client/tailscale: add postures to UserRuleMatch
Updates tailscale/corp#17770 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
parent
d59878e457
commit
65255b060b
|
@ -270,6 +270,14 @@ type UserRuleMatch struct {
|
||||||
Users []string `json:"users"`
|
Users []string `json:"users"`
|
||||||
Ports []string `json:"ports"`
|
Ports []string `json:"ports"`
|
||||||
LineNumber int `json:"lineNumber"`
|
LineNumber int `json:"lineNumber"`
|
||||||
|
|
||||||
|
// Postures is a list of posture policies that are
|
||||||
|
// associated with this match. The rules can be looked
|
||||||
|
// up in the ACLPreviewResponse parent struct.
|
||||||
|
// The source of the list is from srcPosture on
|
||||||
|
// an ACL or Grant rule:
|
||||||
|
// https://tailscale.com/kb/1288/device-posture#posture-conditions
|
||||||
|
Postures []string `json:"postures"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// ACLPreviewResponse is the response type of previewACLPostRequest
|
// ACLPreviewResponse is the response type of previewACLPostRequest
|
||||||
|
@ -277,6 +285,12 @@ type ACLPreviewResponse struct {
|
||||||
Matches []UserRuleMatch `json:"matches"` // ACL rules that match the specified user or ipport.
|
Matches []UserRuleMatch `json:"matches"` // ACL rules that match the specified user or ipport.
|
||||||
Type string `json:"type"` // The request type: currently only "user" or "ipport".
|
Type string `json:"type"` // The request type: currently only "user" or "ipport".
|
||||||
PreviewFor string `json:"previewFor"` // A specific user or ipport.
|
PreviewFor string `json:"previewFor"` // A specific user or ipport.
|
||||||
|
|
||||||
|
// Postures is a map of postures and associated rules that apply
|
||||||
|
// to this preview.
|
||||||
|
// For more details about the posture mapping, see:
|
||||||
|
// https://tailscale.com/kb/1288/device-posture#postures
|
||||||
|
Postures map[string][]string `json:"postures,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// ACLPreview is the response type of PreviewACLForUser, PreviewACLForIPPort, PreviewACLHuJSONForUser, and PreviewACLHuJSONForIPPort
|
// ACLPreview is the response type of PreviewACLForUser, PreviewACLForIPPort, PreviewACLHuJSONForUser, and PreviewACLHuJSONForIPPort
|
||||||
|
@ -284,6 +298,12 @@ type ACLPreview struct {
|
||||||
Matches []UserRuleMatch `json:"matches"`
|
Matches []UserRuleMatch `json:"matches"`
|
||||||
User string `json:"user,omitempty"` // Filled if response of PreviewACLForUser or PreviewACLHuJSONForUser
|
User string `json:"user,omitempty"` // Filled if response of PreviewACLForUser or PreviewACLHuJSONForUser
|
||||||
IPPort string `json:"ipport,omitempty"` // Filled if response of PreviewACLForIPPort or PreviewACLHuJSONForIPPort
|
IPPort string `json:"ipport,omitempty"` // Filled if response of PreviewACLForIPPort or PreviewACLHuJSONForIPPort
|
||||||
|
|
||||||
|
// Postures is a map of postures and associated rules that apply
|
||||||
|
// to this preview.
|
||||||
|
// For more details about the posture mapping, see:
|
||||||
|
// https://tailscale.com/kb/1288/device-posture#postures
|
||||||
|
Postures map[string][]string `json:"postures,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Client) previewACLPostRequest(ctx context.Context, body []byte, previewType string, previewFor string) (res *ACLPreviewResponse, err error) {
|
func (c *Client) previewACLPostRequest(ctx context.Context, body []byte, previewType string, previewFor string) (res *ACLPreviewResponse, err error) {
|
||||||
|
@ -341,8 +361,9 @@ func (c *Client) PreviewACLForUser(ctx context.Context, acl ACL, user string) (r
|
||||||
}
|
}
|
||||||
|
|
||||||
return &ACLPreview{
|
return &ACLPreview{
|
||||||
Matches: b.Matches,
|
Matches: b.Matches,
|
||||||
User: b.PreviewFor,
|
User: b.PreviewFor,
|
||||||
|
Postures: b.Postures,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -369,8 +390,9 @@ func (c *Client) PreviewACLForIPPort(ctx context.Context, acl ACL, ipport netip.
|
||||||
}
|
}
|
||||||
|
|
||||||
return &ACLPreview{
|
return &ACLPreview{
|
||||||
Matches: b.Matches,
|
Matches: b.Matches,
|
||||||
IPPort: b.PreviewFor,
|
IPPort: b.PreviewFor,
|
||||||
|
Postures: b.Postures,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -394,8 +416,9 @@ func (c *Client) PreviewACLHuJSONForUser(ctx context.Context, acl ACLHuJSON, use
|
||||||
}
|
}
|
||||||
|
|
||||||
return &ACLPreview{
|
return &ACLPreview{
|
||||||
Matches: b.Matches,
|
Matches: b.Matches,
|
||||||
User: b.PreviewFor,
|
User: b.PreviewFor,
|
||||||
|
Postures: b.Postures,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -419,8 +442,9 @@ func (c *Client) PreviewACLHuJSONForIPPort(ctx context.Context, acl ACLHuJSON, i
|
||||||
}
|
}
|
||||||
|
|
||||||
return &ACLPreview{
|
return &ACLPreview{
|
||||||
Matches: b.Matches,
|
Matches: b.Matches,
|
||||||
IPPort: b.PreviewFor,
|
IPPort: b.PreviewFor,
|
||||||
|
Postures: b.Postures,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue