2020-12-03 17:13:40 +01:00
|
|
|
require "json"
|
|
|
|
require "uuid"
|
|
|
|
require "uuid/json"
|
2020-12-09 19:01:33 +01:00
|
|
|
require "baguette-crystal-base"
|
2020-12-03 17:13:40 +01:00
|
|
|
|
|
|
|
require "dodb"
|
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
alias UserDataID = UInt32
|
|
|
|
|
2020-12-03 17:13:40 +01:00
|
|
|
class DNSManager::Storage
|
2024-04-27 05:48:28 +02:00
|
|
|
getter domains : DODB::CachedDataBase(Domain)
|
|
|
|
getter domains_by_name : DODB::Index(Domain)
|
|
|
|
getter domains_by_share_key : DODB::Index(Domain)
|
|
|
|
getter domains_by_transfer_key : DODB::Index(Domain)
|
|
|
|
getter domains_by_owners : DODB::Tags(Domain)
|
2020-12-09 19:01:33 +01:00
|
|
|
|
|
|
|
getter zones : DODB::CachedDataBase(Zone)
|
|
|
|
getter zones_by_domain : DODB::Index(Zone)
|
|
|
|
|
2024-03-13 01:16:09 +01:00
|
|
|
getter tokens : DODB::CachedDataBase(Token)
|
|
|
|
getter tokens_by_uuid : DODB::Index(Token)
|
|
|
|
getter tokens_by_domain : DODB::Partition(Token)
|
|
|
|
|
2024-02-25 04:13:18 +01:00
|
|
|
getter root : String
|
|
|
|
getter zonefiledir : String
|
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
getter dnsmanagerd : DNSManager::Service
|
|
|
|
|
|
|
|
def initialize(@dnsmanagerd, @root : String, reindex : Bool = false)
|
|
|
|
@domains = DODB::CachedDataBase(Domain).new "#{@root}/domains"
|
|
|
|
@domains_by_name = @domains.new_index "name", &.name
|
|
|
|
@domains_by_share_key = @domains.new_nilable_index "share-key", do |d|
|
|
|
|
if k = d.share_key
|
|
|
|
k
|
|
|
|
else
|
|
|
|
DODB.no_index
|
|
|
|
end
|
|
|
|
end
|
|
|
|
@domains_by_transfer_key = @domains.new_nilable_index "transfer-key", do |d|
|
|
|
|
if k = d.transfer_key
|
|
|
|
k
|
|
|
|
else
|
|
|
|
DODB.no_index
|
|
|
|
end
|
|
|
|
end
|
|
|
|
@domains_by_owners = @domains.new_tags "owners", &.owners.map &.to_s
|
2020-12-09 19:01:33 +01:00
|
|
|
@zones = DODB::CachedDataBase(Zone).new "#{@root}/zones"
|
|
|
|
@zones_by_domain = @zones.new_index "domain", &.domain
|
2024-03-13 01:16:09 +01:00
|
|
|
@tokens = DODB::CachedDataBase(Token).new "#{@root}/tokens"
|
|
|
|
@tokens_by_uuid = @tokens.new_index "uuid", &.uuid
|
|
|
|
@tokens_by_domain = @tokens.new_partition "domain", &.domain
|
2020-12-09 19:01:33 +01:00
|
|
|
|
2024-02-25 04:13:18 +01:00
|
|
|
@zonefiledir = "#{@root}/bind9-zones"
|
|
|
|
Dir.mkdir_p @zonefiledir
|
|
|
|
|
2020-12-09 19:01:33 +01:00
|
|
|
Baguette::Log.info "storage initialized"
|
2023-02-15 19:21:49 +01:00
|
|
|
|
|
|
|
if reindex
|
2024-04-27 05:48:28 +02:00
|
|
|
Baguette::Log.debug "Reindexing domains..."
|
|
|
|
@domains.reindex_everything!
|
2023-02-15 19:21:49 +01:00
|
|
|
Baguette::Log.debug "Reindexing zones..."
|
|
|
|
@zones.reindex_everything!
|
2024-03-13 01:16:09 +01:00
|
|
|
Baguette::Log.debug "Reindexing tokens..."
|
|
|
|
@tokens.reindex_everything!
