def test_basic_add_remove2(self): # MAke sure that if a domain is set to not purgeable the prune stops at # that domain. c = Domain(name='edu') c.save() self.assertFalse(c.purgeable) f_c = Domain(name='foo.edu') s, _ = SOA.objects.get_or_create(primary="foo", contact="foo", description="foo.edu") f_c.soa = s f_c.save() self.assertFalse(f_c.purgeable) fqdn = "bar.x.y.z.foo.edu" label, the_domain = ensure_label_domain(fqdn) self.assertEqual(label, "bar") self.assertEqual(the_domain.name, "x.y.z.foo.edu") self.assertTrue(the_domain.purgeable) self.assertEqual(the_domain.master_domain.name, "y.z.foo.edu") self.assertTrue(the_domain.master_domain.purgeable) self.assertEqual(the_domain.master_domain.master_domain.name, "z.foo.edu") self.assertTrue(the_domain.master_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.master_domain.name, "foo.edu") self.assertFalse( the_domain.master_domain.master_domain.master_domain.purgeable) # See if purgeable stops prune the_domain.purgeable = False the_domain.save() self.assertFalse(prune_tree(the_domain)) the_domain.purgeable = True the_domain.save() # Ok, reset y_z = Domain.objects.get(name="y.z.foo.edu") y_z.purgeable = False y_z.save() # Refresh the domain the_domain = Domain.objects.get(pk=the_domain.pk) # This should delete up to and stop at the domain "y.z.foo.edu" self.assertTrue(prune_tree(the_domain)) self.assertFalse(Domain.objects.filter(name="x.y.z.foo.edu")) self.assertTrue(Domain.objects.filter(name="y.z.foo.edu")) self.assertTrue(Domain.objects.filter(name="z.foo.edu")) self.assertTrue(Domain.objects.filter(name="foo.edu")) # If we delete y.z.foo.com and then call prune on z.foo.com is should # delete z.foo.com Domain.objects.get(name="y.z.foo.edu").delete() self.assertTrue(prune_tree(Domain.objects.get(name="z.foo.edu"))) self.assertFalse(Domain.objects.filter(name="z.foo.edu")) self.assertTrue(Domain.objects.filter(name="foo.edu"))
def test_basic_add_remove2(self): # MAke sure that if a domain is set to not purgeable the prune stops at # that domain. c = Domain(name='edu') c.save() self.assertFalse(c.purgeable) f_c = Domain(name='foo.edu') s, _ = SOA.objects.get_or_create(primary="foo", contact="foo", description="foo.edu") f_c.soa = s f_c.save() self.assertFalse(f_c.purgeable) fqdn = "bar.x.y.z.foo.edu" label, the_domain = ensure_label_domain(fqdn) self.assertEqual(label, "bar") self.assertEqual(the_domain.name, "x.y.z.foo.edu") self.assertTrue(the_domain.purgeable) self.assertEqual(the_domain.master_domain.name, "y.z.foo.edu") self.assertTrue(the_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.name, "z.foo.edu") self.assertTrue(the_domain.master_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.master_domain.name, "foo.edu") self.assertFalse( the_domain.master_domain.master_domain.master_domain.purgeable) # See if purgeable stops prune the_domain.purgeable = False the_domain.save() self.assertFalse(prune_tree(the_domain)) the_domain.purgeable = True the_domain.save() # Ok, reset y_z = Domain.objects.get(name="y.z.foo.edu") y_z.purgeable = False y_z.save() # Refresh the domain the_domain = Domain.objects.get(pk=the_domain.pk) # This should delete up to and stop at the domain "y.z.foo.edu" self.assertTrue(prune_tree(the_domain)) self.assertFalse(Domain.objects.filter(name="x.y.z.foo.edu")) self.assertTrue(Domain.objects.filter(name="y.z.foo.edu")) self.assertTrue(Domain.objects.filter(name="z.foo.edu")) self.assertTrue(Domain.objects.filter(name="foo.edu")) # If we delete y.z.foo.com and then call prune on z.foo.com is should # delete z.foo.com Domain.objects.get(name="y.z.foo.edu").delete() self.assertTrue(prune_tree(Domain.objects.get(name="z.foo.edu"))) self.assertFalse(Domain.objects.filter(name="z.foo.edu")) self.assertTrue(Domain.objects.filter(name="foo.edu"))
def test_delete_with_domains(self): data = {'primary': "ns1asfdadsf.foo.com", 'contact': "email.foo.com"} soa = SOA(**data) soa.save() d0 = Domain(name='com') d0.save() d1 = Domain(name='foo.com', soa=soa) d1.soa = soa d1.save() self.assertRaises(ValidationError, soa.delete)
def build_sample_domain(): domain_name = '' for i in range(2): domain_name = random_label() domain = Domain(name=domain_name) soa = SOA( primary=random_label(), contact="asf", description=random_label()) soa.save() domain.soa = soa domain.save() return domain
def test_no_soa_block2(self): c = Domain(name='moo') c.save() f_c = Domain(name='foo.moo') f_c.save() s, _ = SOA.objects.get_or_create(primary="bar23", contact="Foo", description="bar") f_c.soa = s f_c.save() self.assertRaises(ValidationError, ensure_label_domain, "baz.moo")
def test_delegation_block(self): s, _ = SOA.objects.get_or_create(primary="foo", contact="Foo", description="foo") c = Domain(name='com') c.soa = s c.save() self.assertFalse(c.purgeable) f_c = Domain(name='foo.com') f_c.delegated = True f_c.save() self.assertFalse(f_c.purgeable) self.assertTrue(f_c.delegated) fqdn = "z.baz.foo.com" self.assertRaises(ValidationError, ensure_label_domain, fqdn)
def test_bad_nameserver_soa_state_case_1_3(self): # This is Case 1 ... with ptr's root_domain = create_fake_zone("13.in-addr.arpa", suffix="") for ns in root_domain.nameserver_set.all(): ns.delete() # At his point we should have a domain at the root of a zone with no # other records in it. # Let's create a child domain and try to add a record there. cdomain = Domain(name="10.13.in-addr.arpa") cdomain.soa = root_domain.soa cdomain.save() # Adding a record shouldn't be allowed because there is no NS record on # the zone's root domain. ptr = PTR(name="asdf", ip_str="13.10.1.1", ip_type="4") self.assertRaises(ValidationError, ptr.save)
def test_bad_nameserver_soa_state_case_2_1(self): # This is Case 2 root_domain = create_fake_zone("asdf21") self.assertEqual(root_domain.nameserver_set.count(), 1) ns = root_domain.nameserver_set.all()[0] # At his point we should have a domain at the root of a zone with one # ns record associated to the domain. # Let's create a child domain and add a record there, then try to # delete the NS record cdomain = Domain(name="test." + root_domain.name) cdomain.soa = root_domain.soa cdomain.save() AddressRecord.objects.create( label='', domain=cdomain, ip_type="6", ip_str="1::") self.assertRaises(ValidationError, ns.delete)
def create_domains(self): private = View(name="private") private.save() public = View(name="public") public.save() d0 = create_fake_zone("dc.mozilla.com", suffix="") s = d0.soa d = Domain(name='vlan.dc.mozilla.com') d.save() d.soa = s d.save() Domain(name='arpa').save() Domain(name='in-addr.arpa').save() # Create Reverse Domains d = create_fake_zone("10.in-addr.arpa", suffix="") d = create_fake_zone("66.in-addr.arpa", suffix="") vlan = Vlan(name='vlan', number=99) vlan.save() site = Site(name='dc') site.save() network = Network(network_str="10.0.0.0/8", ip_type='4') network2 = Network(network_str="66.66.66.0/24", ip_type='4') network2.update_network() network2.save() network.vlan = vlan network.site = site network.update_network() network.save() r = Range( start_str='10.99.99.1', end_str='10.99.99.254', network=network,) r.clean() r.save() r = Range( start_str='66.66.66.1', end_str='66.66.66.254', network=network2,) r.clean() r.save()
def test_bad_nameserver_soa_state_case_2_3(self): # This is Case 2 ... with ptrs root_domain = create_fake_zone("10.23.in-addr.arpa", suffix="") self.assertEqual(root_domain.nameserver_set.count(), 1) ns = root_domain.nameserver_set.all()[0] # At his point we should have a domain at the root of a zone with one # ns record associated to the domain. # Let's create a child domain and add a record there, then try to # delete the NS record cdomain = Domain(name="test." + root_domain.name) cdomain.soa = root_domain.soa cdomain.save() ptr = PTR(name="asdf", ip_str="23.10.1.1", ip_type="4") ptr.save() self.assertRaises(ValidationError, ns.delete)
def test_bad_nameserver_soa_state_case_1_1(self): # This is Case 1 root_domain = create_fake_zone("asdf111") for ns in root_domain.nameserver_set.all(): ns.delete() # At his point we should have a domain at the root of a zone with no # other records in it. # Let's create a child domain and try to add a record there. cdomain = Domain(name="test." + root_domain.name) cdomain.soa = root_domain.soa cdomain.save() # Adding a record shouldn't be allowed because there is no NS record on # the zone's root domain. a = AddressRecord(label='', domain=cdomain, ip_type="6", ip_str="1::") self.assertRaises(ValidationError, a.save) cn = CNAME(label='', domain=cdomain, target="asdf") self.assertRaises(ValidationError, cn.save)
def test_bad_nameserver_soa_state_case_1_4(self): # This is Case 1 ... with StaticInterfaces's reverse_root_domain = create_fake_zone("14.in-addr.arpa", suffix="") root_domain = create_fake_zone("asdf14") for ns in root_domain.nameserver_set.all(): ns.delete() # At his point we should have a domain at the root of a zone with no # other records in it. # Let's create a child domain and try to add a record there. cdomain = Domain(name="10.14.in-addr.arpa") cdomain.soa = reverse_root_domain.soa cdomain.save() # Adding a record shouldn't be allowed because there is no NS record on # the zone's root domain. intr = StaticInterface( label="asdf", domain=root_domain, ip_str="14.10.1.1", ip_type="4", mac="11:22:33:44:55:66", system=self.s) self.assertRaises(ValidationError, intr.save)
def test_bad_nameserver_soa_state_case_2_1(self): # This is Case 2 root_domain = create_fake_zone("asdf21") self.assertEqual(root_domain.nameserver_set.count(), 1) ns = root_domain.nameserver_set.all()[0] # At his point we should have a domain at the root of a zone with one # ns record associated to the domain. # Let's create a child domain and add a record there, then try to # delete the NS record cdomain = Domain(name="test." + root_domain.name) cdomain.soa = root_domain.soa cdomain.save() AddressRecord.objects.create(label='', domain=cdomain, ip_type="6", ip_str="1::") self.assertRaises(ValidationError, ns.delete)
def test_basic_add_remove1(self): c = Domain(name='com') c.save() self.assertFalse(c.purgeable) f_c = Domain(name='foo.com') s, _ = SOA.objects.get_or_create(primary="foo", contact="foo", description="foo.zfoo.comom") f_c.soa = s f_c.save() self.assertFalse(f_c.purgeable) fqdn = "bar.x.y.z.foo.com" label, the_domain = ensure_label_domain(fqdn) self.assertEqual(label, "bar") self.assertEqual(the_domain.name, "x.y.z.foo.com") self.assertTrue(the_domain.purgeable) self.assertEqual(the_domain.master_domain.name, "y.z.foo.com") self.assertTrue(the_domain.master_domain.purgeable) self.assertEqual(the_domain.master_domain.master_domain.name, "z.foo.com") self.assertTrue(the_domain.master_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.master_domain.name, "foo.com") self.assertFalse( the_domain.master_domain.master_domain.master_domain.purgeable) # Now call prune tree one the_domain self.assertTrue(prune_tree(the_domain)) self.assertFalse(Domain.objects.filter(name="x.y.z.foo.com")) self.assertFalse(Domain.objects.filter(name="y.z.foo.com")) self.assertFalse(Domain.objects.filter(name="z.foo.com")) self.assertTrue(Domain.objects.filter(name="foo.com")) # Make sure other domain's can't be pruned self.assertFalse(prune_tree(f_c)) self.assertTrue(Domain.objects.filter(name="foo.com")) self.assertFalse(prune_tree(c)) self.assertTrue(Domain.objects.filter(name="com"))
def test_bad_nameserver_soa_state_case_3_1(self): # This is Case 3 root_domain = create_fake_zone("asdf31") for ns in root_domain.nameserver_set.all(): ns.delete() # At his point we should have a domain pointed at an SOA record with no # records attached to it (esspecially no ns recods). It also has no # child domains. # Try case 3 but add a record to a child domain of root_domain cdomain = Domain(name="test." + root_domain.name) cdomain.save() # Add a record to the domain. a = AddressRecord(label='', domain=cdomain, ip_type="6", ip_str="1::") a.save() # Now try to add the domain to the zone that has no NS records at it's # root cdomain.soa = root_domain.soa self.assertRaises(ValidationError, cdomain.save)
def test_bad_nameserver_soa_state_case_3_3(self): # This is Case 3 ... with ptrs root_domain = create_fake_zone("33.in-addr.arpa", suffix="") for ns in root_domain.nameserver_set.all(): ns.delete() # At his point we should have a domain pointed at an SOA record with no # records attached to it (esspecially no ns recods). It also has no # child domains. # Try case 3 but add a record to a child domain of root_domain cdomain = Domain(name="10.33.in-addr.arpa") cdomain.save() # Add a record to the domain. ptr = PTR(name="asdf", ip_str="33.10.1.1", ip_type="4") ptr.save() # Now try to add the domain to the zone that has no NS records at it's # root cdomain.soa = root_domain.soa self.assertRaises(ValidationError, cdomain.save)
def test_basic_add_remove1(self): c = Domain(name='com') c.save() self.assertFalse(c.purgeable) f_c = Domain(name='foo.com') s, _ = SOA.objects.get_or_create(primary="foo", contact="foo", description="foo.zfoo.comom") f_c.soa = s f_c.save() self.assertFalse(f_c.purgeable) fqdn = "bar.x.y.z.foo.com" label, the_domain = ensure_label_domain(fqdn) self.assertEqual(label, "bar") self.assertEqual(the_domain.name, "x.y.z.foo.com") self.assertTrue(the_domain.purgeable) self.assertEqual(the_domain.master_domain.name, "y.z.foo.com") self.assertTrue(the_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.name, "z.foo.com") self.assertTrue(the_domain.master_domain.master_domain.purgeable) self.assertEqual( the_domain.master_domain.master_domain.master_domain.name, "foo.com") self.assertFalse( the_domain.master_domain.master_domain.master_domain.purgeable) # Now call prune tree one the_domain self.assertTrue(prune_tree(the_domain)) self.assertFalse(Domain.objects.filter(name="x.y.z.foo.com")) self.assertFalse(Domain.objects.filter(name="y.z.foo.com")) self.assertFalse(Domain.objects.filter(name="z.foo.com")) self.assertTrue(Domain.objects.filter(name="foo.com")) # Make sure other domain's can't be pruned self.assertFalse(prune_tree(f_c)) self.assertTrue(Domain.objects.filter(name="foo.com")) self.assertFalse(prune_tree(c)) self.assertTrue(Domain.objects.filter(name="com"))
def test_soa_validators(self): m = Domain(name='moo') m.save() f_m = Domain(name='foo.moo') f_m.save() n_f_m = Domain(name='noo.foo.moo') n_f_m.save() b_m = Domain(name='baz.moo') b_m.save() s = SOA(primary="ns1.foo.com", contact="asdf", description="test") s.save() f_m.soa = s f_m.save() b_m.soa = s self.assertRaises(ValidationError, b_m.save) n_f_m = Domain.objects.get(pk=n_f_m.pk) # Refresh object n_f_m.soa = s n_f_m.save() m.soa = s m.save() b_m.soa = s b_m.save() m.soa = None self.assertRaises(ValidationError, m.save) s2 = SOA(primary="ns1.foo.com", contact="asdf", description="test2") s2.save() m.soa = s2 self.assertRaises(ValidationError, m.save)
def ensure_domain(name, purgeable=False, inherit_soa=False, force=False): """This function will take ``domain_name`` and make sure that a domain with that name exists. If this function creates a domain it will set the domain's purgeable flag to the value of the named arguement ``purgeable``. See the doc page about Labels and Domains for other information about this function. This function will attempt to prevent you from: * creating a new TLD * creating a domain that would be a child of a delegated domain * creating a domain that wouldn't exist in an existing zone (it wouldn't have an SOA) You can override these constrains by setting the ``force`` named argument to ``True``. By default if a domain's parent has an SOA, the new domain will not inherit that SOA. You can cause the domain to inherit the SOA by passing the named argument ``inherit_soa`` as ``True``. For example, the function :func:`ensure_label_domain` passes ``inherit_soa=True``. If a domain already exists with a name equal to ``name`` it is immediately returned. It is up to the caller to ensure that ``purgeable`` is set if it is needed. """ try: domain = Domain.objects.get(name=name) return domain except ObjectDoesNotExist: pass # Looks like we are creating some domains. Make sure the first domain we # create is under a domain that has a non-None SOA reference. parts = list(reversed(name.split('.'))) if not force: domain_name = '' leaf_domain = None # Find the leaf domain. for i in range(len(parts)): domain_name = parts[i] + '.' + domain_name domain_name = domain_name.strip('.') try: tmp_domain = Domain.objects.get(name=domain_name) # It got here so we know we found a domain. leaf_domain = tmp_domain except ObjectDoesNotExist: continue if not leaf_domain: raise ValidationError( "Creating this record would cause the " "creation of a new TLD. Please contact " "http://www.icann.org/ for more information.") if leaf_domain.delegated: raise ValidationError( "Creating this record would cause the " "creation of a domain that would be a child of a " "delegated domain.") if not leaf_domain.soa: raise ValidationError( "Creating this record would cause the " "creation of a domain that would not be in an existing " "DNS zone.") domain_name = '' # We know the end domain doesn't exist, so we build it up incrementally # starting at the very right most parent domain. If we find that a parent # domain already exists we continue until we find the domain that doesn't # exist. for i in range(len(parts)): domain_name = parts[i] + '.' + domain_name domain_name = domain_name.strip('.') if Domain.objects.filter(name=domain_name).exists(): continue # We are about to create a domain that previously didn't exist! clobber_querysets = get_clobbered(domain_name) # Don't use get_or_create here because we need to pass certain kwargs # to clean() domain = Domain(name=domain_name) # we know the clobber_querysets may conflict, but we will handle # resolving the conflict later in this function if purgeable: domain.purgeable = True domain.clean(ignore_conflicts=True) # master domain is set here if (inherit_soa and domain.master_domain and domain.master_domain.soa is not None): domain.soa = domain.master_domain.soa # get the domain in the db so we can save the clobbered objects domain.save(do_full_clean=False) # update the objects that initially conflicted with this domain for qs in clobber_querysets: qs.update(domain=domain, label='') # full_clean() wasn't called on this domain but clean() was. Calling # clean_feilds() will ensure we have done the equivalent of a # full_clean() on the domain. domain.clean_fields() return domain