Add support for adding Client Certificates to access-lists

Client certificate support is added as a new separate type of option for
access-lists.

This commit is the support code to enable access-lists to contain
Client Certificate references.
This commit is contained in:
Will Rouesnel
2023-05-27 01:43:15 +10:00
parent d5b3e53140
commit e5bb50c164
15 changed files with 374 additions and 41 deletions

View File

@ -1,12 +1,13 @@
// Objection Docs:
// http://vincit.github.io/objection.js/
const db = require('../db');
const Model = require('objection').Model;
const User = require('./user');
const AccessListAuth = require('./access_list_auth');
const AccessListClient = require('./access_list_client');
const now = require('./now_helper');
const db = require('../db');
const Model = require('objection').Model;
const User = require('./user');
const AccessListAuth = require('./access_list_auth');
const AccessListClient = require('./access_list_client');
const AccessListClientCAs = require('./access_list_clientcas');
const now = require('./now_helper');
Model.knex(db);
@ -68,6 +69,14 @@ class AccessList extends Model {
to: 'access_list_client.access_list_id'
}
},
clientcas: {
relation: Model.HasManyRelation,
modelClass: AccessListClientCAs,
join: {
from: 'access_list.id',
to: 'access_list_clientcas.access_list_id'
}
},
proxy_hosts: {
relation: Model.HasManyRelation,
modelClass: ProxyHost,

View File

@ -0,0 +1,62 @@
// Objection Docs:
// http://vincit.github.io/objection.js/
const db = require('../db');
const Model = require('objection').Model;
const now = require('./now_helper');
Model.knex(db);
class AccessListClientCAs extends Model {
$beforeInsert () {
this.created_on = now();
this.modified_on = now();
// Default for meta
if (typeof this.meta === 'undefined') {
this.meta = {};
}
}
$beforeUpdate () {
this.modified_on = now();
}
static get name () {
return 'AccessListClientCAs';
}
static get tableName () {
return 'access_list_clientcas';
}
static get jsonAttributes () {
return ['meta'];
}
static get relationMappings () {
return {
access_list: {
relation: Model.HasOneRelation,
modelClass: require('./access_list'),
join: {
from: 'access_list_clientcas.access_list_id',
to: 'access_list.id'
},
modify: function (qb) {
qb.where('access_list.is_deleted', 0);
}
},
certificate: {
relation: Model.HasOneRelation,
modelClass: require('./certificate'),
join: {
from: 'access_list_clientcas.certificate_id',
to: 'certificate.id'
}
}
};
}
}
module.exports = AccessListClientCAs;