|
2023-02-15 19:21:49 +01:00
|
|
|
Baguette::Log.debug "Reindexed!"
|
|
|
|
end
|
2020-12-09 19:01:33 +01:00
|
|
|
end
|
|
|
|
|
2024-02-25 04:13:18 +01:00
|
|
|
# Only an admin can access this function.
|
|
|
|
def generate_all_zonefiles() : IPC::JSON
|
|
|
|
Baguette::Log.info "writing all zone files in #{@zonefiledir}/"
|
|
|
|
zones.each do |zone|
|
2024-03-13 03:58:46 +01:00
|
|
|
# TODO: safe write.
|
2024-02-25 04:13:18 +01:00
|
|
|
File.open("#{@zonefiledir}/#{zone.domain}", "w") do |file|
|
|
|
|
zone.to_bind9 file
|
|
|
|
end
|
|
|
|
end
|
|
|
|
Response::Success.new
|
|
|
|
end
|
|
|
|
|
|
|
|
# Only an admin can access this function.
|
|
|
|
def generate_zonefile(domain : String) : IPC::JSON
|
2024-03-14 02:43:00 +01:00
|
|
|
zone = zone_must_exist! domain
|
2024-02-25 04:13:18 +01:00
|
|
|
|
|
|
|
Baguette::Log.info "writing zone file #{@zonefiledir}/#{zone.domain}"
|
2024-03-13 03:58:46 +01:00
|
|
|
# TODO: safe write.
|
2024-02-25 04:13:18 +01:00
|
|
|
File.open("#{@zonefiledir}/#{zone.domain}", "w") do |file|
|
|
|
|
zone.to_bind9 file
|
|
|
|
end
|
|
|
|
Response::Success.new
|
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def get_generated_zonefile(user_id : UserDataID, domain : String) : IPC::JSON
|
2024-02-27 07:42:10 +01:00
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, zone.domain
|
2024-02-27 07:42:10 +01:00
|
|
|
|
|
|
|
io = IO::Memory.new
|
|
|
|
zone.to_bind9 io
|
|
|
|
Response::GeneratedZone.new domain, (String.new io.buffer, io.pos)
|
|
|
|
end
|
|
|
|
|
2023-06-29 18:29:25 +02:00
|
|
|
def new_domain(accepted_domains : Array(String),
|
|
|
|
template_directory : String,
|
2024-03-16 07:03:04 +01:00
|
|
|
user_id : UserDataID,
|
2023-06-29 18:29:25 +02:00
|
|
|
domain : String) : IPC::JSON
|
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2023-06-16 18:41:20 +02:00
|
|
|
|
2024-03-31 20:59:46 +02:00
|
|
|
# Prevent future very confusing errors.
|
|
|
|
domain = domain.downcase
|
|
|
|
|
2023-06-29 12:27:15 +02:00
|
|
|
return Response::DomainAlreadyExists.new if zones_by_domain.get? domain
|
2023-06-16 18:41:20 +02:00
|
|
|
|
2023-06-29 18:29:25 +02:00
|
|
|
# Verify if the domain is acceptable.
|
2023-06-29 12:27:15 +02:00
|
|
|
matching_domains = accepted_domains.select { |adomain| domain.ends_with? adomain }
|
2023-06-30 00:01:25 +02:00
|
|
|
unless matching_domains.size > 0
|
2023-06-29 12:27:15 +02:00
|
|
|
Baguette::Log.warning "trying to add an unacceptable domain: #{domain}"
|
|
|
|
return Response::UnacceptableDomain.new
|
|
|
|
end
|
2023-06-16 18:41:20 +02:00
|
|
|
|
2023-06-29 12:27:15 +02:00
|
|
|
matching_domains.each do |md|
|
2023-06-29 18:29:25 +02:00
|
|
|
Baguette::Log.info "Add new domain #{domain} (matching domain #{md})"
|
2023-06-16 18:41:20 +02:00
|
|
|
end
|
2023-06-29 12:27:15 +02:00
|
|
|
|
2023-06-29 18:29:25 +02:00
|
|
|
# Verify the domain name validity.
|
|
|
|
return Response::InvalidDomainName.new unless Zone.is_domain_valid? domain
|
|
|
|
|
|
|
|
# Fill a template zone.
|
|
|
|
tld = matching_domains.pop
|
|
|
|
default_zone = Zone.from_json File.read "#{template_directory}/#{tld}.json"
|
2023-06-29 12:27:15 +02:00
|
|
|
|
2023-06-29 18:29:25 +02:00
|
|
|
# Replace domain by the real domain.
|
|
|
|
default_zone.replace_domain domain
|
|
|
|
|
|
|
|
#
|
2023-06-29 12:27:15 +02:00
|
|
|
# Actually write data on-disk.
|
2023-06-29 18:29:25 +02:00
|
|
|
#
|
2023-06-29 12:27:15 +02:00
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
# Add the new domain.
|
|
|
|
@domains << DomainInfo.new domain, owners: [user_id]
|
2023-06-29 12:27:15 +02:00
|
|
|
|
2023-06-29 18:29:25 +02:00
|
|
|
# Add the new zone in the database.
|
2023-06-30 00:12:40 +02:00
|
|
|
zones_by_domain.update_or_create domain, default_zone
|
2023-06-29 12:27:15 +02:00
|
|
|
|
2023-07-01 16:04:38 +02:00
|
|
|
Response::DomainAdded.new domain
|
2023-06-16 18:41:20 +02:00
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def add_or_update_zone(user_id : UserDataID, zone : Zone) : IPC::JSON
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
|
2023-05-07 16:45:09 +02:00
|
|
|
# Test zone validity.
|
|
|
|
if errors = zone.get_errors?
|
|
|
|
Baguette::Log.warning "zone #{zone.domain} update with errors: #{errors}"
|
2023-05-08 17:34:50 +02:00
|
|
|
return Response::InvalidZone.new errors
|
2023-05-07 16:45:09 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
# Does the zone already exist?
|
|
|
|
if z = zones_by_domain.get? zone.domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, z.domain
|
2023-05-07 16:45:09 +02:00
|
|
|
else
|
|
|
|
# Add the domain to the user's domain.
|
2024-04-27 05:48:28 +02:00
|
|
|
domains << DomainInfo.new zone.domain
|
2020-12-09 19:01:33 +01:00
|
|
|
end
|
2023-05-07 16:45:09 +02:00
|
|
|
|
|
|
|
# Add -or replace- the zone.
|
|
|
|
zones_by_domain.update_or_create zone.domain, zone
|
|
|
|
|
|
|
|
Response::Success.new
|
2020-12-03 17:13:40 +01:00
|
|
|
end
|
2023-05-07 16:45:09 +02:00
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def add_rr(user_id : UserDataID, domain : String, rr : Zone::ResourceRecord) : IPC::JSON
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2023-05-08 17:34:50 +02:00
|
|
|
|
2023-05-08 19:07:20 +02:00
|
|
|
# Test RR validity.
|
|
|
|
rr.get_errors.tap do |errors|
|
|
|
|
unless errors.empty?
|
2023-05-08 19:34:57 +02:00
|
|
|
Baguette::Log.warning "add RR with errors: #{errors}"
|
2023-07-11 04:09:46 +02:00
|
|
|
return Response::InvalidRR.new errors
|
2023-05-08 19:07:20 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-05-08 17:34:50 +02:00
|
|
|
zone << rr
|
|
|
|
|
2024-03-07 02:52:59 +01:00
|
|
|
update_zone zone
|
2023-05-08 17:34:50 +02:00
|
|
|
|
2023-07-11 02:15:37 +02:00
|
|
|
Response::RRAdded.new zone.domain, rr
|
2023-05-08 17:34:50 +02:00
|
|
|
end
|
|
|
|
|
2024-03-07 02:52:59 +01:00
|
|
|
# Any modification of the zone must be performed here.
|
|
|
|
# This function updates the SOA serial before storing the modified zone.
|
|
|
|
def update_zone(zone : Zone)
|
|
|
|
zone.update_serial
|
|
|
|
zones_by_domain.update_or_create zone.domain, zone
|
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def update_rr(user_id : UserDataID, domain : String, rr : Zone::ResourceRecord) : IPC::JSON
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2023-05-08 17:34:50 +02:00
|
|
|
|
2024-03-14 02:03:26 +01:00
|
|
|
zone.rr_not_readonly! rr.rrid
|
2024-03-13 03:58:46 +01:00
|
|
|
|
2023-05-08 19:07:20 +02:00
|
|
|
# Test RR validity.
|
|
|
|
rr.get_errors.tap do |errors|
|
|
|
|
unless errors.empty?
|
|
|
|
Baguette::Log.warning "update RR with errors: #{errors}"
|
2023-07-11 04:09:46 +02:00
|
|
|
return Response::InvalidRR.new errors
|
2023-05-08 19:07:20 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2024-03-13 03:58:46 +01:00
|
|
|
zone.update_rr rr
|
2023-07-12 16:10:25 +02:00
|
|
|
|
2024-03-07 02:52:59 +01:00
|
|
|
update_zone zone
|
2023-05-08 17:34:50 +02:00
|
|
|
|
2023-07-12 16:10:25 +02:00
|
|
|
Response::RRUpdated.new domain, rr
|
2023-05-08 17:34:50 +02:00
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def delete_rr(user_id : UserDataID, domain : String, rrid : UInt32) : IPC::JSON
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2024-03-13 03:58:46 +01:00
|
|
|
|
2024-03-14 02:03:26 +01:00
|
|
|
rr = zone.rr_not_readonly! rrid
|
2024-03-13 03:58:46 +01:00
|
|
|
|
|
|
|
# Remove token from the db.
|
|
|
|
if token_uuid = rr.token
|
|
|
|
tokens_by_uuid.delete token_uuid
|
|
|
|
end
|
2023-05-08 19:23:36 +02:00
|
|
|
|
2024-03-14 02:03:26 +01:00
|
|
|
zone.delete_rr rrid
|
2024-03-07 02:52:59 +01:00
|
|
|
update_zone zone
|
2023-05-08 19:23:36 +02:00
|
|
|
|
2023-07-10 03:34:06 +02:00
|
|
|
Response::RRDeleted.new rrid
|
2023-05-08 19:23:36 +02:00
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def delete_domain(user_id : UserDataID, domain : String) : IPC::JSON
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_exist! user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2023-05-07 16:45:09 +02:00
