deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Migrate more config values to db

Browse source
This commit is contained in:
Khanh Ngo 2018-08-21 13:26:27 +07:00
parent 8af7a6ac9e
commit 74a7b5a3b7
5 changed files with 52 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/decorators.py
View file

@ -2,7 +2,7 @@ from functools import wraps
from flask import g, request, redirect, url_for
from app import app
from app.models import Role
from app.models import Role, Setting
def admin_role_required(f):
@ -31,7 +31,7 @@ def can_access_domain(f):
def can_configure_dnssec(f):
@wraps(f)
def decorated_function(*args, **kwargs):
if g.user.role.name != 'Administrator' and app.config['DNSSEC_ADMINS_ONLY']:
if g.user.role.name != 'Administrator' and Setting().get('dnssec_admins_only'):
return redirect(url_for('error', code=401))
return f(*args, **kwargs)

24
app/models.py
View file

@ -9,6 +9,8 @@ import traceback
import pyotp
import re
import dns.reversename
import dns.inet
import dns.name
import sys
import logging as logger
@ -24,14 +26,6 @@ from app.lib import utils
logging = logger.getLogger(__name__)
if 'PRETTY_IPV6_PTR' in app.config.keys():
import dns.inet
import dns.name
PRETTY_IPV6_PTR = app.config['PRETTY_IPV6_PTR']
else:
PRETTY_IPV6_PTR = False
class Anonymous(AnonymousUserMixin):
def __init__(self):
self.username = 'Anonymous'
@ -1244,6 +1238,7 @@ class Record(object):
self.PDNS_API_KEY = Setting().get('pdns_api_key')
self.PDNS_VERSION = Setting().get('pdns_version')
self.API_EXTENDED_URL = utils.pdns_api_extended_uri(self.PDNS_VERSION)
self.PRETTY_IPV6_PTR = Setting().get('pretty_ipv6_ptr')
if StrictVersion(self.PDNS_VERSION) >= StrictVersion('4.0.0'):
self.NEW_SCHEMA = True
@ -1266,7 +1261,7 @@ class Record(object):
rrsets = jdata['rrsets']
for rrset in rrsets:
r_name = rrset['name'].rstrip('.')
if PRETTY_IPV6_PTR: # only if activated
if self.PRETTY_IPV6_PTR: # only if activated
if rrset['type'] == 'PTR': # only ptr
if 'ip6.arpa' in r_name: # only if v6-ptr
r_name = dns.reversename.to_address(dns.name.from_text(r_name))
@ -1371,7 +1366,7 @@ class Record(object):
for r in post_records:
r_name = domain if r['record_name'] in ['@', ''] else r['record_name'] + '.' + domain
r_type = r['record_type']
if PRETTY_IPV6_PTR: # only if activated
if self.PRETTY_IPV6_PTR: # only if activated
if self.NEW_SCHEMA: # only if new schema
if r_type == 'PTR': # only ptr
if ':' in r['record_name']: # dirty ipv6 check
@ -1392,7 +1387,7 @@ class Record(object):
for r in deleted_records:
r_name = r['name'].rstrip('.') + '.' if self.NEW_SCHEMA else r['name']
r_type = r['type']
if PRETTY_IPV6_PTR: # only if activated
if self.PRETTY_IPV6_PTR: # only if activated
if self.NEW_SCHEMA: # only if new schema
if r_type == 'PTR': # only ptr
if ':' in r['name']: # dirty ipv6 check
@ -1414,7 +1409,7 @@ class Record(object):
if self.NEW_SCHEMA:
r_name = r['name'].rstrip('.') + '.'
r_type = r['type']
if PRETTY_IPV6_PTR: # only if activated
if self.PRETTY_IPV6_PTR: # only if activated
if r_type == 'PTR': # only ptr
if ':' in r['name']: # dirty ipv6 check
r_name = r['name']
@ -1459,7 +1454,7 @@ class Record(object):
r_type = key[1]
r_changetype = key[2]
if PRETTY_IPV6_PTR: # only if activated
if self.PRETTY_IPV6_PTR: # only if activated
if r_type == 'PTR': # only ptr
if ':' in r_name: # dirty ipv6 check
r_name = dns.reversename.from_address(r_name).to_text()
@ -1792,6 +1787,9 @@ class Setting(db.Model):
'default_domain_table_size': 10,
'auto_ptr': False,
'allow_quick_edit': True,
'pretty_ipv6_ptr': False,
'dnssec_admins_only': False,
'bg_domain_updates': False,
'site_name': 'PowerDNS-Admin',
'pdns_api_url': '',
'pdns_api_key': '',

