deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #379 from jsoref/spelling

Browse source 
Spelling
This commit is contained in:
Khanh Ngo 2018-10-02 14:56:25 +07:00 committed by GitHub
parent 4bcc0c3ac4 5158cf93db
commit 4540d9a293
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 38 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/lib/utils.py
View file

@ -30,12 +30,12 @@ def get_idp_data():
global idp_data, idp_timestamp global idp_data, idp_timestamp
lifetime = timedelta(minutes=app.config['SAML_METADATA_CACHE_LIFETIME']) lifetime = timedelta(minutes=app.config['SAML_METADATA_CACHE_LIFETIME'])
if idp_timestamp+lifetime < datetime.now(): if idp_timestamp+lifetime < datetime.now():
background_thread = Thread(target=retreive_idp_data) background_thread = Thread(target=retrieve_idp_data)
background_thread.start() background_thread.start()
return idp_data return idp_data
def retreive_idp_data(): def retrieve_idp_data():
global idp_data, idp_timestamp global idp_data, idp_timestamp
if 'SAML_IDP_SSO_BINDING' in app.config: if 'SAML_IDP_SSO_BINDING' in app.config:
new_idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(app.config['SAML_METADATA_URL'], entity_id=app.config.get('SAML_IDP_ENTITY_ID', None), required_sso_binding=app.config['SAML_IDP_SSO_BINDING']) new_idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(app.config['SAML_METADATA_URL'], entity_id=app.config.get('SAML_IDP_ENTITY_ID', None), required_sso_binding=app.config['SAML_IDP_SSO_BINDING'])
@ -44,9 +44,9 @@ def retreive_idp_data():
if new_idp_data is not None: if new_idp_data is not None:
idp_data = new_idp_data idp_data = new_idp_data
idp_timestamp = datetime.now() idp_timestamp = datetime.now()
print("SAML: IDP Metadata successfully retreived from: " + app.config['SAML_METADATA_URL']) print("SAML: IDP Metadata successfully retrieved from: " + app.config['SAML_METADATA_URL'])
else: else:
print("SAML: IDP Metadata could not be retreived") print("SAML: IDP Metadata could not be retrieved")
if 'TIMEOUT' in app.config.keys(): if 'TIMEOUT' in app.config.keys():

20
app/models.py
View file

@ -102,7 +102,7 @@ class User(db.Model):
return bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt()) return bcrypt.hashpw(pw.encode('utf-8'), bcrypt.gensalt())
def check_password(self, hashed_password): def check_password(self, hashed_password):
# Check hased password. Useing bcrypt, the salt is saved into the hash itself # Check hased password. Using bcrypt, the salt is saved into the hash itself
if (self.plain_text_password): if (self.plain_text_password):
return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8')) return bcrypt.checkpw(self.plain_text_password.encode('utf-8'), hashed_password.encode('utf-8'))
return False return False
@ -440,7 +440,7 @@ class User(db.Model):
def revoke_privilege(self): def revoke_privilege(self):
""" """
Revoke all privielges from a user Revoke all privileges from a user
""" """
user = User.query.filter(User.username == self.username).first() user = User.query.filter(User.username == self.username).first()
@ -452,7 +452,7 @@ class User(db.Model):
return True return True
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot revoke user {0} privielges. DETAIL: {1}'.format(self.username, e)) logging.error('Cannot revoke user {0} privileges. DETAIL: {1}'.format(self.username, e))
return False return False
return False return False
@ -603,7 +603,7 @@ class Account(db.Model):
db.session.commit() db.session.commit()
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot revoke user privielges on account {0}. DETAIL: {1}'.format(self.name, e)) logging.error('Cannot revoke user privileges on account {0}. DETAIL: {1}'.format(self.name, e))
try: try:
for uid in added_ids: for uid in added_ids:
@ -616,7 +616,7 @@ class Account(db.Model):
def revoke_privileges_by_id(self, user_id): def revoke_privileges_by_id(self, user_id):
""" """
Remove a single user from prigilege list based on user_id Remove a single user from privilege list based on user_id
""" """
new_uids = [u for u in self.get_user() if u != user_id] new_uids = [u for u in self.get_user() if u != user_id]
users = [] users = []
@ -635,7 +635,7 @@ class Account(db.Model):
return True return True
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot add user privielges on account {0}. DETAIL: {1}'.format(self.name, e)) logging.error('Cannot add user privileges on account {0}. DETAIL: {1}'.format(self.name, e))
return False return False
def remove_user(self, user): def remove_user(self, user):
@ -648,7 +648,7 @@ class Account(db.Model):
return True return True
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot revoke user privielges on account {0}. DETAIL: {1}'.format(self.name, e)) logging.error('Cannot revoke user privileges on account {0}. DETAIL: {1}'.format(self.name, e))
return False return False
@ -972,7 +972,7 @@ class Domain(db.Model):
if 0 != len(domain_users): if 0 != len(domain_users):
self.name = domain_reverse_name self.name = domain_reverse_name
self.grant_privileges(domain_users) self.grant_privileges(domain_users)
return {'status': 'ok', 'msg': 'New reverse lookup domain created with granted privilages'} return {'status': 'ok', 'msg': 'New reverse lookup domain created with granted privileges'}
return {'status': 'ok', 'msg': 'New reverse lookup domain created without users'} return {'status': 'ok', 'msg': 'New reverse lookup domain created without users'}
return {'status': 'ok', 'msg': 'Reverse lookup domain already exists'} return {'status': 'ok', 'msg': 'Reverse lookup domain already exists'}
@ -1037,7 +1037,7 @@ class Domain(db.Model):
db.session.commit() db.session.commit()
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot revoke user privielges on domain {0}. DETAIL: {1}'.format(self.name, e)) logging.error('Cannot revoke user privileges on domain {0}. DETAIL: {1}'.format(self.name, e))
try: try:
for uid in added_ids: for uid in added_ids:
@ -1046,7 +1046,7 @@ class Domain(db.Model):
db.session.commit() db.session.commit()
except Exception as e: except Exception as e:
db.session.rollback() db.session.rollback()
logging.error('Cannot grant user privielges to domain {0}. DETAIL: {1}'.format(self.name, e)) logging.error('Cannot grant user privileges to domain {0}. DETAIL: {1}'.format(self.name, e))
def update_from_master(self, domain_name): def update_from_master(self, domain_name):
""" """

