Changeset 162

Timestamp:

11/03/11 18:06:41 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Add scope checks - domain add/delete
Tweak scope check on record list
Add scope checks on editsoa/updatesoa pages
Clean up SQL with bind parameters for SOA update
Properly log SOA changes
Move AXFR scope check where it will actually have something to trigger on
Drop a handful of stale ##work/##fixme comments
Tweak SOA data template - remove recid from edit link. It's only

used on the actual update, and should be used as a data-validation
check Any Day Real Soon Now(TM)

Location:

trunk

Files:

• dns.cgi (modified) (13 diffs)
• templates/soadata.tmpl (modified) (1 diff)

trunk/dns.cgi

@@ -299 +299 @@
         unless ($permissions{admin} || $permissions{domain_create});
 
-##fixme:  scope check on $webvar{group}
+  # security check - does the user have permission to access this entity?
+  if (!check_scope($webvar{group}, 'group')) {
+    changepage(page => "newdomain", add_failed => 1, domain => $webvar{domain},
+        errmsg => "You do not have permission to add a domain to the requested group");
+  }
+
   my ($code,$msg) = addDomain($dbh,$webvar{domain},$webvar{group},($webvar{makeactive} eq 'on' ? 1 : 0));
 
@@ -315 +320 @@
         unless ($permissions{admin} || $permissions{domain_delete});
 
-##fixme: scope check on $webvar{id}
+  # security check - does the user have permission to access this entity?
+  if (!check_scope($webvar{id}, 'domain')) {
+    changepage(page => "domlist", errmsg => "You do not have permission to delete the requested domain");
+  }
+
   $page->param(id => $webvar{id});
 
@@ -325 +334 @@
 
   } elsif ($webvar{del} eq 'ok') {
-
     my $pargroup = parentID($webvar{id}, 'dom', 'group');
     my $dom = domainName($dbh, $webvar{id});
@@ -344 +352 @@
 } elsif ($webvar{page} eq 'reclist') {
 
-# security check - does the user have permission to view this entity?
-  my $flag = 0;
-  foreach (@viewablegroups) {
-    $flag = 1 if isParent($dbh, $_, 'group', $webvar{id}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
-  }
-  if (!$flag) {
+  # security check - does the user have permission to view this entity?
+  if (!check_scope($webvar{id}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     $page->param(errmsg => "You are not permitted to view or change the requested ".
         ($webvar{defrec} eq 'y' ? "group's default records" : "domain's records"));
     $page->param(perm_err => 1);        # this causes the template to skip the record listing output.
-##fixme:  we could skip down to the end of the $webvar{page} eq 'reclist' block...
-  }
-  
+    goto DONERECLIST;   # and now we skip filling in the content which is not printed due to perm_err above
+  }
+
 # hmm.  where do we send them?
   if ($webvar{defrec} eq 'y' && !$permissions{admin}) {
     $page->param(errmsg => "You are not permitted to edit default records");
     $page->param(perm_err => 1);
-  } elsif ($flag) {     # $flag carries the scope check results
+  } else {
 
     $page->param(mayeditsoa => $permissions{admin} || $permissions{domain_edit});
@@ -412 +416 @@
 
   } # close "you can't edit default records" check
+
+  # Yes, this is a GOTO target.  PTBHTTT.
+  DONERECLIST: ;
 
 } elsif ($webvar{page} eq 'record') {
@@ -621 +628 @@
 } elsif ($webvar{page} eq 'editsoa') {
 
+  # security check - does the user have permission to view this entity?
+  if (!check_scope($webvar{id}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+    changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
+        ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
+        ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
+  }
+
+  if ($webvar{defrec} eq 'y') {
+    changepage(page => "domlist", errmsg => "You are not permitted to edit default records")
+        unless $permissions{admin};
+  } else {
+    changepage(page => "reclist", errmsg => "You are not permitted to edit domain SOA records", id => $webvar{id})
+        unless ($permissions{admin} || $permissions{domain_edit});
+  }
+
+  fillsoa($webvar{defrec},$webvar{id});
+
+} elsif ($webvar{page} eq 'updatesoa') {
+
+  # security check - does the user have permission to view this entity?
+  # pass 1, record ID
+  if (!check_scope($webvar{recid}, ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
+    changepage(page => 'domlist', errmsg => "You do not have permission to edit the requested SOA record");
+  }
+  # pass 2, parent (group or domain) ID
+  if (!check_scope($webvar{id}, ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+    changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
+        ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
+        ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
+  }
+
   changepage(page => "reclist", errmsg => "You are not permitted to edit domain SOA records", id => $webvar{id})
         unless ($permissions{admin} || $permissions{domain_edit});
 
