Programatic adoption of Gateways (#2789)

* programmatic gateway adoption

* sse, api tests

* Merge branch 'release/2.0' of https://github.com/DefGuard/defguard into
mass-migration

* Update lib.rs

* gateway adoption e2e tests

* fix logs

* suggestions

* Update component_setup.rs

Author: t-aleksander

crates/defguard_core/src/handlers/component_setup.rs

@@ -130,7 +130,7 @@ use crate::{
             totp_disable, totp_enable, totp_secret, webauthn_end, webauthn_finish, webauthn_init,
             webauthn_start,
         },
-        component_setup::setup_gateway_tls_stream,
+        component_setup::{adopt_gateway, setup_gateway_tls_stream},
         core_certs::{get_ca, get_certs, set_external_url_settings, set_internal_url_settings},
         forward_auth::forward_auth,
         gateway::{delete_gateway, gateway_details, gateway_list, update_gateway},
@@ -594,6 +594,8 @@ pub fn build_webapp(
                     .delete(delete_network)
                     .get(network_details),
             )
+            // Programmatic gateway adoption (REST)
+            .route("/network/{network_id}/gateways/adopt", post(adopt_gateway))
             .route("/network/{network_id}/gateways", get(gateway_status))
             .route("/network/{network_id}/devices", post(add_user_devices))
             .route(

crates/defguard_core/src/lib.rs

@@ -16,7 +16,10 @@ use defguard_common::{
     config::DefGuardConfig,
     db::{
         Id,
-        models::{Device, Settings, User, WireguardNetwork, settings::initialize_current_settings},
+        models::{
+            Certificates, Device, Settings, User, WireguardNetwork,
+            settings::initialize_current_settings,
+        },
     },
     secret::SecretStringWrapper,
 };
@@ -281,6 +284,31 @@ pub(crate) fn generate_expired_test_cert_pem(common_name: &str) -> (String, Stri
     (cert_pem, key_pem)
 }
 
+/// Seed the database with a self-signed CA so that gateway/proxy adoption tests can proceed.
+pub(crate) async fn setup_ca(pool: &PgPool) {
+    let ca = CertificateAuthority::new("Test CA", "test@example.com", 365)
+        .expect("failed to create test CA");
+    let mut certs = Certificates::get_or_default(pool)
+        .await
+        .expect("failed to load certificates");
+    certs.ca_cert_der = Some(ca.cert_der().to_vec());
+    certs.ca_key_der = Some(ca.key_pair_der().to_vec());
+    certs.save(pool).await.expect("failed to save CA certs");
+}
+
+/// Override the global license cache with an Enterprise-tier license.
+pub(crate) fn set_enterprise_license() {
+    set_cached_license(Some(License::new(
+        "test_customer".to_string(),
+        false,
+        None,
+        None,
+        None,
+        LicenseTier::Enterprise,
+        SupportType::Basic,
+    )));
+}
+
 /// Set minimal SMTP fields on a [`Settings`] so that `smtp_configured()` returns `true`.
 pub(crate) fn configure_smtp(settings: &mut Settings) {
     settings.smtp_server = Some("smtp.example.com".into());