2
app/static/custom/js/custom.js
View file

@ -129,7 +129,7 @@ function editRow(oTable, nRow) {
jqTds[5].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_save">Save</button>'; jqTds[5].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_save">Save</button>';
jqTds[6].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_cancel">Cancel</button>'; jqTds[6].innerHTML = '<button type="button" class="btn btn-flat btn-primary button_cancel">Cancel</button>';
// set current value of dropdows column // set current value of dropdown column
if (aData[2] == 'Active'){ if (aData[2] == 'Active'){
isDisabled = 'false'; isDisabled = 'false';
} }

2
app/templates/admin_manageuser.html
View file

@ -104,7 +104,7 @@
var info = "Are you sure you want to revoke all privileges for " + username + ". They will not able to access any domain."; var info = "Are you sure you want to revoke all privileges for " + username + ". They will not able to access any domain.";
modal.find('.modal-body p').text(info); modal.find('.modal-body p').text(info);
modal.find('#button_revoke_confirm').click(function() { modal.find('#button_revoke_confirm').click(function() {
var postdata = {'action': 'revoke_user_privielges', 'data': username} var postdata = {'action': 'revoke_user_privileges', 'data': username}
applyChanges(postdata, $SCRIPT_ROOT + '/admin/manageuser'); applyChanges(postdata, $SCRIPT_ROOT + '/admin/manageuser');
modal.modal('hide'); modal.modal('hide');
}) })

6
app/templates/admin_setting_authentication.html
View file

@ -413,7 +413,7 @@
} }
}); });
// init validation reqirement at first time page load // init validation requirement at first time page load
{% if SETTING.get('ldap_enabled') %} {% if SETTING.get('ldap_enabled') %}
$('#ldap_uri').prop('required', true); $('#ldap_uri').prop('required', true);
$('#ldap_base_dn').prop('required', true); $('#ldap_base_dn').prop('required', true);
@ -453,7 +453,7 @@
} }
}); });
// init validation reqirement at first time page load // init validation requirement at first time page load
{% if SETTING.get('google_oauth_enabled') %} {% if SETTING.get('google_oauth_enabled') %}
$('#google_oauth_client_id').prop('required', true); $('#google_oauth_client_id').prop('required', true);
$('#google_oauth_client_secret').prop('required', true); $('#google_oauth_client_secret').prop('required', true);
@ -488,7 +488,7 @@
} }
}); });
// init validation reqirement at first time page load // init validation requirement at first time page load
{% if SETTING.get('google_oauth_enabled') %} {% if SETTING.get('google_oauth_enabled') %}
$('#github_oauth_key').prop('required', true); $('#github_oauth_key').prop('required', true);
$('#github_oauth_secret').prop('required', true); $('#github_oauth_secret').prop('required', true);

