Context Navigation

← Previous Change
Next Change →

dns.cgi

Timestamp:

12/10/13 17:15:56 (10 years ago)

Author:

Kris Deugau

Message:

/branches/stable

Merge reverse DNS work; 1 of mumble

from branch creation through r261

Minor conflicts in dns.cgi and DNSDB.pm

Location:

branches/stable

Files:

: 2 edited

. (modified) (1 prop)
dns.cgi (modified) (56 diffs)

Legend:

: Unmodified
: Added
: Removed

branches/stable
- Property svn:mergeinfo changed
  /trunk merged: 224-260

branches/stable/dns.cgi

-              r438
+              r544
 # shut up some warnings, in case we arrive somewhere we forgot to set this
+$webvar{defrec} = 'n' if !$webvar{defrec};
+$webvar{defrec} = 'n' if !$webvar{defrec};      # non-default records
+$webvar{revrec} = 'n' if !$webvar{revrec};      # non-reverse (domain) records
 # load some local system defaults (mainly DB connect info)
 …
   $session->param('domlistsortby','domain');
   $session->param('domlistorder','ASC');
+  $session->param('revzonessortby','revnet');
+  $session->param('revzonesorder','ASC');
   $session->param('useradminsortby','user');
   $session->param('useradminorder','ASC');
 …
 my $page;
 eval {
+  $page = HTML::Template->new(filename => "$templatedir/$webvar{page}.tmpl");
+  # sigh.  can't set loop_context_vars or global_vars once instantiated.
+  $page = HTML::Template->new(filename => "$templatedir/$webvar{page}.tmpl",
+        loop_context_vars => 1, global_vars => 1);
 };
 if ($@) {
   warn "Bad page $webvar{page} requested";
+  my $msg = $@;
   $page = HTML::Template->new(filename => "$templatedir/badpage.tmpl");
+  $page->param(badpage => $q->escapeHTML($webvar{page}));
+  if (-e "$templatedir/$webvar{page}.tmpl") {
+    $page->param(badtemplate => $q->escapeHTML($msg));
+  } else {
+    warn "Bad page $webvar{page} requested";
+    $page->param(badpage => $q->escapeHTML($webvar{page}));
+  }
   $webvar{page} = 'badpage';
+}
 …
     # I hate special cases.
+##fixme: probably need to handle webvar{revrec}=='y' too
     if ($webvar{page} eq 'reclist' && $webvar{defrec} eq 'y') {
       my %args = (page => $webvar{page}, id => $curgroup, defrec => $webvar{defrec});
+      my %args = (page => $webvar{page}, id => $curgroup, defrec => $webvar{defrec}, revrec => $webvar{revrec});
       $args{errmsg} = $errmsg if $errmsg;
       changepage(%args);
 …
 } elsif ($webvar{page} eq 'domlist' or $webvar{page} eq 'index') {
+  $page->param(domlist => 1);
 # hmm.  seeing problems in some possibly-not-so-corner cases.
 …
       my $stat = domStatus($dbh,$webvar{id},$webvar{domstatus});
 ##fixme  switch to more consise "Enabled <domain"/"Disabled <domain>" as with users?
+      logaction($webvar{id}, $session->param("username"), parentID($webvar{id}, 'dom', 'group'),
+      logaction($webvar{id}, $session->param("username"),
+        parentID($dbh, (id => $webvar{id}, type => 'domain', revrec => $webvar{revrec})),
         "Changed ".domainName($dbh, $webvar{id})." state to ".($stat ? 'active' : 'inactive'));
       $page->param(resultmsg => "Changed ".domainName($dbh, $webvar{id})." state to ".
 …
   my ($code,$msg) = addDomain($dbh,$webvar{domain},$webvar{group},($webvar{makeactive} eq 'on' ? 1 : 0),
         (name => $session->param("username"), id => $session->param("uid")));
+        (username => $session->param("username"), id => $session->param("uid")));
   if ($code eq 'OK') {
 …
   } elsif ($webvar{del} eq 'ok') {
     my $pargroup = parentID($webvar{id}, 'dom', 'group');
+    my $pargroup = parentID($dbh, (id => $webvar{id}, type => 'domain', revrec => $webvar{revrec}));
     my $dom = domainName($dbh, $webvar{id});
     my ($code,$msg) = delDomain($dbh, $webvar{id});
 …
+  }
+} elsif ($webvar{page} eq 'revzones') {
+  $webvar{revrec} = 'y';
+  $page->param(curpage => $webvar{page});
+  listzones();
+} elsif ($webvar{page} eq 'newrevzone') {
+## scope/access check - use domain settings?  invent new (bleh)
+  changepage(page => "revzones", errmsg => "You are not permitted to add reverse zones")
+       unless ($permissions{admin} || $permissions{domain_create});
+  fill_grouplist("grouplist");
+  if ($webvar{add_failed}) {
+    $page->param(add_failed => 1);
+    $page->param(errmsg => $webvar{errmsg});
+    $page->param(revzone => $webvar{revzone});
+    $page->param(revpatt => $webvar{revpatt});
+  }
+} elsif ($webvar{page} eq 'addrevzone') {
+  changepage(page => "revzones", errmsg => "You are not permitted to add reverse zones")
+       unless ($permissions{admin} || $permissions{domain_create});
