[management] adding account id validation to accessible peers handler

[pascal-fischer]

Describe your changes

Issue ticket number and link

Stack

Checklist

• Is it a bug fix
• Is a typo/documentation fix
• Is a feature enhancement
• It is a refactor
• Created tests that fail without the change (if possible)

By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.

Documentation

Select exactly one:

• I added/updated documentation for this change
• Documentation is not needed for this change (explain why)

Docs PR URL (required if "docs added" is checked)

Paste the PR link from https://github.com/netbirdio/docs here:

https://github.com/netbirdio/docs/pull/__

Summary by CodeRabbit

• New Features

  • Peers API now enforces fine-grained permissions and returns “permission denied” when access is not allowed, before loading account data.
  • Behavior is more secure and predictable with restricted permissions; no action needed for typical usage.

• Tests

  • Test coverage updated to validate the new permission checks and access-denial paths.

[coderabbitai]

📝 Walkthrough

Walkthrough

Integrates a permissions manager into the peers HTTP handler and wiring. Handler struct, constructor, and AddEndpoints signature are updated; GetAccessiblePeers now checks permissions before loading account data. Server HTTP initialization passes the new permissionsManager to peers.AddEndpoints.

Changes

Cohort / File(s)	Summary
Server wiring management/server/http/handler.go	Call to peers.AddEndpoints updated to pass permissionsManager; import block reordered (no functional change).
Peers handler & endpoints management/server/http/handlers/peers/peers_handler.go	Adds permissionsManager field to Handler, updates AddEndpoints and NewHandler signatures to accept it, and moves permission check ahead of account loading in GetAccessiblePeers, adding a permission-denied path.
Peers handler tests management/server/http/handlers/peers/peers_handler_test.go	Tests updated to inject a mock permissions.Manager, adjust gomock import alias, and set expectations for ValidateAccountAccess to exercise the new permission flow.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Client
    participant Router as HTTP Router
    participant Peers as Peers Handler
    participant Perm as Permissions Manager
    participant Acct as Account Manager
    participant NMap as Network Map Controller

    Client->>Router: GET /peers/access
    Router->>Peers: Route request
    Peers->>Perm: ValidateAccountAccess
    alt Permission denied
        Perm-->>Peers: Denied
        Peers-->>Client: 403 Forbidden
    else Permission granted
        Perm-->>Peers: Allowed
        Peers->>Acct: Load account
        Acct-->>Peers: Account details
        Peers->>NMap: Fetch accessible peers
        NMap-->>Peers: Peer list
        Peers-->>Client: 200 OK + peers
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• [management] Refactor network map controller #4789: Similar changes to peers handler wiring/signature to accept and pass a permissions manager into peers endpoints.

Poem

I thump my paws—new gates appear,
A kindly check to keep friends near.
Hop through guards, then fetch the peers,
Map the burrows, calm my fears.
Carrots safe, the path is clear. 🥕🐇

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description follows the template structure but lacks implementation details in the 'Describe your changes' section and does not explain why the bug fix was necessary.	Add a detailed explanation of what account ID validation was missing, why it's needed, and how the permissions manager integration addresses the issue.
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: adding account ID validation to the accessible peers handler, which is reflected in the permissions manager integration in the changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/accessible-peers-account-validation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@management/server/http/handlers/peers/peers_handler_test.go`:
- Around line 16-24: The test mixes two gomock
forks—github.com/golang/mock/gomock and go.uber.org/mock/gomock—causing
matcher/controller type mismatches; pick one fork and update imports and mock
types accordingly (prefer the existing github.com/golang/mock/gomock used by
permissions and settings mocks). Replace usages of ugomock (and
network_map.MockController generated for the uber fork) with the golang/mock
equivalents (network_map.MockController regenerated or updated to the
golang/mock package), change any ugomock.NewController calls to
gomock.NewController, and ensure all matcher uses (e.g., gomock.Any()) and mock
expectations reference the same gomock package throughout the file.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, find and examine the test file
head -30 management/server/http/handlers/peers/peers_handler_test.go

Repository: netbirdio/netbird

Length of output: 833

---

🏁 Script executed:

# Search for mock generation code to determine which gomock fork is used
rg -n --type=go 'NewMockManager|MockManager' -A 3 -B 3

Repository: netbirdio/netbird

Length of output: 50373

---

🏁 Script executed:

# Check gomock imports across the mock files
rg --type=go 'go\.uber\.org/mock/gomock|github\.com/golang/mock/gomock' -l | head -20

Repository: netbirdio/netbird

Length of output: 1002

---

🏁 Script executed:

# Examine the permissions mock specifically
find . -name '*mock*.go' -type f | xargs rg -l 'MockManager' 2>/dev/null

Repository: netbirdio/netbird

Length of output: 286

---

🏁 Script executed:

# Check the actual test file for the specific lines mentioned
sed -n '16,24p; 107,118p; 208p' management/server/http/handlers/peers/peers_handler_test.go

Repository: netbirdio/netbird

Length of output: 895

---

🏁 Script executed:

# Find network_map mock files
find . -name '*mock*.go' -type f | xargs grep -l 'NewMockController\|type.*Controller' | grep -i network

Repository: netbirdio/netbird

Length of output: 125

---

🏁 Script executed:

# Search for NewMockController definition in network_map
rg -A 5 'func NewMockController' --type=go

Repository: netbirdio/netbird

Length of output: 608

---

🏁 Script executed:

# Check the network_map module structure
find . -path '*/network_map/*' -name '*.go' | head -20

Repository: netbirdio/netbird

Length of output: 914

---

🏁 Script executed:

# Check which gomock fork is imported in network_map's mock file
head -20 management/internals/controllers/network_map/interface_mock.go | grep gomock

Repository: netbirdio/netbird

Length of output: 94

---

🏁 Script executed:

# Get more context from the network_map mock file
head -30 management/internals/controllers/network_map/interface_mock.go

Repository: netbirdio/netbird

Length of output: 1039

---

🏁 Script executed:

# Verify the exact line where gomock.Any() is used with the uber controller
sed -n '107,120p' management/server/http/handlers/peers/peers_handler_test.go

Repository: netbirdio/netbird

Length of output: 531

---

🏁 Script executed:

# Let me verify the exact imports at the top of the test file to confirm both forks are used
sed -n '1,30p' management/server/http/handlers/peers/peers_handler_test.go

Repository: netbirdio/netbird

Length of output: 833

---

Avoid mixing gomock forks in a single test.

You import both github.com/golang/mock/gomock and go.uber.org/mock/gomock (aliased as ugomock) and create controllers from each fork. The issue is more subtle than initially apparent: the network_map.MockController uses the uber fork, but at line 111, you call GetDNSDomain(gomock.Any()) using the golang fork's matcher with an uber-fork controller. This creates a type mismatch. Additionally, the permissions mocks already use the golang fork, so the test inconsistently mixes both forks across different components.

Standardize on the golang fork throughout this test (already used by permissions and settings mocks), or switch entirely to the uber fork. The simpler fix is to consolidate on the golang fork:

✅ Suggested consolidation (standardize on golang/mock fork)

 	"github.com/golang/mock/gomock"
 	"github.com/gorilla/mux"
-	ugomock "go.uber.org/mock/gomock"
 	"golang.org/x/exp/maps"
@@
-	ctrl := ugomock.NewController(t)
+	ctrl := gomock.NewController(t)
 
 	networkMapController := network_map.NewMockController(ctrl)
 	networkMapController.EXPECT().
 		GetDNSDomain(gomock.Any()).
 		Return("domain").
 		AnyTimes()
 
-	ctrl2 := gomock.NewController(t)
-	permissionsManager := permissions.NewMockManager(ctrl2)
+	permissionsManager := permissions.NewMockManager(ctrl)
 	permissionsManager.EXPECT().ValidateAccountAccess(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).AnyTimes()

Note: This requires regenerating or updating network_map.MockController to use the golang/mock fork.

🤖 Prompt for AI Agents

In `@management/server/http/handlers/peers/peers_handler_test.go` around lines 16
- 24, The test mixes two gomock forks—github.com/golang/mock/gomock and
go.uber.org/mock/gomock—causing matcher/controller type mismatches; pick one
fork and update imports and mock types accordingly (prefer the existing
github.com/golang/mock/gomock used by permissions and settings mocks). Replace
usages of ugomock (and network_map.MockController generated for the uber fork)
with the golang/mock equivalents (network_map.MockController regenerated or
updated to the golang/mock package), change any ugomock.NewController calls to
gomock.NewController, and ensure all matcher uses (e.g., gomock.Any()) and mock
expectations reference the same gomock package throughout the file.