Changeset 244 for trunk


Ignore:
Timestamp:
02/24/12 17:59:45 (13 years ago)
Author:
Kris Deugau
Message:

/trunk

Scope check cleanup for rdns, should be complete. Some checks
seem to have been wrong (eg default record delete) and may be
candidates for backporting to a stable release. See #26.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/DNSDB.pm

    r243 r244  
    21182118
    21192119  # Reference hashes.
    2120   my %par_tbl = (
     2120my %par_tbl = (
    21212121                group   => 'groups',
    21222122                user    => 'users',
    21232123                defrec  => 'default_records',
     2124                defrevrec       => 'default_rev_records',
    21242125                domain  => 'domains',
     2126                revzone => 'revzones',
    21252127                record  => 'records'
    21262128        );
    2127   my %id_col = (
     2129my %id_col = (
    21282130                group   => 'group_id',
    21292131                user    => 'user_id',
    21302132                defrec  => 'record_id',
     2133                defrevrec       => 'record_id',
    21312134                domain  => 'domain_id',
     2135                revzone => 'rdns_id',
    21322136                record  => 'record_id'
    21332137        );
    2134   my %par_col = (
     2138my %par_col = (
    21352139                group   => 'parent_group_id',
    21362140                user    => 'group_id',
    21372141                defrec  => 'group_id',
     2142                defrevrec       => 'group_id',
    21382143                domain  => 'group_id',
     2144                revzone => 'group_id',
    21392145                record  => 'domain_id'
    21402146        );
    2141   my %par_type = (
     2147my %par_type = (
    21422148                group   => 'group',
    21432149                user    => 'group',
    21442150                defrec  => 'group',
     2151                defrevrec       => 'group',
    21452152                domain  => 'group',
     2153                revzone => 'group',
    21462154                record  => 'domain'
    21472155        );
     
    22312239
    22322240  # Return false on invalid types
    2233   return 0 if !grep /^$type1$/, ('record','defrec','user','domain','group');
    2234   return 0 if !grep /^$type2$/, ('record','defrec','user','domain','group');
     2241  return 0 if !grep /^$type1$/, ('record','defrec','defrevrec','user','domain','revzone','group');
     2242  return 0 if !grep /^$type2$/, ('record','defrec','defrevrec','user','domain','revzone','group');
    22352243
    22362244  # Return false on impossible relations
    22372245  return 0 if $type1 eq 'record';       # nothing may be a child of a record
    22382246  return 0 if $type1 eq 'defrec';       # nothing may be a child of a record
     2247  return 0 if $type1 eq 'defrevrec';    # nothing may be a child of a record
    22392248  return 0 if $type1 eq 'user';         # nothing may be child of a user
    22402249  return 0 if $type1 eq 'domain' && $type2 ne 'record'; # domain may not be a parent of anything other than a record
     2250  return 0 if $type1 eq 'revzone' && $type2 ne 'record';# reverse zone may not be a parent of anything other than a record
    22412251
    22422252  # ennnhhhh....  if we're passed an id of 0, it will never be found.  usual
    22432253  # case would be the UI creating a new <thing>, and so we don't have an ID for
    22442254  # <thing> to look up yet.  in that case the UI should check the parent as well.
    2245   # argument for returning 1 is
    22462255  return 0 if $id1 == 0;        # nothing can have a parent id of 0
    22472256  return 1 if $id2 == 0;        # anything could have a child id of 0 (or "unknown")
     
    22532262  return 1 if $type1 eq 'group' && $type2 eq 'group' && $id1 == $id2;
    22542263
    2255 # almost the same loop as getParents() above
    22562264  my $id = $id2;
    22572265  my $type = $type2;
    22582266  my $foundparent = 0;
    22592267
     2268  # Records are the only entity with two possible parents.  We need to split the parent checks on
     2269  # domain/rdns.
     2270  if ($type eq 'record') {
     2271    my ($dom,$rdns) = $dbh->selectrow_array("SELECT domain_id,rdns_id FROM records WHERE record_id=?",
     2272        undef, ($id));
     2273    # check immediate parent against request
     2274    return 1 if $type1 eq 'domain' && $id1 == $dom;
     2275    return 1 if $type1 eq 'revzone' && $id1 == $rdns;
     2276    # if request is group, check *both* parents.  Only check if the parent is nonzero though.
     2277    return 1 if $dom && isParent($dbh, $id1, $type1, $dom, 'domain');
     2278    return 1 if $rdns && isParent($dbh, $id1, $type1, $rdns, 'revzone');
     2279    # exit here since we've executed the loop below by proxy in the above recursive calls.
     2280    return 0;
     2281  }
     2282
     2283# almost the same loop as getParents() above
    22602284  my $limiter = 0;
    22612285  while (1) {
     
    22652289    if (!$result) {
    22662290      $limiter++;
    2267 ##fixme:  how often will this happen on a live site?
     2291##fixme:  how often will this happen on a live site?  fail at max limiter <n>?
    22682292      warn "no results looking for $sql with id $id (depth $limiter)\n";
    22692293      last;
     
    22742298    } else {
    22752299##fixme: do we care about trying to return a "no such record/domain/user/group" error?
     2300# should be impossible to create an inconsistent DB just with API calls.
    22762301      warn $dbh->errstr." $sql, $id" if $dbh->errstr;
    22772302    }
  • trunk/dns.cgi

    r243 r244  
    429429
    430430  # security check - does the user have permission to view this entity?
    431   if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     431  if (!check_scope(id => $webvar{id}, type =>
     432        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
    432433    $page->param(errmsg => "You are not permitted to view or change the requested ".
    433         ($webvar{defrec} eq 'y' ? "group's default records" : "domain's records"));
     434        ($webvar{defrec} eq 'y' ? "group's default records" :
     435                ($webvar{revrec} eq 'y' ? "reverse zone's records" : "domain's records")));
    434436    $page->param(perm_err => 1);        # this causes the template to skip the record listing output.
    435437    goto DONERECLIST;   # and now we skip filling in the content which is not printed due to perm_err above
     
    520522
    521523  # security check - does the user have permission to access this entity?
    522   if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
     524  if (!check_scope(id => $webvar{id}, type =>
     525        ($webvar{defrec} eq 'y' ? ($webvar{revrec eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
    523526    $page->param(perm_err => "You are not permitted to edit the requested record");
    524527    goto DONEREC;
    525528  }
    526529  # round 2, check the parent.
    527   if (!check_scope(id => $webvar{parentid}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     530  if (!check_scope(id => $webvar{parentid}, type =>
     531        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
    528532    my $msg = ($webvar{defrec} eq 'y' ?
    529533        "You are not permitted to add or edit default records in the requested group" :
    530         "You are not permitted to add or edit records in the requested domain");
     534        "You are not permitted to add or edit records in the requested domain/zone");
    531535    $page->param(perm_err => $msg);
    532536    goto DONEREC;
     
    696700
    697701  changepage(page => "reclist", errmsg => "You are not permitted to delete records", id => $webvar{parentid},
    698                 revrec => $webvar{revrec})
     702                defrec => $webvar{defrec}, revrec => $webvar{revrec})
    699703        unless ($permissions{admin} || $permissions{record_delete});
    700704
    701   if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     705  if (!check_scope(id => $webvar{id}, type =>
     706        ($webvar{defrec} eq 'y' ? ($webvar{revrec} eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
     707    # redirect to domlist because we don't have permission for the entity requested
    702708    changepage(page => 'domlist', errmsg => "You do not have permission to delete records in the requested ".
    703709        ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
     
    753759
    754760  # security check - does the user have permission to view this entity?
    755   if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     761  # id is domain/revzone/group id
     762  if (!check_scope(id => $webvar{id}, type =>
     763        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain'))) {
    756764    changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
    757765        ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
     
    773781  # security check - does the user have permission to view this entity?
    774782  # pass 1, record ID
    775   if (!check_scope(id => $webvar{recid}, type => ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
     783  if (!check_scope(id => $webvar{recid}, type =>
     784        ($webvar{defrec} eq 'y' ? ($webvar{revrec} eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
    776785    changepage(page => 'domlist', errmsg => "You do not have permission to edit the requested SOA record");
    777786  }
    778787  # pass 2, parent (group or domain) ID
    779   if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
     788  if (!check_scope(id => $webvar{id}, type =>
     789        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
    780790    changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
    781791        ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
Note: See TracChangeset for help on using the changeset viewer.