+  # security check - does the user have permission to access this entity?
+  if (!check_scope(id => $webvar{group}, type => 'group')) {
+    changepage(page => "newrevzone", add_failed => 1, revzone => $webvar{revzone}, revpatt => $webvar{revpatt},
+       errmsg => "You do not have permission to add a reverse zone to the requested group");
+  }
+  my ($code,$msg) = addRDNS($dbh, $webvar{revzone}, $webvar{revpatt}, $webvar{group},
+        ($webvar{makeactive} eq 'on' ? 1 : 0),
+        (username => $session->param("username"), id => $session->param("uid")) );
+  if ($code eq 'OK') {
+    logaction(0, $session->param("username"), $webvar{group}, "Added reverse zone $webvar{revzone}", $msg);
+    changepage(page => "reclist", id => $msg, revrec => 'y');
+  } else {
+    logaction(0, $session->param("username"), $webvar{group}, "Failed adding reverse zone $webvar{revzone} ($msg)");
+    changepage(page => "newrevzone", add_failed => 1, revzone => $webvar{revzone}, revpatt => $webvar{revpatt},
+       errmsg => $msg);
+  }
+#} elsif ($webvar{page} eq 'delrevzone') {
 } elsif ($webvar{page} eq 'reclist') {
   # security check - does the user have permission to view this entity?
+  if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+  if (!check_scope(id => $webvar{id}, type =>
+        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
     $page->param(errmsg => "You are not permitted to view or change the requested ".
+        ($webvar{defrec} eq 'y' ? "group's default records" : "domain's records"));
+        ($webvar{defrec} eq 'y' ? "group's default records" :
+                ($webvar{revrec} eq 'y' ? "reverse zone's records" : "domain's records")));
     $page->param(perm_err => 1);        # this causes the template to skip the record listing output.
     goto DONERECLIST;   # and now we skip filling in the content which is not printed due to perm_err above
 …
     $page->param(defrec => $webvar{defrec});
+    $page->param(revrec => $webvar{revrec});
     $page->param(id => $webvar{id});
     $page->param(curpage => $webvar{page});
     my $count = getRecCount($dbh, $webvar{defrec}, $webvar{id}, $filter);
+    my $count = getRecCount($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id}, $filter);
     $sortby = 'host';
 …
 # set up the headers
+    my @cols = ('host', 'type', 'val', 'distance', 'weight', 'port', 'ttl');
+    my %colheads = (host => 'Name', type => 'Type', val => 'Address',
+    my @cols;
+    my %colheads;
+    if ($webvar{revrec} eq 'n') {
+      @cols = ('host', 'type', 'val', 'distance', 'weight', 'port', 'ttl');
+      %colheads = (host => 'Name', type => 'Type', val => 'Address',
         distance => 'Distance', weight => 'Weight', port => 'Port', ttl => 'TTL');
+    my %custom = (id => $webvar{id}, defrec => $webvar{defrec});
+    } else {
+      @cols = ('host', 'type', 'val', 'ttl');
+      %colheads = (host => 'IP Address', type => 'Type', val => 'Hostname', ttl => 'TTL');
+    }
+    my %custom = (id => $webvar{id}, defrec => $webvar{defrec}, revrec => $webvar{revrec});
     fill_colheads($sortby, $sortorder, \@cols, \%colheads, \%custom);
 # fill the page-count and first-previous-next-last-all details
     fill_pgcount($count,"records",
+        ($webvar{defrec} eq 'y' ? "group ".groupName($dbh,$webvar{id}) : domainName($dbh,$webvar{id})));
+        ($webvar{defrec} eq 'y' ? "group ".groupName($dbh,$webvar{id}) :
+                ($webvar{revrec} eq 'y' ? revName($dbh,$webvar{id}) : domainName($dbh,$webvar{id}))
+        ));
     fill_fpnla($count);  # should put some params on this sub...
     $page->param(defrec => $webvar{defrec});
+    if ($webvar{defrec} eq 'y') {
+      showdomain('y',$curgroup);
+    } else {
+      showdomain('n',$webvar{id});
+    showzone($webvar{defrec}, $webvar{revrec}, $webvar{id});
+    if ($webvar{defrec} eq 'n') {
+#      showzone('n',$webvar{id});
 ##fixme:  permission for viewing logs?
+      $page->param(logdom => 1);
+##fixme:  determine which slice of the log we view (group, domain, revzone)
+      if ($webvar{revrec} eq 'n') {
+        $page->param(logdom => 1);
+      } else {
+        $page->param(logrdns => 1);
+      }
+    }
 …
       $session->clear('resultmsg');
+    }
+    if ($session->param('warnmsg')) {
+      $page->param(warnmsg => $session->param('warnmsg'));
+      $session->clear('warnmsg');
+    }
     if ($session->param('errmsg')) {
       $page->param(errmsg => $session->param('errmsg'));
 …
   # security check - does the user have permission to access this entity?
+  if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
