deblan/PowerDNS-Admin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Deny to delete 'SOA' record

Browse source
This commit is contained in:
Vadim Aleksandrov 2018-01-23 12:08:50 +03:00
parent 0355fe4293
commit cff534890f
3 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
app/models.py
View file

@ -891,7 +891,7 @@ class Record(object):
list_deleted_records = [x for x in list_current_records if x not in list_new_records] list_deleted_records = [x for x in list_current_records if x not in list_new_records]
# convert back to list of hash # convert back to list of hash
deleted_records = [x for x in current_records if [x['name'],x['type']] in list_deleted_records and x['type'] in app.config['RECORDS_ALLOW_EDIT']] deleted_records = [x for x in current_records if [x['name'],x['type']] in list_deleted_records and (x['type'] in app.config['RECORDS_ALLOW_EDIT'] and x['type'] != 'SOA')]
# return a tuple # return a tuple
return deleted_records, new_records return deleted_records, new_records
@ -1126,12 +1126,18 @@ class Record(object):
logging.error("Cannot remove record %s/%s/%s from domain %s" % (self.name, self.type, self.data, domain)) logging.error("Cannot remove record %s/%s/%s from domain %s" % (self.name, self.type, self.data, domain))
return {'status': 'error', 'msg': 'There was something wrong, please contact administrator'} return {'status': 'error', 'msg': 'There was something wrong, please contact administrator'}
def is_allowed(self): def is_allowed_edit(self):
""" """
Check if record is allowed to edit/removed Check if record is allowed to edit
""" """
return self.type in app.config['RECORDS_ALLOW_EDIT'] return self.type in app.config['RECORDS_ALLOW_EDIT']
def is_allowed_delete(self):
"""
Check if record is allowed to removed
"""
return (self.type in app.config['RECORDS_ALLOW_EDIT'] and self.type != 'SOA')
def exists(self, domain): def exists(self, domain):
""" """
Check if record is present within domain records, and if it's present set self to found record Check if record is present within domain records, and if it's present set self to found record

12
app/templates/domain.html
View file

@ -70,25 +70,23 @@
</td> </td>
{% if domain.type != 'Slave' %} {% if domain.type != 'Slave' %}
<td width="6%"> <td width="6%">
{% if record.is_allowed() %} {% if record.is_allowed_edit() %}
<button type="button" class="btn btn-flat btn-warning button_edit" id="{{ (record.name,domain.name)|display_record_name }}">Edit&nbsp;<i class="fa fa-edit"></i></button> <button type="button" class="btn btn-flat btn-warning button_edit" id="{{ (record.name,domain.name)|display_record_name }}">Edit&nbsp;<i class="fa fa-edit"></i></button>
{% else %} {% else %}
<button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button> <button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
{% endif %} {% endif %}
</td> </td>
<td width="6%"> <td width="6%">
{% if record.is_allowed() %} {% if record.is_allowed_delete() %}
<button type="button" class="btn btn-flat btn-danger button_delete" id="{{ (record.name,domain.name)|display_record_name }}">Delete&nbsp;<i class="fa fa-trash"></i></button> <button type="button" class="btn btn-flat btn-danger button_delete" id="{{ (record.name,domain.name)|display_record_name }}">Delete&nbsp;<i class="fa fa-trash"></i></button>
{% else %}
<button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
{% endif %} {% endif %}
{% else %} {% else %}
<td width="6%"> <td width="6%">
<button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button> <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
</td> </td>
<td width="6%"> <td width="6%">
<button type="button" class="btn btn-flat btn-warning"">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button> <button type="button" class="btn btn-flat btn-warning">&nbsp;&nbsp;<i class="fa fa-exclamation-circle"></i>&nbsp;&nbsp;</button>
</td> </td>
{% endif %} {% endif %}
</td> </td>
<!-- hidden column that we can sort on --> <!-- hidden column that we can sort on -->

4
app/views.py
View file

@ -966,7 +966,7 @@ def dyndns_update():
r = Record() r = Record()
r.name = hostname r.name = hostname
# check if the user requested record exists within this domain # check if the user requested record exists within this domain
if r.exists(domain.name) and r.is_allowed: if r.exists(domain.name) and r.is_allowed_edit():
if r.data == myip: if r.data == myip:
# record content did not change, return 'nochg' # record content did not change, return 'nochg'
history = History(msg="DynDNS update: attempted update of %s but record did not change" % hostname, created_by=current_user.username) history = History(msg="DynDNS update: attempted update of %s but record did not change" % hostname, created_by=current_user.username)
@ -981,7 +981,7 @@ def dyndns_update():
return render_template('dyndns.html', response='good'), 200 return render_template('dyndns.html', response='good'), 200
else: else:
return render_template('dyndns.html', response='911'), 200 return render_template('dyndns.html', response='911'), 200
elif r.is_allowed: elif r.is_allowed_edit():
ondemand_creation = DomainSetting.query.filter(DomainSetting.domain == domain).filter(DomainSetting.setting == 'create_via_dyndns').first() ondemand_creation = DomainSetting.query.filter(DomainSetting.domain == domain).filter(DomainSetting.setting == 'create_via_dyndns').first()
if (ondemand_creation != None) and (strtobool(ondemand_creation.value) == True): if (ondemand_creation != None) and (strtobool(ondemand_creation.value) == True):
record = Record(name=hostname,type='A',data=myip,status=False,ttl=3600) record = Record(name=hostname,type='A',data=myip,status=False,ttl=3600)