Remove deprecated Rules API endpoints (#1523)

management/server/account.go

@@ -227,9 +227,6 @@ type Account struct {
 	PostureChecks          []*posture.Checks                 `gorm:"foreignKey:AccountID;references:id"`
 	// Settings is a dictionary of Account settings
 	Settings *Settings `gorm:"embedded;embeddedPrefix:settings_"`
-	// deprecated on store and api level
-	Rules  map[string]*Rule `json:"-" gorm:"-"`
-	RulesG []Rule           `json:"-" gorm:"-"`
 }
 
 type UserInfo struct {

management/server/file_store_test.go

@@ -258,18 +258,6 @@ func TestStore(t *testing.T) {
 		t.Errorf("failed to restore a FileStore file - missing Group all")
 	}
 
-	if restoredAccount.Rules["all"] == nil {
-		t.Errorf("failed to restore a FileStore file - missing Rule all")
-		return
-	}
-
-	if restoredAccount.Rules["dmz"] == nil {
-		t.Errorf("failed to restore a FileStore file - missing Rule dmz")
-		return
-	}
-	assert.Equal(t, account.Rules["all"], restoredAccount.Rules["all"], "failed to restore a FileStore file - missing Rule all")
-	assert.Equal(t, account.Rules["dmz"], restoredAccount.Rules["dmz"], "failed to restore a FileStore file - missing Rule dmz")
-
 	if len(restoredAccount.Policies) != 2 {
 		t.Errorf("failed to restore a FileStore file - missing Policies")
 		return
@@ -411,7 +399,6 @@ func TestFileStore_GetAccount(t *testing.T) {
 	assert.Len(t, account.Peers, len(expected.Peers))
 	assert.Len(t, account.Users, len(expected.Users))
 	assert.Len(t, account.SetupKeys, len(expected.SetupKeys))
-	assert.Len(t, account.Rules, len(expected.Rules))
 	assert.Len(t, account.Routes, len(expected.Routes))
 	assert.Len(t, account.NameServerGroups, len(expected.NameServerGroups))
 }

management/server/http/api/openapi.yml

@@ -17,8 +17,6 @@ tags:
     description: Interact with and view information about setup keys.
   - name: Groups
     description: Interact with and view information about groups.
-  - name: Rules
-    description: Interact with and view information about rules.
   - name: Policies
     description: Interact with and view information about policies.
   - name: Posture Checks
@@ -621,73 +619,6 @@ components:
                 $ref: '#/components/schemas/PeerMinimum'
           required:
             - peers
-    RuleMinimum:
-      type: object
-      properties:
-        name:
-          description: Rule name identifier
-          type: string
-          example: Default
-        description:
-          description: Rule friendly description
-          type: string
-          example: This is a default rule that allows connections between all the resources
-        disabled:
-          description: Rules status
-          type: boolean
-          example: false
-        flow:
-          description: Rule flow, currently, only "bidirect" for bi-directional traffic is accepted
-          type: string
-          example: bidirect
-      required:
-        - name
-        - description
-        - disabled
-        - flow
-    RuleRequest:
-      allOf:
-        - $ref: '#/components/schemas/RuleMinimum'
-        - type: object
-          properties:
-            sources:
-              type: array
-              description: List of source group IDs
-              items:
-                type: string
-                example: "ch8i4ug6lnn4g9hqv7m1"
-            destinations:
-              type: array
-              description: List of destination group IDs
-              items:
-                type: string
-                example: "ch8i4ug6lnn4g9hqv7m0"
-    Rule:
-      allOf:
-        - type: object
-          properties:
-            id:
-              description: Rule ID
-              type: string
-              example: ch8i4ug6lnn4g9hqv7mg
-          required:
-            - id
-        - $ref: '#/components/schemas/RuleMinimum'
-        - type: object
-          properties:
-            sources:
-              description: Rule source group IDs
-              type: array
-              items:
-                $ref: '#/components/schemas/GroupMinimum'
-            destinations:
-              description: Rule destination group IDs
-              type: array
-              items:
-                $ref: '#/components/schemas/GroupMinimum'
-          required:
-            - sources
-            - destinations
     PolicyRuleMinimum:
       type: object
       properties:
@@ -2035,147 +1966,6 @@ paths:
           "$ref": "#/components/responses/forbidden"
         '500':
           "$ref": "#/components/responses/internal_error"
-  /api/rules:
-    get:
-      summary: List all Rules
-      description: Returns a list of all rules. This will be deprecated in favour of `/api/policies`.
-      tags: [ Rules ]
-      deprecated: true
-      security:
-        - BearerAuth: [ ]
-        - TokenAuth: [ ]
-      responses:
-        '200':
-          description: A JSON Array of Rules
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/Rule'
-        '400':
-          "$ref": "#/components/responses/bad_request"
-        '401':
-          "$ref": "#/components/responses/requires_authentication"
-        '403':
-          "$ref": "#/components/responses/forbidden"
-        '500':
-          "$ref": "#/components/responses/internal_error"
-    post:
-      summary: Create a Rule
-      description: Creates a rule. This will be deprecated in favour of `/api/policies`.
-      deprecated: true
-      tags: [ Rules ]
-      security:
-        - BearerAuth: [ ]
-        - TokenAuth: [ ]
-      requestBody:
-        description: New Rule request
-        content:
-          'application/json':
-            schema:
-              $ref: '#/components/schemas/RuleRequest'
-      responses:
-        '200':
-          description: A Rule Object
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Rule'
-  /api/rules/{ruleId}:
-    get:
-      summary: Retrieve a Rule
-      description: Get information about a rules. This will be deprecated in favour of `/api/policies/{policyID}`.
-      deprecated: true
-      tags: [ Rules ]
-      security:
-        - BearerAuth: [ ]
-        - TokenAuth: [ ]
-      parameters:
-        - in: path
-          name: ruleId
-          required: true
-          schema:
-            type: string
-          description: The unique identifier of a rule
-      responses:
-        '200':
-          description: A Rule object
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Rule'
-        '400':
-          "$ref": "#/components/responses/bad_request"
-        '401':
-          "$ref": "#/components/responses/requires_authentication"
-        '403':
-          "$ref": "#/components/responses/forbidden"
-        '500':
-          "$ref": "#/components/responses/internal_error"
-    put:
-      summary: Update a Rule
-      description: Update/Replace a rule. This will be deprecated in favour of `/api/policies/{policyID}`.
-      deprecated: true
-      tags: [ Rules ]
-      security:
-        - BearerAuth: [ ]
-        - TokenAuth: [ ]
-      parameters:
-        - in: path
-          name: ruleId
-          required: true
-          schema:
-            type: string
-          description: The unique identifier of a rule
-      requestBody:
-        description: Update Rule request
-        content:
-          'application/json':
-            schema:
-              $ref: '#/components/schemas/RuleRequest'
-      responses:
-        '200':
-          description: A Rule object
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/Rule'
-        '400':
-          "$ref": "#/components/responses/bad_request"
-        '401':
-          "$ref": "#/components/responses/requires_authentication"
-        '403':
-          "$ref": "#/components/responses/forbidden"
-        '500':
-          "$ref": "#/components/responses/internal_error"
-    delete:
-      summary: Delete a Rule
-      description: Delete a rule. This will be deprecated in favour of `/api/policies/{policyID}`.
-      deprecated: true
-      tags: [ Rules ]
-      security:
-        - BearerAuth: [ ]
-        - TokenAuth: [ ]
-      parameters:
-        - in: path
-          name: ruleId
-          required: true
-          schema:
-            type: string
-          description: The unique identifier of a rule
-      responses:
-        '200':
-          description: Delete status code
-          content: { }
-        '400':
-          "$ref": "#/components/responses/bad_request"
-        '401':
-          "$ref": "#/components/responses/requires_authentication"
-        '403':
-          "$ref": "#/components/responses/forbidden"
-        '500':
-          "$ref": "#/components/responses/internal_error"
   /api/policies:
     get:
       summary: List all Policies

management/server/http/handler.go

@@ -85,7 +85,6 @@ func APIHandler(ctx context.Context, accountManager s.AccountManager, LocationMa
 	api.addUsersEndpoint()
 	api.addUsersTokensEndpoint()
 	api.addSetupKeysEndpoint()
-	api.addRulesEndpoint()
 	api.addPoliciesEndpoint()
 	api.addGroupsEndpoint()
 	api.addRoutesEndpoint()
@@ -158,15 +157,6 @@ func (apiHandler *apiHandler) addSetupKeysEndpoint() {
 	apiHandler.Router.HandleFunc("/setup-keys/{keyId}", keysHandler.UpdateSetupKey).Methods("PUT", "OPTIONS")
 }
 
-func (apiHandler *apiHandler) addRulesEndpoint() {
-	rulesHandler := NewRulesHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
-	apiHandler.Router.HandleFunc("/rules", rulesHandler.GetAllRules).Methods("GET", "OPTIONS")
-	apiHandler.Router.HandleFunc("/rules", rulesHandler.CreateRule).Methods("POST", "OPTIONS")
-	apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.UpdateRule).Methods("PUT", "OPTIONS")
-	apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.GetRule).Methods("GET", "OPTIONS")
-	apiHandler.Router.HandleFunc("/rules/{ruleId}", rulesHandler.DeleteRule).Methods("DELETE", "OPTIONS")
-}
-
 func (apiHandler *apiHandler) addPoliciesEndpoint() {
 	policiesHandler := NewPoliciesHandler(apiHandler.AccountManager, apiHandler.AuthCfg)
 	apiHandler.Router.HandleFunc("/policies", policiesHandler.GetAllPolicies).Methods("GET", "OPTIONS")