+  if (!check_scope(id => $webvar{id}, type =>
+        ($webvar{defrec} eq 'y' ? ($webvar{revrec} eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
     $page->param(perm_err => "You are not permitted to edit the requested record");
     goto DONEREC;
+  }
   # round 2, check the parent.
+  if (!check_scope(id => $webvar{parentid}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+  if (!check_scope(id => $webvar{parentid}, type =>
+        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
     my $msg = ($webvar{defrec} eq 'y' ?
         "You are not permitted to add or edit default records in the requested group" :
         "You are not permitted to add or edit records in the requested domain");
+        "You are not permitted to add or edit records in the requested domain/zone");
     $page->param(perm_err => $msg);
     goto DONEREC;
+  }
+  $page->param(defrec => $webvar{defrec});
+  $page->param(revrec => $webvar{revrec});
+  $page->param(fwdzone => $webvar{revrec} eq 'n');
   if ($webvar{recact} eq 'new') {
 …
     $page->param(recact => "add");
     $page->param(parentid => $webvar{parentid});
-    $page->param(defrec => $webvar{defrec});
     fill_recdata();
 …
         unless ($permissions{admin} || $permissions{record_create});
+##fixme: this should probably go in DNSDB::addRec(), need to ponder what to do about PTR and friends
+    # prevent out-of-domain records from getting added by appending the domain, or DOMAIN for default records
+    my $pname = ($webvar{defrec} eq 'y' ? 'DOMAIN' : domainName($dbh,$webvar{parentid}));
+    $webvar{name} =~ s/\.*$/\.$pname/ if $webvar{name} !~ /$pname$/;
+    my @recargs = ($dbh,$webvar{defrec},$webvar{parentid},$webvar{name},$webvar{type},$webvar{address},$webvar{ttl});
+    my @recargs = ($dbh,$webvar{defrec},$webvar{revrec},$webvar{parentid},
+        \$webvar{name},\$webvar{type},\$webvar{address},$webvar{ttl});
     if ($webvar{type} == $reverse_typemap{MX} or $webvar{type} == $reverse_typemap{SRV}) {
       push @recargs, $webvar{distance};
 …
     my ($code,$msg) = addRec(@recargs);
+    if ($code eq 'OK') {
+    if ($code eq 'OK' || $code eq 'WARN') {
+      my $restr;
       if ($webvar{defrec} eq 'y') {
         my $restr = "Added default record '$webvar{name} $typemap{$webvar{type}}";
+        $restr = "Added default record '$webvar{name} $typemap{$webvar{type}}";
         $restr .= " [distance $webvar{distance}]" if $typemap{$webvar{type}} eq 'MX';
         $restr .= " [priority $webvar{distance}] [weight $webvar{weight}] [port $webvar{port}]"
 …
         $restr .= " $webvar{address}', TTL $webvar{ttl}";
         logaction(0, $session->param("username"), $webvar{parentid}, $restr);
-        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, resultmsg => $restr);
       } else {
         my $restr = "Added record '$webvar{name} $typemap{$webvar{type}}";
+        $restr = "Added record '$webvar{name} $typemap{$webvar{type}}";
         $restr .= " [distance $webvar{distance}]" if $typemap{$webvar{type}} eq 'MX';
         $restr .= " [priority $webvar{distance}] [weight $webvar{weight}] [port $webvar{port}]"
                 if $typemap{$webvar{type}} eq 'SRV';
         $restr .= " $webvar{address}', TTL $webvar{ttl}";
+        logaction($webvar{parentid}, $session->param("username"), parentID($webvar{parentid}, 'dom', 'group'), $restr);
+        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, resultmsg => $restr);
+      }
+        logaction($webvar{parentid}, $session->param("username"),
+                parentID($dbh, (id => $webvar{parentid}, type => 'domain', revrec => $webvar{revrec})), $restr);
+      }
+      my %pageparams = (page => "reclist", id => $webvar{parentid},
+        defrec => $webvar{defrec}, revrec => $webvar{revrec});
+      $pageparams{warnmsg} = $msg."<br><br>\n".$restr if $code eq 'WARN';
+      $pageparams{resultmsg} = $restr if $code eq 'OK';
+      changepage(%pageparams);
     } else {
       $page->param(failed       => 1);
 …
       $page->param(recact       => "add");
       $page->param(parentid     => $webvar{parentid});
-      $page->param(defrec       => $webvar{defrec});
       $page->param(id           => $webvar{id});
       fill_recdata();   # populate the form... er, mostly.
-      $page->param(name => $webvar{name});
       if ($config{log_failures}) {
         if ($webvar{defrec} eq 'y') {
 …
                 "Failed adding default record '$webvar{name} $typemap{$webvar{type}} $webvar{address}', TTL $webvar{ttl} ($msg)");
         } else {
