BREAKING CHANGE(vpn): replace tag-based VPN access control with source and target profiles
This commit is contained in:
@@ -10,5 +10,6 @@ export * from './remoteingress.js';
|
||||
export * from './route-management.js';
|
||||
export * from './api-tokens.js';
|
||||
export * from './vpn.js';
|
||||
export * from './security-profiles.js';
|
||||
export * from './source-profiles.js';
|
||||
export * from './target-profiles.js';
|
||||
export * from './network-targets.js';
|
||||
@@ -1,54 +1,54 @@
|
||||
import * as plugins from '../plugins.js';
|
||||
import type * as authInterfaces from '../data/auth.js';
|
||||
import type { ISecurityProfile, IRouteSecurity } from '../data/route-management.js';
|
||||
import type { ISourceProfile, IRouteSecurity } from '../data/route-management.js';
|
||||
|
||||
// ============================================================================
|
||||
// Security Profile Endpoints
|
||||
// Source Profile Endpoints (source-side: who can access)
|
||||
// ============================================================================
|
||||
|
||||
/**
|
||||
* Get all security profiles.
|
||||
* Get all source profiles.
|
||||
*/
|
||||
export interface IReq_GetSecurityProfiles extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_GetSourceProfiles extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetSecurityProfiles
|
||||
IReq_GetSourceProfiles
|
||||
> {
|
||||
method: 'getSecurityProfiles';
|
||||
method: 'getSourceProfiles';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
};
|
||||
response: {
|
||||
profiles: ISecurityProfile[];
|
||||
profiles: ISourceProfile[];
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a single security profile by ID.
|
||||
* Get a single source profile by ID.
|
||||
*/
|
||||
export interface IReq_GetSecurityProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_GetSourceProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetSecurityProfile
|
||||
IReq_GetSourceProfile
|
||||
> {
|
||||
method: 'getSecurityProfile';
|
||||
method: 'getSourceProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
id: string;
|
||||
};
|
||||
response: {
|
||||
profile: ISecurityProfile | null;
|
||||
profile: ISourceProfile | null;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new security profile.
|
||||
* Create a new source profile.
|
||||
*/
|
||||
export interface IReq_CreateSecurityProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_CreateSourceProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_CreateSecurityProfile
|
||||
IReq_CreateSourceProfile
|
||||
> {
|
||||
method: 'createSecurityProfile';
|
||||
method: 'createSourceProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
@@ -65,13 +65,13 @@ export interface IReq_CreateSecurityProfile extends plugins.typedrequestInterfac
|
||||
}
|
||||
|
||||
/**
|
||||
* Update a security profile.
|
||||
* Update a source profile.
|
||||
*/
|
||||
export interface IReq_UpdateSecurityProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_UpdateSourceProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_UpdateSecurityProfile
|
||||
IReq_UpdateSourceProfile
|
||||
> {
|
||||
method: 'updateSecurityProfile';
|
||||
method: 'updateSourceProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
@@ -89,13 +89,13 @@ export interface IReq_UpdateSecurityProfile extends plugins.typedrequestInterfac
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete a security profile.
|
||||
* Delete a source profile.
|
||||
*/
|
||||
export interface IReq_DeleteSecurityProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_DeleteSourceProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_DeleteSecurityProfile
|
||||
IReq_DeleteSourceProfile
|
||||
> {
|
||||
method: 'deleteSecurityProfile';
|
||||
method: 'deleteSourceProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
@@ -109,13 +109,13 @@ export interface IReq_DeleteSecurityProfile extends plugins.typedrequestInterfac
|
||||
}
|
||||
|
||||
/**
|
||||
* Get which routes reference a security profile.
|
||||
* Get which routes reference a source profile.
|
||||
*/
|
||||
export interface IReq_GetSecurityProfileUsage extends plugins.typedrequestInterfaces.implementsTR<
|
||||
export interface IReq_GetSourceProfileUsage extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetSecurityProfileUsage
|
||||
IReq_GetSourceProfileUsage
|
||||
> {
|
||||
method: 'getSecurityProfileUsage';
|
||||
method: 'getSourceProfileUsage';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
128
ts_interfaces/requests/target-profiles.ts
Normal file
128
ts_interfaces/requests/target-profiles.ts
Normal file
@@ -0,0 +1,128 @@
|
||||
import * as plugins from '../plugins.js';
|
||||
import type * as authInterfaces from '../data/auth.js';
|
||||
import type { ITargetProfile, ITargetProfileTarget } from '../data/target-profile.js';
|
||||
|
||||
// ============================================================================
|
||||
// Target Profile Endpoints (target-side: what can be accessed)
|
||||
// ============================================================================
|
||||
|
||||
/**
|
||||
* Get all target profiles.
|
||||
*/
|
||||
export interface IReq_GetTargetProfiles extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetTargetProfiles
|
||||
> {
|
||||
method: 'getTargetProfiles';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
};
|
||||
response: {
|
||||
profiles: ITargetProfile[];
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a single target profile by ID.
|
||||
*/
|
||||
export interface IReq_GetTargetProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetTargetProfile
|
||||
> {
|
||||
method: 'getTargetProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
id: string;
|
||||
};
|
||||
response: {
|
||||
profile: ITargetProfile | null;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new target profile.
|
||||
*/
|
||||
export interface IReq_CreateTargetProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_CreateTargetProfile
|
||||
> {
|
||||
method: 'createTargetProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
name: string;
|
||||
description?: string;
|
||||
domains?: string[];
|
||||
targets?: ITargetProfileTarget[];
|
||||
routeRefs?: string[];
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
id?: string;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Update a target profile.
|
||||
*/
|
||||
export interface IReq_UpdateTargetProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_UpdateTargetProfile
|
||||
> {
|
||||
method: 'updateTargetProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
id: string;
|
||||
name?: string;
|
||||
description?: string;
|
||||
domains?: string[];
|
||||
targets?: ITargetProfileTarget[];
|
||||
routeRefs?: string[];
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete a target profile.
|
||||
*/
|
||||
export interface IReq_DeleteTargetProfile extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_DeleteTargetProfile
|
||||
> {
|
||||
method: 'deleteTargetProfile';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
id: string;
|
||||
force?: boolean;
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Get which VPN clients reference a target profile.
|
||||
*/
|
||||
export interface IReq_GetTargetProfileUsage extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetTargetProfileUsage
|
||||
> {
|
||||
method: 'getTargetProfileUsage';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
id: string;
|
||||
};
|
||||
response: {
|
||||
clients: Array<{ clientId: string; description?: string }>;
|
||||
};
|
||||
}
|
||||
@@ -49,7 +49,7 @@ export interface IReq_CreateVpnClient extends plugins.typedrequestInterfaces.imp
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
clientId: string;
|
||||
serverDefinedClientTags?: string[];
|
||||
targetProfileIds?: string[];
|
||||
description?: string;
|
||||
forceDestinationSmartproxy?: boolean;
|
||||
destinationAllowList?: string[];
|
||||
@@ -81,7 +81,7 @@ export interface IReq_UpdateVpnClient extends plugins.typedrequestInterfaces.imp
|
||||
identity: authInterfaces.IIdentity;
|
||||
clientId: string;
|
||||
description?: string;
|
||||
serverDefinedClientTags?: string[];
|
||||
targetProfileIds?: string[];
|
||||
forceDestinationSmartproxy?: boolean;
|
||||
destinationAllowList?: string[];
|
||||
destinationBlockList?: string[];
|
||||
|
||||
Reference in New Issue
Block a user