TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-07-18 19:48:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

tailcfg: add CapabilityOwner (#16426)

Browse Source 
We would like to start sending whether a node is a Tailnet owner in netmap responses so that clients can determine what information to display to a user who wants to request account deletion.

Updates tailscale/corp#30016

Signed-off-by: kari-ts <kari@tailscale.com>
This commit is contained in:
kari-ts 2025-07-01 09:28:48 -07:00 committed by GitHub
parent 454d856be8
commit d15b2312c4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ipn/ipnlocal/local_test.go
View File

@ -826,10 +826,21 @@ func TestStatusPeerCapabilities(t *testing.T) {
tailcfg.CapabilityAdmin: {`{"test": "true}`}, tailcfg.CapabilityAdmin: {`{"test": "true}`},
}), }),
}).View(), }).View(),
(&tailcfg.Node{
ID: 3,
StableID: "baz",
Key: makeNodeKeyFromID(3),
Hostinfo: (&tailcfg.Hostinfo{}).View(),
Capabilities: []tailcfg.NodeCapability{tailcfg.CapabilityOwner},
CapMap: (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{
tailcfg.CapabilityOwner: nil,
}),
}).View(),
}, },
expectedPeerCapabilities: map[tailcfg.StableNodeID][]tailcfg.NodeCapability{ expectedPeerCapabilities: map[tailcfg.StableNodeID][]tailcfg.NodeCapability{
tailcfg.StableNodeID("foo"): {tailcfg.CapabilitySSH}, tailcfg.StableNodeID("foo"): {tailcfg.CapabilitySSH},
tailcfg.StableNodeID("bar"): {tailcfg.CapabilityAdmin}, tailcfg.StableNodeID("bar"): {tailcfg.CapabilityAdmin},
tailcfg.StableNodeID("baz"): {tailcfg.CapabilityOwner},
}, },
expectedPeerCapMap: map[tailcfg.StableNodeID]tailcfg.NodeCapMap{ expectedPeerCapMap: map[tailcfg.StableNodeID]tailcfg.NodeCapMap{
tailcfg.StableNodeID("foo"): (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{ tailcfg.StableNodeID("foo"): (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{
@ -838,6 +849,9 @@ func TestStatusPeerCapabilities(t *testing.T) {
tailcfg.StableNodeID("bar"): (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{ tailcfg.StableNodeID("bar"): (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{
tailcfg.CapabilityAdmin: {`{"test": "true}`}, tailcfg.CapabilityAdmin: {`{"test": "true}`},
}), }),
tailcfg.StableNodeID("baz"): (tailcfg.NodeCapMap)(map[tailcfg.NodeCapability][]tailcfg.RawMessage{
tailcfg.CapabilityOwner: nil,
}),
}, },
}, },
{ {

1
tailcfg/tailcfg.go
View File

@ -2367,6 +2367,7 @@ type NodeCapability string
const ( const (
CapabilityFileSharing NodeCapability = "https://tailscale.com/cap/file-sharing" CapabilityFileSharing NodeCapability = "https://tailscale.com/cap/file-sharing"
CapabilityAdmin NodeCapability = "https://tailscale.com/cap/is-admin" CapabilityAdmin NodeCapability = "https://tailscale.com/cap/is-admin"
CapabilityOwner NodeCapability = "https://tailscale.com/cap/is-owner"
CapabilitySSH NodeCapability = "https://tailscale.com/cap/ssh" // feature enabled/available CapabilitySSH NodeCapability = "https://tailscale.com/cap/ssh" // feature enabled/available
CapabilitySSHRuleIn NodeCapability = "https://tailscale.com/cap/ssh-rule-in" // some SSH rule reach this node CapabilitySSHRuleIn NodeCapability = "https://tailscale.com/cap/ssh-rule-in" // some SSH rule reach this node
CapabilityDataPlaneAuditLogs NodeCapability = "https://tailscale.com/cap/data-plane-audit-logs" // feature enabled CapabilityDataPlaneAuditLogs NodeCapability = "https://tailscale.com/cap/data-plane-audit-logs" // feature enabled