Changeset 66 for trunk/DNSDB.pm
- Timestamp:
- 11/26/10 17:43:34 (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/DNSDB.pm
r65 r66 25 25 @ISA = qw(Exporter); 26 26 @EXPORT_OK = qw( 27 &initGlobals &initPermissions &getPermissions 27 &initGlobals &initPermissions &getPermissions &changePermissions 28 28 &connectDB &finish 29 29 &addDomain &delDomain &domainName … … 34 34 &domStatus &importAXFR 35 35 %typemap %reverse_typemap 36 %permissions 36 %permissions @permtypes $permlist 37 37 ); 38 38 39 39 @EXPORT = (); # Export nothing by default. 40 40 %EXPORT_TAGS = ( ALL => [qw( 41 &initGlobals &initPermissions &getPermissions 41 &initGlobals &initPermissions &getPermissions &changePermissions 42 42 &connectDB &finish 43 43 &addDomain &delDomain &domainName … … 48 48 &domStatus &importAXFR 49 49 %typemap %reverse_typemap 50 %permissions 50 %permissions @permtypes $permlist 51 51 )] 52 52 ); … … 66 66 ttl 10800 67 67 ); 68 69 # Arguably defined wholly in the db, but little reason to change without supporting code changes 70 our @permtypes = qw ( 71 group_edit group_create group_delete 72 user_edit user_create user_delete 73 domain_edit domain_create domain_delete 74 record_edit record_create record_delete 75 self_edit admin 76 ); 77 our $permlist = join(',',@permtypes); 68 78 69 79 # DNS record type map and reverse map. … … 235 245 my $newperms = shift; 236 246 247 my $failmsg = ''; 248 237 249 # see if we're switching from inherited to custom 238 my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited ".250 my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited,u.permission_id". 239 251 " FROM ".($type eq 'user' ? 'users' : 'groups')." u ". 240 " JOIN groups g ON u. group_id=g.group_id ".252 " JOIN groups g ON u.".($type eq 'user' ? '' : 'parent_')."group_id=g.group_id ". 241 253 " WHERE u.".($type eq 'user' ? 'user' : 'group')."_id=?"); 242 254 $sth->execute($id); 255 256 my ($wasinherited,$permid) = $sth->fetchrow_array; 257 258 local $dbh->{AutoCommit} = 0; 259 local $dbh->{RaiseError} = 1; 260 261 # Wrap all the SQL in a transaction 262 eval { 263 if ($wasinherited) { 264 $failmsg = "wasinherited: '$wasinherited'"; 265 die "don't wanna add perms where we don't need to"; 266 ##fixme: need to add semirecursive bit to properly munge inherited permission ID on subgroups and users 267 ## FIXME: need to fiddle permissions table to track back to users or groups table 268 my $sql = "INSERT INTO permissions ($permlist) ". 269 "SELECT $permlist FROM permissions WHERE permission_id=?"; 270 $sth = $dbh->prepare($sql); 271 $sth->execute($permid); 272 $sth = $dbh->prepare("SELECT permission_id FROM ".($type eq 'user' ? 'users' : 'groups'). 273 " WHERE ".($type eq 'user' ? 'user' : 'group')."_id=?"); 274 $sth->execute($id); 275 ($permid) = $sth->fetchrow_array; 276 } 277 foreach (@permtypes) { 278 if (defined ($newperms->{$_})) { 279 $sth = $dbh->prepare("UPDATE permissions SET $_=? WHERE permission_id=?"); 280 $sth->execute($newperms->{$_},$permid); 281 } 282 } 283 $dbh->commit; 284 }; # end eval 285 if ($@) { 286 my $msg = $@; 287 eval { $dbh->rollback; }; 288 return ('FAIL',"$failmsg: $msg"); 289 } else { 290 return ('OK',$permid); 291 } 243 292 244 293 } # end changePermissions() … … 379 428 ## DNSDB::addGroup() 380 429 # Add a group 381 # Takes a database handle, group name, parent group, and template-vs-cloneme flag 430 # Takes a database handle, group name, parent group, hashref for permissions, 431 # and optional template-vs-cloneme flag 382 432 # Returns a status code and message 383 433 sub addGroup { … … 386 436 my $groupname = shift; 387 437 my $pargroup = shift; 388 389 # 0 indicates "template", hardcoded. 438 my $permissions = shift; 439 440 # 0 indicates "custom", hardcoded. 390 441 # Any other value clones that group's default records, if it exists. 391 my $torc = shift || 0; 442 my $inherit = shift || 0; 443 ##fixme: need a flag to indicate clone records or <?> ? 392 444 393 445 # Allow transactions, and raise an exception on errors so we can catch it later. … … 414 466 my ($groupid) = $sth->fetchrow_array(); 415 467 468 # Permissions 469 if ($inherit) { 470 } else { 471 my @permvals; 472 foreach (@permtypes) { 473 if (!defined ($permissions->{$_})) { 474 push @permvals, 0; 475 } else { 476 push @permvals, $permissions->{$_}; 477 } 478 } 479 480 $sth = $dbh->prepare("INSERT INTO permissions (group_id,$permlist) values (?".',?'x($#permtypes+1).")"); 481 $sth->execute($groupid,@permvals); 482 483 $sth = $dbh->prepare("SELECT permission_id FROM permissions WHERE group_id=?"); 484 $sth->execute($groupid); 485 my ($permid) = $sth->fetchrow_array(); 486 487 $dbh->do("UPDATE groups SET permission_id=$permid WHERE group_id=$groupid"); 488 } # done permission fiddling 489 490 # Default records 416 491 $sth = $dbh->prepare("INSERT INTO default_records (group_id,host,type,val,distance,weight,port,ttl) ". 417 492 "VALUES ($groupid,?,?,?,?,?,?,?)"); 418 if ($torc) { 493 if ($inherit) { 494 ##fixme: fixme! 419 495 my $sth2 = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl FROM default_records WHERE group_id=?"); 420 496 while (my @clonedata = $sth2->fetchrow_array) { … … 422 498 } 423 499 } else { 500 ##fixme: Hardcoding is Bad, mmmmkaaaay? 424 501 # reasonable basic defaults for SOA, MX, NS, and minimal hosting 425 502 # could load from a config file, but somewhere along the line we need hardcoded bits.
Note:
See TracChangeset
for help on using the changeset viewer.