-  fillsoa($webvar{defrec},$webvar{id});
-
-} elsif ($webvar{page} eq 'updatesoa') {
-
-  changepage(page => "reclist", errmsg => "You are not permitted to edit domain SOA records", id => $webvar{id})
-        unless ($permissions{admin} || $permissions{domain_edit});
+  # get old SOA for log
+  my %soa = getSOA($dbh,$webvar{defrec},$webvar{id});
 
   my $sth;
-  my $sql = '';
+##fixme:  push SQL into DNSDB.pm
+##fixme: data validation: make sure {recid} is really the SOA for {id}
   # no domain ID, so we're editing the default SOA for a group (we don't care which one here)
   # plus a bit of magic to update the appropriate table
-  $sql = "update ".($webvar{defrec} eq 'y' ? "default_records" : "records").
-        " set host='$webvar{prins}:$webvar{contact}',".
-        " val='$webvar{refresh}:$webvar{retry}:$webvar{expire}:$webvar{minttl}',".
-        " ttl=$webvar{ttl} where record_id=$webvar{recid}";
+  my $sql = "UPDATE ".($webvar{defrec} eq 'y' ? "default_records" : "records").
+        " SET host=?, val=?, ttl=? WHERE record_id=?";
   $sth = $dbh->prepare($sql);
-  $sth->execute;
+  $sth->execute("$webvar{prins}:$webvar{contact}", 
+        "$webvar{refresh}:$webvar{retry}:$webvar{expire}:$webvar{minttl}",
+        $webvar{ttl},
+        $webvar{recid});
 
   if ($sth->err) {
@@ -648 +684 @@
   } else {
 
-##fixme!  need to set group ID properly here
-# SELECT group_id FROM domains WHERE domain_id=?
-# $sth->execute($webvar{id});
-##log
-    logaction(0, $session->param("username"), $webvar{group},
-        "Updated SOA (ns $webvar{prins}, contact $webvar{contact}, refresh $webvar{refresh},".
-        " retry $webvar{retry}, expire $webvar{expire}, minTTL $webvar{minttl}, TTL $webvar{ttl}");
-    changepage(page => "reclist", id => $webvar{id}, defrec => $webvar{defrec});
-#    $page->param(update_failed => 0);
-#    showdomain('y',1);
+    # do this in the order of "default to most common case"
+    my $loggroup;
+    my $logdomain = $webvar{id};
+    if ($webvar{defrec} eq 'y') {
+      $loggroup = $webvar{id};
+      $logdomain = 0;
+    } else {
+      $loggroup = parentID($logdomain, 'dom', 'group', $webvar{defrec});
+    }
+
+    logaction($logdomain, $session->param("username"), $loggroup,
+        "Updated ".($webvar{defrec} eq 'y' ? 'default ' : '')."SOA for ".
+        ($webvar{defrec} eq 'y' ? groupName($dbh, $webvar{id}) : domainName($dbh, $webvar{id}) ).
+        ": (ns $soa{prins}, contact $soa{contact}, refresh $soa{refresh},".
+        " retry $soa{retry}, expire $soa{expire}, minTTL $soa{minttl}, TTL $soa{ttl}) to ".
+        "(ns $webvar{prins}, contact $webvar{contact}, refresh $webvar{refresh},".
+        " retry $webvar{retry}, expire $webvar{expire}, minTTL $webvar{minttl}, TTL $webvar{ttl})");
+    changepage(page => "reclist", id => $webvar{id}, defrec => $webvar{defrec},
+        resultmsg => "SOA record updated");
   }
 
@@ -1118 +1163 @@
       $page->param(perm_custom => 1);
     }
-##work
-#  } elsif ($webvar{action} eq 'update') {
   } else {
     changepage(page => "useradmin", errmsg => "You are not allowed to add new users")
@@ -1247 +1290 @@
   $webvar{doit} = '' if !defined($webvar{doit});
 
-  # security check - does the user have permission to access this entity?
-  if (!check_scope($webvar{group}, 'group')) {
-    $page->param(errmsg => "You are not permitted to import domains into the requested group");
-    goto DONEAXFR;
-  }
-
   if ($webvar{doit} eq 'y' && !$webvar{ifrom}) {
     $page->param(errmsg => "Need to set host to import from");
@@ -1258 +1295 @@
     $page->param(errmsg => "Need domains to import");
   } elsif ($webvar{doit} eq 'y') {
+
+    # security check - does the user have permission to access this entity?
+    if (!check_scope($webvar{group}, 'group')) {
+      $page->param(errmsg => "You are not permitted to import domains into the requested group");
+      goto DONEAXFR;
+    }
+
     my @domlist = split /\s+/, $webvar{importdoms};
     my @results;
@@ -1502 +1546 @@
   my %soa = getSOA($dbh,$def,$id);
 
-  $page->param(recid    => $soa{recid});
   $page->param(contact  => $soa{contact});
   $page->param(prins    => $soa{prins});
@@ -1871 +1914 @@
 
 # fill page count and first-previous-next-last-all bits
-##fixme - hardcoded group bit
   fill_pgcount($count,"users",'');
   fill_fpnla($count);
@@ -2040 +2082 @@
 # so simple when defined as a sub instead of inline.  O_o
 sub check_scope {
-  my $entity = shift;
-  my $entype = shift;
+  my $entity = shift || '';
+  my $entype = shift || '';
 
   if ($entype eq 'group') {

trunk/templates/soadata.tmpl

@@ -3 +3 @@
         <td align="left">SOA:</td>
 <TMPL_IF mayeditsoa>
-        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;recid=<TMPL_VAR NAME=recid>&amp;defrec=<TMPL_VAR NAME=defrec>">edit</a></td></TMPL_IF>
+        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>">edit</a></td></TMPL_IF>
 </tr>
 </table>