Changeset 155


Ignore:
Timestamp:
10/26/11 18:10:09 (13 years ago)
Author:
Kris Deugau
Message:

/trunk

Tweak DNSDB::isParent slightly; treat all groups as being their own parent
Remove stale $offset fiddling in page -> bulkdomain
Add error-reporting TMPL_IF on record data page
Continued scope-checking changes:

  • rearrange group-changing check a little to allow propagating the error message without hardcoding it twice
  • handle the special case of group-change while on the default record list page
  • new sub, check_scope, to do the real checking
  • use new sub checking access to individual records (both record and parent domain/group)
  • check target for bulk domain move, as well as source domains in bulkchange
  • check AXFR target group
Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/DNSDB.pm

    r152 r155  
    14881488  return 1 if $type1 eq 'group' && $id1 == 1;
    14891489
     1490  # groups are always (a) parent of themselves
     1491  return 1 if $type1 eq 'group' && $type2 eq 'group' && $id1 == $id2;
     1492
    14901493# almost the same loop as getParents() above
    14911494  my $id = $id2;
    14921495  my $type = $type2;
    14931496  my $foundparent = 0;
    1494 my $tmp = 0;
     1497
    14951498  while (1) {
    1496 my $sql = "SELECT $par_col{$type} FROM $par_tbl{$type} WHERE $id_col{$type} = ?";
     1499    my $sql = "SELECT $par_col{$type} FROM $par_tbl{$type} WHERE $id_col{$type} = ?";
    14971500    my $result = $dbh->selectrow_hashref($sql,
    14981501        undef, ($id) ) or warn $dbh->errstr." $sql";
     
    15051508    $id = $result->{$par_col{$type}};
    15061509    $type = $par_type{$type};
    1507 last if $tmp++ > 10;
    15081510  }
    15091511
  • trunk/dns.cgi

    r154 r155  
    207207
    208208    # security check - does the user have permission to view this entity?
     209    my $errmsg;
    209210    if (!(grep /^$webvar{group}$/, @viewablegroups)) {
    210211      # hmm.  Reset the current group to the login group?  Yes.  Prevents confusing behaviour elsewhere.
     
    212213      $webvar{group} = $logingroup;
    213214      $curgroup = $logingroup;
    214       $page->param(errmsg => "You are not permitted to view or make changes in the requested group");
     215      $errmsg = "You are not permitted to view or make changes in the requested group";
     216      $page->param(errmsg => $errmsg);
    215217    }
    216218
    217219    $session->param('curgroup', $webvar{group});
    218220    $curgroup = ($webvar{group} ? $webvar{group} : $session->param('curgroup'));
     221
     222    # I hate special cases.
     223    if ($webvar{page} eq 'reclist' && $webvar{defrec} eq 'y') {
     224      my %args = (page => $webvar{page}, id => $curgroup, defrec => $webvar{defrec});
     225      $args{errmsg} = $errmsg if $errmsg;
     226      changepage(%args);
     227    }
     228
    219229  }
    220230} # handle global webvar{action}s
     
    390400
    391401} elsif ($webvar{page} eq 'record') {
     402
     403  # security check - does the user have permission to access this entity?
     404  if (!check_scope($webvar{id}, ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
     405    $page->param(perm_err => "You are not permitted to add or edit the requested record");
     406    goto DONEREC;
     407  }
     408  # round 2, check the parent.
     409  if (!check_scope($webvar{parentid}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     410    my $msg = ($webvar{defrec} eq 'y' ?
     411        "You are not permitted to add or edit default records in the requested group" :
     412        "You are not permitted to add or edit records in the requested domain");
     413    $page->param(perm_err => $msg);
     414    goto DONEREC;
     415  }
     416
    392417
    393418  if ($webvar{recact} eq 'new') {
     
    519544    $page->param(dohere => domainName($dbh,$webvar{parentid}));
    520545  }
     546
     547  # Yes, this is a GOTO target.  PTBHTTT.
     548  DONEREC: ;
    521549
    522550} elsif ($webvar{page} eq 'delrec') {
     
    750778  fill_pgcount($count,'domains',groupName($dbh,$curgroup));
    751779  fill_fpnla($count);
    752   $page->param(offset => $offset);      # since apparently this isn't set explicitly elsewhere.  Who knew?
    753780  $page->param(perpage => $perpage);
    754781
     
