def test_get_hostname_dnsdata_mapping_returns_mapping(self):
domain = Domain.objects.get_default_domain()
expected_mapping = {}
# Create 3 labels with 0-5 resources each, verify that they
# Come back correctly.
for _ in range(3):
name = factory.make_name('label')
dnsrr = factory.make_DNSResource(
name=name, domain=domain, no_ip_addresses=True)
for count in range(random.randint(1, 5)):
factory.make_DNSData(dnsresource=dnsrr, ip_addresses=True)
expected_mapping.update(self.make_mapping(dnsrr))
# Add one resource to the domain which has no data, so it should not be
# in the returned mapping.
factory.make_DNSResource(domain=domain, no_ip_addresses=True)
actual = DNSData.objects.get_hostname_dnsdata_mapping(domain)
self.assertEqual(expected_mapping, actual)
def test_read(self):
dnsrr = factory.make_DNSResource()
for _ in range(3):
factory.make_DNSResource()
uri = get_dnsresource_uri(dnsrr)
response = self.client.get(uri)
self.assertEqual(http.client.OK, response.status_code,
response.content)
parsed_dnsresource = json.loads(
response.content.decode(settings.DEFAULT_CHARSET))
self.assertThat(
parsed_dnsresource,
ContainsDict({
"id": Equals(dnsrr.id),
"fqdn": Equals(dnsrr.fqdn)
}),
)
def test_read_with_domain(self):
for _ in range(3):
factory.make_DNSResource()
dnsrr = DNSResource.objects.first()
uri = get_dnsresources_uri()
response = self.client.get(
uri,
{'domain': [dnsrr.domain.name]})
self.assertEqual(
http.client.OK, response.status_code, response.content)
expected_ids = [dnsrr.id]
result_ids = [
dnsresource["id"]
for dnsresource in json.loads(
response.content.decode(settings.DEFAULT_CHARSET))
]
self.assertItemsEqual(expected_ids, result_ids)
def test_user_view_returns_dnsresource(self):
user = factory.make_User()
dnsresource = factory.make_DNSResource()
self.assertEqual(
dnsresource,
DNSResource.objects.get_dnsresource_or_404(dnsresource.id, user,
NodePermission.view),
)
def test_admin_admin_returns_dnsresource(self):
admin = factory.make_admin()
dnsresource = factory.make_DNSResource()
self.assertEqual(
dnsresource,
DNSResource.objects.get_dnsresource_or_404(dnsresource.id, admin,
NodePermission.admin),
)
def test_delete_deletes_dnsresource(self):
self.become_admin()
dnsresource = factory.make_DNSResource()
uri = get_dnsresource_uri(dnsresource)
response = self.client.delete(uri)
self.assertEqual(http.client.NO_CONTENT, response.status_code,
response.content)
self.assertIsNone(reload_object(dnsresource))
def test_add_delegations_adds_nsrrset_and_glue_in_depth(self):
parent = factory.make_Domain()
name = factory.make_name()
child = factory.make_Domain(name="%s.%s" % (name, parent.name))
default_name = Domain.objects.get_default_domain().name
g_name = factory.make_name()
grandchild = factory.make_Domain(name="%s.%s" % (g_name, child.name))
dnsrr = factory.make_DNSResource(name="@", domain=child)
nsname = factory.make_name()
factory.make_DNSData(
dnsresource=dnsrr,
rrtype="NS",
rrdata="%s.%s." % (nsname, grandchild.name),
)
nsrr = factory.make_DNSResource(name=nsname, domain=grandchild)
other_name = factory.make_name()
factory.make_DNSResource(name=other_name, domain=parent)
factory.make_DNSData(
dnsresource=dnsrr,
rrtype="NS",
rrdata="%s.%s." % (other_name, parent.name),
)
mappings = lazydict(get_hostname_dnsdata_mapping)
mapping = mappings[parent]
expected_map = {
name: HostnameRRsetMapping(
rrset={
(30, "NS", default_name),
(30, "NS", "%s.%s." % (nsname, grandchild.name)),
(30, "NS", "%s.%s." % (other_name, parent.name)),
}
)
}
ns_part = "%s.%s" % (nsname, g_name)
for sip in nsrr.ip_addresses.all():
if IPAddress(sip.ip).version == 6:
expected_map[ns_part] = HostnameRRsetMapping(
rrset={(30, "AAAA", sip.ip)}
)
else:
expected_map[ns_part] = HostnameRRsetMapping(
rrset={(30, "A", sip.ip)}
)
parent.add_delegations(mapping, default_name, [IPAddress("::1")], 30)
self.assertEqual(expected_map, mapping)
