mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-11 00:12:09 +02:00
Set the resource from the site
This commit is contained in:
@@ -198,17 +198,19 @@ export async function updatePrivateResources(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let resourceStatusFromSite: "approved" | "pending" = "approved";
|
||||||
if (siteId && allSites.length === 0) {
|
if (siteId && allSites.length === 0) {
|
||||||
// only add if there are not provided sites
|
// only add if there are not provided sites
|
||||||
// Use the provided siteId directly, but verify it belongs to the org
|
// Use the provided siteId directly, but verify it belongs to the org
|
||||||
const [siteSingle] = await trx
|
const [siteSingle] = await trx
|
||||||
.select({ siteId: sites.siteId })
|
.select({ siteId: sites.siteId, status: sites.status })
|
||||||
.from(sites)
|
.from(sites)
|
||||||
.where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId)))
|
.where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId)))
|
||||||
.limit(1);
|
.limit(1);
|
||||||
if (siteSingle) {
|
if (siteSingle) {
|
||||||
allSites.push(siteSingle);
|
allSites.push(siteSingle);
|
||||||
}
|
}
|
||||||
|
resourceStatusFromSite = siteSingle.status ?? "approved";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (allSites.length === 0) {
|
if (allSites.length === 0) {
|
||||||
@@ -259,7 +261,8 @@ export async function updatePrivateResources(
|
|||||||
pamMode: resourceData["auth-daemon"]?.pam || "passthrough",
|
pamMode: resourceData["auth-daemon"]?.pam || "passthrough",
|
||||||
authDaemonMode:
|
authDaemonMode:
|
||||||
resourceData["auth-daemon"]?.mode || "native",
|
resourceData["auth-daemon"]?.mode || "native",
|
||||||
authDaemonPort: resourceData["auth-daemon"]?.port || 22123
|
authDaemonPort: resourceData["auth-daemon"]?.port || 22123,
|
||||||
|
status: resourceStatusFromSite
|
||||||
})
|
})
|
||||||
.where(
|
.where(
|
||||||
eq(
|
eq(
|
||||||
@@ -512,7 +515,8 @@ export async function updatePrivateResources(
|
|||||||
pamMode: resourceData["auth-daemon"]?.pam || "passthrough",
|
pamMode: resourceData["auth-daemon"]?.pam || "passthrough",
|
||||||
authDaemonMode:
|
authDaemonMode:
|
||||||
resourceData["auth-daemon"]?.mode || "native",
|
resourceData["auth-daemon"]?.mode || "native",
|
||||||
authDaemonPort: resourceData["auth-daemon"]?.port || 22123
|
authDaemonPort: resourceData["auth-daemon"]?.port || 22123,
|
||||||
|
status: resourceStatusFromSite
|
||||||
})
|
})
|
||||||
.returning();
|
.returning();
|
||||||
|
|
||||||
|
|||||||
@@ -25,6 +25,7 @@ import {
|
|||||||
rolePolicies,
|
rolePolicies,
|
||||||
roleResources,
|
roleResources,
|
||||||
roles,
|
roles,
|
||||||
|
Site,
|
||||||
sites,
|
sites,
|
||||||
Target,
|
Target,
|
||||||
TargetHealthCheck,
|
TargetHealthCheck,
|
||||||
@@ -74,19 +75,40 @@ export async function updatePublicResources(
|
|||||||
)) {
|
)) {
|
||||||
const targetsToUpdate: Target[] = [];
|
const targetsToUpdate: Target[] = [];
|
||||||
const healthchecksToUpdate: TargetHealthCheck[] = [];
|
const healthchecksToUpdate: TargetHealthCheck[] = [];
|
||||||
|
|
||||||
let resource: Resource;
|
let resource: Resource;
|
||||||
|
let resourceStatusFromSite: "approved" | "pending" = "approved";
|
||||||
|
let providedSite: Partial<Site> | undefined;
|
||||||
|
if (siteId) {
|
||||||
|
// Use the provided siteId directly, but verify it belongs to the org
|
||||||
|
[providedSite] = await trx
|
||||||
|
.select({
|
||||||
|
siteId: sites.siteId,
|
||||||
|
type: sites.type,
|
||||||
|
status: sites.status
|
||||||
|
})
|
||||||
|
.from(sites)
|
||||||
|
.where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId)))
|
||||||
|
.limit(1);
|
||||||
|
|
||||||
|
resourceStatusFromSite = providedSite?.status ?? "approved";
|
||||||
|
}
|
||||||
|
|
||||||
async function createTarget( // reusable function to create a target
|
async function createTarget( // reusable function to create a target
|
||||||
resourceId: number,
|
resourceId: number,
|
||||||
targetData: TargetData
|
targetData: TargetData
|
||||||
) {
|
) {
|
||||||
const targetSiteId = targetData.site;
|
const targetSiteId = targetData.site;
|
||||||
let site;
|
let site: Partial<Site> | undefined;
|
||||||
|
|
||||||
if (targetSiteId) {
|
if (targetSiteId) {
|
||||||
// Look up site by niceId
|
// Look up site by niceId
|
||||||
[site] = await trx
|
[site] = await trx
|
||||||
.select({ siteId: sites.siteId, type: sites.type })
|
.select({
|
||||||
|
siteId: sites.siteId,
|
||||||
|
type: sites.type,
|
||||||
|
status: sites.status
|
||||||
|
})
|
||||||
.from(sites)
|
.from(sites)
|
||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
@@ -95,15 +117,9 @@ export async function updatePublicResources(
|
|||||||
)
|
)
|
||||||
)
|
)
|
||||||
.limit(1);
|
.limit(1);
|
||||||
} else if (siteId) {
|
} else if (siteId && providedSite) {
|
||||||
// Use the provided siteId directly, but verify it belongs to the org
|
// Use the provided siteId directly, but verify it belongs to the org
|
||||||
[site] = await trx
|
site = providedSite;
|
||||||
.select({ siteId: sites.siteId, type: sites.type })
|
|
||||||
.from(sites)
|
|
||||||
.where(
|
|
||||||
and(eq(sites.siteId, siteId), eq(sites.orgId, orgId))
|
|
||||||
)
|
|
||||||
.limit(1);
|
|
||||||
} else {
|
} else {
|
||||||
throw new Error(`Target site is required`);
|
throw new Error(`Target site is required`);
|
||||||
}
|
}
|
||||||
@@ -139,7 +155,7 @@ export async function updatePublicResources(
|
|||||||
.insert(targets)
|
.insert(targets)
|
||||||
.values({
|
.values({
|
||||||
resourceId: resourceId,
|
resourceId: resourceId,
|
||||||
siteId: site.siteId,
|
siteId: site.siteId!,
|
||||||
ip: targetData.hostname,
|
ip: targetData.hostname,
|
||||||
mode: resourceData.mode as Target["mode"],
|
mode: resourceData.mode as Target["mode"],
|
||||||
method: targetData.method,
|
method: targetData.method,
|
||||||
@@ -172,7 +188,7 @@ export async function updatePublicResources(
|
|||||||
.insert(targetHealthCheck)
|
.insert(targetHealthCheck)
|
||||||
.values({
|
.values({
|
||||||
name: `${targetData.hostname}:${targetData.port}`,
|
name: `${targetData.hostname}:${targetData.port}`,
|
||||||
siteId: site.siteId,
|
siteId: site.siteId!,
|
||||||
targetId: newTarget.targetId,
|
targetId: newTarget.targetId,
|
||||||
orgId: orgId,
|
orgId: orgId,
|
||||||
hcEnabled: healthcheckData?.enabled || false,
|
hcEnabled: healthcheckData?.enabled || false,
|
||||||
@@ -406,7 +422,8 @@ export async function updatePublicResources(
|
|||||||
? (resourceData["proxy-protocol-version"] ??
|
? (resourceData["proxy-protocol-version"] ??
|
||||||
1)
|
1)
|
||||||
: 1,
|
: 1,
|
||||||
resourcePolicyId: sharedPolicy.resourcePolicyId
|
resourcePolicyId: sharedPolicy.resourcePolicyId,
|
||||||
|
status: resourceStatusFromSite
|
||||||
})
|
})
|
||||||
.where(
|
.where(
|
||||||
eq(
|
eq(
|
||||||
@@ -590,7 +607,8 @@ export async function updatePublicResources(
|
|||||||
authDaemonPort:
|
authDaemonPort:
|
||||||
resourceData["auth-daemon"]?.port || 22123,
|
resourceData["auth-daemon"]?.port || 22123,
|
||||||
resourcePolicyId: null,
|
resourcePolicyId: null,
|
||||||
defaultResourcePolicyId: inlinePolicyId
|
defaultResourcePolicyId: inlinePolicyId,
|
||||||
|
status: resourceStatusFromSite
|
||||||
})
|
})
|
||||||
.where(
|
.where(
|
||||||
eq(
|
eq(
|
||||||
@@ -1131,6 +1149,7 @@ export async function updatePublicResources(
|
|||||||
.values({
|
.values({
|
||||||
orgId,
|
orgId,
|
||||||
niceId: resourceNiceId,
|
niceId: resourceNiceId,
|
||||||
|
status: resourceStatusFromSite,
|
||||||
name: resourceData.name || "Unnamed Resource",
|
name: resourceData.name || "Unnamed Resource",
|
||||||
mode: resourceData.mode,
|
mode: resourceData.mode,
|
||||||
proxyPort: ["http", "ssh", "rdp", "vnc"].includes(
|
proxyPort: ["http", "ssh", "rdp", "vnc"].includes(
|
||||||
|
|||||||
Reference in New Issue
Block a user