Problem regarding modifying the ACL using the API

[bogdanml999]

I am new to netmaker. I have been trying to automate some netmaker actions using the API but I have some problems regarding the ACL. From API documentation, it seems that I need to use the PUT method on route /api/networks/networkname/acls with a body like:

{
	"src_host_id: {
		"dest_host_id" : 1
	}
}

The api request doesn't return any errors, and it modifies the acl json, as I tried to retrieve it afterwards. The problem is that this call does not affect permissions in any way. The ACL on the UI stays the same. What I thought is that this works by putting inside the body the source host , the destination host and a value of 1 for deny and 2 for allowing access. Is there something that I'm missing? Is this the way it is supposed to work?

Thank you

[Aceix]

Hi @bogdanml999, yes that's how it works but you'd have to submit the data for all hosts (not only the ones you want to update). You might want to check this PR too, if you want uniform ACL support for clients as well https://github.com/gravitl/netmaker/pull/2803

[bogdanml999]

Thank you @Aceix . Also I noticed that the Hosts have different IDs on ACL than what appears on a host info page (/hosts/host-id). The value of host id on ACL is one of the 'nodes' list values. If this is the case, then if I add a host to a network, the host id to be used in ACL will be the last value on the nodes list? Am I right?

[Aceix]

Yes the ACLs use node IDs; nodes are basically a host's representation under a particular network. These node IDs are non-deterministic UUIDs so you'd be able to correctly configure ACLs only after the host has joined the network