jostreff/nsedit
1
0
Fork 0
mirror of https://github.com/tuxis-ie/nsedit.git synced 2025-04-19 20:09:14 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Replace 'owner' with account to be consistent with Pdns. Set account upon creating a zone.

Browse source
This commit is contained in:
Mark Schouten 2016-08-04 15:01:39 +02:00
parent ef7f47e3f4
commit 623fcefc5c
2 changed files with 36 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
index.php
View file

@ -305,16 +305,16 @@ $(document).ready(function () {
listClass: 'dnssec' listClass: 'dnssec'
}, },
<?php if (is_adminuser()) { ?> <?php if (is_adminuser()) { ?>
owner: { account: {
title: 'Owner', title: 'Account',
width: '8%', width: '8%',
display: displayContent('owner'), display: displayContent('account'),
options: function(data) { options: function(data) {
return 'users.php?action=listoptions&e='+$epoch; return 'users.php?action=listoptions&e='+$epoch;
}, },
defaultValue: 'admin', defaultValue: 'admin',
inputClass: 'owner', inputClass: 'account',
listClass: 'owner' listClass: 'account'
}, },
<?php } ?> <?php } ?>
kind: { kind: {
@ -472,16 +472,16 @@ $(document).ready(function () {
listClass: 'dnssec' listClass: 'dnssec'
}, },
<?php if (is_adminuser()) { ?> <?php if (is_adminuser()) { ?>
owner: { account: {
title: 'Owner', title: 'Account',
width: '8%', width: '8%',
display: displayContent('owner'), display: displayContent('account'),
options: function(data) { options: function(data) {
return 'users.php?action=listoptions&e='+$epoch; return 'users.php?action=listoptions&e='+$epoch;
}, },
defaultValue: 'admin', defaultValue: 'admin',
inputClass: 'owner', inputClass: 'account',
listClass: 'owner' listClass: 'account'
}, },
<?php } ?> <?php } ?>
kind: { kind: {
@ -695,13 +695,13 @@ $(document).ready(function () {
inputClass: 'domain' inputClass: 'domain'
}, },
<?php if (is_adminuser()) { ?> <?php if (is_adminuser()) { ?>
owner: { account: {
title: 'Owner', title: 'Account',
options: function(data) { options: function(data) {
return 'users.php?action=listoptions&e='+$epoch; return 'users.php?action=listoptions&e='+$epoch;
}, },
defaultValue: 'admin', defaultValue: 'admin',
inputClass: 'owner' inputClass: 'account'
}, },
<?php } ?> <?php } ?>
kind: { kind: {