|
|
|
|
2023-05-07 20:23:34 +02:00
|
|
|
# Remove this domain from the list of user's domains.
|
2024-04-27 05:48:28 +02:00
|
|
|
domains_by_name.delete domain
|
2023-05-07 20:23:34 +02:00
|
|
|
|
2024-03-13 01:16:09 +01:00
|
|
|
# Remove the related zone and their registered tokens.
|
2023-05-07 20:23:34 +02:00
|
|
|
zones_by_domain.delete domain
|
2024-03-13 01:16:09 +01:00
|
|
|
tokens_by_domain.delete domain
|
2023-05-07 20:23:34 +02:00
|
|
|
|
2023-07-03 12:23:18 +02:00
|
|
|
Response::DomainDeleted.new domain
|
2023-05-07 16:45:09 +02:00
|
|
|
end
|
|
|
|
|
2024-03-17 22:45:19 +01:00
|
|
|
# Get all removed users from `authd`, list all their domains and remove their data from `dnsmanagerd`.
|
2024-04-27 05:48:28 +02:00
|
|
|
def get_orphan_domains(user_id : UserDataID) : IPC::JSON
|
|
|
|
user_must_be_admin! user_id
|
2024-03-17 05:15:50 +01:00
|
|
|
|
2024-03-17 22:45:19 +01:00
|
|
|
Baguette::Log.debug "list all orphan domains (long computation)"
|
2024-03-17 05:15:50 +01:00
|
|
|
orphans = [] of String
|
|
|
|
user_data.each do |user|
|
|
|
|
begin
|
2024-04-27 05:48:28 +02:00
|
|
|
@dnsmanagerd.authd.get_user? user.uid
|
2024-03-17 05:15:50 +01:00
|
|
|
rescue e
|
2024-03-17 22:45:19 +01:00
|
|
|
Baguette::Log.warning "no authd info on user #{user.uid}: #{e} (removing this user)"
|
|
|
|
Baguette::Log.debug "user #{user.uid} had #{user.domains.size} domains"
|
2024-03-17 05:15:50 +01:00
|
|
|
user.domains.each do |domain|
|
|
|
|
orphans << domain
|
|
|
|
end
|
2024-03-17 05:41:18 +01:00
|
|
|
wipe_user_data user
|
2024-03-17 05:15:50 +01:00
|
|
|
end
|
|
|
|
end
|
2024-03-17 22:45:19 +01:00
|
|
|
Baguette::Log.debug "total: #{orphans.size} orphans"
|
2024-03-17 05:15:50 +01:00
|
|
|
|
|
|
|
Response::OrphanDomainList.new orphans
|
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def get_zone(user_id : UserDataID, domain : String) : IPC::JSON
|
2024-03-14 02:03:26 +01:00
|
|
|
user_data = user_must_exist! user_id
|
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2023-05-07 21:05:53 +02:00
|
|
|
|
|
|
|
Response::Zone.new zone
|
|
|
|
end
|
|
|
|
|
2024-03-17 05:41:18 +01:00
|
|
|
def wipe_user_data(user_data : UserData)
|
2024-04-27 05:48:28 +02:00
|
|
|
domains_by_owners.get(user_id.to_s).each do |d|
|
|
|
|
end
|
2024-03-17 05:41:18 +01:00
|
|
|
# Remove the user's domains.
|
|
|
|
user_data.domains.each do |domain|
|
|
|
|
tokens_by_domain.delete domain
|
|
|
|
zones_by_domain.delete domain
|
|
|
|
rescue e
|
|
|
|
Baguette::Log.error "while removing a domain: #{e}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
def delete_user_data(user_id : UserDataID, user_to_delete : UserDataID?) : IPC::JSON
|
2024-03-16 07:03:04 +01:00
|
|
|
user_data = user_must_exist! user_id
|
|
|
|
user_data_to_delete = if u = user_to_delete
|
2024-04-27 05:48:28 +02:00
|
|
|
user_must_be_admin! user_id
|
2024-03-16 07:03:04 +01:00
|
|
|
Baguette::Log.info "Admin #{user_id} removes data of user #{u}."
|
|
|
|
user_must_exist! u
|
|
|
|
else
|
|
|
|
Baguette::Log.info "User #{user_data.uid} terminates his account."
|
|
|
|
user_data
|
|
|
|
end
|
|
|
|
|
2024-03-17 05:41:18 +01:00
|
|
|
wipe_user_data user_data_to_delete
|
2024-03-16 07:03:04 +01:00
|
|
|
|
|
|
|
Response::Success.new
|
|
|
|
end
|
|
|
|
|
|
|
|
def user_domains(user_id : UserDataID) : IPC::JSON
|
2024-03-14 02:03:26 +01:00
|
|
|
user_data = user_must_exist! user_id
|
2023-05-07 20:50:56 +02:00
|
|
|
Response::DomainList.new user_data.domains
|
|
|
|
end
|
2024-03-13 01:16:09 +01:00
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
# TODO: is the user known from authd?
|
|
|
|
def user_must_exist!(user_id : UserDataID)
|
|
|
|
@dnsmanagerd.authd.get_user? user.uid
|
2024-03-14 02:03:26 +01:00
|
|
|
end
|
2024-03-13 01:16:09 +01:00
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
def user_must_be_admin!(user_id : UserDataID) : Nil
|
|
|
|
@dnsmanagerd.assert_permissions! user_id, "*", AuthD::User::PermissionLevel::Admin
