Context Navigation

← Previous Changeset
Next Changeset →

Changeset 111

Timestamp:

08/01/11 19:24:30 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Add ACL checks to prevent contructed-URL ACL bypasses on SOA records, group
add/edit/delete, axfr import; correct logic in bulk domain ACL check

Location:

trunk

Files:

: 4 edited

DNSDB.pm (modified) (1 diff)
dns.cgi (modified) (10 diffs)
templates/menu.tmpl (modified) (1 diff)
templates/soadata.tmpl (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/DNSDB.pm

r108	r111
759	759	\|c:\d+ # clone
760	760	# custom. no, the leading , is not a typo
761		\|C:(?:,(?:group\|user\|domain\|record\|self)_(?:edit\|create\|delete))+
	761	\|C:(?:,(?:group\|user\|domain\|record\|self)_(?:edit\|create\|delete))*
762	762	)$/x;
763	763	# bleh. I'd call another function to do my dirty work, but we're in the middle of a transaction already.

trunk/dns.cgi

-              r110
+              r111
 } elsif ($webvar{page} eq 'reclist') {
+  $page->param(mayeditsoa => $permissions{admin} || $permissions{domain_edit});
 ##fixme:  ACL needs pondering.  Does "edit domain" interact with record add/remove/etc?
 # Note this seems to be answered "no" in Vega.
 …
 } elsif ($webvar{page} eq 'delrec') {
+  # This is a complete separate segment since it uses a different template from add/edit records above
   changepage(page => "reclist", errmsg => "You are not permitted to delete records", id => $webvar{parentid})
 …
 } elsif ($webvar{page} eq 'editsoa') {
+  changepage(page => "reclist", errmsg => "You are not permitted to edit domain SOA records", id => $webvar{id})
+        unless ($permissions{admin} || $permissions{domain_edit});
   fillsoa($webvar{defrec},$webvar{id});
 } elsif ($webvar{page} eq 'updatesoa') {
+  changepage(page => "reclist", errmsg => "You are not permitted to edit domain SOA records", id => $webvar{id})
+        unless ($permissions{admin} || $permissions{domain_edit});
   my $sth;
 …
 } elsif ($webvar{page} eq 'newgrp') {
+  changepage(page => "grpman", errmsg => "You are not permitted to add groups", id => $webvar{parentid})
+        unless ($permissions{admin} || $permissions{group_add});
   # do.. uhh.. stuff.. if we have no webvar{action}
 …
 } elsif ($webvar{page} eq 'delgrp') {
+  changepage(page => "grpman", errmsg => "You are not permitted to delete groups", id => $webvar{parentid})
+        unless ($permissions{admin} || $permissions{group_delete});
   $page->param(id => $webvar{id});
   # first pass = confirm y/n (sorta)
 …
 } elsif ($webvar{page} eq 'edgroup') {
+  changepage(page => "grpman", errmsg => "You are not permitted to edit groups", id => $webvar{parentid})
+        unless ($permissions{admin} || $permissions{group_edit});
   if ($webvar{action} eq 'updperms') {
     # extra safety check;  make sure user can't construct a URL to bypass ACLs
 …
   changepage(page => "domlist", errmsg => "You are not permitted to make bulk domain changes")
         unless ($permissions{admin} || ($permissions{domain_edit} && $permissions{domain_create} && $permissions{domain_delete}));
+        unless ($permissions{admin} || $permissions{domain_edit} || $permissions{domain_create} || $permissions{domain_delete});
 ##fixme
 …
 } elsif ($webvar{page} eq 'user') {
+  # All user add/edit actions fall through the same page, since there aren't
+  # really any hard differences between the templates
   #fill_actypelist($webvar{accttype});
 …
 } elsif ($webvar{page} eq 'axfr') {
+  changepage(page => "domlist", errmsg => "You are not permitted to import domains")
+        unless ($permissions{admin} || $permissions{domain_create});
   # don't need this while we've got the dropdown in the menu.  hmm.
   #fill_grouplist;
 …
   $page->param(groupname => groupName($dbh,$curgroup));
   $page->param(logingrp => groupName($dbh,$logingroup));
+  $page->param(mayimport => $permissions{admin} || $permissions{domain_create});
+  $page->param(maybulk => $permissions{admin} || $permissions{domain_edit} || $permissions{domain_create} || $permissions{domain_delete});
   # group tree.  should go elsewhere, probably

trunk/templates/menu.tmpl

-              r110
+              r111
 <a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=log">Log</a><br />
 <a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=reclist&amp;id=<TMPL_VAR NAME=group>&amp;defrec=y">Default Records</a><br />
 <a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=axfr">AXFR Import</a><br />
 <a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=bulkdomain">Bulk Domain Operations</a><br />
+<TMPL_IF mayimport><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=axfr">AXFR Import</a><br /></TMPL_IF>
+<TMPL_IF maybulk><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=bulkdomain">Bulk Domain Operations</a><br /></TMPL_IF>
 <hr />
 Current group:

trunk/templates/soadata.tmpl

-              r39
+              r111
 <tr class="darkrowheader">
         <td align="left">SOA:</td>
+        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;recid=<TMPL_VAR NAME=recid>&amp;defrec=<TMPL_VAR NAME=defrec>">edit</a></td>
+<TMPL_IF mayeditsoa>
+        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;recid=<TMPL_VAR NAME=recid>&amp;defrec=<TMPL_VAR NAME=defrec>">edit</a></td></TMPL_IF>
 </tr>
 </table>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 111

Legend:

trunk/DNSDB.pm

trunk/dns.cgi

trunk/templates/menu.tmpl

trunk/templates/soadata.tmpl

Download in other formats: