New RR property: readonly. For sanity sake.

2023-06-28 02:25:43 +02:00 · 2023-06-28 02:25:43 +02:00 · 2a48880e47
parent 0e5090dae4
commit 2a48880e47
2 changed files with 13 additions and 0 deletions
--- a/src/storage/zone.cr
+++ b/src/storage/zone.cr
@ -40,6 +40,12 @@ class DNSManager::Storage::Zone
 		property ttl    : UInt32
 		property target : String

+		# RR entries can be writable or read only.
+		# For example, default SOA and NS entries shouldn't be writable.
+		# No need to allow for (mostly unskilled) users to mess up some ABSOLUTELY NECESSARY entries.
+		# Yes. It already happened. Many, MANY times. I WANT MY FUCKING TIME BACK.
+		property readonly : Bool = false
+
 		# zone class is omited, it always will be IN in our case.
 		def initialize(@name, @ttl, @target)
 			@rrtype = self.class.name.upcase.gsub /DNSMANAGER::STORAGE::ZONE::/, ""
--- a/tools/write-template-zone-file.cr
+++ b/tools/write-template-zone-file.cr
@ -33,4 +33,11 @@ zone << DSZ::SOA.new  "#{domain}.", # name
 zone << DSZ::NS.new "#{domain}.", 3600.to_u32, "ns0.arn-fai.net."
 zone << DSZ::NS.new "#{domain}.", 3600.to_u32, "alsace.tetaneutral.net."

+# All default values are read-only (by default).
+# Still, some dedicated messages can change some of these values, but the default behavior is to protect my SANITY.
+# DO NOT ALLOW USERS TO MESS WITH IMPORTANT VALUES UNLESS YOU CHECK IT INTENSIVELY.
+zone.resources.each do |rr|
+	rr.readonly = true
+end
+
 File.write("#{domain}.json", zone.to_json)