2
app/templates/dashboard.html
View file

@ -236,7 +236,7 @@
modal.modal('show');
});
{% if current_user.role.name == 'Administrator' or dnssec_adm_only == false %}
{% if current_user.role.name == 'Administrator' or not SETTING.get('dnssec_admins_only') %}
$(document.body).on("click", ".button_dnssec", function() {
var domain = $(this).prop('id');
getdnssec($SCRIPT_ROOT + '/domain/' + domain + '/dnssec', domain);

7
app/views.py
View file

@ -442,7 +442,8 @@ def dashboard():
if not Setting().get('pdns_api_url') or not Setting().get('pdns_api_key') or not Setting().get('pdns_version'):
return redirect(url_for('admin_setting_pdns'))
if not app.config.get('BG_DOMAIN_UPDATES'):
BG_DOMAIN_UPDATE = Setting().get('bg_domain_updates')
if not BG_DOMAIN_UPDATE:
logging.debug('Update domains in foreground')
d = Domain().update()
else:
@ -460,7 +461,7 @@ def dashboard():
else:
uptime = 0
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, dnssec_adm_only=app.config['DNSSEC_ADMINS_ONLY'], show_bg_domain_button=app.config['BG_DOMAIN_UPDATES'])
return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history, show_bg_domain_button=BG_DOMAIN_UPDATE)
@app.route('/dashboard-domains', methods=['GET'])
@ -573,7 +574,7 @@ def domain(domain_name):
record = Record(name=jr['name'], type=jr['type'], status='Disabled' if subrecord['disabled'] else 'Active', ttl=jr['ttl'], data=subrecord['content'])
records.append(record)
if not re.search('ip6\.arpa|in-addr\.arpa$', domain_name):
editable_records = app.config['RECORDS_ALLOW_EDIT']
editable_records = app.config['FORWARD_RECORDS_ALLOW_EDIT']
else:
editable_records = app.config['REVERSE_RECORDS_ALLOW_EDIT']
return render_template('domain.html', domain=domain, records=records, editable_records=editable_records, quick_edit=quick_edit)

65
migrations/versions/59729e468045_add_view_column_to_setting_table.py
View file

