Net 1784 latest (#3250)

* fix all resources rules

* for any service set defaults

controllers/acls.go

@@ -207,6 +207,10 @@ func createAcl(w http.ResponseWriter, r *http.Request) {
 	acl.CreatedBy = user.UserName
 	acl.CreatedAt = time.Now().UTC()
 	acl.Default = false
+	if acl.ServiceType == models.Any {
+		acl.Port = []string{}
+		acl.Proto = models.ALL
+	}
 	// validate create acl policy
 	if !logic.IsAclPolicyValid(acl) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("invalid policy"), "badrequest"))

logic/acls.go

@@ -325,6 +325,10 @@ func UpdateAcl(newAcl, acl models.Acl) error {
 		acl.Proto = newAcl.Proto
 		acl.ServiceType = newAcl.ServiceType
 	}
+	if newAcl.ServiceType == models.Any {
+		acl.Port = []string{}
+		acl.Proto = models.ALL
+	}
 	acl.Enabled = newAcl.Enabled
 	d, err := json.Marshal(acl)
 	if err != nil {
@@ -844,6 +848,7 @@ func GetAclRulesForNode(targetnode *models.Node) (rules map[string]models.AclRul
 	}
 
 	acls := listDevicePolicies(models.NetworkID(targetnode.Network))
+	targetnode.Tags["*"] = struct{}{}
 	for nodeTag := range targetnode.Tags {
 		for _, acl := range acls {
 			if !acl.Enabled {
@@ -944,7 +949,8 @@ func GetAclRulesForNode(targetnode *models.Node) (rules map[string]models.AclRul
 					}
 				}
 			} else {
-				if _, ok := dstTags[nodeTag.String()]; ok {
+				_, all := dstTags["*"]
+				if _, ok := dstTags[nodeTag.String()]; ok || all {
 					// get all src tags
 					for src := range srcTags {
 						if src == nodeTag.String() {

logic/nodes.go

@@ -829,6 +829,7 @@ func GetTagMapWithNodesByNetwork(netID models.NetworkID, withStaticNodes bool) (
 			tagNodesMap[nodeTagID] = append(tagNodesMap[nodeTagID], nodeI)
 		}
 	}
+	tagNodesMap["*"] = nodes
 	if !withStaticNodes {
 		return
 	}
@@ -850,6 +851,10 @@ func AddTagMapWithStaticNodes(netID models.NetworkID,
 				IsStatic:   true,
 				StaticNode: extclient,
 			})
+			tagNodesMap["*"] = append(tagNodesMap["*"], models.Node{
+				IsStatic:   true,
+				StaticNode: extclient,
+			})
 		}
 
 	}