From c6e0293177d35da28855c57afd1f7c62259a903d Mon Sep 17 00:00:00 2001 From: WhatshallIbreaktoday <75358410+WhatshallIbreaktoday@users.noreply.github.com> Date: Mon, 7 Dec 2020 22:06:37 +0100 Subject: [PATCH] Tweaks to allow user apikey usage with powerdns terraform provider (#845) --- powerdnsadmin/decorators.py | 2 +- powerdnsadmin/routes/api.py | 23 +++++++++++++---------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/powerdnsadmin/decorators.py b/powerdnsadmin/decorators.py index 805deba..ed87d01 100644 --- a/powerdnsadmin/decorators.py +++ b/powerdnsadmin/decorators.py @@ -236,7 +236,7 @@ def apikey_can_access_domain(f): apikey = g.apikey if g.apikey.role.name not in ['Administrator', 'Operator']: domains = apikey.domains - zone_id = kwargs.get('zone_id') + zone_id = kwargs.get('zone_id').rstrip(".") domain_names = [item.name for item in domains] if zone_id not in domain_names: diff --git a/powerdnsadmin/routes/api.py b/powerdnsadmin/routes/api.py index e0fb134..300dc59 100644 --- a/powerdnsadmin/routes/api.py +++ b/powerdnsadmin/routes/api.py @@ -913,21 +913,12 @@ def api_zone_forward(server_id, zone_id): created_by=g.apikey.description) history.add() elif request.method == 'DELETE': - history = History(msg='Deleted zone {0}'.format(domain.name), + history = History(msg='Deleted zone {0}'.format(zone_id), detail='', created_by=g.apikey.description) history.add() return resp.content, resp.status_code, resp.headers.items() - -@api_bp.route('/servers', methods=['GET']) -@apikey_auth -@apikey_is_admin -def api_server_forward(): - resp = helper.forward_request() - return resp.content, resp.status_code, resp.headers.items() - - @api_bp.route('/servers/', methods=['GET', 'PUT']) @apikey_auth @apikey_is_admin @@ -977,6 +968,18 @@ def api_get_zones(server_id): return resp.content, resp.status_code, resp.headers.items() +@api_bp.route('/servers', methods=['GET']) +@apikey_auth +def api_server_forward(): + resp = helper.forward_request() + return resp.content, resp.status_code, resp.headers.items() + +@api_bp.route('/servers/', methods=['GET']) +@apikey_auth +def api_server_config_forward(server_id): + resp = helper.forward_request() + return resp.content, resp.status_code, resp.headers.items() + # The endpoint to snychronize Domains in background @api_bp.route('/sync_domains', methods=['GET']) @apikey_auth