@ -32,37 +32,40 @@ def update_data():
# add more new settings
op.bulk_insert(setting_table,
[
{'id': 8, 'name': 'site_name', 'value': 'PowerDNS-Admin', 'view': 'basic'},
{'id': 9, 'name': 'pdns_api_url', 'value': '', 'view': 'pdns'},
{'id': 10, 'name': 'pdns_api_key', 'value': '', 'view': 'pdns'},
{'id': 11, 'name': 'pdns_version', 'value': '4.1.1', 'view': 'pdns'},
{'id': 12, 'name': 'local_db_enabled', 'value': 'True', 'view': 'authentication'},
{'id': 13, 'name': 'signup_enabled', 'value': 'True', 'view': 'authentication'},
{'id': 14, 'name': 'ldap_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 15, 'name': 'ldap_type', 'value': 'ldap', 'view': 'authentication'},
{'id': 16, 'name': 'ldap_uri', 'value': '', 'view': 'authentication'},
{'id': 17, 'name': 'ldap_base_dn', 'value': '', 'view': 'authentication'},
{'id': 18, 'name': 'ldap_admin_username', 'value': '', 'view': 'authentication'},
{'id': 19, 'name': 'ldap_admin_password', 'value': '', 'view': 'authentication'},
{'id': 20, 'name': 'ldap_filter_basic', 'value': '', 'view': 'authentication'},
{'id': 21, 'name': 'ldap_filter_username', 'value': '', 'view': 'authentication'},
{'id': 22, 'name': 'ldap_sg_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 23, 'name': 'ldap_admin_group', 'value': '', 'view': 'authentication'},
{'id': 24, 'name': 'ldap_user_group', 'value': '', 'view': 'authentication'},
{'id': 25, 'name': 'github_oauth_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 26, 'name': 'github_oauth_key', 'value': '', 'view': 'authentication'},
{'id': 27, 'name': 'github_oauth_secret', 'value': '', 'view': 'authentication'},
{'id': 28, 'name': 'github_oauth_scope', 'value': 'email', 'view': 'authentication'},
{'id': 29, 'name': 'github_oauth_api_url', 'value': 'https://api.github.com/user', 'view': 'authentication'},
{'id': 30, 'name': 'github_oauth_token_url', 'value': 'https://github.com/login/oauth/access_token', 'view': 'authentication'},
{'id': 31, 'name': 'github_oauth_authorize_url', 'value': 'https://github.com/login/oauth/authorize', 'view': 'authentication'},
{'id': 32, 'name': 'google_oauth_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 33, 'name': 'google_oauth_client_id', 'value': '', 'view': 'authentication'},
{'id': 34, 'name': 'google_oauth_client_secret', 'value': '', 'view': 'authentication'},
{'id': 35, 'name': 'google_token_url', 'value': 'https://accounts.google.com/o/oauth2/token', 'view': 'authentication'},
{'id': 36, 'name': 'google_token_params', 'value': "{'scope': 'email profile'}", 'view': 'authentication'},
{'id': 37, 'name': 'google_authorize_url', 'value': 'https://accounts.google.com/o/oauth2/auth', 'view': 'authentication'},
{'id': 38, 'name': 'google_base_url', 'value': 'https://www.googleapis.com/oauth2/v1/', 'view': 'authentication'},
{'id': 8, 'name': 'pretty_ipv6_ptr', 'value': 'False', 'view': 'basic'},
{'id': 9, 'name': 'dnssec_admins_only', 'value': 'False', 'view': 'basic'},
{'id': 10, 'name': 'bg_domain_updates', 'value': 'False', 'view': 'basic'},
{'id': 11, 'name': 'site_name', 'value': 'PowerDNS-Admin', 'view': 'basic'},
{'id': 12, 'name': 'pdns_api_url', 'value': '', 'view': 'pdns'},
{'id': 13, 'name': 'pdns_api_key', 'value': '', 'view': 'pdns'},
{'id': 14, 'name': 'pdns_version', 'value': '4.1.1', 'view': 'pdns'},
{'id': 15, 'name': 'local_db_enabled', 'value': 'True', 'view': 'authentication'},
{'id': 16, 'name': 'signup_enabled', 'value': 'True', 'view': 'authentication'},
{'id': 17, 'name': 'ldap_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 18, 'name': 'ldap_type', 'value': 'ldap', 'view': 'authentication'},
{'id': 19, 'name': 'ldap_uri', 'value': '', 'view': 'authentication'},
{'id': 20, 'name': 'ldap_base_dn', 'value': '', 'view': 'authentication'},
{'id': 21, 'name': 'ldap_admin_username', 'value': '', 'view': 'authentication'},
{'id': 22, 'name': 'ldap_admin_password', 'value': '', 'view': 'authentication'},
{'id': 23, 'name': 'ldap_filter_basic', 'value': '', 'view': 'authentication'},
{'id': 24, 'name': 'ldap_filter_username', 'value': '', 'view': 'authentication'},
{'id': 25, 'name': 'ldap_sg_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 26, 'name': 'ldap_admin_group', 'value': '', 'view': 'authentication'},
{'id': 27, 'name': 'ldap_user_group', 'value': '', 'view': 'authentication'},
{'id': 28, 'name': 'github_oauth_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 29, 'name': 'github_oauth_key', 'value': '', 'view': 'authentication'},
{'id': 30, 'name': 'github_oauth_secret', 'value': '', 'view': 'authentication'},
{'id': 31, 'name': 'github_oauth_scope', 'value': 'email', 'view': 'authentication'},
{'id': 32, 'name': 'github_oauth_api_url', 'value': 'https://api.github.com/user', 'view': 'authentication'},
{'id': 33, 'name': 'github_oauth_token_url', 'value': 'https://github.com/login/oauth/access_token', 'view': 'authentication'},
{'id': 34, 'name': 'github_oauth_authorize_url', 'value': 'https://github.com/login/oauth/authorize', 'view': 'authentication'},
{'id': 35, 'name': 'google_oauth_enabled', 'value': 'False', 'view': 'authentication'},
{'id': 36, 'name': 'google_oauth_client_id', 'value': '', 'view': 'authentication'},
{'id': 37, 'name': 'google_oauth_client_secret', 'value': '', 'view': 'authentication'},
{'id': 38, 'name': 'google_token_url', 'value': 'https://accounts.google.com/o/oauth2/token', 'view': 'authentication'},
{'id': 39, 'name': 'google_token_params', 'value': "{'scope': 'email profile'}", 'view': 'authentication'},
{'id': 40, 'name': 'google_authorize_url', 'value': 'https://accounts.google.com/o/oauth2/auth', 'view': 'authentication'},
{'id': 41, 'name': 'google_base_url', 'value': 'https://www.googleapis.com/oauth2/v1/', 'view': 'authentication'},
]
)