+          logaction($webvar{parentid}, $session->param("username"), parentID($webvar{parentid}, 'dom', 'group'),
+          logaction($webvar{parentid}, $session->param("username"),
+                parentID($dbh, (id => $webvar{parentid}, type => 'domain', revrec => $webvar{revrec})),
                 "Failed adding record '$webvar{name} $typemap{$webvar{type}} $webvar{address}', TTL $webvar{ttl} ($msg)");
+        }
 …
     $page->param(parentid       => $webvar{parentid});
     $page->param(id             => $webvar{id});
+    $page->param(defrec         => $webvar{defrec});
+    my $recdata = getRecLine($dbh, $webvar{defrec}, $webvar{id});
+    my $recdata = getRecLine($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id});
     $page->param(name           => $recdata->{host});
     $page->param(address        => $recdata->{val});
 …
     $page->param(port           => $recdata->{port});
     $page->param(ttl            => $recdata->{ttl});
     fill_rectypes($recdata->{type});
+    $page->param(typelist       => getTypelist($dbh, $webvar{revrec}, $webvar{type}));
   } elsif ($webvar{recact} eq 'update') {
 …
     # get current/previous record info so we can log "updated 'foo A 1.2.3.4' to 'foo A 2.3.4.5'"
     my $oldrec = getRecLine($dbh, $webvar{defrec}, $webvar{id});
+    my $oldrec = getRecLine($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id});
     my ($code,$msg) = updateRec($dbh,$webvar{defrec},$webvar{id},
 …
         my $restr = "Updated record from '$oldrec->{host} $typemap{$oldrec->{type}} $oldrec->{val}', TTL $oldrec->{ttl}\n".
                 "to '$webvar{name} $typemap{$webvar{type}} $webvar{address}', TTL $webvar{ttl}";
+        logaction($webvar{parentid}, $session->param("username"), parentID($webvar{id}, 'rec', 'group'), $restr);
+        logaction($webvar{parentid}, $session->param("username"),
+                parentID($dbh, (id => $webvar{id}, type => 'record', defrec => $webvar{defrec},
+                        revrec => $webvar{revrec}, partype => 'group')),
+                $restr);
         changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, resultmsg => $restr);
+      }
 …
       $page->param(recact       => "update");
       $page->param(parentid     => $webvar{parentid});
-      $page->param(defrec       => $webvar{defrec});
       $page->param(id           => $webvar{id});
       fill_recdata();
 …
                 "Failed updating default record '$typemap{$webvar{type}} $webvar{name} $webvar{address}', TTL $webvar{ttl} ($msg)");
         } else {
+          logaction($webvar{parentid}, $session->param("username"), parentID($webvar{parentid}, 'dom', 'group'),
+          logaction($webvar{parentid}, $session->param("username"),
+                parentID($dbh, (id => $webvar{parentid}, type => 'domain', revrec => $webvar{revrec})),
                 "Failed updating record '$typemap{$webvar{type}} $webvar{name} $webvar{address}', TTL $webvar{ttl} ($msg)");
+        }
 …
   } else {
     $page->param(parentid => $webvar{parentid});
+    $page->param(dohere => domainName($dbh,$webvar{parentid}));
+    $page->param(dohere => domainName($dbh,$webvar{parentid})) if $webvar{revrec} eq 'n';
+    $page->param(dohere => revName($dbh,$webvar{parentid})) if $webvar{revrec} eq 'y';
+  }
 …
   # This is a complete separate segment since it uses a different template from add/edit records above
+  changepage(page => "reclist", errmsg => "You are not permitted to delete records", id => $webvar{parentid})
+  changepage(page => "reclist", errmsg => "You are not permitted to delete records", id => $webvar{parentid},
+                defrec => $webvar{defrec}, revrec => $webvar{revrec})
         unless ($permissions{admin} || $permissions{record_delete});
   if (!check_scope(id => $webvar{id}, type =>
         ($webvar{defrec} eq 'y' ? ($webvar{revrec} eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
+    changepage(page => 'domlist', errmsg => "You do not have permission to delete records in the requested ".
+    # redirect to domlist because we don't have permission for the entity requested
+    changepage(page => 'domlist', revrec => $webvar{revrec},
+        errmsg => "You do not have permission to delete records in the requested ".
         ($webvar{defrec} eq 'y' ? 'group' : 'domain'));
+  }
 …
   $page->param(id => $webvar{id});
   $page->param(defrec => $webvar{defrec});
+  $page->param(revrec => $webvar{revrec});
   $page->param(parentid => $webvar{parentid});
   # first pass = confirm y/n (sorta)
   if (!defined($webvar{del})) {
     $page->param(del_getconf => 1);