2
app/templates/admin_setting_pdns.html
View file

@ -63,7 +63,7 @@
</div> </div>
<div class="box-body"> <div class="box-body">
<dl class="dl-horizontal"> <dl class="dl-horizontal">
<p>You must configure the API connection information before PowerDNS-Admiin can query your PowerDNS data. Following fields are required:</p> <p>You must configure the API connection information before PowerDNS-Admin can query your PowerDNS data. Following fields are required:</p>
<dt>PDNS API URL</dt> <dt>PDNS API URL</dt>
<dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd> <dd>Your PowerDNS API URL (eg. http://127.0.0.1:8081/).</dd>
<dt>PDNS API KEY</dt> <dt>PDNS API KEY</dt>

2
app/templates/user_profile.html
View file

@ -137,7 +137,7 @@
</section> </section>
{% endblock %} {% endblock %}
{% block extrascripts %} {% block extrascripts %}
<!-- TODO: add password and password confirmation comparisson check --> <!-- TODO: add password and password confirmation comparison check -->
<script> <script>
$(function() { $(function() {

12
app/views.py
View file

@ -695,7 +695,7 @@ def domain_management(domain_name):
users = User.query.all() users = User.query.all()
accounts = Account.query.all() accounts = Account.query.all()
# get list of user ids to initilize selection data # get list of user ids to initialize selection data
d = Domain(name=domain_name) d = Domain(name=domain_name)
domain_user_ids = d.get_user() domain_user_ids = d.get_user()
account = d.get_account() account = d.get_account()
@ -706,7 +706,7 @@ def domain_management(domain_name):
# username in right column # username in right column
new_user_list = request.form.getlist('domain_multi_user[]') new_user_list = request.form.getlist('domain_multi_user[]')
# grant/revoke user privielges # grant/revoke user privileges
d = Domain(name=domain_name) d = Domain(name=domain_name)
d.grant_privileges(new_user_list) d.grant_privileges(new_user_list)
@ -793,7 +793,7 @@ def record_apply(domain_name):
else: else:
return make_response(jsonify( result ), 400) return make_response(jsonify( result ), 400)
except Exception as e: except Exception as e:
logging.error('Canot apply record changes. Error: {0}'.format(e)) logging.error('Cannot apply record changes. Error: {0}'.format(e))
logging.debug(traceback.format_exc()) logging.debug(traceback.format_exc())
return make_response(jsonify( {'status': 'error', 'msg': 'Error when applying new changes'} ), 500) return make_response(jsonify( {'status': 'error', 'msg': 'Error when applying new changes'} ), 500)
@ -1204,13 +1204,13 @@ def admin_manageuser():
else: else:
return make_response(jsonify( { 'status': 'error', 'msg': 'Cannot remove user.' } ), 500) return make_response(jsonify( { 'status': 'error', 'msg': 'Cannot remove user.' } ), 500)
elif jdata['action'] == 'revoke_user_privielges': elif jdata['action'] == 'revoke_user_privileges':
user = User(username=data) user = User(username=data)
result = user.revoke_privilege() result = user.revoke_privilege()
if result: if result:
history = History(msg='Revoke {0} user privielges'.format(data), created_by=current_user.username) history = History(msg='Revoke {0} user privileges'.format(data), created_by=current_user.username)
history.add() history.add()
return make_response(jsonify( { 'status': 'ok', 'msg': 'Revoked user privielges.' } ), 200) return make_response(jsonify( { 'status': 'ok', 'msg': 'Revoked user privileges.' } ), 200)
else: else:
return make_response(jsonify( { 'status': 'error', 'msg': 'Cannot revoke user privilege.' } ), 500) return make_response(jsonify( { 'status': 'error', 'msg': 'Cannot revoke user privilege.' } ), 500)

10
config_template.py
View file

@ -25,13 +25,13 @@ SQLA_DB_HOST = '127.0.0.1'
SQLA_DB_NAME = 'pda' SQLA_DB_NAME = 'pda'
SQLALCHEMY_TRACK_MODIFICATIONS = True SQLALCHEMY_TRACK_MODIFICATIONS = True
# DATBASE - MySQL # DATABASE - MySQL
SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME
# DATABSE - SQLite # DATABASE - SQLite
# SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db') # SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
# SAML Authnetication # SAML Authentication
SAML_ENABLED = False SAML_ENABLED = False
SAML_DEBUG = True SAML_DEBUG = True
SAML_PATH = os.path.join(os.path.dirname(__file__), 'saml') SAML_PATH = os.path.join(os.path.dirname(__file__), 'saml')
@ -93,10 +93,10 @@ SAML_ATTRIBUTE_ACCOUNT = 'https://example.edu/pdns-account'
SAML_SP_ENTITY_ID = 'http://<SAML SP Entity ID>' SAML_SP_ENTITY_ID = 'http://<SAML SP Entity ID>'
SAML_SP_CONTACT_NAME = '<contact name>' SAML_SP_CONTACT_NAME = '<contact name>'
SAML_SP_CONTACT_MAIL = '<contact mail>' SAML_SP_CONTACT_MAIL = '<contact mail>'
#Cofigures if SAML tokens should be encrypted. #Configures if SAML tokens should be encrypted.
#If enabled a new app certificate will be generated on restart #If enabled a new app certificate will be generated on restart
SAML_SIGN_REQUEST = False SAML_SIGN_REQUEST = False
#Use SAML standard logout mechanism retreived from idp metadata #Use SAML standard logout mechanism retrieved from idp metadata
#If configured false don't care about SAML session on logout. #If configured false don't care about SAML session on logout.
#Logout from PowerDNS-Admin only and keep SAML session authenticated. #Logout from PowerDNS-Admin only and keep SAML session authenticated.
SAML_LOGOUT = False SAML_LOGOUT = False

