User authentication: limit the number of domains sent in "Logged" to a hundred.

This commit is contained in:
Philippe PITTOLI 2024-04-28 17:16:06 +02:00
parent 723c1a83a0
commit 158d772727
2 changed files with 6 additions and 2 deletions

View File

@ -18,7 +18,11 @@ class DNSManager::Request
dnsmanagerd.storage.user_must_exist! user_id dnsmanagerd.storage.user_must_exist! user_id
accepted_domains = dnsmanagerd.configuration.accepted_domains.not_nil! accepted_domains = dnsmanagerd.configuration.accepted_domains.not_nil!
user_domains = dnsmanagerd.storage.user_domains user_id
# Limit the number of domains in this message.
# Pagination will be required beyond a hundred domains.
user_domains = dnsmanagerd.storage.user_domains(user_id).[0..100]
perms = dnsmanagerd.check_permissions user_id, "*" perms = dnsmanagerd.check_permissions user_id, "*"
Response::Logged.new (perms == AuthD::User::PermissionLevel::Admin), accepted_domains, user_domains Response::Logged.new (perms == AuthD::User::PermissionLevel::Admin), accepted_domains, user_domains
else else

View File

@ -134,7 +134,7 @@ class DNSManager::Storage
matching_domains.each do |md| matching_domains.each do |md|
# Prevent empty domains (from crafted requests) to be accepted. # Prevent empty domains (from crafted requests) to be accepted.
return Response::InvalidDomainName.new unless (domain.chomp md).size > 2 return Response::InvalidDomainName.new unless (domain.chomp md).size > 1
Baguette::Log.info "Add new domain #{domain} (matching domain #{md})" Baguette::Log.info "Add new domain #{domain} (matching domain #{md})"
end end