     my $rec = getRecLine($dbh,$webvar{defrec},$webvar{id});
+    my $rec = getRecLine($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id});
     $page->param(host => $rec->{host});
     $page->param(ftype => $typemap{$rec->{type}});
 …
   } elsif ($webvar{del} eq 'ok') {
 # get rec data before we try to delete it
     my $rec = getRecLine($dbh,$webvar{defrec},$webvar{id});
     my ($code,$msg) = delRec($dbh,$webvar{defrec},$webvar{id});
+    my $rec = getRecLine($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id});
+    my ($code,$msg) = delRec($dbh, $webvar{defrec}, $webvar{revrec}, $webvar{id});
     if ($code eq 'OK') {
       if ($webvar{defrec} eq 'y') {
+        my $recclass = ($webvar{revrec} eq 'n' ? 'default record' : 'default reverse record');
 ##fixme:  log distance for MX;  log port/weight/distance for SRV
         my $restr = "Deleted default record '$rec->{host} $typemap{$rec->{type}} $rec->{val}', TTL $rec->{ttl}";
+        my $restr = "Deleted $recclass '$rec->{host} $typemap{$rec->{type}} $rec->{val}', TTL $rec->{ttl}";
         logaction(0, $session->param("username"), $rec->{parid}, $restr);
+        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, resultmsg => $restr);
+        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec},
+                revrec => $webvar{revrec}, resultmsg => $restr);
       } else {
+        my $restr = "Deleted record '$rec->{host} $typemap{$rec->{type}} $rec->{val}', TTL $rec->{ttl}";
+        logaction($rec->{parid}, $session->param("username"), parentID($rec->{parid}, 'dom', 'group'), $restr);
+        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, resultmsg => $restr);
+        my $recclass = ($webvar{revrec} eq 'n' ? 'record' : 'reverse record');
+        my $restr = "Deleted $recclass '$rec->{host} $typemap{$rec->{type}} $rec->{val}', TTL $rec->{ttl}";
+        logaction($rec->{parid}, $session->param("username"),
+                parentID($dbh, (id => $rec->{parid}, type => 'domain', revrec => $webvar{revrec})),
+                $restr);
+        changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec},
+                revrec => $webvar{revrec}, resultmsg => $restr);
+      }
     } else {
 …
                 " TTL $rec->{ttl} ($msg)");
         } else {
+          logaction($rec->{parid}, $session->param("username"), parentID($rec->{parid}, 'dom', 'group'),
+          logaction($rec->{parid}, $session->param("username"),
+                parentID($dbh, (id => $rec->{parid}, type => 'domain', revrec => $webvar{revrec})),
                 "Failed deleting record '$rec->{host} $typemap{$rec->{type}} $rec->{val}', TTL $rec->{ttl} ($msg)");
+        }
+      }
       changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec},
                 errmsg => "Error deleting record: $msg");
+                revrec => $webvar{revrec}, errmsg => "Error deleting record: $msg");
+    }
   } else {
     changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec});
+    changepage(page => "reclist", id => $webvar{parentid}, defrec => $webvar{defrec}, revrec => $webvar{revrec});
+  }
 …
   # security check - does the user have permission to view this entity?
+  if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+  # id is domain/revzone/group id
+  if (!check_scope(id => $webvar{id}, type =>
+        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
     changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
         ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
 …
   # security check - does the user have permission to view this entity?
   # pass 1, record ID
+  if (!check_scope(id => $webvar{recid}, type => ($webvar{defrec} eq 'y' ? 'defrec' : 'record'))) {
+  if (!check_scope(id => $webvar{recid}, type =>
+        ($webvar{defrec} eq 'y' ? ($webvar{revrec} eq 'y' ? 'defrevrec' : 'defrec') : 'record'))) {
     changepage(page => 'domlist', errmsg => "You do not have permission to edit the requested SOA record");
+  }
   # pass 2, parent (group or domain) ID
+  if (!check_scope(id => $webvar{id}, type => ($webvar{defrec} eq 'y' ? 'group' : 'domain'))) {
+  if (!check_scope(id => $webvar{id}, type =>
+        ($webvar{defrec} eq 'y' ? 'group' : ($webvar{revrec} eq 'y' ? 'revzone' : 'domain')))) {
     changepage(page => 'domlist', errmsg => "You do not have permission to edit the ".
         ($webvar{defrec} eq 'y' ? 'default ' : '')."SOA record for the requested ".
 …
       $logdomain = 0;
     } else {
       $loggroup = parentID($logdomain, 'dom', 'group', $webvar{defrec});
