|
||||||
Used: key.Used,
|
Used: key.Used,
|
||||||
AclTags: make([]string, len(key.AclTags)),
|
AclTags: make([]string, len(key.ACLTags)),
|
||||||
}
|
}
|
||||||
|
|
||||||
if key.Expiration != nil {
|
if key.Expiration != nil {
|
||||||
|
@ -232,9 +234,9 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey {
|
||||||
protoKey.CreatedAt = timestamppb.New(*key.CreatedAt)
|
protoKey.CreatedAt = timestamppb.New(*key.CreatedAt)
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(key.AclTags) > 0 {
|
if len(key.ACLTags) > 0 {
|
||||||
for idx := range key.AclTags {
|
for idx := range key.ACLTags {
|
||||||
protoKey.AclTags[idx] = key.AclTags[idx].Tag
|
protoKey.AclTags[idx] = key.ACLTags[idx].Tag
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -191,7 +191,7 @@ func (*Suite) TestNotReusableMarkedAsUsed(c *check.C) {
|
||||||
c.Assert(err, check.Equals, ErrSingleUseAuthKeyHasBeenUsed)
|
c.Assert(err, check.Equals, ErrSingleUseAuthKeyHasBeenUsed)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*Suite) TestPreAuthKeyAclTags(c *check.C) {
|
func (*Suite) TestPreAuthKeyACLTags(c *check.C) {
|
||||||
namespace, err := app.CreateNamespace("test8")
|
namespace, err := app.CreateNamespace("test8")
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
|
|
@ -343,7 +343,6 @@ func (h *Headscale) handleAuthKeyCommon(
|
||||||
machine.NodeKey = nodeKey
|
machine.NodeKey = nodeKey
|
||||||
machine.AuthKeyID = uint(pak.ID)
|
machine.AuthKeyID = uint(pak.ID)
|
||||||
err := h.RefreshMachine(machine, registerRequest.Expiry)
|
err := h.RefreshMachine(machine, registerRequest.Expiry)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().
|
log.Error().
|
||||||
Caller().
|
Caller().
|
||||||
|
@ -372,7 +371,6 @@ func (h *Headscale) handleAuthKeyCommon(
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
now := time.Now().UTC()
|
now := time.Now().UTC()
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue