def rr_delete(name,
zone,
view,
profile,
free_ips,
references,
user,
type=None,
**kwargs):
fqdn = make_fqdn(name, view.zone.name)
rrs = RR.query.filter_by(name=make_fqdn(name, view.zone.name), view=view)
display_query = [fqdn]
if type:
rrs = rrs.filter_by(type=type)
display_query.append(type)
if kwargs:
kwargs = RR.validate_args(type, **kwargs)
value = RR.get_class(type).value_from_fields(**kwargs)
rrs = rrs.filter_by(value=value)
if 'ip' in kwargs:
rrs = rrs.filter_by(ipblock=kwargs['ip'])
display_query.append(value) # this should never be needed
if rrs.count() > 1:
raise DimError('%s is ambiguous' % ' '.join(display_query))
elif rrs.count() == 0:
raise DimError('%s does not exist' % ' '.join(display_query))
delete_with_references(rrs,
free_ips=free_ips,
references=references,
user=user)
def apply_profile(view, zone, from_profile):
for rr in RR.query.filter_by(view=from_profile.views[0]):
new_rr = RR(name=make_fqdn(RR.record_name(rr.name, rr.view.zone.name), zone.name),
view=view,
type=rr.type,
ttl=rr.ttl,
ipblock=rr.ipblock,
target=rr.target,
value=rr.value)
try:
check_new_rr(new_rr)
db.session.add(new_rr)
except InvalidParameterError:
pass
def copy_rrs(parent_view, child_view):
if child_view is None or parent_view is None:
return
for rr in RR.query.filter(RR.zoneview_id == view.id).filter(RR.name == view.zone.name + '.')\
.filter(RR.type == 'NS'):
create_single_rr(name=rr.name, rr_type=rr.type, zone=parent_view.zone, view=view.name, user=user,
ttl=rr.ttl, **RR.get_class(rr.type).fields_from_value(rr.value))
def create_single_rr(name, rr_type, zone, view, user, overwrite=False, **kwargs):
'''
:type zone: Zone
:type view: string
:param view: name of the view
:param rr_type: RR type (string)
:return: True if the record was created or already existed
'''
view = get_view(zone, view)
existed = False
created = True
name = make_fqdn(name, view.zone.name)
rr_query = RR.query.filter(RR.name == name).filter(RR.type == rr_type)\
.join(ZoneView).filter(RR.view == view)
new_rr = RR.create(name=name, type=rr_type, view=view, **kwargs)
rrs = rr_query.all()
if rrs:
if overwrite:
for rr in rrs:
Messages.warn("Deleting RR %s from %s" % (rr.bind_str(relative=True), rr.view))
delete_single_rr(rr, user)
else:
samerr = None
for rr in rrs:
if rr.value == new_rr.value and (rr.type not in ('A', 'AAAA', 'PTR') or rr.ipblock == new_rr.ipblock):
samerr = rr
break
if samerr:
created = False
existed = True
Messages.info("%s already exists" % samerr)
else:
if rr_type == 'PTR': # Don't allow PTR round robin records
created = False
Messages.warn("Not overwriting: %s" % rrs[0])
else:
Messages.warn("The name %s already existed, creating round robin record" % name)
if created:
if rr_type == 'RP':
point_to = _same_view_or_different_zone(new_rr).filter(RR.name == new_rr.target)
if point_to.filter(RR.type == 'TXT').count() == 0:
Messages.warn('TXT Record %s not found' % (new_rr.target,))
elif rr_type == 'SSHFP':
same_name = _same_view_or_different_zone(new_rr).filter(RR.name == new_rr.name)
if same_name.filter(or_(RR.type == 'A', RR.type == 'AAAA')).count() == 0:
Messages.warn('No A or AAAA found for %s' % (new_rr.name,))
check_new_rr(new_rr)
Messages.info(u"Creating RR {rr}{comment_msg} in {view_msg}".format(
rr=new_rr.bind_str(relative=True),
comment_msg=u' comment {0}'.format(kwargs['comment']) if kwargs.get('comment', None) else '',
view_msg=new_rr.view))
if new_rr.target and rr_type not in ['PTR', 'RP']:
# Creating a PTR record also creates the A/AAAA record
if _same_view_or_different_zone(new_rr).filter(RR.name == new_rr.target).count() == 0:
Messages.warn('%s does not exist.' % new_rr.target)
new_rr.insert()
return created or existed
def create_subzone(new_zone, parent_zone, from_profile, soa_attributes, user,
inherit_rights=True, inherit_zone_groups=True):
'''
Create views and move rrs from parent zone.
Records from the parent zones have priority over the ones from the profile.
Copy @ NS records from subzone to parent zone.
If inherit_rights is True, inherit user rights from parent zone.
If inherit_zone_groups is True, inherit zone-group membership from parent zone. No zone-group rights are checked.
This is necessary so net_admins can create subnets without access to the zone-group
where the parent reverse zone is a member.
If inherit_owner is True, inherit the owner from parent zone.
'''
# map parent view id to child view
view_id_map = {}
parent_views_ids = [view.id for view in parent_zone.views]
for view in parent_zone.views:
view_id_map[view.id] = ZoneView.create(new_zone, view.name,
from_profile=from_profile, soa_attributes=soa_attributes, copy_rrs=False)
Messages.info('Creating views %s for zone %s' % (', '.join([view.name for view in new_zone.views]), new_zone.name))
for rr in RR.query.filter(RR.zoneview_id.in_(parent_views_ids))\
.filter(or_(RR.name.endswith('.' + new_zone.name + '.'),
RR.name == new_zone.name + '.')):
view_msg = (' view ' + rr.view.name) if len(parent_zone.views) > 1 else ''
msg_info = (rr.bind_str(relative=True),
new_zone.name + view_msg,
parent_zone.name + view_msg)
rr.notify_delete()
rr.view = view_id_map[rr.zoneview_id]
rr.value = RR.get_class(rr.type).fqdn_target(rr.value, parent_zone.name)
try:
check_new_rr(rr)
Messages.info('Moving RR %s in zone %s from zone %s' % msg_info)
rr.notify_insert()
except InvalidParameterError:
db.session.delete(rr)
Messages.warn('Rejected to move RR %s in zone %s, deleted RR from zone %s' % msg_info)
if from_profile is not None:
for view in new_zone.views:
apply_profile(view, new_zone, from_profile)
for parent_view in parent_zone.views:
if inherit_zone_groups:
for group in parent_view.groups:
zone_group_add_zone(group, new_zone, view_id_map[parent_view.id])
if inherit_rights:
rights = AccessRight.query.filter_by(object_class='ZoneView', object_id=parent_view.id).all()
for right in rights:
for group in right.groups:
group.rights.add(AccessRight.find_or_create(access=right.access,
object_id=view_id_map[parent_view.id].id,
object_class=right.object_class))