+      $loggroup = parentID($dbh, (id => $logdomain, type => 'domain', revrec => $webvar{revrec}));
+    }
 …
   } elsif ($webvar{del} eq 'ok') {
     my $deleteme = groupName($dbh,$webvar{id}); # get this before we delete it...
     my $delparent = parentID($webvar{id}, 'group','group');
+    my $delparent = parentID($dbh, (id => $webvar{id}, type => 'group'));
     my ($code,$msg) = delGroup($dbh, $webvar{id});
     if ($code eq 'OK') {
 …
       my ($code, $msg) = changeGroup($dbh, 'domain', $webvar{$_}, $webvar{destgroup});
       if ($code eq 'OK') {
+        logaction($webvar{$_}, $session->param("username"), parentID($webvar{$_}, 'dom', 'group'),
+        logaction($webvar{$_}, $session->param("username"),
+                parentID($dbh, (id => $webvar{$_}, type => 'domain', revrec => $webvar{revrec})),
                 "Moved domain ".domainName($dbh, $webvar{$_})." to group $newgname");
         $row{domok} = ($code eq 'OK');
       } else {
+        logaction($webvar{$_}, $session->param("username"), parentID($webvar{$_}, 'dom', 'group'),
+        logaction($webvar{$_}, $session->param("username"),
+                parentID($dbh, (id => $webvar{$_}, type => 'domain', revrec => $webvar{revrec})),
                 "Failed to move domain ".domainName($dbh, $webvar{$_})." to group $newgname: $msg")
                 if $config{log_failures};
 …
 ##fixme:  error handling on status change
       my $stat = domStatus($dbh,$webvar{$_},($webvar{bulkaction} eq 'activate' ? 'domon' : 'domoff'));
+      logaction($webvar{$_}, $session->param("username"), parentID($webvar{$_}, 'dom', 'group'),
+                "Changed domain ".domainName($dbh, $webvar{$_})." state to ".($stat ? 'active' : 'inactive'));
+      logaction($webvar{$_}, $session->param("username"),
+        parentID($dbh, (id => $webvar{$_}, type => 'domain', revrec => $webvar{revrec})),
+        "Changed domain ".domainName($dbh, $webvar{$_})." state to ".($stat ? 'active' : 'inactive'));
       $row{domok} = 1;
 #      $row{domok} = ($code eq 'OK');
 …
+      }
       $row{domain} = domainName($dbh,$webvar{$_});
       my $pargroup = parentID($webvar{$_}, 'dom', 'group');
+      my $pargroup = parentID($dbh, (id => $webvar{$_}, type => 'domain', revrec => $webvar{revrec}));
       my $dom = domainName($dbh, $webvar{$_});
       my ($code, $msg) = delDomain($dbh, $webvar{$_});
 …
     if ($flag && ($permissions{admin} || $permissions{user_edit})) {
       my $stat = userStatus($dbh,$webvar{id},$webvar{userstatus});
       logaction(0, $session->param("username"), parentID($webvar{id}, 'user', 'group'),
+      logaction(0, $session->param("username"), parentID($dbh, (id => $webvar{id}, type => 'user')),
         ($stat ? 'Enabled' : 'Disabled')." ".userFullName($dbh, $webvar{id}, '%u'));
       $page->param(resultmsg => ($stat ? 'Enabled' : 'Disabled')." ".userFullName($dbh, $webvar{id}, '%u'));
 …
   $page->param(qfor => $webvar{qfor}) if $webvar{qfor};
   fill_rectypes($webvar{type} ? $webvar{type} : '', 1);
+  $page->param(typelist => getTypelist($dbh, 'l', ($webvar{type} ? $webvar{type} : undef)));
   $page->param(nrecurse => $webvar{nrecurse}) if $webvar{nrecurse};
   $page->param(resolver => $webvar{resolver}) if $webvar{resolver};
 …
+    }
     $page->param(logfor => 'domain '.domainName($dbh,$id));
+  } elsif ($webvar{ltype} && $webvar{ltype} eq 'rdns') {
+    $sql .= "rdns_id=?";
+    $id = $webvar{id};
+    if (!check_scope(id => $id, type => 'revzone')) {
+      $page->param(errmsg => "You are not permitted to view log entries for the requested reverse zone");
+      goto DONELOG;
+    }
+    $page->param(logfor => 'reverse zone '.revName($dbh,$id));
   } else {
     # Default to listing curgroup log
 …
     # group log is always for the "current" group
+  }
+##fixme:
+# - filtering
+# - show reverse zone column?
+# - pagination/limiting number of records - put newest-first so user
+#   doesn't always need to go to the last page for recent activity?
   my $sth = $dbh->prepare($sql);
   $sth->execute($id);
 …
   $page->param(logingrp => groupName($dbh,$logingroup));
   $page->param(logingrp_num => $logingroup);
+##fixme
+  $page->param(mayrdns => 1);
   $page->param(maydefrec => $permissions{admin});
 …
   # handle user check
   my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?sid=$sid";
   foreach (keys %params) {
+  foreach (sort keys %params) {
     $newurl .= "&$_=".$q->url_encode($params{$_});
+  }
 …
+}
 sub showdomain {
+sub showzone {
   my $def = shift;
+  my $rev = shift;
   my $id = shift;
   # get the SOA first
   my %soa = getSOA($dbh,$def,$id);
+  my %soa = getSOA($dbh,$def,$rev,$id);
   $page->param(contact  => $soa{contact});
 …
   $page->param(ttl      => $soa{ttl});
   my $foo2 = getDomRecs($dbh,$def,$id,$perpage,$webvar{offset},$sortby,$sortorder,$filter);
+  my $foo2 = getDomRecs($dbh,$def,$rev,$id,$perpage,$webvar{offset},$sortby,$sortorder,$filter);
   my $row = 0;
 …
     $rec->{row} = $row % 2;
     $rec->{defrec} = $def;
+    $rec->{revrec} = $rev;
     $rec->{sid} = $webvar{sid};
     $rec->{id} = $id;
+    $rec->{fwdzone} = $rev eq 'n';
     $rec->{distance} = 'n/a' unless ($rec->{type} eq 'MX' || $rec->{type} eq 'SRV');
     $rec->{weight} = 'n/a' unless ($rec->{type} eq 'SRV');
 …
+}
-# fill in record type list on add/update/edit record template
-sub fill_rectypes {
-  my $type = shift || $reverse_typemap{A};
-  my $soaflag = shift || 0;
-  my $sth = $dbh->prepare("SELECT val,name FROM rectypes WHERE stdflag=1 ORDER BY listorder");
-  $sth->execute;
-  my @typelist;
-  while (my ($rval,$rname) = $sth->fetchrow_array()) {
-    my %row = ( recval => $rval, recname => $rname );
-    $row{tselect} = 1 if $rval == $type;
-    push @typelist, \%row;
+  }
-  if ($soaflag) {
-    my %row = ( recval => $reverse_typemap{SOA}, recname => 'SOA' );
-    $row{tselect} = 1 if $reverse_typemap{SOA} == $type;
-    push @typelist, \%row;
+  }
-  $page->param(typelist => \@typelist);
-} # fill_rectypes
 sub fill_recdata {
   fill_rectypes($webvar{type});
+  $page->param(typelist => getTypelist($dbh, $webvar{revrec}, $webvar{type}));
 # le sigh.  we may get called with many empty %webvar keys
 …
 ##todo:  allow BIND-style bare names, ASS-U-ME that the name is within the domain?
 # prefill <domain> or DOMAIN in "Host" space for new records
+  my $domroot = ($webvar{defrec} eq 'y' ? 'DOMAIN' : domainName($dbh,$webvar{parentid}));
+  $page->param(name     => $domroot);
+  $page->param(address  => $webvar{address});
+  $page->param(distance => $webvar{distance})
+  if ($webvar{revrec} eq 'n') {
+    my $domroot = ($webvar{defrec} eq 'y' ? 'DOMAIN' : domainName($dbh,$webvar{parentid}));
+    $page->param(name   => $domroot);
+    $page->param(address        => $webvar{address});
+    $page->param(distance       => $webvar{distance})
         if ($webvar{type} == $reverse_typemap{MX} or $webvar{type} == $reverse_typemap{SRV});
+  $page->param(weight   => $webvar{weight}) if $webvar{type} == $reverse_typemap{SRV};
+  $page->param(port     => $webvar{port}) if $webvar{type} == $reverse_typemap{SRV};
+    $page->param(weight => $webvar{weight}) if $webvar{type} == $reverse_typemap{SRV};
+    $page->param(port   => $webvar{port}) if $webvar{type} == $reverse_typemap{SRV};
+  } else {
+    my $domroot = ($webvar{defrec} eq 'y' ? 'ADMINDOMAIN' : ".$config{domain}");
+    $page->param(name   => ($webvar{name} ? $webvar{name} : $domroot));
+    my $zname = ($webvar{defrec} eq 'y' ? 'ZONE' : revName($dbh,$webvar{parentid}));
+    $zname =~ s|\d*/\d+$||;
+    $page->param(address        => ($webvar{address} ? $webvar{address} : $zname));
+  }
 # retrieve the right ttl instead of falling (way) back to the hardcoded system default
   my %soa = getSOA($dbh,$webvar{defrec},$webvar{parentid});
+  my %soa = getSOA($dbh,$webvar{defrec},$webvar{revrec},$webvar{parentid});
   $page->param(ttl      => ($webvar{ttl} ? $webvar{ttl} : $soa{minttl}));
+}
 …
   # on a page showing nothing.
   # For bonus points, this reverts to the original offset on clicking the "All" link (mostly)
   if ($offset ne 'all') {
+  if ($offset ne 'all') {
     $offset-- while ($offset * $perpage) >= $pgcount;
+  }
 …
 } # end fill_pgcount()
+sub listdomains {
+sub listdomains { listzones(); }        # temp
+sub listzones {
 # ACLs
   $page->param(domain_create    => ($permissions{admin} || $permissions{domain_create}) );
 …
   my $childlist = join(',',@childgroups);
+  my $sql = "SELECT count(*) FROM domains WHERE group_id IN ($curgroup".($childlist ? ",$childlist" : '').")".
+        ($startwith ? " AND domain ~* ?" : '').
+        ($filter ? " AND domain ~* ?" : '');
+  my $sth = $dbh->prepare($sql);
+  $sth->execute(@filterargs);
+  my ($count) = $sth->fetchrow_array;
+  my $count = getZoneCount($dbh, (childlist => $childlist, curgroup => $curgroup, revrec => $webvar{revrec},
+        filter => ($filter ? $filter : undef), startwith => ($startwith ? $startwith : undef) ) );
 # fill page count and first-previous-next-last-all bits
   fill_pgcount($count,"domains",groupName($dbh,$curgroup));
+  fill_pgcount($count,($webvar{revrec} eq 'n' ? 'domains' : 'revzones'),groupName($dbh,$curgroup));