    777804} elsif ($webvar{page} eq 'bulkchange') {
    778805
     806  # security check - does the user have permission to access this entity?
     807  if (!check_scope($webvar{destgroup}, 'group')) {
     808    $page->param(errmsg => "You are not permitted to make bulk changes in the requested group");
     809    goto DONEBULK;
     810  }
     811
    779812  if ($webvar{action} eq 'move') {
    780813    changepage(page => "domlist", errmsg => "You are not permitted to bulk-move domains")
     
    789822      my %row;
    790823      next unless $_ =~ /^dom_\d+$/;
     824      # second security check - does the user have permission to meddle with this domain?
     825      if (!check_scope($webvar{$_}, 'domain')) {
     826        $row{domerr} = "You are not permitted to make changes to the requested domain";
     827        $row{domain} = $webvar{$_};
     828        push @bulkresults, \%row;
     829        next;
     830      }
    791831      $row{domain} = domainName($dbh,$webvar{$_});
    792832      my ($code, $msg) = changeGroup($dbh, 'domain', $webvar{$_}, $webvar{destgroup});
     
    812852      my %row;
    813853      next unless $_ =~ /^dom_\d+$/;
     854      # second security check - does the user have permission to meddle with this domain?
     855      if (!check_scope($webvar{$_}, 'domain')) {
     856        $row{domerr} = "You are not permitted to make changes to the requested domain";
     857        $row{domain} = $webvar{$_};
     858        push @bulkresults, \%row;
     859        next;
     860      }
    814861      $row{domain} = domainName($dbh,$webvar{$_});
    815862##fixme:  error handling on status change
     
    832879      my %row;
    833880      next unless $_ =~ /^dom_\d+$/;
     881      # second security check - does the user have permission to meddle with this domain?
     882      if (!check_scope($webvar{$_}, 'domain')) {
     883        $row{domerr} = "You are not permitted to make changes to the requested domain";
     884        $row{domain} = $webvar{$_};
     885        push @bulkresults, \%row;
     886        next;
     887      }
    834888      $row{domain} = domainName($dbh,$webvar{$_});
    835889      my $pargroup = parentID($webvar{$_}, 'dom', 'group');
     
    851905  # not going to handle the unknown $webvar{action} else;  it should not be possible in normal
    852906  # operations, and anyone who meddles with the URL gets what they deserve.
     907
     908  # Yes, this is a GOTO target.  PTHBTTT.
     909  DONEBULK: ;
    853910
    854911} elsif ($webvar{page} eq 'useradmin') {
     
    11721229  $webvar{doit} = '' if !defined($webvar{doit});
    11731230
     1231  # security check - does the user have permission to access this entity?
     1232  if (!check_scope($webvar{group}, 'group')) {
     1233    $page->param(errmsg => "You are not permitted to import domains into the requested group");
     1234    goto DONEAXFR;
     1235  }
     1236
    11741237  if ($webvar{doit} eq 'y' && !$webvar{ifrom}) {
    11751238    $page->param(errmsg => "Need to set host to import from");
     
    12001263    $page->param(axfrresults => \@results);
    12011264  }
     1265
     1266  # Yes, this is a GOTO target.  PTBHTTT.
     1267  DONEAXFR: ;
    12021268
    12031269} elsif ($webvar{page} eq 'whoisq') {
     
    19722038  }
    19732039}
     2040
     2041# so simple when defined as a sub instead of inline.  O_o
     2042sub check_scope {
     2043  my $entity = shift;
     2044  my $entype = shift;
     2045
     2046  if ($entype eq 'group') {
     2047    return 1 if grep /^$entity$/, @viewablegroups;
     2048  } else {
     2049    foreach (@viewablegroups) {
     2050      return 1 if isParent($dbh, $_, 'group', $entity, $entype);
     2051    }
     2052  }
     2053}
  • trunk/templates/record.tmpl

    r100 r155  
    44
    55<td align="center" valign="top">
     6
     7<TMPL_IF perm_err>
     8<div class='errmsg'><TMPL_VAR NAME=perm_err></div>
     9<TMPL_ELSE>
    610
    711<form action="dns.cgi" method="post">
     
    6266
    6367</fieldset>
    64 </form>   
     68</form>   
     69 
     70</TMPL_IF>
    6571
    6672</td>
Note: See TracChangeset for help on using the changeset viewer.