def test_rejects_bad_sshfp_record(self):
dnsresource = factory.make_DNSResource(no_ip_addresses=True)
dnsdata = DNSData(dnsresource=dnsresource,
rrtype='SSHFP',
rrdata="wrong data")
with ExpectedException(
ValidationError,
re.escape("{'__all__': [\"%s\"]}" % INVALID_SSHFP_MSG)):
dnsdata.save()
def test__delete_dnsdata(self):
user = factory.make_admin()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
dnsresource = factory.make_DNSResource(domain=domain)
dnsdata = factory.make_DNSData(dnsresource)
handler.delete_dnsdata({"domain": domain.id, "dnsdata_id": dnsdata.id})
dnsdata = reload_object(dnsdata)
self.assertThat(dnsdata, Is(None))
def test_read(self):
for _ in range(3):
factory.make_DNSResource()
uri = get_dnsresources_uri()
response = self.client.get(uri)
self.assertEqual(
http.client.OK, response.status_code, response.content)
expected_ids = [
dnsresource.id
for dnsresource in DNSResource.objects.all()
]
result_ids = [
dnsresource["id"]
for dnsresource in json.loads(
response.content.decode(settings.DEFAULT_CHARSET))
]
self.assertItemsEqual(expected_ids, result_ids)
def test__delete_resource(self):
user = factory.make_admin()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
resource = factory.make_DNSResource(domain=domain)
handler.delete_dnsresource(
{"domain": domain.id, "dnsresource_id": resource.id}
)
self.assertThat(reload_object(resource), Is(None))
def test__delete_resource_as_non_admin_fails(self):
user = factory.make_User()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
resource = factory.make_DNSResource(domain=domain)
with ExpectedException(HandlerPermissionError):
handler.delete_address_record(
{"domain": domain.id, "dnsresource": resource.id}
)
def test_update_admin_only(self):
dnsresource = factory.make_DNSResource()
new_name = factory.make_name("dnsresource")
uri = get_dnsresource_uri(dnsresource)
response = self.client.put(uri, {
"name": new_name,
})
self.assertEqual(http.client.FORBIDDEN, response.status_code,
response.content)
def test_create_resource_exists(self):
self.become_admin()
dnsresource_name = factory.make_name("dnsresource")
domain = factory.make_Domain()
# create a resource with the same details
factory.make_DNSResource(domain=domain, name=dnsresource_name)
uri = get_dnsresourcerecords_uri()
response = self.client.post(
uri,
{
"name": dnsresource_name,
"domain": domain.name,
"rrtype": "TXT",
"rrdata": "Sample Text.",
},
)
payload = json.loads(response.content.decode(settings.DEFAULT_CHARSET))
self.assertEqual(payload["fqdn"], f"{dnsresource_name}.{domain.name}")
def test_get_hostname_dnsdata_mapping_includes_node_owner_id(self):
domain = Domain.objects.get_default_domain()
user = factory.make_User()
node_name = factory.make_name("node")
factory.make_Node_with_Interface_on_Subnet(
hostname=node_name, domain=domain, owner=user)
dnsrr = factory.make_DNSResource(domain=domain, name=node_name)
factory.make_DNSData(dnsresource=dnsrr, ip_addresses=True)
mapping = DNSData.objects.get_hostname_dnsdata_mapping(domain)
self.assertEqual(mapping[node_name].user_id, user.id)
def test_read_all(self):
self.become_admin()
for _ in range(3):
factory.make_DNSResource()
factory.make_RegionRackController()
uri = get_dnsresources_uri()
response = self.client.get(uri, {"all": "true"})
self.assertEqual(http.client.OK, response.status_code,
response.content)
expected_ids = [
dnsresource.id
for dnsresource in get_dnsresource_queryset(all_records=True)
]
result_ids = [
dnsresource["id"] for dnsresource in json.loads(
response.content.decode(settings.DEFAULT_CHARSET))
]
self.assertItemsEqual(expected_ids, result_ids)
def test__delete_resource_as_non_admin_fails(self):
user = factory.make_User()
handler = DomainHandler(user, {})
domain = factory.make_Domain()
resource = factory.make_DNSResource(domain=domain)
with ExpectedException(HandlerPermissionError):