48
zones.php
View file

@ -77,22 +77,22 @@ function record_compare($a, $b) {
return 0; return 0;
} }
function add_db_zone($zonename, $ownername) { function add_db_zone($zonename, $accountname) {
if (valid_user($ownername) === false) { if (valid_user($accountname) === false) {
jtable_respond(null, 'error', "$ownername is not a valid username"); jtable_respond(null, 'error', "$accountname is not a valid username");
} }
if (!_valid_label($zonename)) { if (!_valid_label($zonename)) {
jtable_respond(null, 'error', "$zonename is not a valid zonename"); jtable_respond(null, 'error', "$zonename is not a valid zonename");
} }
if (is_apiuser() && !user_exists($ownername)) { if (is_apiuser() && !user_exists($accountname)) {
add_user($ownername); add_user($accountname);
} }
$db = get_db(); $db = get_db();
$q = $db->prepare("INSERT OR REPLACE INTO zones (zone, owner) VALUES (?, (SELECT id FROM users WHERE emailaddress = ?))"); $q = $db->prepare("INSERT OR REPLACE INTO zones (zone, owner) VALUES (?, (SELECT id FROM users WHERE emailaddress = ?))");
$q->bindValue(1, $zonename, SQLITE3_TEXT); $q->bindValue(1, $zonename, SQLITE3_TEXT);
$q->bindValue(2, $ownername, SQLITE3_TEXT); $q->bindValue(2, $accountname, SQLITE3_TEXT);
$q->execute(); $q->execute();
$db->close(); $db->close();
} }
@ -108,7 +108,7 @@ function delete_db_zone($zonename) {
$db->close(); $db->close();
} }
function get_zone_owner($zonename, $default) { function get_zone_account($zonename, $default) {
if (!_valid_label($zonename)) { if (!_valid_label($zonename)) {
jtable_respond(null, 'error', "$zonename is not a valid zonename"); jtable_respond(null, 'error', "$zonename is not a valid zonename");
} }
@ -125,7 +125,7 @@ function get_zone_owner($zonename, $default) {
return $default; return $default;
} }
function check_owner($zone) { function check_account($zone) {
return is_adminuser() or ($zone->account === get_sess_user()); return is_adminuser() or ($zone->account === get_sess_user());
} }
@ -147,9 +147,9 @@ case "listslaves":
foreach ($api->listzones($q) as $sresult) { foreach ($api->listzones($q) as $sresult) {
$zone = new Zone(); $zone = new Zone();
$zone->parse($sresult); $zone->parse($sresult);
$zone->setaccount(get_zone_owner($zone->name, 'admin')); $zone->setaccount(get_zone_account($zone->name, 'admin'));
if (!check_owner($zone)) if (!check_account($zone))
continue; continue;
if ($action == "listslaves" and $zone->kind == "Slave") { if ($action == "listslaves" and $zone->kind == "Slave") {
@ -227,9 +227,9 @@ case "create":
} }
} }
// only admin user and original owner can "recreate" zones that are already // only admin user and original account can "recreate" zones that are already
// present in our own db but got lost in pdns. // present in our own db but got lost in pdns.
if (!is_adminuser() && get_sess_user() !== get_zone_owner($zonename, get_sess_user())) { if (!is_adminuser() && get_sess_user() !== get_zone_account($zonename, get_sess_user())) {
jtable_respond(null, 'error', 'Zone already owned by someone else'); jtable_respond(null, 'error', 'Zone already owned by someone else');
} }
@ -237,10 +237,12 @@ case "create":
$zonename = $zone->name; $zonename = $zone->name;
if (is_adminuser() && isset($_POST['owner'])) { if (is_adminuser() && isset($_POST['account'])) {
add_db_zone($zonename, $_POST['owner']); add_db_zone($zonename, $_POST['account']);
$zone->setaccount($_POST['account']);
} else { } else {
add_db_zone($zonename, get_sess_user()); add_db_zone($zonename, get_sess_user());
$zone->setaccount(get_sess_user());
} }
if (isset($_POST['template']) && $_POST['template'] != 'None') { if (isset($_POST['template']) && $_POST['template'] != 'None') {
@ -253,37 +255,35 @@ case "create":
$rrset->delete(); $rrset->delete();
} }
} }
$zone = $api->savezone($zone->export()); $api->savezone($zone->export());
foreach ($template['records'] as $record) { foreach ($template['records'] as $record) {
$zone->addrecord($record['name'], $record['type'], $record['content']); $zone->addrecord($record['name'], $record['type'], $record['content']);
} }
$zone = $api->savezone($zone->export());
break; break;
} }
} }
$zone = $api->savezone($zone->export());
jtable_respond($zone, 'single'); jtable_respond($zone, 'single');
break; break;
case "update": case "update":
$zone = new Zone(); $zone = new Zone();
$zone->parse($api->loadzone($_POST['id'])); $zone->parse($api->loadzone($_POST['id']));
$zoneowner = isset($_POST['owner']) ? $_POST['owner'] : $zone->account; $zoneaccount = isset($_POST['account']) ? $_POST['account'] : $zone->account;
if ($zone->account !== $zoneowner) { if ($zone->account !== $zoneaccount) {
if (!is_adminuser()) { if (!is_adminuser()) {
header("Status: 403 Access denied"); header("Status: 403 Access denied");
jtable_respond(null, 'error', "Can't change owner"); jtable_respond(null, 'error', "Can't change account");
} else { } else {
add_db_zone($zone->id, $zoneowner); add_db_zone($zone->name, $zoneaccount);
$zone->setaccount($zoneowner); $zone->setaccount($zoneaccount);
} }
} }
$update = false;
if (isset($_POST['masters'])) { if (isset($_POST['masters'])) {
$zone->erasemasters(); $zone->erasemasters();
foreach(preg_split('/[,;\s]+/', $_POST['masters'], null, PREG_SPLIT_NO_EMPTY) as $master) { foreach(preg_split('/[,;\s]+/', $_POST['masters'], null, PREG_SPLIT_NO_EMPTY) as $master) {
@ -314,7 +314,6 @@ case "createrecord":
$name = $name . '.' . $zone->name; $name = $name . '.' . $zone->name;
} }
if (!_valid_label($name)) { if (!_valid_label($name)) {
jtable_respond(null, 'error', "Please only use [a-z0-9_/.-]"); jtable_respond(null, 'error', "Please only use [a-z0-9_/.-]");
} }
@ -325,7 +324,6 @@ case "createrecord":
jtable_respond(null, 'error', "Please only use ASCII-characters in your fields"); jtable_respond(null, 'error', "Please only use ASCII-characters in your fields");
} }
$record = $zone->addrecord($name, $type, $content, $_POST['disabled'], $_POST['ttl']); $record = $zone->addrecord($name, $type, $content, $_POST['disabled'], $_POST['ttl']);
$api->savezone($zone->export()); $api->savezone($zone->export());