def get_domain_list(self, in_global_acl=False):
search = request.args.get('search', None)
if self.auth.account.account_type == 'senior_admin' or in_global_acl:
query = ModelDomain.select()
if (search is not None):
search = search.replace('*', '%')
query = query.where((ModelDomain.domain**('%' + search + '%')))
return query
# domain group maps query
dgmq = DomainGroupMap.select(DomainGroupMap.domain_id).where(
DomainGroupMap.group_id << self.get_group_maps())
# domains query
domainQuery = ModelDomain.select().where(
((ModelDomain.owner_id == self.auth.account.account_id) |
(ModelDomain.domain_id << dgmq)))
if (search is not None):
search = search.replace('*', '%')
domainQuery = domainQuery.where(
(ModelDomain.domain**(search + '%')))
return domainQuery
def test_soa_record(self):
domain = Domain()
domain.domain = 'example.com'
model = Record()
# joined domain on domain_id
model.domain_id = domain
model.type = 'S'
model.host = 'hostmaster.example.com:ns1.example.com'
model.val = '16384:2048:1048576:2560:'
model.ttl = '86400'
expected = (
"Zexample.com"
":ns1.example.com"
":hostmaster.example.com"
":"
":16384"
":2048"
":1048576"
":2560"
":86400\n"
)
self.assertEquals(
self.export.data_line_from_model(model),
expected
)
def get_domain_list(self):
search = request.args.get('search', None)
if self.auth.account.account_type == 'senior_admin':
query = ModelDomain.select()
if (search is not None):
search = search.replace('*', '%')
query = query.where(
(ModelDomain.domain ** ('%' + search + '%'))
)
return query
# domain group maps query
dgmq = DomainGroupMap.select(DomainGroupMap.domain_id).where(
DomainGroupMap.group_id << self.get_group_maps()
)
# domains query
domainQuery = ModelDomain.select().where(
(
(ModelDomain.owner_id == self.auth.account.account_id) |
(ModelDomain.domain_id << dgmq)
)
)
if (search is not None):
search = search.replace('*', '%')
domainQuery = domainQuery.where(
(ModelDomain.domain ** (search + '%'))
)
return domainQuery
def delete(self, account_id):
if self.auth.account.account_type != "senior_admin":
abort(403, message="Insufficient privileges to delete account")
if self.auth.account.account_id == account_id:
abort(400, message="Sorry, you can't delete yourself")
try:
account = ModelAccount.get(ModelAccount.account_id == account_id)
except peewee.DoesNotExist:
abort(404, message="account does not exist")
# update existing domains to be owned by account 0
domains = ModelDomain.select().where(
ModelDomain.owner_id == account_id
)
for domain in domains:
domain.owner_id == 0
domain.save()
account.delete_instance()
self.dns_log(
0,
(
"deleted account " + account.first_name + " " +
account.last_name + ", " + account.email
)
)
return {'status': 'ok'}
def load_domains(self):
# reset
self.domains = {}
# look up my group ids
accountgroupmaps = AccountGroupMap.select(
AccountGroupMap.group_id).where(
AccountGroupMap.account_id == self.account_id)
group_ids = []
for map in accountgroupmaps:
group_ids.append(map.group_id)
# get domain group maps
if group_ids:
domaingroupmaps = DomainGroupMap.select(
DomainGroupMap,
Domain).where(DomainGroupMap.group_id << group_ids).join(
Domain,
on=Domain.domain_id == DomainGroupMap.domain_id,
attr='domain_id')
# store the maps by domain id for the can_* methods below
for map in domaingroupmaps:
did = map.domain_id.domain_id
if map.domain_id.domain_id not in self.domains:
self.domains[did] = {'domain': map.domain_id, 'maps': []}
self.domains[did]["maps"].append(map)
# grab domains this user owns
domains = Domain.select(Domain).where(
Domain.owner_id == self.account_id)
for domain in domains:
if domain.domain_id not in self.domains:
self.domains[domain.domain_id] = {'domain': domain, 'maps': []}
def get_delete_domain(self, domain_id):
if self.auth.account.account_type == 'senior_admin':
return ModelDomain.get(ModelDomain.domain_id == domain_id)
if self.auth.account.can_delete_domain(domain_id):
return self.auth.account.domains[domain_id]["domain"]
abort(403, message="Not authorized to delete this domain")
def get_delete_domain(self, domain_id):
if self.auth.account.account_type == 'senior_admin':
return ModelDomain.get(ModelDomain.domain_id == domain_id)
if self.auth.account.can_delete_domain(domain_id):
return self.auth.account.domains[domain_id]["domain"]
abort(403, message="Not authorized to delete this domain")
def test_format_map(self):
domain = Domain()
domain.domain_id = 252
domain.domain = "example.com"
group = Group()
group.group_id = 252
group.name = "Test Group 1"
map = DomainGroupMap()
map.map_id = 1
map.group_id = group
map.domain_id = domain
map.permissions = 7
formatted = map.format_map(map)
self.assertTrue(formatted["can_read"])
self.assertTrue(formatted["can_write"])
self.assertTrue(formatted["can_delete"])
self.assertEquals(formatted["map_id"], map.map_id)
self.assertEquals(formatted["group"], map.group_id.to_clean_dict())
self.assertEquals(formatted["domain"], map.domain_id.to_clean_dict())
def test_soa_record(self):
domain = Domain()
domain.domain = 'example.com'
model = Record()
# joined domain on domain_id
model.domain_id = domain
model.type = 'S'
model.host = 'hostmaster.example.com:ns1.example.com'
model.val = '16384:2048:1048576:2560:'
model.ttl = '86400'
expected = ("Zexample.com"
":ns1.example.com"
":hostmaster.example.com"
":"
":16384"
":2048"
":1048576"
":2560"
":86400\n")
self.assertEquals(self.export.data_line_from_model(model), expected)
def load_domains(self):
# reset
self.domains = {}
# look up my group ids
accountgroupmaps = AccountGroupMap.select(
AccountGroupMap.group_id
).where(
AccountGroupMap.account_id == self.account_id
)
group_ids = []
for map in accountgroupmaps:
group_ids.append(map.group_id)
# get domain group maps
if group_ids:
domaingroupmaps = DomainGroupMap.select(
DomainGroupMap, Domain
).where(
DomainGroupMap.group_id << group_ids
).join(
Domain,
on=Domain.domain_id == DomainGroupMap.domain_id
)
# store the maps by domain id for the can_* methods below
for map in domaingroupmaps:
did = map.domain_id.domain_id
if map.domain_id.domain_id not in self.domains:
self.domains[did] = {
'domain': map.domain_id,
'maps': []
}
self.domains[did]["maps"].append(map)
# grab domains this user owns
domains = Domain.select(
Domain
).where(
Domain.owner_id == self.account_id
)
for domain in domains:
if domain.domain_id not in self.domains:
self.domains[domain.domain_id] = {
'domain': domain,
'maps': []
}
def delete(self, account_id):
if self.auth.account.account_type != "senior_admin":
abort(403, message="Insufficient privileges to delete account")
if self.auth.account.account_id == account_id:
abort(400, message="Sorry, you can't delete yourself")
try:
account = ModelAccount.get(ModelAccount.account_id == account_id)
except peewee.DoesNotExist:
abort(404, message="account does not exist")
# update existing domains to be owned by account 0
domains = ModelDomain.select().where(
ModelDomain.owner_id == account_id
)
for domain in domains:
domain.owner_id == 0
domain.save()
account.delete_instance()
return {'status': 'ok'}
def get_domain(self, domain_id):
return ModelDomain.get(ModelDomain.domain_id == domain_id)
def get_domain(self, domain_id):
return ModelDomain.get(ModelDomain.domain_id == domain_id)
def post(self):
parser = reqparse.RequestParser()
parser.add_argument('domain',
required=True,
location=['form', 'json'],
help='domain parameter is required')
parser.add_argument('move_colliding_records',
type=bool,
location=['form', 'json'],
default=False)
parser.add_argument('skip_soa',
type=bool,
location=['form', 'json'],
default=False)
parser.add_argument('skip_default_records',
type=bool,
location=['form', 'json'],
default=False)
args = parser.parse_args()
# Lower case the domain
domain = args['domain'].lower()
# check for duplicate first
try:
ModelDomain.get(ModelDomain.domain == domain)
abort(400, message="Domain already exists")
except peewee.DoesNotExist:
pass
# check for duplicate records
duplicate_records = ModelRecord().select().where((ModelRecord.host**(
'%.' + domain)) | (ModelRecord.host == domain))
move_colliding_records = False
if duplicate_records.count() > 0:
move_colliding_records = args['move_colliding_records']
if (move_colliding_records is True
and self.auth.account.account_type != 'senior_admin'):
m = "You must be a senior_admin to move colliding records"
abort(403, message=m)
if move_colliding_records is False:
m = "Unable to create domain, there are colliding records"
abort(409, message=m)
model = ModelDomain()
model.domain = domain
if self.auth.account.account_type != 'senior_admin':
model.status = 'inactive'
model.owner_id = self.auth.account.account_id
try:
model.save()
self.dns_log(
model.domain_id, "Added domain " + model.domain +
" with status " + model.status)
except ValueError:
abort(400, message="Invalid parameters")
except peewee.IntegrityError:
# race condition, unique constraint will catch it
abort(400, message="Domain already exists")
# add default records
records = []
if args['skip_default_records'] is False:
model.add_default_records(self, skipSoa=args['skip_soa'])
default_records = model.get_records()
for record in default_records:
records.append(record.to_clean_dict())
# move colliding records
if move_colliding_records is True:
for dr in duplicate_records:
dr.domain_id = model.domain_id
dr.save()
records.append(dr.to_clean_dict())
if self.auth.account.account_type != 'senior_admin':
common = vegadns.api.email.common.Common()
to = common.get_support_email()
subject = "New Inactive Domain Created"
msg_body = "Inactive domain \"" + model.domain + \
"\" added by " + self.auth.account.email + ".\n\n" + \
"Thanks,\n\nVegaDNS"
vegadns.api.email.send(to, subject, msg_body)
# notify listeners of dns data change
self.send_update_notification()
return {
'status': 'ok',
'domain': model.to_clean_dict(),
'records': records
}, 201
def post(self):
domain = request.form.get("domain")
if domain is None:
abort(400, message="domain parameter is required")
# check for duplicate first
try:
ModelDomain.get(ModelDomain.domain == domain)
abort(400, message="Domain already exists")
except peewee.DoesNotExist:
pass
model = ModelDomain()
model.domain = domain
if self.auth.account.account_type != 'senior_admin':
model.status = 'inactive'
model.owner_id = self.auth.account.account_id
try:
model.save()
self.dns_log(
model.domain_id,
"Added domain " + model.domain + " with status " + model.status
)
except ValueError:
abort(400, message="Invalid parameters")
except peewee.IntegrityError:
# race condition, unique constraint will catch it
abort(400, message="Domain already exists")
# add default records
model.add_default_records(self)
default_records = model.get_records()
records = []
for record in default_records:
records.append(record.to_clean_dict())
if self.auth.account.account_type != 'senior_admin':
common = vegadns.api.email.common.Common()
to = common.get_support_email()
subject = "New Inactive Domain Created"
msg_body = "Inactive domain \"" + model.domain + \
"\" added by " + self.auth.account.email + ".\n\n" + \
"Thanks,\n\nVegaDNS"
vegadns.api.email.send(to, subject, msg_body)
return {
'status': 'ok',
'domain': model.to_clean_dict(),
'records': records
}, 201