handler.delete_dnsresource({
'domain': domain.id,
'dnsresource': resource.id,
})
def test__user_admin_raises_PermissionError(self):
user = factory.make_User()
dnsresource = factory.make_DNSResource()
self.assertRaises(
PermissionDenied,
DNSResource.objects.get_dnsresource_or_404,
dnsresource.id,
user,
NodePermission.admin,
)
def test_rejects_bad_cname_target(self):
target = factory.make_name('na*e')
dnsresource = factory.make_DNSResource(no_ip_addresses=True)
dnsdata = DNSData(dnsresource=dnsresource,
rrtype='CNAME',
rrdata=target)
with ExpectedException(
ValidationError,
re.escape("{'__all__': [\"%s\"]}" % INVALID_CNAME_MSG)):
dnsdata.save()
def test_rejects_cname_with_address(self):
name = factory.make_name('name')
target = factory.make_name('target')
domain = factory.make_Domain()
dnsrr = factory.make_DNSResource(name=name, domain=domain)
dnsrr.save()
dnsdata = DNSData(dnsresource=dnsrr, rrtype='CNAME', rrdata=target)
with ExpectedException(
ValidationError,
re.escape("{'__all__': ['%s']}" % CNAME_AND_OTHER_MSG)):
dnsdata.save()
def test_save_migrates_dnsresource(self):
p_name = "%s.%s" % (factory.make_name(), factory.make_name())
c_name = factory.make_name()
parent = factory.make_Domain(name=p_name)
dnsrr = factory.make_DNSResource(name=c_name, domain=parent)
child = factory.make_Domain(name="%s.%s" % (c_name, p_name))
dnsrr_from_db = DNSResource.objects.get(id=dnsrr.id)
self.assertEqual('@', dnsrr_from_db.name)
self.assertEqual(child, dnsrr_from_db.domain)
self.assertItemsEqual(
[], DNSResource.objects.filter(name=c_name, domain=parent))
def test_get_normal_user_only_owned_entries(self):
user = factory.make_User()
other_user = factory.make_User()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
hostname1 = factory.make_name("node")
factory.make_Node_with_Interface_on_Subnet(hostname=hostname1,
domain=domain,
owner=user)
dnsrr1 = factory.make_DNSResource(domain=domain, name=hostname1)
factory.make_DNSData(dnsresource=dnsrr1, ip_addresses=True)
hostname2 = factory.make_name("node")
factory.make_Node_with_Interface_on_Subnet(hostname=hostname2,
domain=domain,
owner=other_user)
dnsrr2 = factory.make_DNSResource(domain=domain, name=hostname2)
factory.make_DNSData(dnsresource=dnsrr2, ip_addresses=True)
details = handler.get({"id": domain.id})
for entry in details['rrsets']:
self.assertEqual(entry['user_id'], user.id)
def test__delete_dnsdata_fails_for_non_admin(self):
user = factory.make_User()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
dnsresource = factory.make_DNSResource(domain=domain)
dnsdata = factory.make_DNSData(dnsresource)
with ExpectedException(HandlerPermissionError):
handler.delete_dnsdata(
{"domain": domain.id, "dnsdata_id": dnsdata.id}
)
dnsdata = reload_object(dnsdata)
self.assertThat(dnsdata, Not(Is(None)))
def test_render_json_for_related_rrdata_includes_user_id(self):
domain = factory.make_Domain()
node_name = factory.make_name('node')
user = factory.make_User()
factory.make_Node_with_Interface_on_Subnet(
hostname=node_name, domain=domain, owner=user)
dnsrr = factory.make_DNSResource(domain=domain, name=node_name)
factory.make_DNSData(dnsresource=dnsrr, ip_addresses=True)
expected = self.render_rrdata(domain, for_list=False)
actual = domain.render_json_for_related_rrdata(for_list=True)
self.assertEqual(actual, expected)
for record in actual:
self.assertEqual(record['user_id'], user.id)
def test__delete_address_deletes_single_address(self):
user = factory.make_admin()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
name = factory.make_hostname()
resource = factory.make_DNSResource(
domain=domain, name=name, ip_addresses=["127.0.0.1", "127.0.0.2"])
handler.delete_address_record({
'domain': domain.id,
'dnsresource_id': resource.id,
'rrdata': "127.0.0.1"
})
self.assertThat(resource.get_addresses(), Equals(["127.0.0.2"]))
def test_dnsresource_address_overrides_domain(self):
