From 2a48880e472438fc89729338b67716ffd5cd2b2a Mon Sep 17 00:00:00 2001 From: Philippe Pittoli Date: Wed, 28 Jun 2023 02:25:43 +0200 Subject: [PATCH] New RR property: readonly. For sanity sake. --- src/storage/zone.cr | 6 ++++++ tools/write-template-zone-file.cr | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/src/storage/zone.cr b/src/storage/zone.cr index 8265cf1..b075cde 100644 --- a/src/storage/zone.cr +++ b/src/storage/zone.cr @@ -40,6 +40,12 @@ class DNSManager::Storage::Zone property ttl : UInt32 property target : String + # RR entries can be writable or read only. + # For example, default SOA and NS entries shouldn't be writable. + # No need to allow for (mostly unskilled) users to mess up some ABSOLUTELY NECESSARY entries. + # Yes. It already happened. Many, MANY times. I WANT MY FUCKING TIME BACK. + property readonly : Bool = false + # zone class is omited, it always will be IN in our case. def initialize(@name, @ttl, @target) @rrtype = self.class.name.upcase.gsub /DNSMANAGER::STORAGE::ZONE::/, "" diff --git a/tools/write-template-zone-file.cr b/tools/write-template-zone-file.cr index 28950b0..753734f 100644 --- a/tools/write-template-zone-file.cr +++ b/tools/write-template-zone-file.cr @@ -33,4 +33,11 @@ zone << DSZ::SOA.new "#{domain}.", # name zone << DSZ::NS.new "#{domain}.", 3600.to_u32, "ns0.arn-fai.net." zone << DSZ::NS.new "#{domain}.", 3600.to_u32, "alsace.tetaneutral.net." +# All default values are read-only (by default). +# Still, some dedicated messages can change some of these values, but the default behavior is to protect my SANITY. +# DO NOT ALLOW USERS TO MESS WITH IMPORTANT VALUES UNLESS YOU CHECK IT INTENSIVELY. +zone.resources.each do |rr| + rr.readonly = true +end + File.write("#{domain}.json", zone.to_json)