From a770bcc05ea17151f6654e5041ccb5408ce4d914 Mon Sep 17 00:00:00 2001 From: Anton Tolchanov <1687799+knyar@users.noreply.github.com> Date: Thu, 17 Aug 2023 17:01:09 +0100 Subject: [PATCH] tailscale: add recently introduced fields (#55) * tailscale: add SetDeviceAuthorized * tailscale: update ACL fields Signed-off-by: Anton Tolchanov --- tailscale/client.go | 26 ++++++++++++++++++++------ tailscale/client_test.go | 19 +++++++++++++++++++ 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/tailscale/client.go b/tailscale/client.go index f13d13d..48c429f 100644 --- a/tailscale/client.go +++ b/tailscale/client.go @@ -286,6 +286,10 @@ type ( DisableIPv4 bool `json:"disableIPv4,omitempty" hujson:"DisableIPv4,omitempty"` OneCGNATRoute string `json:"oneCGNATRoute,omitempty" hujson:"OneCGNATRoute,omitempty"` RandomizeClientPort bool `json:"randomizeClientPort,omitempty" hujson:"RandomizeClientPort,omitempty"` + + // As of Aug 2023 these fields are experimental and subject to change. + Postures map[string][]string `json:"postures,omitempty" hujson:"Postures,omitempty"` + DefaultSourcePosture []string `json:"defaultSrcPosture,omitempty" hujson:"DefaultSrcPosture,omitempty"` } ACLAutoApprovers struct { @@ -300,6 +304,9 @@ type ( Source []string `json:"src,omitempty" hujson:"Src,omitempty"` Destination []string `json:"dst,omitempty" hujson:"Dst,omitempty"` Protocol string `json:"proto,omitempty" hujson:"Proto,omitempty"` + + // Experimental. + SourcePosture []string `json:"srcPosture,omitempty" hujson:"SrcPosture,omitempty"` } ACLTest struct { @@ -338,11 +345,13 @@ type ( } ACLSSH struct { - Action string `json:"action,omitempty" hujson:"Action,omitempty"` - Users []string `json:"users,omitempty" hujson:"Users,omitempty"` - Source []string `json:"src,omitempty" hujson:"Src,omitempty"` - Destination []string `json:"dst,omitempty" hujson:"Dst,omitempty"` - CheckPeriod Duration `json:"checkPeriod,omitempty" hujson:"CheckPeriod,omitempty"` + Action string `json:"action,omitempty" hujson:"Action,omitempty"` + Users []string `json:"users,omitempty" hujson:"Users,omitempty"` + Source []string `json:"src,omitempty" hujson:"Src,omitempty"` + Destination []string `json:"dst,omitempty" hujson:"Dst,omitempty"` + CheckPeriod Duration `json:"checkPeriod,omitempty" hujson:"CheckPeriod,omitempty"` + Recorder []string `json:"recorder,omitempty" hujson:"Recorder,omitempty"` + EnforceRecorder bool `json:"enforceRecorder,omitempty" hujson:"EnforceRecorder,omitempty"` } NodeAttrGrant struct { @@ -550,10 +559,15 @@ func (c *Client) Devices(ctx context.Context) ([]Device, error) { // AuthorizeDevice marks the specified device identifier as authorized to join the tailnet. func (c *Client) AuthorizeDevice(ctx context.Context, deviceID string) error { + return c.SetDeviceAuthorized(ctx, deviceID, true) +} + +// SetDeviceAuthorized marks the specified device as authorized or not. +func (c *Client) SetDeviceAuthorized(ctx context.Context, deviceID string, authorized bool) error { const uriFmt = "/api/v2/device/%s/authorized" req, err := c.buildRequest(ctx, http.MethodPost, fmt.Sprintf(uriFmt, deviceID), nil, map[string]bool{ - "authorized": true, + "authorized": authorized, }) if err != nil { return err diff --git a/tailscale/client_test.go b/tailscale/client_test.go index ceef2bd..2126ccb 100644 --- a/tailscale/client_test.go +++ b/tailscale/client_test.go @@ -638,6 +638,25 @@ func TestClient_AuthorizeDevice(t *testing.T) { assert.EqualValues(t, true, body["authorized"]) } +func TestClient_SetDeviceAuthorized(t *testing.T) { + t.Parallel() + + client, server := NewTestHarness(t) + server.ResponseCode = http.StatusOK + + const deviceID = "test" + + for _, value := range []bool{true, false} { + assert.NoError(t, client.SetDeviceAuthorized(context.Background(), deviceID, value)) + assert.Equal(t, http.MethodPost, server.Method) + assert.Equal(t, "/api/v2/device/test/authorized", server.Path) + + body := make(map[string]bool) + assert.NoError(t, json.Unmarshal(server.Body.Bytes(), &body)) + assert.EqualValues(t, value, body["authorized"]) + } +} + func TestClient_CreateKey(t *testing.T) { t.Parallel()