|
2024-03-14 02:43:00 +01:00
|
|
|
end
|
|
|
|
|
2024-03-14 02:03:26 +01:00
|
|
|
def zone_must_exist!(domain : String) : Zone
|
2024-03-13 01:16:09 +01:00
|
|
|
zone = zones_by_domain.get? domain
|
2024-03-14 02:03:26 +01:00
|
|
|
raise DomainNotFoundException.new unless zone
|
|
|
|
zone
|
|
|
|
end
|
2024-03-13 01:16:09 +01:00
|
|
|
|
2024-04-27 05:48:28 +02:00
|
|
|
# Owning a domain means to be in the owners' list of the domain.
|
|
|
|
# TODO: accept admin users to override this test.
|
|
|
|
def user_should_own!(user_id : UserDataID, domain : String)
|
|
|
|
d = domains_by_name.get domain
|
|
|
|
unless d.includes? user_id
|
2024-03-14 02:03:26 +01:00
|
|
|
raise NoOwnershipException.new
|
2024-03-13 01:16:09 +01:00
|
|
|
end
|
2024-03-14 02:03:26 +01:00
|
|
|
end
|
|
|
|
|
2024-03-16 07:03:04 +01:00
|
|
|
def new_token(user_id : UserDataID, domain : String, rrid : UInt32) : IPC::JSON
|
2024-03-14 02:03:26 +01:00
|
|
|
user_data = user_must_exist! user_id
|
|
|
|
zone = zone_must_exist! domain
|
2024-04-27 05:48:28 +02:00
|
|
|
user_should_own! user_id, domain
|
2024-03-13 01:16:09 +01:00
|
|
|
|
2024-03-14 02:03:26 +01:00
|
|
|
rr = zone.rr_must_exist! rrid
|
2024-03-13 01:16:09 +01:00
|
|
|
|
|
|
|
old_token = rr.token
|
|
|
|
|
|
|
|
# 1. create token
|
|
|
|
token = Token.new domain, rrid
|
|
|
|
|
|
|
|
# 2. add token to the RR.
|
|
|
|
rr.token = token.uuid
|
|
|
|
zone.update_rr rr
|
|
|
|
|
|
|
|
# 3. update the zone (no need to call `update_zone` to change the zone serial).
|
|
|
|
zones_by_domain.update_or_create zone.domain, zone
|
|
|
|
|
|
|
|
# 4. if there is an old token, remove it.
|
|
|
|
if old_token_uuid = old_token
|
|
|
|
tokens_by_uuid.delete old_token_uuid
|
|
|
|
end
|
|
|
|
|
|
|
|
# 5. add token to the db.
|
|
|
|
@tokens << token
|
|
|
|
|
|
|
|
Response::RRUpdated.new domain, rr
|
|
|
|
end
|
|
|
|
|
2024-03-14 02:43:00 +01:00
|
|
|
def token_must_exist!(token_uuid : String) : Token
|
|
|
|
token = tokens_by_uuid.get? token_uuid
|
|
|
|
raise TokenNotFoundException.new unless token
|
|
|
|
token
|
|
|
|
end
|
|
|
|
|
2024-03-14 04:36:03 +01:00
|
|
|
def use_token(token_uuid : String, address : String) : IPC::JSON
|
2024-03-14 02:43:00 +01:00
|
|
|
token = token_must_exist! token_uuid
|
|
|
|
zone = zone_must_exist! token.domain
|
|
|
|
rr = zone.rr_must_exist! token.rrid
|
|
|
|
|
2024-03-14 04:43:02 +01:00
|
|
|
# Same address, no need to change anything.
|
|
|
|
return Response::Success.new if rr.target == address
|
|
|
|
|
2024-03-14 02:43:00 +01:00
|
|
|
case rr
|
|
|
|
when Zone::A
|
2024-03-15 03:47:35 +01:00
|
|
|
return Response::Error.new "invalid ipv4" unless Zone.is_ipv4_address_valid? address
|
2024-03-14 02:43:00 +01:00
|
|
|
rr.target = address
|
|
|
|
zone.update_rr rr
|
|
|
|
zones_by_domain.update_or_create zone.domain, zone
|
|
|
|
Response::Success.new
|
|
|
|
when Zone::AAAA
|
2024-03-15 03:47:35 +01:00
|
|
|
return Response::Error.new "invalid ipv6" unless Zone.is_ipv6_address_valid? address
|
2024-03-14 02:43:00 +01:00
|
|
|
rr.target = address
|
|
|
|
zone.update_rr rr
|
2024-03-14 04:43:02 +01:00
|
|
|
update_zone zone
|
2024-03-14 02:43:00 +01:00
|
|
|
Response::Success.new
|
|
|
|
else
|
|
|
|
Response::Error.new "use token on invalid entry (not A or AAAA)"
|
|
|
|
end
|
2024-03-13 01:16:09 +01:00
|
|
|
end
|
2020-12-03 17:13:40 +01:00
|
|
|
end
|
2020-12-09 19:01:33 +01:00
|
|
|
|
|
|
|
require "./storage/*"
|