6
configs/development.py
View file

@ -24,7 +24,7 @@ SQLALCHEMY_DATABASE_URI = 'mysql://'+DB_USER+':'+DB_PASSWORD+'@'+DB_HOST+'/'+DB_
SQLALCHEMY_MIGRATE_REPO = os.path.join(basedir, 'db_repository') SQLALCHEMY_MIGRATE_REPO = os.path.join(basedir, 'db_repository')
SQLALCHEMY_TRACK_MODIFICATIONS = True SQLALCHEMY_TRACK_MODIFICATIONS = True
# SAML Authnetication # SAML Authentication
SAML_ENABLED = False SAML_ENABLED = False
SAML_DEBUG = True SAML_DEBUG = True
SAML_PATH = os.path.join(os.path.dirname(__file__), 'saml') SAML_PATH = os.path.join(os.path.dirname(__file__), 'saml')
@ -86,10 +86,10 @@ SAML_ATTRIBUTE_ACCOUNT = 'https://example.edu/pdns-account'
SAML_SP_ENTITY_ID = 'http://<SAML SP Entity ID>' SAML_SP_ENTITY_ID = 'http://<SAML SP Entity ID>'
SAML_SP_CONTACT_NAME = '<contact name>' SAML_SP_CONTACT_NAME = '<contact name>'
SAML_SP_CONTACT_MAIL = '<contact mail>' SAML_SP_CONTACT_MAIL = '<contact mail>'
#Cofigures if SAML tokens should be encrypted. #Configures if SAML tokens should be encrypted.
#If enabled a new app certificate will be generated on restart #If enabled a new app certificate will be generated on restart
SAML_SIGN_REQUEST = False SAML_SIGN_REQUEST = False
#Use SAML standard logout mechanism retreived from idp metadata #Use SAML standard logout mechanism retrieved from idp metadata
#If configured false don't care about SAML session on logout. #If configured false don't care about SAML session on logout.
#Logout from PowerDNS-Admin only and keep SAML session authenticated. #Logout from PowerDNS-Admin only and keep SAML session authenticated.
SAML_LOGOUT = False SAML_LOGOUT = False

2
docker/PowerDNS-Admin/Dockerfile
View file

@ -28,7 +28,7 @@ RUN apt-get install -y netcat
# lib for building mysql db driver # lib for building mysql db driver
RUN apt-get install -y libmysqlclient-dev RUN apt-get install -y libmysqlclient-dev
# lib for buiding ldap and ssl-based application # lib for building ldap and ssl-based application
RUN apt-get install -y libsasl2-dev libldap2-dev libssl-dev RUN apt-get install -y libsasl2-dev libldap2-dev libssl-dev
# lib for building python3-saml # lib for building python3-saml

2
migrations/versions/59729e468045_add_view_column_to_setting_table.py
View file

@ -82,7 +82,7 @@ def downgrade():
# ### commands auto generated by Alembic - please adjust! ### # ### commands auto generated by Alembic - please adjust! ###
## NOTE: ## NOTE:
## - Drop action does not work on sqlite3 ## - Drop action does not work on sqlite3
## - This action touchs the `setting` table which loaded in views.py ## - This action touches the `setting` table which loaded in views.py
## during app initlization, so the downgrade function won't work ## during app initlization, so the downgrade function won't work
## unless we temporary remove importing `views` from `app/__init__.py` ## unless we temporary remove importing `views` from `app/__init__.py`
op.drop_column('setting', 'view') op.drop_column('setting', 'view')

2
update_zones.py
View file

@ -1,7 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
#################################################################################################################################### ####################################################################################################################################
# A CLI Script to update list of domains instead from the UI. Can be usefull for people who want to execute updates from a cronjob # A CLI Script to update list of domains instead from the UI. Can be useful for people who want to execute updates from a cronjob
# #
# Tip: # Tip:
# When running from a cron, use flock (you might need to install it) to be sure only one process is running a time. eg: # When running from a cron, use flock (you might need to install it) to be sure only one process is running a time. eg: