I want to apply network access control for Node-Red flows. For example, TCP node clearly express its network access through host and port properties. However, not all nodes express their network IP/Port. For example, "wiotp out", "twitter", "Websocket".
What is the best way to figure out exactly what access control does flow need?
Which part of the source code handle node network access requirement?
You can google what ports a websocket uses.
For the twitter node either look at the source code or at Twitter's API docs.
That's my last option. Looking for what IP/port each node is using outside Node-red seems not efficient solution.
I want to automate access control by extracting from node-red flow what network IP/port nodes require. I am thinking of reusing or accessing any prepossessed file that reveals nodes that need network access in Node-red.
There are OS tools that will let you see what process is using what ports and endpoints.
If the help information isn't clear for a specific node, I would suggest contacting the author and helping them update their documentation.
I don't think there is any way of extracting that information from the flow, since the information is not included in the flow. Anyone can develop a node that accesses any port they like, and there is no way of reliably knowing by examining the flow what that port might be. Even examining all the installed nodes would not reliably tell you as the port used might not be obvious from the code. It can also come from system environment variables so you would have to know which environment variables to look at, and they might be different from one run to the next.
I think I get what I was looking for.
There is a activeNodes object (in node-red/red/runtime/nodes/flows/flows.js) contains nodes with more details about network connections.