DodoApp: Restrict users to one domain Change-Id: I4d09d5ee61d0ec712fd9dfa848c0af0c8e550d68

commit: 11617ac140a250505e177fa0e375fdcd411efe08 [log] [tgz]
author: gio <gio@v1.dodo.cloud> Mon Jul 15 16:09:04 2024 +0400
committer: gio <gio@v1.dodo.cloud> Thu Jul 18 14:10:04 2024 +0000
tree: 19f5bd8985efd7e926b6439f8b13994236c2b4cf
parent: 1e5682b8f719589494b23b9805590ffeb9ff5e3f [diff] [blame]
diff --git a/core/installer/cmd/dodo_app.go b/core/installer/cmd/dodo_app.go
index ea5e7fd..5fc6e3e 100644
--- a/core/installer/cmd/dodo_app.go
+++ b/core/installer/cmd/dodo_app.go

@@ -17,15 +17,16 @@
 )
 
 var dodoAppFlags struct {
+	external          bool
 	port              int
 	apiPort           int
 	sshKey            string
 	repoAddr          string
 	self              string
+	repoPublicAddr    string
 	namespace         string
 	envAppManagerAddr string
 	envConfig         string
-	appAdminKey       string
 	gitRepoPublicKey  string
 	db                string
 	networks          []string
@@ -36,6 +37,12 @@
 		Use:  "dodo-app",
 		RunE: dodoAppCmdRun,
 	}
+	cmd.Flags().BoolVar(
+		&dodoAppFlags.external,
+		"external",
+		false,
+		"",
+	)
 	cmd.Flags().IntVar(
 		&dodoAppFlags.port,
 		"port",
@@ -73,6 +80,12 @@
 		"",
 	)
 	cmd.Flags().StringVar(
+		&dodoAppFlags.repoPublicAddr,
+		"repo-public-addr",
+		"",
+		"",
+	)
+	cmd.Flags().StringVar(
 		&dodoAppFlags.namespace,
 		"namespace",
 		"",
@@ -91,12 +104,6 @@
 		"",
 	)
 	cmd.Flags().StringVar(
-		&dodoAppFlags.appAdminKey,
-		"app-admin-key",
-		"",
-		"",
-	)
-	cmd.Flags().StringVar(
 		&dodoAppFlags.gitRepoPublicKey,
 		"git-repo-public-key",
 		"",
@@ -157,17 +164,34 @@
 	if err != nil {
 		return err
 	}
+	var nf welcome.NetworkFilter
+	if len(dodoAppFlags.networks) == 0 {
+		nf = welcome.NewNoNetworkFilter()
+	} else {
+		nf = welcome.NewAllowListFilter(dodoAppFlags.networks)
+	}
+	if dodoAppFlags.external {
+		nf = welcome.NewCombinedFilter(welcome.NewNetworkFilterByOwner(st), nf)
+	}
+	var ug welcome.UserGetter
+	if dodoAppFlags.external {
+		ug = welcome.NewExternalUserGetter()
+	} else {
+		ug = welcome.NewInternalUserGetter()
+	}
 	s, err := welcome.NewDodoAppServer(
 		st,
+		nf,
+		ug,
 		dodoAppFlags.port,
 		dodoAppFlags.apiPort,
 		dodoAppFlags.self,
+		dodoAppFlags.repoPublicAddr,
 		string(sshKey),
 		dodoAppFlags.gitRepoPublicKey,
 		softClient,
 		dodoAppFlags.namespace,
 		dodoAppFlags.envAppManagerAddr,
-		dodoAppFlags.networks,
 		nsc,
 		jc,
 		env,
@@ -175,10 +199,5 @@
 	if err != nil {
 		return err
 	}
-	if dodoAppFlags.appAdminKey != "" {
-		if _, err := s.CreateApp("app", dodoAppFlags.appAdminKey, "Private"); err != nil {
-			return err
-		}
-	}
 	return s.Start()
 }
commit	11617ac140a250505e177fa0e375fdcd411efe08	[log] [tgz]
author	gio <gio@v1.dodo.cloud>	Mon Jul 15 16:09:04 2024 +0400
committer	gio <gio@v1.dodo.cloud>	Thu Jul 18 14:10:04 2024 +0000
tree	19f5bd8985efd7e926b6439f8b13994236c2b4cf
parent	1e5682b8f719589494b23b9805590ffeb9ff5e3f [diff] [blame]