   fill_fpnla($count);
 …
 # set up the headers
   my @cols = ('domain', 'status', 'group');
   my %colheads = (domain => 'Domain', status => 'Status', group => 'Group');
+  my @cols = (($webvar{revrec} eq 'n' ? 'domain' : 'revnet'), 'status', 'group');
+  my %colheads = (domain => 'Domain', revnet => 'Reverse Zone', status => 'Status', group => 'Group');
   fill_colheads($sortby, $sortorder, \@cols, \%colheads);
 …
 # waffle, waffle - keep state on these as well as sortby, sortorder?
+##fixme:  put this higher so the count doesn't get munched?
   $page->param("start$startwith" => 1) if $startwith && $startwith =~ /^(?:[a-z]|0-9)$/;
 …
   $page->param(searchsubs => $searchsubs) if $searchsubs;
-##fixme
-##fixme  push the SQL and direct database fiddling off into a sub in DNSDB.pm
-##fixme
   $page->param(group => $curgroup);
+  my @domlist;
+  $sql = "SELECT domain_id,domain,status,groups.group_name AS group FROM domains".
+        " INNER JOIN groups ON domains.group_id=groups.group_id".
+        " WHERE domains.group_id IN ($curgroup".($childlist ? ",$childlist" : '').")".
+        ($startwith ? " AND domain ~* ?" : '').
+        ($filter ? " AND domain ~* ?" : '').
+        " ORDER BY ".($sortby eq 'group' ? 'groups.group_name' : $sortby).
+        " $sortorder ".($offset eq 'all' ? '' : " LIMIT $perpage OFFSET ".$offset*$perpage);
+  $sth = $dbh->prepare($sql);
+  $sth->execute(@filterargs);
+  my $rownum = 0;
+  while (my @data = $sth->fetchrow_array) {
+    my %row;
+    $row{domainid} = $data[0];
+    $row{domain} = $data[1];
+    $row{status} = ($data[2] ? 'Active' : 'Inactive');
+    $row{group} = $data[3];
+    $row{bg} = ($rownum++)%2;
+    $row{mkactive} = !$data[2];
+    $row{sid} = $sid;
+    $row{offset} = $offset;
+# ACLs
+    $row{domain_edit} = ($permissions{admin} || $permissions{domain_edit});
+    $row{domain_delete} = ($permissions{admin} || $permissions{domain_delete});
+    push @domlist, \%row;
+  }
+  $page->param(domtable => \@domlist);
+  my $zonelist = getZoneList($dbh, (childlist => $childlist, curgroup => $curgroup,
+        revrec => $webvar{revrec},
+        filter => ($filter ? $filter : undef), startwith => ($startwith ? $startwith : undef),
+        offset => $webvar{offset}, sortby => $sortby, sortorder => $sortorder
+        ) );
+# probably don't need this, keeping for reference for now
+#  foreach (@$zonelist) {
+#  }
+  $page->param(domtable => $zonelist);
 } # end listdomains()
 …
   my $groupid = shift;
   my $entry = shift;
+  my $revid = shift || 0;
 ##fixme: push SQL into DNSDB.pm
 …
   my ($user_id, $fullname) = $sth->fetchrow_array;
   $sth = $dbh->prepare("INSERT INTO log (domain_id,user_id,group_id,email,name,entry) ".
         "VALUES (?,?,?,?,?,?)") or warn $dbh->errstr;
   $sth->execute($domid,$user_id,$groupid,$username,$fullname,$entry) or warn $sth->errstr;
+  $sth = $dbh->prepare("INSERT INTO log (domain_id,user_id,group_id,email,name,entry,rdns_id) ".
+        "VALUES (?,?,?,?,?,?,?)") or warn $dbh->errstr;
+  $sth->execute($domid,$user_id,$groupid,$username,$fullname,$entry,$revid) or warn $sth->errstr;
 } # end logaction()
-##fixme:  generalize to return appropriate id on all cases (ie, use $partype)
-sub parentID {
-  my $id = shift;
-  my $idtype = shift;
-  my $partype = shift;
-  my $defrec = shift || '';
-  my $sql = '';
-  if ($idtype eq 'dom') {
-    return $id if $defrec eq 'y';  # "domain" + default records, we're really looking at a group.
-    $sql = "SELECT group_id FROM domains WHERE domain_id=?";
-  } elsif ($idtype eq 'rec') {
-    if ($defrec eq 'y') {
-      $sql = "SELECT group_id FROM default_records WHERE record_id=?";
-    } else {
-      $sql = "SELECT d.group_id FROM domains d".
-        " INNER JOIN records r ON d.domain_id=r.domain_id".
-        " WHERE r.record_id=?";
+    }
-  } elsif ($idtype eq 'group') {
-    $sql = "SELECT parent_group_id FROM groups WHERE group_id=?";
-  } elsif ($idtype eq 'user') {
-    $sql = "SELECT group_id FROM users WHERE user_id=?";
-  } else {
-    return "FOO", "BAR";  # can't get here.... we think.
+  }
-  my $sth = $dbh->prepare($sql);
-  $sth->execute($id);
-  my ($retid) = $sth->fetchrow_array;
-  return $retid if $retid;
-  # ahh! fall of the edge of the world if things went sideways
-  ##fixme:  really need to do a little more error handling, I think
-} # end parentID()

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 544 for branches/stable/dns.cgi

Legend:

branches/stable

branches/stable/dns.cgi

Download in other formats: