From 887af85db185c9a05d775185ff01fddf2c6662e6 Mon Sep 17 00:00:00 2001 From: Owen Date: Mon, 8 Dec 2025 22:06:37 -0500 Subject: [PATCH] Fix removing remote subnet on remove site resource --- server/lib/rebuildClientAssociations.ts | 72 ++++++++++++++++++++++++- server/routers/client/targets.ts | 2 +- 2 files changed, 71 insertions(+), 3 deletions(-) diff --git a/server/lib/rebuildClientAssociations.ts b/server/lib/rebuildClientAssociations.ts index 134cbc06..9095b9bc 100644 --- a/server/lib/rebuildClientAssociations.ts +++ b/server/lib/rebuildClientAssociations.ts @@ -701,11 +701,45 @@ async function handleSubnetProxyTargetUpdates( } for (const client of removedClients) { + // Check if this client still has access to another resource on this site with the same destination + const destinationStillInUse = await trx + .select() + .from(siteResources) + .innerJoin( + clientSiteResourcesAssociationsCache, + eq( + clientSiteResourcesAssociationsCache.siteResourceId, + siteResources.siteResourceId + ) + ) + .where( + and( + eq( + clientSiteResourcesAssociationsCache.clientId, + client.clientId + ), + eq(siteResources.siteId, siteResource.siteId), + eq( + siteResources.destination, + siteResource.destination + ), + ne( + siteResources.siteResourceId, + siteResource.siteResourceId + ) + ) + ); + + // Only remove remote subnet if no other resource uses the same destination + const remoteSubnetsToRemove = destinationStillInUse.length > 0 + ? [] + : generateRemoteSubnets([siteResource]); + olmJobs.push( removePeerData( client.clientId, siteResource.siteId, - generateRemoteSubnets([siteResource]), + remoteSubnetsToRemove, generateAliasConfig([siteResource]) ) ); @@ -1213,12 +1247,46 @@ async function handleMessagesForClientResources( } try { + // Check if this client still has access to another resource on this site with the same destination + const destinationStillInUse = await trx + .select() + .from(siteResources) + .innerJoin( + clientSiteResourcesAssociationsCache, + eq( + clientSiteResourcesAssociationsCache.siteResourceId, + siteResources.siteResourceId + ) + ) + .where( + and( + eq( + clientSiteResourcesAssociationsCache.clientId, + client.clientId + ), + eq(siteResources.siteId, resource.siteId), + eq( + siteResources.destination, + resource.destination + ), + ne( + siteResources.siteResourceId, + resource.siteResourceId + ) + ) + ); + + // Only remove remote subnet if no other resource uses the same destination + const remoteSubnetsToRemove = destinationStillInUse.length > 0 + ? [] + : generateRemoteSubnets([resource]); + // Remove peer data from olm olmJobs.push( removePeerData( client.clientId, resource.siteId, - generateRemoteSubnets([resource]), + remoteSubnetsToRemove, generateAliasConfig([resource]) ) ); diff --git a/server/routers/client/targets.ts b/server/routers/client/targets.ts index c9bb910b..9887a454 100644 --- a/server/routers/client/targets.ts +++ b/server/routers/client/targets.ts @@ -1,5 +1,5 @@ import { sendToClient } from "#dynamic/routers/ws"; -import { db, olms } from "@server/db"; +import { db, olms, Transaction } from "@server/db"; import { Alias, SubnetProxyTarget } from "@server/lib/ip"; import logger from "@server/logger"; import { eq } from "drizzle-orm";