From d0b500b5c53b42403d70a9d9dc924e85cc7c44a0 Mon Sep 17 00:00:00 2001
From: Pallab Pain <pallabkumarpain@gmail.com>
Date: Thu, 7 Mar 2024 09:26:24 +0530
Subject: [PATCH] fix: addresses review comments (fixup)

---
 hscontrol/app.go       | 24 ++++++++++--------------
 hscontrol/grpcv1.go    |  5 +++--
 hscontrol/types/acl.go |  6 +++---
 3 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/hscontrol/app.go b/hscontrol/app.go
index d8461759dfb..1d7fa8a39e0 100644
--- a/hscontrol/app.go
+++ b/hscontrol/app.go
@@ -771,6 +771,16 @@ func (h *Headscale) Serve() error {
 				if err := h.loadACLPolicy(); err != nil {
 					log.Error().Err(err).Msg("failed to reload ACL policy")
 				}
+
+				if h.ACLPolicy != nil {
+					log.Info().
+						Msg("ACL policy successfully reloaded, notifying nodes of change")
+
+					ctx := types.NotifyCtx(context.Background(), "acl-sighup", "na")
+					h.nodeNotifier.NotifyAll(ctx, types.StateUpdate{
+						Type: types.StateFullUpdate,
+					})
+				}
 			default:
 				log.Info().
 					Str("signal", sig.String()).
@@ -933,10 +943,6 @@ func (h *Headscale) loadACLPolicy() error {
 			}
 
 			h.ACLPolicy = pol
-
-			log.Info().
-				Str("path", aclPath).
-				Msg("ACL policy successfully loaded, notifying nodes of change")
 		}
 	case types.ACLPolicyModeDB:
 		acl, err := h.db.GetACL()
@@ -955,22 +961,12 @@ func (h *Headscale) loadACLPolicy() error {
 		}
 
 		h.ACLPolicy = pol
-
-		log.Info().
-			Msg("ACL policy successfully reloaded, notifying nodes of change")
 	default:
 		log.Warn().
 			Str("mode", string(h.cfg.ACL.PolicyMode)).
 			Msg("Unknown ACL policy mode")
 	}
 
-	if h.ACLPolicy != nil {
-		ctx := types.NotifyCtx(context.Background(), "acl-sighup", "na")
-		h.nodeNotifier.NotifyAll(ctx, types.StateUpdate{
-			Type: types.StateFullUpdate,
-		})
-	}
-
 	return nil
 }
 
diff --git a/hscontrol/grpcv1.go b/hscontrol/grpcv1.go
index 617c32180a2..8f72d2520ee 100644
--- a/hscontrol/grpcv1.go
+++ b/hscontrol/grpcv1.go
@@ -691,8 +691,6 @@ func (api headscaleV1APIServer) SetACL(
 		return nil, errors.Wrap(err, types.ErrInvalidACLPolicyFormat.Error())
 	}
 
-	api.h.ACLPolicy = a
-
 	resp, err := api.h.db.SetACL(&types.ACL{
 		Policy: polBytes,
 	})
@@ -700,6 +698,9 @@ func (api headscaleV1APIServer) SetACL(
 		return nil, err
 	}
 
+	// Set the new policy in the ACLPolicy and notify all nodes.
+	api.h.ACLPolicy = a
+
 	ctx := types.NotifyCtx(context.Background(), "acl-update", "na")
 	api.h.nodeNotifier.NotifyAll(ctx, types.StateUpdate{
 		Type: types.StateFullUpdate,
diff --git a/hscontrol/types/acl.go b/hscontrol/types/acl.go
index 7b9fd6ed5b8..5612b2f140b 100644
--- a/hscontrol/types/acl.go
+++ b/hscontrol/types/acl.go
@@ -22,9 +22,9 @@ type ACL struct {
 	ID     uint64 `gorm:"primary_key"`
 	Policy datatypes.JSON
 
-	CreatedAt  *time.Time
-	Expiration *time.Time
-	LastSeen   *time.Time
+	CreatedAt time.Time
+	UpdatedAt time.Time
+	DeletedAt *time.Time
 }
 
 func (a *ACL) Proto() *v1.ACL {