# DNSResource.address_ttl _does_, however, override Domain.ttl for
# addresses that do not have nodes associated with them.
global_ttl = random.randint(100, 199)
Config.objects.set_config("default_dns_ttl", global_ttl)
subnet = factory.make_Subnet(cidr="10.0.0.0/23")
domain = factory.make_Domain(ttl=random.randint(200, 299))
node = factory.make_Node_with_Interface_on_Subnet(
status=NODE_STATUS.READY,
subnet=subnet,
domain=domain,
address_ttl=random.randint(300, 399),
)
boot_iface = node.get_boot_interface()
[boot_ip] = boot_iface.claim_auto_ips()
dnsrr = factory.make_DNSResource(domain=domain,
address_ttl=random.randint(400, 499))
node_ips = {boot_ip.ip}
dnsrr_ips = {
ip.ip
for ip in dnsrr.ip_addresses.all() if ip is not None
}
expected_forward = {
node.hostname:
HostnameIPMapping(node.system_id, node.address_ttl, node_ips,
node.node_type),
dnsrr.name:
HostnameIPMapping(None, dnsrr.address_ttl, dnsrr_ips, None,
dnsrr.id),
}
expected_reverse = {
node.fqdn:
HostnameIPMapping(
node.system_id,
node.address_ttl,
node_ips,
node.node_type,
None,
),
dnsrr.fqdn:
HostnameIPMapping(None, dnsrr.address_ttl, dnsrr_ips, None,
dnsrr.id),
}
zones = ZoneGenerator(
domain,
subnet,
default_ttl=global_ttl,
serial=random.randint(0, 65535),
).as_list()
self.assertEqual(expected_forward, zones[0]._mapping)
self.assertEqual(expected_reverse, zones[1]._mapping)
def test_update(self):
self.become_admin()
dnsresource = factory.make_DNSResource()
new_name = factory.make_name("dnsresource")
uri = get_dnsresource_uri(dnsresource)
response = self.client.put(uri, {"name": new_name})
self.assertEqual(http.client.OK, response.status_code,
response.content)
self.assertEqual(
"%s.%s" % (new_name, dnsresource.domain.name),
json.loads(response.content.decode(
settings.DEFAULT_CHARSET))["fqdn"],
)
self.assertEqual(new_name, reload_object(dnsresource).name)
def test_dnsresources_are_in_the_dns(self):
self.patch(settings, "DNS_CONNECT", True)
domain = factory.make_Domain()
subnet = factory.make_ipv4_Subnet_with_IPRanges()
dynamic_range = subnet.get_dynamic_ranges()[0]
ip = factory.pick_ip_in_IPRange(dynamic_range)
ip_obj = factory.make_StaticIPAddress(
alloc_type=IPADDRESS_TYPE.USER_RESERVED, ip=ip, subnet=subnet)
rrname = factory.make_name("label")
dnsrr = factory.make_DNSResource(name=rrname,
domain=domain,
ip_addresses=[ip_obj])
dns_update_all_zones()
self.assertDNSMatches(dnsrr.name, domain.name, ip_obj.ip)
def test_update_resource_validation_error(self):
user = factory.make_admin()
handler = DomainHandler(user, {}, None)
domain = factory.make_Domain()
resource = factory.make_DNSResource(domain=domain)
self.assertRaises(
ValidationError,
handler.update_dnsresource,
{
"domain": domain.id,
"dnsresource_id": resource.id,
"address_ttl": "invalid",
},
)
def test__creates_dnsdata(self):
name = factory.make_name("dnsdata")
(rrtype, rrdata) = factory.pick_rrset()
dnsrr = factory.make_DNSResource(no_ip_addresses=True)
form = DNSDataForm({
"name": name,
"dnsresource": dnsrr.id,
"rrtype": rrtype,
"rrdata": rrdata,
})
self.assertTrue(form.is_valid(), form.errors)
dnsdata = form.save()
self.assertEqual(dnsrr.id, dnsdata.dnsresource.id)
self.assertEqual(rrtype, dnsdata.rrtype)
self.assertEqual(rrdata, dnsdata.rrdata)
