user roles and groups migration

gravitl · Oct 31, 2024 · 4b99435 · 4b99435
1 parent 1b035d9
commit 4b99435
Show file tree

Hide file tree

Showing 8 changed files with 11 additions and 11 deletions.
diff --git a/controllers/middleware.go b/controllers/middleware.go
@@ -60,6 +60,9 @@ func userMiddleWare(handler http.Handler) http.Handler {
 		if strings.Contains(route, "acls") {
 			r.Header.Set("TARGET_RSRC", models.AclRsrc.String())
 		}
+		if strings.Contains(route, "tags") {
+			r.Header.Set("TARGET_RSRC", models.TagRsrc.String())
+		}
 		if strings.Contains(route, "extclients") {
 			r.Header.Set("TARGET_RSRC", models.ExtClientsRsrc.String())
 		}

diff --git a/logic/auth.go b/logic/auth.go
@@ -186,7 +186,7 @@ func CreateUser(user *models.User) error {
 		logger.Log(0, "failed to insert user", err.Error())
 		return err
 	}
-
+	AddGlobalNetRolesToAdmins(*user)
 	return nil
 }
 

diff --git a/logic/user_mgmt.go b/logic/user_mgmt.go
@@ -60,7 +60,7 @@ var DeleteNetworkRoles = func(netID string) {}
 var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {}
 var CreateDefaultUserPolicies = func(netID models.NetworkID) {}
 var GetUserGroupsInNetwork = func(netID models.NetworkID) (networkGrps map[models.UserGroupID]models.UserGroup) { return }
-var AddGlobalNetRolesToAdmins = func(u *models.User) {}
+var AddGlobalNetRolesToAdmins = func(u models.User) {}
 
 // GetRole - fetches role template by id
 func GetRole(roleID models.UserRoleID) (models.UserRolePermissionTemplate, error) {

diff --git a/logic/users.go b/logic/users.go
@@ -62,7 +62,6 @@ func SetUserDefaults(user *models.User) {
 	if len(user.UserGroups) == 0 {
 		user.UserGroups = make(map[models.UserGroupID]struct{})
 	}
-	AddGlobalNetRolesToAdmins(user)
 }
 
 // SortUsers - Sorts slice of Users by username

diff --git a/migrate/migrate.go b/migrate/migrate.go
@@ -398,8 +398,7 @@ func syncUsers() {
 	if err == nil {
 		for _, user := range users {
 			user := user
-			logic.AddGlobalNetRolesToAdmins(&user)
-			logic.UpsertUser(user)
+			logic.AddGlobalNetRolesToAdmins(user)
 			if user.PlatformRoleID == models.AdminRole && !user.IsAdmin {
 				user.IsAdmin = true
 				logic.UpsertUser(user)
@@ -409,6 +408,7 @@ func syncUsers() {
 				logic.UpsertUser(user)
 			}
 			if user.PlatformRoleID.String() != "" {
+				logic.MigrateUserRoleAndGroups(user)
 				continue
 			}
 			user.AuthType = models.BasicAuth
@@ -431,7 +431,6 @@ func syncUsers() {
 			}
 			logic.UpsertUser(user)
 			logic.MigrateUserRoleAndGroups(user)
-
 		}
 	}
 

diff --git a/models/user_mgmt.go b/models/user_mgmt.go
@@ -62,6 +62,7 @@ const (
 	EnrollmentKeysRsrc RsrcType = "enrollment_key"
 	UserRsrc           RsrcType = "users"
 	AclRsrc            RsrcType = "acl"
+	TagRsrc            RsrcType = "tag"
 	DnsRsrc            RsrcType = "dns"
 	FailOverRsrc       RsrcType = "fail_over"
 	MetricRsrc         RsrcType = "metrics"

diff --git a/pro/logic/migrate.go b/pro/logic/migrate.go
@@ -28,7 +28,6 @@ func MigrateUserRoleAndGroups(user models.User) {
 				continue
 			}
 			user.UserGroups[g.ID] = struct{}{}
-
 		}
 	}
 	if len(user.NetworkRoles) > 0 {
@@ -44,9 +43,7 @@ func MigrateUserRoleAndGroups(user models.User) {
 				continue
 			}
 			user.UserGroups[g.ID] = struct{}{}
-			if err != nil {
-				continue
-			}
+			user.NetworkRoles = make(map[models.NetworkID]map[models.UserRoleID]struct{})
 		}
 
 	}

diff --git a/pro/logic/user_mgmt.go b/pro/logic/user_mgmt.go
@@ -1221,12 +1221,13 @@ func GetUserGroupsInNetwork(netID models.NetworkID) (networkGrps map[models.User
 	return
 }
 
-func AddGlobalNetRolesToAdmins(u *models.User) {
+func AddGlobalNetRolesToAdmins(u models.User) {
 	if u.PlatformRoleID != models.SuperAdminRole && u.PlatformRoleID != models.AdminRole {
 		return
 	}
 	if u.UserGroups == nil {
 		u.UserGroups = make(map[models.UserGroupID]struct{})
 	}
 	u.UserGroups[models.UserGroupID(fmt.Sprintf("global-%s-grp", models.NetworkAdmin))] = struct{}{}
+	logic.UpsertUser(u)
 }