From bac3fd1dfb093f13b0025b60210345ee9178e584 Mon Sep 17 00:00:00 2001
From: Lukas Metzger <developer@lukas-metzger.com>
Date: Mon, 26 Mar 2018 20:14:45 +0200
Subject: [PATCH] Added GET /domains/{domainId}/soa

---
 backend/src/controllers/Domains.php |  23 ++++++
 backend/src/operations/Soa.php      |  32 ++++++++
 backend/src/public/index.php        |   1 +
 backend/test/tests/domain-soa.js    | 116 ++++++++++++++++++++++++++--
 4 files changed, 164 insertions(+), 8 deletions(-)

diff --git a/backend/src/controllers/Domains.php b/backend/src/controllers/Domains.php
index cacc780..47d8718 100644
--- a/backend/src/controllers/Domains.php
+++ b/backend/src/controllers/Domains.php
@@ -202,4 +202,27 @@ class Domains
             return $res->withJson(['error' => 'SOA can not be set for slave domains'], 405);
         }
     }
+
+    public function getSoa(Request $req, Response $res, array $args)
+    {
+        $userId = $req->getAttribute('userId');
+        $domainId = $args['domainId'];
+
+        $ac = new \Operations\AccessControl($this->c);
+        if (!$ac->canAccessDomain($userId, $domainId)) {
+            $this->logger->info('Non admin user tries to get domain without permission.');
+            return $res->withJson(['error' => 'You have no permissions for this domain.'], 403);
+        }
+
+        $soa = new \Operations\Soa($this->c);
+
+        try {
+            $soaArray = $soa->getSoa($domainId);
+
+            return $res->withJson($soaArray, 200);
+        } catch (\Exceptions\NotFoundException $e) {
+            $this->logger->debug('User tried to get non existing soa.', ['domainId' => $domainId]);
+            return $res->withJson(['error' => 'This domain has no soa record.'], 404);
+        }
+    }
 }
diff --git a/backend/src/operations/Soa.php b/backend/src/operations/Soa.php
index 080b426..c02a470 100644
--- a/backend/src/operations/Soa.php
+++ b/backend/src/operations/Soa.php
@@ -110,6 +110,38 @@ class Soa
         $this->db->commit();
     }
 
+    /**
+     * Get soa record for domain
+     * 
+     * @param   $domainId   Domain to get soa from
+     * 
+     * @return  array       Soa data as associative array
+     */
+    public function getSoa(int $domainId)
+    {
+        $query = $this->db->prepare('SELECT content FROM records WHERE domain_id=:domainId AND type=\'SOA\'');
+        $query->bindValue(':domainId', $domainId, \PDO::PARAM_INT);
+        $query->execute();
+
+        $record = $query->fetch();
+
+        if ($record === false) {
+            throw new \Exceptions\NotFoundException();
+        }
+
+        $soaArray = explode(' ', $record['content']);
+
+        return [
+            'primary' => $soaArray[0],
+            'email' => $this->toEmail($soaArray[1]),
+            'serial' => intval($soaArray[2]),
+            'refresh' => intval($soaArray[3]),
+            'retry' => intval($soaArray[4]),
+            'expire' => intval($soaArray[5]),
+            'ttl' => intval($soaArray[6])
+        ];
+    }
+
     /**
      * Increases the serial number of the given domain to the next required.
      * 
diff --git a/backend/src/public/index.php b/backend/src/public/index.php
index 4b97a8c..e2132ac 100644
--- a/backend/src/public/index.php
+++ b/backend/src/public/index.php
@@ -34,6 +34,7 @@ $app->group('/v1', function () {
         $this->put('/domains/{domainId}', '\Controllers\Domains:put');
 
         $this->put('/domains/{domainId}/soa', '\Controllers\Domains:putSoa');
+        $this->get('/domains/{domainId}/soa', '\Controllers\Domains:getSoa');
     })->add('\Middlewares\Authentication');
 });
 
diff --git a/backend/test/tests/domain-soa.js b/backend/test/tests/domain-soa.js
index 3f52d43..e76f7f3 100644
--- a/backend/test/tests/domain-soa.js
+++ b/backend/test/tests/domain-soa.js
@@ -48,20 +48,120 @@ test.run(async function () {
 
         assert.equal(res.status, 422, 'Updating SOA with missing fields should fail.');
 
+        //Getting soa data from master zone without soa should fail
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'get'
+        });
+
+        assert.equal(res.status, 404, 'Not existing soa should trigger error');
+
+        //Getting soa data from slave zone should fail
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'get'
+        });
+
+        assert.equal(res.status, 404, 'Geting soa from slave should trigger error');
+
+        //Soa data for test
+        var soaData = {
+            primary: 'ns1.example.com',
+            email: 'hostmaster@example.com',
+            refresh: 3600,
+            retry: 900,
+            expire: 604800,
+            ttl: 86400
+        };
+
         //Set soa for zone without one
         var res = await req({
             url: '/domains/1/soa',
             method: 'put',
-            data: {
-                primary: 'ns1.example.com',
-                email: 'hostmaster@example.com',
-                refresh: 3600,
-                retry: 900,
-                expire: 604800,
-                ttl: 86400
-            }
+            data: soaData
         });
 
         assert.equal(res.status, 204, 'Updating SOA for Zone without one should succeed.');
+
+        //Get the new soa
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'get'
+        });
+
+        assert.equal(res.status, 200, 'Getting soa should succeed.');
+        const firstSerial = res.data.serial;
+        delete res.data['serial'];
+        assert.equal(res.data, soaData, 'The set and get data should be equal');
+
+        //Soa data for update test
+        soaData = {
+            primary: 'ns2.example.com',
+            email: 'hostmasterFoo@example.com',
+            refresh: 3601,
+            retry: 901,
+            expire: 604801,
+            ttl: 86401
+        };
+
+        //Update soa with new values
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'put',
+            data: soaData
+        });
+
+        assert.equal(res.status, 204, 'Updating SOA for Zone should succeed.');
+
+        //Check if update suceeded
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'get'
+        });
+
+        assert.equal(res.status, 200, 'Getting updated soa should succeed.');
+        assert.true(firstSerial < res.data.serial, 'Serial value should increase with update');
+        delete res.data['serial'];
+        assert.equal(res.data, soaData, 'The set and get data should be equal after update');
+    });
+
+    await test('user', async function (assert, req) {
+        //Soa data for test
+        var soaData = {
+            primary: 'ns1.example.com',
+            email: 'hostmaster@example.com',
+            refresh: 3600,
+            retry: 900,
+            expire: 604800,
+            ttl: 86400
+        };
+
+        //Updating soa for domain with permissions should work
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'put',
+            data: soaData
+        });
+
+        assert.equal(res.status, 204, 'Updating SOA for Zone should succeed for user.');
+
+        //Get the updated soa
+        var res = await req({
+            url: '/domains/1/soa',
+            method: 'get'
+        });
+
+        assert.equal(res.status, 200, 'Getting soa should succeed for user.');
+        delete res.data['serial'];
+        assert.equal(res.data, soaData, 'The set and get data should be equal');
+
+        //Updating soa for domain with permissions should work
+        var res = await req({
+            url: '/domains/4/soa',
+            method: 'put',
+            data: soaData
+        });
+
+        assert.equal(res.status, 403, 'Updating SOA for Zone without permissions should fail.');
     });
 });
\ No newline at end of file