I want to apply network access control for Node-Red flows. For example, TCP node clearly express its network access through host and port properties. However, not all nodes express their network IP/Port. For example, "wiotp out", "twitter", "Websocket".
What is the best way to figure out exactly what access control does flow need?
Which part of the source code handle node network access requirement?
That's my last option. Looking for what IP/port each node is using outside Node-red seems not efficient solution.
I want to automate access control by extracting from node-red flow what network IP/port nodes require. I am thinking of reusing or accessing any prepossessed file that reveals nodes that need network access in Node-red.
I don't think there is any way of extracting that information from the flow, since the information is not included in the flow. Anyone can develop a node that accesses any port they like, and there is no way of reliably knowing by examining the flow what that port might be. Even examining all the installed nodes would not reliably tell you as the port used might not be obvious from the code. It can also come from system environment variables so you would have to know which environment variables to look at, and they might be different from one run to the next.
I think I get what I was looking for.
There is a activeNodes object (in node-red/red/runtime/nodes/flows/flows.js) contains nodes with more details about network connections.